boundarylogproxy

package
v2.34.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 2, 2026 License: AGPL-3.0 Imports: 13 Imported by: 0

Documentation

Overview

Package boundarylogproxy provides a Unix socket server that receives boundary audit logs and forwards them to coderd via the agent API.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DefaultSocketPath 

func DefaultSocketPath() string

DefaultSocketPath returns the default path for the boundary audit log socket.

Types

type Metrics added in v2.32.0 

type Metrics struct {
	// contains filtered or unexported fields
}

Metrics tracks observability for the boundary -> agent -> coderd audit log pipeline.

Audit logs from boundary workspaces pass through several async buffers before reaching coderd, and any stage can silently drop data. These metrics make that loss visible so operators/devs can:

  • Bubble up data loss: a non-zero drop rate means audit logs are being lost, which may have auditing implications.
  • Identify the bottleneck: the reason label pinpoints where drops occur: boundary's internal buffers, the agent's channel, or the RPC to coderd.
  • Tune buffer sizes: sustained "buffer_full" drops indicate the agent's channel (or boundary's batch buffer) is too small for the workload. Combined with batches_forwarded_total you can compute a drop rate: drops / (drops + forwards).
  • Detect batch forwarding issues: "forward_failed" drops increase when the agent cannot reach coderd.

Drops are captured at two stages:

  • Agent-side: the agent's channel buffer overflows (reason "buffer_full") or the RPC forward to coderd fails (reason "forward_failed").
  • Boundary-reported: boundary self-reports drops via BoundaryStatus messages (reasons "boundary_channel_full", "boundary_batch_full"). These arrive on the next successful flush from boundary.

There are circumstances where metrics could be lost e.g., agent restarts, boundary crashes, or the agent shuts down when the DRPC connection is down.

type Reporter 

type Reporter interface {
	ReportBoundaryLogs(ctx context.Context, req *agentproto.ReportBoundaryLogsRequest) (*agentproto.ReportBoundaryLogsResponse, error)
}

Reporter reports boundary logs from workspaces.

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server listens on a Unix socket for boundary log messages and buffers them for forwarding to coderd. The socket server and the forwarder are decoupled: - Start() creates the socket and accepts a connection from boundary - RunForwarder() drains the buffer and sends logs to coderd via AgentAPI

func NewServer 

func NewServer(logger slog.Logger, socketPath string, registerer prometheus.Registerer) *Server

NewServer creates a new boundary log proxy server.

func (*Server) Close 

func (s *Server) Close() error

Close stops the server and blocks until resources have been cleaned up. It must be called after Start.

func (*Server) RunForwarder 

func (s *Server) RunForwarder(ctx context.Context, sender Reporter) error

RunForwarder drains the log buffer and forwards logs to coderd. It blocks until ctx is canceled.

func (*Server) Start 

func (s *Server) Start() error

Start begins listening for connections on the Unix socket, and handles new connections in a separate goroutine. Incoming logs from connections are buffered until RunForwarder drains them.

Source Files

View all Source files

Directories

Path Synopsis
Package codec implements the wire format for agent <-> boundary communication.
 Package codec implements the wire format for agent <-> boundary communication.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.