envoyproxy
Enriching the Prometheus metric labels emitted by Envoy from HCM/TcpProxy StatPrefix
Description:
Currently HCM ^1 StatPrefix ^3 can be
httporhttps, TcpProxy ^2 StatPrefix ^4 can betcp,passthroughorterminate. That maybe not enough for production usage.
Because it's common to deploy many listeners for different domains, even serve multiple domains by single listener in which domains are distinguished via FilterChainMatch.SNI ^5. If all listeners share the same StatPrefix, it's difficult to tell how many traffic does specified domain have received. Consider sample from Envoy's /stats/prometheus.
# TYPE envoy_listener_http_downstream_rq_completed counter
envoy_listener_http_downstream_rq_completed{envoy_http_conn_manager_prefix="https",envoy_listener_address="0.0.0.0_8080"} 0
envoy_listener_http_downstream_rq_completed{envoy_http_conn_manager_prefix="https",envoy_listener_address="0.0.0.0_8081"} 0
envoy_listener_http_downstream_rq_completed{envoy_http_conn_manager_prefix="https",envoy_listener_address="0.0.0.0_8082"} 0
envoy_listener_http_downstream_rq_completed{envoy_http_conn_manager_prefix="https",envoy_listener_address="0.0.0.0_8083"} 0
envoy_listener_http_downstream_rq_completed{envoy_http_conn_manager_prefix="http",envoy_listener_address="0.0.0.0_8084"} 1
envoy_listener_http_downstream_rq_completed{envoy_http_conn_manager_prefix="http",envoy_listener_address="0.0.0.0_8085"} 6
envoy_listener_http_downstream_rq_completed{envoy_http_conn_manager_prefix="http",envoy_listener_address="0.0.0.0_8086"} 0
envoy_listener_http_downstream_rq_completed{envoy_http_conn_manager_prefix="http",envoy_listener_address="0.0.0.0_8087"} 0
envoy_listener_http_downstream_rq_completed{envoy_http_conn_manager_prefix="https",envoy_listener_address="0.0.0.0_7021"} 0
envoy_listener_http_downstream_rq_completed{envoy_http_conn_manager_prefix="https",envoy_listener_address="0.0.0.0_8088"} 0
Relevant Links:
This issue has been automatically marked as stale because it has not had activity in the last 30 days.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@shuji-2019 would https://github.com/envoyproxy/gateway/issues/3318 solve this use case ?
@shuji-2019 would #3318 solve this use case ?
#3318 can't solve this use case.
To solve this use case, meaningful stat_prefix should be set for HCM ^1 or TCPProxy ^2. Like which hostname or port does the HCM or TCPProxy is serving for.
BTW, shuji-2019 is me and that account is abandoned.
-
For HTTP listeners on same port, will be translated to
default_filter_chain, each hostname to singleVirtualHostin sameHCM. It's not suitable to set all hostnames asstat_prefix, maybe just containhttpandport. -
For HTTPS listeners on same port, will be translated to
filter_chains, each listener to singleHCMwith SNI match own hostname (only one hostname).stat_prefixcan be set as hostname. -
For TCP listeners (only single TCP listener is allowed on single port), will be translated to
filter_chains, each listener to singleTCPProxywith no match.stat_prefixmaybe containtcpandport. -
For TLS listeners on same port, will be translated to
filter_chains, each listener to singleTCPProxywith SNI match own hostname (only one hostname).stat_prefixcan be set as hostname.
This issue has been automatically marked as stale because it has not had activity in the last 30 days.
This issue has been automatically marked as stale because it has not had activity in the last 30 days.
