Metrics

Author: mikalv

apps/admin_console/config/dev.exs

@@ -7,7 +7,7 @@ use Mix.Config
 # watchers to your application. For example, we use it
 # with brunch.io to recompile .js and .css sources.
 config :admin_console, AdminConsole.Endpoint,
- http: [port: 4000],
+ http: [port: String.to_integer(System.get_env("CONSOLE_PORT", "4008"))],
  debug_errors: true,
  code_reloader: true,
  check_origin: false,

apps/http_proxy/lib/http_proxy/application.ex

@@ -9,11 +9,16 @@ defmodule HttpProxy.Application do
  worker(HttpProxy.Blacklist, []),
  supervisor(Task.Supervisor, [[name: HttpProxy.SSLSupervisor]]),
  worker(HttpProxy.Cache, []),
+ worker(ProxyMetrics.Endpoint, []),
 
  # For pidfile :)
  supervisor(PidFile.Supervisor, []),
  ]
 
+ HttpProxy.PlugPipelineInstrumenter.setup()
+ HttpProxy.PlugProxyInstrumenter.setup()
+ ProxyMetrics.MetricsPlugExporter.setup()
+
  opts = [strategy: :one_for_one, name: HttpProxy.Supervisor]
  Supervisor.start_link(children, opts)
  end

apps/http_proxy/lib/http_proxy/endpoint.ex

@@ -11,7 +11,9 @@ defmodule HttpProxy.Endpoint do
 
  plug Plug.RequestId
  plug Plug.Logger, log: :info
- #plug Plug.Telemetry, event_prefix: [:outproxy, :plug]
+ plug HttpProxy.PlugPipelineInstrumenter
+ plug HttpProxy.PlugProxyInstrumenter
+ plug Plug.Telemetry, event_prefix: [:outproxy, :plug]
 
  plug HttpSetup
  plug Blacklist

apps/http_proxy/lib/http_proxy/http_handler.ex

@@ -5,10 +5,29 @@ defmodule HttpProxy.HttpHandler do
  def init(opts), do: opts
 
  def call(conn, _opts) do
- conn
- |> forward_request
- |> cache_response
- |> forward_response
+ allowed_ranges = Enum.map Application.get_env(:http_proxy, :allowed_source_ips, []), &InetCidr.parse(&1)
+ allowed = length(Enum.filter(allowed_ranges, fn src_ips ->
+ InetCidr.contains? src_ips, conn.remote_ip
+ end)) > 0
+
+ verb = conn.method
+ uri = "http://#{conn.host}:#{conn.port}"
+ str_ip = {conn.remote_ip,conn.remote_ip,32} |> InetCidr.to_string
+
+ case allowed do
+ true ->
+ conn
+ |> forward_request
+ |> cache_response
+ |> forward_response
+ false ->
+ HttpProxy.PlugProxyInstrumenter.increment_http_requests_error_denied!
+ Logger.warn "Denied request from #{str_ip}", verb, uri
+ conn
+ |> send_resp(401,"")
+ |> Map.put(:state, :sent)
+ |> halt
+ end
  end
 
  defp forward_request(conn) do

apps/http_proxy/lib/http_proxy/https_handler.ex

@@ -16,17 +16,24 @@ defmodule HttpProxy.HttpsHandler do
  allowed = length(Enum.filter(allowed_ranges, fn src_ips ->
  InetCidr.contains? src_ips, conn.remote_ip
  end)) > 0
- Logger.info "allowed => #{inspect allowed}", "CONNECT", "https://#{bin_host}:#{port}"
+
+ verb = "CONNECT"
+ uri = "https://#{bin_host}:#{port}"
+
+ Logger.info "allowed => #{inspect allowed}", verb, uri
+ str_ip = {conn.remote_ip,conn.remote_ip,32} |> InetCidr.to_string
 
  case allowed do
  true ->
- Logger.info "Allowing request => #{inspect bin_host}", "CONNECT", "https://#{bin_host}:#{port}"
+ Logger.info "Allowing request from (#{str_ip}) => #{inspect bin_host}", verb, uri
  conn
  |> https_setup
  |> SSLTunnel.tunnel_traffic
  |> Map.put(:state, :sent)
  |> halt
  false ->
+ HttpProxy.PlugProxyInstrumenter.increment_http_requests_error_denied!
+ Logger.warn "Denied request from #{str_ip}", verb, uri
  conn
  |> send_resp(401,"")
  |> Map.put(:state, :sent)

apps/http_proxy/lib/http_proxy/plug_pipeline_instrumenter.ex

@@ -0,0 +1,3 @@
+defmodule HttpProxy.PlugPipelineInstrumenter do
+ use Prometheus.PlugPipelineInstrumenter
+end

apps/http_proxy/lib/http_proxy/plug_proxy_instrumenter.ex

@@ -0,0 +1,93 @@
+defmodule HttpProxy.PlugProxyInstrumenter do
+ use Prometheus.Metric
+ require Logger
+ import Plug.Conn
+
+ def init(opts), do: opts
+
+ def call(conn, _opts) do
+ case conn.method do
+ "CONNECT" ->
+ increment_http_requests_method_connect!
+ _ ->
+ increment_http_requests_method_non_connect!
+ end
+ conn
+ end
+
+ def increment_http_requests_method_connect! do
+ handle_counter_inc(
+ name: :http_requests_method_connect,
+ labels: [:method_connect, :requests]
+ )
+ end
+
+ def increment_http_requests_method_non_connect! do
+ handle_counter_inc(
+ name: :http_requests_method_non_connect,
+ labels: [:method_non_connect, :requests]
+ )
+ end
+
+ def increment_http_requests_error_denied! do
+ handle_counter_inc(
+ name: :http_requests_error_denied,
+ labels: [:error_denied, :requests]
+ )
+ end
+
+ def increment_http_requests_error_remote_site_down! do
+ handle_counter_inc(
+ name: :http_requests_error_remote_site_down,
+ labels: [:error_remote_site_down, :requests]
+ )
+ end
+
+ def increment_http_requests_error_internal_failure! do
+ handle_counter_inc(
+ name: :http_requests_error_internal_failure,
+ labels: [:error_internal_failure, :requests]
+ )
+ end
+
+ defp handle_counter_inc(args) do
+ try do
+ Counter.inc(args)
+ rescue
+ e in Prometheus.UnknownMetricError ->
+ Logger.warn "Prometheus.UnknownMetricError: #{inspect e}"
+ end
+ end
+
+ def setup do
+ Counter.declare(
+ name: :http_requests_method_connect,
+ help: "Counts the number of HTTP requests that use CONNECT verb",
+ labels: [:method_connect, :requests]
+ )
+
+ Counter.declare(
+ name: :http_requests_method_non_connect,
+ help: "Counts the number of HTTP requests that does NOT use CONNECT verb",
+ labels: [:method_non_connect, :requests]
+ )
+
+ Counter.declare(
+ name: :http_requests_error_denied,
+ help: "Counts the number of HTTP requests that errored due to the request was denied",
+ labels: [:error_denied, :requests]
+ )
+
+ Counter.declare(
+ name: :http_requests_error_remote_site_down,
+ help: "Counts the number of HTTP requests that errored due to the target server was down",
+ labels: [:error_remote_site_down, :requests]
+ )
+
+ Counter.declare(
+ name: :http_requests_error_internal_failure,
+ help: "Counts the number of HTTP requests that errored due to internal errors",
+ labels: [:error_internal_failure, :requests]
+ )
+ end
+end

apps/http_proxy/mix.exs

@@ -26,7 +26,9 @@ defmodule HttpProxy.Mixfile do
  :cowboy,
  :plug,
  :httpoison,
- :dns
+ :dns,
+ :proxy_metrics,
+ :prometheus_ex,
  ],
  mod: {HttpProxy.Application, []}
  ]
@@ -53,6 +55,9 @@ defmodule HttpProxy.Mixfile do
  {:plug, "~> 1.8"},
  {:httpoison, "~> 1.6.2"},
  {:dns, "~> 2.1.2"},
+ {:prometheus_ex, "~> 3.0"},
+ {:prometheus_plugs, "~> 1.1.1"},
+ {:proxy_metrics, in_umbrella: true},
  ]
  end
 end

apps/proxy_metrics/.formatter.exs

@@ -0,0 +1,4 @@
+# Used by "mix format"
+[
+ inputs: ["{mix,.formatter}.exs", "{config,lib,test}/**/*.{ex,exs}"]
+]

apps/proxy_metrics/.gitignore

@@ -0,0 +1,24 @@
+# The directory Mix will write compiled artifacts to.
+/_build/
+
+# If you run "mix test --cover", coverage assets end up here.
+/cover/
+
+# The directory Mix downloads your dependencies sources to.
+/deps/
+
+# Where third-party dependencies like ExDoc output generated docs.
+/doc/
+
+# Ignore .fetch files in case you like to edit your project deps locally.
+/.fetch
+
+# If the VM crashes, it generates a dump, let's ignore it too.
+erl_crash.dump
+
+# Also ignore archive artifacts (built via "mix archive.build").
+*.ez
+
+# Ignore package tarball (built via "mix hex.build").
+metrics-*.tar
+