From bdd83038e83c33e86013450146660228ff529855 Mon Sep 17 00:00:00 2001
From: Daman Arora <aroradaman@gmail.com>
Date: Sun, 16 Feb 2025 13:44:18 +0530
Subject: [PATCH] kube-proxy: metric to track conntrack reconciliation latency

kube_proxy_conntrack_reconciler_sync_duration_seconds can be used
to track the latency of conntrack flow reconciliation.

Signed-off-by: Daman Arora <aroradaman@gmail.com>
---
 pkg/proxy/conntrack/cleanup.go |  2 ++
 pkg/proxy/metrics/metrics.go   | 15 +++++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/pkg/proxy/conntrack/cleanup.go b/pkg/proxy/conntrack/cleanup.go
index ecbac7990e9..705018bf035 100644
--- a/pkg/proxy/conntrack/cleanup.go
+++ b/pkg/proxy/conntrack/cleanup.go
@@ -29,6 +29,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/klog/v2"
 	"k8s.io/kubernetes/pkg/proxy"
+	"k8s.io/kubernetes/pkg/proxy/metrics"
 	netutils "k8s.io/utils/net"
 )
 
@@ -120,6 +121,7 @@ func CleanStaleEntries(ct Interface, ipFamily v1.IPFamily,
 	} else {
 		klog.V(4).InfoS("Finished reconciling conntrack entries", "ipFamily", ipFamily, "entriesDeleted", n, "took", time.Since(start))
 	}
+	metrics.ReconcileConntrackFlowsLatency.WithLabelValues(string(ipFamily)).Observe(metrics.SinceInSeconds(start))
 }
 
 // ipFamilyMap maps v1.IPFamily to the corresponding unix constant.
diff --git a/pkg/proxy/metrics/metrics.go b/pkg/proxy/metrics/metrics.go
index 8b3136ff057..0323a0c83ef 100644
--- a/pkg/proxy/metrics/metrics.go
+++ b/pkg/proxy/metrics/metrics.go
@@ -283,6 +283,18 @@ var (
 		"Number of packets accepted on nodeports of loopback interface",
 		nil, nil, metrics.ALPHA, "")
 	LocalhostNodePortAcceptedNFAcctCounter = "localhost_nps_accepted_pkts"
+
+	// ReconcileConntrackFlowsLatency is the latency of one round of kube-proxy conntrack flows reconciliation.
+	ReconcileConntrackFlowsLatency = metrics.NewHistogramVec(
+		&metrics.HistogramOpts{
+			Subsystem:      kubeProxySubsystem,
+			Name:           "conntrack_reconciler_sync_duration_seconds",
+			Help:           "ReconcileConntrackFlowsLatency latency in seconds",
+			Buckets:        metrics.ExponentialBuckets(0.001, 2, 15),
+			StabilityLevel: metrics.ALPHA,
+		},
+		[]string{"ip_family"},
+	)
 )
 
 var registerMetricsOnce sync.Once
@@ -321,15 +333,18 @@ func RegisterMetrics(mode kubeproxyconfig.ProxyMode) {
 			legacyregistry.MustRegister(IPTablesPartialRestoreFailuresTotal)
 			legacyregistry.MustRegister(IPTablesRulesTotal)
 			legacyregistry.MustRegister(IPTablesRulesLastSync)
+			legacyregistry.MustRegister(ReconcileConntrackFlowsLatency)
 
 		case kubeproxyconfig.ProxyModeIPVS:
 			legacyregistry.MustRegister(IPTablesRestoreFailuresTotal)
+			legacyregistry.MustRegister(ReconcileConntrackFlowsLatency)
 
 		case kubeproxyconfig.ProxyModeNFTables:
 			legacyregistry.MustRegister(SyncFullProxyRulesLatency)
 			legacyregistry.MustRegister(SyncPartialProxyRulesLatency)
 			legacyregistry.MustRegister(NFTablesSyncFailuresTotal)
 			legacyregistry.MustRegister(NFTablesCleanupFailuresTotal)
+			legacyregistry.MustRegister(ReconcileConntrackFlowsLatency)
 
 		case kubeproxyconfig.ProxyModeKernelspace:
 			// currently no winkernel-specific metrics