Merge pull request #18655 from vespa-engine/bjormel/acl-maintainer-metric

Metric for last successful update of IP tables
author: Martin Polden <mpolden@mpolden.no> 2021-08-16 15:40:04 +0200
committer: GitHub <noreply@github.com> 2021-08-16 15:40:04 +0200
commit: 9018fd7ca4e9daaef26dd9cea68ec0f2facc57ff (patch)
tree: 00d71ce20c2759e10f255566e11a29abd0a910bc /node-admin
parent: 74d0fba5384ae051ed0badce29710a29bffa063d (diff)
parent: 26f817a8e5433f6c4d2083bc5703c7cdbd8cb656 (diff)
2 files changed, 49 insertions, 4 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/acl/AclMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/acl/AclMaintainer.java
index 20ca842784d..e9efe69f874 100644
--- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/acl/AclMaintainer.java
+++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/acl/AclMaintainer.java
@@ -2,7 +2,10 @@
 package com.yahoo.vespa.hosted.node.admin.maintenance.acl;
 
 import com.google.common.net.InetAddresses;
+import com.yahoo.vespa.hosted.node.admin.configserver.noderepository.NodeSpec;
 import com.yahoo.vespa.hosted.node.admin.container.ContainerOperations;
+import com.yahoo.vespa.hosted.node.admin.container.metrics.Dimensions;
+import com.yahoo.vespa.hosted.node.admin.container.metrics.Metrics;
 import com.yahoo.vespa.hosted.node.admin.nodeagent.NodeAgentContext;
 import com.yahoo.vespa.hosted.node.admin.nodeagent.NodeAgentTask;
 import com.yahoo.vespa.hosted.node.admin.task.util.file.Editor;
@@ -15,7 +18,9 @@ import java.net.InetAddress;
 import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.nio.file.Path;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 import java.util.function.Consumer;
 import java.util.function.Supplier;
 import java.util.logging.Level;
@@ -43,10 +48,17 @@ public class AclMaintainer {
 
     private final ContainerOperations containerOperations;
     private final IPAddresses ipAddresses;
+    private final Metrics metrics;
+    private final Map<String, Long> lastSuccess;
+    private static final String METRIC_NAME_POSTFIX = ".acl.age";
 
-    public AclMaintainer(ContainerOperations containerOperations, IPAddresses ipAddresses) {
+    public AclMaintainer(ContainerOperations containerOperations, IPAddresses ipAddresses, Metrics metrics) {
         this.containerOperations = containerOperations;
         this.ipAddresses = ipAddresses;
+        this.metrics = metrics;
+        long timestamp = System.currentTimeMillis() / 1_000;
+        this.lastSuccess = new HashMap<>(Map.of(IPVersion.IPv4.id(), timestamp,
+                                                IPVersion.IPv6.id(), timestamp));
     }
 
     // ip(6)tables operate while having the xtables lock, run with synchronized to prevent multiple NodeAgents
@@ -55,8 +67,13 @@ public class AclMaintainer {
         if (context.isDisabled(NodeAgentTask.AclMaintainer)) return;
 
         // Apply acl to the filter table
-        editFlushOnError(context, IPVersion.IPv4, "filter", FilterTableLineEditor.from(context.acl(), IPVersion.IPv4));
-        editFlushOnError(context, IPVersion.IPv6, "filter", FilterTableLineEditor.from(context.acl(), IPVersion.IPv6));
+        boolean updatedIPv4 = editFlushOnError(context, IPVersion.IPv4, "filter", FilterTableLineEditor.from(context.acl(), IPVersion.IPv4));
+        boolean updatedIPv6 = editFlushOnError(context, IPVersion.IPv6, "filter", FilterTableLineEditor.from(context.acl(), IPVersion.IPv6));
+
+        Dimensions dimensions = generateDimensions(context);
+
+        updateMetric(dimensions, updatedIPv4, IPVersion.IPv4.id());
+        updateMetric(dimensions, updatedIPv6, IPVersion.IPv6.id());
 
         ipAddresses.getAddress(context.hostname().value(), IPVersion.IPv4).ifPresent(addr -> applyRedirect(context, addr));
         ipAddresses.getAddress(context.hostname().value(), IPVersion.IPv6).ifPresent(addr -> applyRedirect(context, addr));
@@ -115,6 +132,32 @@ public class AclMaintainer {
         };
     }
 
+    void updateMetric(Dimensions dimensions, boolean updated, String ipVersion) {
+        long updateAgeInSec;
+        long timestamp = System.currentTimeMillis() / 1_000;
+        if (updated) {
+            updateAgeInSec = 0;
+            lastSuccess.put(ipVersion, timestamp);
+        } else {
+            updateAgeInSec = timestamp - lastSuccess.get(ipVersion);
+        }
+
+        metrics.declareGauge(Metrics.APPLICATION_NODE, ipVersion + METRIC_NAME_POSTFIX, dimensions, Metrics.DimensionType.PRETAGGED)
+                .sample(updateAgeInSec);
+
+    }
+
+    private Dimensions generateDimensions(NodeAgentContext context) {
+        NodeSpec node = context.node();
+        Dimensions.Builder dimensionsBuilder = new Dimensions.Builder()
+                .add("host", node.hostname())
+                .add("zone", context.zone().getId().value());
+
+        node.currentVespaVersion().ifPresent(vespaVersion -> dimensionsBuilder.add("vespaVersion", vespaVersion.toFullString()));
+
+        return dimensionsBuilder.build();
+    }
+
     private static class TemporaryIpTablesFileHandler implements AutoCloseable {
         private final Path path;
 
diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/acl/AclMaintainerTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/acl/AclMaintainerTest.java
index 224cb3305f8..2c0ca343937 100644
--- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/acl/AclMaintainerTest.java
+++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/acl/AclMaintainerTest.java
@@ -3,6 +3,7 @@ package com.yahoo.vespa.hosted.node.admin.maintenance.acl;
 
 import com.yahoo.vespa.hosted.node.admin.configserver.noderepository.Acl;
 import com.yahoo.vespa.hosted.node.admin.container.ContainerOperations;
+import com.yahoo.vespa.hosted.node.admin.container.metrics.Metrics;
 import com.yahoo.vespa.hosted.node.admin.nodeagent.NodeAgentContext;
 import com.yahoo.vespa.hosted.node.admin.nodeagent.NodeAgentContextImpl;
 import com.yahoo.vespa.hosted.node.admin.task.util.file.UnixPath;
@@ -37,7 +38,8 @@ public class AclMaintainerTest {
 
     private final ContainerOperations containerOperations = mock(ContainerOperations.class);
     private final IPAddressesMock ipAddresses = new IPAddressesMock();
-    private final AclMaintainer aclMaintainer = new AclMaintainer(containerOperations, ipAddresses);
+    private final Metrics metrics = new Metrics();
+    private final AclMaintainer aclMaintainer = new AclMaintainer(containerOperations, ipAddresses, metrics);
 
     private final FileSystem fileSystem = TestFileSystem.create();
     private final Function<Acl, NodeAgentContext> contextGenerator =
author	Martin Polden <mpolden@mpolden.no>	2021-08-16 15:40:04 +0200
committer	GitHub <noreply@github.com>	2021-08-16 15:40:04 +0200
commit	9018fd7ca4e9daaef26dd9cea68ec0f2facc57ff (patch)
tree	00d71ce20c2759e10f255566e11a29abd0a910bc /node-admin
parent	74d0fba5384ae051ed0badce29710a29bffa063d (diff)
parent	26f817a8e5433f6c4d2083bc5703c7cdbd8cb656 (diff)