+1 for this. Thanks, Ming Wen, Apache APISIX PMC Chair Twitter: _WenMing
Zexuan Luo <[email protected]> 于2021年4月1日周四 下午6:30写道: > Currently, the Prometheus metrics are exported via the data panel's port. > > It means the metrics can be accessed from the public internet by default. > > Although we can configure some rules to block it, this behavior is not > safe by default. > > Therefore we need to provide a new address to export the metrics. > > My suggestion is to export the metrics in "127.0.0.1:9091". The > configuration is like that: > > ``` > prometheus: > export_uri: /apisix/prometheus/metrics > export_address: > ip: "127.0.0.1" > port: 9091 > ``` > > If people comment out the `export_address` field, the metrics will be > exported like before. > > If people do nothing, the metrics will be exported in a new address, > which is a break change but avoids security risk. >
