OpenTelemetry Tracing¶

Warning

Tracing support is considered experimental. The output, configuration, and any other details may change at any time.

Since version 2.1.0, when dnsdist is built with ProtoBuf support, sent messages (using e.g. RemoteLogResponseAction()) can contain OpenTelemetry traces data.

To enable tracing, use setOpenTelemetryTracing(true) in your configuration, or logging.open_telemetry_tracing to true in your:ref:YAML Logging Configuration <yaml-settings-LoggingConfiguration>. It is also possible to call setOpenTelemetryTracing() at runtime. Once enabled, Rules can be used to turn on tracing on a per-query basis.

Per-query tracing can be enabled using the SetTraceAction(). However, dnsdist captures some data before rules processing in order to have tracing information from before the rules are evaluated. When tracing is enabled in the query, dnsdist stores start and end times of certain (but not all) functions that are called during the lifetime of the query and the response. It is recommended to send the traces out through a RemoteLogger in ResponseRules, to capture as much information as possible.

Tracing uses more memory and CPU than usual query processing and it is recommended to enable tracing only for certain queries using specific selectors.

Example configuration¶

In this configuration, the RemoteLogger is passed directly to the SetTrace action. Doing this ensures that no matter what happens with the query (timeout, self-answered, cache-hit, dropped, answered by the backend), the trace will be sent out. When sending the trace in this way, the Protobuf message is essentially empty apart from the OpenTelemetry Trace.

logging:
  open_telemetry_tracing: true
remote_logging:
  protobuf_loggers:
    - name: pblog
      address: 127.0.0.1:5301
query_rules:
  - name: Enable tracing
    selector:
      # Just as an example, in production don't trace all the queries
      type: All
    action:
      type: SetTrace
      value: true
      remote_loggers:
        - pblog

Should you only want to receive the trace, including a fully filled Protobuf message, a RemoteLog can be used:

logging:
  open_telemetry_tracing: true
remote_logging:
  protobuf_loggers:
    - name: pblog
      address: 127.0.0.1:5301
query_rules:
  - name: Enable tracing
    selector:
      # Just as an example, in production don't trace all the queries
      type: All
    action:
      type: SetTrace
      value: true
 response_rules:
   - name: Send PB log
     selector:
       type: All
     action:
       type: RemoteLog
       logger_name: pblog
       # Delay ensures that the PB message is sent
       # after the response is sent to client, instead
       # of immediately. This ensures all Trace Spans
       # have proper end timestamps.
       delay: true

Passing Trace ID and Span ID to downstream servers¶

When storing traces, it is beneficial to correlate traces of the same query through different applications. The PowerDNS Recursor (since 5.3.0) supports the experimental TRACEPARENT EDNS option to pass the trace identifier.

This can be easily achieved by adding the send_downstream_traceparent option with the desired EDNS OptionCode.

query_rules:
  - name: Add TraceID to EDNS for backend
    selector:
      type: All
    action:
      type: SetTrace
      value: true
      send_downstream_traceparent: true

Accepting TRACEPARENT from upstream servers¶

dnsdist can also use a Trace ID and optional Span ID from an incoming query. It will not do this by default, but this can be configured with the use_incoming_traceid argument. When set to true incoming Trace and Span IDs will be used. Should there be no ID in the incoming query, a random ID will be generated.

query_rules:
  - name: Enable tracing
    selector:
      # Just as an example, in production don't trace all the queries
      type: All
    action:
      type: SetTrace
      value: true
      use_incoming_traceparent: true

As dnsdist keeps EDNS existing options in the query, the TRACEPARENT option is passed as-is to the backend, which might not be desirable. Using the strip_incoming_traceparent boolean option, the EDNS option will be removed from the query.

By default, dnsdist uses 65500 for the TRACEPARENT option code. This code can be changed using the traceparent_edns_option_code option.

Note that this will only happen when value is set to true.

Accepting and sending TRACEPARENT¶

The following example makes dnsdist accept a TRACEPARENT, and update it with its own Span ID before sending it downstream:

query_rules:
  - name: Enable tracing
    selector:
      # Just as an example, in production don't trace all the queries
      type: All
    action:
      type: SetTrace
      value: true
      send_downstream_traceparent: true
      use_incoming_traceparent: true

OpenTelemetry Tracing¶

Example configuration¶

Passing Trace ID and Span ID to downstream servers¶

Accepting TRACEPARENT from upstream servers¶

Accepting and sending TRACEPARENT¶

Previous topic

Next topic

Table of Contents

This Page