Added athenz-tenant-cert.expiry metric

author: Valerij Fredriksen <valerijf@oath.com> 2018-02-07 11:06:14 +0100
committer: Valerij Fredriksen <valerijf@oath.com> 2018-02-07 12:45:29 +0100
commit: 762994725622f2bf0e5dfa0b42a1b700e047e5b3 (patch)
tree: 4281038ed7219a07db0669055afa3feb9d9a24f7 /container-disc/src/main/java/com/yahoo/container/jdisc/athenz
parent: 5b3314729fe3abe2f704c4c3062750364262677a (diff)
1 files changed, 33 insertions, 1 deletions
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java
index 8828a345b53..c32d08c97ff 100644
--- a/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java
+++ b/container-disc/src/main/java/com/yahoo/container/jdisc/athenz/impl/AthenzIdentityProviderImpl.java
@@ -6,6 +6,7 @@ import com.yahoo.component.AbstractComponent;
 import com.yahoo.container.core.identity.IdentityConfig;
 import com.yahoo.container.jdisc.athenz.AthenzIdentityProvider;
 import com.yahoo.container.jdisc.athenz.AthenzIdentityProviderException;
+import com.yahoo.jdisc.Metric;
 import com.yahoo.log.LogLevel;
 
 import javax.net.ssl.KeyManager;
@@ -52,10 +53,13 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen
     static final int BACKOFF_DELAY_MULTIPLIER = 2;
     static final Duration AWAIT_TERMINTATION_TIMEOUT = Duration.ofSeconds(90);
 
+    private static final Duration CERTIFICATE_EXPIRY_METRIC_UPDATE_PERIOD = Duration.ofMinutes(5);
+    private static final String CERTIFICATE_EXPIRY_METRIC_NAME = "athenz-tenant-cert.expiry.seconds";
 
     static final String REGISTER_INSTANCE_TAG = "register-instance";
     static final String UPDATE_CREDENTIALS_TAG = "update-credentials";
     static final String TIMEOUT_INITIAL_WAIT_TAG = "timeout-initial-wait";
+    static final String METRICS_UPDATER_TAG = "metrics-updater";
 
 
     private final AtomicReference<AthenzCredentials> credentials = new AtomicReference<>();
@@ -67,9 +71,12 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen
     private final String domain;
     private final String service;
 
+    private final CertificateExpiryMetricUpdater metricUpdater;
+
     @Inject
-    public AthenzIdentityProviderImpl(IdentityConfig config) {
+    public AthenzIdentityProviderImpl(IdentityConfig config, Metric metric) {
         this(config,
+             metric,
              new AthenzCredentialsService(config,
                                           new IdentityDocumentService(config.loadBalancerAddress()),
                                           new AthenzService(),
@@ -80,6 +87,7 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen
 
     // Test only
     AthenzIdentityProviderImpl(IdentityConfig config,
+                               Metric metric,
                                AthenzCredentialsService athenzCredentialsService,
                                Scheduler scheduler,
                                Clock clock) {
@@ -90,6 +98,8 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen
         this.service = config.service();
         scheduler.submit(new RegisterInstanceTask());
         scheduler.schedule(new TimeoutInitialWaitTask(), INITIAL_WAIT_NTOKEN);
+
+        metricUpdater = new CertificateExpiryMetricUpdater(metric);
     }
 
     @Override
@@ -196,6 +206,7 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen
                 credentials.set(athenzCredentialsService.registerInstance());
                 credentialsRetrievedSignal.countDown();
                 scheduler.schedule(new UpdateCredentialsTask(), UPDATE_PERIOD);
+                scheduler.submit(metricUpdater);
             } catch (Throwable t) {
                 log.log(LogLevel.ERROR, "Failed to register instance: " + t.getMessage(), t);
                 lastThrowable.set(t);
@@ -240,6 +251,27 @@ public final class AthenzIdentityProviderImpl extends AbstractComponent implemen
         }
     }
 
+    private class CertificateExpiryMetricUpdater implements RunnableWithTag {
+        private final Metric metric;
+
+        private CertificateExpiryMetricUpdater(Metric metric) {
+            this.metric = metric;
+        }
+
+        @Override
+        public void run() {
+            Instant expirationTime = getExpirationTime(credentials.get());
+            Duration remainingLifetime = Duration.between(clock.instant(), expirationTime);
+            metric.set(CERTIFICATE_EXPIRY_METRIC_NAME, remainingLifetime.getSeconds(), null);
+            scheduler.schedule(this, CERTIFICATE_EXPIRY_METRIC_UPDATE_PERIOD);
+        }
+
+        @Override
+        public String tag() {
+            return METRICS_UPDATER_TAG;
+        }
+    }
+
     private class TimeoutInitialWaitTask implements RunnableWithTag {
         @Override
         public void run() {
author	Valerij Fredriksen <valerijf@oath.com>	2018-02-07 11:06:14 +0100
committer	Valerij Fredriksen <valerijf@oath.com>	2018-02-07 12:45:29 +0100
commit	762994725622f2bf0e5dfa0b42a1b700e047e5b3 (patch)
tree	4281038ed7219a07db0669055afa3feb9d9a24f7 /container-disc/src/main/java/com/yahoo/container/jdisc/athenz
parent	5b3314729fe3abe2f704c4c3062750364262677a (diff)