Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

no-default-scrape-port feature flag #9523

Merged
merged 10 commits into from
Jul 20, 2022
Merged

no-default-scrape-port feature flag #9523

merged 10 commits into from
Jul 20, 2022

Conversation

LeviHarrison
Copy link
Member

This PR adds the no-default-scrape-port feature flag, which when enabled does not add the default HTTP or HTTPS port to the target's address.

Fixes #9507

roidelapluie
roidelapluie reviewed Oct 16, 2021
View reviewed changes
Copy link
Member

@roidelapluie roidelapluie left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The issue is that SD's will add the port in general. And it often defaults to :80 and :443.

The logic should also include:

if feature flag:
   if scheme = http and address [-3] == :80 => address = address[:-3]
   if scheme = https and address [-4] == :443 => address = address[:-4]
endif

roidelapluie
roidelapluie reviewed Oct 23, 2021
View reviewed changes
docs/feature_flags.md Outdated Show resolved Hide resolved
roidelapluie
roidelapluie reviewed Oct 23, 2021
View reviewed changes
Copy link
Member

@roidelapluie roidelapluie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The current approach is breaking and would create new timeseries. I do not think we should change the actual labels, just the HTTP query.

@LeviHarrison
Copy link
Member Author

My worry then is that this process wouldn't be as opaque. You would think that the value of the address label is the exact address being used for the scrape. Users explicitly opt-in to this breaking change with the feature flag.

@LeviHarrison
Copy link
Member Author

Then again, it doesn't matter so much.

@roidelapluie
Copy link
Member

Actually, while you "opt-in" for this change, it would be handy to see the port added by service discovery in address. I think we should only be solving the HTTP-level issue.

@LeviHarrison
Copy link
Member Author

It should be visible in the instance label

prometheus/scrape/manager_test.go

Lines 410 to 412 in 1da21f9

res: labels.FromMap(map[string]string{
model.AddressLabel: "1.2.3.4",
model.InstanceLabel: "1.2.3.4:443",
.

roidelapluie
roidelapluie reviewed Oct 24, 2021
View reviewed changes
scrape/target.go Outdated Show resolved Hide resolved
LeviHarrison
LeviHarrison commented Oct 26, 2021
View reviewed changes
scrape/target.go Outdated Show resolved Hide resolved
@stale stale bot added the stale label Dec 25, 2021
@LeviHarrison
Copy link
Member Author

@roidelapluie friendly ping :)

@stale stale bot removed the stale label Dec 26, 2021
roidelapluie
roidelapluie reviewed Jan 29, 2022
View reviewed changes
scrape/target.go Outdated Show resolved Hide resolved
@Nexucis
Copy link
Member

Nexucis commented Apr 7, 2022
edited

if a rebase is done here, would it be possible to merge this PR ? @LeviHarrison @roidelapluie ?

@LeviHarrison LeviHarrison requested review from roidelapluie and removed request for JessicaGreben June 12, 2022 22:29
@LeviHarrison
Add no-default-scrape-port flag
10e5a94 
Signed-off-by: Levi Harrison <git@leviharrison.dev>
@LeviHarrison
Added tests
e103bfa 
Signed-off-by: Levi Harrison <git@leviharrison.dev>
@LeviHarrison
Add docs
fa14d97 
Signed-off-by: Levi Harrison <git@leviharrison.dev>
@LeviHarrison
Remove default port
5a05a9f 
Signed-off-by: Levi Harrison <git@leviharrison.dev>
@LeviHarrison
Fix name of feature flag
1a0ee3d 
Signed-off-by: Levi Harrison <git@leviharrison.dev>
@LeviHarrison
Make feature flag less obtrusive
a355152 
Signed-off-by: Levi Harrison <git@leviharrison.dev>
@LeviHarrison
Add flag to Promtool (because of check sd command)
a5df23c 
Signed-off-by: Levi Harrison <git@leviharrison.dev>
@LeviHarrison
Remove unneeded case
13701a6 
Signed-off-by: Levi Harrison <git@leviharrison.dev>
@LeviHarrison
Changed feature message wording
76d370b 
Signed-off-by: Levi Harrison <git@leviharrison.dev>
@LeviHarrison LeviHarrison mentioned this pull request Jun 13, 2022
Closed
roidelapluie
roidelapluie approved these changes Jun 21, 2022
View reviewed changes
Copy link
Member

@roidelapluie roidelapluie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

bboreham
bboreham reviewed Jun 28, 2022
View reviewed changes
docs/feature_flags.md Outdated
Comment on lines 102 to 103
When enabled, the default port for HTTP or HTTPS won't be added a target's address if no port is specified.
In addition, if a default port (`:80` or `:443`) has already been attached, it will be removed.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/won't be added a/won't be added to a/

Could you add some detail on where this takes effect?
I see the main change is in scrape.PopulateLabels - does it only impact labels?
Does it affect the address sent in the http request?
Who would have "already attached" a port?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for pointing that out. I took a shot at writing a clearer and more comprehensive description.

@LeviHarrison
Change up docs wording
ef22afa 
Signed-off-by: Levi Harrison <git@leviharrison.dev>
LeviHarrison
LeviHarrison commented Jun 28, 2022
View reviewed changes
scrape/target.go
// no-default-scrape-port flag is present, remove the port.
switch port {
case "80":
if scheme == "http" {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@roidelapluie should this accept only an explicit http scheme, whereas when adding the port above both an explicit http and a clear scheme are accepted? I'm leaning towards yes, but I'm unsure.

prometheus/scrape/target.go

Line 411 in ef22afa

case "http", "":

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think scheme can be empty , but maybe it can with relabeling?

@roidelapluie roidelapluie merged commit d61459d into prometheus:main Jul 20, 2022
@roidelapluie
Copy link
Member

Thanks!

@roidelapluie roidelapluie mentioned this pull request Jul 20, 2022
Closed
@eyenx eyenx mentioned this pull request Sep 26, 2022
Merged
6 tasks
@fjerhammer
Copy link

Sorry for reviving an old PR, but please consider making this the default. I have never seen any other HTTP(S) client with the current behaviour.
I spent a while investigating why Prometheus couldn't reach my scraper target, until I realized that I had to reconfigure my reverse proxy (relayd) to listen for matches on my.domain:443 in addition to just my.domain, even though it has been handling requests from a lot of obscure clients throughout the years without ever hitting this issue.

I'm aware that Nginx automatically ignores the :80 or :443 suffix of the Host header when matching requests received on these ports, but that isn't the norm, unfortunately.
RFC2616 states that a Host header "without any trailing port information implies the default port for the service requested", so it doesn't specifically forbid the inclusion of the default port numbers, but it's definitely not typical compared to other HTTP client software.

I have a hard time imagining scenarios where having no-default-scrape-port as the default would break anything, as opposed to solving potential issues for people with "weird" proxies like mine. Not to mention deployments switching from Nginx to something else (say, an organization upscaling to a hardware load balancer) that doesn't perform the same magic on the Host header, and suddenly seeing this issue out of nowhere.
Perhaps changing the default might cause issues when speaking directly to software using homegrown HTTP server implementions for exposing their metrics, relying on a specific Host header value using an exact match. But such servers would probably run on a non-default port anyway, in which case the port number would always be included in the Host request header.

@beorn7
Copy link
Member

beorn7 commented Apr 19, 2024

This should definitely be considered for Prometheus v3. (It would have been a breaking change and therefore could not have become the default with Prometheus v2.)

I have filed #13959 to make the call.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@roidelapluie roidelapluie roidelapluie approved these changes

@bboreham bboreham bboreham left review comments

@dgl dgl Awaiting requested review from dgl dgl is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

metrics requests add default :443 to request
6 participants
@LeviHarrison @roidelapluie @Nexucis @fjerhammer @beorn7 @bboreham