On this specific exporter we take a look at visualization of certificates with respect to cloud foundry. The exporter uses the vmware tanzu operations manager API to get the cert information.
NOTE: This exporter is highly inspired from cert-exporter by joe-elliott.
We have created a dedicated doc on how to setup and install the exporter, please check out the set of instruction provided on the doc that include both Cloud Foundry and Kubernetes deployments.
After running vmware-tanzu-cert-exporter in your cluster it's easy to build a custom dashboard to expose information about the certs in your cluster. Follow the guide on how to set it up.
vmware-tanzu-cert-exporter exports the following metrics
# HELP vmware_tanzu_cert_exporter_cert_expires_in_seconds Number of seconds til the cert expires.
# TYPE vmware_tanzu_cert_exporter_cert_expires_in_seconds gauge
vmware_tanzu_cert_exporter_cert_expires_in_seconds{configurable="false",env="env10",is_ca="false",issuer="",location="credhub",product_guid="cf-9c69d13d0df4b67292a9",property_reference="",valid_from="0001-01-01 00:00:00 +0000 UTC",valid_until="2021-04-29 10:38:04 +0000 UTC",variable_path="/p-bosh/cf-9c69d13d0df4b67292a9/diego-instance-identity-leaf-maestro"} 3.125483989441466e+07
# HELP vmware_tanzu_cert_exporter_error_total Cert Exporter Errors
# TYPE vmware_tanzu_cert_exporter_error_total counter
vmware_tanzu_cert_exporter_error_total 0
where
-
vmware_tanzu_cert_exporter_error_total
The total number of unexpected errors encountered by vmware-tanzu-cert-exporter. A good metric to watch to feel comfortable certs are being exported properly.
-
vmware_tanzu_cert_exporter_cert_expires_in_seconds
The number of seconds until a certificate stored in the PEM format is expired. The property reference, path and issuer label indicates the exported cert.
If you wish to customize the code, follow the instruction as per the doc