Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dnsdist: Better use of labels in our DoH prometheus export #8318

Merged
merged 4 commits into from Sep 30, 2019

Conversation

@rgacogne
Copy link
Member

commented Sep 19, 2019

Short description

Also add stats about TLS session resumption.
Still needs some work, don't merge yet!

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)
@rgacogne rgacogne added this to the dnsdist-1.4.0 milestone Sep 19, 2019
rgacogne added 2 commits Sep 23, 2019
Also add stats about TLS session resumption.
@rgacogne rgacogne force-pushed the rgacogne:ddist-prometheus-labels branch from 67eecdf to bda6c8f Sep 23, 2019
@rgacogne rgacogne marked this pull request as ready for review Sep 23, 2019
@rgacogne

This comment has been minimized.

Copy link
Member Author

commented Sep 23, 2019

Before:

# HELP dnsdist_doh_frontend_http_connects Number of TCP connections establoshed to this frontend
# TYPE dnsdist_doh_frontend_queries counter
# HELP dnsdist_doh_frontend_tls10_queries Number of valid DNS queries received via TLS 1.0
# TYPE dnsdist_doh_frontend_tls10_queries counter
# HELP dnsdist_doh_frontend_tls11_queries Number of valid DNS queries received via TLS 1.1
# TYPE dnsdist_doh_frontend_tls11_queries counter
# HELP dnsdist_doh_frontend_tls12_queries Number of valid DNS queries received via TLS 1.2
# TYPE dnsdist_doh_frontend_tls12_queries counter
# HELP dnsdist_doh_frontend_tls13_queries Number of valid DNS queries received via TLS 1.3
# TYPE dnsdist_doh_frontend_tls13_queries counter
# HELP dnsdist_doh_frontend_tlsunknown_queries Number of valid DNS queries received via an unknown TLS version
# TYPE dnsdist_doh_frontend_tlsunknown_queries counter
# HELP dnsdist_doh_frontend_get_queries Number of valid DNS queries received via GET
# TYPE dnsdist_doh_frontend_get_queries counter
# HELP dnsdist_doh_frontend_post_queries Number of valid DNS queries received via POST
# TYPE dnsdist_doh_frontend_post_queries counter
# HELP dnsdist_doh_frontend_bad_requests Number of requests that could not be converted to a DNS query
# TYPE dnsdist_doh_frontend_bad_requests counter
# HELP dnsdist_doh_frontend_error_responses Number of responses sent by dnsdist indicating an error
# TYPE dnsdist_doh_frontend_error_responses counter
# HELP dnsdist_doh_frontend_redirect_responses Number of responses sent by dnsdist indicating a redirect
# TYPE dnsdist_doh_frontend_redirect_responses counter
# HELP dnsdist_doh_frontend_valid_responses Number of valid responses sent by dnsdist
# TYPE dnsdist_doh_frontend_valid_responses counter
# HELP dnsdist_doh_frontend_http1_queries Number of queries received over HTTP/1.x
# TYPE dnsdist_doh_frontend_http1_queries counter
# HELP dnsdist_doh_frontend_http1_nb200responses Number of responses with a 200 status code sent over HTTP/1.x
# TYPE dnsdist_doh_frontend_http1_nb200responses counter
# HELP dnsdist_doh_frontend_http1_nb400responses Number of responses with a 400 status code sent over HTTP/1.x
# TYPE dnsdist_doh_frontend_http1_nb400responses counter
# HELP dnsdist_doh_frontend_http1_nb403responses Number of responses with a 403 status code sent over HTTP/1.x
# TYPE dnsdist_doh_frontend_http1_nb403responses counter
# HELP dnsdist_doh_frontend_http1_nb500responses Number of responses with a 500 status code sent over HTTP/1.x
# TYPE dnsdist_doh_frontend_http1_nb500responses counter
# HELP dnsdist_doh_frontend_http1_nb502responses Number of responses with a 502 status code sent over HTTP/1.x
# TYPE dnsdist_doh_frontend_http1_nb502responses counter
# HELP dnsdist_doh_frontend_http1_nbotherresponses Number of responses with another status code sent over HTTP/1.x
# TYPE dnsdist_doh_frontend_http1_nbotherresponses counter
# HELP dnsdist_doh_frontend_http2_queries Number of queries received over HTTP/2.x
# TYPE dnsdist_doh_frontend_http2_queries counter
# HELP dnsdist_doh_frontend_http2_nb200responses Number of responses with a 200 status code sent over HTTP/2.x
# TYPE dnsdist_doh_frontend_http2_nb200responses counter
# HELP dnsdist_doh_frontend_http2_nb400responses Number of responses with a 400 status code sent over HTTP/2.x
# TYPE dnsdist_doh_frontend_http2_nb400responses counter
# HELP dnsdist_doh_frontend_http2_nb403responses Number of responses with a 403 status code sent over HTTP/2.x
# TYPE dnsdist_doh_frontend_http2_nb403responses counter
# HELP dnsdist_doh_frontend_http2_nb500responses Number of responses with a 500 status code sent over HTTP/2.x
# TYPE dnsdist_doh_frontend_http2_nb500responses counter
# HELP dnsdist_doh_frontend_http2_nb502responses Number of responses with a 502 status code sent over HTTP/2.x
# TYPE dnsdist_doh_frontend_http2_nb502responses counter
# HELP dnsdist_doh_frontend_http2_nbotherresponses Number of responses with another status code sent over HTTP/2.x
# TYPE dnsdist_doh_frontend_http2_nbotherresponses counter
dnsdist_doh_frontend_http_connects{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_tls10_queries{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_tls11_queries{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_tls12_queries{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_tls13_queries{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_tlsunknown_queries{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_get_queries{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_post_queries{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_bad_requests{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_error_responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_redirect_responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_valid_responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http1_queries{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http1_nb200responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http1_nb400responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http1_nb403responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http1_nb500responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http1_nb502responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http1_nbotherresponses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http2_queries{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http2_nb200responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http2_nb400responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http2_nb403responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http2_nb500responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http2_nb502responses{address="127.0.0.1:9443"} 0
dnsdist_doh_frontend_http2_nbotherresponses{address="127.0.0.1:9443"} 0

After, the new TLS resumption metrics:

# HELP dnsdist_frontend_tlsnewsessions Amount of new TLS sessions negotiated
# TYPE dnsdist_frontend_tlsnewsessions counter
# HELP dnsdist_frontend_tlsresumptions Amount of TLS sessions resumed
# TYPE dnsdist_frontend_tlsresumptions counter
dnsdist_frontend_tlsnewsessions{frontend="127.0.0.1:53",proto="UDP"} 0
dnsdist_frontend_tlsresumptions{frontend="127.0.0.1:53",proto="UDP"} 0
dnsdist_frontend_tlsnewsessions{frontend="127.0.0.1:53",proto="TCP"} 0
dnsdist_frontend_tlsresumptions{frontend="127.0.0.1:53",proto="TCP"} 0
dnsdist_frontend_tlsnewsessions{frontend="127.0.0.1:8443",proto="TCP (DNS over TLS)"} 0
dnsdist_frontend_tlsresumptions{frontend="127.0.0.1:8443",proto="TCP (DNS over TLS)"} 0
dnsdist_frontend_tlsnewsessions{frontend="127.0.0.1:9443",proto="TCP (DNS over HTTPS)"} 0
dnsdist_frontend_tlsresumptions{frontend="127.0.0.1:9443",proto="TCP (DNS over HTTPS)"} 0

and the reworked DoH ones:

# HELP dnsdist_frontend_http_connects Number of DoH TCP connections established to this frontend
# TYPE dnsdist_frontend_http_connects counter
# HELP dnsdist_frontend_doh_responses Number of DoH responses sent by dnsdist
# TYPE dnsdist_frontend_doh_responses counter
dnsdist_frontend_http_connects{address="127.0.0.1:9443" } 0
dnsdist_frontend_queries{tls="tls10",address="127.0.0.1:9443" } 0
dnsdist_frontend_queries{tls="tls11",address="127.0.0.1:9443" } 0
dnsdist_frontend_queries{tls="tls12",address="127.0.0.1:9443" } 0
dnsdist_frontend_queries{tls="tls13",address="127.0.0.1:9443" } 0
dnsdist_frontend_queries{tls="unknown",address="127.0.0.1:9443" } 0
dnsdist_frontend_queries{httpmethod="get",address="127.0.0.1:9443" } 0
dnsdist_frontend_queries{httpmethod="post",address="127.0.0.1:9443" } 0
dnsdist_frontend_queries{httpversion="1",address="127.0.0.1:9443" } 0
dnsdist_frontend_queries{httpversion="2",address="127.0.0.1:9443" } 0
dnsdist_frontend_queries{type="bad",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{type="error",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{type="redirect",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{type="valid",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="1",status="200",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="1",status="400",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="1",status="403",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="1",status="500",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="1",status="502",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="1",status="other",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="2",status="200",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="2",status="400",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="2",status="403",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="2",status="500",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="2",status="502",address="127.0.0.1:9443" } 0
dnsdist_frontend_doh_responses{httpversion="2",status="other",address="127.0.0.1:9443" } 0
@rgacogne rgacogne closed this Sep 23, 2019
@rgacogne rgacogne reopened this Sep 23, 2019
@rgacogne rgacogne force-pushed the rgacogne:ddist-prometheus-labels branch from bda6c8f to 5d7a33d Sep 23, 2019
@rgacogne rgacogne merged commit 45ec918 into PowerDNS:master Sep 30, 2019
26 of 28 checks passed
26 of 28 checks passed
LGTM analysis: JavaScript No code changes detected
Details
LGTM analysis: Python No code changes detected
Details
LGTM analysis: C/C++ No new or fixed alerts
Details
ci/circleci: build-auth Your tests passed on CircleCI!
Details
ci/circleci: build-auth-docs Your tests passed on CircleCI!
Details
ci/circleci: build-dnsdist Your tests passed on CircleCI!
Details
ci/circleci: build-dnsdist-docs Your tests passed on CircleCI!
Details
ci/circleci: build-recursor Your tests passed on CircleCI!
Details
ci/circleci: build-recursor-docs Your tests passed on CircleCI!
Details
ci/circleci: checkout Your tests passed on CircleCI!
Details
ci/circleci: test-auth-algorithms Your tests passed on CircleCI!
Details
ci/circleci: test-auth-api Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-bind Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-gmysql Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-gpgsql Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-gsqlite3 Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-ldap Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-lmdb Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-mydns Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-odbc-mssql Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-odbc-sqlite3 Your tests passed on CircleCI!
Details
ci/circleci: test-auth-regress-tinydns Your tests passed on CircleCI!
Details
ci/circleci: test-dnsdist-regression Your tests passed on CircleCI!
Details
ci/circleci: test-ixfrdist-regression Your tests passed on CircleCI!
Details
ci/circleci: test-recursor-api Your tests passed on CircleCI!
Details
ci/circleci: test-recursor-bulk Your tests passed on CircleCI!
Details
ci/circleci: test-recursor-regression Your tests passed on CircleCI!
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@rgacogne rgacogne deleted the rgacogne:ddist-prometheus-labels branch Sep 30, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.