Add neco-server-exporter to expose custom node-local metrices

[yokaze]

• Add neco-server-exporter to expose custom node-local metrices
  • Focus on performance digit not exposed from node-exporter nor cAdvisor
  • Extensible structure
    • It can collect information from multiple aspects of a server
    • BPF performance monitoring as the first plugin
      • Assume Linux 6.6+ and Cilium 1.16+ (TCX mode) to collect extended information

Signed-off-by: Daichi Sakaue [email protected]

[yokaze]

NOTE: merge this PR after preparing ghcr.io

[chez-shanpu]

It seems that Run() never return an error.

[yokaze]

I think it's better to leave it as is, because it states the Run function may return error in future development.
Without it, someone may confuse how to treat errors happen in it.

[chez-shanpu]

That makes sense. How about writing it in a comment to left what you replied?
For example...

// Run starts the metric collection loop.
// The error return is reserved for future fatal error conditions.
// Currently always returns nil except when context is cancelled.
func (e *Exporter) Run(ctx context.Context) error {

[yokaze]

Sounds good, I will add it.

[chez-shanpu]

suggestion: How about making collectors a constructor parameter instead of using AddCollector(). This would remove running and make the API simpler.

[yokaze]

Cool idea, thank you!

[chez-shanpu]

This HTTP server doesn't stop when ctx is cancelled. How about using http.Server.Shutdown() when ctx is done for graceful shutdown?

[chez-shanpu]

Suggested change

	"github.com/cilium/cilium/pkg/client"
	"github.com/cilium/ebpf"
	"github.com/cybozu/neco-containers/neco-server-exporter/pkg/exporter"
	"github.com/cilium/cilium/pkg/client"
	"github.com/cilium/ebpf"
	"github.com/cybozu/neco-containers/neco-server-exporter/pkg/exporter"

Missing blank line between external and internal imports.

[yokaze]

This point is new to me, because the proposed style is not currently adopted by our team.

• Codes dividing external and internal imports
  • https://github.com/cybozu/neco-containers/blob/main/cep-checker/main.go
  • https://github.com/cybozu-go/tenet/blob/main/cmd/tenet-controller/main.go
• Codes not doing so
  • https://github.com/cybozu/neco-containers/blob/main/admission/cmd/run.go
  • https://github.com/cybozu-go/coil/blob/main/v2/cmd/coil-installer/sub/root.go

My feeling is neutral for this and it's ok to accept it. However, it's better to automate.
I'm going to install goimports in tools.mk and check the style in make check-generate.

[chez-shanpu]

ditto

[chez-shanpu]

Isn't it enough docker image rm $(IMAGE_TAG)?
image prune seems little dangerous to me.

[yokaze]

It's consistent with other scripts.
Do you want all of them to be fixed?

$ git grep -F -- '-docker image prune -f'
cep-checker/e2e/Makefile:43:    -docker image prune -f
neco-server-exporter/e2e/Makefile:57:   -docker image prune -f
squid-exporter/e2e/Makefile:34: -docker image prune -f

[chez-shanpu]

I think other ones could be fixed as well, but for now, I think only this one is fine.

[yokaze]

Please let me clarify my implication, I think it's very important to choose one from the following options.

1. Fix all-at-once.
2. Leave it as negligible.

If we fix the problem partially, the remaining ones will be copy-pasted sometime and we need to point out the same problem again and again. That's not productive.
I would like to ask that the problem is worth fixing for paying the all-at-once cost.

[chez-shanpu]

I see. What do you think about image prune?
If you also think it's a problem, let's fix them.

[yokaze]

To my opinion it looks a little dangerous too.
It's not intuitive that make uninstall prunes all the unrelated images.

My preference is to remove automatic image prune from the entire repository.

[chez-shanpu]

nit: I think we can remove these lines (I think we can add it when it's needed).

[yokaze]

I think it's better to leave it here, because the function will very likely be needed.
Otherwise, the one who wants kubectl will need to grep neco repositories all-around to get an appropriate version.

[chez-shanpu]

ok, why don't you call kubectl() from kubectlSafe()?

[yokaze]

This is a tiny optimization to save call-stack memory that's not-so-effective (~10ns/32Bytes).
I'll use kubectl() from kubectlSafe(), that's more rigid and readable.

[chez-shanpu]

It should be close end of for or extract it as a function.

[yokaze]

I think it's not a major problem, but will fix the implementation to close the handle per-program to avoid consuming thousands of file descriptors caused by a large number of BPF programs.

[chez-shanpu]

nit: I think just Name() would be fine too, since it's clear that it's the collector's(section?) name.

[yokaze]

I prefer to use SectionName, because it flavors like something special is there.
Name looks too concise to find out it's used as a part of metrics names.
Someone may think it's ok to set arbitrary text here and write as "BPF Performance Exporter".

BTW how about MetricsGroupName()?

[chez-shanpu]

MetricsGroupName() is fine. Also MetricsPrefix is clear to me in this case.

[yokaze]

OK I'm going to use MetricsPrefix.
Thanks for the suggestion 🙇

[chez-shanpu]

nit: 1.24.5 has some vulnerabilities. I think the latest would be good.

[yokaze]

The version should exactly match with the workflow:
https://github.com/cybozu/neco-containers/blob/main/.github/workflows/main.yaml#L281
https://github.com/cybozu/neco-containers/actions/runs/19063539929/job/54448614430

Do you think it's ok to postpone to regular update, or better to update all for now?

$ git grep -F 1.24.5
.github/workflows/main.yaml:285:      go-version: "1.24.5"
admission/go.mod:3:go 1.24.5
bmc-log-collector/go.mod:3:go 1.24.5
cep-checker/go.mod:3:go 1.24.5
envoy/go.mod:3:go 1.24.5
neco-server-exporter/go.mod:3:go 1.24.5
squid-exporter/go.mod:3:go 1.24.5
tcp-keepalive/go.mod:3:go 1.24.5

[chez-shanpu]

For now, I think it's enough to just update this one.

[yokaze]

It's impossible to fix neco-server-exporter only, due to repository structure.
We must choose all-at-once or regular update for this problem.