-
Notifications
You must be signed in to change notification settings - Fork 36
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
iterating http_sd support towards generic discovery #84
Comments
How should the fastly-exporter change? |
It should not be necessary to run a separate process in order to use the fastly-exporter with http_sd_config. |
Oh, that was literally just to test that the new http_sd endpoint json worked the way I wanted without having to diddle the golang code first. I had already gotten your |
Oh! OK, sorry for presuming :) |
So instead of [
{
"targets": [
"abc",
"def"
]
}
] you want [
{
"targets": [
"localhost:8080"
],
"labels": {
"__param_target": "abc"
}
},
{
"targets": [
"localhost:8080"
],
"labels": {
"__param_target": "def"
}
}
] Is that right? If it works, this avoids some configuration in the prometheus.yaml — does it do anything beyond that? Unfortunately, I'm not sure it can actually work — I don't think the exporter can serve a target host:port which is reliably correct. Consider the case of load balancers, or NAT, or anything which puts a middlebox between the client and the exporter. The host header isn't a reliable source of truth. I've fought this battle many times actually!! As far as I can see it's a properly hard problem for a process to know it's own address in a way that permits it to serve that address back callers reliably. |
/cc @SuperQ if you have any input |
ok, I was thinking we might have the problems you mentioned with the host header, so... use the ip:port that is being connected to, as seen by the fastly-exporter, as the target? that addresses at least some of the cases and for more complex ones folks can still do not great, but possibly better? we REALLY need a prometheus placeholder for http_sd that means "come back to the hostname you asked"
Which obviously CAN be done with |
It would be lovely if it were possible! But I'm not aware of a way for a server to reliably deduce the address that a client used to establish an incoming connection. NAT, VPNs, proxies, etc. can all sit in front of the connection in a way that's invisible to the server. Middleboxes can intercept and rewrite traffic at the IP layer. DNS resolution happens before the initial handshake. And so on. |
Unfortunately not feasible. |
Well, wait a sec. you're right that there are a myriad of problems detecting from the server side, but in this case we would just need to provide a hint to the client, who does have enough information to make the right decision. ala, "hey client, connect to me like last time" So we just need to convince the http_sd folks to implicitly handle the hint on the prometheus side... ;) |
As an interim step on our side, we can do as you mocked up as that at least reduces the complexity of the
to
|
We can't do what I mocked up. |
it should be, no? assuming just about every system under the sun has a localhost -> 127.0.0.1 lookup. potential alternate suggestions:
as really the target field (for fastly-exporter) is currently more used as a placeholder text string for replacement then an actual host/ip for binding i.e. in our intermediate implementation, we don't need the target to be resolvable, we just need it to be consistent to be replaceable with |
...aaaand I have a snippet from my first attempt to not have to update the address in two places (
slightly wordier, but keeps up to date with whatever host:port is used in That actually makes it irrelevant what the target is actually called in the /sd json ;) |
What about that? #85 |
Does this actually scrape each service correctly? |
Upon reflection, I don't think it's the job of the exporter to try to golf it's SD implementation to minimize the required configuration on the Prometheus side. I think we just do what Prometheus says we should do and leave it at that. |
I'm not a fan of golf either (code or otherwise. possibly miniature?) So, let me take the 10,000 foot view and explain what I'm beating this gong so hard automated discovery of service discovery endpointsAbout a year from now, folks are going to be like
ala
Now, /metrics autodiscovery is awesome as /metrics works out of the box. Any /metrics endpoint is processed the exact same way. ...However, currently fastly-exporter service discovery needs application specific Part of this onus is going to be on projects (like fastly-exporter) implementing Because otherwise fastly-exporter and other implementers are going to have a gnarly time of it that we can more easily nip in the bud early. This is why I think it is so absolutely important that fastly-exporter /sd work out of the box, not with less |
These are points to raise on the Prometheus repo, not this one, I think :) |
oh, I'm poking them as well ;) I also wanted to clarify why I'm not letting this go for this project as well. |
Sorry, I didn't get a chance to review this quickly.
Yes, this is going to be the tough part. For example, in our configuration we're going to have several exporters running different shards, with semi-dynamic hostnames generated by Kubernetes. I haven't actually gotten a chance to test the existing implementation yet, as I am working on adding additional scrape target injection into our Kubernetes magement. I think that should be done soon, so I'll hopefully be able to report back before the end of the year. |
I believe we can make http_sd work generically out of the box without
relabel_configs
.by explicitly setting the
__params_target
label per target (and ideally using the host header and port from the request to set the target:port) we can get service discovery to work without any jiggery pokery.I used https://github.com/pagarme/static-response-server to host the following
along with the following minimal
http_sd_configs
and everything worked out of the box.
The text was updated successfully, but these errors were encountered: