Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ruler: make use of dskit grpcclient.Config on remote evaluation client #1818

Merged
merged 2 commits into from
May 6, 2022
Merged

ruler: make use of dskit grpcclient.Config on remote evaluation client #1818

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
227b099
ruler: use dskit grpc client for remote evaluation
ortuman May 4, 2022
e4f0a3c
addressed PR feedback
ortuman May 5, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
23 changes: 16 additions & 7 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,15 +32,24 @@
* `cortex_distributor_ingester_append_failures_total`
* [FEATURE] Querier: Added support for [streaming remote read](https://prometheus.io/blog/2019/10/10/remote-read-meets-streaming/). Should be noted that benefits of chunking the response are partial here, since in a typical `query-frontend` setup responses will be buffered until they've been completed. #1735
* [FEATURE] Ruler: Allow setting `evaluation_delay` for each rule group via rules group configuration file. #1474
* [FEATURE] Ruler: Added support for expression remote evaluation. #1536
* [FEATURE] Ruler: Added support for expression remote evaluation. #1536 #1818
* The following CLI flags (and their respective YAML config options) have been added:
* `-ruler.query-frontend.address`
* `-ruler.query-frontend.tls-enabled`
* `-ruler.query-frontend.tls-ca-path`
* `-ruler.query-frontend.tls-cert-path`
* `-ruler.query-frontend.tls-key-path`
* `-ruler.query-frontend.tls-server-name`
* `-ruler.query-frontend.tls-insecure-skip-verify`
* `-ruler.query-frontend.grpc-client-config.grpc-max-recv-msg-size`
* `-ruler.query-frontend.grpc-client-config.grpc-max-send-msg-size`
* `-ruler.query-frontend.grpc-client-config.grpc-compression`
* `-ruler.query-frontend.grpc-client-config.grpc-client-rate-limit`
* `-ruler.query-frontend.grpc-client-config.grpc-client-rate-limit-burst`
* `-ruler.query-frontend.grpc-client-config.backoff-on-ratelimits`
* `-ruler.query-frontend.grpc-client-config.backoff-min-period`
* `-ruler.query-frontend.grpc-client-config.backoff-max-period`
* `-ruler.query-frontend.grpc-client-config.backoff-retries`
* `-ruler.query-frontend.grpc-client-config.tls-enabled`
* `-ruler.query-frontend.grpc-client-config.tls-ca-path`
* `-ruler.query-frontend.grpc-client-config.tls-cert-path`
* `-ruler.query-frontend.grpc-client-config.tls-key-path`
* `-ruler.query-frontend.grpc-client-config.tls-server-name`
* `-ruler.query-frontend.grpc-client-config.tls-insecure-skip-verify`
* [FEATURE] Distributor: Added the ability to forward specifics metrics to alternative remote_write API endpoints. #1052
* [FEATURE] Ingester: Active series custom trackers now supports runtime tenant-specific overrides. The configuration has been moved to limit config, the ingester config has been deprecated. #1188
* [ENHANCEMENT] Alertmanager API: Concurrency limit for GET requests is now configurable using `-alertmanager.max-concurrent-get-requests-per-tenant`. #1547
Expand Down
243 changes: 181 additions & 62 deletions cmd/mimir/config-descriptor.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7327,70 +7327,189 @@
"fieldType": "string"
},
{
"kind": "field",
"name": "tls_enabled",
"required": false,
"desc": "Set to true if query-frontend connection requires TLS.",
"fieldValue": null,
"fieldDefaultValue": false,
"fieldFlag": "ruler.query-frontend.tls-enabled",
"fieldType": "boolean",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_cert_path",
"required": false,
"desc": "Path to the client certificate file, which will be used for authenticating with the server. Also requires the key path to be configured.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-cert-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_key_path",
"required": false,
"desc": "Path to the key file for the client certificate. Also requires the client certificate to be configured.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-key-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_ca_path",
"required": false,
"desc": "Path to the CA certificates file to validate server certificate against. If not set, the host's root CA certificates are used.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-ca-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_server_name",
"required": false,
"desc": "Override the expected name on the server certificate.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.tls-server-name",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_insecure_skip_verify",
"kind": "block",
"name": "grpc_client_config",
"required": false,
"desc": "Skip validating server certificate.",
"desc": "",
"blockEntries": [
{
"kind": "field",
"name": "max_recv_msg_size",
"required": false,
"desc": "gRPC client max receive message size (bytes).",
"fieldValue": null,
"fieldDefaultValue": 104857600,
"fieldFlag": "ruler.query-frontend.grpc-client-config.grpc-max-recv-msg-size",
"fieldType": "int",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "max_send_msg_size",
"required": false,
"desc": "gRPC client max send message size (bytes).",
"fieldValue": null,
"fieldDefaultValue": 104857600,
"fieldFlag": "ruler.query-frontend.grpc-client-config.grpc-max-send-msg-size",
"fieldType": "int",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "grpc_compression",
"required": false,
"desc": "Use compression when sending messages. Supported values are: 'gzip', 'snappy' and '' (disable compression)",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.grpc-client-config.grpc-compression",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "rate_limit",
"required": false,
"desc": "Rate limit for gRPC client; 0 means disabled.",
"fieldValue": null,
"fieldDefaultValue": 0,
"fieldFlag": "ruler.query-frontend.grpc-client-config.grpc-client-rate-limit",
"fieldType": "float",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "rate_limit_burst",
"required": false,
"desc": "Rate limit burst for gRPC client.",
"fieldValue": null,
"fieldDefaultValue": 0,
"fieldFlag": "ruler.query-frontend.grpc-client-config.grpc-client-rate-limit-burst",
"fieldType": "int",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "backoff_on_ratelimits",
"required": false,
"desc": "Enable backoff and retry when we hit ratelimits.",
"fieldValue": null,
"fieldDefaultValue": false,
"fieldFlag": "ruler.query-frontend.grpc-client-config.backoff-on-ratelimits",
"fieldType": "boolean",
"fieldCategory": "advanced"
},
{
"kind": "block",
"name": "backoff_config",
"required": false,
"desc": "",
"blockEntries": [
{
"kind": "field",
"name": "min_period",
"required": false,
"desc": "Minimum delay when backing off.",
"fieldValue": null,
"fieldDefaultValue": 100000000,
"fieldFlag": "ruler.query-frontend.grpc-client-config.backoff-min-period",
"fieldType": "duration",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "max_period",
"required": false,
"desc": "Maximum delay when backing off.",
"fieldValue": null,
"fieldDefaultValue": 10000000000,
"fieldFlag": "ruler.query-frontend.grpc-client-config.backoff-max-period",
"fieldType": "duration",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "max_retries",
"required": false,
"desc": "Number of times to backoff and retry before failing.",
"fieldValue": null,
"fieldDefaultValue": 10,
"fieldFlag": "ruler.query-frontend.grpc-client-config.backoff-retries",
"fieldType": "int",
"fieldCategory": "advanced"
}
],
"fieldValue": null,
"fieldDefaultValue": null
},
{
"kind": "field",
"name": "tls_enabled",
"required": false,
"desc": "Enable TLS in the GRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.",
"fieldValue": null,
"fieldDefaultValue": false,
"fieldFlag": "ruler.query-frontend.grpc-client-config.tls-enabled",
"fieldType": "boolean",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_cert_path",
"required": false,
"desc": "Path to the client certificate file, which will be used for authenticating with the server. Also requires the key path to be configured.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.grpc-client-config.tls-cert-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_key_path",
"required": false,
"desc": "Path to the key file for the client certificate. Also requires the client certificate to be configured.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.grpc-client-config.tls-key-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_ca_path",
"required": false,
"desc": "Path to the CA certificates file to validate server certificate against. If not set, the host's root CA certificates are used.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.grpc-client-config.tls-ca-path",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_server_name",
"required": false,
"desc": "Override the expected name on the server certificate.",
"fieldValue": null,
"fieldDefaultValue": "",
"fieldFlag": "ruler.query-frontend.grpc-client-config.tls-server-name",
"fieldType": "string",
"fieldCategory": "advanced"
},
{
"kind": "field",
"name": "tls_insecure_skip_verify",
"required": false,
"desc": "Skip validating server certificate.",
"fieldValue": null,
"fieldDefaultValue": false,
"fieldFlag": "ruler.query-frontend.grpc-client-config.tls-insecure-skip-verify",
"fieldType": "boolean",
"fieldCategory": "advanced"
}
],
"fieldValue": null,
"fieldDefaultValue": false,
"fieldFlag": "ruler.query-frontend.tls-insecure-skip-verify",
"fieldType": "boolean",
"fieldCategory": "advanced"
"fieldDefaultValue": null
}
],
"fieldValue": null,
Expand Down
32 changes: 25 additions & 7 deletions cmd/mimir/help-all.txt.tmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1406,17 +1406,35 @@ Usage of ./cmd/mimir/mimir:
How frequently to poll for rule changes (default 1m0s)
-ruler.query-frontend.address string
GRPC listen address of the query-frontend(s). Must be a DNS address (prefixed with dns:///) to enable client side load balancing.
-ruler.query-frontend.tls-ca-path string
-ruler.query-frontend.grpc-client-config.backoff-max-period duration
Maximum delay when backing off. (default 10s)
-ruler.query-frontend.grpc-client-config.backoff-min-period duration
Minimum delay when backing off. (default 100ms)
-ruler.query-frontend.grpc-client-config.backoff-on-ratelimits
Enable backoff and retry when we hit ratelimits.
-ruler.query-frontend.grpc-client-config.backoff-retries int
Number of times to backoff and retry before failing. (default 10)
-ruler.query-frontend.grpc-client-config.grpc-client-rate-limit float
Rate limit for gRPC client; 0 means disabled.
-ruler.query-frontend.grpc-client-config.grpc-client-rate-limit-burst int
Rate limit burst for gRPC client.
-ruler.query-frontend.grpc-client-config.grpc-compression string
Use compression when sending messages. Supported values are: 'gzip', 'snappy' and '' (disable compression)
-ruler.query-frontend.grpc-client-config.grpc-max-recv-msg-size int
gRPC client max receive message size (bytes). (default 104857600)
-ruler.query-frontend.grpc-client-config.grpc-max-send-msg-size int
gRPC client max send message size (bytes). (default 104857600)
-ruler.query-frontend.grpc-client-config.tls-ca-path string
Path to the CA certificates file to validate server certificate against. If not set, the host's root CA certificates are used.
-ruler.query-frontend.tls-cert-path string
-ruler.query-frontend.grpc-client-config.tls-cert-path string
Path to the client certificate file, which will be used for authenticating with the server. Also requires the key path to be configured.
-ruler.query-frontend.tls-enabled
Set to true if query-frontend connection requires TLS.
-ruler.query-frontend.tls-insecure-skip-verify
-ruler.query-frontend.grpc-client-config.tls-enabled
Enable TLS in the GRPC client. This flag needs to be enabled when any other TLS flag is set. If set to false, insecure connection to gRPC server will be used.
-ruler.query-frontend.grpc-client-config.tls-insecure-skip-verify
Skip validating server certificate.
-ruler.query-frontend.tls-key-path string
-ruler.query-frontend.grpc-client-config.tls-key-path string
Path to the key file for the client certificate. Also requires the client certificate to be configured.
-ruler.query-frontend.tls-server-name string
-ruler.query-frontend.grpc-client-config.tls-server-name string
Override the expected name on the server certificate.
-ruler.query-stats-enabled
Report the wall time for ruler queries to complete as a per-tenant metric and as an info level log message.
Expand Down