Add ipsec state to telemetry

This commit adds a telemetry for the ipsec mode. The telemetry created is a Gauge named "cluster_network_ipsec_state" with a constant value of 1 and 2 labels: 1. "mode" which lists the ipsec mode, one of "Disabled" "External" or "Full" 2. "apiFlavor" which states the flavor of the API used - either "4.14" or "4.15" Signed-off-by: Josh Salomon <41079547+JoshSalomon@users.noreply.github.com>
openshift · Mar 12, 2024 · 11ef6ae · 11ef6ae
1 parent 7f981bf
commit 11ef6ae
Show file tree

Hide file tree

Showing 2 changed files with 147 additions and 0 deletions.
diff --git a/pkg/controller/operconfig/operconfig_controller.go b/pkg/controller/operconfig/operconfig_controller.go
@@ -24,6 +24,7 @@ import (
 	"github.com/openshift/cluster-network-operator/pkg/platform"
 	"github.com/openshift/library-go/pkg/operator/configobserver/featuregates"
 	"github.com/openshift/library-go/pkg/operator/events"
+	ipsecTelemetry "github.com/openshift/cluster-network-operator/pkg/util/ipsec"
 
 	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -348,6 +349,7 @@ func (r *ReconcileOperConfig) Reconcile(ctx context.Context, request reconcile.R
 		}
 	}
 
+	UpdateIpsecTelemetry(prev, &newOperConfig.Spec)
 	// once updated, use the new config
 	operConfig = newOperConfig
 
@@ -550,6 +552,40 @@ func (r *ReconcileOperConfig) Reconcile(ctx context.Context, request reconcile.R
 	return reconcile.Result{RequeueAfter: ResyncPeriod}, nil
 }
 
+func UpdateIpsecTelemetry(prev, newOperConfigSpec *operv1.NetworkSpec) {
+	klog.Infof("IPsec: >> UpdateIpsecTelemetry prev: %v, new: %v", prev, newOperConfigSpec)
+
+	if prev == nil && newOperConfigSpec == nil {
+		klog.Infof("IPsec: << UpdateIpsecTelemetry, both prev and new are nil")
+		return
+	}
+	var prevIPsecConfig, newIPsecConfig *operv1.IPsecConfig
+
+	prevIPsecConfig = nil
+	newIPsecConfig = nil
+	if prev != nil {
+		prevIPsecConfig = prev.DefaultNetwork.OVNKubernetesConfig.IPsecConfig
+	}
+	if newOperConfigSpec != nil {
+		newIPsecConfig = newOperConfigSpec.DefaultNetwork.OVNKubernetesConfig.IPsecConfig
+	}
+
+	klog.Infof("IPsec: == UpdateIpsecTelemetry prev: %v, new: %v", prevIPsecConfig, newIPsecConfig)
+
+	//TODO: need further checks here that prevIpsecConfig and newIPsecConfig are not nil
+	// == the idea is that if prev == nil, this is the first run and therefore I want to 
+	// == document the state in telemetry, else I want to access telemetry only if state changed. 
+	// == I had some issues and chaged the code so not prevIpsecConfig and newIPsecConfig can be nil
+	// == so this should be checked before deciding on the call. 
+	// == ipsecTelemetry.UpdateIpsecTelemetry handles nil input correctly.
+	if prev == nil || (prevIPsecConfig == nil && newIPsecConfig != nil) || prevIPsecConfig.Mode != newIPsecConfig.Mode {
+		klog.Infof("IPsec: calling UpdateIpsecTelemetry, %v", newIPsecConfig)
+		ipsecTelemetry.UpdateIpsecTelemetry(newIPsecConfig)
+	}
+	klog.Infof("IPsec: << UpdateIpsecTelemetry ", prev, newOperConfigSpec)
+	// Don't record telemetry when the IPsecConfig hasn't changed
+}
+
 func reconcileOperConfig(ctx context.Context, obj crclient.Object) []reconcile.Request {
 	log.Printf("%s %s/%s changed, triggering operconf reconciliation", obj.GetObjectKind().GroupVersionKind().Kind, obj.GetNamespace(), obj.GetName())
 	// Update reconcile.Request object to align with unnamespaced default network,

diff --git a/pkg/util/ipsec/ipsec_telemetry.go b/pkg/util/ipsec/ipsec_telemetry.go
@@ -0,0 +1,111 @@
+package ipsec
+
+import (
+	"sync"
+
+//	"github.com/openshift/cluster-network-operator/pkg/cmd/checkendpoints/trace"
+	"k8s.io/component-base/metrics"
+	"k8s.io/component-base/metrics/legacyregistry"
+//	"github.com/prometheus/client_golang/prometheus"
+	operv1 "github.com/openshift/api/operator/v1"
+	"k8s.io/klog/v2"
+
+)
+
+var (
+	registerMetrics sync.Once
+
+//	endpointCheckCounter   *metrics.CounterVec
+	ipsecStateGauge *metrics.GaugeVec
+)
+
+// RegisterIpsecMetrics in the global registry
+func RegisterIpsecMetrics() {
+	registerMetrics.Do(func() {
+		ipsecStateGauge = metrics.NewGaugeVec(&metrics.GaugeOpts{
+			Name: "cluster_network_ipsec_state",
+			Help: "A metric with a constant '1' value labeled by the latest ipsecMode of the cluster",
+		}, []string{"mode", "apiFlavor"})
+		legacyregistry.MustRegister(ipsecStateGauge)
+	})
+}
+
+// type IpsecTelemetryCContext interface {
+// 	Update(ipsecConfig *operv1.IPsecConfig)
+// }
+
+// type ipsecTelemetryContext struct {
+
+// }
+
+func UpdateIpsecTelemetry(ipsecConfig *operv1.IPsecConfig) {
+	var flavor, mode string
+	klog.Infof("IPsec Telemetry: %v", ipsecConfig)
+	RegisterIpsecMetrics()
+	if ipsecConfig == nil {
+		mode = "Disabled"
+		flavor = "4.14"
+	} else if ipsecConfig.Mode == "" {
+		mode = "Full"
+		flavor = "4.14"
+	} else {
+		mode = string(ipsecConfig.Mode)
+		flavor = "4.15"
+	}
+	klog.Infof("IPsec Telemetry: (%s, %s), writing to %v", mode, flavor, ipsecStateGauge)
+	ipsecStateGauge.WithLabelValues(mode, flavor).Set(1)
+}
+// func SetIPsecMode(newMode operv1.IPsecMode) {
+// 	buildInfo := prometheus.NewGaugeVec(
+// 		prometheus.GaugeOpts{
+// 			Name: "cluster_network_ipsec_mode",
+// 			Help: "A metric with a constant '1' value labeled by the latest ipsecMode of the cluster",
+// 		},
+// 		[]string{"ipsecMode"},
+// 	)
+// 	buildInfo.WithLabelValues(string(newMode)).Set(1)
+
+// 	prometheus.MustRegister(buildInfo)
+// }
+/*****
+package network
+
+import (
+	"github.com/prometheus/client_golang/prometheus"
+	operv1 "github.com/openshift/api/operator/v1"
+)
+
+func SetIPsecMode(newMode operv1.IPsecMode) {
+	buildInfo := prometheus.NewGaugeVec(
+		prometheus.GaugeOpts{
+			Name: "cluster_network_ipsec_mode",
+			Help: "A metric with a constant '1' value labeled by the latest ipsecMode of the cluster",
+		},
+		[]string{"ipsecMode"},
+	)
+	buildInfo.WithLabelValues(string(newMode)).Set(1)
+
+	prometheus.MustRegister(buildInfo)
+}
+
+{__name__="up"} or 
+{__name__="cluster_version"} or 
+{__name__="cluster_version_available_updates"} or 
+{__name__="cluster_operator_up"} or 
+{__name__="cluster_operator_conditions"} or 
+{__name__="cluster_version_payload"} or 
+{__name__="cluster_version_payload_errors"} or 
+{__name__="instance:etcd_object_counts:sum"} or 
+{__name__="ALERTS",alertstate="firing"} or 
+{__name__="code:apiserver_request_count:rate:sum"} or 
+{__name__="kube_pod_status_ready:etcd:sum"} or 
+{__name__="kube_pod_status_ready:image_registry:sum"} or 
+{__name__="cluster:capacity_cpu_cores:sum"} or 
+{__name__="cluster:capacity_memory_bytes:sum"} or 
+{__name__="cluster:cpu_usage_cores:sum"} or 
+{__name__="cluster:memory_usage_bytes:sum"} or 
+{__name__="openshift:cpu_usage_cores:sum"} or 
+{__name__="openshift:memory_usage_bytes:sum"} or 
+{__name__="cluster:node_instance_type_count:sum"}
+
+*****/