Chiebot-Mirror
/
data-plane-api
mirror of https://github.com/envoyproxy/data-plane-api.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

docs: access log and misc fixes (#301)

Browse Source 
Signed-off-by: Matt Klein <mklein@lyft.com>
pull/300/head
Matt Klein 7 years ago committed by GitHub
parent 5cdd72f06c
commit b227517de0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 248 additions and 211 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      api/bootstrap.proto
  2. 5
      api/eds.proto
  3. 86
      api/filter/accesslog/accesslog.proto
  4. 181
      docs/root/api-v1/access_log.rst
  5. 1
      docs/root/api-v1/api.rst
  6. 176
      docs/root/configuration/access_log.rst
  7. 3
      docs/root/configuration/http_conn_man/headers.rst
  8. 2
      docs/root/intro/version_history.rst

5
api/bootstrap.proto
Unescape View File

@ -103,9 +103,8 @@ message ClusterManager {
BindConfig upstream_bind_config = 3;
// A management server endpoint to stream load stats to via
// :ref:`StreamLoadStats <envoy_api_msg_LoadStatsRequest>`. This must have
// :ref:`api_type <envoy_api_field_ApiConfigSource.api_type>` :ref:`GRPC
// <envoy_api_enum_value_ApiConfigSource.ApiType.GRPC>`.
// *StreamLoadStats*. This must have :ref:`api_type <envoy_api_field_ApiConfigSource.api_type>`
// :ref:`GRPC <envoy_api_enum_value_ApiConfigSource.ApiType.GRPC>`.
ApiConfigSource load_stats_config = 4;
}

5
api/eds.proto
Unescape View File

@ -137,6 +137,7 @@ message LocalityLbEndpoints {
uint32 priority = 5;
}
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message EndpointLoadMetricStats {
// Name of the metric; may be empty.
string metric_name = 1;
@ -153,6 +154,7 @@ message EndpointLoadMetricStats {
// defined by
// :ref:`LoadStatsResponse.load_reporting_interval<envoy_api_field_LoadStatsResponse.load_reporting_interval>`.
// Stats per upstream region/zone and optionally per subzone.
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message UpstreamLocalityStats {
// Name of zone, region and optionally endpoint group these metrics were
// collected from. Zone and region names could be empty if unknown.
@ -199,6 +201,7 @@ message UpstreamLocalityStats {
// Per cluster load stats. Envoy reports these stats a management server in a
// :ref:`LoadStatsRequest<envoy_api_msg_LoadStatsRequest>`
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message ClusterStats {
// The name of the cluster.
string cluster_name = 1 [(validate.rules).string.min_bytes = 1];
@ -222,6 +225,7 @@ message ClusterStats {
}
// A load report Envoy sends to the management server.
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message LoadStatsRequest {
// Node identifier for Envoy instance.
Node node = 1;
@ -264,6 +268,7 @@ message ClusterLoadAssignment {
// The management server sends envoy a LoadStatsResponse with all clusters it
// is interested in learning load stats about.
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message LoadStatsResponse {
// Clusters to report stats for.
repeated string clusters = 1 [(validate.rules).repeated.min_items = 1];

86
api/filter/accesslog/accesslog.proto
Unescape View File

@ -13,7 +13,6 @@ import "google/protobuf/wrappers.proto";
import "validate/validate.proto";
// [#protodoc-title: Common access log types]
// [#proto-status: draft]
// Envoy access logs describe incoming interaction with Envoy over a fixed
// period of time, and typically cover a single request/response exchange,
// (e.g. HTTP), stream (e.g. over HTTP/gRPC), or proxied connection (e.g. TCP).
@ -25,6 +24,8 @@ import "validate/validate.proto";
// in their name.
// Defines fields that are shared by all Envoy access logs.
// [#proto-status: draft]
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message AccessLogCommon {
// This field indicates the rate at which this log entry was sampled.
// Valid range is (0.0, 1.0].
@ -73,6 +74,7 @@ message AccessLogCommon {
}
// [#proto-status: draft]
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
// Flags indicating occurences during request/response processing.
message ResponseFlags {
// Indicates local server healthcheck failed.
@ -113,6 +115,7 @@ message ResponseFlags {
}
// [#proto-status: draft]
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
// Properties of a negotiated TLS connection.
message TLSProperties {
enum TLSVersion {
@ -137,12 +140,14 @@ message TLSProperties {
}
// [#proto-status: draft]
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message TCPAccessLogEntry {
// Common properties shared by all Envoy access logs.
AccessLogCommon common_properties = 1;
}
// [#proto-status: draft]
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message HTTPRequestProperties {
// The request method (RFC 7231/2616).
RequestMethod request_method = 1;
@ -196,6 +201,7 @@ message HTTPRequestProperties {
}
// [#proto-status: draft]
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message HTTPResponseProperties {
// The HTTP response code returned by Envoy.
google.protobuf.UInt32Value response_code = 1;
@ -217,6 +223,7 @@ message HTTPResponseProperties {
}
// [#proto-status: draft]
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message HTTPAccessLogEntry {
// Common properties shared by all Envoy access logs.
AccessLogCommon common_properties = 1;
@ -237,14 +244,18 @@ message HTTPAccessLogEntry {
HTTPResponseProperties response = 4;
}
// Filter on some integer comparison.
// Filter on an integer comparison.
message ComparisonFilter {
// Comparison operator.
enum Op {
// =
EQ = 0;
// >=
GE = 1;
}
Op op = 1;
// Comparison operator.
Op op = 1 [(validate.rules).enum.defined_only = true];
// Value to compare against.
RuntimeUInt32 value = 2;
@ -252,80 +263,91 @@ message ComparisonFilter {
// Filters on HTTP response/status code.
message StatusCodeFilter {
ComparisonFilter comparison = 1;
// Comparison.
ComparisonFilter comparison = 1 [(validate.rules).message.required = true];
}
// Filters on total request duration in milliseconds.
message DurationFilter {
ComparisonFilter comparison = 1;
// Comparison.
ComparisonFilter comparison = 1 [(validate.rules).message.required = true];
}
// Filters for requests that are not health check requests. A health check
// request is marked by the health check filter.
message NotHealthCheckFilter {
}
message NotHealthCheckFilter {}
// Filters for requests that are traceable. See the tracing overview for more
// information on how a request becomes traceable.
message TraceableFilter {
}
message TraceableFilter {}
// Filters for random sampling of requests. Sampling pivots on the header
// x-request-id being present. If x-request-id is present, the filter will
// consistently sample across multiple hosts based on the runtime key value and
// the value extracted from x-request-id. If it is missing, the filter will
// randomly sample based on the runtime key value.
// :ref:`x-request-id<config_http_conn_man_headers_x-request-id>` being present. If
// :ref:`x-request-id<config_http_conn_man_headers_x-request-id>` is present, the filter will
// consistently sample across multiple hosts based on the runtime key value and the value extracted
// from :ref:`x-request-id<config_http_conn_man_headers_x-request-id>`. If it is missing, the
// filter will randomly sample based on the runtime key value.
message RuntimeFilter {
// Runtime key to get the percentage of requests to be sampled. This runtime
// control is specified in the range 0-100 and defaults to 0.
string runtime_key = 1;
string runtime_key = 1 [(validate.rules).string.min_bytes = 1];
}
// Performs a logical and operation on the result of each filter in filters.
// Filters are evaluated sequentially and if one of them returns false, the
// filter returns false immediately.
message AndFilter {
repeated AccessLogFilter filters = 1;
repeated AccessLogFilter filters = 1 [(validate.rules).repeated.min_items = 2];
}
// Performs a logical or operation on the result of each individual filter.
// Filters are evaluated sequentially and if one of them returns true, the
// filter returns true immediately.
message OrFilter {
repeated AccessLogFilter filters = 2;
repeated AccessLogFilter filters = 2 [(validate.rules).repeated.min_items = 2];
}
message AccessLogFilter {
oneof filter_specifier {
option (validate.required) = true;
// Status code filter.
StatusCodeFilter status_code_filter = 1;
// Duration filter.
DurationFilter duration_filter = 2;
// Not health check filter.
NotHealthCheckFilter not_health_check_filter = 3;
// Traceable filter.
TraceableFilter traceable_filter = 4;
// Runtime filter.
RuntimeFilter runtime_filter = 5;
// And filter.
AndFilter and_filter = 6;
// Or filter.
OrFilter or_filter = 7;
}
}
// Custom configuration for an AccessLog that writes log entries directly to a file.
// Configures the built-in "envoy.file_access_log" AccessLog.
// Configures the built-in *envoy.file_access_log* AccessLog.
message FileAccessLog {
// A path to a local file to which to write the access log entries.
string path = 1;
// [V2-API-DIFF] In addition to the existing format specifiers, the following
// additional specifiers will be available:
// %TLS_SNI_HOSTNAME%: SNI from handshake.
// %TLS_VERSION%: Possible values include: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3.
// %TLS_CIPHER_SUITE%: Cipher suite negotiated during the TLS handshake. The
// value is four hex digits defined by the IANA TLS Cipher Suite Registry,
// e.g. 009C for TLS_RSA_WITH_AES_128_GCM_SHA256.
// TODO(htuch): Document how envoy.http_connection_manager.access_log values
// can be accessed in the format specifier.
string path = 1 [(validate.rules).string.min_bytes = 1];
// Access log format. Envoy supports :ref:`custom access log formats
// <config_access_log_format>` as well as a :ref:`default format
// <config_access_log_default_format>`.
string format = 2;
}
// Configuration for the built-in "envoy.grpc_access_log" access log type.
// [#not-implemented-hide:]
message AccessLogServiceConfig {
// The friendly name of the access log to be returned in StreamAccessLogsMessage.Identifier. This
// allows the access log server to differentiate between different access logs coming from the
@ -338,6 +360,7 @@ message AccessLogServiceConfig {
}
// [#proto-status: experimental]
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
// Stream message for the StreamAccessLogs API. Envoy will open a stream to the server and stream
// access logs without ever expecting a response.
message StreamAccessLogsMessage {
@ -372,6 +395,7 @@ message StreamAccessLogsMessage {
}
// Empty response for the StreamAccessLogs API. Will never be sent. See below.
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs.
message StreamAccessLogsResponse {}
// Service for streaming access logs from Envoy to an access log server.
@ -391,7 +415,6 @@ message AccessLog {
// The name of the access log implementation to instantiate. The name must
// match a statically registered access log. Current built-in loggers include:
// 1) "envoy.file_access_log"
// 2) "envoy.grpc_access_log"
string name = 1;
// Filter which is used to determine if the access log needs to be written.
@ -399,7 +422,6 @@ message AccessLog {
// Custom configuration that depends on the access log being instantiated. built-in configurations
// include:
// 1) "envoy.file_access_log": FileAccessLog
// 2) "envoy.grpc_access_log": AccessLogServiceConfig
// 1) "envoy.file_access_log": :ref:`FileAccessLog <envoy_api_msg_filter.accesslog.FileAccessLog>`
google.protobuf.Struct config = 3;
}

181
docs/root/api-v1/access_log.rst
Unescape View File

@ -0,0 +1,181 @@
.. _config_access_log_v1:
Access logging
==============
Configuration
-------------
.. code-block:: json
{
"access_log": [
{
"path": "...",
"format": "...",
"filter": "{...}",
},
]
}
.. _config_access_log_path_param:
path
*(required, string)* Path the access log is written to.
.. _config_access_log_format_param:
format
*(optional, string)* Access log format. Envoy supports :ref:`custom access log formats
<config_access_log_format>` as well as a :ref:`default format
<config_access_log_default_format>`.
.. _config_access_log_filter_param:
filter
*(optional, object)* :ref:`Filter <config_http_con_manager_access_log_filters_v1>` which is used
to determine if the access log needs to be written.
.. _config_http_con_manager_access_log_filters_v1:
Filters
-------
Envoy supports the following access log filters:
.. contents::
:local:
Status code
^^^^^^^^^^^
.. code-block:: json
{
"filter": {
"type": "status_code",
"op": "...",
"value": "...",
"runtime_key": "..."
}
}
Filters on HTTP response/status code.
op
*(required, string)* Comparison operator. Currently *>=* and *=* are the only supported operators.
value
*(required, integer)* Default value to compare against if runtime value is not available.
runtime_key
*(optional, string)* Runtime key to get value for comparision. This value is used if defined.
Duration
^^^^^^^^
.. code-block:: json
{
"filter": {
"type": "duration",
"op": "..",
"value": "...",
"runtime_key": "..."
}
}
Filters on total request duration in milliseconds.
op
*(required, string)* Comparison operator. Currently *>=* and *=* are the only supported operators.
value
*(required, integer)* Default value to compare against if runtime values is not available.
runtime_key
*(optional, string)* Runtime key to get value for comparision. This value is used if defined.
Not health check
^^^^^^^^^^^^^^^^
.. code-block:: json
{
"filter": {
"type": "not_healthcheck"
}
}
Filters for requests that are not health check requests. A health check request is marked by
the :ref:`health check filter <config_http_filters_health_check>`.
Traceable
^^^^^^^^^
.. code-block:: json
{
"filter": {
"type": "traceable_request"
}
}
Filters for requests that are traceable. See the :ref:`tracing overview <arch_overview_tracing>` for
more information on how a request becomes traceable.
.. _config_http_con_manager_access_log_filters_runtime_v1:
Runtime
^^^^^^^^^
.. code-block:: json
{
"filter": {
"type": "runtime",
"key" : "..."
}
}
Filters for random sampling of requests. Sampling pivots on the header
:ref:`x-request-id<config_http_conn_man_headers_x-request-id>` being present. If
:ref:`x-request-id<config_http_conn_man_headers_x-request-id>` is present, the filter will
consistently sample across multiple hosts based on the runtime key value and the value extracted
from :ref:`x-request-id<config_http_conn_man_headers_x-request-id>`. If it is missing, the
filter will randomly sample based on the runtime key value.
key
*(required, string)* Runtime key to get the percentage of requests to be sampled.
This runtime control is specified in the range 0-100 and defaults to 0.
And
^^^
.. code-block:: json
{
"filter": {
"type": "logical_and",
"filters": []
}
}
Performs a logical "and" operation on the result of each filter in *filters*. Filters are evaluated
sequentially and if one of them returns false, the filter returns false immediately.
Or
^^
.. code-block:: json
{
"filter": {
"type": "logical_or",
"filters": []
}
}
Performs a logical "or" operation on the result of each individual filter. Filters are evaluated
sequentially and if one of them returns true, the filter returns true immediately.

1
docs/root/api-v1/api.rst
Unescape View File

@ -10,6 +10,7 @@ v1 API reference
route_config/route_config
http_filters/http_filters
cluster_manager/cluster_manager
access_log
admin
rate_limit
runtime

176
docs/root/configuration/access_log.rst
Unescape View File

@ -9,35 +9,8 @@ Configuration
Access logs are configured as part of the :ref:`HTTP connection manager config
<config_http_conn_man>` or :ref:`TCP Proxy <config_network_filters_tcp_proxy>`.
.. code-block:: json
{
"access_log": [
{
"path": "...",
"format": "...",
"filter": "{...}",
},
]
}
.. _config_access_log_path_param:
path
*(required, string)* Path the access log is written to.
.. _config_access_log_format_param:
format
*(optional, string)* Access log format. Envoy supports :ref:`custom access log formats
<config_access_log_format>` as well as a :ref:`default format
<config_access_log_default_format>`.
.. _config_access_log_filter_param:
filter
*(optional, object)* :ref:`Filter <config_http_con_manager_access_log_filters>` which is used to
determine if the access log needs to be written.
* :ref:`v1 API reference <config_access_log_v1>`
* :ref:`v2 API reference <envoy_api_msg_filter.accesslog.AccessLog>`
.. _config_access_log_format:
@ -147,7 +120,6 @@ The following command operators are supported:
TCP
Not implemented ("-").
.. _config_access_log_default_format:
Default format
@ -168,147 +140,3 @@ Example of the default Envoy access log format:
[2016-04-15T20:17:00.310Z] "POST /api/v1/locations HTTP/2" 204 - 154 0 226 100 "10.0.35.28"
"nsq2http" "cc21d9b0-cf5c-432b-8c7e-98aeb7988cd2" "locations" "tcp://10.0.2.1:80"
.. _config_http_con_manager_access_log_filters:
Filters
-------
Envoy supports the following access log filters:
.. contents::
:local:
Status code
^^^^^^^^^^^
.. code-block:: json
{
"filter": {
"type": "status_code",
"op": "...",
"value": "...",
"runtime_key": "..."
}
}
Filters on HTTP response/status code.
op
*(required, string)* Comparison operator. Currently *>=* and *=* are the only supported operators.
value
*(required, integer)* Default value to compare against if runtime value is not available.
runtime_key
*(optional, string)* Runtime key to get value for comparision. This value is used if defined.
Duration
^^^^^^^^
.. code-block:: json
{
"filter": {
"type": "duration",
"op": "..",
"value": "...",
"runtime_key": "..."
}
}
Filters on total request duration in milliseconds.
op
*(required, string)* Comparison operator. Currently *>=* and *=* are the only supported operators.
value
*(required, integer)* Default value to compare against if runtime values is not available.
runtime_key
*(optional, string)* Runtime key to get value for comparision. This value is used if defined.
Not health check
^^^^^^^^^^^^^^^^
.. code-block:: json
{
"filter": {
"type": "not_healthcheck"
}
}
Filters for requests that are not health check requests. A health check request is marked by
the :ref:`health check filter <config_http_filters_health_check>`.
Traceable
^^^^^^^^^
.. code-block:: json
{
"filter": {
"type": "traceable_request"
}
}
Filters for requests that are traceable. See the :ref:`tracing overview <arch_overview_tracing>` for
more information on how a request becomes traceable.
.. _config_http_con_manager_access_log_filters_runtime:
Runtime
^^^^^^^^^
.. code-block:: json
{
"filter": {
"type": "runtime",
"key" : "..."
}
}
Filters for random sampling of requests. Sampling pivots on the header
:ref:`x-request-id<config_http_conn_man_headers_x-request-id>` being present. If
:ref:`x-request-id<config_http_conn_man_headers_x-request-id>` is present, the filter will
consistently sample across multiple hosts based on the runtime key value and the value extracted
from :ref:`x-request-id<config_http_conn_man_headers_x-request-id>`. If it is missing, the
filter will randomly sample based on the runtime key value.
key
*(required, string)* Runtime key to get the percentage of requests to be sampled.
This runtime control is specified in the range 0-100 and defaults to 0.
And
^^^
.. code-block:: json
{
"filter": {
"type": "logical_and",
"filters": []
}
}
Performs a logical "and" operation on the result of each filter in *filters*. Filters are evaluated
sequentially and if one of them returns false, the filter returns false immediately.
Or
^^
.. code-block:: json
{
"filter": {
"type": "logical_or",
"filters": []
}
}
Performs a logical "or" operation on the result of each individual filter. Filters are evaluated
sequentially and if one of them returns true, the filter returns true immediately.

3
docs/root/configuration/http_conn_man/headers.rst
Unescape View File

@ -204,7 +204,8 @@ is out of scope for this documentation. If *x-request-id* is propagated across a
following features are available:
* Stable :ref:`access logging <config_access_log>` via the
:ref:`runtime filter<config_http_con_manager_access_log_filters_runtime>`.
:ref:`v1 API runtime filter<config_http_con_manager_access_log_filters_runtime_v1>` or the
:ref:`v2 API runtime filter<envoy_api_field_filter.accesslog.AccessLogFilter.runtime_filter>`.
* Stable tracing when performing random sampling via the :ref:`tracing.random_sampling
<config_http_conn_man_runtime_random_sampling>` runtime setting or via forced tracing using the
:ref:`config_http_conn_man_headers_x-envoy-force-trace` and

2
docs/root/intro/version_history.rst
Unescape View File

@ -136,7 +136,7 @@ Version history
* :ref:`Auto host rewrite <config_http_conn_man_route_table_route_auto_host_rewrite>` during HTTP
routing.
* :ref:`Regex header matching <config_http_conn_man_route_table_route_headers>` during HTTP routing.
* HTTP access log :ref:`runtime filter <config_http_con_manager_access_log_filters_runtime>`.
* HTTP access log :ref:`runtime filter <config_http_con_manager_access_log_filters_runtime_v1>`.
* LightStep tracer :ref:`parent/child span association <arch_overview_tracing>`.
* :ref:`Route discovery service (RDS) API <config_http_conn_man_rds>`.
* HTTP router :ref:`x-envoy-upstream-rq-timeout-alt-response header

Write Preview
Loading…
Cancel
Save