[#1361] add root ca cert for telemetry configuration
Some checks failed
DCO action / DCO (pull_request) Successful in 1m29s
Tests and linters / Run gofumpt (pull_request) Successful in 1m39s
Tests and linters / Staticcheck (pull_request) Failing after 2m11s
Vulncheck / Vulncheck (pull_request) Successful in 2m13s
Pre-commit hooks / Pre-commit (pull_request) Successful in 2m24s
Tests and linters / gopls check (pull_request) Failing after 2m23s
Build / Build Components (pull_request) Successful in 2m39s
Tests and linters / Lint (pull_request) Successful in 3m25s
Tests and linters / Tests (pull_request) Successful in 4m10s
Tests and linters / Tests with -race (pull_request) Successful in 6m28s
Some checks failed
DCO action / DCO (pull_request) Successful in 1m29s
Tests and linters / Run gofumpt (pull_request) Successful in 1m39s
Tests and linters / Staticcheck (pull_request) Failing after 2m11s
Vulncheck / Vulncheck (pull_request) Successful in 2m13s
Pre-commit hooks / Pre-commit (pull_request) Successful in 2m24s
Tests and linters / gopls check (pull_request) Failing after 2m23s
Build / Build Components (pull_request) Successful in 2m39s
Tests and linters / Lint (pull_request) Successful in 3m25s
Tests and linters / Tests (pull_request) Successful in 4m10s
Tests and linters / Tests with -race (pull_request) Successful in 6m28s
Signed-off-by: Aleksey Savaitan <a.savaitan@yadro.com>
This commit is contained in:
parent
e3764c51df
commit
a883ac4a4c
11 changed files with 94 additions and 54 deletions
|
@ -44,6 +44,7 @@ func _client(ctx context.Context) (tree.TreeServiceClient, error) {
|
|||
const defaultClientConnectTimeout = time.Second * 2
|
||||
|
||||
ctx, cancel := context.WithTimeout(ctx, defaultClientConnectTimeout)
|
||||
//nolint staticcheck
|
||||
cc, err := grpc.DialContext(ctx, netAddr.URIAddr(), opts...)
|
||||
cancel()
|
||||
|
||||
|
|
|
@ -1278,7 +1278,6 @@ func (c *cfg) reloadConfig(ctx context.Context) {
|
|||
|
||||
// all the components are expected to support
|
||||
// Logger's dynamic reconfiguration approach
|
||||
var components []dCmp
|
||||
|
||||
// Logger
|
||||
|
||||
|
@ -1288,34 +1287,7 @@ func (c *cfg) reloadConfig(ctx context.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
components = append(components, dCmp{"logger", logPrm.Reload})
|
||||
components = append(components, dCmp{"runtime", func() error {
|
||||
setRuntimeParameters(c)
|
||||
return nil
|
||||
}})
|
||||
components = append(components, dCmp{"audit", func() error {
|
||||
c.audit.Store(audit.Enabled(c.appCfg))
|
||||
return nil
|
||||
}})
|
||||
components = append(components, dCmp{"pools", c.reloadPools})
|
||||
components = append(components, dCmp{"tracing", func() error {
|
||||
updated, err := tracing.Setup(ctx, *tracingconfig.ToTracingConfig(c.appCfg))
|
||||
if updated {
|
||||
c.log.Info(logs.FrostFSNodeTracingConfigationUpdated)
|
||||
}
|
||||
return err
|
||||
}})
|
||||
if cmp, updated := metricsComponent(c); updated {
|
||||
if cmp.enabled {
|
||||
cmp.preReload = enableMetricsSvc
|
||||
} else {
|
||||
cmp.preReload = disableMetricsSvc
|
||||
}
|
||||
components = append(components, dCmp{cmp.name, func() error { return cmp.reload(ctx) }})
|
||||
}
|
||||
if cmp, updated := pprofComponent(c); updated {
|
||||
components = append(components, dCmp{cmp.name, func() error { return cmp.reload(ctx) }})
|
||||
}
|
||||
components := c.getComponents(ctx, logPrm)
|
||||
|
||||
// Storage Engine
|
||||
|
||||
|
@ -1342,6 +1314,45 @@ func (c *cfg) reloadConfig(ctx context.Context) {
|
|||
c.log.Info(logs.FrostFSNodeConfigurationHasBeenReloadedSuccessfully)
|
||||
}
|
||||
|
||||
func (c *cfg) getComponents(ctx context.Context, logPrm *logger.Prm) []dCmp {
|
||||
var components []dCmp
|
||||
|
||||
components = append(components, dCmp{"logger", logPrm.Reload})
|
||||
components = append(components, dCmp{"runtime", func() error {
|
||||
setRuntimeParameters(c)
|
||||
return nil
|
||||
}})
|
||||
components = append(components, dCmp{"audit", func() error {
|
||||
c.audit.Store(audit.Enabled(c.appCfg))
|
||||
return nil
|
||||
}})
|
||||
components = append(components, dCmp{"pools", c.reloadPools})
|
||||
components = append(components, dCmp{"tracing", func() error {
|
||||
traceConfig, err := tracingconfig.ToTracingConfig(c.appCfg)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
updated, err := tracing.Setup(ctx, *traceConfig)
|
||||
if updated {
|
||||
c.log.Info(logs.FrostFSNodeTracingConfigationUpdated)
|
||||
}
|
||||
return err
|
||||
}})
|
||||
if cmp, updated := metricsComponent(c); updated {
|
||||
if cmp.enabled {
|
||||
cmp.preReload = enableMetricsSvc
|
||||
} else {
|
||||
cmp.preReload = disableMetricsSvc
|
||||
}
|
||||
components = append(components, dCmp{cmp.name, func() error { return cmp.reload(ctx) }})
|
||||
}
|
||||
if cmp, updated := pprofComponent(c); updated {
|
||||
components = append(components, dCmp{cmp.name, func() error { return cmp.reload(ctx) }})
|
||||
}
|
||||
|
||||
return components
|
||||
}
|
||||
|
||||
func (c *cfg) reloadPools() error {
|
||||
newSize := objectconfig.Put(c.appCfg).PoolSizeLocal()
|
||||
c.reloadPool(c.cfgObject.pool.putLocal, newSize, "object.put.local_pool_size")
|
||||
|
|
|
@ -1,6 +1,11 @@
|
|||
package tracing
|
||||
|
||||
import (
|
||||
"crypto/x509"
|
||||
"errors"
|
||||
"fmt"
|
||||
"os"
|
||||
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/cmd/frostfs-node/config"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-node/misc"
|
||||
"git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
|
||||
|
@ -11,8 +16,8 @@ const (
|
|||
)
|
||||
|
||||
// ToTracingConfig extracts tracing config.
|
||||
func ToTracingConfig(c *config.Config) *tracing.Config {
|
||||
return &tracing.Config{
|
||||
func ToTracingConfig(c *config.Config) (*tracing.Config, error) {
|
||||
conf := &tracing.Config{
|
||||
Enabled: config.BoolSafe(c.Sub(subsection), "enabled"),
|
||||
Exporter: tracing.Exporter(config.StringSafe(c.Sub(subsection), "exporter")),
|
||||
Endpoint: config.StringSafe(c.Sub(subsection), "endpoint"),
|
||||
|
@ -20,6 +25,20 @@ func ToTracingConfig(c *config.Config) *tracing.Config {
|
|||
InstanceID: getInstanceIDOrDefault(c),
|
||||
Version: misc.Version,
|
||||
}
|
||||
|
||||
if trustedCa := config.StringSafe(c.Sub(subsection), "trusted_ca"); trustedCa != "" {
|
||||
caBytes, err := os.ReadFile(trustedCa)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("cannot read trusted ca cert by path: %w", err)
|
||||
}
|
||||
certPool := x509.NewCertPool()
|
||||
ok := certPool.AppendCertsFromPEM(caBytes)
|
||||
if !ok {
|
||||
return nil, errors.New("can't fill cert pool by ca cert")
|
||||
}
|
||||
conf.ServerCaCertPool = certPool
|
||||
}
|
||||
return conf, nil
|
||||
}
|
||||
|
||||
func getInstanceIDOrDefault(c *config.Config) string {
|
||||
|
|
|
@ -11,11 +11,15 @@ import (
|
|||
)
|
||||
|
||||
func initTracing(ctx context.Context, c *cfg) {
|
||||
conf := tracingconfig.ToTracingConfig(c.appCfg)
|
||||
|
||||
_, err := tracing.Setup(ctx, *conf)
|
||||
conf, err := tracingconfig.ToTracingConfig(c.appCfg)
|
||||
if err != nil {
|
||||
c.log.Error(logs.FrostFSNodeFailedInitTracing, zap.Error(err))
|
||||
return
|
||||
}
|
||||
_, err = tracing.Setup(ctx, *conf)
|
||||
if err != nil {
|
||||
c.log.Error(logs.FrostFSNodeFailedInitTracing, zap.Error(err))
|
||||
return
|
||||
}
|
||||
|
||||
c.closers = append(c.closers, closer{
|
||||
|
|
|
@ -199,6 +199,7 @@ FROSTFS_STORAGE_SHARD_1_GC_REMOVER_SLEEP_INTERVAL=5m
|
|||
FROSTFS_TRACING_ENABLED=true
|
||||
FROSTFS_TRACING_ENDPOINT="localhost"
|
||||
FROSTFS_TRACING_EXPORTER="otlp_grpc"
|
||||
FROSTFS_TRACING_TRUSTED_CA=""
|
||||
|
||||
FROSTFS_RUNTIME_SOFT_MEMORY_LIMIT=1073741824
|
||||
|
||||
|
|
|
@ -255,7 +255,8 @@
|
|||
"tracing": {
|
||||
"enabled": true,
|
||||
"endpoint": "localhost:9090",
|
||||
"exporter": "otlp_grpc"
|
||||
"exporter": "otlp_grpc",
|
||||
"trusted_ca": "/etc/ssl/tracing.pem"
|
||||
},
|
||||
"runtime": {
|
||||
"soft_memory_limit": 1073741824
|
||||
|
|
|
@ -231,6 +231,7 @@ tracing:
|
|||
enabled: true
|
||||
exporter: "otlp_grpc"
|
||||
endpoint: "localhost"
|
||||
trusted_ca: ""
|
||||
|
||||
runtime:
|
||||
soft_memory_limit: 1gb
|
||||
|
|
38
go.mod
38
go.mod
|
@ -8,7 +8,7 @@ require (
|
|||
git.frostfs.info/TrueCloudLab/frostfs-contract v0.19.3-0.20240621131249-49e5270f673e
|
||||
git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0
|
||||
git.frostfs.info/TrueCloudLab/frostfs-locode-db v0.4.1-0.20240710074952-65761deb5c0d
|
||||
git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20231101111734-b3ad3335ff65
|
||||
git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20240909114314-666d326cc573
|
||||
git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20240903093628-8f751d9dd0ad
|
||||
git.frostfs.info/TrueCloudLab/hrw v1.2.1
|
||||
git.frostfs.info/TrueCloudLab/policy-engine v0.0.0-20240814080254-96225afacb88
|
||||
|
@ -40,15 +40,15 @@ require (
|
|||
github.com/ssgreg/journald v1.0.0
|
||||
github.com/stretchr/testify v1.9.0
|
||||
go.etcd.io/bbolt v1.3.10
|
||||
go.opentelemetry.io/otel v1.24.0
|
||||
go.opentelemetry.io/otel/trace v1.24.0
|
||||
go.opentelemetry.io/otel v1.28.0
|
||||
go.opentelemetry.io/otel/trace v1.28.0
|
||||
go.uber.org/zap v1.27.0
|
||||
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56
|
||||
golang.org/x/sync v0.7.0
|
||||
golang.org/x/sys v0.22.0
|
||||
golang.org/x/term v0.18.0
|
||||
google.golang.org/grpc v1.63.2
|
||||
google.golang.org/protobuf v1.33.0
|
||||
golang.org/x/term v0.21.0
|
||||
google.golang.org/grpc v1.64.0
|
||||
google.golang.org/protobuf v1.34.2
|
||||
gopkg.in/yaml.v3 v3.0.1
|
||||
)
|
||||
|
||||
|
@ -63,7 +63,7 @@ require (
|
|||
github.com/antlr4-go/antlr/v4 v4.13.0 // indirect
|
||||
github.com/beorn7/perks v1.0.1 // indirect
|
||||
github.com/bits-and-blooms/bitset v1.13.0 // indirect
|
||||
github.com/cenkalti/backoff/v4 v4.2.1 // indirect
|
||||
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
|
||||
github.com/cespare/xxhash/v2 v2.3.0 // indirect
|
||||
github.com/consensys/bavard v0.1.13 // indirect
|
||||
github.com/consensys/gnark-crypto v0.12.2-0.20231222162921-eb75782795d2 // indirect
|
||||
|
@ -73,13 +73,13 @@ require (
|
|||
github.com/fsnotify/fsnotify v1.7.0 // indirect
|
||||
github.com/gdamore/encoding v1.0.0 // indirect
|
||||
github.com/go-fed/httpsig v1.1.0 // indirect
|
||||
github.com/go-logr/logr v1.4.1 // indirect
|
||||
github.com/go-logr/logr v1.4.2 // indirect
|
||||
github.com/go-logr/stdr v1.2.2 // indirect
|
||||
github.com/golang/snappy v0.0.4 // indirect
|
||||
github.com/gorilla/websocket v1.5.1 // indirect
|
||||
github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.0.0 // indirect
|
||||
github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.0.1 // indirect
|
||||
github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0 // indirect
|
||||
github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect
|
||||
github.com/hashicorp/go-version v1.6.0 // indirect
|
||||
github.com/hashicorp/hcl v1.0.0 // indirect
|
||||
github.com/holiman/uint256 v1.2.4 // indirect
|
||||
|
@ -115,18 +115,18 @@ require (
|
|||
github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect
|
||||
github.com/twmb/murmur3 v1.1.8 // indirect
|
||||
github.com/urfave/cli v1.22.14 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.22.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.22.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.22.0 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.24.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk v1.22.0 // indirect
|
||||
go.opentelemetry.io/proto/otlp v1.1.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.28.0 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.28.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk v1.28.0 // indirect
|
||||
go.opentelemetry.io/proto/otlp v1.3.1 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
golang.org/x/crypto v0.21.0 // indirect
|
||||
golang.org/x/net v0.23.0 // indirect
|
||||
golang.org/x/crypto v0.24.0 // indirect
|
||||
golang.org/x/net v0.26.0 // indirect
|
||||
golang.org/x/text v0.16.0 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect
|
||||
gopkg.in/ini.v1 v1.67.0 // indirect
|
||||
lukechampine.com/blake3 v1.2.1 // indirect
|
||||
rsc.io/tmplfunc v0.0.3 // indirect
|
||||
|
|
BIN
go.sum
BIN
go.sum
Binary file not shown.
|
@ -104,6 +104,7 @@ func dialTreeService(ctx context.Context, netmapAddr string) (*grpc.ClientConn,
|
|||
}
|
||||
|
||||
ctx, cancel := context.WithTimeout(ctx, defaultClientConnectTimeout)
|
||||
//nolint staticcheck
|
||||
cc, err := grpc.DialContext(ctx, netAddr.URIAddr(), opts...)
|
||||
cancel()
|
||||
|
||||
|
|
|
@ -333,6 +333,7 @@ func (s *Service) synchronizeTree(ctx context.Context, cid cid.ID, from uint64,
|
|||
}
|
||||
|
||||
func (*Service) dialCtx(egCtx context.Context, a network.Address) (*grpc.ClientConn, error) {
|
||||
//nolint staticcheck
|
||||
return grpc.DialContext(egCtx, a.URIAddr(),
|
||||
grpc.WithChainUnaryInterceptor(
|
||||
metrics.NewUnaryClientInterceptor(),
|
||||
|
|
Loading…
Reference in a new issue