From ae10415fc35adad98c2a179bc26b442f37581f13 Mon Sep 17 00:00:00 2001 From: zhongwencool Date: Wed, 23 Aug 2023 09:00:41 +0800 Subject: [PATCH] feat: disabled the Erlang VM Prometheus exporter by default to improve performance and security --- apps/emqx/src/emqx_metrics.erl | 2 +- apps/emqx_conf/src/emqx_conf_schema.erl | 50 +++++++++++++------ .../src/emqx_prometheus.app.src | 2 +- .../src/emqx_prometheus_config.erl | 21 ++++++-- .../src/emqx_prometheus_schema.erl | 12 ++--- changes/ce/feat-11496.en.md | 1 + 6 files changed, 62 insertions(+), 26 deletions(-) create mode 100644 changes/ce/feat-11496.en.md diff --git a/apps/emqx/src/emqx_metrics.erl b/apps/emqx/src/emqx_metrics.erl index 21a114c0f..6b46af257 100644 --- a/apps/emqx/src/emqx_metrics.erl +++ b/apps/emqx/src/emqx_metrics.erl @@ -267,7 +267,7 @@ {counter, 'authentication.failure'} ]). -%% Overload protetion counters +%% Overload protection counters -define(OLP_METRICS, [ {counter, 'olp.delay.ok'}, {counter, 'olp.delay.timeout'}, diff --git a/apps/emqx_conf/src/emqx_conf_schema.erl b/apps/emqx_conf/src/emqx_conf_schema.erl index 5b73b9e03..94cdd2ecd 100644 --- a/apps/emqx_conf/src/emqx_conf_schema.erl +++ b/apps/emqx_conf/src/emqx_conf_schema.erl @@ -1105,12 +1105,7 @@ translation("gen_rpc") -> [{"default_client_driver", fun tr_default_config_driver/1}]; translation("prometheus") -> [ - {"vm_dist_collector_metrics", fun tr_vm_dist_collector/1}, - {"mnesia_collector_metrics", fun tr_mnesia_collector/1}, - {"vm_statistics_collector_metrics", fun tr_vm_statistics_collector/1}, - {"vm_system_info_collector_metrics", fun tr_vm_system_info_collector/1}, - {"vm_memory_collector_metrics", fun tr_vm_memory_collector/1}, - {"vm_msacc_collector_metrics", fun tr_vm_msacc_collector/1} + {"collectors", fun tr_prometheus_collectors/1} ]; translation("vm_args") -> [ @@ -1120,26 +1115,53 @@ translation("vm_args") -> tr_vm_args_process_limit(Conf) -> 2 * conf_get("node.max_ports", Conf, ?DEFAULT_MAX_PORTS). +tr_prometheus_collectors(Conf) -> + [ + %% builtin collectors + prometheus_boolean, + prometheus_counter, + prometheus_gauge, + prometheus_histogram, + prometheus_quantile_summary, + prometheus_summary, + %% emqx collectors + emqx_prometheus, + emqx_prometheus_mria + %% builtin vm collectors + | tr_vm_dist_collector(Conf) ++ + tr_mnesia_collector(Conf) ++ + tr_vm_statistics_collector(Conf) ++ + tr_vm_system_info_collector(Conf) ++ + tr_vm_memory_collector(Conf) ++ + tr_vm_msacc_collector(Conf) + ]. + tr_vm_dist_collector(Conf) -> - metrics_enabled(conf_get("prometheus.vm_dist_collector", Conf, enabled)). + Enabled = conf_get("prometheus.vm_dist_collector", Conf, disabled), + collector_enabled(Enabled, prometheus_vm_dist_collector). tr_mnesia_collector(Conf) -> - metrics_enabled(conf_get("prometheus.mnesia_collector", Conf, enabled)). + Enabled = conf_get("prometheus.mnesia_collector", Conf, disabled), + collector_enabled(Enabled, prometheus_mnesia_collector). tr_vm_statistics_collector(Conf) -> - metrics_enabled(conf_get("prometheus.vm_statistics_collector", Conf, enabled)). + Enabled = conf_get("prometheus.vm_statistics_collector", Conf, disabled), + collector_enabled(Enabled, prometheus_vm_statistics_collector). tr_vm_system_info_collector(Conf) -> - metrics_enabled(conf_get("prometheus.vm_system_info_collector", Conf, enabled)). + Enabled = conf_get("prometheus.vm_system_info_collector", Conf, disabled), + collector_enabled(Enabled, prometheus_vm_system_info_collector). tr_vm_memory_collector(Conf) -> - metrics_enabled(conf_get("prometheus.vm_memory_collector", Conf, enabled)). + Enabled = conf_get("prometheus.vm_memory_collector", Conf, disabled), + collector_enabled(Enabled, prometheus_vm_memory_collector). tr_vm_msacc_collector(Conf) -> - metrics_enabled(conf_get("prometheus.vm_msacc_collector", Conf, enabled)). + Enabled = conf_get("prometheus.vm_msacc_collector", Conf, disabled), + collector_enabled(Enabled, prometheus_vm_msacc_collector). -metrics_enabled(enabled) -> all; -metrics_enabled(disabled) -> []. +collector_enabled(enabled, Collector) -> [Collector]; +collector_enabled(disabled, _) -> []. tr_default_config_driver(Conf) -> conf_get("rpc.driver", Conf). diff --git a/apps/emqx_prometheus/src/emqx_prometheus.app.src b/apps/emqx_prometheus/src/emqx_prometheus.app.src index 10fd75e98..c4abbec27 100644 --- a/apps/emqx_prometheus/src/emqx_prometheus.app.src +++ b/apps/emqx_prometheus/src/emqx_prometheus.app.src @@ -2,7 +2,7 @@ {application, emqx_prometheus, [ {description, "Prometheus for EMQX"}, % strict semver, bump manually! - {vsn, "5.0.15"}, + {vsn, "5.0.16"}, {modules, []}, {registered, [emqx_prometheus_sup]}, {applications, [kernel, stdlib, prometheus, emqx, emqx_management]}, diff --git a/apps/emqx_prometheus/src/emqx_prometheus_config.erl b/apps/emqx_prometheus/src/emqx_prometheus_config.erl index 39d2d4f6b..abd3427d3 100644 --- a/apps/emqx_prometheus/src/emqx_prometheus_config.erl +++ b/apps/emqx_prometheus/src/emqx_prometheus_config.erl @@ -46,12 +46,25 @@ remove_handler() -> ok. post_config_update(?PROMETHEUS, _Req, New, _Old, AppEnvs) -> - application:set_env(AppEnvs), - update_prometheus(New); + update_prometheus(AppEnvs), + update_push_gateway(New); post_config_update(_ConfPath, _Req, _NewConf, _OldConf, _AppEnvs) -> ok. -update_prometheus(#{enable := true}) -> +update_prometheus(AppEnvs) -> + {ok, PrevCollectors} = application:get_env(prometheus, collectors), + CurCollectors = proplists:get_value(collectors, proplists:get_value(prometheus, AppEnvs)), + lists:foreach( + fun prometheus_registry:deregister_collector/1, + PrevCollectors -- CurCollectors + ), + lists:foreach( + fun prometheus_registry:register_collector/1, + CurCollectors -- PrevCollectors + ), + application:set_env(AppEnvs). + +update_push_gateway(#{enable := true}) -> emqx_prometheus_sup:start_child(?APP); -update_prometheus(#{enable := false}) -> +update_push_gateway(#{enable := false}) -> emqx_prometheus_sup:stop_child(?APP). diff --git a/apps/emqx_prometheus/src/emqx_prometheus_schema.erl b/apps/emqx_prometheus/src/emqx_prometheus_schema.erl index 3884f7065..41d74aa20 100644 --- a/apps/emqx_prometheus/src/emqx_prometheus_schema.erl +++ b/apps/emqx_prometheus/src/emqx_prometheus_schema.erl @@ -99,7 +99,7 @@ fields("prometheus") -> ?HOCON( hoconsc:enum([enabled, disabled]), #{ - default => enabled, + default => disabled, required => true, importance => ?IMPORTANCE_LOW, desc => ?DESC(mnesia_collector) @@ -110,7 +110,7 @@ fields("prometheus") -> ?HOCON( hoconsc:enum([enabled, disabled]), #{ - default => enabled, + default => disabled, required => true, importance => ?IMPORTANCE_LOW, desc => ?DESC(vm_statistics_collector) @@ -121,7 +121,7 @@ fields("prometheus") -> ?HOCON( hoconsc:enum([enabled, disabled]), #{ - default => enabled, + default => disabled, required => true, importance => ?IMPORTANCE_LOW, desc => ?DESC(vm_system_info_collector) @@ -133,7 +133,7 @@ fields("prometheus") -> ?HOCON( hoconsc:enum([enabled, disabled]), #{ - default => enabled, + default => disabled, required => true, importance => ?IMPORTANCE_LOW, desc => ?DESC(vm_memory_collector) @@ -144,7 +144,7 @@ fields("prometheus") -> ?HOCON( hoconsc:enum([enabled, disabled]), #{ - default => enabled, + default => disabled, required => true, importance => ?IMPORTANCE_LOW, desc => ?DESC(vm_msacc_collector) @@ -178,5 +178,5 @@ validate_push_gateway_server(Url) -> translation(Name) -> %% translate 'vm_dist_collector', 'mnesia_collector', 'vm_statistics_collector', %% 'vm_system_info_collector', 'vm_memory_collector', 'vm_msacc_collector' - %% to prometheus envrionments + %% to prometheus environments emqx_conf_schema:translation(Name). diff --git a/changes/ce/feat-11496.en.md b/changes/ce/feat-11496.en.md new file mode 100644 index 000000000..5303ce8d8 --- /dev/null +++ b/changes/ce/feat-11496.en.md @@ -0,0 +1 @@ +Disabled the Erlang VM Prometheus exporter by default to improve performance and security.