diff --git a/admin-system/wan-monitor.yaml b/admin-system/wan-monitor.yaml index 04bcfa8..ceb16f2 100644 --- a/admin-system/wan-monitor.yaml +++ b/admin-system/wan-monitor.yaml @@ -128,7 +128,7 @@ data: IRTT_PORT="${IRTT_PORT:-2112}" IPERF_PORT="${IPERF_PORT:-5201}" IRTT_INTERVAL="${IRTT_INTERVAL:-20ms}" - IRTT_DURATION="${IRTT_DURATION:-60s}" + IRTT_DURATION="${IRTT_DURATION:-60}" # seconds (numeric, for timeout math) TPUT_EVERY="${TPUT_EVERY:-900}" # seconds between throughput tests TPUT_TIME="${TPUT_TIME:-10}" # iperf3 seconds per direction IRTT_TARGET="${IRTT_TARGET:-hetzner}" @@ -146,16 +146,18 @@ data: mv "$SHARED/.metrics.tmp" "$SHARED/metrics" } - run_irtt() { # $1 condition $2 outfile $3 duration - irtt client -i "$IRTT_INTERVAL" -d "$3" -q $HMAC_OPT -o - "${HETZNER}:${IRTT_PORT}" 2>/dev/null \ + run_irtt() { # $1 condition $2 outfile $3 duration(seconds) + timeout "$(( $3 + 25 ))" irtt client -i "$IRTT_INTERVAL" -d "${3}s" -q $HMAC_OPT \ + -o - "${HETZNER}:${IRTT_PORT}" 2>/dev/null \ | python3 /scripts/irtt_to_prom.py "$1" "$IRTT_TARGET" > "$2" } run_tput() { P="${IPERF_PARALLEL:-4}" # parallel streams: a single stream can't fill 1 Gbps over the RTT - iperf3 -c "$HETZNER" -p "$IPERF_PORT" -t "$TPUT_TIME" -P "$P" -R -J 2>/dev/null \ + TO="$(( TPUT_TIME + 20 ))" + timeout "$TO" iperf3 -c "$HETZNER" -p "$IPERF_PORT" -t "$TPUT_TIME" -P "$P" --connect-timeout 5000 -R -J 2>/dev/null \ | python3 /scripts/tput_to_prom.py download "$TPUT_TARGET" > "$SHARED/.tput.prom" - iperf3 -c "$HETZNER" -p "$IPERF_PORT" -t "$TPUT_TIME" -P "$P" -J 2>/dev/null \ + timeout "$TO" iperf3 -c "$HETZNER" -p "$IPERF_PORT" -t "$TPUT_TIME" -P "$P" --connect-timeout 5000 -J 2>/dev/null \ | python3 /scripts/tput_to_prom.py upload "$TPUT_TARGET" >> "$SHARED/.tput.prom" } @@ -165,7 +167,7 @@ data: assemble now=$(date +%s) if [ $(( now - last_tput )) -ge "$TPUT_EVERY" ]; then - LOAD_DUR=$(( 2 * TPUT_TIME + 4 ))s + LOAD_DUR=$(( 2 * TPUT_TIME + 4 )) run_irtt under_load "$SHARED/.irttload.prom" "$LOAD_DUR" & # concurrent = bufferbloat LOADPID=$! run_tput @@ -204,7 +206,7 @@ spec: enableServiceLinks: false containers: - name: blackbox - image: quay.io/prometheus/blackbox-exporter:v0.25.0 + image: quay.io/prometheus/blackbox-exporter:v0.28.0 args: - --config.file=/etc/blackbox/blackbox.yml - --web.listen-address=:9115 @@ -224,11 +226,14 @@ spec: - name: wan-probe # Build + push from Dockerfile.wan-probe (adjust registry/tag to taste) - image: gitea.dooplex.hu/admin/wan-probe:0.1.0 + image: gitea.dooplex.hu/viktor/wan-probe:0.1.0 command: ["/bin/sh", "/scripts/probe-loop.sh"] env: - name: HETZNER_HOST - value: "jarrs.eu" # irtt + iperf3 server (your Hetzner box) + # MUST be the Hetzner origin: a DNS-only (grey-cloud) record or raw IP. + # NOT the Cloudflare-proxied jarrs.eu — CF only forwards HTTP/HTTPS, so + # UDP 2112 (irtt) / TCP 5201 (iperf3) never reach the origin behind it. + value: "metrics.jarrs.eu" # DNS-only A record -> Hetzner IPv4 - name: IRTT_PORT value: "2112" - name: IPERF_PORT @@ -236,7 +241,7 @@ spec: - name: IRTT_INTERVAL value: "20ms" - name: IRTT_DURATION - value: "60s" + value: "60" # seconds (numeric) - name: TPUT_EVERY value: "900" # 15 min - name: TPUT_TIME