github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-08 11:38:15 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #82409 from RainbowMango/pr_add_authentication_overall_latency_metrics

Browse Source 
Add authentication overall latency metrics
This commit is contained in:
Kubernetes Prow Robot 2019-09-25 11:05:32 -07:00 committed by GitHub
commit 07025a5d9e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
staging/src/k8s.io/apiserver/pkg/endpoints/filters/authentication.go
View File

@ -20,6 +20,7 @@ import (
"errors" "errors"
"net/http" "net/http"
"strings" "strings"
"time"
apierrors "k8s.io/apimachinery/pkg/api/errors" apierrors "k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime"
@ -60,6 +61,17 @@ var (
&metrics.CounterOpts{ &metrics.CounterOpts{
Name: "authentication_attempts", Name: "authentication_attempts",
Help: "Counter of authenticated attempts.", Help: "Counter of authenticated attempts.",
StabilityLevel: metrics.ALPHA,
},
[]string{"result"},
)
authenticationLatency = metrics.NewHistogramVec(
&metrics.HistogramOpts{
Name: "authentication_duration_seconds",
Help: "Authentication duration in seconds broken out by result.",
Buckets: metrics.ExponentialBuckets(0.001, 2, 15),
StabilityLevel: metrics.ALPHA,
}, },
[]string{"result"}, []string{"result"},
) )
@ -68,6 +80,7 @@ var (
func init() { func init() {
legacyregistry.MustRegister(authenticatedUserCounter) legacyregistry.MustRegister(authenticatedUserCounter)
legacyregistry.MustRegister(authenticatedAttemptsCounter) legacyregistry.MustRegister(authenticatedAttemptsCounter)
legacyregistry.MustRegister(authenticationLatency)
} }
// WithAuthentication creates an http handler that tries to authenticate the given request as a user, and then // WithAuthentication creates an http handler that tries to authenticate the given request as a user, and then
@ -80,6 +93,8 @@ func WithAuthentication(handler http.Handler, auth authenticator.Request, failed
return handler return handler
} }
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
authenticationStart := time.Now()
if len(apiAuds) > 0 { if len(apiAuds) > 0 {
req = req.WithContext(authenticator.WithAudiences(req.Context(), apiAuds)) req = req.WithContext(authenticator.WithAudiences(req.Context(), apiAuds))
} }
@ -88,8 +103,10 @@ func WithAuthentication(handler http.Handler, auth authenticator.Request, failed
if err != nil { if err != nil {
klog.Errorf("Unable to authenticate the request due to an error: %v", err) klog.Errorf("Unable to authenticate the request due to an error: %v", err)
authenticatedAttemptsCounter.WithLabelValues(errorLabel).Inc() authenticatedAttemptsCounter.WithLabelValues(errorLabel).Inc()
authenticationLatency.WithLabelValues(errorLabel).Observe(time.Since(authenticationStart).Seconds())
} else if !ok { } else if !ok {
authenticatedAttemptsCounter.WithLabelValues(failureLabel).Inc() authenticatedAttemptsCounter.WithLabelValues(failureLabel).Inc()
authenticationLatency.WithLabelValues(failureLabel).Observe(time.Since(authenticationStart).Seconds())
} }
failed.ServeHTTP(w, req) failed.ServeHTTP(w, req)
@ -109,6 +126,7 @@ func WithAuthentication(handler http.Handler, auth authenticator.Request, failed
authenticatedUserCounter.WithLabelValues(compressUsername(resp.User.GetName())).Inc() authenticatedUserCounter.WithLabelValues(compressUsername(resp.User.GetName())).Inc()
authenticatedAttemptsCounter.WithLabelValues(successLabel).Inc() authenticatedAttemptsCounter.WithLabelValues(successLabel).Inc()
authenticationLatency.WithLabelValues(successLabel).Observe(time.Since(authenticationStart).Seconds())
handler.ServeHTTP(w, req) handler.ServeHTTP(w, req)
}) })