-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix varnish monitoring 2.0 #1035
base: fc-24.05-dev
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While the code in general looks plausible, there are some general questions and decisions we need to take before investigating the details makes sense.
Happy to discuss this with you if needed or I misunderstood something.
@@ -76,9 +76,18 @@ in { | |||
http_address = mkOption { | |||
type = types.str; | |||
default = "*:8008"; | |||
description = '' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Adding a proper option description is good. We might want to document the approach of how to add multiple listen addresses here as well.
command = "check_http -H localhost -p 8008 -c 10 -w 3 -t 20 -e HTTP"; | ||
varnish_http = let | ||
# the plattform module passes multiple addresses in the form of '<address>:<port> -a <address>:<port> -a <address>:<port>' | ||
first_address = builtins.elemAt (lib.splitString " " cfg.http_address) 0; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The question here is what we want to achieve with our monitoring:
- monitor the varnish server process and whether it works -> it is sufficient to reach varnish via any of its multiple listen addresses, in this implementation we always take the first one
- monitor the listen address configuration as well: is varnish actually reachable via all configured IP-port configurations? Did we mis-type something, did one of the IPs somehow change, etc…
- in that case, we need to run the http check against all the configured listen addresses, not just the first one.
the default monitoring check relied on varnish to run on a specific address. since this address can be changed, the sensu check needs to be adjusted to correctly infer the host and port that varnish is running on
5fa6407
to
af4bccc
Compare
rebased onto latest dev branch to fix a test failure in docs. |
We also noticed that the docs regarding monitoring are outdated. It'd be really neat if you updated that part to reflect the current state. Can be a brief overview of what monitoring is happening, no need for deep details. https://doc.flyingcircus.io/roles/fc-24.05-production/webproxy.html |
the default monitoring check relied on varnish to run on a specific address.
since this address can be changed, the sensu check needs to be adjusted to correctly infer the host and port that varnish is running on
This pr is based on #996 but fixes an issue where an incorrect address was inferred when multiple addresses were passed to varnish.
FC-36891
@flyingcircusio/release-managers
Release process
Impact:
Changelog:
PR release workflow (internal)
Design notes
on
oroff
. Example: rate limiting.Security implications
case where a single address is set:
case where multiple addresses are set:
and the default when no address is set: