mc/mc-proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Prometheus metrics for connections, firewall, L7, and bytes transferred

Browse Source 
Instrument mc-proxy with prometheus/client_golang. New internal/metrics/
package defines counters, gauges, and histograms for connection totals,
active connections, firewall blocks by reason, backend dial latency,
bytes transferred, L7 HTTP status codes, and L7 policy blocks. Optional
[metrics] config section starts a scrape endpoint. Firewall gains
BlockedWithReason() to report block cause. L7 handler wraps
ResponseWriter to record status codes per hostname.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Kyle Isom
2026-03-25 18:05:25 -07:00
parent 42c7fffc3e
commit ffc31f7d55
16 changed files with 439 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ARCHITECTURE.md
View File

@@ -710,9 +710,6 @@ Items are listed roughly in priority order:
| Item | Description |
|------|-------------|
| **ACME integration** | Automatic certificate provisioning via Let's Encrypt for L7 routes, removing the need for manual cert management. |
| **L7 policies** | User-agent blocking, header-based routing, request rate limiting per endpoint. Requires L7 mode. |
| **MCP integration** | Wire the gRPC admin API into the Metacircular Control Plane for centralized management. |
| **Connection pooling** | Pool backend connections for L7 routes to reduce connection setup overhead under high request volume. |
| **Per-listener connection limits** | Cap maximum concurrent connections per listener. |
| **Metrics** | Prometheus-compatible metrics: connections per listener, firewall blocks by rule, backend dial latency, active connections, HTTP status code distributions. |
| **Metacrypt key storage** | Store L7 TLS private keys in metacrypt rather than on the filesystem. |