From 438df173e32a4c2f6f11073d7484e682611ffa54 Mon Sep 17 00:00:00 2001 From: Daman Arora Date: Sun, 16 Feb 2025 21:37:23 +0530 Subject: [PATCH] kube-proxy: metric to track entries deleted in conntrack reconciliation kubeproxy_conntrack_reconciler_deleted_entries_total can be used to track total entries deleted in conntrack reconciliation. Signed-off-by: Daman Arora --- pkg/proxy/conntrack/cleanup.go | 4 +++- pkg/proxy/metrics/metrics.go | 14 ++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/pkg/proxy/conntrack/cleanup.go b/pkg/proxy/conntrack/cleanup.go index 705018bf035..a6105411a77 100644 --- a/pkg/proxy/conntrack/cleanup.go +++ b/pkg/proxy/conntrack/cleanup.go @@ -116,12 +116,14 @@ func CleanStaleEntries(ct Interface, ipFamily v1.IPFamily, } } - if n, err := ct.ClearEntries(ipFamilyMap[ipFamily], filters...); err != nil { + var n int + if n, err = ct.ClearEntries(ipFamilyMap[ipFamily], filters...); err != nil { klog.ErrorS(err, "Failed to clear all conntrack entries", "ipFamily", ipFamily, "entriesDeleted", n, "took", time.Since(start)) } else { klog.V(4).InfoS("Finished reconciling conntrack entries", "ipFamily", ipFamily, "entriesDeleted", n, "took", time.Since(start)) } metrics.ReconcileConntrackFlowsLatency.WithLabelValues(string(ipFamily)).Observe(metrics.SinceInSeconds(start)) + metrics.ReconcileConntrackFlowsDeletedEntriesTotal.WithLabelValues(string(ipFamily)).Add(float64(n)) } // ipFamilyMap maps v1.IPFamily to the corresponding unix constant. diff --git a/pkg/proxy/metrics/metrics.go b/pkg/proxy/metrics/metrics.go index 0323a0c83ef..aaf526a1271 100644 --- a/pkg/proxy/metrics/metrics.go +++ b/pkg/proxy/metrics/metrics.go @@ -295,6 +295,17 @@ var ( }, []string{"ip_family"}, ) + + // ReconcileConntrackFlowsDeletedEntriesTotal is the number of entries deleted by conntrack reconciler. + ReconcileConntrackFlowsDeletedEntriesTotal = metrics.NewCounterVec( + &metrics.CounterOpts{ + Subsystem: kubeProxySubsystem, + Name: "conntrack_reconciler_deleted_entries_total", + Help: "Cumulative conntrack flows deleted by conntrack reconciler", + StabilityLevel: metrics.ALPHA, + }, + []string{"ip_family"}, + ) ) var registerMetricsOnce sync.Once @@ -334,10 +345,12 @@ func RegisterMetrics(mode kubeproxyconfig.ProxyMode) { legacyregistry.MustRegister(IPTablesRulesTotal) legacyregistry.MustRegister(IPTablesRulesLastSync) legacyregistry.MustRegister(ReconcileConntrackFlowsLatency) + legacyregistry.MustRegister(ReconcileConntrackFlowsDeletedEntriesTotal) case kubeproxyconfig.ProxyModeIPVS: legacyregistry.MustRegister(IPTablesRestoreFailuresTotal) legacyregistry.MustRegister(ReconcileConntrackFlowsLatency) + legacyregistry.MustRegister(ReconcileConntrackFlowsDeletedEntriesTotal) case kubeproxyconfig.ProxyModeNFTables: legacyregistry.MustRegister(SyncFullProxyRulesLatency) @@ -345,6 +358,7 @@ func RegisterMetrics(mode kubeproxyconfig.ProxyMode) { legacyregistry.MustRegister(NFTablesSyncFailuresTotal) legacyregistry.MustRegister(NFTablesCleanupFailuresTotal) legacyregistry.MustRegister(ReconcileConntrackFlowsLatency) + legacyregistry.MustRegister(ReconcileConntrackFlowsDeletedEntriesTotal) case kubeproxyconfig.ProxyModeKernelspace: // currently no winkernel-specific metrics