Power DNS Recursor

Supported OS Linux Windows Mac OS

통합 버전4.1.0

개요

PowerDNS Recursor의 성능을 추적하고 비정상적인 트래픽을 모니터링하세요. 이 Agent 점검은 다음을 포함하여 Recursor에서 다양한 메트릭을 수집합니다.

  • 쿼리 답변 시간-1밀리초 미만, 10밀리초, 100밀리초, 1초 또는 1초보다 긴 응답이 몇 개인지 확인합니다.
  • 쿼리 시간 초과.
  • 캐시 히트 및 미스.
  • 유형별 답변률: SRVFAIL, NXDOMAIN, NOERROR.
  • 무시되거나 드롭된 패킷.

이외에 다수가 있습니다.

설정

설치

PowerDNS Recursor 점검은 Datadog Agent 패키지에 포함되어 있으므로 다른 것을 설치할 필요가 없습니다.

구성

PowerDNS 준비

이 점검은 PowerDNS Recursor의 통계 API를 사용하여 성능 통계를 수집합니다. 4.1 이전의 pdns_recursor 버전은 기본적으로 통계 API를 활성화하지 않습니다. 이전 버전을 실행 중인 경우 다음을 recursor 구성 파일에 추가하여 활성화합니다(예: /etc/powerdns/recursor.conf).

webserver=yes
api-key=changeme             # v4.0 이상만 사용 가능
webserver-readonly=yes       # 기본값 no
#webserver-port=8081         # 기본값 8082
#webserver-address=0.0.0.0   # 기본값 127.0.0.1

pdns_recursor 3.x를 실행하는 경우 다음 옵션 이름 앞에 experimental-을 추가합니다 (예: experimental-webserver=yes).

pdns_recursor 4.1 이상이라면 api-key를 설정하기만 하면 됩니다.

통계 API를 활성화하려면 recursor를 다시 시작합니다.

    호스트

    호스트에서 실행 중인 에이전트에 대해 이 점검을 구성하려면:

    1. Agent 구성 디렉토리 루트의 conf.d/ 폴더에 있는 powerdns_recursor.d/conf.yaml 파일을 편집합니다. 사용 가능한 모든 구성 옵션은 샘플 powerdns_recursor.d/conf.yaml을 참조하세요:

      init_config:

instances:
  ## @param host - string - required
  ## Host running the recursor.
  #
  - host: 127.0.0.1

    ## @param port - integer - required
    ## Recursor web server port.
    #
    port: 8082

    ## @param api_key - string - required
    ## Recursor web server api key.
    #
    api_key: "<POWERDNS_API_KEY>"

    ## @param version - integer - required - default: 3
    ## Version 3 or 4 of PowerDNS Recursor to connect to.
    ## The PowerDNS Recursor in v4 has a production ready web server that allows for
    ## statistics gathering. In version 3.x the server was marked as experimental.
    ##
    ## As the server was marked as experimental in version 3 many of the metrics have
    ## changed names and the API structure (paths) have also changed. With these changes
    ## there has been a need to separate the two concerns. The check now has a key value
    ## version: which if set to version 4 queries with the correct API path on the
    ## non-experimental web server.
    ##
    ## https://doc.powerdns.com/md/httpapi/api_spec/#url-apiv1serversserver95idstatistics
    #
    version: 3

    2. 에이전트를 재시작하세요.

    로그 수집

    1. Datadog Agent에서는 로그 수집이 기본적으로 비활성화되어 있습니다. datadog.yaml 파일에서 활성화해야 합니다.

      logs_enabled: true

    2. 다음을 실행해 systemd-journal 그룹에 dd-agent 사용자를 추가하세요.

      usermod -a -G systemd-journal dd-agent

    3. PowerDNS Recursor 로그 수집을 시작하려면 이 구성 블록을 powerdns_recursor.d/conf.yaml 파일에 추가하세요.

      logs:
  - type: journald
    source: powerdns

      사용 가능한 모든 구성 옵션은 샘플 powerdns_recursor.d/conf.yaml을 참조하세요.

    4. 에이전트를 재시작하세요.

    컨테이너화

    컨테이너화된 환경의 경우 자동탐지 통합 템플릿에 다음 파라미터를 적용하는 방법이 안내되어 있습니다.

    파라미터
    <INTEGRATION_NAME>powerdns_recursor
    <INIT_CONFIG>비어 있음 또는 {}
    <INSTANCE_CONFIG>{"host":"%%host%%", "port":8082, "api_key":"<POWERDNS_API_KEY>", "version": 3}
    로그 수집

    Datadog Agent에서 로그 수집은 기본값으로 비활성화되어 있습니다. 이를 활성화하려면 쿠버네티스(Kubernetes) 로그 수집을 참조하세요.

    파라미터
    <LOG_CONFIG>{"source": "powerdns"}

    검증

    Agent의 status 하위 명령을 실행하고 Checks 섹션에서 powerdns_recursor를 찾습니다.

    수집한 데이터

    메트릭

    powerdns.recursor.all_outqueries
    (gauge)    		The number of outgoing udp queries per second
    Shown as query
    powerdns.recursor.answers0_1
    (gauge)    		Number of queries per second answered within 1 millisecond
    Shown as query
    powerdns.recursor.answers100_1000
    (gauge)    		Number of queries per second answered within 1 second
    Shown as query
    powerdns.recursor.answers10_100
    (gauge)    		Number of queries per second answered within 100 milliseconds
    Shown as query
    powerdns.recursor.answers1_10
    (gauge)    		Number of queries per second answered within 10 milliseconds
    Shown as query
    powerdns.recursor.answers_slow
    (gauge)    		Number of queries per second NOT answered within 1 second
    Shown as query
    powerdns.recursor.auth4_answers0_1
    (gauge)    		Number of queries per second answered by auth4s within 1 millisecond; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.auth4_answers100_1000
    (gauge)    		Number of queries per second answered by auth4s within 1 second; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.auth4_answers10_100
    (gauge)    		Number of queries per second answered by auth4s within 100 milliseconds; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.auth4_answers1_10
    (gauge)    		Number of queries per second answered by auth4s within 10 milliseconds; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.auth4_answers_slow
    (gauge)    		Number of queries per second NOT answered by auth4s within 1 second; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.auth6_answers0_1
    (gauge)    		Number of queries per second answered by auth6s within 1 millisecond; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.auth6_answers100_1000
    (gauge)    		Number of queries per second answered by auth6s within 1 second; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.auth6_answers10_100
    (gauge)    		Number of queries per second answered by auth6s within 100 milliseconds; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.auth6_answers1_10
    (gauge)    		Number of queries per second answered by auth6s within 10 milliseconds; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.auth6_answers_slow
    (gauge)    		Number of queries per second NOT answered by auth6s within 1 second; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.cache_entries
    (gauge)    		The number of entries in the cache
    Shown as entry
    powerdns.recursor.cache_hits
    (gauge)    		The number of cache hits per second
    Shown as hit
    powerdns.recursor.cache_misses
    (gauge)    		The number of cache misses per second
    Shown as miss
    powerdns.recursor.case_mismatches
    (gauge)    		The number of mismatches in character case per second
    Shown as error
    powerdns.recursor.chain_resends
    (gauge)    		The number of queries per second chained to existing outstanding query
    Shown as query
    powerdns.recursor.client_parse_errors
    (gauge)    		The number of unparsable packets per second
    Shown as error
    powerdns.recursor.concurrent_queries
    (gauge)    		The number of MThreads currently running
    Shown as query
    powerdns.recursor.dlg_only_drops
    (gauge)    		The number of records dropped per second because of 'delegation only' setting; Available since pdns_recursor v4.x
    Shown as record
    powerdns.recursor.dnssec_queries
    (gauge)    		The number of queries received per second with the DO bit set; Available since pdns_recursor v4.x
    Shown as record
    powerdns.recursor.dnssec_result_bogus
    (gauge)    		The number of DNSSEC validations per second that had the Bogus state; Available since pdns_recursor v4.x
    powerdns.recursor.dnssec_result_indeterminate
    (gauge)    		The number of DNSSEC validations per second that had the Indeterminate state; Available since pdns_recursor v4.x
    powerdns.recursor.dnssec_result_insecure
    (gauge)    		The number of DNSSEC validations per second that had the Insecure state; Available since pdns_recursor v4.x
    powerdns.recursor.dnssec_result_nta
    (gauge)    		The number of DNSSEC validations per second that had the NTA (negative trust anchor) state; Available since pdns_recursor v4.x
    powerdns.recursor.dnssec_result_secure
    (gauge)    		The number of DNSSEC validations per second that had the Secure state; Available since pdns_recursor v4.x
    powerdns.recursor.dnssec_validations
    (gauge)    		The number of DNSSEC validations performed per second; Available since pdns_recursor v4.x
    powerdns.recursor.dont_outqueries
    (gauge)    		The number of outgoing queries dropped per second because of 'dont query' setting
    Shown as query
    powerdns.recursor.edns_ping_matches
    (gauge)    		The number of servers per second that sent a valid EDNS PING response; Available since pdns_recursor v4.x
    Shown as host
    powerdns.recursor.edns_ping_mismatches
    (gauge)    		The number of servers per second that sent an invalid EDNS PING response; Available since pdns_recursor v4.x
    Shown as host
    powerdns.recursor.failed_host_entries
    (gauge)    		The number of servers that failed to resolve
    Shown as host
    powerdns.recursor.ignored_packets
    (gauge)    		The number of non-query packets received per second on server sockets that should only get queries; Available since pdns_recursor v4.x
    Shown as packet
    powerdns.recursor.ipv6_outqueries
    (gauge)    		The number of outgoing queries per second over IPv6
    powerdns.recursor.ipv6_questions
    (gauge)    		The number of end-user-initiated IPv6 UDP queries with the RD bit set
    Shown as query
    powerdns.recursor.max_mthread_stack
    (gauge)    		The maximum amount of thread stack ever used
    powerdns.recursor.negcache_entries
    (gauge)    		The number of entries in the negative answer cache
    Shown as entry
    powerdns.recursor.no_error_packets
    (gauge)    		The number of erroneous packets received per second; Available since pdns_recursor v4.x
    Shown as packet
    powerdns.recursor.noedns_outqueries
    (gauge)    		The number of queries per second sent without EDNS; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.noerror_answers
    (gauge)    		The number of NOERROR answers per second
    Shown as operation
    powerdns.recursor.noping_outqueries
    (gauge)    		The number of queries per second sent without EDNS PING; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.nsset_invalidations
    (gauge)    		The number of times per second an nsset was dropped because it no longer worked; Available since pdns_recursor v4.x
    powerdns.recursor.nsspeeds_entries
    (gauge)    		The number of entries in the NS speeds map; Available since pdns_recursor v4.x
    Shown as entry
    powerdns.recursor.nxdomain_answers
    (gauge)    		The number of NXDOMAIN answers per second
    Shown as response
    powerdns.recursor.outgoing4_timeouts
    (gauge)    		The number of timeouts per second for outgoing UDP IPv4 queries; Available since pdns_recursor v4.x
    Shown as timeout
    powerdns.recursor.outgoing6_timeouts
    (gauge)    		The number of timeouts per second for outgoing UDP IPv6 queries; Available since pdns_recursor v4.x
    Shown as timeout
    powerdns.recursor.outgoing_timeouts
    (gauge)    		The number of outgoing UDP query timeouts per second
    Shown as timeout
    powerdns.recursor.over_capacity_drops
    (gauge)    		The number of questions per second dropped due to having reached concurrent query limit
    Shown as query
    powerdns.recursor.packetcache_entries
    (gauge)    		The number of entries in the packet cache
    Shown as entry
    powerdns.recursor.packetcache_hits
    (gauge)    		The number of packet cache hits per second
    Shown as hit
    powerdns.recursor.packetcache_misses
    (gauge)    		The number of packet cache misses per second
    Shown as miss
    powerdns.recursor.policy_drops
    (gauge)    		The number of packets dropped per second because of Lua policy decision
    Shown as packet
    powerdns.recursor.policy_result_custom
    (gauge)    		The number of packets per second that were sent a custom answer by the RPZ/filter engine; Available since pdns_recursor v4.x
    Shown as packet
    powerdns.recursor.policy_result_drop
    (gauge)    		The number of packets per second dropped by the RPZ/filter engine; Available since pdns_recursor v4.x
    Shown as packet
    powerdns.recursor.policy_result_noaction
    (gauge)    		The number of packets per second that were not actioned upon by the RPZ/filter engine; Available since pdns_recursor v4.x
    Shown as packet
    powerdns.recursor.policy_result_nodata
    (gauge)    		The number of packets per second that were replied to with NODATA by the RPZ/filter engine; Available since pdns_recursor v4.x
    Shown as packet
    powerdns.recursor.policy_result_nxdomain
    (gauge)    		The number of packets per second that were replied to with NXDOMAIN by the RPZ/filter engine; Available since pdns_recursor v4.x
    Shown as packet
    powerdns.recursor.policy_result_truncate
    (gauge)    		The number of packets per second that were forced to TCP by the RPZ/filter engine; Available since pdns_recursor v4.x
    Shown as packet
    powerdns.recursor.qa_latency
    (gauge)    		The average latency in microseconds exponentially weighted over past 'latency-statistic-size' packets
    Shown as microsecond
    powerdns.recursor.questions
    (gauge)    		The number of user initiated udp queries per second
    Shown as operation
    powerdns.recursor.real_memory_usage
    (gauge)    		The amount of memory consumed by PowerDNS in bytes; Available since pdns_recursor v4.x
    Shown as byte
    powerdns.recursor.resource_limits
    (gauge)    		The number of queries per second that could not be performed due to resource limits; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.server_parse_errors
    (gauge)    		The number of server replied packets per second that could not be parsed
    Shown as error
    powerdns.recursor.servfail_answers
    (gauge)    		The number of SERVFAIL answers per second
    Shown as response
    powerdns.recursor.spoof_prevents
    (gauge)    		The number of times per second PowerDNS considers itself spoofed and drops data
    powerdns.recursor.sys_msec
    (gauge)    		The number of CPU milliseconds spent in 'system' mode
    Shown as millisecond
    powerdns.recursor.tcp_client_overflow
    (gauge)    		The number of outgoing queries dropped per second because of 'dont query' setting
    Shown as query
    powerdns.recursor.tcp_clients
    (gauge)    		The number of active TCP/IP clients per second
    powerdns.recursor.tcp_outqueries
    (gauge)    		The number of outgoing TCP queries per second
    Shown as operation
    powerdns.recursor.tcp_questions
    (gauge)    		The number of incoming tcp queries per second
    Shown as operation
    powerdns.recursor.throttle_entries
    (gauge)    		The number of entries in the throttle map
    Shown as entry
    powerdns.recursor.throttled_out
    (gauge)    		The number of throttled outgoing UDP queries per second
    Shown as operation
    powerdns.recursor.too_old_drops
    (gauge)    		The number of questions per second that were dropped because they were too old; Available since pdns_recursor v4.x
    Shown as query
    powerdns.recursor.udp_in_errors
    (gauge)    		The number of packets per second that were received faster than the OS could process them; Available since pdns_recursor v4.x
    Shown as packet
    powerdns.recursor.udp_noport_errors
    (gauge)    		The number of UDP packets per second where an ICMP response was received saying the remote port was not listening; Available since pdns_recursor v4.x
    Shown as packet
    powerdns.recursor.udp_recvbuf_errors
    (gauge)    		The number of errors per second caused in the UDP receive buffer; Available since pdns_recursor v4.x
    Shown as error
    powerdns.recursor.udp_sndbuf_errors
    (gauge)    		The number of errors per second caused in the UDP send buffer; Available since pdns_recursor v4.x
    Shown as error
    powerdns.recursor.unauthorized_tcp
    (gauge)    		The number of TCP questions denied per second because of allow-from restrictions
    Shown as operation
    powerdns.recursor.unauthorized_udp
    (gauge)    		The number of UDP questions denied per second because of allow-from restrictions
    Shown as operation
    powerdns.recursor.unexpected_packets
    (gauge)    		The number of unexpected answers per second from remote servers
    Shown as operation
    powerdns.recursor.unreachables
    (gauge)    		The number times per second nameservers were unreachable
    powerdns.recursor.uptime
    (gauge)    		The number of seconds PowerDNS has been running
    Shown as second
    powerdns.recursor.user_msec
    (gauge)    		The number of CPU milliseconds spent in 'user' mode
    Shown as millisecond

    이벤트

    PowerDNS Recursor 점검은 이벤트를 포함하지 않습니다.

    서비스 점검

    powerdns.recursor.can_connect
    Returns CRITICAL if the Agent check is unable to connect to the monitored Gearman instance. Returns OK otherwise.
    Statuses: ok, critical

    트러블슈팅

    도움이 필요하신가요? Datadog 지원팀에 문의하세요.