feat(bgp): Neighbour path and best path count (#115)

* Add BGP neighbour path and best path count

Author: Hugo Blom

Diff for: README.md

@@ -57,8 +57,6 @@ Per-VDOM:
  * `fortigate_ipsec_tunnel_receive_bytes_total`
  * `fortigate_ipsec_tunnel_transmit_bytes_total`
  * `fortigate_ipsec_tunnel_up`
- * `fortigate_bgp_neighbor_ipv4_info`
- * `fortigate_bgp_neighbor_ipv6_info`
  * `fortigate_wifi_access_points`
  * `fortigate_wifi_fabric_clients`
  * `fortigate_wifi_fabric_max_allowed_clients`
@@ -98,6 +96,14 @@ Per-VDOM:
  * `fortigate_virtual_wan_bandwidth_rx_byte_per_second`
  * `fortigate_virtual_wan_status_change_time_seconds`
 
+ Per-BGP-Neighbor and VDOM:
+ * `fortigate_bgp_neighbor_ipv4_info`
+ * `fortigate_bgp_neighbor_ipv6_info`
+ * `fortigate_bgp_neighbor_ipv4_paths`
+ * `fortigate_bgp_neighbor_ipv6_paths`
+ * `fortigate_bgp_neighbor_ipv4_best_paths`
+ * `fortigate_bgp_neighbor_ipv6_best_paths`
+
  Per-VirtualServer and VDOM:
  * `fortigate_lb_virtual_server_info`
 
@@ -180,6 +186,7 @@ which means that currently you need HTTPS to be configured properly.
 To probe a FortiGate, do something like `curl 'localhost:9710/probe?target=https://my-fortigate'`
 
 ### Available CLI parameters
+
 | flag  | default value  |  description  |
 |---|---|---|
 | -auth-file      | fortigate-key.yaml  | path to the location of the key file |
@@ -188,7 +195,7 @@ To probe a FortiGate, do something like `curl 'localhost:9710/probe?target=https
 | -https-timeout  | 10     | timeout in seconds for establishment of HTTPS connections  |
 | -insecure       | false  | allows to turn off security validation of TLS certificates  |
 | -extra-ca-certs | (none) | comma-separated files containing extra PEMs to trust for TLS connections in addition to the system trust store |
-
+| -max-bgp-paths  | 10000  | Sets maximum amount of BGP paths to fetch, value is per IP stack version (IPv4 a& IPv6) |
 ### FortiGate Configuration
 
 The following example Admin Profile describes the permissions that needs to be granted

Diff for: internal/config/main.go

@@ -16,6 +16,7 @@ type FortiExporterParameter struct {
 	TLSTimeout    *int
 	TLSInsecure   *bool
 	TlsExtraCAs   *string
+	MaxBGPPaths   *int
 }
 
 type FortiExporterConfig struct {
@@ -25,6 +26,7 @@ type FortiExporterConfig struct {
 	TLSTimeout    int
 	TLSInsecure   bool
 	TlsExtraCAs   []LocalCert
+	MaxBGPPaths   int
 }
 
 type AuthKeys map[Target]TargetAuth
@@ -49,6 +51,7 @@ var (
 		TLSTimeout:    flag.Int("https-timeout", 10, "TLS Handshake timeout in seconds"),
 		TLSInsecure:   flag.Bool("insecure", false, "Allow insecure certificates"),
 		TlsExtraCAs:   flag.String("extra-ca-certs", "", "comma-separated files containing extra PEMs to trust for TLS connections in addition to the system trust store"),
+		MaxBGPPaths:   flag.Int("max-bgp-paths", 10000, "How many BGP Paths to receive when counting routes, needs to be higher then the number of routes or metrics will not be generated"),
 	}
 
 	savedConfig *FortiExporterConfig
@@ -69,6 +72,7 @@ func Init() error {
 		ScrapeTimeout: *parameter.ScrapeTimeout,
 		TLSTimeout:    *parameter.TLSTimeout,
 		TLSInsecure:   *parameter.TLSInsecure,
+		MaxBGPPaths:   *parameter.MaxBGPPaths,
 	}
 
 	// parse AuthKeys

Diff for: pkg/probe/bgp_neighbor_routes.go

@@ -0,0 +1,162 @@
+package probe
+
+import (
+	"fmt"
+	"log"
+
+	"github.com/bluecmd/fortigate_exporter/internal/config"
+	"github.com/bluecmd/fortigate_exporter/pkg/http"
+	"github.com/prometheus/client_golang/prometheus"
+)
+
+type BGPPath struct {
+	LearnedFrom string `json:"learned_from"`
+	IsBest      bool   `json:"is_best"`
+}
+
+type BGPPaths struct {
+	Results []BGPPath `json:"results"`
+	VDOM    string    `json:"vdom"`
+	Version string    `json:"version"`
+}
+
+type PathCount struct {
+	Source string
+	VDOM   string
+}
+
+func probeBGPNeighborPathsIPv4(c http.FortiHTTP, meta *TargetMetadata) ([]prometheus.Metric, bool) {
+	savedConfig := config.GetConfig()
+	MaxBGPPaths := savedConfig.MaxBGPPaths
+
+	if MaxBGPPaths == 0 {
+		return nil, true
+	}
+
+	if meta.VersionMajor < 7 {
+		// not supported version. Before 7.0.0 the requested endpoint doesn't exist
+		return nil, true
+	}
+	var (
+		BGPNeighborPaths = prometheus.NewDesc(
+			"fortigate_bgp_neighbor_ipv4_paths",
+			"Count of paths received from an BGP neighbor",
+			[]string{"vdom", "neighbor_ip"}, nil,
+		)
+		BGPNeighborBestPaths = prometheus.NewDesc(
+			"fortigate_bgp_neighbor_ipv4_best_paths",
+			"Count of best paths for an BGP neighbor",
+			[]string{"vdom", "neighbor_ip"}, nil,
+		)
+	)
+
+	var rs []BGPPaths
+
+	if err := c.Get("api/v2/monitor/router/bgp/paths", fmt.Sprintf("vdom=*&count=%d", MaxBGPPaths), &rs); err != nil {
+		log.Printf("Error: %v", err)
+		return nil, false
+	}
+
+	m := []prometheus.Metric{}
+
+	srMap := make(map[PathCount]int)
+	sr2Map := make(map[PathCount]int)
+	for _, r := range rs {
+
+		if len(r.Results) >= MaxBGPPaths {
+			log.Printf("Error: Received more BGP Paths than maximum (%d > %d) allowed, ignoring metric ...", len(r.Results), MaxBGPPaths)
+			return nil, false
+		}
+		for _, route := range r.Results {
+			sr := PathCount{
+				Source: route.LearnedFrom,
+				VDOM:   r.VDOM,
+			}
+			srMap[sr] += 1
+			if route.IsBest {
+				sr2 := PathCount{
+					Source: route.LearnedFrom,
+					VDOM:   r.VDOM,
+				}
+				sr2Map[sr2] += 1
+			}
+		}
+	}
+
+	for neighbor, count := range srMap {
+		m = append(m, prometheus.MustNewConstMetric(BGPNeighborPaths, prometheus.GaugeValue, float64(count), neighbor.VDOM, neighbor.Source))
+	}
+	for neighbor, count := range sr2Map {
+		m = append(m, prometheus.MustNewConstMetric(BGPNeighborBestPaths, prometheus.GaugeValue, float64(count), neighbor.VDOM, neighbor.Source))
+	}
+
+	return m, true
+}
+
+func probeBGPNeighborPathsIPv6(c http.FortiHTTP, meta *TargetMetadata) ([]prometheus.Metric, bool) {
+	savedConfig := config.GetConfig()
+	MaxBGPPaths := savedConfig.MaxBGPPaths
+
+	if MaxBGPPaths == 0 {
+		return nil, true
+	}
+
+	if meta.VersionMajor < 7 {
+		// not supported version. Before 7.0.0 the requested endpoint doesn't exist
+		return nil, true
+	}
+	var (
+		BGPNeighborPaths = prometheus.NewDesc(
+			"fortigate_bgp_neighbor_ipv6_paths",
+			"Count of paths received from an BGP neighbor",
+			[]string{"vdom", "neighbor_ip"}, nil,
+		)
+		BGPNeighborBestPaths = prometheus.NewDesc(
+			"fortigate_bgp_neighbor_ipv6_best_paths",
+			"Count of best paths for an BGP neighbor",
+			[]string{"vdom", "neighbor_ip"}, nil,
+		)
+	)
+
+	var rs []BGPPaths
+
+	if err := c.Get("api/v2/monitor/router/bgp/paths6", fmt.Sprintf("vdom=*&count=%d", MaxBGPPaths), &rs); err != nil {
+		log.Printf("Error: %v", err)
+		return nil, false
+	}
+
+	m := []prometheus.Metric{}
+
+	srMap := make(map[PathCount]int)
+	sr2Map := make(map[PathCount]int)
+	for _, r := range rs {
+
+		if len(r.Results) >= MaxBGPPaths {
+			log.Printf("Error: Received more BGP Paths than maximum (%d > %d) allowed, ignoring metric ...", len(r.Results), MaxBGPPaths)
+			return nil, false
+		}
+		for _, route := range r.Results {
+			sr := PathCount{
+				Source: route.LearnedFrom,
+				VDOM:   r.VDOM,
+			}
+			srMap[sr] += 1
+			if route.IsBest {
+				sr2 := PathCount{
+					Source: route.LearnedFrom,
+					VDOM:   r.VDOM,
+				}
+				sr2Map[sr2] += 1
+			}
+		}
+	}
+
+	for neighbor, count := range srMap {
+		m = append(m, prometheus.MustNewConstMetric(BGPNeighborPaths, prometheus.GaugeValue, float64(count), neighbor.VDOM, neighbor.Source))
+	}
+	for neighbor, count := range sr2Map {
+		m = append(m, prometheus.MustNewConstMetric(BGPNeighborBestPaths, prometheus.GaugeValue, float64(count), neighbor.VDOM, neighbor.Source))
+	}
+
+	return m, true
+}

Diff for: pkg/probe/bgp_neighbor_routes_test.go

@@ -0,0 +1,68 @@
+package probe
+
+import (
+	"strings"
+	"testing"
+
+	"github.com/bluecmd/fortigate_exporter/internal/config"
+	"github.com/prometheus/client_golang/prometheus"
+	"github.com/prometheus/client_golang/prometheus/testutil"
+)
+
+func TestBGPNeighborPathsIPv4(t *testing.T) {
+
+	if err := config.Init(); err != nil {
+		t.Fatalf("config.Init failed: %+v", err)
+	}
+
+	c := newFakeClient()
+	c.prepare("api/v2/monitor/router/bgp/paths", "testdata/router-bgp-paths-v4.jsonnet")
+	r := prometheus.NewPedanticRegistry()
+	if !testProbe(probeBGPNeighborPathsIPv4, c, r) {
+		t.Errorf("probeBGPNeighborPathsIPv4() returned non-success")
+	}
+
+	em := `
+    # HELP fortigate_bgp_neighbor_ipv4_best_paths Count of best paths for an BGP neighbor
+    # TYPE fortigate_bgp_neighbor_ipv4_best_paths gauge
+    fortigate_bgp_neighbor_ipv4_best_paths{neighbor_ip="10.0.0.1",vdom="root"} 1
+    fortigate_bgp_neighbor_ipv4_best_paths{neighbor_ip="10.0.0.2",vdom="root"} 1
+    # HELP fortigate_bgp_neighbor_ipv4_paths Count of paths received from an BGP neighbor
+    # TYPE fortigate_bgp_neighbor_ipv4_paths gauge
+    fortigate_bgp_neighbor_ipv4_paths{neighbor_ip="10.0.0.1",vdom="root"} 1
+    fortigate_bgp_neighbor_ipv4_paths{neighbor_ip="10.0.0.2",vdom="root"} 2
+	`
+
+	if err := testutil.GatherAndCompare(r, strings.NewReader(em)); err != nil {
+		t.Fatalf("metric compare: err %v", err)
+	}
+}
+
+func TestBGPNeighborPathsIPv6(t *testing.T) {
+
+	if err := config.Init(); err != nil {
+		t.Fatalf("config.Init failed: %+v", err)
+	}
+
+	c := newFakeClient()
+	c.prepare("api/v2/monitor/router/bgp/paths6", "testdata/router-bgp-paths-v6.jsonnet")
+	r := prometheus.NewPedanticRegistry()
+	if !testProbe(probeBGPNeighborPathsIPv6, c, r) {
+		t.Errorf("probeBGPNeighborPathsIPv6() returned non-success")
+	}
+
+	em := `
+    # HELP fortigate_bgp_neighbor_ipv6_best_paths Count of best paths for an BGP neighbor
+    # TYPE fortigate_bgp_neighbor_ipv6_best_paths gauge
+    fortigate_bgp_neighbor_ipv6_best_paths{neighbor_ip="::",vdom="root"} 1
+    fortigate_bgp_neighbor_ipv6_best_paths{neighbor_ip="fd00::1",vdom="root"} 2
+    # HELP fortigate_bgp_neighbor_ipv6_paths Count of paths received from an BGP neighbor
+    # TYPE fortigate_bgp_neighbor_ipv6_paths gauge
+    fortigate_bgp_neighbor_ipv6_paths{neighbor_ip="::",vdom="root"} 1
+    fortigate_bgp_neighbor_ipv6_paths{neighbor_ip="fd00::1",vdom="root"} 3
+	`
+
+	if err := testutil.GatherAndCompare(r, strings.NewReader(em)); err != nil {
+		t.Fatalf("metric compare: err %v", err)
+	}
+}

Diff for: pkg/probe/fortigate-key.yaml

@@ -0,0 +1,3 @@
+# This file is used for running test cases
+"127.0.0.1":
+  token: "asdasd"

Diff for: pkg/probe/probe.go

@@ -112,6 +112,8 @@ func (p *ProbeCollector) Probe(ctx context.Context, target string, hc *http.Clie
 		probeWifiAPStatus,
 		probeWifiClients,
 		probeWifiManagedAP,
+		probeBGPNeighborPathsIPv4,
+		probeBGPNeighborPathsIPv6,
 	} {
 		m, ok := f(c, meta)
 		if !ok {

Diff for: pkg/probe/testdata/router-bgp-paths-v4.jsonnet

@@ -0,0 +1,38 @@
+# api/v2/monitor/router/bgp/paths?vdom=*&count=10000
+[
+  {
+    "http_method":"GET",
+    "results":[
+      {
+        "nlri_prefix":"0.0.0.0",
+        "nlri_prefix_len":0,
+        "learned_from":"10.0.0.1",
+        "next_hop":"10.0.0.1",
+        "origin":"igp",
+        "is_best":true
+      },{
+        "nlri_prefix":"11.0.0.0/8",
+        "nlri_prefix_len":0,
+        "learned_from":"10.0.0.2",
+        "next_hop":"10.0.0.2",
+        "origin":"igp",
+        "is_best":true
+      },{
+        "nlri_prefix":"10.0.0.0/8",
+        "nlri_prefix_len":0,
+        "learned_from":"10.0.0.2",
+        "next_hop":"10.0.0.2",
+        "origin":"igp",
+        "is_best":false
+      }
+    ],
+    "vdom":"root",
+    "path":"router",
+    "name":"bgp",
+    "action":"paths",
+    "status":"success",
+    "serial":"FGT61FT000000000",
+    "version":"v7.0.0",
+    "build":66
+  }
+]