ipng/nginx-ipng-stats-plugin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15 Commits 1 Branch 0 Tags
8e0b1cdde97f18d5f82ba784ab5601acf04eddf7
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Pim van Pelt 8e0b1cdde9 PRE-RELEASE v0.7.0 
Self-heal device= → ifindex attribution and expose plugin meta
counters in the scrape.

ipng_stats_rescan_interval (default 60s, 0 to disable) runs a
per-worker timer that re-resolves every binding via if_nametoindex,
so interface teardown/recreate (e.g. GRE tunnel reprovision) picks
up the new ifindex without requiring an nginx reload.

nginx_ipng_ifindex_misses_total increments whenever a cmsg-reported
ingress ifindex doesn't match any binding — making stale mappings
observable. Also expose the existing zone_full_events and
flushes_total shared-memory counters, which were tracked but never
emitted. JSON output gains a top-level "meta" object; schema stays
at 2 (additive change).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-18 19:37:15 +02:00
debian
PRE-RELEASE v0.7.0
2026-04-18 19:37:15 +02:00
docs
PRE-RELEASE v0.7.0
2026-04-18 19:37:15 +02:00
src
PRE-RELEASE v0.7.0
2026-04-18 19:37:15 +02:00
tests
Switch per-device attribution from SO_BINDTODEVICE to IP_PKTINFO
2026-04-18 15:00:46 +02:00
.gitignore
Release v0.2.0: single-source the version, wildcard it in docs
2026-04-17 14:45:15 +02:00
config
Add ngx_http_ipng_stats_module: per-VIP, per-device traffic counters
2026-04-16 17:41:23 +02:00
LICENSE
Add ngx_http_ipng_stats_module: per-VIP, per-device traffic counters
2026-04-16 17:41:23 +02:00
Makefile
PRE-RELEASE v0.7.0
2026-04-18 19:37:15 +02:00
README.md
Update docs and header comments for the IP_PKTINFO attribution model
2026-04-18 15:16:10 +02:00

README.md

nginx-ipng-stats-plugin

Per-VIP, per-device traffic counters for nginx. Ships as a dynamic nginx module and a Debian package that loads into stock upstream nginx on Debian Trixie.

The module attributes every HTTP request to the interface it arrived on, reading the ingress ifindex per connection from the kernel's IP_PKTINFO / IPV6_PKTINFO cmsg. Listening sockets stay plain wildcards, so outgoing packets follow the normal routing table — which is what makes this safe for DSR / maglev deployments where the SYN arrives via a GRE tunnel and the SYN-ACK must leave via the default route. Counters — requests, status codes, bytes, latency histograms — are exposed as Prometheus text or JSON from a single HTTP scrape endpoint, filtered per-source. This is useful for any deployment where traffic arrives on distinct interfaces — GRE tunnels, VLANs, bonded links, or plain ethernet — and per-interface observability is needed.

Without any device=/ipng_source_tag= parameters, the module still counts and exposes per-VIP traffic under the configurable default source tag (direct), which makes it a useful plain observability module for any nginx host.

See docs/design.md for the full design, including the attribution model, data flow, and requirements.

Quick start

make install-deps      # install build and test dependencies (apt)
make build             # build the .so out-of-tree
make pkg-deb           # build a .deb package
make robot-test        # run end-to-end tests via containerlab

Installing

sudo dpkg -i build/*.deb

The package installs the .so into /usr/lib/nginx/modules, drops a load_module stanza into /etc/nginx/modules-enabled/, and runs nginx -t before completing.

Configuring

See docs/user-guide.md for an end-to-end walkthrough and docs/config-guide.md for the directive and listen parameter reference.

License

Apache-2.0. See LICENSE.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme Apache-2.0 920 KiB
Languages
C 72.7%
RobotFramework 14.9%
Makefile 7.4%
Shell 4%
C++ 0.6%
Other 0.4%