Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Querying Prometheus with Flux

Avatar for Paul Dix Paul Dix
August 09, 2018
Technology
1
900

Querying Prometheus with Flux

Talk given at PromCon 2018 where I introduce Flux (#fluxlang) and show how it can be used to query Prometheus servers.
Avatar for Paul Dix

Paul Dix

August 09, 2018
Tweet

More Decks by Paul Dix

See All by Paul Dix
InfluxDB IOx Project Update - 2021-02-10
Avatar for Paul Dix pauldix
0
230
InfluxDB IOx data lifecycle and object store persistence
Avatar for Paul Dix pauldix
1
610
InfluxDB 2.0 and Flux
Avatar for Paul Dix pauldix
1
710
Flux and InfluxDB 2.0
Avatar for Paul Dix pauldix
1
1.3k
Flux (#fluxlang): a new (time series) data scripting language
Avatar for Paul Dix pauldix
7
5.2k
At Scale, Everything is Hard
Avatar for Paul Dix pauldix
2
700
IFQL and the future of InfluxData
Avatar for Paul Dix pauldix
2
1.4k
Time series & monitoring with InfluxDB and the TICK stack
Avatar for Paul Dix pauldix
0
460
InfluxDB + Prometheus
Avatar for Paul Dix pauldix
2
3.2k

Other Decks in Technology

See All in Technology
Ruby on Rails の楽しみ方
Avatar for morihirok morihirok
6
3.2k
VitePress & MCPでアプリ仕様のオープン化に挑戦する
Avatar for Hal hal_spidernight
0
150
AIフレンドリーなプロダクト開発を目指して 〜MCPを橋渡しにした環境移行〜
Avatar for shinpr shinpr
0
140
OCI Full Stack Disaster Recovery サービス概要
Avatar for oracle4engineer oracle4engineer
PRO
1
130
10年もののアプリケーションを運用・開発するアプリケーションエンジニアのDatadog活用術
Avatar for miyamu miyamu
0
130
Amplifyとゼロからはじめた AIコーディング。失敗と気づき
Avatar for k.masachika mkdev10
1
180
Platform Engineering for Private Cloud
Avatar for Coté cote
PRO
1
140
SwiftUIとMetalで簡単に作るレアカード風UI
Avatar for stotic-dev stoticdev
1
110
MCP でモノが動くとおもしろい/It is interesting when things move with MCP
Avatar for 株式会社ビットキー / Bitkey Inc. bitkey
3
640
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
Avatar for Takuto Wada twada
PRO
75
21k
技術選定を突き詰める 懇親会LT
Avatar for Kaoru okaru
2
1.3k
WindowsでGenesisに挑戦した話
Avatar for Minoru Natsutani natsutan
0
120

Featured

See All Featured
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
54
13k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
368
19k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
0
49
Writing Fast Ruby
Avatar for Erik Berlin sferik
628
61k
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
41
2.6k
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
47
2.8k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
172
14k
Why Our Code Smells
Avatar for Brandon Keepers bkeepers
PRO
336
57k
Making the Leap to Tech Lead
Avatar for Ryan Cromwell cromwellryan
133
9.3k
Rebuilding a faster, lazier Slack
Avatar for samanthasiow samanthasiow
81
9k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
Avatar for Kevin Liebholz kevinliebholz
32
5.8k
BBQ
Avatar for Matthew Crist matthewcrist
88
9.6k

Transcript

  1. Querying Prometheus with Flux (#fluxlang) Paul Dix @pauldix paul@influxdata.com

  2. None

  3. • Data-scripting language • Functional • MIT Licensed • Language

    & Runtime/Engine

  4. Prometheus users: so what?

  5. High availability?

  6. Sharded Data?

  7. Federation?

  8. None
  9. None
  10. None
  11. None

  12. subqueries

  13. None

  14. subqueries recording rules

  15. Ad hoc exporation

  16. None

  17. Focus is Strength

  18. Saying No is an Asset

  19. None

  20. Liberate the silo!

  21. None

  22. Language Elements

  23. // get all data from the telegraf db from(db:"telegraf") //

    filter that by the last hour |> range(start:-1h) // filter further by series with a specific measurement and field |> filter(fn: (r) => r._measurement == "cpu" and r._field == "usage_system")

  24. // get all data from the telegraf db from(db:"telegraf") //

    filter that by the last hour |> range(start:-1h) // filter further by series with a specific measurement and field |> filter(fn: (r) => r._measurement == "cpu" and r._field == "usage_system") Comments

  25. // get all data from the telegraf db from(db:"telegraf") //

    filter that by the last hour |> range(start:-1h) // filter further by series with a specific measurement and field |> filter(fn: (r) => r._measurement == "cpu" and r._field == "usage_system") Functions

  26. // get all data from the telegraf db from(db:"telegraf") //

    filter that by the last hour |> range(start:-1h) // filter further by series with a specific measurement and field |> filter(fn: r => r._measurement == "cpu" and r._field == "usage_system") Pipe forward operator

  27. // get all data from the telegraf db from(db:"telegraf") //

    filter that by the last hour |> range(start:-1h) // filter further by series with a specific measurement and field |> filter(fn: (r) => r._measurement == "cpu" and r._field == "usage_system") Named Arguments

  28. // get all data from the telegraf db from(db:"telegraf") //

    filter that by the last hour |> range(start:-1h) // filter further by series with a specific measurement and field |> filter(fn: (r) => r._measurement == "cpu" and r._field == "usage_system") String Literal

  29. // get all data from the telegraf db from(db:"telegraf") //

    filter that by the last hour |> range(start:-1h) // filter further by series with a specific measurement and field |> filter(fn: (r) => r._measurement == "cpu" and r._field == "usage_system") Duration Literal (relative time)

  30. // get all data from the telegraf db from(db:"telegraf") //

    filter that by the last hour |> range(start:”2018-08-09T14:00:00Z“) // filter further by series with a specific measurement and field |> filter(fn: (r) => r._measurement == "cpu" and r._field == "usage_system") Time Literal

  31. // get all data from the telegraf db from(db:"telegraf") //

    filter that by the last hour |> range(start:-1h) // filter further by series with a specific measurement and field |> filter(fn: (r) => r._measurement == "cpu" and r._field == "usage_system") Anonymous Function

  32. Operators + == != ( ) - < !~ [

    ] * > =~ { } / <= = , : % >= <- . |>

  33. Types • int • uint • float64 • string •

    duration • time • regex • array • object • function • namespace • table • table stream

  34. Ways to run Flux - (interpreter, fluxd api server, InfluxDB

    1.7 & 2.0)

  35. Flux builder in Chronograf

  36. Flux builder in Grafana

  37. Flux is about:

  38. Time series in Prometheus

  39. None
  40. None

  41. // get data from Prometheus on http://localhost:9090 fromProm(query:`node_cpu_seconds_total{cpu=“0”,mode=“idle”}`) // filter

    that by the last minute |> range(start:-1m)
  42. None
  43. None
  44. None
  45. None
  46. None
  47. None
  48. None

  49. Multiple time series in Prometheus

  50. fromProm(query: `node_cpu_seconds_total{cpu=“0”,mode=~”idle|user”}`) |> range(start:-1m) |> keep(columns: [“name”, “cpu”, “host”, “mode”,

    “_value”, “_time”])
  51. None
  52. None
  53. None
  54. None
  55. None

  56. Tables are the base unit

  57. Not tied to a specific data model/schema

  58. Filter function

  59. fromProm() |> range(start:-1m) |> filter(fn: (r) => r.__name__ == “node_cpu_seconds_total”

    and r.mode == “idle” and r.cpu == “0”) |> keep(columns: [“name”, “cpu”, “host”, “mode”, “_value”, “_time”])
  60. None
  61. None
  62. None
  63. None

  64. fromProm() |> range(start:-1m) |> filter(fn: (r) => r.__name__ == “node_cpu_seconds_total”

    and r.mode in [“idle”, “user”] and r.cpu == “0”) |> keep(columns: [“name”, “cpu”, “host”, “mode”, “_value”, “_time”])
  65. None
  66. None
  67. None

  68. Aggregate functions

  69. fromProm() |> range(start:-30s) |> filter(fn: (r) => r.__name__ == “node_cpu_seconds_total”

    and r.mode == “idle” and r.cpu =~ /0|1/) |> count() |> keep(columns: [“name”, “cpu”, “host”, “mode”, “_value”, “_time”])
  70. None
  71. None
  72. None
  73. None
  74. None
  75. None

  76. _start and _stop are about windows of data

  77. fromProm(query: `node_cpu_seconds_total{cpu=“0”,mode=“idle”}` |> range(start: -1m)

  78. None

  79. fromProm(query: `node_cpu_seconds_total{cpu=“0”,mode=“idle”}` |> range(start: -1m) |> window(every: 20s)

  80. None

  81. fromProm(query: `node_cpu_seconds_total{cpu=“0”,mode=“idle”}` |> range(start: -1m) |> window(every: 20s)j |> min()

  82. None

  83. fromProm(query: `node_cpu_seconds_total{cpu=“0”,mode=“idle”}` |> range(start: -1m) |> window(every: 20s)j |> min()

    |> window(every:inf)
  84. None

  85. Window converts N tables to M tables based on time

    boundaries

  86. Group converts N tables to M tables based on values

  87. fromProm(query: `node_cpu_seconds_total{cpu=~“0|1”,mode=“idle”}`) |> range(start: -1m)

  88. None

  89. fromProm(query: `node_cpu_seconds_total{cpu=~“0|1”,mode=“idle”}`) |> range(start: -1m) |> group(columns: [“__name__”, “mode”])

  90. None
  91. None
  92. None

  93. Nested range vectors fromProm(host:”http://localhost:9090") |> filter(fn: (r) => r.__name__ ==

    "node_disk_written_bytes_total") |> range(start:-1h) // transform into non-negative derivative values |> derivative() // break those out into tables for each 10 minute block of time |> window(every:10m) // get the max rate of change in each 10 minute window |> max() // and put everything back into a single table |> window(every:inf) // and now let’s convert to KB |> map(fn: (r) => r._value / 1024.0)

  94. Multiple Servers dc1 = fromProm(host:”http://prom.dc1.local:9090") |> filter(fn: (r) => r.__name__

    == “node_network_receive_bytes_total”) |> range(start:-1h) |> insertGroupKey(key: “dc”, value: “1”) dc2 = fromProm(host:”http://prom.dc2.local:9090") |> filter(fn: (r) => r.__name__ == “node_network_receive_bytes_total”) |> range(start:-1h) |> insertGroupKey(key: “dc”, value: “2”) dc1 |> union(streams: [dc2]) |> limit(n: 2) |> derivative() |> group(columns: [“dc”]) |> sum()

  95. Work with data from many sources • from() // influx

    • fromProm() • fromMySQL() • fromCSV() • fromS3() • …

  96. Defining Functions fromProm(query: `node_cpu_seconds_total{cpu=“0”,mode=“idle”}` |> range(start: -1m) |> window(every: 20s)j

    |> min() |> window(every:inf)

  97. Defining Functions windowAgg = (every, fn, <-stream) => { return

    stream |> window(every: every) |> fn() |> window(every:inf) } fromProm(query: `node_cpu_seconds_total{cpu=“0”,mode=“idle”}` |> range(start: -1m) |> windowAgg(every:20s, fn: min)

  98. Packages & Namespaces package “flux-helpers” windowAgg = (every, fn, <-stream)

    => { return stream |> window(every: every) |> fn() |> window(every:inf) } // in a new script import helpers “github.com/pauldix/flux-helpers" fromProm(query: `node_cpu_seconds_total{cpu=“0”,mode=“idle”}` |> range(start: -1m) |> helpers.windowAgg(every:20s, fn: min)

  99. Project Status • Everything in this talk is prototype (as

    of 2018-08-09) • Proposed Final Language Spec • Release flux, fluxd, InfluxDB 1.7, InfluxDB 2.0 alpha • Iterate with community to finalize spec • Optimizations! • https://github.com/influxdata/flux

  100. Future work

  101. More complex Flux compilations to PromQL?

  102. PromQL parser for Flux engine?

  103. Add Flux into Prometheus?

  104. Arrow API for Prometheus

  105. Apache Arrow

  106. Stream from Prometheus

  107. Pushdown matcher and range

  108. Later pushdown more?

  109. Standardized Remote Read API?

  110. Arrow is becoming the lingua franca in data science and

    big data

  111. fromProm(query: `{__name__=~/node_.*/}`) |> range(start:-1h) |> toCSV(file: “node-data.csv”) |> toFeather(file: “node-data.feather”)

  112. Much more work to be done…

  113. Prometheus + Flux = Possibilities

  114. Thank you Paul Dix @pauldix paul@influxdata.com