Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for custom internal server #7069

Merged
merged 4 commits into from
Sep 7, 2022
Merged

Add support for custom internal server #7069

merged 4 commits into from
Sep 7, 2022

Conversation

periklis
Copy link
Collaborator

@periklis periklis commented Sep 6, 2022
edited

What this PR does / why we need it:
The following PR adds support for a custom internal server listener dedicated for the start to serve the ready handler on a separate port and optionally TLS configuration. The key purpose for this one is to serve the Loki HTTP API via mTLS while serving the readiness endpoints without (i.e. kubernetes readiness/liveness probes do not support authentication)

Which issue(s) this PR fixes:
Fixes #

Special notes for your reviewer:

Checklist

  • Documentation added
  • Tests updated
  • Is this an important fix or new feature? Add an entry in the CHANGELOG.md.
  • Changes that require user attention or interaction to upgrade are documented in docs/sources/upgrading/_index.md

@periklis periklis requested a review from a team as a code owner September 6, 2022 13:09
@periklis periklis self-assigned this Sep 6, 2022
@periklis periklis force-pushed the internal-server branch 3 times, most recently from f3da4b8 to 706e94a Compare September 6, 2022 13:15
@periklis periklis mentioned this pull request Sep 6, 2022
Merged
4 tasks
@grafanabot
Copy link
Collaborator

./tools/diff_coverage.sh ../loki-main/test_results.txt test_results.txt ingester,distributor,querier,querier/queryrange,iter,storage,chunkenc,logql,loki

Change in test coverage per package. Green indicates 0 or positive change, red indicates that test coverage for a package fell.

+           ingester	0%
+        distributor	0%
+            querier	0%
+ querier/queryrange	0%
+               iter	0%
+            storage	0%
+           chunkenc	0%
+              logql	0%
-               loki	-0.5%

simonswine
simonswine approved these changes Sep 6, 2022
View reviewed changes
Copy link
Contributor

@simonswine simonswine left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I think this is a worthwhile improvement.

I am also wondering if it is worth including other endpoints (like /metrics) to that internal listener? (Not necessarily in this PR)

pkg/server/internal_server.go Outdated

// RegisterFlags add internal server flags to flagset
func (cfg *Config) RegisterFlags(f *flag.FlagSet) {
f.StringVar(&cfg.Config.HTTPListenAddress, "internal-server.http-listen-address", "", "HTTP internal server listen address.")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wonder if it should default to 'localhost'?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I took the defaults from weaveworks verbatim, but for an internal server that is used for readiness and metrics it makes sense to default listen on localhost.

pkg/server/internal_server.go Outdated Show resolved Hide resolved
pkg/loki/loki.go Outdated Show resolved Hide resolved
pkg/loki/loki.go
@@ -131,6 +133,7 @@ func (c *Config) registerServerFlagsWithChangedDefaultValues(fs *flag.FlagSet) {
// Register to throwaway flags first. Default values are remembered during registration and cannot be changed,
// but we can take values from throwaway flag set and reregister into supplied flags with new default values.
c.Server.RegisterFlags(throwaway)
c.InternalServer.RegisterFlags(throwaway)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't think that is necessary

Copy link
Collaborator Author

@periklis periklis Sep 6, 2022
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually it is needed to register the flags to main flagset of Loki or else we can't configure the internal server.

pkg/server/internal_server.go

// Config extends weaveworks server config
type Config struct {
serverww.Config `yaml:",inline"`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That also includes a lot of struct fields which are unused, I would prefer to shrink those down a bit more.

I don't know if it even needs to be supporting TLS, but I guess the list of the registered flags would be a good start.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the scope of exposing only the ready handler it makes sense to shrink this more. However, as you mention above it makes sense to expose the metrics from this handler too and thus I would like to keep the inline struct as such for start but limit the inputs via the shrinked registered flags. As per exposing metrics allowing TLS from start is imho a good thing to do. For example on OpenShift we allow only scraping over HTTPS.

@grafanabot
Copy link
Collaborator

./tools/diff_coverage.sh ../loki-main/test_results.txt test_results.txt ingester,distributor,querier,querier/queryrange,iter,storage,chunkenc,logql,loki

Change in test coverage per package. Green indicates 0 or positive change, red indicates that test coverage for a package fell.

+           ingester	0%
+        distributor	0%
+            querier	0%
+ querier/queryrange	0%
+               iter	0%
+            storage	0%
+           chunkenc	0%
+              logql	0%
-               loki	-0.5%

@grafanabot
Copy link
Collaborator

./tools/diff_coverage.sh ../loki-main/test_results.txt test_results.txt ingester,distributor,querier,querier/queryrange,iter,storage,chunkenc,logql,loki

Change in test coverage per package. Green indicates 0 or positive change, red indicates that test coverage for a package fell.

+           ingester	0%
+        distributor	0%
+            querier	0%
+ querier/queryrange	0%
+               iter	0%
+            storage	0%
+           chunkenc	0%
+              logql	0%
-               loki	-0.5%

@periklis periklis merged commit c30fb94 into grafana:main Sep 7, 2022
@periklis periklis mentioned this pull request Sep 7, 2022
Merged
4 tasks
@periklis periklis mentioned this pull request Sep 29, 2022
Merged
5 tasks
lxwzy pushed a commit to lxwzy/loki that referenced this pull request Nov 7, 2022
@periklis @simonswine @lxwzy
Add support for custom internal server (grafana#7069)
1e6ed46 

Co-authored-by: Christian Simon <simon@swine.de>
This was referenced Feb 1, 2023
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@simonswine simonswine simonswine approved these changes

Assignees

@periklis periklis

Labels
size/L
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@periklis @grafanabot @simonswine