From 91f90fa63a5d3ff79c2d4826020da57b83686945 Mon Sep 17 00:00:00 2001
From: zianazhao <zianazhao@tencent.com>
Date: Tue, 10 Jan 2023 19:56:36 +0800
Subject: [PATCH 1/5] support-lb_private

---
 go.mod                                 |   3 +-
 go.sum                                 |   4 +
 pkg/client/client.go                   |  12 +-
 pkg/collector/handler_clb_private.go   | 185 ++++++++++++++++++++++++
 pkg/collector/handler_cynosdb.go       |   7 -
 pkg/collector/handler_waf.go           | 193 +++++++++++++++++++++++++
 pkg/config/config.go                   |   2 +
 pkg/instance/instance_clb_private.go   |  44 ++++++
 pkg/instance/instance_waf.go           |  34 +++++
 pkg/instance/repository_clb_private.go | 115 +++++++++++++++
 pkg/instance/repository_cynosdb.go     |   1 -
 pkg/instance/repository_waf.go         |  96 ++++++++++++
 12 files changed, 686 insertions(+), 10 deletions(-)
 create mode 100644 pkg/collector/handler_clb_private.go
 create mode 100644 pkg/collector/handler_waf.go
 create mode 100644 pkg/instance/instance_clb_private.go
 create mode 100644 pkg/instance/instance_waf.go
 create mode 100644 pkg/instance/repository_clb_private.go
 create mode 100644 pkg/instance/repository_waf.go

diff --git a/go.mod b/go.mod
index f30dfdd..37f27c0 100644
--- a/go.mod
+++ b/go.mod
@@ -15,7 +15,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ckafka v1.0.334
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb v1.0.334
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cmq v1.0.334
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.531
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.576
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.334
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.413
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dc v1.0.334
@@ -34,6 +34,7 @@ require (
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdmq v1.0.413
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tse v1.0.430
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.334
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.576 // indirect
 	github.com/tencentyun/cos-go-sdk-v5 v0.7.35
 	golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e
 	gopkg.in/alecthomas/kingpin.v2 v2.2.6
diff --git a/go.sum b/go.sum
index 4d2504c..3a0e0bc 100644
--- a/go.sum
+++ b/go.sum
@@ -239,6 +239,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.531 h1:E8vq
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.531/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.534 h1:ZsJCXIZO2KfmEsrVN6a75VncTuaSkD4PNd1iXZ1I8BU=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.534/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.576 h1:6L4MeAnCk1NkuKoSfJvNPxqOrXq/HG9FqV3jl6i5t+w=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.576/go.mod h1:7sCQWVkxcsR38nffDW057DRGk8mUjK1Ing/EFOK8s8Y=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.334 h1:ulfSODMy8rpKa8MfnTIPbe5HyOArnlB4RJ1qmpj09to=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm v1.0.334/go.mod h1:AqyM/ZZMD7q5mHBqNY9YImbSpEpoEe7E/vrTbUWX+po=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb v1.0.413 h1:MomwSkFrSLB16s51Yu1h4JO+p3Pzc1yesIj+oNwAVM0=
@@ -280,6 +282,8 @@ github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tse v1.0.430 h1:Brvrm1Z
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tse v1.0.430/go.mod h1:rJoqfhS+Y0GmdZuS/N4bFXfDJeh/N59W6hojoTRQ6v0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.334 h1:rcM2H2e8kqxv7pZcsBdaIMitNd65+3iTM8aK/q6LS7U=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc v1.0.334/go.mod h1:SKgeSsIfPEM6BeoIFiGHsWG9UsEXzkK0SkWx51H/OS8=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.576 h1:N9vymXFXpdUx1YNe1D82U0WzV43qg1ZunxjCq5CsygE=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf v1.0.576/go.mod h1:8wSqOPFWWZabIv00tYbz8WGQIncUc6tC7eN48MLPkik=
 github.com/tencentyun/cos-go-sdk-v5 v0.7.35 h1:XVk5GQ4eH1q+DBUJfpaMMdU9TJZWMjwNNwv0PG5nbLQ=
 github.com/tencentyun/cos-go-sdk-v5 v0.7.35/go.mod h1:4dCEtLHGh8QPxHEkgq+nFaky7yZxQuYwgSJM87icDaw=
 github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
diff --git a/pkg/client/client.go b/pkg/client/client.go
index 0c653d5..0db832c 100644
--- a/pkg/client/client.go
+++ b/pkg/client/client.go
@@ -30,8 +30,8 @@ import (
 	tdmq "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tdmq/v20200217"
 	tse "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/tse/v20201207"
 	vpc "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc/v20170312"
+	waf "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125"
 	cos "github.com/tencentyun/cos-go-sdk-v5"
-
 	"github.com/tencentyun/tencentcloud-exporter/pkg/common"
 	"github.com/tencentyun/tencentcloud-exporter/pkg/config"
 )
@@ -305,3 +305,13 @@ func NewGAAPClient(cred common.CredentialIface, conf *config.TencentConfig) (*ga
 	}
 	return gaap.NewClient(cred, conf.Credential.Region, cpf)
 }
+
+func NewWafClient(cred common.CredentialIface, conf *config.TencentConfig) (*waf.Client, error) {
+	cpf := profile.NewClientProfile()
+	if conf.Credential.IsInternal == true {
+		cpf.HttpProfile.Endpoint = "waf.internal.tencentcloudapi.com"
+	} else {
+		cpf.HttpProfile.Endpoint = "waf.tencentcloudapi.com"
+	}
+	return waf.NewClient(cred, conf.Credential.Region, cpf)
+}
diff --git a/pkg/collector/handler_clb_private.go b/pkg/collector/handler_clb_private.go
new file mode 100644
index 0000000..ab60908
--- /dev/null
+++ b/pkg/collector/handler_clb_private.go
@@ -0,0 +1,185 @@
+package collector
+
+import (
+	"fmt"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/common"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/instance"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/metric"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/util"
+)
+
+const (
+	ClbPrivateNamespace     = "QCE/LB_PRIVATE"
+	ClbPrivateInstanceidKey = "vip"
+)
+
+var (
+	ClbPrivateExcludeMetrics = []string{
+		// "ConnRatio", "OverloadCurConn", "SnatFail", // clb_snat_vip
+		"PvvInpkg", "PvvOutpkg", "PvvConnum", "PvvIntraffic", "PvvNewConn", "PvvOuttraffic", // new_vpcid_proto_vip_vport
+		"VvIntraffic", "VvInpkg", "VvNewConn", "VvOutpkg", "VvOuttraffic", "VvConnum", // new_vip_vpcid
+	}
+)
+
+func init() {
+	registerHandler(ClbPrivateNamespace, defaultHandlerEnabled, NewClbPrivateHandler)
+}
+
+type ClbPrivateHandler struct {
+	baseProductHandler
+}
+
+func (h *ClbPrivateHandler) IsMetricMetaVaild(meta *metric.TcmMeta) bool {
+	return true
+}
+
+func (h *ClbPrivateHandler) GetNamespace() string {
+	return ClbPrivateNamespace
+}
+
+func (h *ClbPrivateHandler) IsMetricVaild(m *metric.TcmMetric) bool {
+	if util.IsStrInList(ClbPrivateExcludeMetrics, m.Meta.MetricName) {
+		return false
+	}
+	var dimensions []string
+	for _, v := range m.Meta.SupportDimensions {
+		dimensions = append(dimensions, v)
+	}
+	if len(dimensions) == 0 {
+		return false
+	}
+	_, ok := excludeMetricName[m.Meta.MetricName]
+	if ok {
+		return false
+	}
+	p, err := m.Meta.GetPeriod(m.Conf.StatPeriodSeconds)
+	if err != nil {
+		return false
+	}
+	if p != m.Conf.StatPeriodSeconds {
+		return false
+	}
+	return true
+}
+func (h *ClbPrivateHandler) GetSeries(m *metric.TcmMetric) ([]*metric.TcmSeries, error) {
+	if m.Conf.IsIncludeOnlyInstance() {
+		return h.GetSeriesByOnly(m)
+	}
+
+	if m.Conf.IsIncludeAllInstance() {
+		return h.GetSeriesByAll(m)
+	}
+
+	if m.Conf.IsCustomQueryDimensions() {
+		return h.GetSeriesByCustom(m)
+	}
+
+	return nil, fmt.Errorf("must config all_instances or only_include_instances or custom_query_dimensions")
+}
+
+func (h *ClbPrivateHandler) GetSeriesByOnly(m *metric.TcmMetric) ([]*metric.TcmSeries, error) {
+	var slist []*metric.TcmSeries
+	for _, insId := range m.Conf.OnlyIncludeInstances {
+		ins, err := h.collector.InstanceRepo.Get(insId)
+		if err != nil {
+			level.Error(h.logger).Log("msg", "Instance not found", "id", insId)
+			continue
+		}
+		sl, err := h.getSeriesByMetricType(m, ins)
+		if err != nil {
+			level.Error(h.logger).Log("msg", "Create metric series fail",
+				"metric", m.Meta.MetricName, "instacne", ins.GetInstanceId())
+			continue
+		}
+		slist = append(slist, sl...)
+	}
+	return slist, nil
+}
+
+func (h *ClbPrivateHandler) GetSeriesByAll(m *metric.TcmMetric) ([]*metric.TcmSeries, error) {
+	var slist []*metric.TcmSeries
+	insList, err := h.collector.InstanceRepo.ListByFilters(m.Conf.InstanceFilters)
+	if err != nil {
+		return nil, err
+	}
+	for _, ins := range insList {
+		if len(m.Conf.ExcludeInstances) != 0 && util.IsStrInList(m.Conf.ExcludeInstances, ins.GetInstanceId()) {
+			continue
+		}
+		sl, err := h.getSeriesByMetricType(m, ins)
+		if err != nil {
+			level.Error(h.logger).Log("msg", "Create metric series fail",
+				"metric", m.Meta.MetricName, "instacne", ins.GetInstanceId(), "error", err)
+			continue
+		}
+		slist = append(slist, sl...)
+	}
+	return slist, nil
+}
+
+func (h *ClbPrivateHandler) GetSeriesByCustom(m *metric.TcmMetric) ([]*metric.TcmSeries, error) {
+	var slist []*metric.TcmSeries
+	for _, ql := range m.Conf.CustomQueryDimensions {
+		v, ok := ql[h.monitorQueryKey]
+		if !ok {
+			level.Error(h.logger).Log(
+				"msg", fmt.Sprintf("not found %s in queryDimensions", h.monitorQueryKey),
+				"ql", fmt.Sprintf("%v", ql))
+			continue
+		}
+		ins, err := h.collector.InstanceRepo.Get(v)
+		if err != nil {
+			level.Error(h.logger).Log("msg", "Instance not found", "err", err, "id", v)
+			continue
+		}
+
+		sl, err := h.getSeriesByMetricType(m, ins)
+		if err != nil {
+			level.Error(h.logger).Log("msg", "Create metric series fail",
+				"metric", m.Meta.MetricName, "instacne", ins.GetInstanceId())
+			continue
+		}
+		slist = append(slist, sl...)
+	}
+	return slist, nil
+}
+
+func (h *ClbPrivateHandler) getSeriesByMetricType(m *metric.TcmMetric, ins instance.TcInstance) ([]*metric.TcmSeries, error) {
+	var dimensions []string
+	for _, v := range m.Meta.SupportDimensions {
+		dimensions = append(dimensions, v)
+	}
+	return h.getClbPrivateSeries(m, ins)
+}
+
+func (h *ClbPrivateHandler) getClbPrivateSeries(m *metric.TcmMetric, ins instance.TcInstance) ([]*metric.TcmSeries, error) {
+	var series []*metric.TcmSeries
+	vpcId, err := ins.GetFieldValueByName("VpcId")
+	if err != nil {
+		level.Error(h.logger).Log("msg", "ClusterId not found")
+	}
+	ql := map[string]string{
+		h.monitorQueryKey: ins.GetMonitorQueryKey(),
+		"vpcId":           vpcId,
+	}
+	s, err := metric.NewTcmSeries(m, ql, ins)
+	if err != nil {
+		return nil, err
+	}
+	series = append(series, s)
+	return series, nil
+}
+
+func NewClbPrivateHandler(cred common.CredentialIface, c *TcProductCollector, logger log.Logger) (handler ProductHandler, err error) {
+	handler = &ClbPrivateHandler{
+		baseProductHandler{
+			monitorQueryKey: ClbPrivateInstanceidKey,
+			collector:       c,
+			logger:          logger,
+		},
+	}
+	return
+
+}
diff --git a/pkg/collector/handler_cynosdb.go b/pkg/collector/handler_cynosdb.go
index 6fc755e..110cc0b 100644
--- a/pkg/collector/handler_cynosdb.go
+++ b/pkg/collector/handler_cynosdb.go
@@ -47,13 +47,6 @@ func (h *CynosdbHandler) IsMetricVaild(m *metric.TcmMetric) bool {
 	return true
 }
 
-// func (h *CynosdbHandler) GetSeries(m *metric.TcmMetric) (slist []*metric.TcmSeries, err error) {
-// 	if m.Conf.StatPeriodSeconds < 60 {
-// 		m.Conf.StatPeriodSeconds = 60
-// 	}
-// 	return h.baseProductHandler.GetSeries(m)
-// }
-
 func (h *CynosdbHandler) GetSeries(m *metric.TcmMetric) ([]*metric.TcmSeries, error) {
 	if m.Conf.IsIncludeOnlyInstance() {
 		return h.GetSeriesByOnly(m)
diff --git a/pkg/collector/handler_waf.go b/pkg/collector/handler_waf.go
new file mode 100644
index 0000000..fa52135
--- /dev/null
+++ b/pkg/collector/handler_waf.go
@@ -0,0 +1,193 @@
+package collector
+
+import (
+	"fmt"
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/common"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/instance"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/metric"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/util"
+)
+
+const (
+	WafNamespace     = "QCE/WAF"
+	WafInstanceidKey = "domain"
+)
+
+var EditionMap = map[string]string{"sparta-waf": "0", "clb-waf": "1"}
+
+func init() {
+	registerHandler(WafNamespace, defaultHandlerEnabled, NewWafHandler)
+}
+
+type WafHandler struct {
+	baseProductHandler
+}
+
+func (h *WafHandler) IsMetricMetaVaild(meta *metric.TcmMeta) bool {
+	return true
+}
+
+func (h *WafHandler) GetNamespace() string {
+	return WafNamespace
+}
+
+func (h *WafHandler) IsMetricVaild(m *metric.TcmMetric) bool {
+	_, ok := excludeMetricName[m.Meta.MetricName]
+	if ok {
+		return false
+	}
+	p, err := m.Meta.GetPeriod(m.Conf.StatPeriodSeconds)
+	if err != nil {
+		return false
+	}
+	if p != m.Conf.StatPeriodSeconds {
+		return false
+	}
+	return true
+}
+func (h *WafHandler) GetSeries(m *metric.TcmMetric) ([]*metric.TcmSeries, error) {
+	if m.Conf.IsIncludeOnlyInstance() {
+		return h.GetSeriesByOnly(m)
+	}
+
+	if m.Conf.IsIncludeAllInstance() {
+		return h.GetSeriesByAll(m)
+	}
+
+	if m.Conf.IsCustomQueryDimensions() {
+		return h.GetSeriesByCustom(m)
+	}
+
+	return nil, fmt.Errorf("must config all_instances or only_include_instances or custom_query_dimensions")
+}
+
+func (h *WafHandler) GetSeriesByOnly(m *metric.TcmMetric) ([]*metric.TcmSeries, error) {
+	var slist []*metric.TcmSeries
+	for _, insId := range m.Conf.OnlyIncludeInstances {
+		ins, err := h.collector.InstanceRepo.Get(insId)
+		if err != nil {
+			level.Error(h.logger).Log("msg", "Instance not found", "id", insId)
+			continue
+		}
+		sl, err := h.getSeriesByMetricType(m, ins)
+		if err != nil {
+			level.Error(h.logger).Log("msg", "Create metric series fail",
+				"metric", m.Meta.MetricName, "instacne", ins.GetInstanceId())
+			continue
+		}
+		slist = append(slist, sl...)
+	}
+	return slist, nil
+}
+
+func (h *WafHandler) GetSeriesByAll(m *metric.TcmMetric) ([]*metric.TcmSeries, error) {
+	var slist []*metric.TcmSeries
+	insList, err := h.collector.InstanceRepo.ListByFilters(m.Conf.InstanceFilters)
+	if err != nil {
+		return nil, err
+	}
+	for _, ins := range insList {
+		if len(m.Conf.ExcludeInstances) != 0 && util.IsStrInList(m.Conf.ExcludeInstances, ins.GetInstanceId()) {
+			continue
+		}
+		sl, err := h.getSeriesByMetricType(m, ins)
+		if err != nil {
+			level.Error(h.logger).Log("msg", "Create metric series fail",
+				"metric", m.Meta.MetricName, "instacne", ins.GetInstanceId(), "error", err)
+			continue
+		}
+		slist = append(slist, sl...)
+	}
+	return slist, nil
+}
+
+func (h *WafHandler) GetSeriesByCustom(m *metric.TcmMetric) ([]*metric.TcmSeries, error) {
+	var slist []*metric.TcmSeries
+	for _, ql := range m.Conf.CustomQueryDimensions {
+		v, ok := ql[h.monitorQueryKey]
+		if !ok {
+			level.Error(h.logger).Log(
+				"msg", fmt.Sprintf("not found %s in queryDimensions", h.monitorQueryKey),
+				"ql", fmt.Sprintf("%v", ql))
+			continue
+		}
+		ins, err := h.collector.InstanceRepo.Get(v)
+		if err != nil {
+			level.Error(h.logger).Log("msg", "Instance not found", "err", err, "id", v)
+			continue
+		}
+
+		sl, err := h.getSeriesByMetricType(m, ins)
+		if err != nil {
+			level.Error(h.logger).Log("msg", "Create metric series fail",
+				"metric", m.Meta.MetricName, "instacne", ins.GetInstanceId())
+			continue
+		}
+		slist = append(slist, sl...)
+	}
+	return slist, nil
+}
+
+func (h *WafHandler) getSeriesByMetricType(m *metric.TcmMetric, ins instance.TcInstance) ([]*metric.TcmSeries, error) {
+	var dimensions []string
+	for _, v := range m.Meta.SupportDimensions {
+		dimensions = append(dimensions, v)
+	}
+
+	if util.IsStrInList(dimensions, "domain") {
+		return h.getClbWafSeries(m, ins)
+	} else {
+		return h.getSaasWafSeries(m, ins)
+	}
+}
+
+func (h *WafHandler) getClbWafSeries(m *metric.TcmMetric, ins instance.TcInstance) ([]*metric.TcmSeries, error) {
+	var series []*metric.TcmSeries
+	domain, err := ins.GetFieldValueByName("Domain")
+	edition, err := ins.GetFieldValueByName("Edition")
+	if err != nil {
+		level.Error(h.logger).Log("msg", "ClusterId not found")
+	}
+	ql := map[string]string{
+		"domain":  domain,
+		"edition": EditionMap[edition],
+	}
+	s, err := metric.NewTcmSeries(m, ql, ins)
+	if err != nil {
+		return nil, err
+	}
+	series = append(series, s)
+	return series, nil
+}
+
+func (h *WafHandler) getSaasWafSeries(m *metric.TcmMetric, ins instance.TcInstance) ([]*metric.TcmSeries, error) {
+	var series []*metric.TcmSeries
+	domain, err := ins.GetFieldValueByName("Domain")
+	edition, err := ins.GetFieldValueByName("Edition")
+	if err != nil {
+		level.Error(h.logger).Log("msg", "ClusterId not found")
+	}
+	ql := map[string]string{
+		"domain":  domain,
+		"edition": edition,
+	}
+	s, err := metric.NewTcmSeries(m, ql, ins)
+	if err != nil {
+		return nil, err
+	}
+	series = append(series, s)
+	return series, nil
+}
+func NewWafHandler(cred common.CredentialIface, c *TcProductCollector, logger log.Logger) (handler ProductHandler, err error) {
+	handler = &WafHandler{
+		baseProductHandler: baseProductHandler{
+			monitorQueryKey: WafInstanceidKey,
+			collector:       c,
+			logger:          logger,
+		},
+	}
+	return
+
+}
diff --git a/pkg/config/config.go b/pkg/config/config.go
index ae4c976..5dcf5a1 100644
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@@ -67,6 +67,8 @@ var (
 		"dcg":           "QCE/DCG",           // for dcg
 		"vbc":           "QCE/VBC",           // for vbc
 		"qaap":          "QCE/QAAP",          // for qaap
+		"lb_private":    "QCE/LB_PRIVATE",
+		"waf":           "QCE/WAF",
 	}
 
 	SupportStatisticsTypes = map[string]bool{
diff --git a/pkg/instance/instance_clb_private.go b/pkg/instance/instance_clb_private.go
new file mode 100644
index 0000000..c251a72
--- /dev/null
+++ b/pkg/instance/instance_clb_private.go
@@ -0,0 +1,44 @@
+package instance
+
+import (
+	"fmt"
+	"reflect"
+
+	sdk "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb/v20180317"
+)
+
+type ClbPrivateInstance struct {
+	baseTcInstance
+	meta *sdk.LoadBalancer
+}
+
+func (ins *ClbPrivateInstance) GetMonitorQueryKey() string {
+	if len(ins.meta.LoadBalancerVips) == 1 {
+		return *ins.meta.LoadBalancerVips[0]
+	} else if *ins.meta.AddressIPv6 != "" {
+		return *ins.meta.AddressIPv6
+	} else {
+		return ""
+	}
+}
+
+func (ins *ClbPrivateInstance) GetMeta() interface{} {
+	return ins.meta
+}
+
+func NewClbPrivateTcInstance(instanceId string, meta *sdk.LoadBalancer) (ins *ClbPrivateInstance, err error) {
+	if instanceId == "" {
+		return nil, fmt.Errorf("instanceId is empty ")
+	}
+	if meta == nil {
+		return nil, fmt.Errorf("meta is empty ")
+	}
+	ins = &ClbPrivateInstance{
+		baseTcInstance: baseTcInstance{
+			instanceId: instanceId,
+			value:      reflect.ValueOf(*meta),
+		},
+		meta: meta,
+	}
+	return
+}
diff --git a/pkg/instance/instance_waf.go b/pkg/instance/instance_waf.go
new file mode 100644
index 0000000..951374a
--- /dev/null
+++ b/pkg/instance/instance_waf.go
@@ -0,0 +1,34 @@
+package instance
+
+import (
+	"fmt"
+	"reflect"
+
+	sdk "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125"
+)
+
+type WafTcInstance struct {
+	baseTcInstance
+	meta *sdk.DomainInfo
+}
+
+func (ins *WafTcInstance) GetMeta() interface{} {
+	return ins.meta
+}
+
+func NewWafTcInstance(instanceId string, meta *sdk.DomainInfo) (ins *WafTcInstance, err error) {
+	if instanceId == "" {
+		return nil, fmt.Errorf("instanceId is empty ")
+	}
+	if meta == nil {
+		return nil, fmt.Errorf("meta is empty ")
+	}
+	ins = &WafTcInstance{
+		baseTcInstance: baseTcInstance{
+			instanceId: instanceId,
+			value:      reflect.ValueOf(*meta),
+		},
+		meta: meta,
+	}
+	return
+}
diff --git a/pkg/instance/repository_clb_private.go b/pkg/instance/repository_clb_private.go
new file mode 100644
index 0000000..cd75637
--- /dev/null
+++ b/pkg/instance/repository_clb_private.go
@@ -0,0 +1,115 @@
+package instance
+
+import (
+	"fmt"
+	"net"
+
+	"github.com/tencentyun/tencentcloud-exporter/pkg/common"
+
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
+	sdk "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb/v20180317"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/client"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/config"
+)
+
+func init() {
+	registerRepository("QCE/LB_PRIVATE", NewClbPrivateTcInstanceRepository)
+}
+
+var internal = "INTERNAL"
+
+type ClbPrivateTcInstanceRepository struct {
+	credential common.CredentialIface
+	client     *sdk.Client
+	logger     log.Logger
+}
+
+func (repo *ClbPrivateTcInstanceRepository) GetInstanceKey() string {
+	return "LoadBalancerVip"
+}
+
+func (repo *ClbPrivateTcInstanceRepository) Get(id string) (instance TcInstance, err error) {
+	req := sdk.NewDescribeLoadBalancersRequest()
+
+	ip := net.ParseIP(id)
+	if ip != nil {
+		ipstr := ip.String()
+		req.LoadBalancerVips = []*string{&ipstr}
+	} else {
+		req.LoadBalancerIds = []*string{&id}
+	}
+	req.LoadBalancerType = &internal
+	resp, err := repo.client.DescribeLoadBalancers(req)
+	if err != nil {
+		return
+	}
+
+	if len(resp.Response.LoadBalancerSet) == 0 {
+		return nil, fmt.Errorf("loadBalancer instance not found")
+	} else if len(resp.Response.LoadBalancerSet) > 1 {
+		return nil, fmt.Errorf("response instanceDetails size != 1")
+	}
+	meta := resp.Response.LoadBalancerSet[0]
+	instance, err = NewClbPrivateTcInstance(id, meta)
+	if err != nil {
+		return
+	}
+	return
+}
+
+func (repo *ClbPrivateTcInstanceRepository) ListByIds(id []string) (instances []TcInstance, err error) {
+	return
+}
+
+func (repo *ClbPrivateTcInstanceRepository) ListByFilters(filters map[string]string) (instances []TcInstance, err error) {
+	req := sdk.NewDescribeLoadBalancersRequest()
+	var offset int64 = 0
+	var limit int64 = 100
+	var total int64 = -1
+
+	req.Offset = &offset
+	req.Limit = &limit
+	req.LoadBalancerType = &internal
+
+getMoreInstances:
+	resp, err := repo.client.DescribeLoadBalancers(req)
+	if err != nil {
+		return
+	}
+	if total == -1 {
+		total = int64(*resp.Response.TotalCount)
+	}
+	for _, meta := range resp.Response.LoadBalancerSet {
+		ins, e := NewClbPrivateTcInstance(*meta.LoadBalancerId, meta)
+		if e != nil {
+			level.Error(repo.logger).Log("msg", "Create ClbPrivate instance fail", "id", *meta.LoadBalancerId)
+			continue
+		}
+		if (meta.LoadBalancerVips == nil || len(meta.LoadBalancerVips) == 0) && meta.AddressIPv6 == nil {
+			level.Warn(repo.logger).Log("msg", "ClbPrivate instance no include vip", "id", *meta.LoadBalancerId)
+			continue
+		}
+		instances = append(instances, ins)
+	}
+	offset += limit
+	if offset < total {
+		req.Offset = &offset
+		goto getMoreInstances
+	}
+
+	return
+}
+
+func NewClbPrivateTcInstanceRepository(cred common.CredentialIface, c *config.TencentConfig, logger log.Logger) (repo TcInstanceRepository, err error) {
+	cli, err := client.NewClbClient(cred, c)
+	if err != nil {
+		return
+	}
+	repo = &ClbPrivateTcInstanceRepository{
+		credential: cred,
+		client:     cli,
+		logger:     logger,
+	}
+	return
+}
diff --git a/pkg/instance/repository_cynosdb.go b/pkg/instance/repository_cynosdb.go
index eb50a44..24b753a 100644
--- a/pkg/instance/repository_cynosdb.go
+++ b/pkg/instance/repository_cynosdb.go
@@ -72,7 +72,6 @@ getMoreInstances:
 		total = int64(*resp.Response.TotalCount)
 	}
 	for _, meta := range resp.Response.InstanceSet {
-		level.Info(repo.logger).Log("InstanceSet", *meta.InstanceId)
 		ins, e := NewCynosdbTcInstance(*meta.InstanceId, meta)
 		if e != nil {
 			level.Error(repo.logger).Log("msg", "Create Cynosdb instance fail", "id", *meta.InstanceId)
diff --git a/pkg/instance/repository_waf.go b/pkg/instance/repository_waf.go
new file mode 100644
index 0000000..57d577c
--- /dev/null
+++ b/pkg/instance/repository_waf.go
@@ -0,0 +1,96 @@
+package instance
+
+import (
+	"fmt"
+
+	"github.com/go-kit/log"
+	"github.com/go-kit/log/level"
+	sdk "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/waf/v20180125"
+
+	"github.com/tencentyun/tencentcloud-exporter/pkg/client"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/common"
+	"github.com/tencentyun/tencentcloud-exporter/pkg/config"
+)
+
+func init() {
+	registerRepository("QCE/WAF", NewWafTcInstanceRepository)
+}
+
+type WafTcInstanceRepository struct {
+	client *sdk.Client
+	logger log.Logger
+}
+
+func (repo *WafTcInstanceRepository) GetInstanceKey() string {
+	return "InstanceId"
+}
+
+func (repo *WafTcInstanceRepository) Get(id string) (instance TcInstance, err error) {
+	req := sdk.NewDescribeDomainsRequest()
+	resp, err := repo.client.DescribeDomains(req)
+	if err != nil {
+		return
+	}
+	level.Info(repo.logger).Log("count", resp.Response.Total)
+	if len(resp.Response.Domains) != 1 {
+		return nil, fmt.Errorf("Response instanceDetails size != 1, id=%s ", id)
+	}
+	meta := resp.Response.Domains[0]
+	instance, err = NewWafTcInstance(id, meta)
+	if err != nil {
+		return
+	}
+	return
+}
+
+func (repo *WafTcInstanceRepository) ListByIds(id []string) (instances []TcInstance, err error) {
+	return
+}
+
+func (repo *WafTcInstanceRepository) ListByFilters(filters map[string]string) (instances []TcInstance, err error) {
+	req := sdk.NewDescribeDomainsRequest()
+	var offset uint64 = 1
+	var limit uint64 = 100
+	var total int64 = -1
+
+	req.Offset = &offset
+	req.Limit = &limit
+
+getMoreInstances:
+	resp, err := repo.client.DescribeDomains(req)
+	if err != nil {
+		return
+	}
+	if total == -1 {
+		total = int64(*resp.Response.Total)
+	}
+	level.Info(repo.logger).Log("count", resp.Response.Total)
+	level.Info(repo.logger).Log("RequestId", resp.Response.RequestId)
+	for _, meta := range resp.Response.Domains {
+		ins, e := NewWafTcInstance(*meta.InstanceId, meta)
+		if e != nil {
+			level.Error(repo.logger).Log("msg", "Create Waf instance fail", "id", *meta.InstanceId)
+			continue
+		}
+		instances = append(instances, ins)
+	}
+	offset += limit
+	if offset < uint64(total) {
+		req.Offset = &offset
+		goto getMoreInstances
+	}
+
+	return
+}
+
+func NewWafTcInstanceRepository(cred common.CredentialIface, c *config.TencentConfig, logger log.Logger) (repo TcInstanceRepository, err error) {
+	cli, err := client.NewWafClient(cred, c)
+	if err != nil {
+		return
+	}
+	repo = &WafTcInstanceRepository{
+		client: cli,
+		logger: logger,
+	}
+	return
+}

From 2a51a6ce7202155c2c3bb88839fa81ca7ac5cff1 Mon Sep 17 00:00:00 2001
From: zianazhao <zianazhao@tencent.com>
Date: Wed, 11 Jan 2023 18:51:07 +0800
Subject: [PATCH 2/5] support-waf

---
 pkg/instance/repository_waf.go | 9 +++------
 pkg/metric/repository.go       | 1 -
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/pkg/instance/repository_waf.go b/pkg/instance/repository_waf.go
index 57d577c..c380c50 100644
--- a/pkg/instance/repository_waf.go
+++ b/pkg/instance/repository_waf.go
@@ -31,7 +31,6 @@ func (repo *WafTcInstanceRepository) Get(id string) (instance TcInstance, err er
 	if err != nil {
 		return
 	}
-	level.Info(repo.logger).Log("count", resp.Response.Total)
 	if len(resp.Response.Domains) != 1 {
 		return nil, fmt.Errorf("Response instanceDetails size != 1, id=%s ", id)
 	}
@@ -64,18 +63,16 @@ getMoreInstances:
 	if total == -1 {
 		total = int64(*resp.Response.Total)
 	}
-	level.Info(repo.logger).Log("count", resp.Response.Total)
-	level.Info(repo.logger).Log("RequestId", resp.Response.RequestId)
 	for _, meta := range resp.Response.Domains {
-		ins, e := NewWafTcInstance(*meta.InstanceId, meta)
+		ins, e := NewWafTcInstance(*meta.Domain, meta)
 		if e != nil {
 			level.Error(repo.logger).Log("msg", "Create Waf instance fail", "id", *meta.InstanceId)
 			continue
 		}
 		instances = append(instances, ins)
 	}
-	offset += limit
-	if offset < uint64(total) {
+	offset++
+	if (offset-1)*limit < uint64(total) {
 		req.Offset = &offset
 		goto getMoreInstances
 	}
diff --git a/pkg/metric/repository.go b/pkg/metric/repository.go
index 052f3ee..d1f2d67 100644
--- a/pkg/metric/repository.go
+++ b/pkg/metric/repository.go
@@ -193,7 +193,6 @@ func (repo *TcmMetricRepositoryImpl) listSampleByBatch(
 	if err != nil {
 		return nil, err
 	}
-
 	for _, points := range response.Response.DataPoints {
 		samples, ql, e := repo.buildSamples(m, points)
 		if e != nil {

From 03efa7695324c68f84fc22ac22f442fd5b9c8337 Mon Sep 17 00:00:00 2001
From: zianazhao <zianazhao@tencent.com>
Date: Fri, 13 Jan 2023 11:40:44 +0800
Subject: [PATCH 3/5] support-waf

---
 pkg/collector/handler_clb_private.go |  2 +-
 pkg/instance/repository_waf.go       | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/pkg/collector/handler_clb_private.go b/pkg/collector/handler_clb_private.go
index ab60908..933a383 100644
--- a/pkg/collector/handler_clb_private.go
+++ b/pkg/collector/handler_clb_private.go
@@ -17,7 +17,7 @@ const (
 
 var (
 	ClbPrivateExcludeMetrics = []string{
-		// "ConnRatio", "OverloadCurConn", "SnatFail", // clb_snat_vip
+		"ConnRatio", "OverloadCurConn", "SnatFail", // clb_snat_vip
 		"PvvInpkg", "PvvOutpkg", "PvvConnum", "PvvIntraffic", "PvvNewConn", "PvvOuttraffic", // new_vpcid_proto_vip_vport
 		"VvIntraffic", "VvInpkg", "VvNewConn", "VvOutpkg", "VvOuttraffic", "VvConnum", // new_vip_vpcid
 	}
diff --git a/pkg/instance/repository_waf.go b/pkg/instance/repository_waf.go
index c380c50..86715a1 100644
--- a/pkg/instance/repository_waf.go
+++ b/pkg/instance/repository_waf.go
@@ -25,8 +25,21 @@ func (repo *WafTcInstanceRepository) GetInstanceKey() string {
 	return "InstanceId"
 }
 
+var domain = "Domain"
+var exactMatchTrue = true
+
 func (repo *WafTcInstanceRepository) Get(id string) (instance TcInstance, err error) {
 	req := sdk.NewDescribeDomainsRequest()
+	var offset uint64 = 1
+	var limit uint64 = 100
+
+	req.Offset = &offset
+	req.Limit = &limit
+	req.Filters = []*sdk.FiltersItemNew{{
+		Name:       &domain,
+		Values:     []*string{&id},
+		ExactMatch: &exactMatchTrue,
+	}}
 	resp, err := repo.client.DescribeDomains(req)
 	if err != nil {
 		return

From 9cbba234a9f7b34b782b583c5a93c7651574c576 Mon Sep 17 00:00:00 2001
From: zianazhao <zianazhao@tencent.com>
Date: Fri, 13 Jan 2023 11:49:54 +0800
Subject: [PATCH 4/5] waf-qcloud

---
 pkg/config/config.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/config/config.go b/pkg/config/config.go
index 5dcf5a1..28187c6 100644
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@@ -79,7 +79,7 @@ var (
 	}
 )
 
-var QcloudNamespace = []string{"COS", "CDN", "QAAP"}
+var QcloudNamespace = []string{"COS", "CDN", "QAAP", "WAF"}
 
 type TencentCredential struct {
 	AccessKey   string `yaml:"access_key"`

From 8b7e05f55032e5755d19ce5b61eefbed0e2f5d40 Mon Sep 17 00:00:00 2001
From: zianazhao <zianazhao@tencent.com>
Date: Mon, 16 Jan 2023 14:23:37 +0800
Subject: [PATCH 5/5] =?UTF-8?q?=E4=BF=9D=E6=8C=81=E4=B8=80=E8=87=B4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 pkg/client/client.go | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/pkg/client/client.go b/pkg/client/client.go
index 0db832c..39d26bb 100644
--- a/pkg/client/client.go
+++ b/pkg/client/client.go
@@ -1,6 +1,7 @@
 package client
 
 import (
+	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/regions"
 	"net/http"
 	"net/url"
 
@@ -10,6 +11,7 @@ import (
 	kafka "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ckafka/v20190819"
 	clb "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/clb/v20180317"
 	cmq "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cmq/v20190304"
+	apiCommon "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
 	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
 	cvm "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cvm/v20170312"
 	cynosdb "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cynosdb/v20190107"
@@ -306,6 +308,17 @@ func NewGAAPClient(cred common.CredentialIface, conf *config.TencentConfig) (*ga
 	return gaap.NewClient(cred, conf.Credential.Region, cpf)
 }
 
+func NewGAAPCommonClient(cred common.CredentialIface, conf *config.TencentConfig) *apiCommon.Client {
+	cpf := profile.NewClientProfile()
+	if conf.Credential.IsInternal == true {
+		cpf.HttpProfile.Endpoint = "gaap.internal.tencentcloudapi.com"
+	} else {
+		cpf.HttpProfile.Endpoint = "gaap.tencentcloudapi.com"
+	}
+	cpf.HttpProfile.ReqMethod = "POST"
+	return apiCommon.NewCommonClient(cred, regions.Guangzhou, cpf)
+}
+
 func NewWafClient(cred common.CredentialIface, conf *config.TencentConfig) (*waf.Client, error) {
 	cpf := profile.NewClientProfile()
 	if conf.Credential.IsInternal == true {