Add monitoring endpoint to sshd

Add a basic monitoring endpoint to the sshd command. * Listen on localhost port 9122 by default. * Integrate build/version info. * Update example config. https://gitlab.com/gitlab-org/gitlab-shell/-/issues/121 Signed-off-by: Ben Kochie <superq@gmail.com>

Add monitoring endpoint to sshd
a300cf87 · Ben Kochie · 8051e6a1 · a300cf87 · a300cf87 · a300cf87
Unverified Commit a300cf87 authored 4 years ago by Ben Kochie
--- a/cmd/gitlab-sshd/main.go
+++ b/cmd/gitlab-sshd/main.go
@@ -9,10 +9,16 @@ import (
 	"gitlab.com/gitlab-org/gitlab-shell/internal/config"
 	"gitlab.com/gitlab-org/gitlab-shell/internal/logger"
 	"gitlab.com/gitlab-org/gitlab-shell/internal/sshd"
+	"gitlab.com/gitlab-org/labkit/monitoring"
 )

 var (
 	configDir = flag.String("config-dir", "", "The directory the config is in")
+
+	// BuildTime signifies the time the binary was build.
+	BuildTime = "2021-02-16T09:28:07+01:00" // Set at build time in the Makefile
+	// Version is the current version of GitLab Shell sshd.
+	Version = "(unknown version)" // Set at build time in the Makefile
 )

 func overrideConfigFromEnvironment(cfg *config.Config) {
@@ -50,6 +56,18 @@ func main() {
 	}
 	logger.ConfigureStandalone(cfg)

+	// Startup monitoring endpoint.
+	if cfg.Server.WebListen != "" {
+		go func() {
+			log.Fatal(
+				monitoring.Start(
+					monitoring.WithListenerAddress(cfg.Server.WebListen),
+					monitoring.WithBuildInformation(Version, BuildTime),
+				),
+			)
+		}()
+	}
+
 	if err := sshd.Run(cfg); err != nil {
 		log.Fatalf("Failed to start GitLab built-in sshd: %v", err)
 	}

--- a/config.yml.example
+++ b/config.yml.example
@@ -66,10 +66,12 @@ audit_usernames: false
 sshd:
  # Address which the SSH server listens on. Defaults to [::]:22.
  listen: "[::]:22"
+  # Address which the server listens on HTTP for monitoring/health checks. Defaults to localhost:9122.
+  web_listen: "localhost:9122"
  # Maximum number of concurrent sessions allowed on a single SSH connection. Defaults to 10.
  concurrent_sessions_limit: 10
  # SSH host key files. 
  host_key_files:
    - /run/secrets/ssh-hostkeys/ssh_host_rsa_key
    - /run/secrets/ssh-hostkeys/ssh_host_ecdsa_key
-    - /run/secrets/ssh-hostkeys/ssh_host_ed25519_key
\ No newline at end of file
+    - /run/secrets/ssh-hostkeys/ssh_host_ed25519_key
--- a/go.mod
+++ b/go.mod
@@ -5,13 +5,14 @@ go 1.13
 require (
 	github.com/mattn/go-shellwords v1.0.11
 	github.com/otiai10/copy v1.4.2
+	github.com/prometheus/client_golang v1.9.0
 	github.com/sirupsen/logrus v1.7.0
 	github.com/stretchr/testify v1.6.1
 	gitlab.com/gitlab-org/gitaly v1.68.0
 	gitlab.com/gitlab-org/labkit v1.3.0
 	golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
 	golang.org/x/sync v0.0.0-20201207232520-09787c993a3a
-	google.golang.org/grpc v1.35.0
+	google.golang.org/grpc v1.29.1
 	gopkg.in/yaml.v2 v2.4.0
 )


--- a/go.sum
+++ b/go.sum
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -18,6 +18,7 @@ const (

 type ServerConfig struct {
 	Listen                  string   `yaml:"listen,omitempty"`
+	WebListen               string   `yaml:"web_listen,omitempty"`
 	ConcurrentSessionsLimit int64    `yaml:"concurrent_sessions_limit,omitempty"`
 	HostKeyFiles            []string `yaml:"host_key_files,omitempty"`
 }
@@ -59,6 +60,7 @@ var (

 	DefaultServerConfig = ServerConfig{
 		Listen: "[::]:22",
+		WebListen: "localhost:9122",
 		ConcurrentSessionsLimit: 10,
 		HostKeyFiles: []string{
 			"/run/secrets/ssh-hostkeys/ssh_host_rsa_key",