TUN-7553: Add flag to enable management diagnostic services

With the new flag --management-diagnostics (an opt-in flag) cloudflared's will be able to report additional diagnostic information over the management.argotunnel.com request path. Additions include the /metrics prometheus endpoint; which is already bound to a local port via --metrics. /debug/pprof/(goroutine|heap) are also provided to allow for remotely retrieving heap information from a running cloudflared connector.
2025-07-28 12:09:57 +00:00 · 2023-07-05 13:28:30 -07:00
parent 39847a70f2
commit 8a3eade6d3
6 changed files with 77 additions and 20 deletions
--- a/cmd/cloudflared/tunnel/cmd.go
+++ b/cmd/cloudflared/tunnel/cmd.go
@@ -413,6 +413,7 @@ func StartServer(

 		mgmt := management.New(
 			c.String("management-hostname"),
+			c.Bool("management-diagnostics"),
 			serviceIP,
 			clientID,
 			c.String(connectorLabelFlag),
@@ -764,6 +765,12 @@ func tunnelFlags(shouldHide bool) []cli.Flag {
 			EnvVars: []string{"TUNNEL_POST_QUANTUM"},
 			Hidden:  FipsEnabled,
 		}),
+		altsrc.NewBoolFlag(&cli.BoolFlag{
+			Name:    "management-diagnostics",
+			Usage:   "Enables the in-depth diagnostic routes to be made available over the management service (/debug/pprof, /metrics, etc.)",
+			EnvVars: []string{"TUNNEL_MANAGEMENT_DIAGNOSTICS"},
+			Value:   false,
+		}),
 		selectProtocolFlag,
 		overwriteDNSFlag,
 	}...)