From d5fd7a5c001111a99e496018ceb1c509f7806189 Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Mon, 21 Feb 2022 12:50:15 -0300 Subject: [PATCH 01/13] metrics: add a new router and listener for Prometheus' metrics endpoint --- app.go | 34 +++++++++++++++++++++++++++++++--- 1 file changed, 31 insertions(+), 3 deletions(-) diff --git a/app.go b/app.go index ac350ec..4f910f0 100644 --- a/app.go +++ b/app.go @@ -68,6 +68,7 @@ const ( type Config struct { ServerURL string Addr string + MetricsAddr string GRPCAddr string GRPCAllowInsecure bool EphemeralNodeInactivityTimeout time.Duration @@ -406,11 +407,17 @@ func (h *Headscale) ensureUnixSocketIsAbsent() error { return os.Remove(h.cfg.UnixSocket) } -func (h *Headscale) createRouter(grpcMux *runtime.ServeMux) *gin.Engine { - router := gin.Default() +func (h *Headscale) createPrometheusRouter() *gin.Engine { + promRouter := gin.Default() prometheus := ginprometheus.NewPrometheus("gin") - prometheus.Use(router) + prometheus.Use(promRouter) + + return promRouter +} + +func (h *Headscale) createRouter(grpcMux *runtime.ServeMux) *gin.Engine { + router := gin.Default() router.GET( "/health", @@ -622,6 +629,27 @@ func (h *Headscale) Serve() error { log.Info(). Msgf("listening and serving HTTP on: %s", h.cfg.Addr) + promRouter := h.createPrometheusRouter() + + promHttpServer := &http.Server{ + Addr: h.cfg.MetricsAddr, + Handler: promRouter, + ReadTimeout: HTTPReadTimeout, + WriteTimeout: 0, + } + + var promHttpListener net.Listener + promHttpListener, err = net.Listen("tcp", h.cfg.MetricsAddr) + + if err != nil { + return fmt.Errorf("failed to bind to TCP address: %w", err) + } + + errorGroup.Go(func() error { return promHttpServer.Serve(promHttpListener) }) + + log.Info(). + Msgf("listening and serving metrics on: %s", h.cfg.MetricsAddr) + return errorGroup.Wait() } From 45d5ab30ffa7cd3fc0e675312c8844e60d03e7db Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Mon, 21 Feb 2022 12:50:44 -0300 Subject: [PATCH 02/13] metrics/cfg: add a new entry for the Prometheus listen address --- cmd/headscale/cli/utils.go | 1 + config-example.yaml | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/cmd/headscale/cli/utils.go b/cmd/headscale/cli/utils.go index 85dcae7..341a998 100644 --- a/cmd/headscale/cli/utils.go +++ b/cmd/headscale/cli/utils.go @@ -284,6 +284,7 @@ func getHeadscaleConfig() headscale.Config { return headscale.Config{ ServerURL: viper.GetString("server_url"), Addr: viper.GetString("listen_addr"), + MetricsAddr: viper.GetString("metrics_listen_addr"), GRPCAddr: viper.GetString("grpc_listen_addr"), GRPCAllowInsecure: viper.GetBool("grpc_allow_insecure"), diff --git a/config-example.yaml b/config-example.yaml index ba0c653..175f40b 100644 --- a/config-example.yaml +++ b/config-example.yaml @@ -16,6 +16,12 @@ server_url: http://127.0.0.1:8080 # listen_addr: 0.0.0.0:8080 +# Address to listen to /metrics, you may want +# to keep this endpoint private to your internal +# network +# +metrics_listen_addr: 127.0.0.1:8081 + # Address to listen for gRPC. # gRPC is used for controlling a headscale server # remotely with the CLI From fbc1843889619a44488ff69e2e7c9dc191f876b2 Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Mon, 21 Feb 2022 12:51:05 -0300 Subject: [PATCH 03/13] metrics/tests: update tests --- cmd/headscale/headscale_test.go | 1 + integration_test/etc/config.yaml | 1 + 2 files changed, 2 insertions(+) diff --git a/cmd/headscale/headscale_test.go b/cmd/headscale/headscale_test.go index 5ab46e0..2edf2c1 100644 --- a/cmd/headscale/headscale_test.go +++ b/cmd/headscale/headscale_test.go @@ -55,6 +55,7 @@ func (*Suite) TestConfigLoading(c *check.C) { // Test that config file was interpreted correctly c.Assert(viper.GetString("server_url"), check.Equals, "http://127.0.0.1:8080") c.Assert(viper.GetString("listen_addr"), check.Equals, "0.0.0.0:8080") + c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:8081") c.Assert(viper.GetString("db_type"), check.Equals, "sqlite3") c.Assert(viper.GetString("db_path"), check.Equals, "/var/lib/headscale/db.sqlite") c.Assert(viper.GetString("tls_letsencrypt_hostname"), check.Equals, "") diff --git a/integration_test/etc/config.yaml b/integration_test/etc/config.yaml index 63af7eb..f1b04b6 100644 --- a/integration_test/etc/config.yaml +++ b/integration_test/etc/config.yaml @@ -14,6 +14,7 @@ dns_config: db_path: /tmp/integration_test_db.sqlite3 private_key_path: private.key listen_addr: 0.0.0.0:8080 +metrics_listen_addr: 127.0.0.1:8081 server_url: http://headscale:8080 derp: From 14e49885fbab368dfe1b782a45dd0fac9408f468 Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Mon, 21 Feb 2022 12:51:25 -0300 Subject: [PATCH 04/13] metrics/kustomize: update Kustomize examples --- docs/examples/kustomize/base/configmap.yaml | 1 + docs/examples/kustomize/postgres/deployment.yaml | 5 +++++ docs/examples/kustomize/sqlite/statefulset.yaml | 5 +++++ 3 files changed, 11 insertions(+) diff --git a/docs/examples/kustomize/base/configmap.yaml b/docs/examples/kustomize/base/configmap.yaml index 2e25e5f..5578958 100644 --- a/docs/examples/kustomize/base/configmap.yaml +++ b/docs/examples/kustomize/base/configmap.yaml @@ -5,4 +5,5 @@ metadata: data: server_url: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME) listen_addr: "0.0.0.0:8080" + metrics_listen_addr: "127.0.0.1:8081" ephemeral_node_inactivity_timeout: "30m" diff --git a/docs/examples/kustomize/postgres/deployment.yaml b/docs/examples/kustomize/postgres/deployment.yaml index 75e6444..1dd88b4 100644 --- a/docs/examples/kustomize/postgres/deployment.yaml +++ b/docs/examples/kustomize/postgres/deployment.yaml @@ -25,6 +25,11 @@ spec: configMapKeyRef: name: headscale-config key: listen_addr + - name: METRICS_LISTEN_ADDR + valueFrom: + configMapKeyRef: + name: headscale-config + key: metrics_listen_addr - name: DERP_MAP_PATH value: /vol/config/derp.yaml - name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT diff --git a/docs/examples/kustomize/sqlite/statefulset.yaml b/docs/examples/kustomize/sqlite/statefulset.yaml index 050bf76..2321d39 100644 --- a/docs/examples/kustomize/sqlite/statefulset.yaml +++ b/docs/examples/kustomize/sqlite/statefulset.yaml @@ -26,6 +26,11 @@ spec: configMapKeyRef: name: headscale-config key: listen_addr + - name: METRICS_LISTEN_ADDR + valueFrom: + configMapKeyRef: + name: headscale-config + key: metrics_listen_addr - name: DERP_MAP_PATH value: /vol/config/derp.yaml - name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT From e3bcc88880eb2704dbcdb1eac79b79cfa48fe403 Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Mon, 21 Feb 2022 15:22:36 -0300 Subject: [PATCH 05/13] Linter: make linter happy --- app.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app.go b/app.go index 4f910f0..5591180 100644 --- a/app.go +++ b/app.go @@ -631,21 +631,21 @@ func (h *Headscale) Serve() error { promRouter := h.createPrometheusRouter() - promHttpServer := &http.Server{ + promHTTPServer := &http.Server{ Addr: h.cfg.MetricsAddr, Handler: promRouter, ReadTimeout: HTTPReadTimeout, WriteTimeout: 0, } - var promHttpListener net.Listener - promHttpListener, err = net.Listen("tcp", h.cfg.MetricsAddr) + var promHTTPListener net.Listener + promHTTPListener, err = net.Listen("tcp", h.cfg.MetricsAddr) if err != nil { return fmt.Errorf("failed to bind to TCP address: %w", err) } - errorGroup.Go(func() error { return promHttpServer.Serve(promHttpListener) }) + errorGroup.Go(func() error { return promHTTPServer.Serve(promHTTPListener) }) log.Info(). Msgf("listening and serving metrics on: %s", h.cfg.MetricsAddr) From a9122c3de37e91effc8951b117e87021ed282b4e Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Fri, 25 Feb 2022 18:21:20 -0300 Subject: [PATCH 06/13] prometheus: replace default port by a port between the recommended prometheus range --- cmd/headscale/headscale_test.go | 2 +- config-example.yaml | 2 +- docs/examples/kustomize/base/configmap.yaml | 2 +- integration_test/etc/config.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/cmd/headscale/headscale_test.go b/cmd/headscale/headscale_test.go index 2edf2c1..551cf05 100644 --- a/cmd/headscale/headscale_test.go +++ b/cmd/headscale/headscale_test.go @@ -55,7 +55,7 @@ func (*Suite) TestConfigLoading(c *check.C) { // Test that config file was interpreted correctly c.Assert(viper.GetString("server_url"), check.Equals, "http://127.0.0.1:8080") c.Assert(viper.GetString("listen_addr"), check.Equals, "0.0.0.0:8080") - c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:8081") + c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:9915") c.Assert(viper.GetString("db_type"), check.Equals, "sqlite3") c.Assert(viper.GetString("db_path"), check.Equals, "/var/lib/headscale/db.sqlite") c.Assert(viper.GetString("tls_letsencrypt_hostname"), check.Equals, "") diff --git a/config-example.yaml b/config-example.yaml index fb8289f..2053e12 100644 --- a/config-example.yaml +++ b/config-example.yaml @@ -20,7 +20,7 @@ listen_addr: 0.0.0.0:8080 # to keep this endpoint private to your internal # network # -metrics_listen_addr: 127.0.0.1:8081 +metrics_listen_addr: 127.0.0.1:9915 # Address to listen for gRPC. # gRPC is used for controlling a headscale server diff --git a/docs/examples/kustomize/base/configmap.yaml b/docs/examples/kustomize/base/configmap.yaml index 5578958..b60c685 100644 --- a/docs/examples/kustomize/base/configmap.yaml +++ b/docs/examples/kustomize/base/configmap.yaml @@ -5,5 +5,5 @@ metadata: data: server_url: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME) listen_addr: "0.0.0.0:8080" - metrics_listen_addr: "127.0.0.1:8081" + metrics_listen_addr: "127.0.0.1:9915" ephemeral_node_inactivity_timeout: "30m" diff --git a/integration_test/etc/config.yaml b/integration_test/etc/config.yaml index f1b04b6..223fab2 100644 --- a/integration_test/etc/config.yaml +++ b/integration_test/etc/config.yaml @@ -14,7 +14,7 @@ dns_config: db_path: /tmp/integration_test_db.sqlite3 private_key_path: private.key listen_addr: 0.0.0.0:8080 -metrics_listen_addr: 127.0.0.1:8081 +metrics_listen_addr: 127.0.0.1:9915 server_url: http://headscale:8080 derp: From 06e6c29a5b168731044ab40ca7dd19eb3417e263 Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Fri, 25 Feb 2022 18:36:03 -0300 Subject: [PATCH 07/13] metrics: make metrics endpoint toggleable --- app.go | 39 ++++++++++--------- cmd/headscale/cli/utils.go | 1 + cmd/headscale/headscale_test.go | 1 + config-example.yaml | 3 ++ docs/examples/kustomize/base/configmap.yaml | 1 + .../kustomize/postgres/deployment.yaml | 5 +++ .../kustomize/sqlite/statefulset.yaml | 5 +++ integration_test/etc/config.yaml | 1 + 8 files changed, 38 insertions(+), 18 deletions(-) diff --git a/app.go b/app.go index cf49163..a67031e 100644 --- a/app.go +++ b/app.go @@ -72,6 +72,7 @@ const ( type Config struct { ServerURL string Addr string + MetricsEnabled bool MetricsAddr string GRPCAddr string GRPCAllowInsecure bool @@ -655,27 +656,29 @@ func (h *Headscale) Serve() error { log.Info(). Msgf("listening and serving HTTP on: %s", h.cfg.Addr) - promRouter := h.createPrometheusRouter() + if h.cfg.MetricsEnabled { + promRouter := h.createPrometheusRouter() - promHTTPServer := &http.Server{ - Addr: h.cfg.MetricsAddr, - Handler: promRouter, - ReadTimeout: HTTPReadTimeout, - WriteTimeout: 0, + promHTTPServer := &http.Server{ + Addr: h.cfg.MetricsAddr, + Handler: promRouter, + ReadTimeout: HTTPReadTimeout, + WriteTimeout: 0, + } + + var promHTTPListener net.Listener + promHTTPListener, err = net.Listen("tcp", h.cfg.MetricsAddr) + + if err != nil { + return fmt.Errorf("failed to bind to TCP address: %w", err) + } + + errorGroup.Go(func() error { return promHTTPServer.Serve(promHTTPListener) }) + + log.Info(). + Msgf("listening and serving metrics on: %s", h.cfg.MetricsAddr) } - var promHTTPListener net.Listener - promHTTPListener, err = net.Listen("tcp", h.cfg.MetricsAddr) - - if err != nil { - return fmt.Errorf("failed to bind to TCP address: %w", err) - } - - errorGroup.Go(func() error { return promHTTPServer.Serve(promHTTPListener) }) - - log.Info(). - Msgf("listening and serving metrics on: %s", h.cfg.MetricsAddr) - return errorGroup.Wait() } diff --git a/cmd/headscale/cli/utils.go b/cmd/headscale/cli/utils.go index fa4a0b7..f287cd4 100644 --- a/cmd/headscale/cli/utils.go +++ b/cmd/headscale/cli/utils.go @@ -303,6 +303,7 @@ func getHeadscaleConfig() headscale.Config { return headscale.Config{ ServerURL: viper.GetString("server_url"), Addr: viper.GetString("listen_addr"), + MetricsEnabled: viper.GetBool("metrics_enabled"), MetricsAddr: viper.GetString("metrics_listen_addr"), GRPCAddr: viper.GetString("grpc_listen_addr"), GRPCAllowInsecure: viper.GetBool("grpc_allow_insecure"), diff --git a/cmd/headscale/headscale_test.go b/cmd/headscale/headscale_test.go index 551cf05..d75e6e6 100644 --- a/cmd/headscale/headscale_test.go +++ b/cmd/headscale/headscale_test.go @@ -56,6 +56,7 @@ func (*Suite) TestConfigLoading(c *check.C) { c.Assert(viper.GetString("server_url"), check.Equals, "http://127.0.0.1:8080") c.Assert(viper.GetString("listen_addr"), check.Equals, "0.0.0.0:8080") c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:9915") + c.Assert(viper.GetString("metrics_enabled"), check.Equals, "true") c.Assert(viper.GetString("db_type"), check.Equals, "sqlite3") c.Assert(viper.GetString("db_path"), check.Equals, "/var/lib/headscale/db.sqlite") c.Assert(viper.GetString("tls_letsencrypt_hostname"), check.Equals, "") diff --git a/config-example.yaml b/config-example.yaml index 2053e12..8b028db 100644 --- a/config-example.yaml +++ b/config-example.yaml @@ -16,6 +16,9 @@ server_url: http://127.0.0.1:8080 # listen_addr: 0.0.0.0:8080 +# Enable Prometheus metrics endpoint +metrics_enabled: true + # Address to listen to /metrics, you may want # to keep this endpoint private to your internal # network diff --git a/docs/examples/kustomize/base/configmap.yaml b/docs/examples/kustomize/base/configmap.yaml index b60c685..a8287c6 100644 --- a/docs/examples/kustomize/base/configmap.yaml +++ b/docs/examples/kustomize/base/configmap.yaml @@ -5,5 +5,6 @@ metadata: data: server_url: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME) listen_addr: "0.0.0.0:8080" + metrics_enabled: "true" metrics_listen_addr: "127.0.0.1:9915" ephemeral_node_inactivity_timeout: "30m" diff --git a/docs/examples/kustomize/postgres/deployment.yaml b/docs/examples/kustomize/postgres/deployment.yaml index 1dd88b4..3d380ac 100644 --- a/docs/examples/kustomize/postgres/deployment.yaml +++ b/docs/examples/kustomize/postgres/deployment.yaml @@ -30,6 +30,11 @@ spec: configMapKeyRef: name: headscale-config key: metrics_listen_addr + - name: METRICS_ENABLED + valueFrom: + configMapKeyRef: + name: headscale-config + key: metrics_enabled - name: DERP_MAP_PATH value: /vol/config/derp.yaml - name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT diff --git a/docs/examples/kustomize/sqlite/statefulset.yaml b/docs/examples/kustomize/sqlite/statefulset.yaml index 2321d39..5b3b908 100644 --- a/docs/examples/kustomize/sqlite/statefulset.yaml +++ b/docs/examples/kustomize/sqlite/statefulset.yaml @@ -31,6 +31,11 @@ spec: configMapKeyRef: name: headscale-config key: metrics_listen_addr + - name: METRICS_ENABLED + valueFrom: + configMapKeyRef: + name: headscale-config + key: metrics_enabled - name: DERP_MAP_PATH value: /vol/config/derp.yaml - name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT diff --git a/integration_test/etc/config.yaml b/integration_test/etc/config.yaml index 223fab2..128722f 100644 --- a/integration_test/etc/config.yaml +++ b/integration_test/etc/config.yaml @@ -14,6 +14,7 @@ dns_config: db_path: /tmp/integration_test_db.sqlite3 private_key_path: private.key listen_addr: 0.0.0.0:8080 +metrics_enabled: true metrics_listen_addr: 127.0.0.1:9915 server_url: http://headscale:8080 From 9a61725e9fc1f6e99ef188f391b765ecb9d3151b Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Mon, 28 Feb 2022 10:40:02 -0300 Subject: [PATCH 08/13] Metrics: Disable toggle. Set default port to 9090 --- app.go | 39 +++++++++---------- cmd/headscale/cli/utils.go | 1 - cmd/headscale/headscale_test.go | 3 +- config-example.yaml | 5 +-- docs/examples/kustomize/base/configmap.yaml | 3 +- .../kustomize/postgres/deployment.yaml | 5 --- .../kustomize/sqlite/statefulset.yaml | 5 --- integration_test/etc/config.yaml | 3 +- 8 files changed, 22 insertions(+), 42 deletions(-) diff --git a/app.go b/app.go index f8b18fb..01fe730 100644 --- a/app.go +++ b/app.go @@ -72,7 +72,6 @@ const ( type Config struct { ServerURL string Addr string - MetricsEnabled bool MetricsAddr string GRPCAddr string GRPCAllowInsecure bool @@ -658,29 +657,27 @@ func (h *Headscale) Serve() error { log.Info(). Msgf("listening and serving HTTP on: %s", h.cfg.Addr) - if h.cfg.MetricsEnabled { - promRouter := h.createPrometheusRouter() + promRouter := h.createPrometheusRouter() - promHTTPServer := &http.Server{ - Addr: h.cfg.MetricsAddr, - Handler: promRouter, - ReadTimeout: HTTPReadTimeout, - WriteTimeout: 0, - } - - var promHTTPListener net.Listener - promHTTPListener, err = net.Listen("tcp", h.cfg.MetricsAddr) - - if err != nil { - return fmt.Errorf("failed to bind to TCP address: %w", err) - } - - errorGroup.Go(func() error { return promHTTPServer.Serve(promHTTPListener) }) - - log.Info(). - Msgf("listening and serving metrics on: %s", h.cfg.MetricsAddr) + promHTTPServer := &http.Server{ + Addr: h.cfg.MetricsAddr, + Handler: promRouter, + ReadTimeout: HTTPReadTimeout, + WriteTimeout: 0, } + var promHTTPListener net.Listener + promHTTPListener, err = net.Listen("tcp", h.cfg.MetricsAddr) + + if err != nil { + return fmt.Errorf("failed to bind to TCP address: %w", err) + } + + errorGroup.Go(func() error { return promHTTPServer.Serve(promHTTPListener) }) + + log.Info(). + Msgf("listening and serving metrics on: %s", h.cfg.MetricsAddr) + return errorGroup.Wait() } diff --git a/cmd/headscale/cli/utils.go b/cmd/headscale/cli/utils.go index 381f180..49fc23c 100644 --- a/cmd/headscale/cli/utils.go +++ b/cmd/headscale/cli/utils.go @@ -304,7 +304,6 @@ func getHeadscaleConfig() headscale.Config { return headscale.Config{ ServerURL: viper.GetString("server_url"), Addr: viper.GetString("listen_addr"), - MetricsEnabled: viper.GetBool("metrics_enabled"), MetricsAddr: viper.GetString("metrics_listen_addr"), GRPCAddr: viper.GetString("grpc_listen_addr"), GRPCAllowInsecure: viper.GetBool("grpc_allow_insecure"), diff --git a/cmd/headscale/headscale_test.go b/cmd/headscale/headscale_test.go index d75e6e6..c971220 100644 --- a/cmd/headscale/headscale_test.go +++ b/cmd/headscale/headscale_test.go @@ -55,8 +55,7 @@ func (*Suite) TestConfigLoading(c *check.C) { // Test that config file was interpreted correctly c.Assert(viper.GetString("server_url"), check.Equals, "http://127.0.0.1:8080") c.Assert(viper.GetString("listen_addr"), check.Equals, "0.0.0.0:8080") - c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:9915") - c.Assert(viper.GetString("metrics_enabled"), check.Equals, "true") + c.Assert(viper.GetString("metrics_listen_addr"), check.Equals, "127.0.0.1:9090") c.Assert(viper.GetString("db_type"), check.Equals, "sqlite3") c.Assert(viper.GetString("db_path"), check.Equals, "/var/lib/headscale/db.sqlite") c.Assert(viper.GetString("tls_letsencrypt_hostname"), check.Equals, "") diff --git a/config-example.yaml b/config-example.yaml index 157805e..0939d6c 100644 --- a/config-example.yaml +++ b/config-example.yaml @@ -16,14 +16,11 @@ server_url: http://127.0.0.1:8080 # listen_addr: 0.0.0.0:8080 -# Enable Prometheus metrics endpoint -metrics_enabled: true - # Address to listen to /metrics, you may want # to keep this endpoint private to your internal # network # -metrics_listen_addr: 127.0.0.1:9915 +metrics_listen_addr: 127.0.0.1:9090 # Address to listen for gRPC. # gRPC is used for controlling a headscale server diff --git a/docs/examples/kustomize/base/configmap.yaml b/docs/examples/kustomize/base/configmap.yaml index a8287c6..0ac2d56 100644 --- a/docs/examples/kustomize/base/configmap.yaml +++ b/docs/examples/kustomize/base/configmap.yaml @@ -5,6 +5,5 @@ metadata: data: server_url: $(PUBLIC_PROTO)://$(PUBLIC_HOSTNAME) listen_addr: "0.0.0.0:8080" - metrics_enabled: "true" - metrics_listen_addr: "127.0.0.1:9915" + metrics_listen_addr: "127.0.0.1:9090" ephemeral_node_inactivity_timeout: "30m" diff --git a/docs/examples/kustomize/postgres/deployment.yaml b/docs/examples/kustomize/postgres/deployment.yaml index 3d380ac..1dd88b4 100644 --- a/docs/examples/kustomize/postgres/deployment.yaml +++ b/docs/examples/kustomize/postgres/deployment.yaml @@ -30,11 +30,6 @@ spec: configMapKeyRef: name: headscale-config key: metrics_listen_addr - - name: METRICS_ENABLED - valueFrom: - configMapKeyRef: - name: headscale-config - key: metrics_enabled - name: DERP_MAP_PATH value: /vol/config/derp.yaml - name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT diff --git a/docs/examples/kustomize/sqlite/statefulset.yaml b/docs/examples/kustomize/sqlite/statefulset.yaml index 5b3b908..2321d39 100644 --- a/docs/examples/kustomize/sqlite/statefulset.yaml +++ b/docs/examples/kustomize/sqlite/statefulset.yaml @@ -31,11 +31,6 @@ spec: configMapKeyRef: name: headscale-config key: metrics_listen_addr - - name: METRICS_ENABLED - valueFrom: - configMapKeyRef: - name: headscale-config - key: metrics_enabled - name: DERP_MAP_PATH value: /vol/config/derp.yaml - name: EPHEMERAL_NODE_INACTIVITY_TIMEOUT diff --git a/integration_test/etc/config.yaml b/integration_test/etc/config.yaml index 128722f..f055b4c 100644 --- a/integration_test/etc/config.yaml +++ b/integration_test/etc/config.yaml @@ -14,8 +14,7 @@ dns_config: db_path: /tmp/integration_test_db.sqlite3 private_key_path: private.key listen_addr: 0.0.0.0:8080 -metrics_enabled: true -metrics_listen_addr: 127.0.0.1:9915 +metrics_listen_addr: 127.0.0.1:9090 server_url: http://headscale:8080 derp: From dcc46af8de0d69d0d87e20b2a190ef5d8cd3bc47 Mon Sep 17 00:00:00 2001 From: Nico Rey Date: Wed, 2 Mar 2022 09:22:29 -0300 Subject: [PATCH 09/13] Changelog: add breaking change --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4445444..1186bad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,10 @@ - Boundaries between Namespaces has been removed and all nodes can communicate by default [#357](https://github.com/juanfont/headscale/pull/357) - To limit access between nodes, use [ACLs](./docs/acls.md). +- `/metrics` is now a configurable host:port endpoint: [#344](https://github.com/juanfont/headscale/pull/344). You must update your `config.yaml` file to include: + ```yaml + metrics_listen_addr: 127.0.0.1:9090 + ``` ### Features From f9c0597875b1aa4f5d3f1ab27e69b1eb4bb20806 Mon Sep 17 00:00:00 2001 From: Kristoffer Dalby Date: Wed, 2 Mar 2022 13:40:37 +0000 Subject: [PATCH 10/13] Second contributor attempt --- .github/workflows/contributors.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml index 832abb9..aa0d926 100644 --- a/.github/workflows/contributors.yml +++ b/.github/workflows/contributors.yml @@ -17,6 +17,10 @@ jobs: run: git push origin --delete update-contributors - name: Create up-to-date contributors branch run: git checkout -B update-contributors + - name: Push empty contributors branch + run: git push origin update-contributors + - name: Switch back to main + run: git checkout main - uses: BobAnkh/add-contributors@v0.2.2 with: CONTRIBUTOR: "## Contributors" From e208ccc98269308a3494c71d03c2e44e312f1c3c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 2 Mar 2022 13:42:25 +0000 Subject: [PATCH 11/13] docs(README): update contributors --- README.md | 68 +++++++++++++++++++++++++++++++++---------------------- 1 file changed, 41 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index fb5d969..c33dddf 100644 --- a/README.md +++ b/README.md @@ -161,6 +161,13 @@ make build Juan Font + + + Adrien +
+ Adrien Raffin-Caboisse +
+ Ward @@ -176,12 +183,14 @@ make build - - Adrien + + Justin
- Adrien Raffin-Caboisse + Justin Angel
+ + Alessandro @@ -189,8 +198,6 @@ make build Alessandro (Ale) Segala - - unreality/ @@ -198,6 +205,20 @@ make build unreality + + + Nico/ +
+ Nico +
+ + + + e-zk/ +
+ e-zk +
+ Eugen @@ -212,6 +233,8 @@ make build Aaron Bieber + + Fernando @@ -233,8 +256,6 @@ make build Michael G. - - Paul @@ -256,6 +277,8 @@ make build Silver Bullet + + Stefan @@ -264,10 +287,10 @@ make build - - lachy-2849/ + + fincac/
- lachy-2849 + fincac
@@ -277,8 +300,6 @@ make build thomas - - Abraham @@ -300,6 +321,8 @@ make build Arthur Woimbée + + Bryan @@ -321,8 +344,6 @@ make build Felix Yan - - JJGadgets/ @@ -344,6 +365,8 @@ make build Jim Tittsler + + Pierre @@ -365,8 +388,6 @@ make build Ryan Fowler - - Shaanan @@ -388,6 +409,8 @@ make build Teteros + + The @@ -409,8 +432,6 @@ make build Tjerk Woudsma - - Zakhar @@ -432,13 +453,8 @@ make build derelm - - - e-zk/ -
- e-zk -
- + + ignoramous/ @@ -453,8 +469,6 @@ make build lion24 - - pernila/ From e301d0d1df118a2e8af392cd9c0b4745b4defff9 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 2 Mar 2022 13:44:26 +0000 Subject: [PATCH 12/13] docs(README): update contributors --- README.md | 31 ++++++++++++------------------- 1 file changed, 12 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index c33dddf..d9d050f 100644 --- a/README.md +++ b/README.md @@ -205,13 +205,6 @@ make build unreality - - - Nico/ -
- Nico -
- e-zk/ @@ -233,8 +226,6 @@ make build Aaron Bieber - - Fernando @@ -242,6 +233,8 @@ make build Fernando De Lucchi + + Hoàng @@ -277,8 +270,6 @@ make build Silver Bullet - - Stefan @@ -286,6 +277,8 @@ make build Stefan Majer + + fincac/ @@ -321,8 +314,6 @@ make build Arthur Woimbée - - Bryan @@ -330,6 +321,8 @@ make build Bryan Stenson + + Felix @@ -365,8 +358,6 @@ make build Jim Tittsler - - Pierre @@ -374,6 +365,8 @@ make build Pierre Carru + + rcursaru/ @@ -409,8 +402,6 @@ make build Teteros - - The @@ -418,6 +409,8 @@ make build The Gitter Badger + + Tianon @@ -453,8 +446,6 @@ make build derelm - - ignoramous/ @@ -462,6 +453,8 @@ make build ignoramous + + lion24/ From 4a4952899bdb5021d0d2d920b18bb38ea3ac92a2 Mon Sep 17 00:00:00 2001 From: Adrien Raffin-Caboisse Date: Wed, 2 Mar 2022 21:46:02 +0100 Subject: [PATCH 13/13] feat(acls): add some logs and skip error logs looks like the following ``` 2022-03-02T20:43:08Z DBG Expanding alias=app-test 2022-03-02T20:43:08Z DBG Expanding alias=kube-test 2022-03-02T20:43:08Z DBG Expanding alias=test 2022-03-02T20:43:08Z WRN No IPs found with the alias test 2022-03-02T20:43:08Z DBG Expanding alias=prod 2022-03-02T20:43:08Z WRN No IPs found with the alias prod 2022-03-02T20:43:08Z DBG Expanding alias=prod 2022-03-02T20:43:08Z WRN No IPs found with the alias prod ``` --- acls.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/acls.go b/acls.go index 84063a1..24aadf5 100644 --- a/acls.go +++ b/acls.go @@ -230,6 +230,10 @@ func expandAlias( return []string{"*"}, nil } + log.Debug(). + Str("alias", alias). + Msg("Expanding") + if strings.HasPrefix(alias, "group:") { namespaces, err := expandGroup(aclPolicy, alias, stripEmailDomain) if err != nil { @@ -293,7 +297,9 @@ func expandAlias( return []string{cidr.String()}, nil } - return ips, errInvalidUserSection + log.Warn().Msgf("No IPs found with the alias %v", alias) + + return ips, nil } // excludeCorrectlyTaggedNodes will remove from the list of input nodes the ones