summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDave Henderson <dhenderson@gmail.com>2022-01-22 19:08:57 -0500
committerDave Henderson <dhenderson@gmail.com>2022-01-25 15:07:17 -0500
commiteb891d46831252c5329218bfbb606727685fea72 (patch)
tree66e4cfaaaa311afc702c5489588e50ad93976fbc
parent44e5e9e43f3583f04613bbbb1996e9b5a13a60ac (diff)
metrics: Enforce smaller set of method labels
Signed-off-by: Dave Henderson <dhenderson@gmail.com>
-rw-r--r--metrics.go27
-rw-r--r--modules/caddyhttp/metrics.go27
-rw-r--r--modules/caddyhttp/metrics_test.go23
3 files changed, 73 insertions, 4 deletions
diff --git a/metrics.go b/metrics.go
index ab9d797..9a56f73 100644
--- a/metrics.go
+++ b/metrics.go
@@ -3,7 +3,6 @@ package caddy
import (
"net/http"
"strconv"
- "strings"
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/collectors"
@@ -47,7 +46,7 @@ func instrumentHandlerCounter(counter *prometheus.CounterVec, next http.Handler)
next.ServeHTTP(d, r)
counter.With(prometheus.Labels{
"code": sanitizeCode(d.status),
- "method": strings.ToUpper(r.Method),
+ "method": sanitizeMethod(r.Method),
}).Inc()
})
}
@@ -76,3 +75,27 @@ func sanitizeCode(s int) string {
return strconv.Itoa(s)
}
}
+
+// Only support the list of "regular" HTTP methods, see
+// https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods
+var methodMap = map[string]string{
+ "GET": http.MethodGet, "get": http.MethodGet,
+ "HEAD": http.MethodHead, "head": http.MethodHead,
+ "PUT": http.MethodPut, "put": http.MethodPut,
+ "POST": http.MethodPost, "post": http.MethodPost,
+ "DELETE": http.MethodDelete, "delete": http.MethodDelete,
+ "CONNECT": http.MethodConnect, "connect": http.MethodConnect,
+ "OPTIONS": http.MethodOptions, "options": http.MethodOptions,
+ "TRACE": http.MethodTrace, "trace": http.MethodTrace,
+ "PATCH": http.MethodPatch, "patch": http.MethodPatch,
+}
+
+// sanitizeMethod sanitizes the method for use as a metric label. This helps
+// prevent high cardinality on the method label. The name is always upper case.
+func sanitizeMethod(m string) string {
+ if m, ok := methodMap[m]; ok {
+ return m
+ }
+
+ return "other"
+}
diff --git a/modules/caddyhttp/metrics.go b/modules/caddyhttp/metrics.go
index 3e5d639..8aa9184 100644
--- a/modules/caddyhttp/metrics.go
+++ b/modules/caddyhttp/metrics.go
@@ -4,7 +4,6 @@ import (
"context"
"net/http"
"strconv"
- "strings"
"sync"
"time"
@@ -109,7 +108,7 @@ func newMetricsInstrumentedHandler(handler string, mh MiddlewareHandler) *metric
func (h *metricsInstrumentedHandler) ServeHTTP(w http.ResponseWriter, r *http.Request, next Handler) error {
server := serverNameFromContext(r.Context())
labels := prometheus.Labels{"server": server, "handler": h.handler}
- method := strings.ToUpper(r.Method)
+ method := sanitizeMethod(r.Method)
// the "code" value is set later, but initialized here to eliminate the possibility
// of a panic
statusLabels := prometheus.Labels{"server": server, "handler": h.handler, "method": method, "code": ""}
@@ -160,6 +159,30 @@ func sanitizeCode(code int) string {
return strconv.Itoa(code)
}
+// Only support the list of "regular" HTTP methods, see
+// https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods
+var methodMap = map[string]string{
+ "GET": http.MethodGet, "get": http.MethodGet,
+ "HEAD": http.MethodHead, "head": http.MethodHead,
+ "PUT": http.MethodPut, "put": http.MethodPut,
+ "POST": http.MethodPost, "post": http.MethodPost,
+ "DELETE": http.MethodDelete, "delete": http.MethodDelete,
+ "CONNECT": http.MethodConnect, "connect": http.MethodConnect,
+ "OPTIONS": http.MethodOptions, "options": http.MethodOptions,
+ "TRACE": http.MethodTrace, "trace": http.MethodTrace,
+ "PATCH": http.MethodPatch, "patch": http.MethodPatch,
+}
+
+// sanitizeMethod sanitizes the method for use as a metric label. This helps
+// prevent high cardinality on the method label. The name is always upper case.
+func sanitizeMethod(m string) string {
+ if m, ok := methodMap[m]; ok {
+ return m
+ }
+
+ return "other"
+}
+
// taken from https://github.com/prometheus/client_golang/blob/6007b2b5cae01203111de55f753e76d8dac1f529/prometheus/promhttp/instrument_server.go#L298
func computeApproximateRequestSize(r *http.Request) int {
s := 0
diff --git a/modules/caddyhttp/metrics_test.go b/modules/caddyhttp/metrics_test.go
index 6311935..78e380b 100644
--- a/modules/caddyhttp/metrics_test.go
+++ b/modules/caddyhttp/metrics_test.go
@@ -5,6 +5,7 @@ import (
"errors"
"net/http"
"net/http/httptest"
+ "strings"
"testing"
"github.com/prometheus/client_golang/prometheus/testutil"
@@ -82,3 +83,25 @@ type middlewareHandlerFunc func(http.ResponseWriter, *http.Request, Handler) err
func (f middlewareHandlerFunc) ServeHTTP(w http.ResponseWriter, r *http.Request, h Handler) error {
return f(w, r, h)
}
+
+func TestSanitizeMethod(t *testing.T) {
+ tests := []struct {
+ method string
+ expected string
+ }{
+ {method: "get", expected: "GET"},
+ {method: "POST", expected: "POST"},
+ {method: "OPTIONS", expected: "OPTIONS"},
+ {method: "connect", expected: "CONNECT"},
+ {method: "trace", expected: "TRACE"},
+ {method: "UNKNOWN", expected: "other"},
+ {method: strings.Repeat("ohno", 9999), expected: "other"},
+ }
+
+ for _, d := range tests {
+ actual := sanitizeMethod(d.method)
+ if actual != d.expected {
+ t.Errorf("Not same: expected %#v, but got %#v", d.expected, actual)
+ }
+ }
+}