Measure proxy churn for both proxy pools

Cecylia Bocovichrequested to merge
cohosh/snowflake:issue/40494 into main

Implement the collection of proxy churn metrics for both the unrestricted and regular proxy pools.

I started by reverting !173 (merged), which removed proxy churn metrics from the broker, and then added a series of commits adjust the previous implementation for the specifics of this experiment, update parts that needed updating, and improve the security of the data collection. Each change is isolated and documented in its own commit.

Related: #40494

Deployment plan

The deployment plan is similar to #40151 (closed), with a few updates as the Snowflake broker deployment details have changed since #40349 (closed).

The broker.service file will have this updated ExecStart configuration:

ExecStart=%S/broker/broker --metrics-log metrics.log --bridge-list-path bridge_list.json --allowed-relay-pattern snowflake.torproject.net$ --disable-tls --geoipdb /usr/share/tor/geoip --geoip6db /usr/share/tor/geoip6 --addr 127.0.0.1:8080 --ip-count-prefix metrics-ip --ip-count-interval 1h

which will put metrics-ip-restricted.log and metrics-ip-unrestricted.log in /home/webapp/.config/broker/ alongside metrics.log.

Note that we won't have the problem described in #40161 (closed) because we are generating and keeping the HMAC key in memory with cohosh/snowflake@6ba0a90d.

I'll plan to restart the broker with the change and new service file soon after metrics are published for the day. I'd like to have these changes running for at least 2 weeks, uninterrupted.

Analysis plan

My plan is to produce a plot similar to the proxy churn figure in the Snowflake paper, one for each proxy pool. I'll also reproduce the same figure with both pools added together so that we can compare it to the measurements we collected in early 2023.

Things to look at

In particular, I'd like someone to check that

  • my concurrency safety fix was reasonable, this is necessary since !574 (merged)
  • my code to generate the HMAC key in cohosh/snowflake@6ba0a90d looks solid
  • this experiment is justified by the motivation given in #40494
  • we can combine the two hyperloglogplus files to calculate total proxy churn counts
Edited by Cecylia Bocovich

Merge request reports