How To Install Prometheus on Fedora 42

Prometheus stands as one of the most powerful open-source monitoring and alerting toolkits available today. This comprehensive guide walks through installing Prometheus on Fedora 42, covering everything from basic setup to advanced security configurations. Whether managing a single server or enterprise infrastructure, Prometheus provides essential system metrics and monitoring capabilities that every Linux administrator needs.

Fedora 42 brings significant improvements including GNOME 48 integration, enhanced systemd functionality, and improved security features that make it an excellent platform for running monitoring solutions. Combined with Prometheus’s robust time-series database and pull-based metrics collection model, this setup delivers enterprise-grade monitoring capabilities for any environment.

Understanding Fedora 42 and Prometheus Compatibility

Fedora 42 Key Features

Fedora 42 introduces several enhancements that benefit Prometheus deployments. The new Anaconda Web UI installer and GPT default partitioning provide better disk management for time-series data storage. GNOME 48 integration offers improved system resource management and enhanced user experience when accessing monitoring dashboards.

The distribution features DNF5 package manager improvements that streamline software installation and dependency resolution. These enhancements make installing monitoring tools more reliable and efficient. Additionally, Fedora 42’s updated systemd implementation provides better service management capabilities, crucial for running Prometheus as a system service.

Security improvements in Fedora 42 include enhanced firewall management and better user privilege controls. These features integrate seamlessly with Prometheus security configurations, providing multiple layers of protection for monitoring infrastructure.

Prometheus Architecture Overview

Prometheus operates as a time-series database designed specifically for monitoring applications and infrastructure. Its pull-based metrics collection model actively scrapes targets at regular intervals, storing data in a highly efficient time-series format.

The system includes a built-in web interface for querying metrics and visualizing data using PromQL query language. API endpoints enable integration with external tools like Grafana for advanced visualization and alerting capabilities.

Prometheus’s architecture supports horizontal scaling through federation and external storage solutions. This flexibility makes it suitable for everything from single-server monitoring to large-scale distributed systems.

Prerequisites and System Preparation

System Requirements

Installing Prometheus on Fedora 42 requires meeting specific system requirements for optimal performance. The minimum hardware specifications include 2GB RAM for basic monitoring setups, though 4GB or more is recommended for production environments. Storage requirements depend on retention policies and scrape frequency, typically requiring 1-2GB per million samples stored.

Network connectivity must allow access to monitored targets on their respective ports. Standard Prometheus installations use port 9090 for the web interface and API access. Administrative privileges through sudo access are essential for system-level configurations and service management.

Ensure the system has sufficient disk I/O capacity for time-series data writes. SSDs provide better performance for Prometheus workloads compared to traditional hard drives.

Initial System Updates

Begin by updating the Fedora 42 system to ensure all packages are current. Execute the following command to update all installed packages:

sudo dnf update -y

This command updates the system using DNF5, Fedora 42’s enhanced package manager. Install essential dependencies required for Prometheus installation and management:

sudo dnf install -y curl wget nano tar

These utilities enable downloading, extracting, and configuring Prometheus components. Verify system status and check for any conflicts that might affect the installation process.

Security Considerations

Plan firewall configurations before installing Prometheus to ensure proper network access control. Fedora 42’s improved security features require careful consideration of user permissions and service isolation.

Create a dedicated user account strategy for running Prometheus services. This approach follows security best practices by limiting privileges and reducing attack surface. Plan authentication mechanisms if the monitoring system will be accessible across networks.

Consider network segmentation and access control requirements early in the planning process. Prometheus should only be accessible from authorized networks and users.

Method 1: Installing Prometheus from Official Binary

Downloading Prometheus

Navigate to the official Prometheus download page to obtain the latest release for Linux systems. Identify the correct version for your architecture, typically the Linux AMD64 build for most modern systems.

Download the latest Prometheus release using wget:

cd /tmp
wget https://github.com/prometheus/prometheus/releases/download/v3.5.0/prometheus-3.5.0.linux-amd64.tar.gz

Replace the version number with the current latest release available on the download page. Verify the download integrity by checking the SHA256 checksums provided on the release page:

sha256sum prometheus-3.5.0.linux-amd64.tar.gz

Compare the output with the official checksum to ensure file integrity before proceeding with installation.

Extracting and Organizing Files

Extract the downloaded archive to examine its contents and understand the directory structure:

tar xzf prometheus-3.5.0.linux-amd64.tar.gz
cd prometheus-3.5.0.linux-amd64
ls -la

The extracted directory contains several important files including the prometheus binary, promtool utility, configuration examples, and documentation. Understanding this structure helps with proper system integration.

Move the binary files to appropriate system locations for global access:

sudo cp prometheus /usr/local/bin/
sudo cp promtool /usr/local/bin/

Create the necessary directory structure for Prometheus configuration and data storage:

sudo mkdir -p /etc/prometheus
sudo mkdir -p /var/lib/prometheus

Copy configuration files and examples to the system configuration directory:

sudo cp -r consoles/ /etc/prometheus/
sudo cp -r console_libraries/ /etc/prometheus/
sudo cp prometheus.yml /etc/prometheus/

User and Permission Configuration

Create a dedicated system user for running Prometheus services. This follows security best practices by isolating the monitoring system:

sudo useradd --no-create-home --shell /bin/false prometheus

Configure appropriate ownership and permissions for Prometheus directories and files:

sudo chown -R prometheus:prometheus /etc/prometheus/
sudo chown -R prometheus:prometheus /var/lib/prometheus/
sudo chmod -R 755 /etc/prometheus/
sudo chmod -R 755 /var/lib/prometheus/

Set executable permissions on the binary files:

sudo chmod +x /usr/local/bin/prometheus
sudo chmod +x /usr/local/bin/promtool

Verify the installation by checking that Prometheus can display its version information:

prometheus --version
promtool --version

Method 2: Installing from Fedora Repositories

Repository Installation

Fedora 42’s repositories may include Prometheus packages that simplify installation and management. Check package availability using the enhanced DNF5 package manager:

dnf search prometheus

Install Prometheus directly from repositories if available:

sudo dnf install -y prometheus

This method automatically handles dependencies and integrates with Fedora’s package management system. The installation includes systemd service files and basic configuration templates.

Verify the installation completed successfully:

rpm -qa | grep prometheus
systemctl status prometheus

Repository installations typically place configuration files in /etc/prometheus/ and data directories in /var/lib/prometheus/.

Package vs Binary Installation Comparison

Repository installations provide automatic updates through the system package manager, ensuring security patches and updates are applied consistently. This method integrates seamlessly with Fedora’s security update mechanisms and system management tools.

Binary installations offer access to the latest Prometheus versions immediately upon release, without waiting for repository updates. This approach provides more control over versioning and enables testing of new features quickly.

Choose repository installation for production environments requiring stability and automated updates. Select binary installation when requiring specific versions or when repository packages lag behind upstream releases.

Consider hybrid approaches where development systems use binary installations for testing while production systems use repository packages for stability.

Prometheus Configuration

Basic Configuration File Setup

Prometheus configuration uses YAML format in the prometheus.yml file located in /etc/prometheus/. Understanding the configuration structure is essential for effective monitoring setup.

Create a basic configuration file with global settings and initial scrape targets:

global:
  scrape_interval: 15s
  evaluation_interval: 15s

rule_files:
  # - "first_rules.yml"
  # - "second_rules.yml"

scrape_configs:
  - job_name: 'prometheus'
    static_configs:
      - targets: ['localhost:9090']

The global section defines default intervals for scraping metrics and evaluating rules. The scrape_interval setting determines how frequently Prometheus collects metrics from targets, while evaluation_interval controls rule processing frequency.

Configure the self-monitoring target to track Prometheus’s own metrics. This provides valuable insights into the monitoring system’s health and performance:

scrape_configs:
  - job_name: 'prometheus'
    static_configs:
      - targets: ['localhost:9090']
    scrape_interval: 5s
    metrics_path: /metrics

Validate the configuration file syntax using promtool:

sudo promtool check config /etc/prometheus/prometheus.yml

Advanced Configuration Options

Expand the configuration to include multiple monitoring targets and job definitions. Add node-exporter for system metrics collection:

scrape_configs:
  - job_name: 'prometheus'
    static_configs:
      - targets: ['localhost:9090']
      
  - job_name: 'node-exporter'
    static_configs:
      - targets: ['localhost:9100']
    scrape_interval: 10s
    
  - job_name: 'custom-application'
    static_configs:
      - targets: ['localhost:8080', 'localhost:8081']
    scrape_interval: 30s

Configure storage retention and performance settings:

global:
  scrape_interval: 15s
  evaluation_interval: 15s
  external_labels:
    cluster: 'production'
    region: 'us-east-1'

Add rule file configurations for alerting and recording rules:

rule_files:
  - "/etc/prometheus/rules/*.yml"

Fedora 42 Specific Configurations

Optimize Prometheus configuration for Fedora 42’s enhanced systemd environment. Configure logging to integrate with systemd journal:

global:
  scrape_interval: 15s
  evaluation_interval: 15s
  
# External labels for federation
external_labels:
  fedora_version: '42'
  environment: 'production'

Leverage Fedora 42’s improved security features by configuring appropriate file permissions and SELinux contexts if enabled. Ensure configuration files are readable by the prometheus user while maintaining security:

sudo chown prometheus:prometheus /etc/prometheus/prometheus.yml
sudo chmod 644 /etc/prometheus/prometheus.yml

Configure network settings to work with Fedora 42’s enhanced firewall management. Plan for integration with system monitoring tools and GNOME 48 environment features.

Creating Systemd Service

Service File Creation

Create a systemd service file to manage Prometheus as a system service. This approach ensures Prometheus starts automatically and integrates with Fedora 42’s service management system.

Create the service file at /etc/systemd/system/prometheus.service:

sudo nano /etc/systemd/system/prometheus.service

Add the following service configuration:

[Unit]
Description=Prometheus Server
Documentation=https://prometheus.io/docs/
After=network-online.target
Wants=network-online.target

[Service]
Type=simple
User=prometheus
Group=prometheus
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/usr/local/bin/prometheus \
  --config.file=/etc/prometheus/prometheus.yml \
  --storage.tsdb.path=/var/lib/prometheus/ \
  --web.console.templates=/etc/prometheus/consoles \
  --web.console.libraries=/etc/prometheus/console_libraries \
  --web.listen-address=0.0.0.0:9090 \
  --web.external-url=

KillMode=process
Restart=on-failure
RestartSec=5s

[Install]
WantedBy=multi-user.target

The service configuration includes proper dependency management, ensuring network availability before startup. The ExecStart directive specifies command-line options for data storage location, web interface binding, and configuration file paths.

Service Management

Reload the systemd daemon to recognize the new service file:

sudo systemctl daemon-reload

Enable Prometheus to start automatically at boot time:

sudo systemctl enable prometheus

Start the Prometheus service and verify its status:

sudo systemctl start prometheus
sudo systemctl status prometheus

Monitor service logs to ensure proper startup and identify any configuration issues:

sudo journalctl -u prometheus -f

Test service restart and reload functionality:

sudo systemctl restart prometheus
sudo systemctl reload prometheus

Systemd Best Practices

Configure service restart policies to handle failures gracefully. The service file includes Restart=on-failure and RestartSec=5s to automatically recover from unexpected shutdowns.

Implement resource limits to prevent Prometheus from consuming excessive system resources:

[Service]
LimitNOFILE=65536
LimitNPROC=32768
MemoryLimit=2G

Configure proper logging integration with systemd journal. This approach centralizes log management and integrates with Fedora 42’s enhanced logging capabilities.

Set up service monitoring and alerting to detect service failures:

sudo systemctl enable --now prometheus-watchdog.timer

Security Configuration

Basic Authentication Setup

Implement basic authentication to secure Prometheus web interface access. Create a password file using Apache’s htpasswd utility:

sudo dnf install -y httpd-tools
sudo htpasswd -c /etc/prometheus/web.passwd admin

Enter a strong password when prompted. Add additional users as needed:

sudo htpasswd /etc/prometheus/web.passwd monitoring

Create a web configuration file for Prometheus authentication:

sudo nano /etc/prometheus/web.yml

Add basic authentication configuration:

basic_auth_users:
  admin: $2y$10$example-hash-here
  monitoring: $2y$10$another-hash-here

Update the systemd service file to include the web configuration:

ExecStart=/usr/local/bin/prometheus \
  --config.file=/etc/prometheus/prometheus.yml \
  --storage.tsdb.path=/var/lib/prometheus/ \
  --web.config.file=/etc/prometheus/web.yml \
  --web.console.templates=/etc/prometheus/consoles \
  --web.console.libraries=/etc/prometheus/console_libraries \
  --web.listen-address=0.0.0.0:9090

TLS/SSL Configuration

Configure HTTPS for secure web interface access. Generate SSL certificates using Let’s Encrypt or create self-signed certificates for internal use:

sudo openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -keyout /etc/prometheus/prometheus.key -out /etc/prometheus/prometheus.crt

Update the web configuration file to include TLS settings:

tls_server_config:
  cert_file: /etc/prometheus/prometheus.crt
  key_file: /etc/prometheus/prometheus.key

basic_auth_users:
  admin: $2y$10$example-hash-here

Set appropriate permissions on certificate files:

sudo chown prometheus:prometheus /etc/prometheus/prometheus.key
sudo chown prometheus:prometheus /etc/prometheus/prometheus.crt
sudo chmod 600 /etc/prometheus/prometheus.key
sudo chmod 644 /etc/prometheus/prometheus.crt

Network Security

Configure firewalld to control network access to Prometheus. Open the required port for Prometheus web interface:

sudo firewall-cmd --permanent --add-port=9090/tcp
sudo firewall-cmd --reload

Create more restrictive rules for production environments:

sudo firewall-cmd --permanent --new-zone=monitoring
sudo firewall-cmd --permanent --zone=monitoring --add-source=192.168.1.0/24
sudo firewall-cmd --permanent --zone=monitoring --add-port=9090/tcp
sudo firewall-cmd --reload

Configure network-level access controls using rich rules for granular permissions:

sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="10.0.0.0/8" port protocol="tcp" port="9090" accept'

Accessing and Verifying Prometheus

Web Interface Access

Access the Prometheus web interface through a browser at http://localhost:9090. The interface provides access to metrics exploration, query execution, and system status information.

Navigate to different sections of the web interface:

• Status menu for configuration and target health
• Graph section for metric visualization
• Alerts page for active alerts and rules
• Rules page for loaded recording and alerting rules

Test basic queries using PromQL to verify data collection:

up
prometheus_build_info
rate(prometheus_http_requests_total[5m])

Verify that self-monitoring is working correctly by checking Prometheus’s own metrics. The up query should return a value of 1 for all configured targets.

Command Line Verification

Use promtool to validate configuration and perform health checks:

sudo promtool check config /etc/prometheus/prometheus.yml
sudo promtool query instant 'up'
sudo promtool query range 'up' --start=2023-01-01T00:00:00Z --end=2023-01-01T01:00:00Z

Monitor service status and resource usage through systemd:

sudo systemctl status prometheus
sudo journalctl -u prometheus --since "10 minutes ago"

Check API endpoints programmatically using curl:

curl http://localhost:9090/api/v1/query?query=up
curl http://localhost:9090/api/v1/targets

Monitor system resource consumption to ensure optimal performance:

ps aux | grep prometheus
top -p $(pgrep prometheus)

Integrating Node Exporter

Node Exporter Installation

Install node-exporter to collect system-level metrics from the Fedora 42 host. Download the latest node-exporter release:

cd /tmp
wget https://github.com/prometheus/node_exporter/releases/download/v1.6.0/node_exporter-1.6.0.linux-amd64.tar.gz
tar xzf node_exporter-1.6.0.linux-amd64.tar.gz
sudo cp node_exporter-1.6.0.linux-amd64/node_exporter /usr/local/bin/

Create a systemd service for node-exporter:

sudo nano /etc/systemd/system/node-exporter.service

Add the service configuration:

[Unit]
Description=Node Exporter
After=network.target

[Service]
User=prometheus
Group=prometheus
Type=simple
ExecStart=/usr/local/bin/node_exporter

[Install]
WantedBy=multi-user.target

Enable and start the node-exporter service:

sudo systemctl daemon-reload
sudo systemctl enable node-exporter
sudo systemctl start node-exporter

Prometheus Configuration Update

Add node-exporter as a scrape target in the Prometheus configuration:

scrape_configs:
  - job_name: 'prometheus'
    static_configs:
      - targets: ['localhost:9090']
      
  - job_name: 'node-exporter'
    static_configs:
      - targets: ['localhost:9100']
    scrape_interval: 15s

Validate the updated configuration and restart Prometheus:

sudo promtool check config /etc/prometheus/prometheus.yml
sudo systemctl restart prometheus

Verify node-exporter metrics are being collected:

curl http://localhost:9100/metrics | head -20

Access the Prometheus web interface and check that the node-exporter target appears as “UP” in the Status > Targets page. Query system metrics to confirm data collection:

node_cpu_seconds_total
node_memory_MemAvailable_bytes
node_filesystem_size_bytes

Troubleshooting Common Issues

Service Startup Problems

Address permission-related errors that prevent Prometheus from starting. Check file ownership and permissions:

sudo ls -la /etc/prometheus/
sudo ls -la /var/lib/prometheus/
sudo chown -R prometheus:prometheus /etc/prometheus/
sudo chown -R prometheus:prometheus /var/lib/prometheus/

Resolve configuration file syntax issues using promtool validation:

sudo promtool check config /etc/prometheus/prometheus.yml

Fix port binding conflicts by identifying processes using port 9090:

sudo netstat -tulpn | grep :9090
sudo lsof -i :9090

Debug systemd service issues using detailed logging:

sudo journalctl -u prometheus -xe
sudo systemctl status prometheus -l

Performance and Resource Issues

Optimize memory usage for large-scale deployments. Configure appropriate storage retention policies:

--storage.tsdb.retention.time=30d
--storage.tsdb.retention.size=10GB

Improve query performance by adjusting scrape intervals and target configurations:

global:
  scrape_interval: 30s
  evaluation_interval: 30s

Monitor Prometheus resource consumption and adjust limits accordingly:

sudo systemctl edit prometheus

Add resource limitations:

[Service]
MemoryLimit=4G
CPUQuota=200%

Configure storage optimization for better disk I/O performance. Use SSD storage for time-series data and adjust chunk encoding settings for specific workloads.

Advanced Configuration and Monitoring Best Practices

Federation and High Availability

Configure Prometheus federation for distributed monitoring architectures. Set up global labels for federation identification:

global:
  external_labels:
    cluster: 'fedora-production'
    replica: 'prometheus-01'

Implement remote storage solutions for long-term data retention. Configure remote write endpoints for external storage systems:

remote_write:
  - url: "https://remote-storage.example.com/api/v1/write"
    basic_auth:
      username: "prometheus"
      password: "secure-password"

Alerting Configuration

Set up Alertmanager for comprehensive alerting capabilities. Create alerting rules for critical system metrics:

groups:
  - name: system-alerts
    rules:
      - alert: HighCPUUsage
        expr: 100 - (avg by(instance) (rate(node_cpu_seconds_total{mode="idle"}[2m])) * 100) > 80
        for: 2m
        labels:
          severity: warning
        annotations:
          summary: "High CPU usage detected"
          description: "CPU usage is above 80% for more than 2 minutes"

Integration with Grafana

Install Grafana for advanced visualization capabilities. Configure Prometheus as a data source in Grafana:

sudo dnf install -y grafana
sudo systemctl enable grafana-server
sudo systemctl start grafana-server

Create comprehensive dashboards for system monitoring, application performance tracking, and infrastructure health visualization. Import community dashboards from Grafana Labs to accelerate monitoring setup.

Congratulations! You have successfully installed Prometheus. Thanks for using this tutorial for installing the Prometheus monitoring and alerting tool on Fedora 42 Linux system. For additional help or useful information, we recommend you check the official Prometheus website.