4.8 KiB
| title | description |
|---|---|
| Traefik OpenTelemetry Documentation | Traefik supports several tracing backends, including OpenTelemetry. Learn how to implement it for observability in Traefik Proxy. Read the technical documentation. |
OpenTelemetry
To enable the OpenTelemetry tracer:
tracing:
openTelemetry: {}
[tracing]
[tracing.openTelemetry]
--tracing.openTelemetry=true
!!! info "The OpenTelemetry trace reporter will export traces to the collector using HTTP by default, see the gRPC Section to use gRPC."
!!! info "Trace sampling"
By default, the OpenTelemetry trace reporter will sample 100% of traces.
See [OpenTelemetry's SDK configuration](https://opentelemetry.io/docs/reference/specification/sdk-environment-variables/#general-sdk-configuration) to customize the sampling strategy.
address
Required, Default="localhost:4318", Format="<host>:<port>"
Address of the OpenTelemetry Collector to send spans to.
tracing:
openTelemetry:
address: localhost:4318
[tracing]
[tracing.openTelemetry]
address = "localhost:4318"
--tracing.openTelemetry.address=localhost:4318
headers
Optional, Default={}
Additional headers sent with spans by the reporter to the OpenTelemetry Collector.
tracing:
openTelemetry:
headers:
foo: bar
baz: buz
[tracing]
[tracing.openTelemetry.headers]
foo = "bar"
baz = "buz"
--tracing.openTelemetry.headers.foo=bar --tracing.openTelemetry.headers.baz=buz
insecure
Optional, Default=false
Allows reporter to send spans to the OpenTelemetry Collector without using a secured protocol.
tracing:
openTelemetry:
insecure: true
[tracing]
[tracing.openTelemetry]
insecure = true
--tracing.openTelemetry.insecure=true
path
Required, Default="/v1/traces"
Allows to override the default URL path used for sending traces. This option has no effect when using gRPC transport.
tracing:
openTelemetry:
path: /foo/v1/traces
[tracing]
[tracing.openTelemetry]
path = "/foo/v1/traces"
--tracing.openTelemetry.path=/foo/v1/traces
tls
Optional
Defines the TLS configuration used by the reporter to send spans to the OpenTelemetry Collector.
ca
Optional
ca is the path to the certificate authority used for the secure connection to the OpenTelemetry Collector,
it defaults to the system bundle.
tracing:
openTelemetry:
tls:
ca: path/to/ca.crt
[tracing.openTelemetry.tls]
ca = "path/to/ca.crt"
--tracing.openTelemetry.tls.ca=path/to/ca.crt
cert
Optional
cert is the path to the public certificate used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the key option is required.
tracing:
openTelemetry:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
[tracing.openTelemetry.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
--tracing.openTelemetry.tls.cert=path/to/foo.cert
--tracing.openTelemetry.tls.key=path/to/foo.key
key
Optional
key is the path to the private key used for the secure connection to the OpenTelemetry Collector.
When using this option, setting the cert option is required.
tracing:
openTelemetry:
tls:
cert: path/to/foo.cert
key: path/to/foo.key
[tracing.openTelemetry.tls]
cert = "path/to/foo.cert"
key = "path/to/foo.key"
--tracing.openTelemetry.tls.cert=path/to/foo.cert
--tracing.openTelemetry.tls.key=path/to/foo.key
insecureSkipVerify
Optional, Default=false
If insecureSkipVerify is true,
the TLS connection to the OpenTelemetry Collector accepts any certificate presented by the server regardless of the hostnames it covers.
tracing:
openTelemetry:
tls:
insecureSkipVerify: true
[tracing.openTelemetry.tls]
insecureSkipVerify = true
--tracing.openTelemetry.tls.insecureSkipVerify=true
gRPC configuration
Optional
This instructs the reporter to send spans to the OpenTelemetry Collector using gRPC.
tracing:
openTelemetry:
grpc: {}
[tracing]
[tracing.openTelemetry.grpc]
--tracing.openTelemetry.grpc=true