Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Resolves GCP API calls for monitoring.googleapis.com to set of IPs #94

Merged
merged 26 commits into from
May 10, 2019
Merged

Resolves GCP API calls for monitoring.googleapis.com to set of IPs #94

Show file tree
Hide file tree
Changes from 21 commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
dd82c99
Gets back to state of pr #88, without extraneous files
nmdayton Feb 27, 2019
2a9ff19
Adds google.golang.org/grpc/resolver.manual to vendored deps
nmdayton Feb 27, 2019
9d6fa41
Merge branch 'vendorchange' into nina-marie-sidecar
nmdayton Feb 27, 2019
f9ac371
Adds comment describing IPs & introduces scheme var to eliminate if/else
nmdayton Feb 27, 2019
8189652
Simplifies scheme var
nmdayton Feb 27, 2019
f2d439b
Adds temporary test (needs work).
nmdayton Mar 19, 2019
add94b3
Improves test, still broken
nmdayton Mar 25, 2019
ca4f3fa
Adds target address check.
nmdayton Mar 25, 2019
144cfa8
Adds auth=false to url
nmdayton Mar 25, 2019
bb2d5f5
Fixes port/auth issue
nmdayton Mar 25, 2019
b34b93a
Fixes TestEmptyRequest paste
nmdayton Mar 25, 2019
78c0f45
Adds comment re: failing test
nmdayton Mar 25, 2019
496f013
Sets DialContext, correctly parses URL. TestResolver now passes!
nmdayton Mar 25, 2019
72f54cd
Defer closing connection.
nmdayton Mar 25, 2019
1415266
Fixes scheme
nmdayton May 6, 2019
9b6d045
Fixes indentation, adds grpc.WithBlock(), fewer vars.
nmdayton May 6, 2019
876c8f2
Fixing resolver test
nmdayton May 8, 2019
5e24716
Fixes resolver test
nmdayton May 8, 2019
3e6a38d
Remove manual.go from PR
nmdayton May 9, 2019
db5320f
Removes debugging log lines, fixes formatting, reverts timeout to 1s
nmdayton May 9, 2019
9ee7507
Merge branch 'nina-marie-sidecar' of github.com:Stackdriver/stackdriv…
nmdayton May 9, 2019
4a43e39
Updates restricted IPs flag and related var name
nmdayton May 10, 2019
41d461e
Restores manual.go fron origin/master.
nmdayton May 10, 2019
8db8e42
Fixes merge conflict
nmdayton May 10, 2019
16efcbf
Merge branch 'master' into nina-marie-sidecar
nmdayton May 10, 2019
6a458d8
Adds comment re: auth=false
nmdayton May 10, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions cmd/stackdriver-prometheus-sidecar/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,8 @@ import (
"go.opencensus.io/plugin/ochttp"
"go.opencensus.io/stats/view"
"go.opencensus.io/tag"
"google.golang.org/grpc/resolver"
"google.golang.org/grpc/resolver/manual"
kingpin "gopkg.in/alecthomas/kingpin.v2"
)

Expand Down Expand Up @@ -184,6 +186,8 @@ func main() {
filters []string
metricRenames map[string]string
staticMetadata []scrape.MetricMetadata
apiOverride bool
manualResolver *manual.Resolver

logLevel promlog.AllowedLevel
}{}
Expand All @@ -203,6 +207,9 @@ func main() {
a.Flag("stackdriver.api-address", "Address of the Stackdriver Monitoring API.").
Default("https://monitoring.googleapis.com:443/").URLVar(&cfg.stackdriverAddress)

a.Flag("stackdriver.api-override", "List of IP addresses. If not empty, stackdriver.api-address will always resolve to these addresses.").
nmdayton marked this conversation as resolved.
Show resolved Hide resolved
Default("false").BoolVar(&cfg.apiOverride)

a.Flag("stackdriver.kubernetes.location", "Value of the 'location' label in the Kubernetes Stackdriver MonitoredResources.").
StringVar(&cfg.kubernetesLabels.location)

Expand Down Expand Up @@ -293,6 +300,19 @@ func main() {
}

cfg.projectIdResource = fmt.Sprintf("projects/%v", *projectId)
if cfg.apiOverride {
// manual.GenerateAndRegisterManualResolver generates a Resolver and a random scheme.
// It also registers the resolver. rb.InitialAddrs adds the addresses we are using
// to resolve GCP API calls to the resolver.
cfg.manualResolver, _ = manual.GenerateAndRegisterManualResolver()
StevenYCChou marked this conversation as resolved.
Show resolved Hide resolved
// These IP addresses correspond to restricted.googleapis.com and are not expected to change.
cfg.manualResolver.InitialAddrs([]resolver.Address{
nmdayton marked this conversation as resolved.
Show resolved Hide resolved
{Addr: "199.36.153.4:443"},
{Addr: "199.36.153.5:443"},
{Addr: "199.36.153.6:443"},
{Addr: "199.36.153.7:443"},
})
}
targetsURL, err := cfg.prometheusURL.Parse(targets.DefaultAPIEndpoint)
if err != nil {
panic(err)
Expand Down Expand Up @@ -334,6 +354,7 @@ func main() {
projectIdResource: cfg.projectIdResource,
url: cfg.stackdriverAddress,
timeout: 10 * time.Second,
manualResolver: cfg.manualResolver,
},
tailer,
)
Expand Down Expand Up @@ -487,6 +508,7 @@ type clientFactory struct {
projectIdResource string
url *url.URL
timeout time.Duration
manualResolver *manual.Resolver
}

func (f *clientFactory) New() stackdriver.StorageClient {
Expand All @@ -495,6 +517,7 @@ func (f *clientFactory) New() stackdriver.StorageClient {
ProjectId: f.projectIdResource,
URL: f.url,
Timeout: f.timeout,
Resolver: f.manualResolver,
})
}

Expand Down
7 changes: 7 additions & 0 deletions stackdriver/client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ import (
"google.golang.org/grpc/codes"
"google.golang.org/grpc/credentials"
"google.golang.org/grpc/credentials/oauth"
"google.golang.org/grpc/resolver/manual"
"google.golang.org/grpc/status"

"github.com/go-kit/kit/log"
Expand All @@ -49,6 +50,7 @@ type Client struct {
projectId string
url *url.URL
timeout time.Duration
resolver *manual.Resolver

conn *grpc.ClientConn
}
Expand All @@ -59,6 +61,7 @@ type ClientConfig struct {
ProjectId string // The Stackdriver project id in "projects/name-or-number" format.
URL *url.URL
Timeout time.Duration
Resolver *manual.Resolver
}

// NewClient creates a new Client.
Expand All @@ -72,6 +75,7 @@ func NewClient(conf *ClientConfig) *Client {
projectId: conf.ProjectId,
url: conf.URL,
timeout: conf.Timeout,
resolver: conf.Resolver,
}
}

Expand Down Expand Up @@ -120,6 +124,9 @@ func (c *Client) getConnection(ctx context.Context) (*grpc.ClientConn, error) {
if len(c.url.Port()) > 0 {
address = fmt.Sprintf("%s:%s", address, c.url.Port())
}
if c.resolver != nil {
address = c.resolver.Scheme() + ":///" + address
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is c.resolver.Scheme() here? It seems like it wouldn't be an address, like what exists above on line 128.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some info here puts it better than I could: https://chromium.googlesource.com/external/github.com/grpc/grpc/+/v1.8.5/doc/naming.md The actual scheme is just a random series of letters. Most of what I know is that doc and the fact that we need it for dns. Let me know if you have other questions and I'll answer the best I can.

}
nmdayton marked this conversation as resolved.
Show resolved Hide resolved
conn, err := grpc.DialContext(ctx, address, dopts...)
c.conn = conn
return conn, err
Expand Down
51 changes: 51 additions & 0 deletions stackdriver/client_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,16 +14,20 @@
package stackdriver

import (
"bytes"
"fmt"
"net"
"net/url"
"strings"
"testing"
"time"

"github.com/go-kit/kit/log"
monitoring "google.golang.org/genproto/googleapis/monitoring/v3"
"google.golang.org/grpc"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/resolver"
"google.golang.org/grpc/resolver/manual"
"google.golang.org/grpc/status"
)

Expand Down Expand Up @@ -114,3 +118,50 @@ func TestEmptyRequest(t *testing.T) {
t.Fatal(err)
}
}

func TestResolver(t *testing.T) {
grpcServer := grpc.NewServer()
listener := newLocalListener()
monitoring.RegisterMetricServiceServer(grpcServer, &metricServiceServer{nil})
go grpcServer.Serve(listener)
defer grpcServer.Stop()

logBuffer := &bytes.Buffer{}
defer func() {
if logBuffer.Len() > 0 {
t.Log(logBuffer.String())
}
}()
logger := log.NewLogfmtLogger(logBuffer)

serverURL, err := url.Parse("http://stackdriver.invalid?auth=false")
nmdayton marked this conversation as resolved.
Show resolved Hide resolved
if err != nil {
t.Fatal(err)
}

res, _ := manual.GenerateAndRegisterManualResolver()
res.InitialAddrs([]resolver.Address{
{Addr: listener.Addr().String()},
})

c := NewClient(&ClientConfig{
URL: serverURL,
Timeout: time.Second,
Resolver: res,
Logger: logger,
})

err = c.Store(&monitoring.CreateTimeSeriesRequest{
TimeSeries: []*monitoring.TimeSeries{
&monitoring.TimeSeries{},
},
})
if err != nil {
t.Fatal(err)
}
nmdayton marked this conversation as resolved.
Show resolved Hide resolved
requestedTarget := c.conn.Target()
if requestedTarget != c.resolver.Scheme()+":///stackdriver.invalid" {
t.Errorf("ERROR: Remote address is %s, want stackdriver.invalid.",
requestedTarget)
}
}