eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions
blumeops/fly/alloy.river
Erich Blume 9c789a1868
All checks were successful
Deploy Fly.io Proxy / deploy (push) Successful in 1m19s
Details
Fix cache hit rate on APM and Fly.io dashboards (#177) 
## Summary
- Remove `match_all = true` from `flyio_nginx_cache_requests_total` in Alloy so the metric only counts requests that go through the proxy cache (excludes health checks with empty `cache_status`)
- Change dashboard queries from `rate(...[5m])` to `increase(...[$__range])` — aggregates over the full dashboard time window instead of a 5-minute sliding window, giving meaningful ratios for low-traffic static sites
- Add null/NaN value mapping to show "No traffic" in neutral color instead of blank/red

## Root cause
Health check requests from Fly.io hit the default nginx server block (no `proxy_cache`), producing entries with empty `upstream_cache_status`. With `match_all = true`, these were counted in the cache metric, diluting the Fly.io dashboard ratio. For APM dashboards, `rate()[5m]` on low-traffic sites with 24h cache validity almost always returns either all-HITs (100%) or no data (blank → red background).

## Deployment
- Fly.io proxy redeploy needed for Alloy config change
- ArgoCD sync for dashboard ConfigMap changes

## Test plan
- [ ] Redeploy Fly.io proxy
- [ ] Sync grafana-config in ArgoCD
- [ ] Verify CV APM cache hit ratio shows a real percentage (not 100%)
- [ ] Verify Docs APM shows "No traffic" in neutral color when idle, real ratio when visited
- [ ] Verify Fly.io proxy dashboard cache ratio excludes health checks

Reviewed-on: https://forge.ops.eblu.me/eblume/blumeops/pulls/177
2026-02-12 18:40:48 -08:00

146 lines
4.1 KiB
Text
Raw Permalink Blame History

// Grafana Alloy configuration for flyio-proxy
// Collects nginx access logs → Loki, extracts metrics → Prometheus.
// Note: stub_status connection metrics are not collected — Alloy has no
// built-in nginx exporter. The log-derived metrics cover the key signals.
// ============== LOG COLLECTION ==============
// Tail the JSON access log written by nginx
local.file_match "nginx_access" {
path_targets = [
{__path__ = "/var/log/nginx/access.json.log", job = "flyio-nginx"},
]
}
loki.source.file "nginx_access" {
targets = local.file_match.nginx_access.targets
forward_to = [loki.process.nginx.receiver]
}
// Parse JSON fields, extract labels, derive metrics
loki.process "nginx" {
forward_to = [loki.relabel.instance.receiver]
// Parse the JSON log line
stage.json {
expressions = {
client_ip = "client_ip",
status = "status",
method = "request_method",
host = "http_host",
cache_status = "upstream_cache_status",
request_time = "request_time",
body_bytes_sent = "body_bytes_sent",
upstream_response_time = "upstream_response_time",
}
}
// Promote to labels for filtering in Loki
stage.labels {
values = {
status = "",
method = "",
host = "",
cache_status = "",
}
}
// --- Derived metrics (exposed on Alloy's /metrics endpoint) ---
stage.metrics {
metric.counter {
name = "flyio_nginx_http_requests_total"
description = "Total HTTP requests by status, method, and host."
match_all = true
action = "inc"
}
}
stage.metrics {
metric.histogram {
name = "flyio_nginx_http_request_duration_seconds"
description = "HTTP request latency in seconds."
source = "request_time"
buckets = [0.005, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 1, 2.5, 5, 10]
}
}
stage.metrics {
metric.counter {
name = "flyio_nginx_http_response_bytes_total"
description = "Total bytes sent in HTTP responses."
source = "body_bytes_sent"
action = "add"
}
}
stage.metrics {
metric.counter {
name = "flyio_nginx_cache_requests_total"
description = "Total cache lookups by cache status."
source = "cache_status"
action = "inc"
}
}
}
// Add instance label to logs
loki.relabel "instance" {
forward_to = [loki.write.loki.receiver]
rule {
target_label = "instance"
replacement = "flyio-proxy"
}
}
// Write logs to Loki via Tailscale Ingress (direct, bypasses Caddy)
// Uses direct Tailscale endpoint because flyio-proxy ACLs only allow
// tag:flyio-target — Caddy on indri (tag:homelab) is not reachable.
loki.write "loki" {
endpoint {
url = "https://loki.tail8d86e.ts.net/loki/api/v1/push"
}
}
// ============== METRICS PIPELINE ==============
// Self-scrape to collect the log-derived metrics from /metrics
prometheus.scrape "self" {
targets = [{"__address__" = "127.0.0.1:12345"}]
forward_to = [prometheus.relabel.instance.receiver]
scrape_interval = "15s"
}
// Strip the "loki_process_custom_" prefix that Alloy adds to stage.metrics,
// then add instance label. This keeps dashboard queries clean.
prometheus.relabel "instance" {
forward_to = [prometheus.remote_write.prometheus.receiver]
rule {
source_labels = ["__name__"]
regex = "loki_process_custom_(.*)"
target_label = "__name__"
replacement = "$1"
}
// Drop internal labels added by the loki pipeline
rule {
regex = "component_id|component_path|filename"
action = "labeldrop"
}
rule {
target_label = "instance"
replacement = "flyio-proxy"
}
}
// Push metrics to Prometheus via Tailscale Ingress (direct, bypasses Caddy)
// Uses direct Tailscale endpoint because flyio-proxy ACLs only allow
// tag:flyio-target — Caddy on indri (tag:homelab) is not reachable.
prometheus.remote_write "prometheus" {
endpoint {
url = "https://prometheus.tail8d86e.ts.net/api/v1/write"
}
}
Reference in a new issue View git blame Copy permalink