mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-11-04 07:49:35 +00:00
pkg/registry: rename pod logs metrics
The pod_logs subsystem was inadvertently made redundant in the following kube-apiserver metrics: - kube_apiserver_pod_logs_pods_logs_backend_tls_failure_total - kube_apiserver_pod_logs_pods_logs_insecure_backend_total To safely rename them, it is required to deprecate them in 1.27 whilst introducing the new metrics replacing them. Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
This commit is contained in:
Damien Grisonnet
@@ -101,6 +101,7 @@ func (r *LogREST) Get(ctx context.Context, name string, opts runtime.Object) (ru
|
|||||||
ResponseChecker: genericrest.NewGenericHttpResponseChecker(api.Resource("pods/log"), name),
|
ResponseChecker: genericrest.NewGenericHttpResponseChecker(api.Resource("pods/log"), name),
|
||||||
RedirectChecker: genericrest.PreventRedirects,
|
RedirectChecker: genericrest.PreventRedirects,
|
||||||
TLSVerificationErrorCounter: podLogsTLSFailure,
|
TLSVerificationErrorCounter: podLogsTLSFailure,
|
||||||
|
DeprecatedTLSVerificationErrorCounter: deprecatedPodLogsTLSFailure,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -116,6 +117,13 @@ func countSkipTLSMetric(insecureSkipTLSVerifyBackend bool) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
counter.Inc()
|
counter.Inc()
|
||||||
|
|
||||||
|
deprecatedCounter, err := deprecatedPodLogsUsage.GetMetricWithLabelValues(usageType)
|
||||||
|
if err != nil {
|
||||||
|
utilruntime.HandleError(err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
deprecatedCounter.Inc()
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewGetOptions creates a new options object
|
// NewGetOptions creates a new options object
|
||||||
|
|||||||
@@ -34,24 +34,49 @@ const (
|
|||||||
var (
|
var (
|
||||||
// podLogsUsage counts and categorizes how the insecure backend skip TLS option is used and allowed.
|
// podLogsUsage counts and categorizes how the insecure backend skip TLS option is used and allowed.
|
||||||
podLogsUsage = metrics.NewCounterVec(
|
podLogsUsage = metrics.NewCounterVec(
|
||||||
|
&metrics.CounterOpts{
|
||||||
|
Namespace: namespace,
|
||||||
|
Subsystem: subsystem,
|
||||||
|
Name: "insecure_backend_total",
|
||||||
|
Help: "Total number of requests for pods/logs sliced by usage type: enforce_tls, skip_tls_allowed, skip_tls_denied",
|
||||||
|
StabilityLevel: metrics.ALPHA,
|
||||||
|
},
|
||||||
|
[]string{"usage"},
|
||||||
|
)
|
||||||
|
|
||||||
|
// deprecatedPodLogsUsage counts and categorizes how the insecure backend skip TLS option is used and allowed.
|
||||||
|
deprecatedPodLogsUsage = metrics.NewCounterVec(
|
||||||
&metrics.CounterOpts{
|
&metrics.CounterOpts{
|
||||||
Namespace: namespace,
|
Namespace: namespace,
|
||||||
Subsystem: subsystem,
|
Subsystem: subsystem,
|
||||||
Name: "pods_logs_insecure_backend_total",
|
Name: "pods_logs_insecure_backend_total",
|
||||||
Help: "Total number of requests for pods/logs sliced by usage type: enforce_tls, skip_tls_allowed, skip_tls_denied",
|
Help: "Total number of requests for pods/logs sliced by usage type: enforce_tls, skip_tls_allowed, skip_tls_denied",
|
||||||
StabilityLevel: metrics.ALPHA,
|
StabilityLevel: metrics.ALPHA,
|
||||||
|
DeprecatedVersion: "1.27.0",
|
||||||
},
|
},
|
||||||
[]string{"usage"},
|
[]string{"usage"},
|
||||||
)
|
)
|
||||||
|
|
||||||
// podLogsTLSFailure counts how many attempts to get pod logs fail on tls verification
|
// podLogsTLSFailure counts how many attempts to get pod logs fail on tls verification
|
||||||
podLogsTLSFailure = metrics.NewCounter(
|
podLogsTLSFailure = metrics.NewCounter(
|
||||||
|
&metrics.CounterOpts{
|
||||||
|
Namespace: namespace,
|
||||||
|
Subsystem: subsystem,
|
||||||
|
Name: "backend_tls_failure_total",
|
||||||
|
Help: "Total number of requests for pods/logs that failed due to kubelet server TLS verification",
|
||||||
|
StabilityLevel: metrics.ALPHA,
|
||||||
|
},
|
||||||
|
)
|
||||||
|
|
||||||
|
// deprecatedPodLogsTLSFailure counts how many attempts to get pod logs fail on tls verification
|
||||||
|
deprecatedPodLogsTLSFailure = metrics.NewCounter(
|
||||||
&metrics.CounterOpts{
|
&metrics.CounterOpts{
|
||||||
Namespace: namespace,
|
Namespace: namespace,
|
||||||
Subsystem: subsystem,
|
Subsystem: subsystem,
|
||||||
Name: "pods_logs_backend_tls_failure_total",
|
Name: "pods_logs_backend_tls_failure_total",
|
||||||
Help: "Total number of requests for pods/logs that failed due to kubelet server TLS verification",
|
Help: "Total number of requests for pods/logs that failed due to kubelet server TLS verification",
|
||||||
StabilityLevel: metrics.ALPHA,
|
StabilityLevel: metrics.ALPHA,
|
||||||
|
DeprecatedVersion: "1.27.0",
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
@@ -62,5 +87,7 @@ func registerMetrics() {
|
|||||||
registerMetricsOnce.Do(func() {
|
registerMetricsOnce.Do(func() {
|
||||||
legacyregistry.MustRegister(podLogsUsage)
|
legacyregistry.MustRegister(podLogsUsage)
|
||||||
legacyregistry.MustRegister(podLogsTLSFailure)
|
legacyregistry.MustRegister(podLogsTLSFailure)
|
||||||
|
legacyregistry.MustRegister(deprecatedPodLogsUsage)
|
||||||
|
legacyregistry.MustRegister(deprecatedPodLogsTLSFailure)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -46,6 +46,10 @@ type LocationStreamer struct {
|
|||||||
// TLSVerificationErrorCounter is an optional value that will Inc every time a TLS error is encountered. This can
|
// TLSVerificationErrorCounter is an optional value that will Inc every time a TLS error is encountered. This can
|
||||||
// be wired a single prometheus counter instance to get counts overall.
|
// be wired a single prometheus counter instance to get counts overall.
|
||||||
TLSVerificationErrorCounter CounterMetric
|
TLSVerificationErrorCounter CounterMetric
|
||||||
|
// DeprecatedTLSVerificationErrorCounter is a temporary field used to rename
|
||||||
|
// the kube_apiserver_pod_logs_pods_logs_backend_tls_failure_total metric
|
||||||
|
// with a one release deprecation period in 1.27.0.
|
||||||
|
DeprecatedTLSVerificationErrorCounter CounterMetric
|
||||||
}
|
}
|
||||||
|
|
||||||
// a LocationStreamer must implement a rest.ResourceStreamer
|
// a LocationStreamer must implement a rest.ResourceStreamer
|
||||||
@@ -87,6 +91,9 @@ func (s *LocationStreamer) InputStream(ctx context.Context, apiVersion, acceptHe
|
|||||||
// TODO prefer segregate TLS errors more reliably, but we do want to increment a count
|
// TODO prefer segregate TLS errors more reliably, but we do want to increment a count
|
||||||
if strings.Contains(err.Error(), "x509:") && s.TLSVerificationErrorCounter != nil {
|
if strings.Contains(err.Error(), "x509:") && s.TLSVerificationErrorCounter != nil {
|
||||||
s.TLSVerificationErrorCounter.Inc()
|
s.TLSVerificationErrorCounter.Inc()
|
||||||
|
if s.DeprecatedTLSVerificationErrorCounter != nil {
|
||||||
|
s.DeprecatedTLSVerificationErrorCounter.Inc()
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return nil, false, "", err
|
return nil, false, "", err
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user