8000 [Feature] Add exporter by ajanikow · Pull Request #730 · arangodb/kube-arangodb · GitHub
[go: up one dir, main page]
Skip to content

[Feature] Add exporter #730

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
May 21, 2021
Merged

[Feature] Add exporter #730

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8e5a46d
Add exporter
ajanikow May 21, 2021
546f901
Review
ajanikow May 21, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Review
  • Loading branch information
@ajanikow
ajanikow committed May 21, 2021
commit 546f9011ea74177364e59447bfe51476ccd314db
193 changes: 62 additions & 131 deletions exporter.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
//
// DISCLAIMER
//
// Copyright 2020 ArangoDB GmbH, Cologne, Germany
// Copyright 2021 ArangoDB GmbH, Cologne, Germany
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
Expand All @@ -23,170 +23,101 @@
package main

import (
"crypto/tls"
"fmt"
"io/ioutil"
"net/http"
"os"
"path"
"os/signal"
"syscall"
"time"

"github.com/arangodb/kube-arangodb/pkg/exporter"

"github.com/arangodb/go-driver/jwt"
"github.com/arangodb/kube-arangodb/pkg/deployment/pod"
"github.com/arangodb/kube-arangodb/pkg/util/constants"
"github.com/arangodb/kube-arangodb/pkg/util/k8sutil"
"github.com/pkg/errors"
"github.com/rs/zerolog/log"
"github.com/spf13/cobra"
)

var (
cmdLifecycleProbe = &cobra.Command{
Use: "probe",
Run: cmdLifecycleProbeCheck,
cmdExporter = &cobra.Command{
Use: "exporter",
Run: cmdExporterCheck,
}

probeInput struct {
SSL bool
Auth bool
Endpoint string
JWTPath string
exporterInput struct {
listenAddress string

endpoint string
jwtFile string
timeout time.Duration

keyfile string
}
)

func init() {
f := cmdLifecycleProbe.PersistentFlags()
f := cmdExporter.PersistentFlags()

f.BoolVarP(&probeInput.SSL, "ssl", "", false, "Determines if SSL is enabled")
f.BoolVarP(&probeInput.Auth, "auth", "", false, "Determines if authentication is enabled")
f.StringVarP(&probeInput.Endpoint, "endpoint", "", "/_api/version", "Endpoint (path) to call for lifecycle probe")
f.StringVarP(&probeInput.JWTPath, "jwt", "", k8sutil.ClusterJWTSecretVolumeMountDir, "Path to the JWT tokens")
}

func probeClient() *http.Client {
tr := &http.Transport{}

if probeInput.SSL {
tr.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
}
f.StringVar(&exporterInput.listenAddress, "server.address", ":9101", "Address the exporter will listen on (IP:port)")
f.StringVar(&exporterInput.keyfile, "ssl.keyfile", "", "File containing TLS certificate used for the metrics server. Format equal to ArangoDB keyfiles")

client := &http.Client{
Transport: tr,
}
f.StringVar(&exporterInput.endpoint, "arangodb.endpoint", "http://127.0.0.1:8529", "Endpoint used to reach the ArangoDB server")
f.StringVar(&exporterInput.jwtFile, "arangodb.jwt-file", "", "File containing the JWT for authentication with ArangoDB server")
f.DurationVar(&exporterInput.timeout, "arangodb.timeout", time.Second*15, "Timeout of statistics requests for ArangoDB")

return client
cmdMain.AddCommand(cmdExporter)
}

func probeEndpoint(endpoint string) string {
proto := "http"
if probeInput.SSL {
proto = "https"
func cmdExporterCheck(cmd *cobra.Command, args []string) {
if err := cmdExporterCheckE(); err != nil {
log.Error().Err(err).Msgf("Fatal")
os.Exit(1)
}

return fmt.Sprintf("%s://%s:%d%s", proto, "127.0.0.1", k8sutil.ArangoPort, endpoint)
}

func readJWTFile(file string) ([]byte, error) {
p := path.Join(probeInput.JWTPath, file)
log.Info().Str("path", p).Msgf("Try to use file")
func onSigterm(f func()) {
sigs := make(chan os.Signal, 1)

f, err := os.Open(p)
if err != nil {
return nil, err
}
signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM)

defer f.Close()
data, err := ioutil.ReadAll(f)
if err != nil {
return nil, err
}

return data, nil
go func() {
defer f()
<-sigs
}()
}

func getJWTToken() ([]byte, error) {
// Try read default one
if token, err := readJWTFile(constants.SecretKeyToken); err == nil {
log.Info().Str("token", constants.SecretKeyToken).Msgf("Using JWT Token")
return token, nil
}

// Try read active one
if token, err := readJWTFile(pod.ActiveJWTKey); err == nil {
log.Info().Str("token", pod.ActiveJWTKey).Msgf("Using JWT Token")
return token, nil
}

if files, err := ioutil.ReadDir(probeInput.JWTPath); err == nil {
for _, file := range files {
if token, err := readJWTFile(file.Name()); err == nil {
log.Info().Str("token", file.Name()).Msgf("Using JWT Token")
return token, nil
}
func cmdExporterCheckE() error {
p, err := exporter.NewPassthru(exporterInput.endpoint, func() (string, error) {
if exporterInput.jwtFile == "" {
return "", nil
}
}

return nil, errors.Errorf("Unable to find any token")
}

func addAuthHeader(req *http.Request) error {
if !probeInput.Auth {
return nil
}

token, err := getJWTToken()
if err != nil {
return err
}

header, err := jwt.CreateArangodJwtAuthorizationHeader(string(token), "probe")
if err != nil {
return err
}

req.Header.Add("Authorization", header)
return nil
}

func doRequest() (*http.Response, error) {
client := probeClient()

req, err := http.NewRequest(http.MethodGet, probeEndpoint(probeInput.Endpoint), nil)
if err != nil {
return nil, err
}

if err := addAuthHeader(req); err != nil {
return nil, err
}

return client.Do(req)
}

func cmdLifecycleProbeCheck(cmd *cobra.Command, args []string) {
if err := cmdLifecycleProbeCheckE(); err != nil {
log.Error().Err(err).Msgf("Fatal")
os.Exit(1)
}
}
data, err := ioutil.ReadFile(exporterInput.jwtFile)
if err != nil {
return "", err
}

func cmdLifecycleProbeCheckE() error {
resp, err := doRequest()
return string(data), nil
}, false, 15*time.Second)
if err != nil {
return err
}

if resp.StatusCode != http.StatusOK {
if resp.Body != nil {
defer resp.Body.Close()
if data, err := ioutil.ReadAll(resp.Body); err == nil {
return errors.Errorf("Unexpected code: %d - %s", resp.StatusCode, string(data))
exporter := exporter.NewExporter(exporterInput.listenAddress, "/metrics", p)
if exporterInput.keyfile != "" {
if e, err := exporter.WithKeyfile(exporterInput.keyfile); err != nil {
return err
} else {
if r, err := e.Start(); err != nil {
return err
} else {
onSigterm(r.Stop)
return r.Wait()
}
}

return errors.Errorf("Unexpected code: %d", resp.StatusCode)
} else {
if r, err := exporter.Start(); err != nil {
return err
} else {
onSigterm(r.Stop)
return r.Wait()
}
}

log.Info().Msgf("Check passed")

return nil
}
20 changes: 10 additions & 10 deletions pkg/deployment/features/metrics.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
//
// DISCLAIMER
//
// Copyright 2020 ArangoDB GmbH, Cologne, Germany
// Copyright 2021 ArangoDB GmbH, Cologne, Germany
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
Expand All @@ -23,17 +23,17 @@
package features

func init() {
registerFeature(jwtRotation)
registerFeature(metricsExporter)
}

var jwtRotation = &feature{
name: "jwt-rotation",
description: "JWT Token rotation in runtime",
version: "3.7.0",
enterpriseRequired: true,
enabledByDefault: true,
var metricsExporter = &feature{
name: "metrics-exporter",
description: "Define if internal metrics-exporter should be used",
version: "3.6.0",
enterpriseRequired: false,
enabledByDefault: false,
}

func JWTRotation() Feature {
return jwtRotation
func MetricsExporter() Feature {
return metricsExporter
}
3 changes: 2 additions & 1 deletion pkg/deployment/images.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -322,7 +322,8 @@ func (i *ImageUpdatePod) GetVolumes() ([]core.Volume, []core.VolumeMount) {
return volumes, volumeMounts
}

func (i *ImageUpdatePod) GetSidecars(*core.Pod) {
func (i *ImageUpdatePod) GetSidecars(*core.Pod) error {
return nil
}

func (i *ImageUpdatePod) GetInitContainers(cachedStatus interfaces.Inspector) ([]core.Container, error) {
Expand Down
35 changes: 35 additions & 0 deletions pkg/deployment/resources/exporter.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ package resources
import (
"path/filepath"

"github.com/arangodb/go-driver"

api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1"
"github.com/arangodb/kube-arangodb/pkg/util/k8sutil/probes"

Expand Down Expand Up @@ -59,6 +61,39 @@ func ArangodbExporterContainer(image string, args []string, livenessProbe *probe
return c
}

func createInternalExporterArgs(spec api.DeploymentSpec, groupSpec api.ServerGroupSpec, version driver.Version) []string {
tokenpath := filepath.Join(k8sutil.ExporterJWTVolumeMountDir, constants.SecretKeyToken)
options := k8sutil.CreateOptionPairs(64)

options.Add("--arangodb.jwt-file", tokenpath)

path := k8sutil.ArangoExporterInternalEndpoint
if version.CompareTo("3.8.0") >= 0 {
path = k8sutil.ArangoExporterInternalEndpointV2
}

if port := groupSpec.InternalPort; port == nil {
scheme := "http"
if spec.IsSecure() {
scheme = "https"
}
options.Addf("--arangodb.endpoint", "%s://localhost:%d%s", scheme, k8sutil.ArangoPort, path)
} else {
options.Addf("--arangodb.endpoint", "http://localhost:%d%s", *port, path)
}

keyPath := filepath.Join(k8sutil.TLSKeyfileVolumeMountDir, constants.SecretTLSKeyfile)
if spec.IsSecure() && spec.Metrics.IsTLS() {
options.Add("--ssl.keyfile", keyPath)
}

if port := spec.Metrics.GetPort(); port != k8sutil.ArangoExporterPort {
options.Addf("--server.address", ":%d", port)
}

return options.Sort().AsArgs()
}

func createExporterArgs(spec api.DeploymentSpec, groupSpec api.ServerGroupSpec) []string {
tokenpath := filepath.Join(k8sutil.ExporterJWTVolumeMountDir, constants.SecretKeyToken)
options := k8sutil.CreateOptionPairs(64)
Expand Down
Loading
0