diff --git a/configure b/configure index 600e4bffc..65639d057 100755 --- a/configure +++ b/configure @@ -22179,7 +22179,7 @@ then : printf "%s\n" "#define USE_METRICS /**/" >>confdefs.h -printf "%s\n" "#define UNBOUND_METRICS_PORT 9100" >>confdefs.h +printf "%s\n" "#define UNBOUND_METRICS_PORT 9101" >>confdefs.h else $as_nop diff --git a/configure.ac b/configure.ac index 281c64cce..9de27dcdc 100644 --- a/configure.ac +++ b/configure.ac @@ -1502,7 +1502,7 @@ large outgoing port ranges. ]) # only enabled when the required version is found and used AC_CHECK_FUNCS([evhttp_free], [ AC_DEFINE_UNQUOTED([USE_METRICS], [], [Define this to expose Unbound statistics via a prometheus metrics HTTP endpoint.]) - AC_DEFINE_UNQUOTED([UNBOUND_METRICS_PORT], [9100], [Define the default metrics HTTP endpoint port.]) + AC_DEFINE_UNQUOTED([UNBOUND_METRICS_PORT], [9101], [Define the default metrics HTTP endpoint port.]) ], [ AC_MSG_NOTICE([disabling prometheus metrics]) ]) diff --git a/daemon/daemon.c b/daemon/daemon.c index 72cd0dc82..e6dc328d0 100644 --- a/daemon/daemon.c +++ b/daemon/daemon.c @@ -69,6 +69,7 @@ #include "daemon/daemon.h" #include "daemon/worker.h" #include "daemon/remote.h" +#include "daemon/metrics.h" #include "daemon/acl_list.h" #include "util/log.h" #include "util/config_file.h" @@ -301,10 +302,25 @@ daemon_init(void) if(gettimeofday(&daemon->time_boot, NULL) < 0) log_err("gettimeofday: %s", strerror(errno)); daemon->time_last_stat = daemon->time_boot; +#ifdef USE_METRICS + if(!(daemon->metrics = daemon_metrics_create())) { + acl_list_delete(daemon->acl_interface); + acl_list_delete(daemon->acl); + tcl_list_delete(daemon->tcl); + edns_known_options_delete(daemon->env); + free(daemon->env); + free(daemon); + return NULL; + } + daemon->metrics_port = -1; +#endif /* USE_METRICS */ if((daemon->env->auth_zones = auth_zones_create()) == 0) { acl_list_delete(daemon->acl_interface); acl_list_delete(daemon->acl); tcl_list_delete(daemon->tcl); +#ifdef USE_METRICS + daemon_metrics_delete(daemon->metrics); +#endif edns_known_options_delete(daemon->env); free(daemon->env); free(daemon); @@ -315,6 +331,9 @@ daemon_init(void) acl_list_delete(daemon->acl_interface); acl_list_delete(daemon->acl); tcl_list_delete(daemon->tcl); +#ifdef USE_METRICS + daemon_metrics_delete(daemon->metrics); +#endif edns_known_options_delete(daemon->env); free(daemon->env); free(daemon); @@ -440,6 +459,19 @@ daemon_open_shared_ports(struct daemon* daemon) return 0; daemon->rc_port = daemon->cfg->control_port; } +#ifdef USE_METRICS + if(!daemon->cfg->metrics_enable && daemon->metrics_port != -1) { + daemon_metrics_close_ports(daemon->metrics); + daemon->metrics_port = -1; + } + if(daemon->cfg->metrics_enable && + daemon->cfg->metrics_port != daemon->metrics_port) { + daemon_metrics_close_ports(daemon->metrics); + if(!daemon_metrics_open_ports(daemon->metrics, daemon->cfg)) + return 0; + daemon->metrics_port = daemon->cfg->metrics_port; + } +#endif /* USE_METRICS */ return 1; } @@ -918,6 +950,9 @@ daemon_cleanup(struct daemon* daemon) auth_zones_cleanup(daemon->env->auth_zones); /* key cache is cleared by module deinit during next daemon_fork() */ daemon_remote_clear(daemon->rc); +#ifdef USE_METRICS + daemon_metrics_detach(daemon->metrics); +#endif if(daemon->fast_reload_thread) fast_reload_thread_stop(daemon->fast_reload_thread); if(daemon->fast_reload_printq_list) @@ -960,6 +995,9 @@ daemon_delete(struct daemon* daemon) modstack_call_destartup(&daemon->mods, daemon->env); modstack_free(&daemon->mods); daemon_remote_delete(daemon->rc); +#ifdef USE_METRICS + daemon_metrics_delete(daemon->metrics); +#endif for(i = 0; i < daemon->num_ports; i++) listening_ports_free(daemon->ports[i]); free(daemon->ports); diff --git a/daemon/daemon.h b/daemon/daemon.h index 2295761ab..fa5673063 100644 --- a/daemon/daemon.h +++ b/daemon/daemon.h @@ -56,6 +56,7 @@ struct local_zones; struct views; struct ub_randstate; struct daemon_remote; +struct daemon_metrics; struct respip_set; struct shm_main_info; struct doq_table; @@ -99,6 +100,10 @@ struct daemon { struct listen_port* rc_ports; /** remote control connections management (for first worker) */ struct daemon_remote* rc; + /** port number for metrics that has ports opened. */ + int metrics_port; + /** metrics endpoint connections management (for first worker) */ + struct daemon_metrics* metrics; /** ssl context for listening to dnstcp over ssl */ void* listen_dot_sslctx; /** ssl context for connecting to dnstcp over ssl */ diff --git a/daemon/metrics.c b/daemon/metrics.c index 828e2ddd2..90500330a 100644 --- a/daemon/metrics.c +++ b/daemon/metrics.c @@ -1,5 +1,5 @@ /* - * daemon/metrics.c - prometheus metrics output. + * daemon/metrics.c - prometheus metrics endpoint. * * Copyright (c) 2026, NLnet Labs. All rights reserved. * @@ -40,7 +40,438 @@ */ #include "config.h" #include "daemon/metrics.h" +#include "daemon/daemon.h" +#include "daemon/worker.h" +#include "daemon/stats.h" +#include "util/config_file.h" +#include "util/net_help.h" +#include "util/ub_event.h" +#include "util/timeval_func.h" +#include "services/listen_dnsport.h" +/* If there is no metrics enabled, do not add the code. */ #ifdef USE_METRICS +#ifdef HAVE_SYS_TYPES_H +# include +#endif +#ifdef HAVE_SYS_STAT_H +#include +#endif +#include +#include +#include +/** + * list of connection accepting file descriptors + */ +struct metrics_acceptlist { + struct metrics_acceptlist* next; + int accept_fd; + char* ident; + struct daemon_metrics* metrics; +}; + +/** + * The metrics daemon state. + */ +struct daemon_metrics { + /** The worker for this metrics endpoint */ + struct worker* worker; + /** commpoints for accepting HTTP connections */ + struct metrics_acceptlist* accept_list; + /** libevent http server */ + struct evhttp *http_server; +}; + +/** The callback that handles a metrics http request. */ +static void metrics_http_callback(struct evhttp_request *req, void *p); + +struct daemon_metrics* +daemon_metrics_create(void) +{ + struct daemon_metrics* metrics = (struct daemon_metrics*)calloc( + sizeof(*metrics), 1); + if(!metrics) { + log_err("out of memory"); + return NULL; + } + return metrics; +} + +void +daemon_metrics_delete(struct daemon_metrics* metrics) +{ + if(!metrics) return; + daemon_metrics_detach(metrics); + daemon_metrics_close_ports(metrics); + free(metrics); +} + +void +daemon_metrics_close_ports(struct daemon_metrics* metrics) +{ + struct metrics_acceptlist *h, *nh; + if(!metrics) return; + + /* close listen sockets */ + h = metrics->accept_list; + while(h) { + nh = h->next; + close(h->accept_fd); + free(h->ident); + free(h); + h = nh; + } + metrics->accept_list = NULL; +} + +void +daemon_metrics_detach(struct daemon_metrics* metrics) +{ + if(!metrics) return; + if (metrics->http_server) { + evhttp_free(metrics->http_server); + metrics->http_server = NULL; + } +} + +/** + * Add and open a new metrics port + * @param metrics: metrics with result list. + * @param cfg: config options. + * @param ip: ip str + * @param nr: port nr + * @param noproto_is_err: if lack of protocol support is an error. + * @return false on failure. + */ +static int +metrics_add_open(struct daemon_metrics* metrics, struct config_file* cfg, + const char* ip, int nr, int noproto_is_err) +{ + struct addrinfo hints; + struct addrinfo* res; + struct metrics_acceptlist* hl; + int noproto = 0; + int fd, r; + char port[15]; + snprintf(port, sizeof(port), "%d", nr); + port[sizeof(port)-1]=0; + memset(&hints, 0, sizeof(hints)); + assert(ip); + + if(ip[0] == '/') { + /* This looks like a local socket */ + fd = create_local_accept_sock(ip, &noproto, cfg->use_systemd); + /* + * Change socket ownership and permissions so users other + * than root can access it provided they are in the same + * group as the user we run as. + */ + if(fd != -1) { +#ifdef HAVE_CHOWN + if(chmod(ip, (mode_t)(S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) == -1) { + verbose(VERB_QUERY, "cannot chmod metrics socket %s: %s", ip, strerror(errno)); + } + if (cfg->username && cfg->username[0] && + cfg_uid != (uid_t)-1) { + if(chown(ip, cfg_uid, cfg_gid) == -1) + verbose(VERB_QUERY, "cannot chown metrics socket %u.%u %s: %s", + (unsigned)cfg_uid, (unsigned)cfg_gid, + ip, strerror(errno)); + } +#else + (void)cfg; +#endif + } + } else { + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; + /* if we had no interface ip name, "default" is what we + * would do getaddrinfo for. */ + if((r = getaddrinfo(ip, port, &hints, &res)) != 0 || !res) { +#ifdef USE_WINSOCK + if(!noproto_is_err && r == EAI_NONAME) { + /* tried to lookup the address as name */ + return 1; /* return success, but do nothing */ + } +#endif /* USE_WINSOCK */ + log_err("metrics interface %s:%s getaddrinfo: %s %s", + ip, port, gai_strerror(r), +#ifdef EAI_SYSTEM + r==EAI_SYSTEM?(char*)strerror(errno):"" +#else + "" +#endif + ); + return 0; + } + + /* open fd */ + fd = create_tcp_accept_sock(res, 1, &noproto, 0, + cfg->ip_transparent, 0, 0, cfg->ip_freebind, + cfg->use_systemd, cfg->ip_dscp, "metrics"); + freeaddrinfo(res); + } + + if(fd == -1 && noproto) { + if(!noproto_is_err) + return 1; /* return success, but do nothing */ + log_err("cannot open metrics interface %s %d : " + "protocol not supported", ip, nr); + return 0; + } + if(fd == -1) { + log_err("cannot open metrics interface %s %d", ip, nr); + return 0; + } + + /* alloc */ + hl = (struct metrics_acceptlist*)calloc(1, sizeof(*hl)); + if(!hl) { + sock_close(fd); + log_err("out of memory"); + return 0; + } + hl->metrics = metrics; + hl->ident = strdup(ip); + if(!hl->ident) { + log_err("out of memory"); + sock_close(fd); + free(hl); + return 0; + } + hl->next = metrics->accept_list; + metrics->accept_list = hl; + + hl->accept_fd = fd; + return 1; +} + +int +daemon_metrics_open_ports(struct daemon_metrics* metrics, + struct config_file* cfg) +{ + assert(cfg->metrics_enable); + if(cfg->metrics_ifs.first) { + struct config_strlist* p; + for(p = cfg->metrics_ifs.first; p; p = p->next) { + if(!metrics_add_open(metrics, cfg, p->str, + cfg->metrics_port, 1)) { + return 0; + } + } + } else { + /* defaults */ + if(cfg->do_ip6 && !metrics_add_open(metrics, cfg, "::1", + cfg->metrics_port, 0)) { + return 0; + } + if(cfg->do_ip4 && + !metrics_add_open(metrics, cfg, "127.0.0.1", + cfg->metrics_port, 1)) { + return 0; + } + } + return 1; +} + +int +daemon_metrics_attach(struct daemon_metrics* metrics, struct worker* worker) +{ + int fd; + struct metrics_acceptlist* p; + if(!metrics) return 1; + metrics->worker = worker; + + metrics->http_server = evhttp_new(ub_libevent_get_event_base( + comm_base_internal(worker->base))); + if(!metrics->http_server) { + log_err("out of memory, evhttp_new failed"); + return 0; + } + for(p = metrics->accept_list; p; p = p->next) { + fd = p->accept_fd; + if (evhttp_accept_socket(metrics->http_server, fd)) { + log_err("metrics: cannot set http server to accept socket"); + return 0; + } + + /* only handle requests to metrics_path, anything else returns 404 */ + evhttp_set_cb(metrics->http_server, + worker->daemon->cfg->metrics_path, + metrics_http_callback, p); + /* evhttp_set_gencb(metrics->http_server, metrics_http_callback_generic, p); */ + } + return 1; +} + +/* Add help and type printout of a metric. */ +static void +print_metric_help_and_type(struct evbuffer *buf, char *prefix, char *name, + char *help, char *type) +{ + evbuffer_add_printf(buf, "# HELP %s%s %s\n# TYPE %s%s %s\n", + prefix, name, help, prefix, name, type); +} + +/* metrics print of stat block */ +static int +metrics_print_stats(struct evbuffer* reply, const char* nm, + struct ub_stats_info* s) +{ + (void)reply; + (void)nm; + (void)s; + return 1; +} + +/* metrics print of thread stats */ +static int +metrics_print_thread_stats(struct evbuffer* reply, int i, + struct ub_stats_info* s) +{ + (void)reply; + (void)i; + (void)s; + return 1; +} + +/* metrics print of uptime stats */ +static int +metrics_print_uptime(struct evbuffer* reply, struct worker* worker, + struct timeval* stattime) +{ + char* prefix = "unbound_"; + struct timeval up, dt; + timeval_subtract(&up, stattime, &worker->daemon->time_boot); + timeval_subtract(&dt, stattime, &worker->daemon->time_last_stat); + + print_metric_help_and_type(reply, prefix, "time_now_seconds", + "Time of the statistics printout, in seconds.", "untyped"); + evbuffer_add_printf(reply, "%stime_now_seconds " ARG_LL "d.%6.6u\n", + prefix, (long long)stattime->tv_sec, + (unsigned)stattime->tv_usec); + + print_metric_help_and_type(reply, prefix, "time_up_seconds_total", + "Uptime since server boot in seconds.", "counter"); + evbuffer_add_printf(reply, + "%stime_up_seconds_total " ARG_LL "d.%6.6u\n", + prefix, (long long)up.tv_sec, (unsigned)up.tv_usec); + + print_metric_help_and_type(reply, prefix, "time_elapsed_seconds", + "Time since last statistics printout and " + "reset (by unbound-control stats) in seconds.", + "untyped"); + evbuffer_add_printf(reply, + "%stime_elapsed_seconds " ARG_LL "d.%6.6u\n", + prefix, (long long)dt.tv_sec, (unsigned)dt.tv_usec); + return 1; +} + +/* metrics print of mem stats */ +static int +metrics_print_mem(struct evbuffer* reply, struct worker* worker, + struct daemon* daemon, struct ub_stats_info* s) +{ + (void)reply; + (void)worker; + (void)daemon; + (void)s; + return 1; +} + +/* metrics print of histogram */ +static int +metrics_print_hist(struct evbuffer* reply, struct ub_stats_info* s) +{ + (void)reply; + (void)s; + return 1; +} + +/* metrics print of extended stats */ +static int +metrics_print_ext(struct evbuffer* reply, struct ub_stats_info* s, + int inhibit_zero) +{ + (void)reply; + (void)s; + (void)inhibit_zero; + return 1; +} + +/* process statistics */ +static void +do_metrics_stats(struct evbuffer* reply, struct worker* worker, int reset) +{ + struct daemon* daemon = worker->daemon; + struct ub_stats_info total; + struct ub_stats_info s; + int i; + struct timeval stattime; + if(gettimeofday(&stattime, NULL) < 0) + log_err("gettimeofday: %s", strerror(errno)); + + memset(&total, 0, sizeof(total)); + log_assert(daemon->num > 0); + /* gather all thread statistics in one place */ + for(i=0; inum; i++) { + server_stats_obtain(worker, daemon->workers[i], &s, reset); + if(!metrics_print_thread_stats(reply, i, &s)) + return; + if(i == 0) + total = s; + else server_stats_add(&total, &s); + } + /* print the thread statistics */ + total.mesh_time_median /= (double)daemon->num; + if(!metrics_print_stats(reply, "total", &total)) + return; + if(!metrics_print_uptime(reply, worker, &stattime)) + return; + if(daemon->cfg->stat_extended) { + if(!metrics_print_mem(reply, worker, daemon, &total)) + return; + if(!metrics_print_hist(reply, &total)) + return; + if(!metrics_print_ext(reply, &total, + daemon->cfg->stat_inhibit_zero)) + return; + } + + if(reset) { + worker->daemon->time_last_stat = stattime; + worker_stats_clear(worker); + } +} + +/* Callback for handling the active http request to the specific URI */ +static void +metrics_http_callback(struct evhttp_request *req, void *p) +{ + struct evbuffer *reply = NULL; + struct daemon_metrics *metrics = ((struct metrics_acceptlist *)p)->metrics; + + /* currently only GET requests are supported/allowed */ + enum evhttp_cmd_type cmd = evhttp_request_get_command(req); + if (cmd != EVHTTP_REQ_GET /* && cmd != EVHTTP_REQ_HEAD */) { + evhttp_send_error(req, HTTP_BADMETHOD, 0); + return; + } + + reply = evbuffer_new(); + + if (!reply) { + evhttp_send_error(req, HTTP_INTERNAL, 0); + log_err("metrics: failed to allocate reply buffer\n"); + return; + } + + evhttp_add_header(evhttp_request_get_output_headers(req), + "Content-Type", "text/plain; version=0.0.4"); + do_metrics_stats(reply, metrics->worker, 0); + evhttp_send_reply(req, HTTP_OK, NULL, reply); + verbose(VERB_DETAIL, "metrics operation completed, response sent"); + evbuffer_free(reply); +} #endif /* USE_METRICS */ diff --git a/daemon/metrics.h b/daemon/metrics.h index ee7682ada..e4964638a 100644 --- a/daemon/metrics.h +++ b/daemon/metrics.h @@ -1,5 +1,5 @@ /* - * daemon/metrics.h - prometheus metrics output. + * daemon/metrics.h - prometheus metrics endpoint. * * Copyright (c) 2026, NLnet Labs. All rights reserved. * @@ -41,5 +41,57 @@ #ifndef DAEMON_METRICS_H #define DAEMON_METRICS_H +struct daemon_metrics; +struct config_file; +struct worker; + +/* the metrics daemon needs little backlog */ +#define TCP_BACKLOG_METRICS 16 /* listen() tcp backlog */ + +/** + * Create new metrics endpoint for the daemon. + * Does not open the ports, for that call the open ports routine, and + * later the attach routine on the worker event base. + * @return new state, or NULL on failure. + */ +struct daemon_metrics* daemon_metrics_create(void); + +/** + * Delete metrics daemon and close HTTP listeners. + * @param m: daemon to delete. + */ +void daemon_metrics_delete(struct daemon_metrics* m); + +/** + * Close metrics HTTP listener ports. + * Does not delete the object itself. + * @param m: state to close. + */ +void daemon_metrics_close_ports(struct daemon_metrics* m); + +/** + * Detach the metrics listener from the event base. + * Does not delete the object itself. + * @param m: state to detach. + */ +void daemon_metrics_detach(struct daemon_metrics* m); + +/** + * Open and create HTTP listeners for metrics daemon. + * @param m: metrics state that contains list of accept sockets. + * @param cfg: config options. + * @return false on failure. + */ +int daemon_metrics_open_ports(struct daemon_metrics* m, + struct config_file* cfg); + +/** + * Setup HTTP listener. + * @param m: state + * @param worker: The worker thread that hosts the endpoint. + * The HTTP listener is attached to its event base. + * @return false on failure. + */ +int daemon_metrics_attach(struct daemon_metrics* m, struct worker* worker); #endif /* DAEMON_METRICS_H */ diff --git a/daemon/remote.c b/daemon/remote.c index 00e7dd21d..7349073e8 100644 --- a/daemon/remote.c +++ b/daemon/remote.c @@ -4943,6 +4943,12 @@ fr_check_compat_cfg(struct fast_reload_thread* fr, struct config_file* newcfg) FR_CHECK_CHANGED_CFG_STRLIST("tls-additional-port", tls_additional_port, changed_str); FR_CHECK_CHANGED_CFG_STR("interface-automatic-ports", if_automatic_ports, changed_str); FR_CHECK_CHANGED_CFG("udp-upstream-without-downstream", udp_upstream_without_downstream, changed_str); +#ifdef USE_METRICS + FR_CHECK_CHANGED_CFG("metrics-enable", metrics_enable, changed_str); + FR_CHECK_CHANGED_CFG("metrics-port", metrics_port, changed_str); + FR_CHECK_CHANGED_CFG_STR("metrics-path", metrics_path, changed_str); + FR_CHECK_CHANGED_CFG_STRLIST("metrics-interface", metrics_ifs.first, changed_str); +#endif if(changed_str[0] != 0) { /* The new config changes some items that do not work with @@ -5257,6 +5263,10 @@ config_file_getmem(struct config_file* cfg) m += getmem_str(cfg->dnstap_tls_client_cert_file); m += getmem_str(cfg->dnstap_identity); m += getmem_str(cfg->dnstap_version); +#ifdef USE_METRICS + m += getmem_config_strlist(cfg->metrics_ifs.first); + m += getmem_str(cfg->metrics_path); +#endif m += getmem_config_str2list(cfg->ratelimit_for_domain); m += getmem_config_str2list(cfg->ratelimit_below_domain); m += getmem_config_str2list(cfg->edns_client_strings); @@ -6104,6 +6114,13 @@ fr_atomic_copy_cfg(struct config_file* oldcfg, struct config_file* cfg, COPY_VAR_int(dnstap_log_forwarder_query_messages); COPY_VAR_int(dnstap_log_forwarder_response_messages); COPY_VAR_int(disable_dnssec_lame_check); +#ifdef USE_METRICS + COPY_VAR_int(metrics_enable); + COPY_VAR_ptr(metrics_ifs.first); + COPY_VAR_ptr(metrics_ifs.last); + COPY_VAR_int(metrics_port); + COPY_VAR_ptr(metrics_path); +#endif COPY_VAR_int(ip_ratelimit); COPY_VAR_int(ip_ratelimit_cookie); COPY_VAR_size_t(ip_ratelimit_slabs); diff --git a/daemon/worker.c b/daemon/worker.c index 71b90df49..ab055c13b 100644 --- a/daemon/worker.c +++ b/daemon/worker.c @@ -46,6 +46,7 @@ #include "daemon/worker.h" #include "daemon/daemon.h" #include "daemon/remote.h" +#include "daemon/metrics.h" #include "daemon/acl_list.h" #include "util/netevent.h" #include "util/config_file.h" @@ -2249,6 +2250,12 @@ worker_init(struct worker* worker, struct config_file *cfg, worker_delete(worker); return 0; } +#ifdef USE_METRICS + if(!daemon_metrics_attach(worker->daemon->metrics, worker)) { + worker_delete(worker); + return 0; + } +#endif /* USE METRICS */ #ifdef UB_ON_WINDOWS wsvc_setup_worker(worker); #endif /* UB_ON_WINDOWS */ diff --git a/testdata/prometheus_metrics.tdir/prometheus_metrics.conf b/testdata/prometheus_metrics.tdir/prometheus_metrics.conf new file mode 100644 index 000000000..04806537b --- /dev/null +++ b/testdata/prometheus_metrics.tdir/prometheus_metrics.conf @@ -0,0 +1,32 @@ +server: + verbosity: 5 + num-threads: 1 + interface: 127.0.0.1@@PORT@ + use-syslog: no + directory: "" + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + + metrics-enable: yes + metrics-path: "/metrics" + metrics-interface: 127.0.0.1 + metrics-port: @METRICSPORT@ + + statistics-cumulative: no + extended-statistics: yes + statistics-inhibit-zero: yes + + local-data: "www.example.com. IN A 192.0.2.10" + local-data: 'a.example.com. IN TXT "abcdef text"' + +remote-control: + control-enable: yes + control-interface: 127.0.0.1 + # control-interface: ::1 + control-port: @CONTROL_PORT@ + server-key-file: "unbound_server.key" + server-cert-file: "unbound_server.pem" + control-key-file: "unbound_control.key" + control-cert-file: "unbound_control.pem" diff --git a/testdata/prometheus_metrics.tdir/prometheus_metrics.dsc b/testdata/prometheus_metrics.tdir/prometheus_metrics.dsc new file mode 100644 index 000000000..81525dab8 --- /dev/null +++ b/testdata/prometheus_metrics.tdir/prometheus_metrics.dsc @@ -0,0 +1,16 @@ +BaseName: prometheus_metrics +Version: 1.0 +Description: Test prometheus metrics +CreationDate: Fri 30 Jan 13:22:03 CET 2026 +Maintainer: dr. Wouter Wijngaards +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: prometheus_metrics.pre +Post: prometheus_metrics.post +Test: prometheus_metrics.test +AuxFiles: prometheus_metrics.conf, prometheus_metrics.zone +Passed: +Failure: diff --git a/testdata/prometheus_metrics.tdir/prometheus_metrics.post b/testdata/prometheus_metrics.tdir/prometheus_metrics.post new file mode 100644 index 000000000..88c6582d3 --- /dev/null +++ b/testdata/prometheus_metrics.tdir/prometheus_metrics.post @@ -0,0 +1,11 @@ +# #-- prometheus_metrics.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +kill_pid $UNBOUND_PID +cat unbound.log +exit 0 diff --git a/testdata/prometheus_metrics.tdir/prometheus_metrics.pre b/testdata/prometheus_metrics.tdir/prometheus_metrics.pre new file mode 100644 index 000000000..48285777b --- /dev/null +++ b/testdata/prometheus_metrics.tdir/prometheus_metrics.pre @@ -0,0 +1,33 @@ +# #-- prometheus_metrics.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +PRE="../.." +if grep "define USE_METRICS" $PRE/config.h; then echo test enabled; else skip_test "test skipped"; fi +# Is curl available +if test -f "$(which curl 2>&1)"; then + echo "curl available, do test" +else + skip_test "curl not available, skip test" +fi + +get_random_port 3 +UNBOUND_PORT=$RND_PORT +CONTROL_PORT=$(($RND_PORT + 1)) +METRICS_PORT=$(($RND_PORT + 2)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test +echo "METRICS_PORT=$METRICS_PORT" >> .tpkg.var.test + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@METRICSPORT\@/'$METRICS_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < prometheus_metrics.conf > ub.conf +# start unbound in the background +$PRE/unbound -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_unbound_up unbound.log diff --git a/testdata/prometheus_metrics.tdir/prometheus_metrics.test b/testdata/prometheus_metrics.tdir/prometheus_metrics.test new file mode 100644 index 000000000..a88c6ef03 --- /dev/null +++ b/testdata/prometheus_metrics.tdir/prometheus_metrics.test @@ -0,0 +1,105 @@ +# #-- prometheus_metrics.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +PRE="../.." + +NUM_A_QUERIES=5 +NUM_TXT_QUERIES=3 + +# query server a few times +for i in $(seq 1 $NUM_A_QUERIES); do + dig @127.0.0.1 -p "$UNBOUND_PORT" www.example.com. A IN | tee out2 + if grep "192.0.2.10" out2; then + echo "OK" + else + echo "data not present" + exit 1 + fi +done + +for i in $(seq 1 $NUM_TXT_QUERIES); do + dig @127.0.0.1 -p "$UNBOUND_PORT" a.example.com. TXT IN | tee out2 + if grep "abcdef text" out2; then + echo "OK" + else + echo "data not present" + exit 1 + fi +done + +# check metrics +if ! curl -Ssi "http://127.0.0.1:$METRICS_PORT/metrics" -o metrics.out; then + echo "FAIL" + exit 1 +fi + +echo ">> metrics output" +cat metrics.out + +echo ">> unbound-control stats" +$PRE/unbound-control -c ub.conf stats | tee stats + +echo "done for now" +exit 0 + +# more tests +if grep -Fx "unbound_queries_total{server=\"0\"} $((NUM_TXT_QUERIES+NUM_A_QUERIES))" metrics.out; then + echo "OK" +else + echo "FAIL" + exit 1 +fi + +if grep -Fx "unbound_queries_by_type_total{type=\"TXT\"} $NUM_TXT_QUERIES" metrics.out; then + echo "OK" +else + echo "FAIL" + exit 1 +fi + +if grep -Fx "unbound_queries_by_type_total{type=\"A\"} $NUM_A_QUERIES" metrics.out; then + echo "OK" +else + echo "FAIL" + exit 1 +fi + +# check that metrics shows the reset stats after using nsd-control stats +# and check statistics are the same as metrics +$PRE/unbound-control -c ub.conf stats | tee stats +if grep "num.queries=$((NUM_TXT_QUERIES+NUM_A_QUERIES))" stats; then echo "OK"; else echo "FAIL"; exit 1; fi +if grep "num.type.TXT=$NUM_TXT_QUERIES" stats; then echo "OK"; else echo "FAIL"; exit 1; fi +if grep "num.type.A=$NUM_A_QUERIES" stats; then echo "OK"; else echo "FAIL"; exit 1; fi + +# check metrics again +curl -Ssi "http://127.0.0.1:$TPKG_METRICS_PORT/metrics" -o metrics.out2 + +echo ">> metrics output" +cat metrics.out2 + +if grep -Fx "unbound_queries_total{server=\"0\"} 0" metrics.out2; then + echo "OK" +else + echo "FAIL" + exit 1 +fi + +if grep -Fx "unbound_queries_by_type_total{type=\"TXT\"} 0" metrics.out2; then + echo "OK" +else + echo "FAIL" + exit 1 +fi + +if grep -Fx "unbound_queries_by_type_total{type=\"A\"} 0" metrics.out2; then + echo "OK" +else + echo "FAIL" + exit 1 +fi + +exit 0 diff --git a/testdata/prometheus_metrics.tdir/unbound_control.key b/testdata/prometheus_metrics.tdir/unbound_control.key new file mode 100644 index 000000000..753a4ef61 --- /dev/null +++ b/testdata/prometheus_metrics.tdir/unbound_control.key @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG4gIBAAKCAYEAstEp+Pyh8XGrtZ77A4FhYjvbeB3dMa7Q2rGWxobzlA9przhA +1aChAvUtCOAuM+rB6NTNB8YWfZJbQHawyMNpmC77cg6vXLYCGUQHZyAqidN049RJ +F5T7j4N8Vniv17LiRdr0S6swy4PRvEnIPPV43EQHZqC5jVvHsKkhIfmBF/Dj5TXR +ypeawWV/m5jeU6/4HRYMfytBZdO1mPXuWLh0lgbQ4SCbgrOUVD3rniMk1yZIbQOm +vlDHYqekjDb/vOW2KxUQLG04aZMJ1mWfdbwG0CKQkSjISEDZ1l76vhM6mTM0fwXb +IvyFZ9yPPCle1mF5aSlxS2cmGuGVSRQaw8XF9fe3a9ACJJTr33HdSpyaZkKRAUzL +cKqLCl323daKv3NwwAT03Tj4iQM416ASMoiyfFa/2GWTKQVjddu8Crar7tGaf5xr +lig4DBmrBvdYA3njy72/RD71hLwmlRoCGU7dRuDr9O6KASUm1Ri91ONZ/qdjMvov +15l2vj4GV+KXR00dAgMBAAECggGAHepIL1N0dEQkCdpy+/8lH54L9WhpnOo2HqAf +LU9eaKK7d4jdr9+TkD8cLaPzltPrZNxVALvu/0sA4SP6J1wpyj/x6P7z73qzly5+ +Xo5PD4fEwmi9YaiW/UduAblnEZrnp/AddptJKoL/D5T4XtpiQddPtael4zQ7kB57 +YIexRSQTvEDovA/o3/nvA0TrzOxfgd4ycQP3iOWGN/TMzyLsvjydrUwbOB567iz9 +whL3Etdgvnwh5Sz2blbFfH+nAR8ctvFFz+osPvuIVR21VMEI6wm7kTpSNnQ6sh/c +lrLb/bTADn4g7z/LpIZJ+MrLvyEcoqValrLYeFBhM9CV8woPxvkO2P3pU47HVGax +tC7GV6a/kt5RoKFd/TNdiA3OC7NGZtaeXv9VkPf4fVwBtSO9d5ZZXTGEynDD/rUQ +U4KFJe6OD23APjse08HiiKqTPhsOneOONU67iqoaTdIkT2R4EdlkVEDpXVtWb+G9 +Q+IqYzVljlzuyHrhWXLJw/FMa2aBAoHBAOnZbi4gGpH+P6886WDWVgIlTccuXoyc +Mg9QQYk9UDeXxL0AizR5bZy49Sduegz9vkHpAiZARQsUnizHjZ8YlRcrmn4t6tx3 +ahTIKAjdprnxJfYINM580j8CGbXvX5LhIlm3O267D0Op+co3+7Ujy+cjsIuFQrP+ +1MqMgXSeBjzC1APivmps7HeFE+4w0k2PfN5wSMDNCzLo99PZuUG5XZ93OVOS5dpN +b+WskdcD8NOoJy/X/5A08veEI/jYO/DyqQKBwQDDwUQCOWf41ecvJLtBHKmEnHDz +ftzHino9DRKG8a9XaN4rmetnoWEaM2vHGX3pf3mwH+dAe8vJdAQueDhBKYeEpm6C +TYNOpou1+Zs5s99BilCTNYo8fkMOAyqwRwmz9zgHS6QxXuPwsghKefLJGt6o6RFF +tfWVTfLlYJ+I3GQe3ySsk3wjVz4oUTKiyiq5+KzD+HhEkS7u+RQ7Z0ZI2xd2cF8Y +aN2hjKDpcOiFf3CDoqka5D1qMNLgIHO52AHww1UCgcA1h7o7AMpURRka6hyaODY0 +A4oMYEbwdQjYjIyT998W+rzkbu1us6UtzQEBZ760npkgyU/epbOoV63lnkCC/MOU +LD0PST+L/CHiY/cWIHb79YG1EifUZKpUFg0Aoq0EGFkepF0MefGCkbRGYA5UZr9U +R80wAu9D+L+JJiS0J0BSRF74DL196zUuHt5zFeXuLzxsRtPAnq9DliS08BACRYZy +7H3I7cWD9Vn5/0jbKWHFcaaWwyETR6uekTcSzZzbCRECgcBeoE3/xUA9SSk34Mmj +7/cB4522Ft0imA3+9RK/qJTZ7Bd5fC4PKjOGNtUiqW/0L2rjeIiQ40bfWvWqgPKw +jSK1PL6uvkl6+4cNsFsYyZpiVDoe7wKju2UuoNlB3RUTqa2r2STFuNj2wRjA57I1 +BIgdnox65jqQsd14g/yaa+75/WP9CE45xzKEyrtvdcqxm0Pod3OrsYK+gikFjiar +kT0GQ8u0QPzh2tjt/2ZnIfOBrl+QYERP0MofDZDjhUdq2wECgcB0Lu841+yP5cdR +qbJhXO4zJNh7oWNcJlOuQp3ZMNFrA1oHpe9pmLukiROOy01k9WxIMQDzU5GSqRv3 +VLkYOIcbhJ3kClKAcM3j95SkKbU2H5/RENb3Ck52xtl4pNU1x/3PnVFZfDVuuHO9 +MZ9YBcIeK98MyP2jr5JtFKnOyPE7xKq0IHIhXadpbc2wjje5FtZ1cUtMyEECCXNa +C1TpXebHGyXGpY9WdWXhjdE/1jPvfS+uO5WyuDpYPr339gsdq1g= +-----END RSA PRIVATE KEY----- diff --git a/testdata/prometheus_metrics.tdir/unbound_control.pem b/testdata/prometheus_metrics.tdir/unbound_control.pem new file mode 100644 index 000000000..a1edf7017 --- /dev/null +++ b/testdata/prometheus_metrics.tdir/unbound_control.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDszCCAhsCFGD5193whHQ2bVdzbaQfdf1gc4SkMA0GCSqGSIb3DQEBCwUAMBIx +EDAOBgNVBAMMB3VuYm91bmQwHhcNMjAwNzA4MTMzMjMwWhcNNDAwMzI1MTMzMjMw +WjAaMRgwFgYDVQQDDA91bmJvdW5kLWNvbnRyb2wwggGiMA0GCSqGSIb3DQEBAQUA +A4IBjwAwggGKAoIBgQCy0Sn4/KHxcau1nvsDgWFiO9t4Hd0xrtDasZbGhvOUD2mv +OEDVoKEC9S0I4C4z6sHo1M0HxhZ9kltAdrDIw2mYLvtyDq9ctgIZRAdnICqJ03Tj +1EkXlPuPg3xWeK/XsuJF2vRLqzDLg9G8Scg89XjcRAdmoLmNW8ewqSEh+YEX8OPl +NdHKl5rBZX+bmN5Tr/gdFgx/K0Fl07WY9e5YuHSWBtDhIJuCs5RUPeueIyTXJkht +A6a+UMdip6SMNv+85bYrFRAsbThpkwnWZZ91vAbQIpCRKMhIQNnWXvq+EzqZMzR/ +Bdsi/IVn3I88KV7WYXlpKXFLZyYa4ZVJFBrDxcX197dr0AIklOvfcd1KnJpmQpEB +TMtwqosKXfbd1oq/c3DABPTdOPiJAzjXoBIyiLJ8Vr/YZZMpBWN127wKtqvu0Zp/ +nGuWKDgMGasG91gDeePLvb9EPvWEvCaVGgIZTt1G4Ov07ooBJSbVGL3U41n+p2My ++i/XmXa+PgZX4pdHTR0CAwEAATANBgkqhkiG9w0BAQsFAAOCAYEAd++Wen6l8Ifj +4h3p/y16PhSsWJWuJ4wdNYy3/GM84S26wGjzlEEwiW76HpH6VJzPOiBAeWnFKE83 +hFyetEIxgJeIPbcs9ZP/Uoh8GZH9tRISBSN9Hgk2Slr9llo4t1H0g/XTgA5HqMQU +9YydlBh43G7Vw3FVwh09OM6poNOGQKNc/tq2/QdKeUMtyBbLWpRmjH5XcCT35fbn +ZiVOUldqSHD4kKrFO4nJYXZyipRbcXybsLiX9GP0GLemc3IgIvOXyJ2RPp06o/SJ +pzlMlkcAfLJaSuEW57xRakhuNK7m051TKKzJzIEX+NFYOVdafFHS8VwGrYsdrFvD +72tMfu+Fu55y3awdWWGc6YlaGogZiuMnJkvQphwgn+5qE/7CGEckoKEsH601rqIZ +muaIc85+nEcHJeijd/ZlBN9zeltjFoMuqTUENgmv8+tUAdVm/UMY9Vjme6b43ydP +uv6DS02+k9z8toxXworLiPr94BGaiGV1NxgwZKLZigYJt/Fi2Qte +-----END CERTIFICATE----- diff --git a/testdata/prometheus_metrics.tdir/unbound_server.key b/testdata/prometheus_metrics.tdir/unbound_server.key new file mode 100644 index 000000000..370a7bbb2 --- /dev/null +++ b/testdata/prometheus_metrics.tdir/unbound_server.key @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEAvjSVSN2QMXudpzukdLCqgg/IOhCX8KYkD0FFFfWcQjgKq5wI +0x41iG32a6wbGanre4IX7VxaSPu9kkHfnGgynCk5nwDRedE/FLFhAU78PoT0+Nqq +GRS7XVQ24vLmIz9Hqc2Ozx1um1BXBTmIT0UfN2e22I0LWQ6a3seZlEDRj45gnk7Z +uh9MDgotaBdm+v1JAbupSf6Zis4VEH3JNdvVGE3O1DHEIeuuz/3BDhpf6WBDH+8K +WaBe1ca4TZHr9ThL2gEMEfAQl0wXDwRWRoi3NjNMH+mw0L1rjwThI5GXqNIee7o5 +FzUReSXZuTdFMyGe3Owcx+XoYnwi6cplSNoGsDBu4B9bKKglR9YleJVw4L4Xi8xP +q6O9UPj4+nypHk/DOoC7DIM3ufN0yxPBsFo5TVowxfhdjZXJbbftd2TZv7AH8+XL +A5UoZgRzXgzECelXSCTBFlMTnT48LfA9pMLydyjAz2UdPHs5Iv+TK5nnI+aJoeaP +7kFZSngxdy1+A/bNAgMBAAECggGBALpTOIqQwVg4CFBylL/a8K1IWJTI/I65sklf +XxYL7G7SB2HlEJ//z+E+F0+S4Vlao1vyLQ5QkgE82pAUB8FoMWvY1qF0Y8A5wtm6 +iZSGk4OLK488ZbT8Ii9i+AGKgPe2XbVxsJwj8N4k7Zooqec9hz73Up8ATEWJkRz7 +2u7oMGG4z91E0PULA64dOi3l/vOQe5w/Aa+CwVbAWtI05o7kMvQEBMDJn6C7CByo +MB5op9wueJMnz7PM7hns+U7Dy6oE4ljuolJUy51bDzFWwoM54cRoQqLFNHd8JVQj +WxldCkbfF43iyprlsEcUrTyUjtdA+ZeiG39vg/mtdmgNpGmdupHJZQvSuG8IcVlz +O+eMSeQS1QXPD6Ik8UK4SU0h+zOl8xIWtRrsxQuh4fnTN40udm/YUWl/6gOebsBI +IrVLlKGqJSfB3tMjpCRqdTzJ0dA9keVpkqm2ugZkxEf1+/efq/rFIQ2pUBLCqNTN +qpNqruK8y8FphP30I2uI4Ej2UIB8AQKBwQDd2Yptj2FyDyaXCycsyde0wYkNyzGU +dRnzdibfHnMZwjgTjwAwgIUBVIS8H0/z7ZJQKN7osJfddMrtjJtYYUk9g/dCpHXs +bNh2QSoWah3FdzNGuWd0iRf9+LFxhjAAMo/FS8zFJAJKrFsBdCGTfFUMdsLC0bjr +YjiWBuvV72uKf8XIZX5KIZruKdWBBcWukcb21R1UDyFYyXRBsly5XHaIYKZql3km +7pV7MKWO0IYgHbHIqGUqPQlzZ/lkunS1jKECgcEA23wHffD6Ou9/x3okPx2AWpTr +gh8rgqbyo6hQkBW5Y90Wz824cqaYebZDaBR/xlVx/YwjKkohv8Bde2lpH/ZxRZ1Z +5Sk2s6GJ/vU0L9RsJZgCgj4L6Coal1NMxuZtCXAlnOpiCdxSZgfqbshbTVz30KsG +ZJG361Cua1ScdAHxlZBxT52/1Sm0zRC2hnxL7h4qo7Idmtzs40LAJvYOKekR0pPN +oWeJfra7vgx/jVNvMFWoOoSLpidVO4g+ot4ery6tAoHAdW3rCic1C2zdnmH28Iw+ +s50l8Lk3mz+I5wgJd1zkzCO0DxZIoWPGA3g7cmCYr6N3KRsZMs4W9NAXgjpFGDkW +zYsG3K21BdpvkdjYcFjnPVjlOXB2RIc0vehf9Jl02wXoeCSxVUDEPcaRvWk9RJYx +ZpGOchUU7vNkxHURbIJ4yCzuAi9G8/Jp0dsu+kaV5tufF5SjG5WOrzKjaQsCbdN1 +oqaWMCHRrTvov/Z2C+xwsptFOdN5CSyZzg6hQiI4GMlBAoHAXyb6KINcOEi0YMp3 +BFXJ23tMTnEs78tozcKeipigcsbaqORK3omS+NEnj+uzKUzJyl4CsMbKstK2tFYS +mSTCHqgE3PBtIpsZtEqhgUraR8IK9GPpzZDTTl9ynZgwFTNlWw3RyuyVXF56J+T8 +kCGJ3hEHCHqT/ZRQyX85BKIDFhA0z4tYKxWVqIFiYBNq56R0X9tMMmMs36mEnF93 +7Ht6mowxTZQRa7nU0qOgeKh/P7ki4Zus3y+WJ+T9IqahLtlRAoHBAIhqMrcxSAB8 +RpB9jukJlAnidw2jCMPgrFE8tP0khhVvGrXMldxAUsMKntDIo8dGCnG1KTcWDI0O +jepvSPHSsxVLFugL79h0eVIS5z4huW48i9xgU8VlHdgAcgEPIAOFcOw2BCu/s0Vp +O+MM/EyUOdo3NsibB3qc/GJI6iNBYS7AljYEVo6rXo5V/MZvZUF4vClen6Obzsre +MTTb+4sJjfqleWuvr1XNMeu2mBfXBQkWGZP1byBK0MvD/aQ2PWq92A== +-----END RSA PRIVATE KEY----- diff --git a/testdata/prometheus_metrics.tdir/unbound_server.pem b/testdata/prometheus_metrics.tdir/unbound_server.pem new file mode 100644 index 000000000..986807310 --- /dev/null +++ b/testdata/prometheus_metrics.tdir/unbound_server.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDqzCCAhMCFBHWXeQ6ZIa9QcQbXLFfC6tj+KA+MA0GCSqGSIb3DQEBCwUAMBIx +EDAOBgNVBAMMB3VuYm91bmQwHhcNMjAwNzA4MTMzMjI5WhcNNDAwMzI1MTMzMjI5 +WjASMRAwDgYDVQQDDAd1bmJvdW5kMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIB +igKCAYEAvjSVSN2QMXudpzukdLCqgg/IOhCX8KYkD0FFFfWcQjgKq5wI0x41iG32 +a6wbGanre4IX7VxaSPu9kkHfnGgynCk5nwDRedE/FLFhAU78PoT0+NqqGRS7XVQ2 +4vLmIz9Hqc2Ozx1um1BXBTmIT0UfN2e22I0LWQ6a3seZlEDRj45gnk7Zuh9MDgot +aBdm+v1JAbupSf6Zis4VEH3JNdvVGE3O1DHEIeuuz/3BDhpf6WBDH+8KWaBe1ca4 +TZHr9ThL2gEMEfAQl0wXDwRWRoi3NjNMH+mw0L1rjwThI5GXqNIee7o5FzUReSXZ +uTdFMyGe3Owcx+XoYnwi6cplSNoGsDBu4B9bKKglR9YleJVw4L4Xi8xPq6O9UPj4 ++nypHk/DOoC7DIM3ufN0yxPBsFo5TVowxfhdjZXJbbftd2TZv7AH8+XLA5UoZgRz +XgzECelXSCTBFlMTnT48LfA9pMLydyjAz2UdPHs5Iv+TK5nnI+aJoeaP7kFZSngx +dy1+A/bNAgMBAAEwDQYJKoZIhvcNAQELBQADggGBABunf93MKaCUHiZgnoOTinsW +84/EgInrgtKzAyH+BhnKkJOhhR0kkIAx5d9BpDlaSiRTACFon9moWCgDIIsK/Ar7 +JE0Kln9cV//wiiNoFU0O4mnzyGUIMvlaEX6QHMJJQYvL05+w/3AAcf5XmMJtR5ca +fJ8FqvGC34b2WxX9lTQoyT52sRt+1KnQikiMEnEyAdKktMG+MwKsFDdOwDXyZhZg +XZhRrfX3/NVJolqB6EahjWIGXDeKuSSKZVtCyib6LskyeMzN5lcRfvubKDdlqFVF +qlD7rHBsKhQUWK/IO64mGf7y/de+CgHtED5vDvr/p2uj/9sABATfbrOQR3W/Of25 +sLBj4OEfrJ7lX8hQgFaxkMI3x6VFT3W8dTCp7xnQgb6bgROWB5fNEZ9jk/gjSRmD +yIU+r0UbKe5kBk/CmZVFXL2TyJ92V5NYEQh8V4DGy19qZ6u/XKYyNJL4ocs35GGe +CA8SBuyrmdhx38h1RHErR2Skzadi1S7MwGf1y431fQ== +-----END CERTIFICATE----- diff --git a/util/config_file.c b/util/config_file.c index 8f3e46289..23965535f 100644 --- a/util/config_file.c +++ b/util/config_file.c @@ -340,6 +340,14 @@ config_create(void) cfg->dnstap_bidirectional = 1; cfg->dnstap_tls = 1; cfg->disable_dnssec_lame_check = 0; +#ifdef USE_METRICS + cfg->metrics_enable = 0; + cfg->metrics_ifs.first = NULL; + cfg->metrics_ifs.last = NULL; + cfg->metrics_port = UNBOUND_METRICS_PORT; + if(!(cfg->metrics_path = strdup("/metrics"))) + goto error_exit; +#endif /* USE_METRICS */ cfg->ip_ratelimit_cookie = 0; cfg->ip_ratelimit = 0; cfg->ratelimit = 0; @@ -839,6 +847,12 @@ int config_set_option(struct config_file* cfg, const char* opt, else S_YNO("dnstap-log-forwarder-response-messages:", dnstap_log_forwarder_response_messages) #endif +#ifdef USE_METRICS + else S_YNO("metrics-enable:", metrics_enable) + else S_STRLIST_APPEND("metrics-interface:", metrics_ifs) + else S_NUMBER_NONZERO("metrics-port:", metrics_port) + else S_STR("metrics-path:", metrics_path) +#endif /* USE_METRICS */ #ifdef USE_DNSCRYPT else S_YNO("dnscrypt-enable:", dnscrypt) else S_NUMBER_NONZERO("dnscrypt-port:", dnscrypt_port) @@ -1332,6 +1346,12 @@ config_get_option(struct config_file* cfg, const char* opt, else O_YNO(opt, "dnstap-log-forwarder-response-messages", dnstap_log_forwarder_response_messages) #endif +#ifdef USE_METRICS + else O_YNO(opt, "metrics-enable", metrics_enable) + else O_LST(opt, "metrics-interface", metrics_ifs.first) + else O_DEC(opt, "metrics-port", metrics_port) + else O_STR(opt, "metrics-path", metrics_path) +#endif /* USE_METRICS */ #ifdef USE_DNSCRYPT else O_YNO(opt, "dnscrypt-enable", dnscrypt) else O_DEC(opt, "dnscrypt-port", dnscrypt_port) @@ -1829,6 +1849,10 @@ config_delete(struct config_file* cfg) free(cfg->dnstap_tls_client_cert_file); free(cfg->dnstap_identity); free(cfg->dnstap_version); +#ifdef USE_METRICS + config_delstrlist(cfg->metrics_ifs.first); + free(cfg->metrics_path); +#endif /* USE_METRICS */ config_deldblstrlist(cfg->ratelimit_for_domain); config_deldblstrlist(cfg->ratelimit_below_domain); config_delstrlist(cfg->python_script); diff --git a/util/config_file.h b/util/config_file.h index aff3fd78b..3ed8c5906 100644 --- a/util/config_file.h +++ b/util/config_file.h @@ -625,6 +625,17 @@ struct config_file { /** true to disable DNSSEC lameness check in iterator */ int disable_dnssec_lame_check; +#ifdef USE_METRICS + /** metrics section. enable toggle. */ + int metrics_enable; + /** the interfaces the metrics endpoint should listen on */ + struct config_strlist_head metrics_ifs; + /** port number for the metrics endpoint */ + int metrics_port; + /** HTTP path for the metrics endpoint */ + char* metrics_path; +#endif /* USE_METRICS */ + /** ratelimit for ip addresses. 0 is off, otherwise qps (unless overridden) */ int ip_ratelimit; /** ratelimit for ip addresses with a valid DNS Cookie. 0 is off, diff --git a/util/configlexer.lex b/util/configlexer.lex index 566de49ab..1077402b8 100644 --- a/util/configlexer.lex +++ b/util/configlexer.lex @@ -491,6 +491,10 @@ interface-tag-action{COLON} { YDVAR(3, VAR_INTERFACE_TAG_ACTION) } interface-tag-data{COLON} { YDVAR(3, VAR_INTERFACE_TAG_DATA) } interface-view{COLON} { YDVAR(2, VAR_INTERFACE_VIEW) } local-zone-override{COLON} { YDVAR(3, VAR_LOCAL_ZONE_OVERRIDE) } +metrics-enable{COLON} { YDVAR(1, VAR_METRICS_ENABLE) } +metrics-interface{COLON} { YDVAR(1, VAR_METRICS_INTERFACE) } +metrics-port{COLON} { YDVAR(1, VAR_METRICS_PORT) } +metrics-path{COLON} { YDVAR(1, VAR_METRICS_PATH) } dnstap{COLON} { YDVAR(0, VAR_DNSTAP) } dnstap-enable{COLON} { YDVAR(1, VAR_DNSTAP_ENABLE) } dnstap-bidirectional{COLON} { YDVAR(1, VAR_DNSTAP_BIDIRECTIONAL) } diff --git a/util/configparser.y b/util/configparser.y index d9a7cd839..84bcff19c 100644 --- a/util/configparser.y +++ b/util/configparser.y @@ -126,6 +126,8 @@ extern struct config_parser_state* cfg_parser; %token VAR_INFRA_CACHE_MIN_RTT VAR_INFRA_CACHE_MAX_RTT VAR_INFRA_KEEP_PROBING %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL VAR_DNS64_IGNORE_AAAA %token VAR_NAT64_PREFIX +%token VAR_METRICS_ENABLE VAR_METRICS_INTERFACE VAR_METRICS_PORT +%token VAR_METRICS_PATH %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH VAR_DNSTAP_IP %token VAR_DNSTAP_TLS VAR_DNSTAP_TLS_SERVER_NAME VAR_DNSTAP_TLS_CERT_BUNDLE %token VAR_DNSTAP_TLS_CLIENT_KEY_FILE VAR_DNSTAP_TLS_CLIENT_CERT_FILE @@ -359,7 +361,9 @@ content_server: server_num_threads | server_verbosity | server_port | server_harden_unknown_additional | server_disable_edns_do | server_log_destaddr | server_cookie_secret_file | server_iter_scrub_ns | server_iter_scrub_cname | server_max_global_quota | - server_harden_unverified_glue | server_log_time_iso | server_iter_scrub_promiscuous + server_harden_unverified_glue | server_log_time_iso | server_iter_scrub_promiscuous | + server_metrics_enable | server_metrics_interface | + server_metrics_port | server_metrics_path ; stub_clause: stubstart contents_stub { @@ -2748,6 +2752,52 @@ server_response_ip_tag: VAR_RESPONSE_IP_TAG STRING_ARG STRING_ARG } } ; +server_metrics_enable: VAR_METRICS_ENABLE STRING_ARG + { + OUTYY(("P(server_metrics_enable:%s)\n", $2)); +#ifdef USE_METRICS + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->metrics_enable = (strcmp($2, "yes")==0); +#else + if(strcmp($2, "yes")==0) + log_warn("%s:%d the server is not compiled with " + "prometheus metrics.", cfg_parser->filename, + cfg_parser->line); +#endif + free($2); + }; +server_metrics_interface: VAR_METRICS_INTERFACE STRING_ARG + { + OUTYY(("P(server_metrics_interface:%s)\n", $2)); +#ifdef USE_METRICS + if(!cfg_strlist_append(&cfg_parser->cfg->metrics_ifs, $2)) + yyerror("out of memory"); +#else + free($2); +#endif + }; +server_metrics_port: VAR_METRICS_PORT STRING_ARG + { + OUTYY(("P(server_metrics_port:%s)\n", $2)); +#ifdef USE_METRICS + if(atoi($2) == 0 && strcmp($2,"0")!=0) + yyerror("port number expected"); + else + cfg_parser->cfg->metrics_port = atoi($2); +#endif + free($2); + }; +server_metrics_path: VAR_METRICS_PATH STRING_ARG + { + OUTYY(("P(server_metrics_path:%s)\n", $2)); +#ifdef USE_METRICS + free(cfg_parser->cfg->metrics_path); + cfg_parser->cfg->metrics_path = $2; +#else + free($2); +#endif + }; server_ip_ratelimit: VAR_IP_RATELIMIT STRING_ARG { OUTYY(("P(server_ip_ratelimit:%s)\n", $2));