[tor-commits] [snowflake/master] Replace default with custom prometheus registry

cohosh at torproject.org cohosh at torproject.org
Mon Apr 26 18:23:28 UTC 2021 

commit af6e2c30e1a6aacc6e7adf9a31df0a387891cc37
Author: Cecylia Bocovich <cohosh at torproject.org>
Date:   Thu Apr 1 14:21:12 2021 -0400

    Replace default with custom prometheus registry
    
    The default prometheus registry exports data that may be useful for
    side-channel attacks. This removes all of the default metrics and makes
    sure we are only reporting snowflake metrics from the broker.
---
 broker/broker.go  |  4 +---
 broker/metrics.go | 15 ++++++++-------
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/broker/broker.go b/broker/broker.go
index 77c62d8..8d7a314 100644
--- a/broker/broker.go
+++ b/broker/broker.go
@@ -506,9 +506,7 @@ func main() {
 	http.Handle("/answer", SnowflakeHandler{ctx, proxyAnswers})
 	http.Handle("/debug", SnowflakeHandler{ctx, debugHandler})
 	http.Handle("/metrics", MetricsHandler{metricsFilename, metricsHandler})
-	http.Handle("/prometheus", promhttp.Handler())
-
-	InitPrometheus()
+	http.Handle("/prometheus", promhttp.HandlerFor(promMetrics.registry, promhttp.HandlerOpts{}))
 
 	server := http.Server{
 		Addr: addr,
diff --git a/broker/metrics.go b/broker/metrics.go
index be8cfd9..ad55bcb 100644
--- a/broker/metrics.go
+++ b/broker/metrics.go
@@ -15,7 +15,6 @@ import (
 	"time"
 
 	"github.com/prometheus/client_golang/prometheus"
-	"github.com/prometheus/client_golang/prometheus/promauto"
 )
 
 var (
@@ -261,6 +260,7 @@ func binCount(count uint) uint {
 }
 
 type PromMetrics struct {
+	registry         *prometheus.Registry
 	ProxyTotal       *prometheus.CounterVec
 	ProxyPollTotal   *RoundedCounterVec
 	ClientPollTotal  *RoundedCounterVec
@@ -272,7 +272,9 @@ func initPrometheus() *PromMetrics {
 
 	promMetrics := &PromMetrics{}
 
-	promMetrics.ProxyTotal = promauto.NewCounterVec(
+	promMetrics.registry = prometheus.NewRegistry()
+
+	promMetrics.ProxyTotal = prometheus.NewCounterVec(
 		prometheus.CounterOpts{
 			Namespace: prometheusNamespace,
 			Name:      "proxy_total",
@@ -281,7 +283,7 @@ func initPrometheus() *PromMetrics {
 		[]string{"type", "nat", "cc"},
 	)
 
-	promMetrics.AvailableProxies = promauto.NewGaugeVec(
+	promMetrics.AvailableProxies = prometheus.NewGaugeVec(
 		prometheus.GaugeOpts{
 			Namespace: prometheusNamespace,
 			Name:      "available_proxies",
@@ -308,10 +310,9 @@ func initPrometheus() *PromMetrics {
 		[]string{"nat", "status"},
 	)
 
-	// We need to register this new metric type because there is no constructor
-	// for it in promauto.
-	prometheus.DefaultRegisterer.MustRegister(promMetrics.ClientPollTotal)
-	prometheus.DefaultRegisterer.MustRegister(promMetrics.ProxyPollTotal)
+	// We need to register our metrics so they can be exported.
+	promMetrics.registry.MustRegister(promMetrics.ClientPollTotal, promMetrics.ProxyPollTotal,
+		promMetrics.ProxyTotal, promMetrics.AvailableProxies)
 
 	return promMetrics

More information about the tor-commits mailing list