Add support for exposing metrics for Synapse (without workers)

This commit is contained in:
Slavi Pantaleev 2024-01-12 09:52:08 +02:00
parent 3556dd77ef
commit 22f5f0ba75
4 changed files with 69 additions and 1 deletions

View File

@ -4187,6 +4187,9 @@ matrix_synapse_container_labels_client_synapse_admin_api_enabled: "{{ matrix_syn
matrix_synapse_container_labels_federation_api_traefik_entrypoints: "{{ matrix_federation_traefik_entrypoint }}"
matrix_synapse_container_labels_metrics_middleware_basic_auth_enabled: "{{ matrix_metrics_exposure_http_basic_auth_enabled }}"
matrix_synapse_container_labels_metrics_middleware_basic_auth_users: "{{ matrix_metrics_exposure_http_basic_auth_users }}"
# For exposing the Synapse worker (and metrics) ports to the local host.
matrix_synapse_workers_container_host_bind_address: "{{ matrix_playbook_service_host_bind_interface_prefix[0:-1] if (matrix_synapse_workers_enabled and matrix_playbook_service_host_bind_interface_prefix) else '' }}"
@ -4205,6 +4208,10 @@ matrix_synapse_federation_port_openid_resource_required: "{{ not matrix_synapse_
# If someone instals Prometheus via the playbook, they most likely wish to monitor Synapse.
matrix_synapse_metrics_enabled: "{{ prometheus_enabled }}"
matrix_synapse_metrics_proxying_enabled: "{{ matrix_synapse_metrics_enabled and matrix_metrics_exposure_enabled }}"
matrix_synapse_metrics_proxying_hostname: "{{ matrix_metrics_exposure_hostname }}"
matrix_synapse_metrics_proxying_path_prefix: "{{ matrix_metrics_exposure_path_prefix }}/synapse"
matrix_synapse_email_enabled: "{{ exim_relay_enabled }}"
matrix_synapse_email_smtp_host: "{{ exim_relay_identifier }}"
matrix_synapse_email_smtp_port: 8025

View File

@ -229,6 +229,18 @@ matrix_synapse_container_labels_federation_api_traefik_entrypoints: ''
matrix_synapse_container_labels_federation_api_traefik_tls: "{{ matrix_synapse_container_labels_federation_api_traefik_entrypoints != 'web' }}"
matrix_synapse_container_labels_federation_api_traefik_tls_certResolver: "{{ matrix_synapse_container_labels_traefik_tls_certResolver }}" # noqa var-naming
# Controls whether labels will be added that expose metrics (see `matrix_synapse_metrics_proxying_enabled`)
matrix_synapse_container_labels_metrics_enabled: "{{ matrix_synapse_metrics_enabled and matrix_synapse_metrics_proxying_enabled }}"
matrix_synapse_container_labels_metrics_traefik_path: "{{ matrix_synapse_metrics_proxying_path_prefix }}/main-process"
matrix_synapse_container_labels_metrics_traefik_rule: "Host(`{{ matrix_synapse_metrics_proxying_hostname }}`) && Path(`{{ matrix_synapse_container_labels_metrics_traefik_path }}`)"
matrix_synapse_container_labels_metrics_traefik_priority: 0
matrix_synapse_container_labels_metrics_traefik_entrypoints: "{{ matrix_synapse_container_labels_traefik_entrypoints }}"
matrix_synapse_container_labels_metrics_traefik_tls: "{{ matrix_synapse_container_labels_metrics_traefik_entrypoints != 'web' }}"
matrix_synapse_container_labels_metrics_traefik_tls_certResolver: "{{ matrix_synapse_container_labels_traefik_tls_certResolver }}" # noqa var-naming
matrix_synapse_container_labels_metrics_middleware_basic_auth_enabled: false
# See: https://doc.traefik.io/traefik/middlewares/http/basicauth/#users
matrix_synapse_container_labels_metrics_middleware_basic_auth_users: ''
# matrix_synapse_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
#
@ -598,7 +610,8 @@ matrix_synapse_grafana_dashboard_urls:
# - `matrix.DOMAIN/metrics/synapse/main-process` for the main process
# - `matrix.DOMAIN/metrics/synapse/worker/{type}-{id}` for each worker process
matrix_synapse_metrics_proxying_enabled: false
# TODO - add variables for controlling the hostname, path prefix, etc.
matrix_synapse_metrics_proxying_hostname: ''
matrix_synapse_metrics_proxying_path_prefix: /metrics/synapse
# Enable the Synapse manhole
# See https://github.com/matrix-org/synapse/blob/master/docs/manhole.md

View File

@ -28,6 +28,9 @@
- {'name': 'matrix_synapse_container_labels_federation_api_traefik_hostname', when: "{{ matrix_synapse_container_labels_federation_api_enabled }}"}
- {'name': 'matrix_synapse_container_labels_federation_api_traefik_entrypoints', when: "{{ matrix_synapse_container_labels_federation_api_enabled }}"}
- {'name': 'matrix_synapse_metrics_proxying_hostname', when: "{{ matrix_synapse_metrics_proxying_enabled }}"}
- {'name': 'matrix_synapse_metrics_proxying_path_prefix', when: "{{ matrix_synapse_metrics_proxying_enabled }}"}
- name: Fail if asking for more than 1 instance of single-instance workers
ansible.builtin.fail:
msg: >-

View File

@ -7,6 +7,7 @@ traefik.docker.network={{ matrix_synapse_container_labels_traefik_docker_network
traefik.http.services.matrix-synapse-client-api.loadbalancer.server.port={{ matrix_synapse_container_client_api_port }}
traefik.http.services.matrix-synapse-federation-api.loadbalancer.server.port={{ matrix_synapse_container_federation_api_plain_port }}
traefik.http.services.matrix-synapse-metrics.loadbalancer.server.port={{ matrix_synapse_metrics_port }}
{#
@ -171,6 +172,50 @@ traefik.http.routers.matrix-synapse-federation-api.tls.certResolver={{ matrix_sy
/Federation-API (/_matrix)
#}
{#
Metrics (e.g. /metrics/synapse/main-process)
#}
{% if matrix_synapse_container_labels_metrics_enabled %}
{% set metrics_middlewares = [] %}
{% if matrix_synapse_container_labels_metrics_middleware_basic_auth_enabled %}
{% set metrics_middlewares = metrics_middlewares + ['matrix-synapse-metrics-basic-auth'] %}
traefik.http.middlewares.matrix-synapse-metrics-basic-auth.basicauth.users={{ matrix_synapse_container_labels_metrics_middleware_basic_auth_users }}
{% endif %}
{% set metrics_middlewares = metrics_middlewares + ['matrix-synapse-metrics-replacepath'] %}
traefik.http.middlewares.matrix-synapse-metrics-replacepath.replacepath.path=/_synapse/metrics
traefik.http.routers.matrix-synapse-metrics.rule={{ matrix_synapse_container_labels_metrics_traefik_rule }}
{% if metrics_middlewares | length > 0 %}
traefik.http.routers.matrix-synapse-metrics.middlewares={{ metrics_middlewares | join(',') }}
{% endif %}
{% if matrix_synapse_container_labels_metrics_traefik_priority | int > 0 %}
traefik.http.routers.matrix-synapse-metrics.priority={{ matrix_synapse_container_labels_metrics_traefik_priority }}
{% endif %}
traefik.http.routers.matrix-synapse-metrics.service=matrix-synapse-metrics
traefik.http.routers.matrix-synapse-metrics.entrypoints={{ matrix_synapse_container_labels_metrics_traefik_entrypoints }}
traefik.http.routers.matrix-synapse-metrics.tls={{ matrix_synapse_container_labels_metrics_traefik_tls | to_json }}
{% if matrix_synapse_container_labels_metrics_traefik_tls %}
traefik.http.routers.matrix-synapse-metrics.tls.certResolver={{ matrix_synapse_container_labels_metrics_traefik_tls_certResolver }}
{% endif %}
{% if matrix_synapse_container_labels_metrics_middleware_basic_auth_enabled %}
traefik.http.routers.matrix-synapse-metrics.middlewares=matrix-synapse-metrics-basic-auth
traefik.http.middlewares.matrix-synapse-metrics-basic-auth.basicauth.users={{ matrix_synapse_container_labels_metrics_middleware_basic_auth_users }}
{% endif %}
{% endif %}
{#
/Metrics (e.g. /metrics/synapse/main-process)
#}
{% endif %}
{{ matrix_synapse_container_labels_additional_labels }}