Skip to main content

Prometheus Relabel Rules and the ‘action’ Parameter

Today I want to talk about learning about the action parameter in the relabel_config and metric_relabel_config elements in Prometheus. This was an epiphany I had when searching for how to dig substrings out the __meta_* label names as returned from service discovery (hint, use action: labelmap)
Relabel configs are composed of the following:
  • source_labels
  • separator (default ‘;’)
  • target_label – mandatory for replace actions. More on this below
  • regex (default ‘.*’)
  • modulus
  • replacement (default ‘$1’)
  • action (default ‘replace’)
Some of these elements have defaults, others are required based on the value of the action element.
When first learning about relabel configs in Prometheus you will encounter many examples that looks something like this:
relabel_configs: 
    - source_labels: [__meta_kubernetes_role] 
      action: keep 
      regex: (?:apiserver|node) 
    - source_labels: [__meta_kubernetes_role] 
      target_label: job 
      replacement: kubernetes_$1 
    - action: labelmap 
      regex: __meta_kubernetes_node_label_(.+)
Every example I’ve found the stanza starts with source_labels as the first entry in the list of elements. As it states in the docs:
action defaults to ‘replace’
After reading the code (trying to find labelmap) it occurred to me that action is really the star of the show.
There are many different actions available to the relabel configs (lifted from the docs):
  • replace: Match regex against the concatenated source_labels. Then, set target_label to replacement, with match group references
     (${1}${2}, …) in replacement substituted by their value. If regex
     does not match, no replacement takes place.
  • keep: Drop targets for which regex does not match the concatenated source_labels.
  • drop: Drop targets for which regex matches the concatenated source_labels.
  • hashmod: Set target_label to the modulus of a hash of the concatenated source_labels.
  • labelmap: Match regex against all label names. Then copy the values of the matching labels to label names given by replacement with match group references (${1}${2}, …) in replacement substituted by their value.
  • labeldrop: Match regex against all label names. Any label that matches will be removed from the set of labels.
  • labelkeep: Match regex against all label names. Any label that does not match will be removed from the set of labels.
From a neophyte’s perspective perhaps all the examples for replace relabel rules should start with action, even if it’s redundant. To rewrite the above example:
relabel_configs: 
    - action: keep 
      source_labels: [__meta_kubernetes_role] 
      regex: (?:apiserver|node) 
    - action: replace 
      source_labels: [__meta_kubernetes_role] 
      target_label: job 
      replacement: kubernetes_$1 
    - action: labelmap 
      regex: __meta_kubernetes_node_label_(.+)
By leading with action it is crystal clear what is happening.
Labels:

Comments

Post a Comment

https://gengwg.blogspot.com/

Popular posts from this blog

CKA Simulator Kubernetes 1.22

  https://killer.sh Pre Setup Once you've gained access to your terminal it might be wise to spend ~1 minute to setup your environment. You could set these: alias k = kubectl                         # will already be pre-configured export do = "--dry-run=client -o yaml"     # k get pod x $do export now = "--force --grace-period 0"   # k delete pod x $now Vim To make vim use 2 spaces for a tab edit ~/.vimrc to contain: set tabstop=2 set expandtab set shiftwidth=2 More setup suggestions are in the tips section .     Question 1 | Contexts Task weight: 1%   You have access to multiple clusters from your main terminal through kubectl contexts. Write all those context names into /opt/course/1/contexts . Next write a command to display the current context into /opt/course/1/context_default_kubectl.sh , the command should use kubectl . Finally write a second command doing the same thing into ...
Post a Comment
Read more

OWASP Top 10 Threats and Mitigations Exam - Single Select

Last updated 4 Aug 11 Course Title: OWASP Top 10 Threats and Mitigation Exam Questions - Single Select 1) Which of the following consequences is most likely to occur due to an injection attack? Spoofing Cross-site request forgery Denial of service   Correct Insecure direct object references 2) Your application is created using a language that does not support a clear distinction between code and data. Which vulnerability is most likely to occur in your application? Injection   Correct Insecure direct object references Failure to restrict URL access Insufficient transport layer protection 3) Which of the following scenarios is most likely to cause an injection attack? Unvalidated input is embedded in an instruction stream.   Correct Unvalidated input can be distinguished from valid instructions. A Web application does not validate a client’s access to a resource. A Web action performs an operation on behalf of the user without checkin...
2 comments
Read more