Add Profiling option

- Profilier disabled by default - Exposed on port 9995 by default except in fe where 9996 is used (to avoid port conflict with load-balancer) - Exposed via http (no TLS) - Remove logrus from NSP and IPAM (no usage of NSM in these containers)
Nordix · Sep 15, 2022 · 9c91bc7 · 9c91bc7
1 parent 16f8aea
commit 9c91bc7
Show file tree

Hide file tree

Showing 26 changed files with 209 additions and 7 deletions.
diff --git a/cmd/frontend/internal/env/config.go b/cmd/frontend/internal/env/config.go
@@ -39,4 +39,7 @@ type Config struct {
 	AttractorName         string        `default:"default" desc:"Name of the Attractor the frontend is associated with" split_words:"true"`
 	LogLevel              string        `default:"DEBUG" desc:"Log level" split_words:"true"`
 	NSPEntryTimeout       time.Duration `default:"30s" desc:"Timeout of the entries" envconfig:"nsp_entry_timeout"`
+
+	ProfilingEnabled bool `default:"false" desc:"enable profiling" split_words:"true"`
+	ProfilingPort    int  `default:"9996" desc:"port of the profiling http server" split_words:"true"`
 }
diff --git a/cmd/frontend/main.go b/cmd/frontend/main.go
@@ -21,6 +21,7 @@ import (
 	"flag"
 	"fmt"
 	"io"
+	"net/http"
 	"os"
 	"os/signal"
 	"syscall"
@@ -37,6 +38,7 @@ import (
 	"github.com/nordix/meridio/cmd/frontend/internal/frontend"
 	"github.com/nordix/meridio/pkg/health"
 	"github.com/nordix/meridio/pkg/health/connection"
+	"github.com/nordix/meridio/pkg/profiling"
 	"github.com/nordix/meridio/pkg/retry"
 	"github.com/nordix/meridio/pkg/security/credentials"
 )
@@ -97,6 +99,17 @@ func main() {
 	)
 	defer cancel()
 
+	if config.ProfilingEnabled {
+		go func() {
+			mux := http.NewServeMux()
+			profiling.AddProfilerHandlers(mux)
+			err := http.ListenAndServe(fmt.Sprintf(":%d", config.ProfilingPort), mux)
+			if err != nil {
+				logrus.Errorf("err starting profiling: %v", err)
+			}
+		}()
+	}
+
 	// create and start health server
 	ctx = health.CreateChecker(ctx)
 	if err := health.RegisterReadinesSubservices(ctx, health.FEReadinessServices...); err != nil {

diff --git a/cmd/ipam/config.go b/cmd/ipam/config.go
@@ -30,4 +30,7 @@ type Config struct {
 	NodePrefixLengthIPv6    int    `default:"64" desc:"node prefix length which will be allocated" envconfig:"node_prefix_length_ipv6"`
 	IPFamily                string `default:"dualstack" desc:"ip family" envconfig:"ip_family"`
 	LogLevel                string `default:"DEBUG" desc:"Log level" split_words:"true"`
+
+	ProfilingEnabled bool `default:"false" desc:"enable profiling" split_words:"true"`
+	ProfilingPort    int  `default:"9995" desc:"port of the profiling http server" split_words:"true"`
 }
diff --git a/cmd/ipam/main.go b/cmd/ipam/main.go
@@ -21,6 +21,7 @@ import (
 	"flag"
 	"fmt"
 	"net"
+	"net/http"
 	"os"
 	"os/signal"
 	"strings"
@@ -36,8 +37,8 @@ import (
 	"github.com/nordix/meridio/pkg/ipam"
 	"github.com/nordix/meridio/pkg/ipam/types"
 	"github.com/nordix/meridio/pkg/log"
+	"github.com/nordix/meridio/pkg/profiling"
 	"github.com/nordix/meridio/pkg/security/credentials"
-	"github.com/sirupsen/logrus"
 	"google.golang.org/grpc"
 	grpcHealth "google.golang.org/grpc/health"
 	"google.golang.org/grpc/health/grpc_health_v1"
@@ -83,10 +84,19 @@ func main() {
 	)
 	defer cancel()
 
+	if config.ProfilingEnabled {
+		go func() {
+			mux := http.NewServeMux()
+			profiling.AddProfilerHandlers(mux)
+			err := http.ListenAndServe(fmt.Sprintf(":%d", config.ProfilingPort), mux)
+			if err != nil {
+				logger.Error(err, "err starting profiling")
+			}
+		}()
+	}
+
 	if config.LogLevel == "TRACE" {
 		nsmlog.EnableTracing(true)
-		// Work-around for hard-coded logrus dependency in NSM
-		logrus.SetLevel(logrus.TraceLevel)
 	}
 	logger.Info("NSM trace", "enabled", nsmlog.IsTracingEnabled())
 	ctx = nsmlog.WithLog(ctx, log.NSMLogger(logger)) // allow NSM logs

diff --git a/cmd/load-balancer/config.go b/cmd/load-balancer/config.go
@@ -39,6 +39,9 @@ type Config struct {
 	LogLevel         string        `default:"DEBUG" desc:"Log level" split_words:"true"`
 	Nfqueue          string        `default:"0:3" desc:"netfilter queue(s) to be used by nfqlb" split_words:"true"`
 	NfqueueFanout    bool          `default:"false" desc:"enable fanout nfqueue option" split_words:"true"`
+
+	ProfilingEnabled bool `default:"false" desc:"enable profiling" split_words:"true"`
+	ProfilingPort    int  `default:"9995" desc:"port of the profiling http server" split_words:"true"`
 }
 
 // IsValid checks if the configuration is valid

diff --git a/cmd/load-balancer/main.go b/cmd/load-balancer/main.go
@@ -22,6 +22,7 @@ import (
 	"flag"
 	"fmt"
 	"io"
+	"net/http"
 	"os"
 	"os/signal"
 	"sync"
@@ -53,6 +54,7 @@ import (
 	"github.com/nordix/meridio/pkg/networking"
 	"github.com/nordix/meridio/pkg/nsm"
 	"github.com/nordix/meridio/pkg/nsm/interfacemonitor"
+	"github.com/nordix/meridio/pkg/profiling"
 	"github.com/nordix/meridio/pkg/retry"
 	"github.com/nordix/meridio/pkg/security/credentials"
 	"github.com/sirupsen/logrus"
@@ -108,6 +110,17 @@ func main() {
 		log.Fatal(logger, "invalid config", "error", err)
 	}
 
+	if config.ProfilingEnabled {
+		go func() {
+			mux := http.NewServeMux()
+			profiling.AddProfilerHandlers(mux)
+			err := http.ListenAndServe(fmt.Sprintf(":%d", config.ProfilingPort), mux)
+			if err != nil {
+				logger.Error(err, "err starting profiling")
+			}
+		}()
+	}
+
 	if config.LogLevel == "TRACE" {
 		nsmlog.EnableTracing(true)
 		// Work-around for hard-coded logrus dependency in NSM

diff --git a/cmd/nsp/config.go b/cmd/nsp/config.go
@@ -26,4 +26,7 @@ type Config struct {
 	Datasource    string        `default:"/run/nsp/data/registry.db" desc:"Path and file name of the sqlite database" split_words:"true"`
 	LogLevel      string        `default:"DEBUG" desc:"Log level" split_words:"true"`
 	EntryTimeout  time.Duration `default:"60s" desc:"Timeout of the entries" split_words:"true"`
+
+	ProfilingEnabled bool `default:"false" desc:"enable profiling" split_words:"true"`
+	ProfilingPort    int  `default:"9995" desc:"port of the profiling http server" split_words:"true"`
 }
diff --git a/cmd/nsp/main.go b/cmd/nsp/main.go
@@ -21,6 +21,7 @@ import (
 	"flag"
 	"fmt"
 	"net"
+	"net/http"
 	"os"
 	"os/signal"
 	"syscall"
@@ -34,12 +35,12 @@ import (
 	"github.com/nordix/meridio/pkg/health"
 	"github.com/nordix/meridio/pkg/log"
 	"github.com/nordix/meridio/pkg/nsp"
+	"github.com/nordix/meridio/pkg/profiling"
 
 	nsmlog "github.com/networkservicemesh/sdk/pkg/tools/log"
 	keepAliveRegistry "github.com/nordix/meridio/pkg/nsp/registry/keepalive"
 	sqliteRegistry "github.com/nordix/meridio/pkg/nsp/registry/sqlite"
 	"github.com/nordix/meridio/pkg/security/credentials"
-	"github.com/sirupsen/logrus"
 	"google.golang.org/grpc"
 	grpcHealth "google.golang.org/grpc/health"
 	"google.golang.org/grpc/health/grpc_health_v1"
@@ -85,10 +86,19 @@ func main() {
 	)
 	defer cancel()
 
+	if config.ProfilingEnabled {
+		go func() {
+			mux := http.NewServeMux()
+			profiling.AddProfilerHandlers(mux)
+			err := http.ListenAndServe(fmt.Sprintf(":%d", config.ProfilingPort), mux)
+			if err != nil {
+				logger.Error(err, "err starting profiling")
+			}
+		}()
+	}
+
 	if config.LogLevel == "TRACE" {
 		nsmlog.EnableTracing(true)
-		// Work-around for hard-coded logrus dependency in NSM
-		logrus.SetLevel(logrus.TraceLevel)
 	}
 	logger.Info("NSM trace", "enabled", nsmlog.IsTracingEnabled())
 	ctx = nsmlog.WithLog(ctx, log.NSMLogger(logger)) // allow NSM logs

diff --git a/cmd/proxy/internal/config/config.go b/cmd/proxy/internal/config/config.go
@@ -42,6 +42,9 @@ type Config struct {
 	IPFamily           string        `default:"dualstack" desc:"ip family" envconfig:"ip_family"`
 	LogLevel           string        `default:"DEBUG" desc:"Log level" split_words:"true"`
 	MTU                int           `default:"1500" desc:"Conduit MTU considered by local NSCs and NSE composing the network mesh" split_words:"true"`
+
+	ProfilingEnabled bool `default:"false" desc:"enable profiling" split_words:"true"`
+	ProfilingPort    int  `default:"9995" desc:"port of the profiling http server" split_words:"true"`
 }
 
 // IsValid checks if the configuration is valid

diff --git a/cmd/proxy/main.go b/cmd/proxy/main.go
@@ -21,6 +21,7 @@ import (
 	"flag"
 	"fmt"
 	"io"
+	"net/http"
 	"os"
 	"os/signal"
 	"syscall"
@@ -40,6 +41,7 @@ import (
 	"github.com/nordix/meridio/pkg/nsm"
 	"github.com/nordix/meridio/pkg/nsm/interfacemonitor"
 	"github.com/nordix/meridio/pkg/nsp"
+	"github.com/nordix/meridio/pkg/profiling"
 	"github.com/nordix/meridio/pkg/retry"
 
 	"github.com/go-logr/logr"
@@ -89,6 +91,17 @@ func main() {
 		logr.NewContext(context.Background(), logger))
 	defer cancel()
 
+	if config.ProfilingEnabled {
+		go func() {
+			mux := http.NewServeMux()
+			profiling.AddProfilerHandlers(mux)
+			err := http.ListenAndServe(fmt.Sprintf(":%d", config.ProfilingPort), mux)
+			if err != nil {
+				logger.Error(err, "err starting profiling")
+			}
+		}()
+	}
+
 	// allow NSM logs
 	if config.LogLevel == "TRACE" {
 		nsmlog.EnableTracing(true)

diff --git a/cmd/tapa/config.go b/cmd/tapa/config.go
@@ -35,6 +35,9 @@ type Config struct {
 	MaxTokenLifetime time.Duration `default:"24h" desc:"maximum lifetime of tokens" split_words:"true"`
 	LogLevel         string        `default:"DEBUG" desc:"Log level" split_words:"true"`
 	NSPEntryTimeout  time.Duration `default:"30s" desc:"Timeout of the entries" envconfig:"nsp_entry_timeout"`
+
+	ProfilingEnabled bool `default:"false" desc:"enable profiling" split_words:"true"`
+	ProfilingPort    int  `default:"9995" desc:"port of the profiling http server" split_words:"true"`
 }
 
 // IsValid checks if the configuration is valid

diff --git a/cmd/tapa/main.go b/cmd/tapa/main.go
@@ -21,6 +21,7 @@ import (
 	"flag"
 	"fmt"
 	"net"
+	"net/http"
 	"os"
 	"os/signal"
 	"syscall"
@@ -47,6 +48,7 @@ import (
 	"github.com/nordix/meridio/pkg/log"
 	"github.com/nordix/meridio/pkg/nsm"
 	"github.com/nordix/meridio/pkg/nsm/interfacename"
+	"github.com/nordix/meridio/pkg/profiling"
 	"github.com/sirupsen/logrus"
 	"google.golang.org/grpc"
 	grpcHealth "google.golang.org/grpc/health"
@@ -93,6 +95,17 @@ func main() {
 	defer cancel()
 	logger.Info("Config read", "config", config)
 
+	if config.ProfilingEnabled {
+		go func() {
+			mux := http.NewServeMux()
+			profiling.AddProfilerHandlers(mux)
+			err := http.ListenAndServe(fmt.Sprintf(":%d", config.ProfilingPort), mux)
+			if err != nil {
+				logger.Error(err, "err starting profiling")
+			}
+		}()
+	}
+
 	if config.LogLevel == "TRACE" {
 		nsmlog.EnableTracing(true) // enable tracing in NSM
 		logrus.SetLevel(logrus.TraceLevel)

diff --git a/deployments/helm/templates/ipam.yaml b/deployments/helm/templates/ipam.yaml
@@ -56,6 +56,8 @@ spec:
               value: "{{ .Values.subnetPool.nodePrefixLength.ipv6 }}"
             - name: IPAM_IP_FAMILY
               value: "{{ .Values.ipFamily }}"
+            - name: NSM_PROFILING_ENABLED
+              value: "{{ .Values.profilingEnabled }}"
           securityContext:
             runAsNonRoot: true
             readOnlyRootFilesystem: true

diff --git a/deployments/helm/templates/load-balancer.yaml b/deployments/helm/templates/load-balancer.yaml
@@ -68,6 +68,8 @@ spec:
               value: {{ .Values.maxTokenLifetime }}
             - name: NSM_LOG_LEVEL
               value: "DEBUG"
+            - name: NSM_PROFILING_ENABLED
+              value: "{{ .Values.profilingEnabled }}"
           volumeMounts:
             - name: spire-agent-socket
               mountPath: /run/spire/sockets
@@ -163,6 +165,8 @@ spec:
               value: {{ .Values.trench.name }}
             - name: NFE_ATTRACTOR_NAME
               value: "attractor-a"
+            - name: NFE_PROFILING_ENABLED
+              value: "{{ .Values.profilingEnabled }}"
           volumeMounts:
             - name: spire-agent-socket
               mountPath: /run/spire/sockets

diff --git a/deployments/helm/templates/nsp.yaml b/deployments/helm/templates/nsp.yaml
@@ -41,6 +41,8 @@ spec:
               value: {{ template "meridio.configuration" . }}
             - name: NSP_DATASOURCE
               value: /run/nsp/data/registry.db
+            - name: NSM_PROFILING_ENABLED
+              value: "{{ .Values.profilingEnabled }}"
           securityContext:
             runAsNonRoot: true
             readOnlyRootFilesystem: true

diff --git a/deployments/helm/templates/proxy.yaml b/deployments/helm/templates/proxy.yaml
@@ -73,6 +73,8 @@ spec:
               value: "DEBUG"
             - name: NSM_MTU
               value: "1500"
+            - name: NSM_PROFILING_ENABLED
+              value: "{{ .Values.profilingEnabled }}"
           volumeMounts:
             - name: spire-agent-socket
               mountPath: /run/spire/sockets

diff --git a/deployments/helm/values.yaml b/deployments/helm/values.yaml
@@ -8,6 +8,8 @@ pullPolicy: IfNotPresent
 maxTokenLifetime: 10m
 fsGroup: 3000
 
+profilingEnabled: false
+
 nsm:
   namespace: nsm
   registryService: nsm-registry-svc

diff --git a/docs/front-end.md b/docs/front-end.md
@@ -53,6 +53,8 @@ NFE_NSP_SERVICE | string | IP (or domain) and port of the NSP Service | nsp-serv
 NFE_TRENCH_NAME | string | Name of the Trench the frontend is associated with | default
 NFE_ATTRACTOR_NAME | string | Name of the Attractor the frontend is associated with | default
 NFE_LOG_LEVEL | string | Log level | DEBUG
+NFE_PROFILING_ENABLED | bool | Enable profiling | false
+NFE_NFQUEUE_FANOUT | int | port of the profiling http server | 9996
 
 ## Command Line 
 

diff --git a/docs/ipam.md b/docs/ipam.md
@@ -49,6 +49,8 @@ IPAM_CONDUIT_PREFIX_LENGTH_IPV6 | int | Conduit prefix length which will be allo
 IPAM_NODE_PREFIX_LENGTH_IPV6 | int | node prefix length which will be allocated | 64
 IPAM_IP_FAMILY | string | IP family (ipv4, ipv6, dualstack) | dualstack
 IPAM_LOG_LEVEL | string | Log level (TRACE, DEBUG, INFO, WARNING, ERROR, FATAL, PANIC) | DEBUG
+NSM_PROFILING_ENABLED | bool | Enable profiling | false
+NSM_NFQUEUE_FANOUT | int | port of the profiling http server | 9995
 
 ## Command Line 
 

diff --git a/docs/load-balancer.md b/docs/load-balancer.md
@@ -29,6 +29,8 @@ NSM_TRENCH_NAME | string | Trench the pod is running on | default
 NSM_LOG_LEVEL | string | Log level | DEBUG
 NSM_NFQUEUE | string | netfilter queue(s) to be used by nfqlb | 0:3
 NSM_NFQUEUE_FANOUT | bool | enable fanout nfqueue option | false
+NSM_PROFILING_ENABLED | bool | Enable profiling | false
+NSM_NFQUEUE_FANOUT | int | port of the profiling http server | 9995
 
 ## Command Line 
 

diff --git a/docs/nsp.md b/docs/nsp.md
@@ -40,6 +40,8 @@ NSM_PORT | string | Trench the pod is running on | 7778
 NSM_CONFIG_MAP_NAME | string | Name of the ConfigMap containing the configuration | meridio-configuration
 NSM_DATASOURCE | string | Path and file name of the sqlite database | /run/nsp/data/registry.db
 NSM_LOG_LEVEL | string | Log level | DEBUG
+NSM_PROFILING_ENABLED | bool | Enable profiling | false
+NSM_NFQUEUE_FANOUT | int | port of the profiling http server | 9995
 
 ## Command Line 
 

diff --git a/docs/proxy.md b/docs/proxy.md
@@ -39,6 +39,8 @@ NSM_NSP_SERVICE_NAME | string | IP (or domain) of the NSP Service | nsp-service
 NSM_NSP_SERVICE_PORT | int | port of the NSP Service | 7778
 NSM_IP_FAMILY | string | ip family | dualstack
 NSM_LOG_LEVEL | string | Log level | DEBUG
+NSM_PROFILING_ENABLED | bool | Enable profiling | false
+NSM_NFQUEUE_FANOUT | int | port of the profiling http server | 9995
 
 ## Command Line 
 

diff --git a/docs/tapa.md b/docs/tapa.md
@@ -57,6 +57,8 @@ MERIDIO_TIMEOUT | time.Duration | timeout of NSM request/close, NSP register/unr
 MERIDIO_DIAL_TIMEOUT | time.Duration | timeout to dial NSMgr | 5s
 MERIDIO_MAX_TOKEN_LIFETIME | time.Duration | maximum lifetime of tokens | 24h
 MERIDIO_LOG_LEVEL | string | Log level | DEBUG
+MERIDIO_PROFILING_ENABLED | bool | Enable profiling | false
+MERIDIO_NFQUEUE_FANOUT | int | port of the profiling http server | 9995
 
 ## Command Line