时间戳

首页 > 解决方案 > 在 istio 中为 envoy 启用 http 标头日志记录

logging - 在 istio 中为 envoy 启用 http 标头日志记录

问题描述

我希望能够在我的服务网格上捕获(记录)(至少一些)envoy的 HTTP 标头。istio

我已经浏览了envoy's docs,并且在日志级别'部分中,它没有提到任何特定于标题的信息。

目前,我的istio-proxy日志是这样的(这是来自stern输出):

mysvc-69c46fbc75-d9v8j istio-proxy {"bytes_sent":"124","upstream_cluster":"inbound|80|http|mysvc.default.svc.cluster.local","downstream_remote_address":"10.11.11.1:0","authority":"some.url.com","path":"/health?source=dd_cluster_agent","protocol":"HTTP/1.1","upstream_service_time":"1","upstream_local_address":"127.0.0.1:40406","duration":"2","upstream_transport_failure_reason":"-","route_name":"default","downstream_local_address":"10.11.32.32:20000","user_agent":"Datadog Agent/7.24.0","response_code":"200","response_flags":"-","start_time":"2021-01-17T18:54:57.449Z","method":"GET","request_id":"61ae63c7-aa10-911b-9562-939kdhd49ddhj","upstream_host":"127.0.0.1:20000","x_forwarded_for":"10.16.32.1","requested_server_name":"outbound_.80_.mysvc_.faros.default.svc.cluster.local","bytes_received":"0","istio_policy_status":"-"}

有没有办法记录http标题?(最好是其中一些,以控制日志记录成本)

edit1按照评论中的建议,我检查了我的istio-operator资源,发现访问日志似乎已启用

    meshConfig:
      accessLogEncoding: JSON
      accessLogFile: /dev/stdout

edit2我还尝试了以下方法:

curl -i -H "Custom-Header: application/json" https://my.url.net

但在istio-ingressgateway我没有看到我的自定义标题的日志中

istio-ingressgateway-58f69d8696-rmpwn istio-proxy {"user_agent":"curl/7.64.1","response_code":"200","response_flags":"-","start_time":"2021-01-18T19:02:48.645Z","method":"GET","request_id":"8e32c93c-484d-9c56-9489-8c5392793d97","upstream_host":"10.16.32.55:20000","x_forwarded_for":"10.16.32.1","requested_server_name":"my.url.net","bytes_received":"0","istio_policy_status":"-","bytes_sent":"124","upstream_cluster":"outbound|80||mysvc.default.svc.cluster.local","downstream_remote_address":"10.16.32.1:52804","authority":"my.url.net","path":"/","protocol":"HTTP/2","upstream_service_time":"9","upstream_local_address":"10.16.32.17:49826","duration":"10","upstream_transport_failure_reason":"-","route_name":"-","downstream_local_address":"10.16.32.17:8443"}

标签: loggingkuberneteshttp-headersistioenvoyproxy

解决方案

我想我已经成功地复制了您的问题,并且能够MY_CUSTOM_HEADER在入口网关日志中打印。

我的 istio 入口网关日志中有一部分。

[2021-01-20T08:26:18.587Z] pkarambol GET /productpage HTTP/1.1 200

我使用了以下 curl 命令:

curl -v -H "MY_CUSTOM_HEADER: pkarambol" xx.xxx.xx.xxx/productpage

为此,您必须更改日志的默认格式。如文档中所述,您可以使用它meshConfig.accessLogFormat来更改它。

有一个我使用过的Istio Operator示例。

%REQ(MY_CUSTOM_HEADER)%是负责显示自定义标题的部分。

apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
metadata:
  namespace: istio-system
  name: example-istiocontrolplane
spec:
  profile: demo
  meshConfig:
    accessLogFile: /dev/stdout
    accessLogFormat: "[%START_TIME%] %REQ(MY_CUSTOM_HEADER)% %REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%
%RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION%
%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% %REQ(X-FORWARDED-FOR)% %REQ(USER-AGENT)%
%REQ(X-REQUEST-ID)% %REQ(:AUTHORITY)% %UPSTREAM_HOST%\n"

推荐阅读