Merge pull request #24 from MbolotSuse/local-exclude

Excluding local cluster nodes from node count

Author: MbolotSuse

go.mod

@@ -35,6 +35,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/licensemanager v1.15.3
 	github.com/aws/aws-sdk-go-v2/service/sts v1.16.3
 	github.com/google/uuid v1.2.0
+	github.com/prometheus/client_model v0.2.0
 	github.com/prometheus/common v0.32.1
 	github.com/rancher/lasso v0.0.0-20220412224715-5f3517291ad4
 	github.com/rancher/rancher v0.0.0-20220309231411-e4af2465c5b4
@@ -78,7 +79,6 @@ require (
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/prometheus/client_golang v1.12.1 // indirect
-	github.com/prometheus/client_model v0.2.0 // indirect
 	github.com/prometheus/procfs v0.7.3 // indirect
 	github.com/rancher/aks-operator v1.0.5 // indirect
 	github.com/rancher/eks-operator v1.1.3 // indirect

pkg/manager/aws.go

@@ -127,7 +127,8 @@ func (m *AWS) runComplianceCheck(ctx context.Context) error {
 			currentCheckoutInfo.EntitledLicenses = checkoutAmount
 			currentCheckoutInfo.Expiry = parseExpirationTimestamp(*resp.Expiration)
 		}
-	} else {
+	} else if requiredLicenses != 0 {
+		// extend our checkout as long as we have something checked out
 		newCheckoutInfo, err := m.extendCheckout(ctx, 5*managerInterval, currentCheckoutInfo)
 		if err != nil {
 			currentCheckoutInfo.EntitledLicenses = 0

pkg/manager/aws_test.go

@@ -113,6 +113,17 @@ func TestCheckout(t *testing.T) {
 				cachedToken:         true,
 			},
 		},
+		{
+			numRancherNodes:     0,
+			numAWSEntitlements:  1,
+			currentEntitlements: 0,
+			result: testResult{
+				errResult:           false,
+				inCompliance:        true,
+				numUsedEntitlements: 0,
+				cachedToken:         false,
+			},
+		},
 	}
 	for _, scenario := range scenarios {
 		scenario.runScenario(t)
@@ -155,6 +166,17 @@ func TestCheckInCheckout(t *testing.T) {
 				cachedToken:         true,
 			},
 		},
+		{
+			numRancherNodes:     0,
+			numAWSEntitlements:  1,
+			currentEntitlements: 1,
+			result: testResult{
+				errResult:           false,
+				inCompliance:        true,
+				numUsedEntitlements: 0,
+				cachedToken:         false,
+			},
+		},
 	}
 	for _, scenario := range scenarios {
 		scenario.runScenario(t)

pkg/metrics/mocks_test.go

@@ -0,0 +1,89 @@
+package metrics
+
+import (
+	"fmt"
+	"net/http"
+	"strings"
+)
+
+type mockPrometheusServer struct {
+	nodesForCluster map[string]int
+	labelSkip       map[string]struct{}
+	validTokens     []string
+}
+
+func newMockPrometheusServer() mockPrometheusServer {
+	return mockPrometheusServer{
+		nodesForCluster: map[string]int{},
+		labelSkip:       map[string]struct{}{},
+		validTokens:     []string{},
+	}
+}
+
+func (m *mockPrometheusServer) SetNodesForCluster(nodes int, cluster string, skipLabel bool) {
+	m.nodesForCluster[cluster] = nodes
+	if skipLabel {
+		m.labelSkip[cluster] = struct{}{}
+	}
+}
+
+func (m *mockPrometheusServer) Clear() {
+	m.nodesForCluster = map[string]int{}
+	m.validTokens = []string{}
+	m.labelSkip = map[string]struct{}{}
+}
+
+func (m *mockPrometheusServer) AddAuthToken(token string) {
+	m.validTokens = append(m.validTokens, token)
+}
+func (m *mockPrometheusServer) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	// main serve method for the test http server
+	if strings.HasSuffix(r.URL.String(), "/metrics") {
+		//do auth and return the node metrics text
+		if !m.requestAuthenticated(r) {
+			w.WriteHeader(http.StatusUnauthorized)
+			return
+		}
+		if !m.requestAuthorized(r) {
+			w.WriteHeader(http.StatusForbidden)
+			return
+		}
+		requestText := m.getNodeMetricsText()
+		w.WriteHeader(http.StatusOK)
+		w.Write([]byte(requestText))
+		return
+	}
+	w.WriteHeader(http.StatusNotFound)
+	return
+}
+
+func (m *mockPrometheusServer) getNodeMetricsText() string {
+	retText := "# TYPE cluster_manager_nodes gauge\n"
+	for cluster, nodeCount := range m.nodesForCluster {
+		if _, ok := m.labelSkip[cluster]; ok {
+			retText += fmt.Sprintf("%s{} %d\n", nodeGaugeMetricName, nodeCount)
+		} else {
+			retText += fmt.Sprintf("%s{%s=\"%s\"} %d\n", nodeGaugeMetricName, clusterNameLabel, cluster, nodeCount)
+		}
+	}
+	return retText
+}
+
+func (m *mockPrometheusServer) requestAuthorized(req *http.Request) bool {
+	header := req.Header.Get("Authorization")
+	splitHeader := strings.Split(header, " ")
+	if len(splitHeader) < 2 {
+		return false
+	}
+	token := splitHeader[1]
+	for _, validToken := range m.validTokens {
+		if token == validToken {
+			return true
+		}
+	}
+	return false
+}
+
+func (m *mockPrometheusServer) requestAuthenticated(req *http.Request) bool {
+	return req.Header.Get("Authorization") != ""
+}

pkg/metrics/scraper.go

@@ -5,7 +5,9 @@ import (
 	"net/http"
 	"strings"
 
+	prometheusClient "github.com/prometheus/client_model/go"
 	"github.com/prometheus/common/expfmt"
+	"github.com/sirupsen/logrus"
 	"k8s.io/client-go/rest"
 )
 
@@ -30,6 +32,8 @@ func NewScraper(rancherHost string, cfg *rest.Config) Scraper {
 
 const (
 	nodeGaugeMetricName = "cluster_manager_nodes"
+	clusterNameLabel    = "cluster_id"
+	localClusterID      = "local"
 )
 
 type NodeCounts struct {
@@ -66,10 +70,29 @@ func (s *scraper) ScrapeAndParse() (*NodeCounts, error) {
 
 	var nodeCount int
 	for _, metric := range nodeMetricFamily.GetMetric() {
-		nodeCount += int(metric.GetGauge().GetValue())
+		isMetricForLocal, err := isMetricForLocalCluster(metric)
+		clusterNodeCount := int(metric.GetGauge().GetValue())
+		logrus.Debugf("scraper found nodes: %d, isMetricForLocal: %t, err: %v", clusterNodeCount, isMetricForLocal, err)
+		if err != nil {
+			logrus.Warnf("error when attempting to determine if count was for local cluster: %s, will not include %d nodes in total", err.Error(), clusterNodeCount)
+			continue
+		}
+		if !isMetricForLocal {
+			nodeCount += clusterNodeCount
+		}
+
 	}
 
 	return &NodeCounts{
 		Total: nodeCount,
 	}, nil
 }
+
+func isMetricForLocalCluster(metric *prometheusClient.Metric) (bool, error) {
+	for _, label := range metric.GetLabel() {
+		if label.Name != nil && *label.Name == clusterNameLabel {
+			return label.Value != nil && *label.Value == localClusterID, nil
+		}
+	}
+	return false, fmt.Errorf("unable to determine if metric is for local cluster due to missing label")
+}

pkg/metrics/scraper_test.go

@@ -0,0 +1,132 @@
+package metrics
+
+import (
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"k8s.io/client-go/rest"
+)
+
+func TestScrapeAndParse(t *testing.T) {
+	metricsServer := newMockPrometheusServer()
+	server := httptest.NewServer(&metricsServer)
+	defer server.Close()
+	tests := []struct {
+		name                  string
+		localClusterNodes     int
+		skipLocalLabel        bool
+		numOtherClusters      int
+		nodesPerOtherClusters int
+		skipOtherLabel        bool
+		authed                bool
+		expectedTotal         int
+		expectedError         bool
+	}{
+		{
+			name:                  "no downstream, local only",
+			localClusterNodes:     2,
+			skipLocalLabel:        false,
+			numOtherClusters:      0,
+			nodesPerOtherClusters: 0,
+			skipOtherLabel:        false,
+			authed:                true,
+			expectedTotal:         0,
+			expectedError:         false,
+		},
+		{
+			name:                  "downstream and local",
+			localClusterNodes:     2,
+			skipLocalLabel:        false,
+			numOtherClusters:      1,
+			nodesPerOtherClusters: 2,
+			skipOtherLabel:        false,
+			authed:                true,
+			expectedTotal:         2,
+			expectedError:         false,
+		},
+		{
+			name:                  "multiple downstream and local",
+			localClusterNodes:     2,
+			skipLocalLabel:        false,
+			numOtherClusters:      3,
+			nodesPerOtherClusters: 4,
+			skipOtherLabel:        false,
+			authed:                true,
+			expectedTotal:         12,
+			expectedError:         false,
+		},
+		{
+			name:                  "local not labeled, local nodes excluded",
+			localClusterNodes:     2,
+			skipLocalLabel:        true,
+			numOtherClusters:      0,
+			nodesPerOtherClusters: 0,
+			skipOtherLabel:        false,
+			authed:                true,
+			expectedTotal:         0,
+			expectedError:         false,
+		},
+		{
+			name:                  "local not labeled, downstream not labeled, all nodes excluded",
+			localClusterNodes:     2,
+			skipLocalLabel:        true,
+			numOtherClusters:      2,
+			nodesPerOtherClusters: 3,
+			skipOtherLabel:        true,
+			authed:                true,
+			expectedTotal:         0,
+			expectedError:         false,
+		},
+		{
+			name:                  "local labeled, downstream not labeled, all nodes excluded",
+			localClusterNodes:     2,
+			skipLocalLabel:        false,
+			numOtherClusters:      2,
+			nodesPerOtherClusters: 4,
+			skipOtherLabel:        true,
+			authed:                true,
+			expectedTotal:         0,
+			expectedError:         false,
+		},
+		{
+			name:                  "error, no auth",
+			localClusterNodes:     2,
+			skipLocalLabel:        false,
+			numOtherClusters:      0,
+			nodesPerOtherClusters: 0,
+			skipOtherLabel:        false,
+			authed:                false,
+			expectedTotal:         0,
+			expectedError:         true,
+		},
+	}
+	for _, test := range tests {
+		t.Run(test.name, func(t *testing.T) {
+			metricsServer.Clear()
+			metricsServer.SetNodesForCluster(test.localClusterNodes, localClusterID, test.skipLocalLabel)
+			for i := 0; i < test.numOtherClusters; i++ {
+				metricsServer.SetNodesForCluster(test.nodesPerOtherClusters, fmt.Sprintf("cluster-%d", i), test.skipOtherLabel)
+			}
+			config := &rest.Config{BearerToken: "abc123abc123abc123"}
+			if test.authed {
+				metricsServer.AddAuthToken(config.BearerToken)
+			}
+			metricsScraper := scraper{
+				metricsURL: fmt.Sprintf("%s/metrics", server.URL),
+				cli:        &http.Client{},
+				cfg:        config,
+			}
+			res, err := metricsScraper.ScrapeAndParse()
+			if test.expectedError {
+				assert.Error(t, err, "expected an error but err was nil")
+			} else {
+				assert.NoError(t, err, "expected no error but there was an error")
+				assert.NotNil(t, res, "expected a result but was nil")
+				assert.Equal(t, test.expectedTotal, res.Total, "did not get expected number of nodes")
+			}
+		})
+	}
+}