Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ruler: make use of dskit grpcclient.Config on remote evaluation client #1818

Merged
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,18 @@
* `cortex_distributor_ingester_append_failures_total`
* [FEATURE] Querier: Added support for [streaming remote read](https://prometheus.io/blog/2019/10/10/remote-read-meets-streaming/). Should be noted that benefits of chunking the response are partial here, since in a typical `query-frontend` setup responses will be buffered until they've been completed. #1735
* [FEATURE] Ruler: Allow setting `evaluation_delay` for each rule group via rules group configuration file. #1474
* [FEATURE] Ruler: Added support for expression remote evaluation. #1536
* [FEATURE] Ruler: Added support for expression remote evaluation. #1536 #1818
* The following CLI flags (and their respective YAML config options) have been added:
* `-ruler.query-frontend.address`
* `-ruler.query-frontend.grpc-max-recv-msg-size`
* `-ruler.query-frontend.grpc-max-send-msg-size`
* `-ruler.query-frontend.grpc-compression`
* `-ruler.query-frontend.grpc-client-rate-limit`
* `-ruler.query-frontend.grpc-client-rate-limit-burst`
* `-ruler.query-frontend.backoff-on-ratelimits`
* `-ruler.query-frontend.backoff-min-period`
* `-ruler.query-frontend.backoff-max-period`
* `-ruler.query-frontend.backoff-retries`
* `-ruler.query-frontend.tls-enabled`
* `-ruler.query-frontend.tls-ca-path`
* `-ruler.query-frontend.tls-cert-path`
Expand Down
243 changes: 181 additions & 62 deletions cmd/mimir/config-descriptor.json
Original file line number Diff line number Diff line change
Expand Up @@ -7327,70 +7327,189 @@
"fieldType": "string"
},
{
"kind": "field",
"name": "tls_enabled",
"required": false,
"desc": "Set to true if query-frontend connection requires TLS.",
"fieldValue": null,
"fieldDefaultValue": false,
"fieldFlag": "ruler.query-frontend.tls-enabled",
"fieldType": "boolean",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_cert_path",
"required": false,
"desc": "Path to the client certificate file, which will be used for authenticating with the server. Also requires the key path to be configured.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-cert-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_key_path",
"required": false,
"desc": "Path to the key file for the client certificate. Also requires the client certificate to be configured.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-key-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_ca_path",
"required": false,
"desc": "Path to the CA certificates file to validate server certificate against. If not set, the host's root CA certificates are used.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-ca-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_server_name",
"required": false,
"desc": "Override the expected name on the server certificate.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-server-name",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_insecure_skip_verify",
"kind": "block",
"name": "grpc_client_config",
"required": false,
"desc": "Skip validating server certificate.",
"desc": "",
"blockEntries": [
{
"kind": "field",
"name": "max_recv_msg_size",
"required": false,
"desc": "gRPC client max receive message size (bytes).",
"fieldValue": null,
"fieldDefaultValue": 104857600,
"fieldFlag": "ruler.query-frontend.grpc-max-recv-msg-size",
"fieldType": "int",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "max_send_msg_size",
"required": false,
"desc": "gRPC client max send message size (bytes).",
"fieldValue": null,
"fieldDefaultValue": 104857600,
"fieldFlag": "ruler.query-frontend.grpc-max-send-msg-size",
"fieldType": "int",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "grpc_compression",
"required": false,
"desc": "Use compression when sending messages. Supported values are: 'gzip', 'snappy' and '' (disable compression)",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.grpc-compression",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "rate_limit",
"required": false,
"desc": "Rate limit for gRPC client; 0 means disabled.",
"fieldValue": null,
"fieldDefaultValue": 0,
"fieldFlag": "ruler.query-frontend.grpc-client-rate-limit",
"fieldType": "float",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "rate_limit_burst",
"required": false,
"desc": "Rate limit burst for gRPC client.",
"fieldValue": null,
"fieldDefaultValue": 0,
"fieldFlag": "ruler.query-frontend.grpc-client-rate-limit-burst",
"fieldType": "int",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "backoff_on_ratelimits",
"required": false,
"desc": "Enable backoff and retry when we hit ratelimits.",
"fieldValue": null,
"fieldDefaultValue": false,
"fieldFlag": "ruler.query-frontend.backoff-on-ratelimits",
"fieldType": "boolean",
"fieldCategory": "advanced"
},
{
"kind": "block",
"name": "backoff_config",
"required": false,
"desc": "",
"blockEntries": [
{
"kind": "field",
"name": "min_period",
"required": false,
"desc": "Minimum delay when backing off.",
"fieldValue": null,
"fieldDefaultValue": 100000000,
"fieldFlag": "ruler.query-frontend.backoff-min-period",
"fieldType": "duration",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "max_period",
"required": false,
"desc": "Maximum delay when backing off.",
"fieldValue": null,
"fieldDefaultValue": 10000000000,
"fieldFlag": "ruler.query-frontend.backoff-max-period",
"fieldType": "duration",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "max_retries",
"required": false,
"desc": "Number of times to backoff and retry before failing.",
"fieldValue": null,
"fieldDefaultValue": 10,
"fieldFlag": "ruler.query-frontend.backoff-retries",
"fieldType": "int",
"fieldCategory": "advanced"
}
],
"fieldValue": null,
"fieldDefaultValue": null
},
{
"kind": "field",
"name": "tls_enabled",
"required": false,
"desc": "Enable TLS in the GRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.",
"fieldValue": null,
"fieldDefaultValue": false,
"fieldFlag": "ruler.query-frontend.tls-enabled",
"fieldType": "boolean",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_cert_path",
"required": false,
"desc": "Path to the client certificate file, which will be used for authenticating with the server. Also requires the key path to be configured.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-cert-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_key_path",
"required": false,
"desc": "Path to the key file for the client certificate. Also requires the client certificate to be configured.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-key-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_ca_path",
"required": false,
"desc": "Path to the CA certificates file to validate server certificate against. If not set, the host's root CA certificates are used.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-ca-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_server_name",
"required": false,
"desc": "Override the expected name on the server certificate.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-server-name",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_insecure_skip_verify",
"required": false,
"desc": "Skip validating server certificate.",
"fieldValue": null,
"fieldDefaultValue": false,
"fieldFlag": "ruler.query-frontend.tls-insecure-skip-verify",
"fieldType": "boolean",
"fieldCategory": "advanced"
}
],
"fieldValue": null,
"fieldDefaultValue": false,
"fieldFlag": "ruler.query-frontend.tls-insecure-skip-verify",
"fieldType": "boolean",
"fieldCategory": "advanced"
"fieldDefaultValue": null
}
],
"fieldValue": null,
Expand Down
20 changes: 19 additions & 1 deletion cmd/mimir/help-all.txt.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -1406,12 +1406,30 @@ Usage of ./cmd/mimir/mimir:
How frequently to poll for rule changes (default 1m0s)
-ruler.query-frontend.address string
GRPC listen address of the query-frontend(s). Must be a DNS address (prefixed with dns:///) to enable client side load balancing.
-ruler.query-frontend.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-ruler.query-frontend.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-ruler.query-frontend.backoff-on-ratelimits
Enable backoff and retry when we hit ratelimits.
-ruler.query-frontend.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-ruler.query-frontend.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-ruler.query-frontend.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-ruler.query-frontend.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and '' (disable compression)
-ruler.query-frontend.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-ruler.query-frontend.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-ruler.query-frontend.tls-ca-path string
Path to the CA certificates file to validate server certificate against. If not set, the host's root CA certificates are used.
-ruler.query-frontend.tls-cert-path string
Path to the client certificate file, which will be used for authenticating with the server. Also requires the key path to be configured.
-ruler.query-frontend.tls-enabled
Set to true if query-frontend connection requires TLS.
Enable TLS in the GRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.
-ruler.query-frontend.tls-insecure-skip-verify
Skip validating server certificate.
-ruler.query-frontend.tls-key-path string
Expand Down
Loading