Closed SuperQ closed 4 years ago
There are a lot of return points in the proxy ServeHTTP
, I wasn't exactly sure which should have additional instrumentation.
There are a lot of return points in the proxy ServeHTTP
Yeah, there are many ways http requests can fail.
hmm. I'll have to think about this one. I could see this adding additional overhead to requests (how significant?), even when the prometheus endpoint isn't desired (eg. not enabled via cli flag).
Prometheus counter increments are about 12 nanoseconds. So, the overhead is negligible.
Also, we're only using the counter for failures, which should keep the overhead to a minimum. It's generally less expensive to use Prometheus counters than it is to use logs. Which is part of why it's useful. We can get context of debug-level info, without having to log things.
@SuperQ I merged this in, then made a few changes.
Adding things back in via env vars is a contrived way to deal with this. The whole point of including the information in the binary is that it allows users to identify that binary, not by the env around it.
Prometheus users expect build information metrics, it's a standard thing to have.
Hiding it doesn't really do anything for security. An attacker isn't going to wait on checking the version info to try an exploit, they're just going to try anyway.
If users cares so much that they don't want the info exposed, they can build it out by setting the make variables. But the default info is expected by monitoring systems.
Description
Add additional metrics:
Example output:
Checklist