Federated ruler proposal #4477
Federated ruler proposal #4477
Conversation
rdooley
force-pushed
the
proposal-federated-ruler
branch
from
beef98d to
0b3557c
Compare
|
@edma2 Can you check that this still meets your use case? |
docs/proposals/federated-ruler.md
Outdated
|
|
||
| #### Proposal | ||
|
|
||
| Since the current default is that a tenant should only be able to write rules against itself, we suggest a config option `ruler.allowed-federated-tenants`, a string slice of OrgIDs like `infra` or `0|1|2|3|4` which are allowed to write rules against all tenants. If a tenant `bar` attempts to create a federated rule, an error should be returned by the ruler api. Similarly an option `ruler.disallowed-federated-tenants` explicitly states a list of tenants for which federated rules are not allowed. Combining these in a `util.AllowedTenants` should allow us to quickly determine if federation is enabled or disabled for a given tenant at rule creation. |
There was a problem hiding this comment.
Passing both disallowed and allowed flags at once would be ambiguous, so Cortex should only accept one or the other.
There was a problem hiding this comment.
The current proposal is similar to the enabled/disabled tenant logic for ruler seen here
There was a problem hiding this comment.
interesting, I guess the allowlist effectively takes priority over the disallow list.
* implements the rest of the proposal cortexproject#4477 * bring in vendored prometheus rules and rulefmt code * add optional src and dest tenant fields * Block the creation of these federated rules behind a feature flag in ruler api * Original issue cortexproject#4403 * a large amount of documentation surrounding this expanded feature set is needed Signed-off-by: Rees Dooley <[email protected]>
|
I have an initial draft of the implementation here and will be updating the proposal to links with this PR instead of the old one |
|
Feedback from cortex community call, cc @pracucci |
rdooley
force-pushed
the
proposal-federated-ruler
branch
from
063540f to
a7c771d
Compare
docs/proposals/federated-ruler.md
Outdated
|
|
||
| #### Proposal | ||
|
|
||
| For composite tenants a random but consistent subtenant of the multiple tenants owning the rule is chosen using a hashmod of the series label to determine the subtenant and for single tenants owning a federated rule the resulting series is saved in the tenant which owns the rule. |
There was a problem hiding this comment.
I think I understand what you're trying to actually do with this whole work (scale out a single big tenant logically splitting it into many smaller ones) but I think what you describe in this line may not fit for the general use case of federated rules.
There was a problem hiding this comment.
Should I make a separate proposal for composite tenant support for ruler or is expanding this proposal to support federated rules and composite tenants in ruler ok? Composite tenant support shares a common element with federated rules (rules querying from multiple tenants), but is distinct.
There was a problem hiding this comment.
Going with dropping composite tenant support here
rdooley
force-pushed
the
proposal-federated-ruler
branch
from
a7c771d to
39248ef
Compare
docs/proposals/federated-ruler.md
Outdated
|
|
||
| ## Reasoning | ||
|
|
||
| There are two primary use cases for allowing federated rules which query data from multiple tenants; administration of cortex and composite tenants. |
There was a problem hiding this comment.
@rdooley have you considered putting the src_tenants on a rule group level instead of rule level?
On one hand,
- having it on group level reduces repetition between rules. I'd imagine some of the rules will likely read from or write to the same tenants, so it will make them less prone to bugs (and bugs like that can cause gaps in the rules data)
- currently in prometheus rules in a group are evaluated sequentially. So rules listed earlier in a group can be used by the rules later in the group. If one of the earlier rules has a
dest_tenant, then this invariant will be violated. This will slightly change behaviour.
On the other hand,
- having it on rule level allows for more flexibility. Otherwise, federated and non-federated rules cannot be mixed in the same group.
- it requires less changes to existing rule groups. Existing rule groups that users want to turn into federated rules can be amended simply by adding a line to a rule. In the case of group-level tenants, rules will likely need to be split up into multiple federated & non-federated groups.
I'm curious as to why you opted for having them per rule.
There was a problem hiding this comment.
Opted for making src_tenants a rule instead of group based field just for the most flexibility.
Since dest_tenant has been removed from this proposal the invariant of earlier rules' data being available for later rules still holds.
There was a problem hiding this comment.
I can see the case for having src_tenants at the rule level and the group level, and I had a weakly held opinion prioritizing flexibility.
There was a problem hiding this comment.
What about allowing src_tenants on either rule or rule group? src_tenants on a rule would by default inherit the value from the rule group, but can be overwritten per rule.
There was a problem hiding this comment.
Since my opinion is weakly held, what if we just go with on the rule group instead of per rule as that seems the preference from Dimitar and Andrea?
There was a problem hiding this comment.
That's fine with me. This was can always be expanded later to per-rule as well if/when needed.
There was a problem hiding this comment.
I'll get that updated today and also remove the composite tenant bits to scope this down further. Composite tenant support can be worked on separately later if we need it.
|
Hi @rdooley, thanks for this proposal! Federated rules is something we would really like to see in Cortex. |
I think the only thing I'm waiting for is feedback from @pracucci around composite tenant support, and of course associated reviews |
rdooley
force-pushed
the
proposal-federated-ruler
branch
from
9b84f05 to
8950adf
Compare
|
I've removed composite tenant support from this proposal in the interests of expediency and simplicity. |
|
Linter is objecting to your spelling:
|
rdooley
force-pushed
the
proposal-federated-ruler
branch
from
ded9da2 to
f10830f
Compare
|
Looks like its failing build as well, fixing |
rdooley
force-pushed
the
proposal-federated-ruler
branch
from
f10830f to
f788b7a
Compare
* unsure on the status here * cortexproject#4403 Signed-off-by: Rees Dooley <[email protected]>
Signed-off-by: Rees Dooley <[email protected]>
Signed-off-by: Rees Dooley <[email protected]>
Signed-off-by: Rees Dooley <[email protected]>
Signed-off-by: Rees Dooley <[email protected]>
Signed-off-by: Rees Dooley <[email protected]>
* switch from `_` to `-` for feature flag consistency * Consitency: use only `src_tenants` to match draft implementation Signed-off-by: Rees Dooley <[email protected]>
Signed-off-by: Rees Dooley <[email protected]>
Signed-off-by: Rees Dooley <[email protected]>
rdooley
force-pushed
the
proposal-federated-ruler
branch
from
f788b7a to
63bdfd5
Compare
docs/proposals/federated-ruler.md
Outdated
|
|
||
| As some use cases will demand that a specific federated rule, querying tenant B and C, is stored in the owning teams tenant A, an option to allow explicit assignment of source tenants for a federated rule is needed. | ||
|
|
||
| To support this we suggest an additional field `src_tenants` on the rule group containing an OrgID string e.g. `t0|t1|...|ti` which when present determines which tenants to query for the given rule. Rule group is chosen as it reduces repetition between rules. |
There was a problem hiding this comment.
Instead of a pipe separated string, you may consider having src_tenants to be an array. Looks a more robust solution to me.
Signed-off-by: Rees Dooley <[email protected]>
|
The failing integration test seems unrelated to me |
* Federated ruler proposal Signed-off-by: Rees Dooley <[email protected]> Co-authored-by: Rees Dooley <[email protected]> Signed-off-by: Alvin Lin <[email protected]>
What this PR does:
Proposes a solution to allow federated rules, rules which query data from multiple tenants
Which issue(s) this PR fixes:
Proposes a solution for #4403
Checklist
Tests updatedNADocumentation addedNACHANGELOG.mdupdated - the order of entries should be[CHANGE],[FEATURE],[ENHANCEMENT],[BUGFIX]