diff --git a/README.turnserver b/README.turnserver index e8b424879..04d84650e 100644 --- a/README.turnserver +++ b/README.turnserver @@ -283,7 +283,8 @@ Flags: initially used by the session). --prometheus Enable prometheus metrics. By default it is disabled. Would listen on port 9641 unther the path /metrics - also the path / on this port can be used as a health check + also the path / on this port can be used as a health check. + See also options --prometheus-ip and --prometheus-port. -h Help. @@ -583,6 +584,10 @@ Options with values: The standard RFC explicitly define that this default must be IPv4, so use other option values with care! +--prometheus-ip IP address to bind the Prometheus listener to. Default is the wildcard address. + +--prometheus-port Port to bind the Prometheus listener to. Default is 9641. + --cli-ip Local system IP address to be used for CLI management interface. The turnserver process can be accessed for management with telnet, at this IP address and on the CLI port (see the next parameter). diff --git a/docker/coturn/alpine/Dockerfile b/docker/coturn/alpine/Dockerfile index 1998829ab..c18ea89ae 100644 --- a/docker/coturn/alpine/Dockerfile +++ b/docker/coturn/alpine/Dockerfile @@ -30,11 +30,11 @@ RUN apk add --no-cache \ libmicrohttpd-dev # Prepare prometheus-client-c sources for building. -ARG prom_ver=0.1.3 +ARG prom_commit=66deada5dc9b005ffd1bb509ff08b2d1d722356c RUN mkdir -p /build/ && cd /build/ \ && git init \ - && git remote add origin https://github.com/digitalocean/prometheus-client-c \ - && git fetch --depth=1 origin "v${prom_ver}" \ + && git remote add origin https://github.com/wireapp/prometheus-client-c \ + && git fetch --depth=1 origin "${prom_commit}" \ && git checkout FETCH_HEAD # Build libprom.so from sources. @@ -48,13 +48,10 @@ RUN mkdir -p /build/prom/build/ && cd /build/prom/build/ \ # Build libpromhttp.so from sources. RUN mkdir -p /build/promhttp/build/ && cd /build/promhttp/build/ \ - # Fix compiler warning: -Werror=incompatible-pointer-types - && sed -i 's/\&promhttp_handler/(MHD_AccessHandlerCallback)\&promhttp_handler/' \ - /build/promhttp/src/promhttp.c \ && TEST=0 cmake -G "Unix Makefiles" \ -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_SKIP_BUILD_RPATH=TRUE \ - -DCMAKE_C_FLAGS="-g -O3" \ + -DCMAKE_C_FLAGS="-g -O2" \ .. \ && make VERBOSE=1 @@ -120,7 +117,7 @@ WORKDIR /app/ # Use Coturn sources from Git if `coturn_git_ref` is specified. ARG coturn_git_ref=HEAD ARG coturn_github_url=https://github.com -ARG coturn_github_repo=coturn/coturn +ARG coturn_github_repo=wireapp/coturn RUN if [ "${coturn_git_ref}" != 'HEAD' ]; then true \ && rm -rf /app/* \ diff --git a/docker/coturn/debian/Dockerfile b/docker/coturn/debian/Dockerfile index c3b438435..d0623dd9a 100644 --- a/docker/coturn/debian/Dockerfile +++ b/docker/coturn/debian/Dockerfile @@ -30,11 +30,11 @@ RUN apt-get install -y --no-install-recommends --no-install-suggests \ libmicrohttpd-dev # Prepare prometheus-client-c sources for building. -ARG prom_ver=0.1.3 +ARG prom_commit=66deada5dc9b005ffd1bb509ff08b2d1d722356c RUN mkdir -p /build/ && cd /build/ \ && git init \ - && git remote add origin https://github.com/digitalocean/prometheus-client-c \ - && git fetch --depth=1 origin "v${prom_ver}" \ + && git remote add origin https://github.com/wireapp/prometheus-client-c \ + && git fetch --depth=1 origin "${prom_commit}" \ && git checkout FETCH_HEAD # Build libprom.so from sources. @@ -48,13 +48,10 @@ RUN mkdir -p /build/prom/build/ && cd /build/prom/build/ \ # Build libpromhttp.so from sources. RUN mkdir -p /build/promhttp/build/ && cd /build/promhttp/build/ \ - # Fix compiler warning: -Werror=incompatible-pointer-types - && sed -i 's/\&promhttp_handler/(MHD_AccessHandlerCallback)\&promhttp_handler/' \ - /build/promhttp/src/promhttp.c \ && TEST=0 cmake -G "Unix Makefiles" \ -DCMAKE_INSTALL_PREFIX=/usr \ -DCMAKE_SKIP_BUILD_RPATH=TRUE \ - -DCMAKE_C_FLAGS="-g -O3" \ + -DCMAKE_C_FLAGS="-g -O2" \ .. \ && make VERBOSE=1 @@ -119,7 +116,7 @@ WORKDIR /app/ # Use Coturn sources from Git if `coturn_git_ref` is specified. ARG coturn_git_ref=HEAD ARG coturn_github_url=https://github.com -ARG coturn_github_repo=coturn/coturn +ARG coturn_github_repo=wireapp/coturn RUN if [ "${coturn_git_ref}" != 'HEAD' ]; then true \ && rm -rf /app/* \ diff --git a/man/man1/turnserver.1 b/man/man1/turnserver.1 index 34375de28..80439d49b 100644 --- a/man/man1/turnserver.1 +++ b/man/man1/turnserver.1 @@ -428,7 +428,8 @@ initially used by the session). \fB\-\-prometheus\fP Enable prometheus metrics. By default it is disabled. Would listen on port 9641 unther the path /metrics -also the path / on this port can be used as a health check +also the path / on this port can be used as a health check. +See also \fIoptions\fP \fB\-\-prometheus\-ip\fP and \fB\-\-prometheus\-port\fP. .RE .TP .B @@ -839,6 +840,14 @@ The standard RFC explicitly define that this default must be IPv4, so use other option values with care! .TP .B +\fB\-\-prometheus\-ip\fP +IP address to bind the Prometheus listener to. Default is the wildcard address. +.TP +.B +\fB\-\-prometheus\-port\fP +Port to bind the Prometheus listener to. Default is 9641. +.TP +.B \fB\-\-cli\-ip\fP Local system IP address to be used for CLI management interface. The \fIturnserver\fP process can be accessed for management with telnet, diff --git a/src/apps/relay/mainrelay.c b/src/apps/relay/mainrelay.c index b7c78c07f..9dff17d8c 100644 --- a/src/apps/relay/mainrelay.c +++ b/src/apps/relay/mainrelay.c @@ -557,8 +557,11 @@ static char Usage[] = "Usage: turnserver [options]\n" " The connection string has the same parameters as redis-userdb connection string.\n" #endif #if !defined(TURN_NO_PROMETHEUS) -" --prometheus Enable prometheus metrics. It is disabled by default. If it is enabled it will listen on port 9641 unther the path /metrics\n" -" also the path / on this port can be used as a health check\n" +" --prometheus Enable prometheus metrics. It is disabled by default.\n" +" When enabled, it will listen on port 9641 on the wildcard address under the path /metrics.\n" +" The path / on this port can also be used as a health check.\n" +" --prometheus-ip= IP address for the Prometheus listener. Default is the wildcard address.\n" +" --prometheus-port= Prometheus listener port. Default is 9641.\n" #endif " --use-auth-secret TURN REST API flag.\n" " Flag that sets a special authorization option that is based upon authentication secret\n" @@ -787,6 +790,8 @@ enum EXTRA_OPTS { CHANNEL_LIFETIME_OPT, PERMISSION_LIFETIME_OPT, PROMETHEUS_OPT, + PROMETHEUS_IP_OPT, + PROMETHEUS_PORT_OPT, AUTH_SECRET_OPT, NO_AUTH_PINGS_OPT, NO_DYNAMIC_IP_LIST_OPT, @@ -902,6 +907,8 @@ static const struct myoption long_options[] = { #endif #if !defined(TURN_NO_PROMETHEUS) { "prometheus", optional_argument, NULL, PROMETHEUS_OPT }, + { "prometheus-ip", required_argument, NULL, PROMETHEUS_IP_OPT }, + { "prometheus-port", required_argument, NULL, PROMETHEUS_PORT_OPT }, #endif { "use-auth-secret", optional_argument, NULL, AUTH_SECRET_OPT }, { "static-auth-secret", required_argument, NULL, STATIC_AUTH_SECRET_VAL_OPT }, @@ -1532,7 +1539,18 @@ static void set_option(int c, char *value) #endif #if !defined(TURN_NO_PROMETHEUS) case PROMETHEUS_OPT: - turn_params.prometheus = 1; + turn_params.prometheus = turn_params.prometheus == PROM_DISABLED ? PROM_ENABLED : turn_params.prometheus; + break; + case PROMETHEUS_IP_OPT: + if(make_ioa_addr((const uint8_t*)value,0,&prometheus_addr)<0) { + TURN_LOG_FUNC(TURN_LOG_LEVEL_ERROR,"Cannot parse Prometheus listener address: %s\n", value); + } else { + turn_params.prometheus = PROM_ENABLED_WITH_IP; + } + break; + case PROMETHEUS_PORT_OPT: + prometheus_port = atoi(value); + turn_params.prometheus = turn_params.prometheus == PROM_DISABLED ? PROM_ENABLED : turn_params.prometheus; break; #endif case AUTH_SECRET_OPT: diff --git a/src/apps/relay/prom_server.c b/src/apps/relay/prom_server.c index 0a9d5bc29..fe00675c6 100644 --- a/src/apps/relay/prom_server.c +++ b/src/apps/relay/prom_server.c @@ -3,6 +3,8 @@ #include "mainrelay.h" #include "prom_server.h" +int prometheus_port = DEFAULT_PROM_SERVER_PORT; +ioa_addr prometheus_addr; prom_counter_t *turn_traffic_rcvp; prom_counter_t *turn_traffic_rcvb; @@ -26,7 +28,7 @@ prom_counter_t *turn_total_traffic_peer_sentb; int start_prometheus_server(void){ - if (turn_params.prometheus == 0){ + if (turn_params.prometheus == PROM_DISABLED){ return 1; } prom_collector_registry_default_init(); @@ -59,8 +61,27 @@ int start_prometheus_server(void){ promhttp_set_active_collector_registry(NULL); + struct MHD_Daemon *daemon; + int flags = MHD_USE_SELECT_INTERNALLY; + void *arg; + + if (turn_params.prometheus == PROM_ENABLED) { + daemon = promhttp_start_daemon(flags, prometheus_port, NULL, NULL); + } else { + // turn_params.prometheus == PROM_ENABLED_WITH_IP + + addr_set_port(&prometheus_addr, prometheus_port); + + if (prometheus_addr.ss.sa_family == AF_INET6) { + flags |= MHD_USE_IPv6; + arg = &prometheus_addr.s6; + } else { + arg = &prometheus_addr.s4; + } + + daemon = promhttp_start_daemon_with_options(flags, 0, NULL, NULL, MHD_OPTION_SOCK_ADDR, arg, MHD_OPTION_END); + } - struct MHD_Daemon *daemon = promhttp_start_daemon(MHD_USE_SELECT_INTERNALLY, DEFAULT_PROM_SERVER_PORT, NULL, NULL); if (daemon == NULL) { return -1; } diff --git a/src/apps/relay/prom_server.h b/src/apps/relay/prom_server.h index c70473bf2..b33a1563f 100644 --- a/src/apps/relay/prom_server.h +++ b/src/apps/relay/prom_server.h @@ -20,7 +20,13 @@ extern "C" { } #endif /* __clplusplus */ +#define PROM_DISABLED 0 +#define PROM_ENABLED 1 +#define PROM_ENABLED_WITH_IP 2 + #define DEFAULT_PROM_SERVER_PORT (9641) +extern int prometheus_port; +extern ioa_addr prometheus_addr; extern prom_counter_t *turn_new_allocation; extern prom_counter_t *turn_refreshed_allocation; @@ -63,4 +69,4 @@ void prom_set_finished_traffic(const char* realm, const char* user, unsigned lon } #endif /* __clplusplus */ -#endif /* __PROM_SERVER_H__ */ \ No newline at end of file +#endif /* __PROM_SERVER_H__ */