diff options
| author | Cecylia Bocovich <cohosh@torproject.org> | 2021-04-01 14:21:12 -0400 |
|---|---|---|
| committer | Cecylia Bocovich <cohosh@torproject.org> | 2021-04-26 14:18:50 -0400 |
| commit | af6e2c30e1a6aacc6e7adf9a31df0a387891cc37 (patch) | |
| tree | 00f6024d4b68614034b006cc722e52be160586fa | |
| parent | 2a310682b51b3da514d7e1927aafcdae9b9c8820 (diff) | |
| download | snowflake-master.tar.gz snowflake-master.zip | |
Replace default with custom prometheus registrymaster
The default prometheus registry exports data that may be useful for
side-channel attacks. This removes all of the default metrics and makes
sure we are only reporting snowflake metrics from the broker.
| -rw-r--r-- | broker/broker.go | 4 | ||||
| -rw-r--r-- | broker/metrics.go | 15 |
2 files changed, 9 insertions, 10 deletions
diff --git a/broker/broker.go b/broker/broker.go index 77c62d8..8d7a314 100644 --- a/broker/broker.go +++ b/broker/broker.go @@ -506,9 +506,7 @@ func main() { http.Handle("/answer", SnowflakeHandler{ctx, proxyAnswers}) http.Handle("/debug", SnowflakeHandler{ctx, debugHandler}) http.Handle("/metrics", MetricsHandler{metricsFilename, metricsHandler}) - http.Handle("/prometheus", promhttp.Handler()) - - InitPrometheus() + http.Handle("/prometheus", promhttp.HandlerFor(promMetrics.registry, promhttp.HandlerOpts{})) server := http.Server{ Addr: addr, diff --git a/broker/metrics.go b/broker/metrics.go index be8cfd9..ad55bcb 100644 --- a/broker/metrics.go +++ b/broker/metrics.go @@ -15,7 +15,6 @@ import ( "time" "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" ) var ( @@ -261,6 +260,7 @@ func binCount(count uint) uint { } type PromMetrics struct { + registry *prometheus.Registry ProxyTotal *prometheus.CounterVec ProxyPollTotal *RoundedCounterVec ClientPollTotal *RoundedCounterVec @@ -272,7 +272,9 @@ func initPrometheus() *PromMetrics { promMetrics := &PromMetrics{} - promMetrics.ProxyTotal = promauto.NewCounterVec( + promMetrics.registry = prometheus.NewRegistry() + + promMetrics.ProxyTotal = prometheus.NewCounterVec( prometheus.CounterOpts{ Namespace: prometheusNamespace, Name: "proxy_total", @@ -281,7 +283,7 @@ func initPrometheus() *PromMetrics { []string{"type", "nat", "cc"}, ) - promMetrics.AvailableProxies = promauto.NewGaugeVec( + promMetrics.AvailableProxies = prometheus.NewGaugeVec( prometheus.GaugeOpts{ Namespace: prometheusNamespace, Name: "available_proxies", @@ -308,10 +310,9 @@ func initPrometheus() *PromMetrics { []string{"nat", "status"}, ) - // We need to register this new metric type because there is no constructor - // for it in promauto. - prometheus.DefaultRegisterer.MustRegister(promMetrics.ClientPollTotal) - prometheus.DefaultRegisterer.MustRegister(promMetrics.ProxyPollTotal) + // We need to register our metrics so they can be exported. + promMetrics.registry.MustRegister(promMetrics.ClientPollTotal, promMetrics.ProxyPollTotal, + promMetrics.ProxyTotal, promMetrics.AvailableProxies) return promMetrics |