vpp-maglev

ipng/vpp-maglev

Fork 0

Commit Graph

Author	SHA1	Message	Date
Pim van Pelt	d5fbf5c640	Prometheus: add VPP, LB sync, and gRPC metrics; expand docs New metrics plus the corresponding documentation for everything that's accumulated since the last Prometheus pass. internal/metrics/metrics.go - New VPPSource interface (IsConnected, VPPInfo) plus a metrics-local VPPInfo struct that mirrors vpp.Info. Decoupling via interface + struct-mirror keeps the dependency direction one-way (vpp → metrics), so vpp can import metrics to update inline counters without a cycle. - New Collector gauges scraped on demand: maglev_vpp_connected, maglev_vpp_uptime_seconds (from /sys/boottime), maglev_vpp_connected_seconds (time since maglevd connected), and maglev_vpp_info (static 1-gauge carrying version, build_date, and pid as labels). - New inline counters: - maglev_vpp_api_total{msg, direction, result} — bumped from the loggedChannel wrapper on every VPP binary-API send/recv. Gives full visibility into what maglevd is doing with VPP, broken down by message name, direction (send/recv), and result (success/failure). - maglev_vpp_lbsync_total{scope, kind} — bumped from the reconciler at the end of each SyncLBStateAll/SyncLBStateVIP run. kind ∈ {vip_added, vip_removed, as_added, as_removed, as_weight_updated}; scope ∈ {all, vip}. Zero-valued kinds are not emitted so noise stays low. - Register() signature now takes a VPPSource (may be nil) alongside the existing StateSource. internal/vpp/client.go - New VPPInfo() (metrics.VPPInfo, bool) shim method on Client that satisfies metrics.VPPSource. Returns (_, false) when disconnected so the collector skips the vpp_ gauges cleanly. internal/vpp/apilog.go - The loggedChannel's SendRequest / SendMultiRequest / ReceiveReply paths now call metrics.VPPAPITotal.WithLabelValues(...).Inc() in addition to slog.Debug. Since every VPP API call in the codebase must go through loggedChannel (NewAPIChannel is unexported), this one instrumentation point catches everything. internal/vpp/lbsync.go - New recordSyncStats(scope, st) helper called once at the end of SyncLBStateAll and SyncLBStateVIP to bump maglev_vpp_lbsync_total. Zero-valued stats are skipped. cmd/maglevd/main.go - Added github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus for the standard gRPC server metrics (grpc_server_started_total, grpc_server_handled_total, grpc_server_handling_seconds, etc., labelled by service/method/type/code). - Constructs grpcprom.NewServerMetrics(WithServerHandlingTimeHistogram()) before creating the grpc.Server, installs it as UnaryInterceptor + StreamInterceptor, then calls InitializeMetrics(srv) after service registration so every method appears at 0 on the first scrape instead of materialising lazily on first RPC. - Passes the vppClient (or nil) as a metrics.VPPSource to metrics.Register so the vpp_* gauges are emitted when integration is enabled and silently omitted otherwise. docs/user-guide.md - New 'Prometheus metrics' section in the maglevd chapter, tabulating every metric family: backend state gauges, probe counters/histogram, transition counters, the new VPP gauges and counters, and the standard gRPC server metrics. - 'show frontends <name>' description updated to mention the two weight columns ('weight' = configured from YAML, 'effective' = state-aware after pool-failover logic). - Pause / disable descriptions clarified: transition history is preserved across these operator actions. docs/healthchecks.md - New 'Static (no-healthcheck) backends' section explaining that backends without a healthcheck use rise/fall=1, fire a synthetic passing probe immediately on startup (no 30s wait), and idle at 30s between iterations thereafter. - New 'Pool failover' section documenting the priority-tier model, the active-pool definition, when promotion happens, cascading to further tiers, and graceful drain on demotion. Points readers at 'maglevc show frontends <name>' as the inspection interface. docs/config-guide.md - healthcheck field doc now describes static-backend behavior and cross-references healthchecks.md. - pools field doc now explains failover semantics at a high level and cross-references the detailed healthchecks.md section.	2026-04-12 13:00:35 +02:00
Pim van Pelt	d3c5c86037	VPP load-balancer dataplane integration: state, sync, and global conf This commit wires maglevd through to VPP's LB plugin end-to-end, using locally-generated GoVPP bindings for the newer v2 API messages. VPP binapi (vendored) - New package internal/vpp/binapi/ containing lb, lb_types, ip_types, and interface_types, generated from a local VPP build (~/src/vpp) via a new 'make vpp-binapi' target. GoVPP v0.12.0 upstream lacks the v2 messages we need (lb_conf_get, lb_add_del_vip_v2, lb_add_del_as_v2, lb_as_v2_dump, lb_as_set_weight), so we commit the generated output in-tree. - All generated files go through our loggedChannel wrapper; every VPP API send/receive is recorded at DEBUG via slog (vpp-api-send / vpp-api-recv / vpp-api-send-multi / vpp-api-recv-multi) so the full wire-level trail is auditable. NewAPIChannel is unexported — callers must use c.apiChannel(). Read path: GetLBState{All,VIP} - GetLBStateAll returns a full snapshot (global conf + every VIP with its attached application servers). - GetLBStateVIP looks up a single VIP by (prefix, protocol, port) and returns (nil, nil) when the VIP doesn't exist in VPP. This is the efficient path for targeted updates on a busy LB. - Helpers factored out: getLBConf, dumpAllVIPs, dumpASesForVIP, lookupVIP, vipFromDetails. Write path: SyncLBState{All,VIP} - SyncLBStateAll reconciles every configured frontend with VPP: creates missing VIPs, removes stale ones (with AS flush), and reconciles AS membership and weights within VIPs that exist on both sides. - SyncLBStateVIP targets a single frontend by name. Never removes VIPs. Returns ErrFrontendNotFound (wrapped with the name) when the frontend isn't in config, so callers can use errors.Is. - Shared reconcileVIP helper does the per-VIP AS diff; removeVIP is used only by the full-sync pass. - LbAddDelVipV2 requests always set NewFlowsTableLength=1024. The .api default=1024 annotation is only applied by VAT/CLI parsers, not wire- level marshalling — sending 0 caused VPP to vec_validate with mask 0xFFFFFFFF and OOM-panic. - Pool semantics: backends in the primary (first) pool of a frontend get their configured weight; backends in secondary pools get weight 0. All backends are installed so higher layers can flip weights on failover without add/remove churn. - Every individual change emits a DEBUG slog (vpp-lbsync-vip-add/del, vpp-lbsync-as-add/del, vpp-lbsync-as-weight). Start/done INFO logs carry a scope=all\|vip label plus aggregate counts. Global conf push: SetLBConf - New SetLBConf(cfg) sends lb_conf with ipv4-src, ipv6-src, sticky-buckets, and flow-timeout. Called automatically on VPP (re)connect and after every config reload (via doReloadConfig). Results are cached on the Client so redundant pushes are silently skipped — only actual changes produce a vpp-lb-conf-set INFO log line. Periodic drift reconciliation - vpp.Client.lbSyncLoop runs in a goroutine tied to each VPP connection's lifetime. Its first tick is immediate (startup and post-reconnect sync quickly); subsequent ticks fire every vpp.lb.sync-interval from config (default 30s). Purpose: catch drift if something/someone modifies VPP state by hand. The loop uses a ConfigSource interface (satisfied by checker.Checker via its new Config() accessor) to avoid an import cycle with the checker package. Config schema additions (maglev.vpp.lb) - sync-interval: positive Go duration, default 30s. - ipv4-src-address: REQUIRED. Used as the outer source for GRE4 encap to application servers. Missing this is a hard semantic error — maglevd --check exits 2 and the daemon refuses to start. VPP GRE needs a source address and every VIP we program uses GRE, so there is no meaningful config without it. - ipv6-src-address: REQUIRED. Same treatment as ipv4-src-address. - sticky-buckets-per-core: default 65536, must be a power of 2. - flow-timeout: default 40s, must be a whole number of seconds in [1s, 120s]. - VPP validation runs at the end of convert() so structural errors in healthchecks/backends/frontends surface first — operators fix those, then get the VPP-specific requirements. gRPC API - New GetVPPLBState RPC returning VPPLBState: global conf + VIPs with ASes. Mirrors the read-path but strips fields irrelevant to our GRE-only deployment (srv_type, dscp, target_port). - New SyncVPPLBState RPC with optional frontend_name. Unset → full sync (may remove stale VIPs). Set → single-VIP sync (never removes). Returns codes.NotFound for unknown frontends, codes.Unavailable when VPP integration is disabled or disconnected. maglevc (CLI) - New 'show vpp lbstate' command displaying the LB plugin state. VPP-only fields the dataplane irrelevant to GRE are suppressed. Per-AS lines use a key-value format ("address X weight Y flow-table-buckets Z") instead of a tabwriter column, which avoids the ANSI-color alignment issue we hit with mixed label/data rows. - New 'sync vpp lbstate [<name>]' command. Without a name, triggers a full reconciliation; with a name, targets one frontend. - Previous 'show vpp lb' renamed to 'show vpp lbstate' for consistency with the new sync command. Test fixtures - validConfig and all ad-hoc config_test.go fixtures that reach the end of convert() now include the two required vpp.lb src addresses. - tests/01-maglevd/maglevd-lab/maglev.yaml gains a vpp.lb section so the robot integration tests can still load the config. - cmd/maglevc/tree_test.go gains expected paths for the new commands. Docs - config-guide.md: new 'vpp' section in the basic structure, detailed vpp.lb field reference, noting ipv4/ipv6 src addresses as REQUIRED (hard error) with no defaults; example config updated. - user-guide.md: documented 'show vpp info', 'show vpp lbstate', 'sync vpp lbstate [<name>]', new --vpp-api-addr and --vpp-stats-addr flags, the vpp-lb-conf-set log line, and corrected the pause/resume description to reflect that pause cancels the probe goroutine. - debian/maglev.yaml: example config gains a vpp.lb block with src addresses and commented optional overrides.	2026-04-12 10:58:44 +02:00

Author

SHA1

Message

Date

Pim van Pelt

d5fbf5c640

Prometheus: add VPP, LB sync, and gRPC metrics; expand docs

New metrics plus the corresponding documentation for everything that's
accumulated since the last Prometheus pass.

internal/metrics/metrics.go
- New VPPSource interface (IsConnected, VPPInfo) plus a metrics-local
  VPPInfo struct that mirrors vpp.Info. Decoupling via interface +
  struct-mirror keeps the dependency direction one-way (vpp → metrics),
  so vpp can import metrics to update inline counters without a cycle.
- New Collector gauges scraped on demand: maglev_vpp_connected,
  maglev_vpp_uptime_seconds (from /sys/boottime), maglev_vpp_connected_seconds
  (time since maglevd connected), and maglev_vpp_info (static 1-gauge
  carrying version, build_date, and pid as labels).
- New inline counters:
  - maglev_vpp_api_total{msg, direction, result} — bumped from the
    loggedChannel wrapper on every VPP binary-API send/recv. Gives full
    visibility into what maglevd is doing with VPP, broken down by
    message name, direction (send/recv), and result (success/failure).
  - maglev_vpp_lbsync_total{scope, kind} — bumped from the reconciler
    at the end of each SyncLBStateAll/SyncLBStateVIP run. kind ∈
    {vip_added, vip_removed, as_added, as_removed, as_weight_updated};
    scope ∈ {all, vip}. Zero-valued kinds are not emitted so noise
    stays low.
- Register() signature now takes a VPPSource (may be nil) alongside
  the existing StateSource.

internal/vpp/client.go
- New VPPInfo() (metrics.VPPInfo, bool) shim method on *Client that
  satisfies metrics.VPPSource. Returns (_, false) when disconnected so
  the collector skips the vpp_* gauges cleanly.

internal/vpp/apilog.go
- The loggedChannel's SendRequest / SendMultiRequest / ReceiveReply
  paths now call metrics.VPPAPITotal.WithLabelValues(...).Inc() in
  addition to slog.Debug. Since every VPP API call in the codebase
  must go through loggedChannel (NewAPIChannel is unexported), this
  one instrumentation point catches everything.

internal/vpp/lbsync.go
- New recordSyncStats(scope, st) helper called once at the end of
  SyncLBStateAll and SyncLBStateVIP to bump maglev_vpp_lbsync_total.
  Zero-valued stats are skipped.

cmd/maglevd/main.go
- Added github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus
  for the standard gRPC server metrics (grpc_server_started_total,
  grpc_server_handled_total, grpc_server_handling_seconds, etc.,
  labelled by service/method/type/code).
- Constructs grpcprom.NewServerMetrics(WithServerHandlingTimeHistogram())
  before creating the grpc.Server, installs it as UnaryInterceptor +
  StreamInterceptor, then calls InitializeMetrics(srv) after service
  registration so every method appears at 0 on the first scrape
  instead of materialising lazily on first RPC.
- Passes the vppClient (or nil) as a metrics.VPPSource to
  metrics.Register so the vpp_* gauges are emitted when integration
  is enabled and silently omitted otherwise.

docs/user-guide.md
- New 'Prometheus metrics' section in the maglevd chapter,
  tabulating every metric family: backend state gauges, probe
  counters/histogram, transition counters, the new VPP gauges and
  counters, and the standard gRPC server metrics.
- 'show frontends <name>' description updated to mention the two
  weight columns ('weight' = configured from YAML, 'effective' =
  state-aware after pool-failover logic).
- Pause / disable descriptions clarified: transition history is
  preserved across these operator actions.

docs/healthchecks.md
- New 'Static (no-healthcheck) backends' section explaining that
  backends without a healthcheck use rise/fall=1, fire a synthetic
  passing probe immediately on startup (no 30s wait), and idle at
  30s between iterations thereafter.
- New 'Pool failover' section documenting the priority-tier model,
  the active-pool definition, when promotion happens, cascading to
  further tiers, and graceful drain on demotion. Points readers at
  'maglevc show frontends <name>' as the inspection interface.

docs/config-guide.md
- healthcheck field doc now describes static-backend behavior and
  cross-references healthchecks.md.
- pools field doc now explains failover semantics at a high level
  and cross-references the detailed healthchecks.md section.

2026-04-12 13:00:35 +02:00

Pim van Pelt

d3c5c86037

VPP load-balancer dataplane integration: state, sync, and global conf

This commit wires maglevd through to VPP's LB plugin end-to-end, using
locally-generated GoVPP bindings for the newer v2 API messages.

VPP binapi (vendored)
- New package internal/vpp/binapi/ containing lb, lb_types, ip_types, and
  interface_types, generated from a local VPP build (~/src/vpp) via a new
  'make vpp-binapi' target. GoVPP v0.12.0 upstream lacks the v2 messages we
  need (lb_conf_get, lb_add_del_vip_v2, lb_add_del_as_v2, lb_as_v2_dump,
  lb_as_set_weight), so we commit the generated output in-tree.
- All generated files go through our loggedChannel wrapper; every VPP API
  send/receive is recorded at DEBUG via slog (vpp-api-send / vpp-api-recv /
  vpp-api-send-multi / vpp-api-recv-multi) so the full wire-level trail is
  auditable. NewAPIChannel is unexported — callers must use c.apiChannel().

Read path: GetLBState{All,VIP}
- GetLBStateAll returns a full snapshot (global conf + every VIP with its
  attached application servers).
- GetLBStateVIP looks up a single VIP by (prefix, protocol, port) and
  returns (nil, nil) when the VIP doesn't exist in VPP. This is the
  efficient path for targeted updates on a busy LB.
- Helpers factored out: getLBConf, dumpAllVIPs, dumpASesForVIP, lookupVIP,
  vipFromDetails.

Write path: SyncLBState{All,VIP}
- SyncLBStateAll reconciles every configured frontend with VPP: creates
  missing VIPs, removes stale ones (with AS flush), and reconciles AS
  membership and weights within VIPs that exist on both sides.
- SyncLBStateVIP targets a single frontend by name. Never removes VIPs.
  Returns ErrFrontendNotFound (wrapped with the name) when the frontend
  isn't in config, so callers can use errors.Is.
- Shared reconcileVIP helper does the per-VIP AS diff; removeVIP is used
  only by the full-sync pass.
- LbAddDelVipV2 requests always set NewFlowsTableLength=1024. The .api
  default=1024 annotation is only applied by VAT/CLI parsers, not wire-
  level marshalling — sending 0 caused VPP to vec_validate with mask
  0xFFFFFFFF and OOM-panic.
- Pool semantics: backends in the primary (first) pool of a frontend get
  their configured weight; backends in secondary pools get weight 0. All
  backends are installed so higher layers can flip weights on failover
  without add/remove churn.
- Every individual change emits a DEBUG slog (vpp-lbsync-vip-add/del,
  vpp-lbsync-as-add/del, vpp-lbsync-as-weight). Start/done INFO logs
  carry a scope=all|vip label plus aggregate counts.

Global conf push: SetLBConf
- New SetLBConf(cfg) sends lb_conf with ipv4-src, ipv6-src, sticky-buckets,
  and flow-timeout. Called automatically on VPP (re)connect and after
  every config reload (via doReloadConfig). Results are cached on the
  Client so redundant pushes are silently skipped — only actual changes
  produce a vpp-lb-conf-set INFO log line.

Periodic drift reconciliation
- vpp.Client.lbSyncLoop runs in a goroutine tied to each VPP connection's
  lifetime. Its first tick is immediate (startup and post-reconnect
  sync quickly); subsequent ticks fire every vpp.lb.sync-interval from
  config (default 30s). Purpose: catch drift if something/someone
  modifies VPP state by hand. The loop uses a ConfigSource interface
  (satisfied by checker.Checker via its new Config() accessor) to avoid
  an import cycle with the checker package.

Config schema additions (maglev.vpp.lb)
- sync-interval: positive Go duration, default 30s.
- ipv4-src-address: REQUIRED. Used as the outer source for GRE4 encap
  to application servers. Missing this is a hard semantic error —
  maglevd --check exits 2 and the daemon refuses to start. VPP GRE
  needs a source address and every VIP we program uses GRE, so there
  is no meaningful config without it.
- ipv6-src-address: REQUIRED. Same treatment as ipv4-src-address.
- sticky-buckets-per-core: default 65536, must be a power of 2.
- flow-timeout: default 40s, must be a whole number of seconds in [1s, 120s].
- VPP validation runs at the end of convert() so structural errors in
  healthchecks/backends/frontends surface first — operators fix those,
  then get the VPP-specific requirements.

gRPC API
- New GetVPPLBState RPC returning VPPLBState: global conf + VIPs with
  ASes. Mirrors the read-path but strips fields irrelevant to our
  GRE-only deployment (srv_type, dscp, target_port).
- New SyncVPPLBState RPC with optional frontend_name. Unset → full sync
  (may remove stale VIPs). Set → single-VIP sync (never removes).
  Returns codes.NotFound for unknown frontends, codes.Unavailable when
  VPP integration is disabled or disconnected.

maglevc (CLI)
- New 'show vpp lbstate' command displaying the LB plugin state. VPP-only
  fields the dataplane irrelevant to GRE are suppressed. Per-AS lines use
  a key-value format ("address X  weight Y  flow-table-buckets Z")
  instead of a tabwriter column, which avoids the ANSI-color alignment
  issue we hit with mixed label/data rows.
- New 'sync vpp lbstate [<name>]' command. Without a name, triggers a
  full reconciliation; with a name, targets one frontend.
- Previous 'show vpp lb' renamed to 'show vpp lbstate' for consistency
  with the new sync command.

Test fixtures
- validConfig and all ad-hoc config_test.go fixtures that reach the end
  of convert() now include the two required vpp.lb src addresses.
- tests/01-maglevd/maglevd-lab/maglev.yaml gains a vpp.lb section so the
  robot integration tests can still load the config.
- cmd/maglevc/tree_test.go gains expected paths for the new commands.

Docs
- config-guide.md: new 'vpp' section in the basic structure, detailed
  vpp.lb field reference, noting ipv4/ipv6 src addresses as REQUIRED
  (hard error) with no defaults; example config updated.
- user-guide.md: documented 'show vpp info', 'show vpp lbstate',
  'sync vpp lbstate [<name>]', new --vpp-api-addr and --vpp-stats-addr
  flags, the vpp-lb-conf-set log line, and corrected the pause/resume
  description to reflect that pause cancels the probe goroutine.
- debian/maglev.yaml: example config gains a vpp.lb block with src
  addresses and commented optional overrides.

2026-04-12 10:58:44 +02:00

2 Commits