[tor-bugs] #29863 [Obfuscation/Snowflake]: Add disk space monitoring for snowflake infrastructure
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 9 15:23:39 UTC 2019
#29863: Add disk space monitoring for snowflake infrastructure
-----------------------------------+---------------------------
Reporter: cohosh | Owner: (none)
Type: task | Status: new
Priority: Medium | Milestone:
Component: Obfuscation/Snowflake | Version:
Severity: Normal | Resolution:
Keywords: snowflake | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor: Sponsor19
-----------------------------------+---------------------------
Comment (by cohosh):
I edited /etc/init.d/prometheus-node-exporter and /etc/default/prometheus-
node-exporter to add the following line:
{{{
ARGS="--no-collector.arp --no-collector.bcache --no-collector.bonding
--no-collector.conntrack --no-collector.cpu --no-collector.edac --no-
collector.entropy --no-collector.filefd --no-collector.hwmon --no-
collector.infiniband --no-collector.ipvs --no-collector.loadavg --no-
collector.mdadm --no-collector.meminfo --no-collector.netclass --no-
collector.netdev --no-collector.netstat --no-collector.nfs --no-
collector.nfsd --no-collector.sockstat --no-collector.stat --no-
collector.textfile --no-collector.timex --no-collector.uname --no-
collector.vmstat --no-collector.xfs --no-collector.zfs"
}}}
Unfortunately there's no `--disable-all` option or config file so we have
to disable all of the collectors individual except the ones that we want.
The collectors listed [https://github.com/prometheus/node_exporter here]
aren't quite what we got. The full list is in /etc/default/prometheus-
node-exporter.
The above arguments will leave only the diskstats, filesystem, systemd,
and time collectors enabled for now:
{{{
Apr 9 15:13:03 broker systemd[1]: Started Prometheus exporter for machine
metrics.
Apr 9 15:13:03 broker prometheus-node-exporter[5469]:
time="2019-04-09T15:13:03Z" level=info msg="Starting node_exporter
(version=0.17.0+ds, branch=debian/sid, revision=0.17.0+ds-2~bpo9+1)"
source="node_exporter.go:156"
Apr 9 15:13:03 broker prometheus-node-exporter[5469]:
time="2019-04-09T15:13:03Z" level=info msg="Build context (go=go1.10.5,
user=pkg-go-maintainers at lists.alioth.debian.org, date=20181223-17:51:48)"
source="node_exporter.go:157"
Apr 9 15:13:03 broker prometheus-node-exporter[5469]:
time="2019-04-09T15:13:03Z" level=info msg="Enabled collectors:"
source="node_exporter.go:97"
Apr 9 15:13:03 broker prometheus-node-exporter[5469]:
time="2019-04-09T15:13:03Z" level=info msg=" - diskstats"
source="node_exporter.go:104"
Apr 9 15:13:03 broker prometheus-node-exporter[5469]:
time="2019-04-09T15:13:03Z" level=info msg=" - filesystem"
source="node_exporter.go:104"
Apr 9 15:13:03 broker prometheus-node-exporter[5469]:
time="2019-04-09T15:13:03Z" level=info msg=" - systemd"
source="node_exporter.go:104"
Apr 9 15:13:03 broker prometheus-node-exporter[5469]:
time="2019-04-09T15:13:03Z" level=info msg=" - time"
source="node_exporter.go:104"
Apr 9 15:13:03 broker prometheus-node-exporter[5469]:
time="2019-04-09T15:13:03Z" level=info msg="Listening on :9100"
source="node_exporter.go:170"
}}}
We might also want to enable collectors related to memory/CPU to make sure
we're not straining the system too badly.
I think the biggest ones to stay away from are related to network data
(like netstat).
I'll put this in needs_review and if we decide it's merge_ready we can
allow the Tor Project prometheus scraper to access port 9100.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29863#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list