feat(metrics): add operation counters, deletion duration, resume type label, and abnormal state detection

[KeyOfSpectator]

What this PR does

Enhance Prometheus metrics across Controller and Manager layers with operation counters, deletion latency tracking, phase/condition mismatch detection, and cardinality-optimized label design to prevent time series explosion in production.

Changes

Label Cardinality Strategy

All Histogram and Counter metrics use only namespace as the dynamic label (no per-sandbox name) to prevent cardinality explosion. Only Gauge metrics that require per-sandbox granularity retain the name label.

Controller Layer — New Metrics

Metric	Type	Labels	Purpose
sandbox_creation_total	Counter	namespace, result	Track creation success/failure rate
sandbox_pause_total	Counter	namespace, result	Track pause operation completions
sandbox_resume_total	Counter	namespace, result	Track resume operation completions
sandbox_deletion_duration_seconds	Histogram	namespace	Measure deletion latency distribution
sandbox_status_abnormal	Gauge	namespace, name, type	Detect phase/condition stuck states

Controller Layer — Existing Metrics Enhanced

Metric	Change
sandbox_creation_duration_seconds	Histogram → HistogramVec (namespace only)
sandbox_inplace_update_duration_seconds	Histogram → HistogramVec (namespace only)
sandbox_pause_duration_seconds	Histogram → HistogramVec (namespace only)
sandbox_resume_duration_seconds	Histogram → HistogramVec (namespace only)

SandboxSet Layer

Metric	Type	Labels	Purpose
sandboxset_sandboxes_created_total	Counter	namespace	Track sandbox creation by set
sandboxset_sandboxes_claimed_total	Counter	namespace	Track consumption speed

SandboxClaim Layer

Metric	Type	Labels	Purpose
sandboxset_claims_total	Counter	namespace, result	Track claim operations
sandboxclaim_expired_total	Counter	namespace	Track TTL expiration deletions

Manager Layer

All metrics upgraded from plain Histogram/Counter to Vec with namespace label:

• Duration histograms: sandbox_resume/delete/claim/clone_duration_seconds, sandbox_claim_retries
• Counters: sandbox_claim_creation_responses, sandbox_claim_total, sandbox_clone_total, sandbox_pause/resume/delete_responses
• Route sync: sandbox_route_sync_duration_seconds, sandbox_route_sync_total

E2B Layer

• sandbox_snapshot_duration_seconds — Histogram with namespace label
• sandbox_snapshot_total — Counter with namespace, result labels

Key Design Decisions

• Cardinality optimization: Histogram and Counter use namespace-only to avoid O(n) series per sandbox. Gauge retains name for per-instance stuck detection.
• Operation counters co-located with duration observations via extended recordConditionDuration() (optional counter parameter)
• Deletion duration observed at cleanup time using time.Since(DeletionTimestamp)
• Abnormal state detection covers pause_incomplete and resume_incomplete types
• ConstLabel source distinguishes controller (k8s) vs manager (e2b) origin

How to verify

go test ./pkg/controller/sandbox/ ./pkg/controller/sandboxset/ ./pkg/controller/sandboxclaim/... ./pkg/sandbox-manager/ -count=1 -timeout 120s

[kruise-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign furykerry for approval by writing /assign @furykerry in a comment. For more information see:The Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov]

Codecov Report

❌ Patch coverage is 98.86364% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 75.43%. Comparing base (edaad73) to head (6010f41).
⚠️ Report is 5 commits behind head on master.

Files with missing lines	Patch %	Lines
pkg/sandbox-manager/api.go	95.65%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #336      +/-   ##
==========================================
+ Coverage   74.65%   75.43%   +0.77%     
==========================================
  Files         141      142       +1     
  Lines        9836     9907      +71     
==========================================
+ Hits         7343     7473     +130     
+ Misses       2183     2127      -56     
+ Partials      310      307       -3     

Flag	Coverage Δ
unittests	75.43% <98.86%> (+0.77%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[furykerry]

we can get namespace from the template or Checkpoint, consider refactor HasTemplate/HasCheckpoint to GetTemplate/GetCheckpoint and return the template/checkpoint object. Consider modify CreateSandbox to save the namespace in the context

[furykerry]

plz also remove name label

[furykerry]

remove no-ops func?

[furykerry]

can we delete sandboxStatusAbnormal metrics if sandbox becomes healthy again. i think we should only keep abnormal metrics

[furykerry]

for sandboxSetSandboxesCreatedTotal and sandboxSetSandboxesClaimedTotal, we can add sandboxset name as label, the number of sandboxset is much less than sandbox and sandboxclaims

[furykerry]

is it possible to merge this file to pkg/sandboxlcaim/metrics.go?

[kruise-bot]

@KeyOfSpectator: PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.