Comments (7)
When I limit the number of the concurrencies to 1 by setting query.max-concurrency=1
, there is no more tls error message.
from promxy.
and there is no issue at all if we send queries in parallel directly to reverse proxy, bypass the promxy
pod.
from promxy.
I have tried with some another setups to narrow down the scope that could cause the problem:
-
Use static server group rather than the dynamic one to confirm if the issue would cause by target discovery or not.
-
Use one target server rather than 02 from the static group to check if there would have race condition while Promxy deals with multiple targets.
-
Add more time to
timeout
anddial_timeout
to see if the default times would be too short that Promxy might terminate the connection while tls handshake is not yet done.
But TLS error messages still show up in the logs.
from promxy.
@jacksontj Do you have any feedback/comments on this issue? Do you think there is race condition there in Promxy?
from promxy.
First off, thanks for reaching out!
I did some initial digging but your configuration seems incomplete (maybe just not included in the issue?). Specifically its missing the scheme
configuration which would make all the requests downstream from promxy be http
instead of https
.
So in my local testing I have promxy
-> nginx
(with TLS) -> `demo.robustperception.io:9090
And I was able to get data working correctly and use a variation on your curl to test parallel usage:
seq 1 200 | xargs -n1 -P10 curl -k "https://localhost:8082/api/v1/query?query=up"
I have used promxy in front of HTTPs downstreams before without issue; so I don't expect you'll run into issues (other than the config; which is a bit odd because the prometheus scrape_config is a bit odd).
Hopefully that helps?
from promxy.
Thanks @jacksontj for the reply.
Yes, we do have scheme
in the promxy configuration:
- job_name: 'prometheus-pods'
# anti-affinity for merging values in timeseries between hosts in the server_group
anti_affinity: 15s
kubernetes_sd_configs:
- role: pod
namespaces:
names:
- testing-ns
# configures the protocol scheme used for requests. Defaults to http
scheme: https
# options for promxy's HTTP client when talking to hosts in server_groups
http_client:
# dial_timeout controls how long promxy will wait for a connection to the downstream
dial_timeout: 10s
tls_config:
ca_file: /run/secrets/trusted-root-cert/ca.crt
cert_file: /run/secrets/prometheus-client-cert/tls.crt
key_file: /run/secrets/prometheus-client-cert/tls.key
insecure_skip_verify: false
relabel_configs: []
The scheme http
displayed in the log is misleading. However, I have enabled promxy log with trace
level to see what the scheme and Prometheus endpoints promxy communicate with, and it is totally correct.
I have used promxy in front of HTTPs downstreams before without issue
The issue is not always showed up if the traffics towards promxy is low; it happens more frequently if we add more traffics like running the same curl
command above from multiple terminals (e.g. I ran on 03 terminals in parallel)
from promxy.
Hi @jacksontj
Do you have a chance to reproducing the issue using the way I mentioned above?
from promxy.
Related Issues (20)
- Latency increases when there are fewer requests HOT 3
- Inconsistency response data for aggregation sum(rate) query HOT 15
- Handle inconsistencies with *_over_time() in VictoriaMetrics vs. Prometheus HOT 4
- Promxy Auth in VictoriaMetrics HOT 2
- query_range only return 5 mins data HOT 5
- Native histogram support HOT 2
- Error when configuring Promxy to work with VictoriaMetrics that is behind Prometheus HOT 2
- promxy makes up datapoints by repeating the last dataset HOT 4
- A little more elaboration around alerts? HOT 2
- 内置的Prometheus版本太低,部分查询语法不支持 HOT 2
- how to use build script? HOT 1
- Grafana Explore not able to get any metric HOT 11
- Unexpected behavior with empty data of one of server group HOT 4
- promxy to prometheus "remote_read" calls using "query" / "query_range" instead HOT 4
- The count function does not execute correctly HOT 3
- promxy returns empty results when using <aggregate>_over_time() function wrapping multiple queries with VictoriaMetrics HOT 4
- Time series fill/extend problem consulting in Promxy integration with VictoriaMetrics HOT 6
- Add support for `--web.route-prefix` HOT 2
- Native histogram not supported? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from promxy.