-
Notifications
You must be signed in to change notification settings - Fork 317
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: firewall counter exporter (#343)
The replica node and API boundary node firewall has connection- and rate-limits. At the moment, each packet that is dropped based on these rules is logged. In this PR, we switch to counters and add a service to export the counters as a metric in order to not spam logs and to easily monitor whether the rules are actually active. --------- Co-authored-by: IDX GitLab Automation <infra+gitlab-automation@dfinity.org>
- Loading branch information
Showing
14 changed files
with
327 additions
and
17 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
9 changes: 9 additions & 0 deletions
9
ic-os/components/monitoring/nft-exporter/nft-exporter.service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
[Unit] | ||
Description=Collect nft counters and write them to a file for node exporter | ||
|
||
[Install] | ||
WantedBy=multi-user.target | ||
|
||
[Service] | ||
Type=oneshot | ||
ExecStart=/opt/ic/bin/nft-exporter |
10 changes: 10 additions & 0 deletions
10
ic-os/components/monitoring/nft-exporter/nft-exporter.timer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
[Unit] | ||
Description=nft counter export timer | ||
|
||
[Timer] | ||
OnBootSec=60s | ||
OnUnitActiveSec=60s | ||
Unit=nft-exporter.service | ||
|
||
[Install] | ||
WantedBy=timers.target |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
load("@rules_rust//rust:defs.bzl", "rust_binary") | ||
|
||
package(default_visibility = ["//visibility:public"]) | ||
|
||
DEPENDENCIES = [ | ||
"@crate_index//:anyhow", | ||
"@crate_index//:clap", | ||
"@crate_index//:serde_json", | ||
"@crate_index//:serde", | ||
] | ||
|
||
rust_binary( | ||
name = "nft-exporter", | ||
srcs = glob( | ||
["src/**/*.rs"], | ||
), | ||
aliases = {}, | ||
proc_macro_deps = [], | ||
version = "0.1.0", | ||
deps = DEPENDENCIES, | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
[package] | ||
name = "nft_exporter" | ||
version = "0.1.0" | ||
edition = "2021" | ||
|
||
[dependencies] | ||
anyhow = { workspace = true } | ||
clap = { workspace = true } | ||
serde = { version = "1.0", features = ["derive"] } | ||
serde_json = "1.0" |
Oops, something went wrong.