kube-proxy: metric to track entries deleted in conntrack reconciliation

kubeproxy_conntrack_reconciler_deleted_entries_total can be used
to track total entries deleted in conntrack reconciliation.

Signed-off-by: Daman Arora <aroradaman@gmail.com>

pkg/proxy/conntrack/cleanup.go

@@ -116,12 +116,14 @@ func CleanStaleEntries(ct Interface, ipFamily v1.IPFamily,
 		}
 	}
 
-	if n, err := ct.ClearEntries(ipFamilyMap[ipFamily], filters...); err != nil {
+	var n int
+	if n, err = ct.ClearEntries(ipFamilyMap[ipFamily], filters...); err != nil {
 		klog.ErrorS(err, "Failed to clear all conntrack entries", "ipFamily", ipFamily, "entriesDeleted", n, "took", time.Since(start))
 	} else {
 		klog.V(4).InfoS("Finished reconciling conntrack entries", "ipFamily", ipFamily, "entriesDeleted", n, "took", time.Since(start))
 	}
 	metrics.ReconcileConntrackFlowsLatency.WithLabelValues(string(ipFamily)).Observe(metrics.SinceInSeconds(start))
+	metrics.ReconcileConntrackFlowsDeletedEntriesTotal.WithLabelValues(string(ipFamily)).Add(float64(n))
 }
 
 // ipFamilyMap maps v1.IPFamily to the corresponding unix constant.

pkg/proxy/metrics/metrics.go

@@ -295,6 +295,17 @@ var (
 		},
 		[]string{"ip_family"},
 	)
+
+	// ReconcileConntrackFlowsDeletedEntriesTotal is the number of entries deleted by conntrack reconciler.
+	ReconcileConntrackFlowsDeletedEntriesTotal = metrics.NewCounterVec(
+		&metrics.CounterOpts{
+			Subsystem:      kubeProxySubsystem,
+			Name:           "conntrack_reconciler_deleted_entries_total",
+			Help:           "Cumulative conntrack flows deleted by conntrack reconciler",
+			StabilityLevel: metrics.ALPHA,
+		},
+		[]string{"ip_family"},
+	)
 )
 
 var registerMetricsOnce sync.Once
@@ -334,10 +345,12 @@ func RegisterMetrics(mode kubeproxyconfig.ProxyMode) {
 			legacyregistry.MustRegister(IPTablesRulesTotal)
 			legacyregistry.MustRegister(IPTablesRulesLastSync)
 			legacyregistry.MustRegister(ReconcileConntrackFlowsLatency)
+			legacyregistry.MustRegister(ReconcileConntrackFlowsDeletedEntriesTotal)
 
 		case kubeproxyconfig.ProxyModeIPVS:
 			legacyregistry.MustRegister(IPTablesRestoreFailuresTotal)
 			legacyregistry.MustRegister(ReconcileConntrackFlowsLatency)
+			legacyregistry.MustRegister(ReconcileConntrackFlowsDeletedEntriesTotal)
 
 		case kubeproxyconfig.ProxyModeNFTables:
 			legacyregistry.MustRegister(SyncFullProxyRulesLatency)
@@ -345,6 +358,7 @@ func RegisterMetrics(mode kubeproxyconfig.ProxyMode) {
 			legacyregistry.MustRegister(NFTablesSyncFailuresTotal)
 			legacyregistry.MustRegister(NFTablesCleanupFailuresTotal)
 			legacyregistry.MustRegister(ReconcileConntrackFlowsLatency)
+			legacyregistry.MustRegister(ReconcileConntrackFlowsDeletedEntriesTotal)
 
 		case kubeproxyconfig.ProxyModeKernelspace:
 			// currently no winkernel-specific metrics