diff --git a/pkg/agent/controller/networkpolicy/cache.go b/pkg/agent/controller/networkpolicy/cache.go index 4fc1613c09c..3da8e670b88 100644 --- a/pkg/agent/controller/networkpolicy/cache.go +++ b/pkg/agent/controller/networkpolicy/cache.go @@ -27,6 +27,7 @@ import ( "k8s.io/client-go/tools/cache" "k8s.io/klog" + "github.com/vmware-tanzu/antrea/pkg/agent/metrics" "github.com/vmware-tanzu/antrea/pkg/apis/networking/v1beta1" ) @@ -563,6 +564,7 @@ func (c *ruleCache) AddNetworkPolicy(policy *v1beta1.NetworkPolicy) error { func (c *ruleCache) addNetworkPolicyLocked(policy *v1beta1.NetworkPolicy) error { c.policyMap[string(policy.UID)] = &types.NamespacedName{policy.Namespace, policy.Name} + metrics.NetworkPolicyCount.Inc() return c.UpdateNetworkPolicy(policy) } @@ -576,21 +578,33 @@ func (c *ruleCache) UpdateNetworkPolicy(policy *v1beta1.NetworkPolicy) error { } for i := range policy.Rules { - rule := toRule(&policy.Rules[i], policy) - if _, exists := ruleByID[rule.ID]; exists { + r := toRule(&policy.Rules[i], policy) + if _, exists := ruleByID[r.ID]; exists { // If rule already exists, remove it from the map so the ones left finally are orphaned. - klog.V(2).Infof("Rule %v was not changed", rule.ID) - delete(ruleByID, rule.ID) + klog.V(2).Infof("Rule %v was not changed", r.ID) + delete(ruleByID, r.ID) } else { // If rule doesn't exist, add it to cache, mark it as dirty. - c.rules.Add(rule) - c.dirtyRuleHandler(rule.ID) + c.rules.Add(r) + // Count up antrea_agent_ingress_networkpolicy_rule_count or antrea_agent_egress_networkpolicy_rule_count + if r.Direction == v1beta1.DirectionIn { + metrics.IngressNetworkPolicyRuleCount.Inc() + } else { + metrics.EgressNetworkPolicyRuleCount.Inc() + } + c.dirtyRuleHandler(r.ID) } } // At this moment, the remaining rules are orphaned, remove them from store and mark them as dirty. - for ruleID, rule := range ruleByID { - c.rules.Delete(rule) + for ruleID, r := range ruleByID { + c.rules.Delete(r) + // Count down antrea_agent_ingress_networkpolicy_rule_count or antrea_agent_egress_networkpolicy_rule_count + if r.(*rule).Direction == v1beta1.DirectionIn { + metrics.IngressNetworkPolicyRuleCount.Dec() + } else { + metrics.EgressNetworkPolicyRuleCount.Dec() + } c.dirtyRuleHandler(ruleID) } return nil @@ -610,9 +624,16 @@ func (c *ruleCache) deleteNetworkPolicyLocked(uid string) error { existingRules, _ := c.rules.ByIndex(policyIndex, uid) for _, r := range existingRules { ruleID := r.(*rule).ID + // Count down antrea_agent_ingress_networkpolicy_rule_count or antrea_agent_egress_networkpolicy_rule_count + if r.(*rule).Direction == v1beta1.DirectionIn { + metrics.IngressNetworkPolicyRuleCount.Dec() + } else { + metrics.EgressNetworkPolicyRuleCount.Dec() + } c.rules.Delete(r) c.dirtyRuleHandler(ruleID) } + metrics.NetworkPolicyCount.Dec() return nil } diff --git a/pkg/agent/controller/networkpolicy/reconciler.go b/pkg/agent/controller/networkpolicy/reconciler.go index 708ef52eb65..da4b09fefab 100644 --- a/pkg/agent/controller/networkpolicy/reconciler.go +++ b/pkg/agent/controller/networkpolicy/reconciler.go @@ -27,7 +27,6 @@ import ( "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/agent/interfacestore" - "github.com/vmware-tanzu/antrea/pkg/agent/metrics" "github.com/vmware-tanzu/antrea/pkg/agent/openflow" "github.com/vmware-tanzu/antrea/pkg/agent/types" "github.com/vmware-tanzu/antrea/pkg/apis/networking/v1beta1" @@ -255,13 +254,6 @@ func (r *reconciler) add(rule *CompletedRule) error { lastRealized.ofIDs[svcHash] = ofID } - // Count up antrea_agent_ingress_networkpolicy_rule_count or antrea_agent_egress_networkpolicy_rule_count - if rule.Direction == v1beta1.DirectionIn { - metrics.IngressNetworkPolicyCount.Inc() - } else if rule.Direction == v1beta1.DirectionOut { - metrics.EgressNetworkPolicyCount.Inc() - } - return nil } @@ -438,13 +430,6 @@ func (r *reconciler) Forget(ruleID string) error { delete(lastRealized.ofIDs, svcHash) } - // Decrement antrea_agent_ingress_networkpolicy_rule_count or antrea_agent_egress_networkpolicy_rule_count - if lastRealized.Direction == v1beta1.DirectionIn { - metrics.IngressNetworkPolicyCount.Dec() - } else if lastRealized.Direction == v1beta1.DirectionOut { - metrics.EgressNetworkPolicyCount.Dec() - } - r.lastRealizeds.Delete(ruleID) return nil } diff --git a/pkg/agent/controller/networkpolicy/reconciler_test.go b/pkg/agent/controller/networkpolicy/reconciler_test.go index 032c6eb48e2..2ada11e40f9 100644 --- a/pkg/agent/controller/networkpolicy/reconciler_test.go +++ b/pkg/agent/controller/networkpolicy/reconciler_test.go @@ -83,14 +83,14 @@ func TestReconcilerForget(t *testing.T) { }, { "known-single-ofrule", - map[string]*lastRealized{"foo": {ofIDs: map[servicesHash]uint32{servicesHash1: 8}, CompletedRule: &CompletedRule{rule: &rule{Direction: v1beta1.DirectionIn}}}}, + map[string]*lastRealized{"foo": {ofIDs: map[servicesHash]uint32{servicesHash1: 8}}}, "foo", []uint32{8}, false, }, { "known-multiple-ofrule", - map[string]*lastRealized{"foo": {ofIDs: map[servicesHash]uint32{servicesHash1: 8, servicesHash2: 9}, CompletedRule: &CompletedRule{rule: &rule{Direction: v1beta1.DirectionOut}}}}, + map[string]*lastRealized{"foo": {ofIDs: map[servicesHash]uint32{servicesHash1: 8, servicesHash2: 9}}}, "foo", []uint32{8, 9}, false, diff --git a/pkg/agent/metrics/prometheus.go b/pkg/agent/metrics/prometheus.go index 3305c6917d3..f8bf801d492 100644 --- a/pkg/agent/metrics/prometheus.go +++ b/pkg/agent/metrics/prometheus.go @@ -23,7 +23,7 @@ import ( ) var ( - EgressNetworkPolicyCount = metrics.NewGauge( + EgressNetworkPolicyRuleCount = metrics.NewGauge( &metrics.GaugeOpts{ Name: "antrea_agent_egress_networkpolicy_rule_count", Help: "Number of egress networkpolicy rules on local node which are managed by the Antrea Agent.", @@ -31,7 +31,7 @@ var ( }, ) - IngressNetworkPolicyCount = metrics.NewGauge( + IngressNetworkPolicyRuleCount = metrics.NewGauge( &metrics.GaugeOpts{ Name: "antrea_agent_ingress_networkpolicy_rule_count", Help: "Number of ingress networkpolicy rules on local node which are managed by the Antrea Agent.", @@ -47,6 +47,14 @@ var ( }, ) + NetworkPolicyCount = metrics.NewGauge( + &metrics.GaugeOpts{ + Name: "antrea_agent_networkpolicy_count", + Help: "Number of networkpolicies on local node which are managed by the Antrea Agent.", + StabilityLevel: metrics.STABLE, + }, + ) + OVSTotalFlowCount = metrics.NewGauge(&metrics.GaugeOpts{ Name: "antrea_agent_ovs_total_flow_count", Help: "Total flow count of all OVS flow tables.", @@ -86,14 +94,18 @@ func InitializePrometheusMetrics() { // and will not measure anything unless the collector is first registered. gaugeHost.Set(1) - if err := legacyregistry.Register(EgressNetworkPolicyCount); err != nil { + if err := legacyregistry.Register(EgressNetworkPolicyRuleCount); err != nil { klog.Error("Failed to register antrea_agent_egress_networkpolicy_rule_count with Prometheus") } - if err := legacyregistry.Register(IngressNetworkPolicyCount); err != nil { + if err := legacyregistry.Register(IngressNetworkPolicyRuleCount); err != nil { klog.Error("Failed to register antrea_agent_ingress_networkpolicy_rule_count with Prometheus") } + if err := legacyregistry.Register(NetworkPolicyCount); err != nil { + klog.Error("Failed to register antrea_agent_networkpolicy_count with Prometheus") + } + if err := legacyregistry.Register(OVSTotalFlowCount); err != nil { klog.Error("Failed to register antrea_agent_ovs_total_flow_count with Prometheus") } diff --git a/test/e2e/prometheus_test.go b/test/e2e/prometheus_test.go index 80466e29489..66ff0173fb5 100644 --- a/test/e2e/prometheus_test.go +++ b/test/e2e/prometheus_test.go @@ -37,6 +37,7 @@ var antreaAgentMetrics = []string{ "antrea_agent_egress_networkpolicy_rule_count", "antrea_agent_ingress_networkpolicy_rule_count", "antrea_agent_local_pod_count", + "antrea_agent_networkpolicy_count", "antrea_agent_ovs_total_flow_count", "antrea_agent_ovs_flow_count", "antrea_agent_runtime_info",