Tools

Tools: How to Install Prometheus and Node Exporter on CentOS Stream 9 (The Upstream Way)

2026-04-10 0 views admin
Tools: How to Install Prometheus and Node Exporter on CentOS Stream 9 (The Upstream Way)

Why the Upstream Approach?

Key Best Practices for Deployment

The Complete Step-by-Step Guide

3 Common Mistakes to Avoid If you are managing Linux infrastructure, having real-time visibility into your servers is non-negotiable. Prometheus is the industry-standard, open-source monitoring and alerting toolkit. Paired with Node Exporter, it becomes a powerhouse for collecting host metrics like CPU usage, memory consumption, load averages, and network statistics. In this guide, we'll look at the SysAdmin-approved way to install Prometheus and Node Exporter on CentOS Stream 9. Instead of relying on outdated third-party RPMs, we will use the official upstream binaries. This approach is cleaner, easy to audit, and simple to keep updated. Relying on old third-party repositories can introduce version mismatches, missing features, and security issues. By downloading directly from the official Prometheus releases and verifying the SHA256 checksums, you guarantee your binaries are authentic and uncorrupted. If you are setting this up in a production environment, here are the critical steps you need to follow: 1. Create Dedicated Service Users

For security purposes, services should never run as root. Create dedicated system users (prometheus and node_exporter) with no login shell to isolate the services. 2. Verify Official BinariesAlways download the sha256sums.txt alongside your tarballs and verify them using sha256sum -c. Only proceed if the output says OK. 3. Configure Systemd ServicesCreate custom systemd unit files for both Prometheus and Node Exporter. This ensures they run reliably in the background, start automatically on boot, and manage data retention properly (e.g., by setting the --storage.tsdb.retention.time=15d flag). 4. Lock Down the Firewall

CRITICAL SECURITY WARNING: Exposing port 9090 (Prometheus UI) or 9100 (Node Exporter) directly to the public internet is highly discouraged. We have documented the entire process from start to finish. If you want the complete, copy-paste friendly commands, we have put together the full SysAdmin guide on our blog. πŸ“– How to Install Prometheus and Node Exporter on CentOS Stream 9 Happy monitoring! Let me know in the comments if you have any questions about configuring your scrape jobs or writing PromQL queries. Templates let you quickly answer FAQs or store snippets for re-use. Are you sure you want to ? It will become hidden in your post, but will still be visible via the comment's permalink. Hide child comments as well For further actions, you may consider blocking this person and/or reporting abuse

Code Block

Copy

node_exporter sha256sums.txt sha256sum -c --storage.tsdb.retention.time=15d prometheus.yml promtool check config /etc/prometheus/prometheus.yml - Bind Node Exporter to 127.0.0.1 for local single-server setups. - For remote scraping, use strict firewalld source IP restrictions, VPNs (like WireGuard/Tailscale), or Reverse Proxies. - The exact Bash commands to download, verify, and extract the binaries. - The prometheus.yml scrape configurations. - The complete systemd unit files for both services. - Initial PromQL queries to test your new monitoring stack. - Skipping config validation: Always run promtool check config /etc/prometheus/prometheus.yml before restarting systemd. A simple YAML indentation typo will prevent Prometheus from starting. - Assuming up == 1 means perfect health: This only confirms that Prometheus can reach and scrape the target. It does not guarantee that all expected metrics are actually present. - Forgetting time synchronization: If your Prometheus server and the monitored nodes are out of sync, your graphs, rate calculations, and alerts will be inaccurate.

🏷️ Tags

toolsutilitiessecurity toolsinstallprometheusexportercentosstreamupstreamrce

More from Tools

Tools: 5 systemd units for a Python web app, complete and copy-pasteable. No Docker. - Complete Guide

Tools: 5 systemd units for a Python web app, complete and copy-pasteable. No Docker. - Complete Guide

2026-04-10 0
Tools: Latest: Ubuntu 22.04 システムで Nginx 1.22 γ‚’γ‚³γƒ³γƒ‘γ‚€γƒ«γ—γ¦γ‚€γƒ³γ‚ΉγƒˆγƒΌγƒ«γ™γ‚‹γƒγƒ₯γƒΌγƒˆγƒͺをル

Tools: Latest: Ubuntu 22.04 システムで Nginx 1.22 γ‚’γ‚³γƒ³γƒ‘γ‚€γƒ«γ—γ¦γ‚€γƒ³γ‚ΉγƒˆγƒΌγƒ«γ™γ‚‹γƒγƒ₯γƒΌγƒˆγƒͺをル

2026-04-10 0
Tools: Using Tinyproxy as a Simple Proxy - Guide

Tools: Using Tinyproxy as a Simple Proxy - Guide

2026-04-10 0
Tools: Update: Dropping 100Gbps DDoS Attacks: The Ultimate eBPF & XDP Guide

Tools: Update: Dropping 100Gbps DDoS Attacks: The Ultimate eBPF & XDP Guide

2026-04-10 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 β€’ 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 β€’ 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 β€’ 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 β€’ 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 β€’ 81 views