From: Alberto Leiva Popper Date: Fri, 12 Sep 2025 18:38:31 +0000 (-0600) Subject: Add proxy and Prometheus to documentation X-Git-Tag: 1.6.7~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=41aa4af539a841b7c42d4cf4e138b95104393bfd;p=thirdparty%2FFORT-validator.git Add proxy and Prometheus to documentation --- diff --git a/docs/_layouts/default.html b/docs/_layouts/default.html index 2b96e0de..9d22562b 100644 --- a/docs/_layouts/default.html +++ b/docs/_layouts/default.html @@ -58,6 +58,7 @@
  • Compilation and Installation
  • Basic Usage
  • Program Arguments
    • +
  • Stats
  • Logging
  • SLURM
  • Incidences
    • diff --git a/docs/intro-fort.md b/docs/intro-fort.md index 1c1662a4..3f94bc36 100644 --- a/docs/intro-fort.md +++ b/docs/intro-fort.md @@ -24,9 +24,9 @@ Fort is a command-line application intended for UNIX operating systems, written | [issue149](https://github.com/NICMx/FORT-validator/issues/149) | Lock the cache during updates | High | 2.0.0 | | [issue113](https://github.com/NICMx/FORT-validator/issues/113) | Detect and properly respond to subtler RRDP session desynchronization | Medium | 2.0.0 | | [issue124](https://github.com/NICMx/FORT-validator/issues/124) | Atomize output files (`--output.roa` and `--output.bgpsec`) | Medium | 2.0.0 | +| [issue129](https://github.com/NICMx/FORT-validator/issues/129) | Rethink the thread pools | Medium | 2.0.0 | | [issue114](https://github.com/NICMx/FORT-validator/issues/114) | Support automatic TA key rollover | Very High | 2.0.1 | -| [issue50](https://github.com/NICMx/FORT-validator/issues/50) | Provide prometheus endpoint | Very High | 2.0.2 | -| [issue58](https://github.com/NICMx/FORT-validator/issues/58) | Fort's validation produces no router keys | Very High | 2.0.3 | +| [issue58](https://github.com/NICMx/FORT-validator/issues/58) | Fort's validation produces no router keys | Very High | 2.0.2 | | [issue116](https://github.com/NICMx/FORT-validator/issues/116) | SLURM review | High | - | | [issue118](https://github.com/NICMx/FORT-validator/issues/118) | Implement validation re-reconsidered | High | - | | [issue119](https://github.com/NICMx/FORT-validator/issues/119) | Review IRIs to file names transition | High | - | @@ -42,7 +42,6 @@ Fort is a command-line application intended for UNIX operating systems, written | [issue126](https://github.com/NICMx/FORT-validator/issues/126) | Exhaustive URL validation | Medium | - | | [issue127](https://github.com/NICMx/FORT-validator/issues/127) | Stream RRDP files | Medium | - | | [issue128](https://github.com/NICMx/FORT-validator/issues/128) | Reuse TCP connections for HTTP requests to same server | Medium | - | -| [issue129](https://github.com/NICMx/FORT-validator/issues/129) | Rethink the thread pools | Medium | - | | [issue130](https://github.com/NICMx/FORT-validator/issues/130) | Improve documentation | Medium | - | | [issue151](https://github.com/NICMx/FORT-validator/issues/151) | [Enhancement]: Add ability to set ACLs for router connections | Medium | - | | [issue152](https://github.com/NICMx/FORT-validator/issues/152) | compliance issue: Fort accepts GeneralizedTime with fractional seconds | Medium | - | diff --git a/docs/stats.md b/docs/stats.md new file mode 100644 index 00000000..28491eb2 --- /dev/null +++ b/docs/stats.md @@ -0,0 +1,42 @@ +--- +title: Stats +--- + +# {{ page.title }} + +Enable the Prometheus server with [`--prometheus.port`](usage.html#--prometheusport) and [`--mode=server`](usage.html#--mode): + +```bash +$ fort --mode=server --prometheus.port=8000 /path/to/tal +$ curl localhost:8000/metrics +fort_rtr_ready 1 1757646873 +fort_rtr_current_connections 0 1757646873 +fort_valid_vrps_total{ta="test",proto="ipv4"} 44 1757646873 +fort_valid_vrps_total{ta="test",proto="ipv6"} 66 1757646873 +# EOF +``` + +The implementation is still very fresh, and prioritizes minimal monitoring over exhaustive reporting. Therefore, there are not many stats yet. Please request your preferred values via the [issue tracker](https://github.com/NICMx/FORT-validator/issues). + +## `fort_rtr_ready` + +- Type: Gauge (effectively boolean) + +Starts as 0, becomes 1 when the validator has a complete VRP table to serve via RTR. + +## `fort_rtr_current_connections` + +- Type: Gauge + +Number of presently open connections with RTR clients. + +## `fort_valid_vrps_total{ta="",proto=""}` + +- Type: Gauge + +Total number of VRPs generated from TA `` and protocol `` during the previous validation cycle. + +Labels: + +- `` is the TAL's file name, minus extension. (The `` of "`/etc/fort/tal/ripe-ncc.tal`" would be `ripe-ncc`.) +- `IP` is either `ipv4` or `ipv6`. diff --git a/docs/usage.md b/docs/usage.md index 1e51477b..aa1b09a0 100644 --- a/docs/usage.md +++ b/docs/usage.md @@ -29,6 +29,7 @@ description: Guide to use arguments of FORT Validator. 17. [`--server.interval.retry`](#--serverintervalretry) 18. [`--server.interval.expire`](#--serverintervalexpire) 18. [`--server.deltas.lifetime`](#--serverdeltaslifetime) + 18. [`--prometheus.port`](#--prometheusport) 19. [`--slurm`](#--slurm) 20. [`--log.enabled`](#--logenabled) 21. [`--log.level`](#--loglevel) @@ -56,6 +57,7 @@ description: Guide to use arguments of FORT Validator. 41. [`--http.low-speed-time`](#--httplow-speed-time) 41. [`--http.max-file-size`](#--httpmax-file-size) 42. [`--http.ca-path`](#--httpca-path) + 42. [`--http.proxy`](#--httpproxy) 43. [`--output.roa`](#--outputroa) 44. [`--output.bgpsec`](#--outputbgpsec) 45. [`--output.format`](#--outputformat) @@ -100,6 +102,7 @@ description: Guide to use arguments of FORT Validator. [--server.interval.retry=] [--server.interval.expire=] [--server.deltas.lifetime=] + [--prometheus.port=] [--rsync.enabled=true|false] [--rsync.priority=] [--rsync.retry.count=] @@ -117,6 +120,7 @@ description: Guide to use arguments of FORT Validator. [--http.low-speed-time=] [--http.max-file-size=] [--http.ca-path=] + [--http.proxy=] [--log.enabled=true|false] [--log.output=syslog|console] [--log.level=error|warning|info|debug] @@ -461,6 +465,21 @@ During each validation cycle, Fort generates a new snapshot, as well as the delt If a router lags behind, to the point Fort has already deleted the deltas it needs to update the router's snapshot, Fort will have to fall back to fetch the entire latest snapshot instead. +### `--prometheus.port` + +- **Type:** Integer +- **Availability:** `argv` and JSON +- **Default:** `NULL` +- **Range:** [1, 65535] + +TCP port the Prometheus server will be bound to. + +The Prometheus server requires `--prometheus.port` to be defined, and [`--mode`](#--mode) to be `server`. Otherwise it will not start. + +Stats are served in openmetrics format. See [stats](stats.html). + +Unlike [`--server.port`](#--serverport), `--prometheus.port` is strictly a number. (It will not be resolved.) + ### `--slurm` - **Type:** String (path to file or directory) @@ -792,6 +811,26 @@ Useful when the CA from the peer isn't located at the default OS certificate bun The value specified is utilized in libcurl's option [CURLOPT_CAPATH](https://curl.haxx.se/libcurl/c/CURLOPT_CAPATH.html). +### `--http.proxy` + +- **Type:** String (HTTPS URL) +- **Availability:** `argv` and JSON +- **Default:** `NULL` (disabled) + +Set a proxy to use for HTTP transfers. + +It can be a hostname, a dotted numerical IPv4 address or a numerical IPv6 address enclosed in brackets. The port defaults to 1080; append `:` to override. + +Alternatively, invoke the usual environment variable (EV): + +``` +https_proxy=https://example.com:1234 fort --tal=/path/to/tal +``` + +`--http.proxy` takes precedence over the `https_proxy` EV, which in turn takes precedence over the `HTTPS_PROXY` EV. + +> There's no `--rsync.proxy` counterpart. For rsync connections, use the `RSYNC_PROXY` EV as usual. + ### `--output.roa` - **Type:** String (Path to file) diff --git a/man/fort.8 b/man/fort.8 index 08ee75b5..71b62b6d 100644 --- a/man/fort.8 +++ b/man/fort.8 @@ -452,6 +452,16 @@ If a router lags behind, to the point Fort has already deleted the deltas it nee .RE .P +.B \-\-prometheus.port=\fIUNSIGNED_INTEGER\fR +.RS 4 +TCP port the Prometheus server will be bound to. +.P +The Prometheus server requires \fI--prometheus.port\fR to be defined, and \fI--mode\fR to be \fIserver\fR. Otherwise it will not start. +.P +Stats are served in openmetrics format. +.RE +.P + .B \-\-log.enabled=\fItrue\fR|\fIfalse\fR .RS 4 Enables the operation logs. @@ -854,6 +864,15 @@ By default, the path has a NULL value. .RE .P +.B \-\-http.proxy=\fIURL\fR +.RS 4 +.P +Set a proxy to use for HTTP transfers. +.P +It can be a hostname, a dotted numerical IPv4 address or a numerical IPv6 address enclosed in brackets. The port defaults to 1080; append \fI:\fR to override. +.RE +.P + .B \-\-rsync.enabled=\fItrue\fR|\fIfalse\fR .RS 4 Enables RSYNC requests.