Add ability to customize upstream and stream log format
This commit is contained in:
Giancarlo Rubio
parent
fb8e2d7373
commit
0ca3aef0f5
4 changed files with 72 additions and 11 deletions
|
|
@ -21,6 +21,7 @@ import (
|
||||||
|
|
||||||
"github.com/golang/glog"
|
"github.com/golang/glog"
|
||||||
|
|
||||||
|
"fmt"
|
||||||
"k8s.io/ingress/core/pkg/ingress"
|
"k8s.io/ingress/core/pkg/ingress"
|
||||||
"k8s.io/ingress/core/pkg/ingress/defaults"
|
"k8s.io/ingress/core/pkg/ingress/defaults"
|
||||||
)
|
)
|
||||||
|
|
@ -46,6 +47,10 @@ const (
|
||||||
|
|
||||||
gzipTypes = "application/atom+xml application/javascript application/x-javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/svg+xml image/x-icon text/css text/plain text/x-component"
|
gzipTypes = "application/atom+xml application/javascript application/x-javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/svg+xml image/x-icon text/css text/plain text/x-component"
|
||||||
|
|
||||||
|
logFormatUpstream = "'%v - [$proxy_add_x_forwarded_for] - $remote_user [$time_local] \"$request\" $status $body_bytes_sent \"$http_referer\" \"$http_user_agent\" $request_length $request_time [$proxy_upstream_name] $upstream_addr $upstream_response_length $upstream_response_time $upstream_status'"
|
||||||
|
|
||||||
|
logFormatStream = "'$remote_addr [$time_local] $protocol [$ssl_preread_server_name] [$stream_upstream] $status $bytes_sent $bytes_received $session_time'"
|
||||||
|
|
||||||
// http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_buffer_size
|
// http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_buffer_size
|
||||||
// Sets the size of the buffer used for sending data.
|
// Sets the size of the buffer used for sending data.
|
||||||
// 4k helps NGINX to improve TLS Time To First Byte (TTTFB)
|
// 4k helps NGINX to improve TLS Time To First Byte (TTTFB)
|
||||||
|
|
@ -143,6 +148,14 @@ type Configuration struct {
|
||||||
// Default: 4 8k
|
// Default: 4 8k
|
||||||
LargeClientHeaderBuffers string `json:"large-client-header-buffers"`
|
LargeClientHeaderBuffers string `json:"large-client-header-buffers"`
|
||||||
|
|
||||||
|
// Customize upstream log_format
|
||||||
|
// http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format
|
||||||
|
LogFormatUpstream string `json:"log-format-upstream,omitempty"`
|
||||||
|
|
||||||
|
// Customize stream log_format
|
||||||
|
// http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format
|
||||||
|
LogFormatStream string `json:"log-format-stream,omitempty"`
|
||||||
|
|
||||||
// Maximum number of simultaneous connections that can be opened by each worker process
|
// Maximum number of simultaneous connections that can be opened by each worker process
|
||||||
// http://nginx.org/en/docs/ngx_core_module.html#worker_connections
|
// http://nginx.org/en/docs/ngx_core_module.html#worker_connections
|
||||||
MaxWorkerConnections int `json:"max-worker-connections,omitempty"`
|
MaxWorkerConnections int `json:"max-worker-connections,omitempty"`
|
||||||
|
|
@ -250,6 +263,8 @@ func NewDefault() Configuration {
|
||||||
GzipTypes: gzipTypes,
|
GzipTypes: gzipTypes,
|
||||||
KeepAlive: 75,
|
KeepAlive: 75,
|
||||||
LargeClientHeaderBuffers: "4 8k",
|
LargeClientHeaderBuffers: "4 8k",
|
||||||
|
LogFormatStream: logFormatStream,
|
||||||
|
LogFormatUpstream: BuildLogFormatUpstream(false),
|
||||||
MaxWorkerConnections: 16384,
|
MaxWorkerConnections: 16384,
|
||||||
MapHashBucketSize: 64,
|
MapHashBucketSize: 64,
|
||||||
ProxyRealIPCIDR: defIPCIDR,
|
ProxyRealIPCIDR: defIPCIDR,
|
||||||
|
|
@ -291,6 +306,15 @@ func NewDefault() Configuration {
|
||||||
return cfg
|
return cfg
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// BuildLogFormatUpstream format the log_format upstream based on proxy_protocol
|
||||||
|
func BuildLogFormatUpstream(useProxyProtocol bool) string {
|
||||||
|
|
||||||
|
if useProxyProtocol {
|
||||||
|
return fmt.Sprintf(logFormatUpstream, "$proxy_protocol_addr")
|
||||||
|
}
|
||||||
|
return fmt.Sprintf(logFormatUpstream, "$remote_addr")
|
||||||
|
}
|
||||||
|
|
||||||
// TemplateConfig contains the nginx configuration to render the file nginx.conf
|
// TemplateConfig contains the nginx configuration to render the file nginx.conf
|
||||||
type TemplateConfig struct {
|
type TemplateConfig struct {
|
||||||
ProxySetHeaders map[string]string
|
ProxySetHeaders map[string]string
|
||||||
|
|
|
||||||
27
controllers/nginx/pkg/config/config_test.go
Normal file
27
controllers/nginx/pkg/config/config_test.go
Normal file
|
|
@ -0,0 +1,27 @@
|
||||||
|
package config
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"testing"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestBuildLogFormatUpstream(t *testing.T) {
|
||||||
|
|
||||||
|
testCases := []struct {
|
||||||
|
useProxyProtocol bool // use proxy protocol
|
||||||
|
expected string
|
||||||
|
}{
|
||||||
|
{true, fmt.Sprintf(logFormatUpstream, "$proxy_protocol_addr")},
|
||||||
|
{false, fmt.Sprintf(logFormatUpstream, "$remote_addr")},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, testCase := range testCases {
|
||||||
|
|
||||||
|
result := BuildLogFormatUpstream(testCase.useProxyProtocol)
|
||||||
|
|
||||||
|
if result != testCase.expected {
|
||||||
|
t.Errorf(" expected %v but return %v", testCase.expected, result)
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -31,6 +31,7 @@ import (
|
||||||
"github.com/golang/glog"
|
"github.com/golang/glog"
|
||||||
|
|
||||||
"k8s.io/ingress/controllers/nginx/pkg/config"
|
"k8s.io/ingress/controllers/nginx/pkg/config"
|
||||||
|
nginxconfig "k8s.io/ingress/controllers/nginx/pkg/config"
|
||||||
"k8s.io/ingress/core/pkg/ingress"
|
"k8s.io/ingress/core/pkg/ingress"
|
||||||
ing_net "k8s.io/ingress/core/pkg/net"
|
ing_net "k8s.io/ingress/core/pkg/net"
|
||||||
"k8s.io/ingress/core/pkg/watch"
|
"k8s.io/ingress/core/pkg/watch"
|
||||||
|
|
@ -134,12 +135,12 @@ var (
|
||||||
"buildSSLPassthroughUpstreams": buildSSLPassthroughUpstreams,
|
"buildSSLPassthroughUpstreams": buildSSLPassthroughUpstreams,
|
||||||
"buildResolvers": buildResolvers,
|
"buildResolvers": buildResolvers,
|
||||||
"isLocationAllowed": isLocationAllowed,
|
"isLocationAllowed": isLocationAllowed,
|
||||||
|
"buildLogFormatUpstream": buildLogFormatUpstream,
|
||||||
"contains": strings.Contains,
|
"contains": strings.Contains,
|
||||||
"hasPrefix": strings.HasPrefix,
|
"hasPrefix": strings.HasPrefix,
|
||||||
"hasSuffix": strings.HasSuffix,
|
"hasSuffix": strings.HasSuffix,
|
||||||
"toUpper": strings.ToUpper,
|
"toUpper": strings.ToUpper,
|
||||||
"toLower": strings.ToLower,
|
"toLower": strings.ToLower,
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -227,6 +228,17 @@ func buildAuthLocation(input interface{}) string {
|
||||||
return fmt.Sprintf("/_external-auth-%v", str)
|
return fmt.Sprintf("/_external-auth-%v", str)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func buildLogFormatUpstream(input interface{}) string {
|
||||||
|
config, ok := input.(config.Configuration)
|
||||||
|
|
||||||
|
if !ok {
|
||||||
|
glog.Errorf("error an ingress.buildLogFormatUpstream type but %T was returned", input)
|
||||||
|
}
|
||||||
|
|
||||||
|
return nginxconfig.BuildLogFormatUpstream(config.UseProxyProtocol)
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
// buildProxyPass produces the proxy pass string, if the ingress has redirects
|
// buildProxyPass produces the proxy pass string, if the ingress has redirects
|
||||||
// (specified through the ingress.kubernetes.io/rewrite-to annotation)
|
// (specified through the ingress.kubernetes.io/rewrite-to annotation)
|
||||||
// If the annotation ingress.kubernetes.io/add-base-url:"true" is specified it will
|
// If the annotation ingress.kubernetes.io/add-base-url:"true" is specified it will
|
||||||
|
|
|
||||||
|
|
@ -77,11 +77,9 @@ http {
|
||||||
gzip_proxied any;
|
gzip_proxied any;
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
server_tokens {{ if $cfg.ShowServerTokens }}on{{ else }}off{{ end }};
|
server_tokens {{ if $cfg.ShowServerTokens }}on{{ else }}off{{ end }};
|
||||||
|
|
||||||
log_format upstreaminfo '{{ if $cfg.UseProxyProtocol }}$proxy_protocol_addr{{ else }}$remote_addr{{ end }} - '
|
log_format upstreaminfo {{ buildLogFormatUpstream $cfg }};
|
||||||
'[$proxy_add_x_forwarded_for] - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" '
|
|
||||||
'$request_length $request_time [$proxy_upstream_name] $upstream_addr $upstream_response_length $upstream_response_time $upstream_status';
|
|
||||||
|
|
||||||
{{/* map urls that should not appear in access.log */}}
|
{{/* map urls that should not appear in access.log */}}
|
||||||
{{/* http://nginx.org/en/docs/http/ngx_http_log_module.html#access_log */}}
|
{{/* http://nginx.org/en/docs/http/ngx_http_log_module.html#access_log */}}
|
||||||
|
|
@ -448,7 +446,7 @@ stream {
|
||||||
default nginx-ssl-backend;
|
default nginx-ssl-backend;
|
||||||
}
|
}
|
||||||
|
|
||||||
log_format log_stream '$remote_addr [$time_local] $protocol [$ssl_preread_server_name] [$stream_upstream] $status $bytes_sent $bytes_received $session_time';
|
log_format log_stream {{ $cfg.LogFormatStream }};
|
||||||
|
|
||||||
{{ if $cfg.DisableAccessLog }}
|
{{ if $cfg.DisableAccessLog }}
|
||||||
access_log off;
|
access_log off;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue