How to monitor ssl certificates with Datadog?

1/16/2021

I have an nginx-pod which redirects traffic into Kubernetes services and stores related certificates insides its volume. I want to monitor these certificates - mainly their expiration.

I found out that there is a TLS integration in Datadog (we use Datadog in our cluster): https://docs.datadoghq.com/integrations/tls/?tab=host.

They provide sample file, which can be found here: https://github.com/DataDog/integrations-core/blob/master/tls/datadog_checks/tls/data/conf.yaml.example

To be honest, I am completely lost and do not understand comments of the sample file - such as:

## @param server - string - required
## The hostname or IP address with which to connect.

I want to monitor certificates that are stored in the pod, does it mean this value should be localhost or do I need to somehow iterate over all the certificates that are stored using this value (such as server_names in nginx.conf)? If anyone could help me with setting sample configuration, I would be really grateful - if there are any more details I should provide, that is not a problem at all.

-- Ondřej
certificate
datadog
devops
kubernetes
ssl

0 Answers