From 47d5451eb3463fd770c9bede57434a9a580f9cc8 Mon Sep 17 00:00:00 2001 From: Casie Chen Date: Mon, 9 Dec 2024 14:13:12 -0800 Subject: [PATCH 1/2] Remove ingester shutdown via GET --- cmd/mimir/config-descriptor.json | 11 ----------- cmd/mimir/help-all.txt.tmpl | 2 -- .../mimir/configure/configuration-parameters/index.md | 6 ------ pkg/api/api.go | 7 ------- pkg/api/api_test.go | 11 +---------- 5 files changed, 1 insertion(+), 36 deletions(-) diff --git a/cmd/mimir/config-descriptor.json b/cmd/mimir/config-descriptor.json index 7ee589d29ca..2254842528b 100644 --- a/cmd/mimir/config-descriptor.json +++ b/cmd/mimir/config-descriptor.json @@ -96,17 +96,6 @@ "fieldType": "boolean", "fieldCategory": "advanced" }, - { - "kind": "field", - "name": "get_request_for_ingester_shutdown_enabled", - "required": false, - "desc": "Enable GET requests to the /ingester/shutdown endpoint to trigger an ingester shutdown. This is a potentially dangerous operation and should only be enabled consciously.", - "fieldValue": null, - "fieldDefaultValue": false, - "fieldFlag": "api.get-request-for-ingester-shutdown-enabled", - "fieldType": "boolean", - "fieldCategory": "deprecated" - }, { "kind": "field", "name": "alertmanager_http_prefix", diff --git a/cmd/mimir/help-all.txt.tmpl b/cmd/mimir/help-all.txt.tmpl index bcf39c1bf34..6c4fd47ff04 100644 --- a/cmd/mimir/help-all.txt.tmpl +++ b/cmd/mimir/help-all.txt.tmpl @@ -359,8 +359,6 @@ Usage of ./cmd/mimir/mimir: [experimental] Enable UTF-8 strict mode. Allows UTF-8 characters in the matchers for routes and inhibition rules, in silences, and in the labels for alerts. It is recommended that all tenants run the `migrate-utf8` command in mimirtool before enabling this mode. Otherwise, some tenant configurations might fail to load. For more information, refer to [Enable UTF-8](https://grafana.com/docs/mimir//references/architecture/components/alertmanager/#enable-utf-8). Enabling and then disabling UTF-8 strict mode can break existing Alertmanager configurations if tenants added UTF-8 characters to their Alertmanager configuration while it was enabled. -alertmanager.web.external-url string The URL under which Alertmanager is externally reachable (eg. could be different than -http.alertmanager-http-prefix in case Alertmanager is served via a reverse proxy). This setting is used both to configure the internal requests router and to generate links in alert templates. If the external URL has a path portion, it will be used to prefix all HTTP endpoints served by Alertmanager, both the UI and API. (default http://localhost:8080/alertmanager) - -api.get-request-for-ingester-shutdown-enabled - [deprecated] Enable GET requests to the /ingester/shutdown endpoint to trigger an ingester shutdown. This is a potentially dangerous operation and should only be enabled consciously. -api.skip-label-count-validation-header-enabled Allows to disable enforcement of the label count limit "max_label_names_per_series" via X-Mimir-SkipLabelCountValidation header on the http write path. Allowing this for external clients allows any client to send invalid label counts. After enabling it, requests with a specific HTTP header set to true will not have label counts validated. -api.skip-label-name-validation-header-enabled diff --git a/docs/sources/mimir/configure/configuration-parameters/index.md b/docs/sources/mimir/configure/configuration-parameters/index.md index 67325aab69d..b21c2bd6317 100644 --- a/docs/sources/mimir/configure/configuration-parameters/index.md +++ b/docs/sources/mimir/configure/configuration-parameters/index.md @@ -149,12 +149,6 @@ api: # CLI flag: -api.skip-label-count-validation-header-enabled [skip_label_count_validation_header_enabled: | default = false] - # (deprecated) Enable GET requests to the /ingester/shutdown endpoint to - # trigger an ingester shutdown. This is a potentially dangerous operation and - # should only be enabled consciously. - # CLI flag: -api.get-request-for-ingester-shutdown-enabled - [get_request_for_ingester_shutdown_enabled: | default = false] - # (advanced) HTTP URL path under which the Alertmanager ui and api will be # served. # CLI flag: -http.alertmanager-http-prefix diff --git a/pkg/api/api.go b/pkg/api/api.go index a0592f74f15..e2f6da5735c 100644 --- a/pkg/api/api.go +++ b/pkg/api/api.go @@ -51,9 +51,6 @@ type Config struct { SkipLabelNameValidationHeader bool `yaml:"skip_label_name_validation_header_enabled" category:"advanced"` SkipLabelCountValidationHeader bool `yaml:"skip_label_count_validation_header_enabled" category:"advanced"` - // TODO: Remove option in Mimir 2.15. - GETRequestForIngesterShutdownEnabled bool `yaml:"get_request_for_ingester_shutdown_enabled" category:"deprecated"` - AlertmanagerHTTPPrefix string `yaml:"alertmanager_http_prefix" category:"advanced"` PrometheusHTTPPrefix string `yaml:"prometheus_http_prefix" category:"advanced"` @@ -72,7 +69,6 @@ type Config struct { func (cfg *Config) RegisterFlags(f *flag.FlagSet) { f.BoolVar(&cfg.SkipLabelNameValidationHeader, "api.skip-label-name-validation-header-enabled", false, "Allows to skip label name validation via X-Mimir-SkipLabelNameValidation header on the http write path. Use with caution as it breaks PromQL. Allowing this for external clients allows any client to send invalid label names. After enabling it, requests with a specific HTTP header set to true will not have label names validated.") f.BoolVar(&cfg.SkipLabelCountValidationHeader, "api.skip-label-count-validation-header-enabled", false, "Allows to disable enforcement of the label count limit \"max_label_names_per_series\" via X-Mimir-SkipLabelCountValidation header on the http write path. Allowing this for external clients allows any client to send invalid label counts. After enabling it, requests with a specific HTTP header set to true will not have label counts validated.") - f.BoolVar(&cfg.GETRequestForIngesterShutdownEnabled, "api.get-request-for-ingester-shutdown-enabled", false, "Enable GET requests to the /ingester/shutdown endpoint to trigger an ingester shutdown. This is a potentially dangerous operation and should only be enabled consciously.") cfg.RegisterFlagsWithPrefix("", f) } @@ -314,9 +310,6 @@ func (a *API) RegisterIngester(i Ingester) { a.RegisterRoute("/ingester/prepare-instance-ring-downscale", http.HandlerFunc(i.PrepareInstanceRingDownscaleHandler), false, true, "GET", "POST", "DELETE") a.RegisterRoute("/ingester/unregister-on-shutdown", http.HandlerFunc(i.PrepareUnregisterHandler), false, false, "GET", "PUT", "DELETE") a.RegisterRoute("/ingester/shutdown", http.HandlerFunc(i.ShutdownHandler), false, true, "POST") - if a.cfg.GETRequestForIngesterShutdownEnabled { - a.RegisterDeprecatedRoute("/ingester/shutdown", http.HandlerFunc(i.ShutdownHandler), false, true, "GET") - } a.RegisterRoute("/ingester/tsdb_metrics", http.HandlerFunc(i.UserRegistryHandler), true, true, "GET") a.indexPage.AddLinks(defaultWeight, "Ingester", []IndexPageLink{ diff --git a/pkg/api/api_test.go b/pkg/api/api_test.go index 62f2af308d9..43c670243c5 100644 --- a/pkg/api/api_test.go +++ b/pkg/api/api_test.go @@ -201,24 +201,15 @@ func (mi MockIngester) ShutdownHandler(w http.ResponseWriter, _ *http.Request) { func TestApiIngesterShutdown(t *testing.T) { for _, tc := range []struct { name string - setFlag bool expectedStatusCode int }{ - { - name: "flag set to true, enable GET request for ingester shutdown", - setFlag: true, - expectedStatusCode: http.StatusNoContent, - }, { name: "flag not set (default), disable GET request for ingester shutdown", - setFlag: false, expectedStatusCode: http.StatusMethodNotAllowed, }, } { t.Run(tc.name, func(t *testing.T) { - cfg := Config{ - GETRequestForIngesterShutdownEnabled: tc.setFlag, - } + cfg := Config{} serverCfg := getServerConfig(t) federationCfg := tenantfederation.Config{} srv, err := server.New(serverCfg) From 58d726400bbc3b677dd05ce93057ed0cd29817f3 Mon Sep 17 00:00:00 2001 From: Casie Chen Date: Mon, 9 Dec 2024 14:19:36 -0800 Subject: [PATCH 2/2] Update CHANGELOG --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2363abb10ac..45cbb88b7ae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,7 @@ * [CHANGE] Querier: The `.` pattern in regular expressions in PromQL matches newline characters. With this change regular expressions like `.*` match strings that include `\n`. To maintain the old behaviour, you will have to change regular expressions by replacing all `.` patterns with `[^\n]`, e.g. `foo[^\n]*`. This upgrades PromQL compatibility from Prometheus 2.0 to 3.0. #9844 * [CHANGE] Querier: Lookback and range selectors are left open and right closed (previously left closed and right closed). This change affects queries when the evaluation time perfectly aligns with the sample timestamps. For example assume querying a timeseries with evenly spaced samples exactly 1 minute apart. Previously, a range query with `5m` would usually return 5 samples, or 6 samples if the query evaluation aligns perfectly with a scrape. Now, queries like this will always return 5 samples. This upgrades PromQL compatibility from Prometheus 2.0 to 3.0. #9844 * [CHANGE] Querier: promql(native histograms): Introduce exponential interpolation. #9844 +* [CHANGE] Remove deprecated `api.get-request-for-ingester-shutdown-enabled` setting, which scheduled for removal in 2.15. #10197 * [FEATURE] Querier: add experimental streaming PromQL engine, enabled with `-querier.query-engine=mimir`. #10067 * [FEATURE] Distributor: Add support for `lz4` OTLP compression. #9763 * [FEATURE] Query-frontend: added experimental configuration options `query-frontend.cache-errors` and `query-frontend.results-cache-ttl-for-errors` to allow non-transient responses to be cached. When set to `true` error responses from hitting limits or bad data are cached for a short TTL. #9028