Register quota metrics in GCP proxy

When a quota request is rejected, increment the metric counter by one. Also makes both frontend and backend metrics singleton because all the fields they have a static. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=185146804
2025-05-16 17:37:13 +02:00 · 2018-02-09 08:50:10 -08:00 · 2018-02-09 08:50:10 -08:00 · ce5baafc4a
commit ce5baafc4a
parent c34e547659
6 changed files with 137 additions and 15 deletions
--- a/java/google/registry/proxy/handler/QuotaHandler.java
+++ b/java/google/registry/proxy/handler/QuotaHandler.java
@ -15,11 +15,13 @@
 package google.registry.proxy.handler;

 import static com.google.common.base.Preconditions.checkNotNull;
+import static google.registry.proxy.Protocol.PROTOCOL_KEY;
 import static google.registry.proxy.handler.EppServiceHandler.CLIENT_CERTIFICATE_HASH_KEY;
 import static google.registry.proxy.handler.ProxyProtocolHandler.REMOTE_ADDRESS_KEY;

 import google.registry.proxy.EppProtocolModule.EppProtocol;
 import google.registry.proxy.WhoisProtocolModule.WhoisProtocol;
+import google.registry.proxy.metric.FrontendMetrics;
 import google.registry.proxy.quota.QuotaManager;
 import google.registry.proxy.quota.QuotaManager.QuotaRebate;
 import google.registry.proxy.quota.QuotaManager.QuotaRequest;
@ -40,9 +42,11 @@ public abstract class QuotaHandler extends ChannelInboundHandlerAdapter {

  protected final QuotaManager quotaManager;
  protected QuotaResponse quotaResponse;
+  protected final FrontendMetrics metrics;

-  protected QuotaHandler(QuotaManager quotaManager) {
+  protected QuotaHandler(QuotaManager quotaManager, FrontendMetrics metrics) {
    this.quotaManager = quotaManager;
+    this.metrics = metrics;
  }

  abstract String getUserId(ChannelHandlerContext ctx);
@ -57,7 +61,9 @@ public abstract class QuotaHandler extends ChannelInboundHandlerAdapter {
      checkNotNull(userId, "Cannot obtain User ID");
      quotaResponse = quotaManager.acquireQuota(QuotaRequest.create(userId));
      if (!quotaResponse.success()) {
-        throw new OverQuotaException(isUserIdPii() ? "none" : userId);
+        String protocolName = ctx.channel().attr(PROTOCOL_KEY).get().name();
+        metrics.registerQuotaRejection(protocolName, isUserIdPii() ? "none" : userId);
+        throw new OverQuotaException(protocolName, isUserIdPii() ? "none" : userId);
      }
    }
    ctx.fireChannelRead(msg);
@ -72,8 +78,11 @@ public abstract class QuotaHandler extends ChannelInboundHandlerAdapter {
  public abstract void channelInactive(ChannelHandlerContext ctx);

  static class OverQuotaException extends Exception {
-    OverQuotaException(String userId) {
-      super(String.format("USER ID: %s\nQuota exceeded, terminating connection.", userId));
+    OverQuotaException(String protocol, String userId) {
+      super(
+          String.format(
+              "\nPROTOCOL: %s\nUSER ID: %s\nQuota exceeded, terminating connection.",
+              protocol, userId));
    }
  }

@ -81,8 +90,8 @@ public abstract class QuotaHandler extends ChannelInboundHandlerAdapter {
  public static class WhoisQuotaHandler extends QuotaHandler {

    @Inject
-    WhoisQuotaHandler(@WhoisProtocol QuotaManager quotaManager) {
-      super(quotaManager);
+    WhoisQuotaHandler(@WhoisProtocol QuotaManager quotaManager, FrontendMetrics metrics) {
+      super(quotaManager, metrics);
    }

    /**
@ -117,8 +126,8 @@ public abstract class QuotaHandler extends ChannelInboundHandlerAdapter {
  public static class EppQuotaHandler extends QuotaHandler {

    @Inject
-    EppQuotaHandler(@EppProtocol QuotaManager quotaManager) {
-      super(quotaManager);
+    EppQuotaHandler(@EppProtocol QuotaManager quotaManager, FrontendMetrics metrics) {
+      super(quotaManager, metrics);
    }

    /**
--- a/java/google/registry/proxy/metric/BackendMetrics.java
+++ b/java/google/registry/proxy/metric/BackendMetrics.java
@ -26,8 +26,10 @@ import google.registry.util.NonFinalForTesting;
 import io.netty.handler.codec.http.FullHttpRequest;
 import io.netty.handler.codec.http.FullHttpResponse;
 import javax.inject.Inject;
+import javax.inject.Singleton;

 /** Backend metrics instrumentation. */
+@Singleton
 public class BackendMetrics {

  // Maximum request size is defined in the config file, this is not realistic and we'd be out of
--- a/java/google/registry/proxy/metric/FrontendMetrics.java
+++ b/java/google/registry/proxy/metric/FrontendMetrics.java
@ -31,10 +31,23 @@ import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
 import javax.inject.Inject;
+import javax.inject.Singleton;

 /** Frontend metrics instrumentation. */
+@Singleton
 public class FrontendMetrics {

+  /**
+   * Labels to register front metrics with.
+   *
+   * <p>The client certificate hash value is only used for EPP metrics. For WHOIS metrics, it will
+   * always be {@code "none"}. In order to get the actual registrar name, one can use the {@code
+   * nomulus} tool:
+   *
+   * <pre>
+   * nomulus -e production list_registrars -f clientCertificateHash | grep $HASH
+   * </pre>
+   */
  private static final ImmutableSet<LabelDescriptor> LABELS =
      ImmutableSet.of(
          LabelDescriptor.create("protocol", "Name of the protocol."),
@ -68,6 +81,14 @@ public class FrontendMetrics {
              "Connections",
              LABELS);

+  static final IncrementableMetric quotaRejectionsCounter =
+      MetricRegistryImpl.getDefault()
+          .newIncrementableMetric(
+              "/proxy/frontend/quota_rejections",
+              "Total number rejected quota request made by proxy for each connection.",
+              "Rejections",
+              LABELS);
+
  @Inject
  public FrontendMetrics() {}

@ -96,4 +117,9 @@ public class FrontendMetrics {
    }
    channelGroup.add(channel);
  }
+
+  @NonFinalForTesting
+  public void registerQuotaRejection(String protocol, String certHash) {
+    quotaRejectionsCounter.increment(protocol, certHash);
+  }
 }