Skip to content

feat: add dnsdist metrics #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
cc-datum wants to merge 19 commits into
base: main
Choose a base branch
from
Open

feat: add dnsdist metrics #6

cc-datum wants to merge 19 commits into from
+2,479 −7

Conversation

@cc-datum
Copy link

@cc-datum cc-datum commented Nov 25, 2025
edited
Loading

Summary

This PR wires DNS observability into the pdns-auth StatefulSet by fronting PDNS with dnsdist and emitting dnstap streams to two agents:

  • dns-collector sidecar: consumes dnstap on :6000, applies its built-in normalizers/latency/suspicious detection, and forwards JSON to Vector.
  • vector agent: consumes dns-collector JSON on :6001 (socket source), lightly normalizes labels via VRL, and exposes Prometheus metrics (queries/responses/latency/cache/NXDOMAIN/SERVFAIL/DNSSEC).

An optional lightweight monitoring stack (Prometheus + Loki + Grafana with dashboards) is provided under config/monitoring to visualize the metrics/logs.

Motivation

We already reconcile DNSZone/DNSRecordSet into PDNS via the API, but we need end-to-end visibility of real DNS traffic.
The goal is to capture, enrich, and ship dnstap events to Telemetry & Observability backends.

High-level architecture

flowchart LR
  subgraph System["dns-agent-system namespace"]
    subgraph StatefulSet["pdns-auth StatefulSet"]
      DNSDIST["dnsdist<br/>:53"]
      PDNS["PDNS Auth<br/>:5300"]
      COLLECTOR["dns-collector<br/>:6000→Vector"]
      VECTOR["vector agent<br/>:6001/:9598"]
    end
    SERVICE["Service pdns-auth<br/>:53 + vector metrics"]
  end

  subgraph Monitoring["monitoring"]
    PROM["Prometheus"]
    LOKI["Loki"]
    GRAF["Grafana"]
  end

  CLIENT["DNS clients"] -->|DNS 53| SERVICE --> DNSDIST -->|DNS 5300| PDNS
  DNSDIST -->|dnstap 6000 JSON| COLLECTOR -->|dnstap JSON 6001| VECTOR
  DNSDIST -->|metrics| PROM 
  COLLECTOR -->|metrics| PROM
  VECTOR -->|metrics| PROM
  VECTOR -.->|optionally send logs| LOKI
  PROM --> GRAF
  LOKI --> GRAF
Loading

Grafana Dashboard

Screenshot 2025-12-05 at 6 41 59 p m

Fixes #17

@cc-datum cc-datum changed the title feat: add dnsdist and dnscollector feat: add dnsdist metrics Dec 6, 2025
@cc-datum cc-datum requested a review from zachsmith1 December 8, 2025 18:00
@drewr drewr moved this from Backlog to In review in Eng - Datum 1.0 Dec 10, 2025
@cc-datum cc-datum mentioned this pull request Jan 12, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zachsmith1 zachsmith1 Awaiting requested review from zachsmith1

Assignees

@cc-datum cc-datum

Labels

None yet

Projects

Eng - Datum 1.0
Status: In review

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

DNS per zone metrics with DNSDist

2 participants

@cc-datum