Skip to content

Commit

Permalink
Add high level metrics explanation docs page
Browse files Browse the repository at this point in the history
  • Loading branch information
david-martin committed Apr 22, 2024
1 parent 7cdd23b commit f3bb598
Showing 1 changed file with 142 additions and 0 deletions.
142 changes: 142 additions & 0 deletions doc/observability/metrics.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
# Metrics

This is a reference page for some of the different metrics used in example
dashboards and alerts. It is not an exhaustive list. The documentation for each
component may provide more details on a per-component basis. Some of the metrics
are sourced from components outside the Kuadrant project, for example, Envoy.
The value of this reference is showing some of the more widely desired metrics,
and how to join the metrics from different sources together in a meaningful way.

## Metrics sources

* Kuadrant components
* [Istio](https://istio.io/latest/docs/reference/config/metrics/)
* [Envoy](https://www.envoyproxy.io/docs/envoy/latest/operations/admin.html#get--stats)
* [Kube State Metrics](https://github.com/kubernetes/kube-state-metrics)
* [Gateway API State Metrics](https://github.com/Kuadrant/gateway-api-state-metrics)
* [Kubernetes metrics](https://kubernetes.io/docs/concepts/cluster-administration/system-metrics/#metrics-in-kubernetes)

## Resource usage metrics

Resource metrics, like CPU, memory and disk usage, primarily come from the Kubernetes
metrics components. These include `container_cpu_usage_seconds_total`, `container_memory_working_set_bytes`
and `kubelet_volume_stats_used_bytes`. A [stable list of metrics](https://github.com/kubernetes/kubernetes/blob/master/test/instrumentation/testdata/stable-metrics-list.yaml) is maintained in
the Kubernetes repository. These low-level metrics typically have a set of
[recording rules](https://prometheus.io/docs/practices/rules/#aggregation) that
aggregate values by labels and time ranges.
For example, `node_namespace_pod_container:container_cpu_usage_seconds_total:sum_irate` or `namespace_workload_pod:kube_pod_owner:relabel`.
If you have deployed the [kube-prometheus](https://github.com/prometheus-operator/kube-) project, you should have the majority of
these metrics being scraped.

## Networking metrics

Low-level networking metrics like `container_network_receive_bytes_total` are also
available from the Kubernetes metrics components.
HTTP & GRPC traffic metrics with higher level labels are [available from Istio](https://istio.io/latest/docs/reference/config/metrics/).
One of the main metrics would be `istio_requests_total`, which is a counter incremented for every request handled by an Istio proxy.
Latency metrics are available via the `istio_request_duration_milliseconds` metric, with buckets for varying response times.

Some example dashboards have panels that make use of the request URL path.
The path is *not* added as a label to Istio metrics by default, as it has the potential
to increase metric cardinality, and thus storage requirements.
If you want to make use of the path in your queries or visualisations, you can enable
the request path metric via the [Telemetry resource](https://istio.io/latest/docs/reference/config/telemetry/#MetricSelector-IstioMetric) in istio:

```
apiVersion: telemetry.istio.io/v1alpha1
kind: Telemetry
metadata:
name: namespace-metrics
namespace: istio-system
spec:
metrics:
- providers:
- name: prometheus
overrides:
- match:
metric: REQUEST_COUNT
tagOverrides:
request_url_path:
value: "request.url_path"
- match:
metric: REQUEST_DURATION
tagOverrides:
request_url_path:
value: "request.url_path"
```

## State metrics

The [kube-state-metrics](https://github.com/kubernetes/kube-state-metrics/tree/main/docs#default-resources)
project exposes the state of various kuberenetes resources
as metrics and labels. For example, the ready `status` of a `Pod` is available as
`kube_pod_status_ready`, with labels for the pod `name` and `namespace`. This can
be useful for linking lower level container metrics back to a meaningful resource
in the Kubernetes world.

## Joining metrics

Metric queries can be as simple as just the name of the metric, or can be complex
with joining & grouping. A lot of the time it can be useful to tie back low level
metrics to more meaningful Kubernetes resources. For example, if the memory usage
is maxed out on a container and that container is constantly being OOMKilled, it
can be useful to get the Deployment and Namespace of that container for debugging.
Prometheus query language (or promql) allows [vector matching](https://prometheus.io/docs/prometheus/latest/querying/operators/#vector-matching)
or results (sometimes called joining).

When using Gateway API and Kuadrant resources like HTTPRoute and RateLimitPolicy,
the state metrics can be joined to Istio metrics to give a meaningful result set.
Here's an example that queries the number of requests per second, and includes
the name of the HTTPRoute that the traffic is for.

```promql
sum(
rate(
istio_requests_total{}[5m]
)
) by (destination_service_name)
* on(destination_service_name) group_right
label_replace(gatewayapi_httproute_labels{}, \"destination_service_name\", \"$1\",\"service\", \"(.+)\")
```

Breaking this query down, there are 2 parts.
The first part is getting the rate of requests hitting the Istio gateway, aggregated
to 5m intervals:

```promql
sum(
rate(
destination_service_name{}[5m]
)
) by (destination_service_name)
```

The result set here will include a label for the destination service name (i.e.
the Service in Kubernetes). This label is key to looking up the HTTPRoute this
traffic belongs to.

The 2nd part of the query uses the `gatewayapi_httproute_labels` metric and the
`label_replace` function. The `gatewayapi_httproute_labels` metric gives a list
of all httproutes, including any labels on them. The HTTPRoute in this example
has a label called 'service', set to be the same as the Istio service name.
This allows us to join the 2 results set.
However, because the label doesn't match exactly (`destination_service_name` and `service`),
we can replace the label so that it does match. That's what the `label_replace`
does.

```promql
label_replace(gatewayapi_httproute_labels{}, \"destination_service_name\", \"$1\",\"service\", \"(.+)\")
```

The 2 parts are joined together using vector matching.

```promql
* on(destination_service_name) group_right
```

* `*` is the binary operator i.e. multiplication (gives join like behaviour)
* `on()` specifies which labels to "join" the 2 results with
* `group_right` enables a one to many matching.

See the [Prometheus documentation](https://prometheus.io/docs/prometheus/latest/querying/operators/#vector-matching) for further details on matching.

0 comments on commit f3bb598

Please sign in to comment.