Adding zk server metrics to track connections on unified client port. (#79)

rahulrane50 · web-flow · commit 15ced709d016 · 2022-06-15T11:46:46.000-07:00
* Adding ZK server metrics to idetify SSL vs non-SSL connections request to unified port


Co-authored-by: Rahul Rane &lt;rrane@linkedin.com&gt;
diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxnFactory.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxnFactory.java
@@ -169,6 +169,7 @@ private void handleNonSsl(ChannelHandlerContext context) {
         @Override
         protected SslHandler newSslHandler(ChannelHandlerContext context, SslContext sslContext) {
             NettyServerCnxn cnxn = Objects.requireNonNull(context.channel().attr(CONNECTION_ATTRIBUTE).get());
+            ServerMetrics.getMetrics().UNIFIED_PORT_SSL_REQUESTS.add(1);
             LOG.debug("creating ssl handler for session {}", cnxn.getSessionId());
             SslHandler handler = super.newSslHandler(context, sslContext);
             Future<Channel> handshakeFuture = handler.handshakeFuture();
@@ -179,6 +180,7 @@ protected SslHandler newSslHandler(ChannelHandlerContext context, SslContext ssl
         @Override
         protected ChannelHandler newNonSslHandler(ChannelHandlerContext context) {
             NettyServerCnxn cnxn = Objects.requireNonNull(context.channel().attr(CONNECTION_ATTRIBUTE).get());
+            ServerMetrics.getMetrics().UNIFIED_PORT_NONSSL_REQUESTS.add(1);
             LOG.debug("creating plaintext handler for session {}", cnxn.getSessionId());
             // Mark handshake finished if it's a insecure cnxn
             updateHandshakeCountIfStarted(cnxn);
@@ -442,6 +444,7 @@ public void operationComplete(Future<Channel> future) {
                         return;
                     }
 
+                    ServerMetrics.getMetrics().X509_AUTH_REQUESTS.add(1);
                     KeeperException.Code code = KeeperException.Code.AUTHFAILED;
                     if (authProvider != null) {
                         code = authProvider.handleAuthentication(cnxn, null);
diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/ServerMetrics.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/ServerMetrics.java
@@ -229,6 +229,11 @@ private ServerMetrics(MetricsProvider metricsProvider) {
         REQUEST_THROTTLE_WAIT_COUNT = metricsContext.getCounter("request_throttle_wait_count");
         LARGE_REQUESTS_REJECTED = metricsContext.getCounter("large_requests_rejected");
 
+        UNIFIED_PORT_NONSSL_REQUESTS = metricsContext.getCounter("unified_port_nonssl_requests");
+        UNIFIED_PORT_SSL_REQUESTS = metricsContext.getCounter("unified_port_ssl_requests");
+        X509_AUTH_REQUESTS = metricsContext.getCounter("x509_auth_requests");
+        X509_ZNODEGROUPACL_AUTH_PROVDER_REQUESTS = metricsContext.getCounter("x509_ZNodeGroupACL_auth_requests");
+
         NETTY_QUEUED_BUFFER = metricsContext.getSummary("netty_queued_buffer_capacity", DetailLevel.BASIC);
 
         DIGEST_MISMATCHES_COUNT = metricsContext.getCounter("digest_mismatches_count");
@@ -444,6 +449,14 @@ private ServerMetrics(MetricsProvider metricsProvider) {
     public final Counter REQUEST_THROTTLE_WAIT_COUNT;
     public final Counter LARGE_REQUESTS_REJECTED;
 
+    /*
+     * Client Auth requests for x509 based AuthenticationProviders through portUnification.
+     */
+    public final Counter UNIFIED_PORT_NONSSL_REQUESTS;
+    public final Counter UNIFIED_PORT_SSL_REQUESTS;
+    public final Counter X509_AUTH_REQUESTS;
+    public final Counter X509_ZNODEGROUPACL_AUTH_PROVDER_REQUESTS;
+
     public final Summary NETTY_QUEUED_BUFFER;
 
     // Total number of digest mismatches that are observed when applying
diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/auth/znode/groupacl/X509ZNodeGroupAclProvider.java b/zookeeper-server/src/main/java/org/apache/zookeeper/server/auth/znode/groupacl/X509ZNodeGroupAclProvider.java
@@ -18,6 +18,7 @@
 
 package org.apache.zookeeper.server.auth.znode.groupacl;
 
+import org.apache.zookeeper.server.ServerMetrics;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.Set;
@@ -90,6 +91,7 @@ public X509ZNodeGroupAclProvider(X509TrustManager trustManager, X509KeyManager k
 
   @Override
   public KeeperException.Code handleAuthentication(ServerObjs serverObjs, byte[] authData) {
+    ServerMetrics.getMetrics().X509_ZNODEGROUPACL_AUTH_PROVDER_REQUESTS.add(1);
     // 1. Authenticate connection
     ServerCnxn cnxn = serverObjs.getCnxn();
     try {
