Management token

To enable and collect health checks and metrics, services must be configured with a “management token”.

Services must have ManagementToken configured. This is used to authorize access monitoring endpoints. If ManagementToken is not configured, monitoring endpoints will return the error 404 disabled.

To access a monitoring endpoint, the requester must provide the HTTP header Authorization: Bearer (ManagementToken).

Node Manager

Set port (the listen port) and ManagementToken in the Manage section of node-manager.ini.

# The management server responds to http://addr:port/status.json with
# a snapshot of internal state.

# Management server listening address (default
#address =

# Management server port number (default -1, server is disabled)
#port = 8989

ManagementToken = xxx

API server and other services

The following services also support monitoring.

  • API server
  • arv-git-httpd
  • controller
  • keep-balance
  • keepproxy
  • keepstore
  • keep-web
  • websockets

Set ManagementToken in the appropriate section of /etc/arvados/config.yml.

    # Token to be included in all healthcheck requests. Disabled by default.
    # Server expects request header of the format "Authorization: Bearer xxx"
    ManagementToken: xxx

Previous: Health checks Next: Configuring collection versioning

The content of this documentation is licensed under the Creative Commons Attribution-Share Alike 3.0 United States licence.
Code samples in this documentation are licensed under the Apache License, Version 2.0.