capsule-proxy icon indicating copy to clipboard operation
capsule-proxy copied to clipboard

Published 20 hours ago verified publisher icon projectcapsule

Filter requests for metrics

Open bsctl opened this issue 4 years ago • 5 comments

Investigate if the capsule-proxy can enforce the tenant label in a given PromQL query, in Prometheus API responses, and in Alert Manager API requests as prom-label-proxy does.

bsctl avatar Jan 07 '21 20:01 bsctl

@prometherion getting interest in this feature, we should prioritise it. Could you provide an impact analysis from architectural pov?

bsctl avatar May 20 '21 06:05 bsctl

I'm working on this, scouting some already existing projects to understand if we can plugin them or not.

prometherion avatar May 21 '21 05:05 prometherion

Plugging the prom-label-proxy handlers doesn't sound so smooth, at least from a DX perspective.

In fact, the end-users would be required to add always a label to their metrics, and this could be annoying: for Namespace filtering, we decided to go for kubectl get namespaces without the need to add -l capsule.clastix.io/teanant=oil and I think the same should apply also for metrics.

WDYT @bsctl ?

prometherion avatar May 21 '21 15:05 prometherion

@prometherion it makes sense

bsctl avatar May 21 '21 17:05 bsctl

Here a list of Prometheus endpoints that should be handled by the proxy:

  • [ ] Query endpoints
/api/v1/query
/api/v1/query_range
  • [ ] Metadata endpoints
/api/v1/series
/api/v1/labels
/api/v1/label/<name>/values
  • [ ] Rules endpoint
/api/v1/rules
  • [ ] Alerts endpoint
/api/v1/alerts
  • [ ] Silences endpoint
/api/v2/silences
  • [ ] Federate endpoint /federate

bsctl avatar May 29 '21 18:05 bsctl