1什么是accesslog
accesslog即访问日志,是用来记录用户访问行为的一种日志。envoy的accesslog可以配置tcp,http的访问日志。配置点有listener,HttpConnectionManager,route,tcp_proxy等。
2accesslog有哪些扩展类型
•envoy.access_loggers.file文件类型的accesslog sink可以是具体文件路径或stdout stderror•envoy.access_loggers.http_grpc用于als,记录http请求的log•envoy.access_loggers.open_telemetryOpenTelemetry (gRPC) Access Log•envoy.access_loggers.stream stdout和stderror的日志•envoy.access_loggers.tcp_grpc用于als记录tcp请求的log•envoy.access_loggers.wasmwasm作为sink
3gRPC Access Log Service
access log service是一种通过grpc协议获取用户访问日志的服务,可以在istio cm中进行统一配置。比较有名的als实现有skywalking。skywalking获取als日志后,会进行分析,可以获取一些关键指标。
4配置
{"name": "...",名称"filter": "{...}",过滤配置"typed_config": "{...}"具体配置}
filter:
{"status_code_filter": "{...}",状态码过滤"duration_filter": "{...}",时间过滤"not_health_check_filter": "{...}",不健康过滤"traceable_filter": "{...}",可跟中过滤"runtime_filter": "{...}",运行时过滤"and_filter": "{...}",与过滤"or_filter": "{...}",或过滤"header_filter": "{...}",头过滤"response_flag_filter": "{...}",响应flag过滤"grpc_status_filter": "{...}",grpc状态过滤"extension_filter": "{...}",扩展过滤"metadata_filter": "{...}"元数据过滤}
typed_config:
extensions.access_loggers.file.v3.FileAccessLog:
{"path": "...",日志路径"format": "...",废弃"json_format": "{...}",废弃"typed_json_format": "{...}",废弃"log_format": "{...}"日志格式}
log_format:
{"text_format": "...",文本格式"json_format": "{...}",json格式"text_format_source": "{...}",指定test格式的来源"omit_empty_values": "...",是否去除空内容"content_type": "...",内容类型,默认text/plain for text_format and application/json for json_format"formatters": []}
formatters :
•envoy.formatter.metadata显示元数据
%METADATA(TYPE:NAMESPACE:KEY):Z%
type:
•DYNAMIC•CLUSTER•ROUTE•envoy.formatter.req_without_query
%REQ_WITHOUT_QUERY(X?Y):Z%
extensions.access_loggers.open_telemetry.v3.OpenTelemetryAccessLogConfig:
{"common_config": "{...}",grpc配置"body": "{...}",体"attributes": "{...}"属性}
common_config:
{"log_name": "...",名称"grpc_service": "{...}",配置grpc服务"transport_api_version": "...",api版本"buffer_flush_interval": "{...}",缓存刷新频率,默认1s"buffer_size_bytes": "{...}",缓存大小,默认16384"filter_state_objects_to_log": []记录state 对象}
grpc_service:
{"envoy_grpc": "{...}",enovy类型grpc客户端"google_grpc": "{...}",google类型grpc客户端"timeout": "{...}",超时时间"initial_metadata": []传给grpc的额外的元数据}
extensions.access_loggers.stream.v3.StdoutAccessLog:
{"log_format": "{...}"日志格式}
log_format:
{"text_format": "...",文本格式"json_format": "{...}",json格式"text_format_source": "{...}",指定test格式的来源"omit_empty_values": "...",是否去除空内容"content_type": "...",内容类型,默认text/plain for text_format and application/json for json_format"formatters": []}
extensions.access_loggers.stream.v3.StderrAccessLog:
{"log_format": "{...}"}
{"text_format": "...",文本格式"json_format": "{...}",json格式"text_format_source": "{...}",指定test格式的来源"omit_empty_values": "...",是否去除空内容"content_type": "...",内容类型,默认text/plain for text_format and application/json for json_format"formatters": []}
extensions.access_loggers.wasm.v3.WasmAccessLog:
{"config": "{...}"wasm配置}
config:
{"name": "...",唯一的名字"root_id": "...",唯一的id"vm_config": "{...}",vm配置"configuration": "{...}",配置"fail_open": "...",发生错误时是返回503,还是跳过"capability_restriction_config": "{...}"配置能力}
vm_config:
{"vm_id": "...",vm id,id相同vm相同"runtime": "...",运行时"code": "{...}",代码"configuration": "{...}",配置"allow_precompiled": "...",是否允许预编译"nack_on_code_cache_miss": "...",如果true,代码需要远程获取,没有缓存"environment_variables": "{...}"}
runtime:
•envoy.wasm.runtime.null•envoy.wasm.runtime.v8•envoy.wasm.runtime.wamr•envoy.wasm.runtime.wasmtime•envoy.wasm.runtime.wavm
environment_variables:
{"host_env_keys": [],envoy存在的key会直接注入"key_values": "{...}"key value对,注入}
capability_restriction_config:
{"allowed_capabilities": "{...}"未实现}
5accesslog配置点
config.listener.v3.Listener
extensions.filters.http.router.v3.Router
extensions.filters.network.tcp_proxy.v3.TcpProxy
extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
meshConfig 配置
6配置格式
默认格式:
[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %RESPONSE_CODE_DETAILS% %CONNECTION_TERMINATION_DETAILS%\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\" %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\"\"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\" %UPSTREAM_CLUSTER% %UPSTREAM_LOCAL_ADDRESS% %DOWNSTREAM_LOCAL_ADDRESS% %DOWNSTREAM_REMOTE_ADDRESS% %REQUESTED_SERVER_NAME% %ROUTE_NAME%\n
json格式
{"authority": "%REQ(:AUTHORITY)%","bytes_received": "%BYTES_RECEIVED%","bytes_sent": "%BYTES_SENT%","downstream_local_address": "%DOWNSTREAM_LOCAL_ADDRESS%","downstream_remote_address": "%DOWNSTREAM_REMOTE_ADDRESS%","duration": "%DURATION%","istio_policy_status": "%DYNAMIC_METADATA(istio.mixer:status)%","method": "%REQ(:METHOD)%","path": "%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%","protocol": "%PROTOCOL%","request_id": "%REQ(X-REQUEST-ID)%","requested_server_name": "%REQUESTED_SERVER_NAME%","response_code": "%RESPONSE_CODE%","response_flags": "%RESPONSE_FLAGS%","route_name": "%ROUTE_NAME%","start_time": "%START_TIME%","upstream_cluster": "%UPSTREAM_CLUSTER%","upstream_host": "%UPSTREAM_HOST%","upstream_local_address": "%UPSTREAM_LOCAL_ADDRESS%","upstream_service_time": "%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%","upstream_transport_failure_reason": "%UPSTREAM_TRANSPORT_FAILURE_REASON%","user_agent": "%REQ(USER-AGENT)%","x_forwarded_for": "%REQ(X-FORWARDED-FOR)%"}
参考地址:https://www.envoyproxy.io/docs/envoy/latest/configuration/observability/access_log/usage#config-access-log
| Log operator | access log in sleep | access log in httpbin |
[%START_TIME%] | [2020-11-25T21:26:18.409Z] | [2020-11-25T21:26:18.409Z] |
\"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" | "GET status/418 HTTP/1.1" | "GET /status/418 HTTP/1.1" |
%RESPONSE_CODE% | 418 | 418 |
%RESPONSE_FLAGS% | - | - |
%RESPONSE_CODE_DETAILS% | via_upstream | via_upstream |
%CONNECTION_TERMINATION_DETAILS% | - | - |
\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\" | "-" | "-" |
%BYTES_RECEIVED% | 0 | 0 |
%BYTES_SENT% | 135 | 135 |
%DURATION% | 4 | 3 |
%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% | 4 | 1 |
\"%REQ(X-FORWARDED-FOR)%\" | "-" | "-" |
\"%REQ(USER-AGENT)%\" | "curl/7.73.0-DEV" | "curl/7.73.0-DEV" |
\"%REQ(X-REQUEST-ID)%\" | "84961386-6d84-929d-98bd-c5aee93b5c88" | "84961386-6d84-929d-98bd-c5aee93b5c88" |
\"%REQ(:AUTHORITY)%\" | "httpbin:8000" | "httpbin:8000" |
\"%UPSTREAM_HOST%\" | "10.44.1.27:80" | "127.0.0.1:80" |
%UPSTREAM_CLUSTER% | `outbound | 8000 |
%UPSTREAM_LOCAL_ADDRESS% | 10.44.1.23:37652 | 127.0.0.1:41854 |
%DOWNSTREAM_LOCAL_ADDRESS% | 10.0.45.184:8000 | 10.44.1.27:80 |
%DOWNSTREAM_REMOTE_ADDRESS% | 10.44.1.23:46520 | 10.44.1.23:37652 |
%REQUESTED_SERVER_NAME% | - | outbound_.8000_._.httpbin.foo.svc.cluster.local |
%ROUTE_NAME% | default | default |
7实战
7.1FileAccessLog
7.1.1listener
ef-accesslog-listener.yaml
kubectl apply -f ef-accesslog-listener.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: LISTENERmatch:context: GATEWAYlistener:name: 0.0.0.0_8080patch:operation: MERGEvalue:access_log:- filter:response_flag_filter:flags:- NRname: envoy.access_loggers.filetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%"path: /dev/stdout
7.1.2HttpConnectionManager
ef-accesslog-hcm.yaml
kubectl apply -f ef-accesslog-hcm.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)%path: /dev/stdout
7.1.3route
ef-accesslog-route.yaml
kubectl apply -f ef-accesslog-route.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: HTTP_FILTERmatch:context: GATEWAYlistener:name: 0.0.0.0_8080filterChain:filter:name: envoy.filters.network.http_connection_managersubFilter:name: envoy.filters.http.routerpatch:operation: REPLACEvalue:name: envoy.filters.http.routertyped_config:"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Routerupstream_log:- name: envoy.access_loggers.filefilter:status_code_filter:comparison:op: GEvalue:default_value: 200runtime_key: log.enforcetyped_config:"@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLogpath: /dev/stdoutlog_format:text_format: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n"content_type: text/plainomit_empty_values: true
7.1.4TcpProxy
ef-accesslog-TcpProxy.yaml
kubectl apply -f ef-accesslog-TcpProxy.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 31400filterChain:filter:name: "envoy.filters.network.tcp_proxy"patch:operation: MERGEvalue:name: envoy.filters.network.tcp_proxytypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxyaccessLog:- name: envoy.access_loggers.filetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%" %RESPONSE_CODE% %RESPONSE_FLAGS% %RESPONSE_CODE_DETAILS% %CONNECTION_TERMINATION_DETAILS% "%UPSTREAM_TRANSPORT_FAILURE_REASON%" %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% "%REQ(X-FORWARDED-FOR)%" "%REQ(USER-AGENT)%" "%REQ(X-REQUEST-ID)%" "%REQ(:AUTHORITY)%" "%UPSTREAM_HOST%" %UPSTREAM_CLUSTER% %UPSTREAM_LOCAL_ADDRESS% %DOWNSTREAM_LOCAL_ADDRESS% %DOWNSTREAM_REMOTE_ADDRESS% %REQUESTED_SERVER_NAME% %ROUTE_NAME%path: /dev/stdoutcluster: outbound|9000|v1|tcp-echo.istio.svc.cluster.localstatPrefix: outbound|9000|v1|tcp-echo.istio.svc.cluster.local
7.1.5 meshConfig 配置
注意accessLogFormat 要加\n,不然日志不会打印
kubectl edit cm istio -n istio-systemdata:mesh: |-accessLogFile: /dev/stdoutaccessLogEncoding: TEXTaccessLogFormat: "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\""defaultConfig:discoveryAddress: istiod.istio-system.svc:15012proxyMetadata: {}tracing:zipkin:address: zipkin.istio-system:9411enablePrometheusMerge: truerootNamespace: istio-systemtrustDomain: cluster.localmeshNetworks: 'networks: {}'
JSON
mesh: |-accessLogFile: /dev/stdoutaccessLogEncoding: JSONaccessLogFormat: "{\"authority\":\"%REQ(:AUTHORITY)%\"}"defaultConfig:discoveryAddress: istiod.istio-system.svc:15012proxyMetadata: {}tracing:zipkin:address: zipkin.istio-system:9411enablePrometheusMerge: truerootNamespace: istio-systemtrustDomain: cluster.localmeshNetworks: 'networks: {}'
关闭
mesh: |-accessLogFile: ""defaultConfig:discoveryAddress: istiod.istio-system.svc:15012proxyMetadata: {}tracing:zipkin:address: zipkin.istio-system:9411enablePrometheusMerge: truerootNamespace: istio-systemtrustDomain: cluster.localmeshNetworks: 'networks: {}'
7.1.6log_format
7.1.6.1text
略
7.1.6.2json
ef-accesslog-log_format-json.yaml
kubectl apply -f ef-accesslog-log_format-json.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:json_format:status: "%RESPONSE_CODE%"message: "%LOCAL_REPLY_BODY%"authority: "%REQ(:AUTHORITY)%"bytes_received: "%BYTES_RECEIVED%"bytes_sent: "%BYTES_SENT%"path: /dev/stdout
7.1.6.3text_format_source
ef-accesslog-text_format_source.yaml
kubectl apply -f ef-accesslog-text_format_source.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:text_format_source:inline_string: "%LOCAL_REPLY_BODY%:%RESPONSE_CODE%:path=%REQ(:path)%\n"path: /dev/stdout
7.2filter
{"status_code_filter": "{...}",状态码过滤"duration_filter": "{...}",时间过滤"not_health_check_filter": "{...}",不健康过滤"traceable_filter": "{...}",可跟中过滤"runtime_filter": "{...}",运行时过滤"and_filter": "{...}",与过滤"or_filter": "{...}",或过滤"header_filter": "{...}",头过滤"response_flag_filter": "{...}",响应flag过滤"grpc_status_filter": "{...}",grpc状态过滤"extension_filter": "{...}",扩展过滤"metadata_filter": "{...}"元数据过滤}
7.2.1status_code_filter
{"comparison": "{...}"比较}
comparison:
{"op": "...",比较符"value": "{...}"比较值}
op:
•EQ(DEFAULT) =•GE>=•LE<=
ef-accesslog-filter-status_code_filter.yaml
kubectl apply -f ef-accesslog-filter-status_code_filter.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:status_code_filter:comparison:op: EQvalue:default_value: 200runtime_key: access_loggers.enforcetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)%path: /dev/stdout
7.2.2duration_filter
{"comparison": "{...}"}
ef-accesslog-filter-duration_filter.yaml
kubectl apply -f ef-accesslog-filter-duration_filter.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:duration_filter:comparison:op: GEvalue:default_value: 1runtime_key: access_loggers.enforcetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)%path: /dev/stdout
7.2.3not_health_check_filter
ef-accesslog-filter-not_health_check_filter.yaml
kubectl apply -f ef-accesslog-filter-not_health_check_filter.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:not_health_check_filter: {}typedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
7.2.4traceable_filter
ef-accesslog-filter-traceable_filter.yaml
kubectl apply -f ef-accesslog-filter-traceable_filter.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:traceable_filter: {}typedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)%path: /dev/stdout
7.2.5header_filter
{"header": "{...}"头}
header:
{"name": "...",头名称"exact_match": "...",精确匹配"safe_regex_match": "{...}",正则匹配"range_match": "{...}",范围匹配"present_match": "...",存在匹配"prefix_match": "...",前缀匹配"suffix_match": "...",后缀匹配"contains_match": "...",包含匹配"string_match": "{...}",字符串匹配"invert_match": "..."反向匹配}
7.2.5.1exact_match
ef-accesslog-filter-header_filter-exact_match.yaml
kubectl apply -f ef-accesslog-filter-header_filter-exact_match.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:header_filter:header:name: testexact_match: testtypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
访问:
curl http://192.168.229.134:32406/productpage -H "test:test"
7.2.5.2safe_regex_match
ef-accesslog-filter-header_filter-safe_regex_match.yaml
kubectl apply -f ef-accesslog-filter-header_filter-safe_regex_match.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:header_filter:header:name: testsafe_regex_match:google_re2: {}regex: ".*test.*"typedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
访问:
curl http://192.168.229.134:32406/productpage -H "test:test1"
7.2.5.3range_match
ef-accesslog-filter-header_filter-range_match.yaml
kubectl apply -f ef-accesslog-filter-header_filter-range_match.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:header_filter:header:name: testrange_match:start: 1end: 10typedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
访问:
curl http://192.168.229.134:32406/productpage -H "test:3"
7.2.5.4present_match
ef-accesslog-filter-header_filter-present_match.yaml
kubectl apply -f ef-accesslog-filter-header_filter-present_match.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:header_filter:header:name: testpresent_match: truetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
访问:
curl http://192.168.229.134:32406/productpage -H "test:test"
7.2.5.5prefix_match
ef-accesslog-filter-header_filter-prefix_match.yaml
kubectl apply -f ef-accesslog-filter-header_filter-prefix_match.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:header_filter:header:name: testprefix_match: "t"typedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
访问:
curl http://192.168.229.134:32406/productpage -H "test:test"
7.2.5.6suffix_match
ef-accesslog-filter-header_filter-suffix_match.yaml
kubectl apply -f ef-accesslog-filter-header_filter-suffix_match.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:header_filter:header:name: testsuffix_match: "t"typedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
访问:
curl http://192.168.229.134:32406/productpage -H "test:test"
7.2.5.7contains_match
ef-accesslog-filter-header_filter-contains_match.yaml
kubectl apply -f ef-accesslog-filter-header_filter-contains_match.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:header_filter:header:name: testcontains_match: "1"typedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
访问:
curl http://192.168.229.134:32406/productpage -H "test:test1"
7.2.5.8string_match
istio未实现
ef-accesslog-filter-header_filter-string_match.yaml
kubectl apply -f ef-accesslog-filter-header_filter-string_match.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:header_filter:header:name: teststring_match:exact: testtypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
访问:
curl http://192.168.229.134:32406/productpage -H "test:test1"
7.2.5.9invert_match
ef-accesslog-filter-header_filter-invert_match.yaml
kubectl apply -f ef-accesslog-filter-header_filter-invert_match.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:header_filter:header:name: testcontains_match: "1"invert_match: truetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
访问:
curl http://192.168.229.134:32406/productpage -H "test:test1"
7.2.6response_flag_filter
HTTP and TCP
•UH: No healthy upstream hosts in upstream cluster in addition to 503 response code.•UF: Upstream connection failure in addition to 503 response code.•UO: Upstream overflow (circuit breaking) in addition to 503 response code.•NR: No route configured for a given request in addition to 404 response code, or no matching filter chain for a downstream connection.•URX: The request was rejected because the upstream retry limit (HTTP) or maximum connect attempts (TCP) was reached.•NC: Upstream cluster not found.•DT: When a request or connection exceeded max_connection_duration or max_downstream_connection_duration.
HTTP only
•DC: Downstream connection termination.•LH: Local service failed health check request in addition to 503 response code.•UT: Upstream request timeout in addition to 504 response code.•LR: Connection local reset in addition to 503 response code.•UR: Upstream remote reset in addition to 503 response code.•UC: Upstream connection termination in addition to 503 response code.•DI: The request processing was delayed for a period specified via fault injection.•FI: The request was aborted with a response code specified via fault injection.•RL: The request was ratelimited locally by the HTTP rate limit filter in addition to 429 response code.•UAEX: The request was denied by the external authorization service.•RLSE: The request was rejected because there was an error in rate limit service.•IH: The request was rejected because it set an invalid value for a strictly-checked header in addition to 400 response code.•SI: Stream idle timeout in addition to 408 response code.•DPE: The downstream request had an HTTP protocol error.•UPE: The upstream response had an HTTP protocol error.•UMSDR: The upstream request reached to max stream duration.•OM: Overload Manager terminated the request.
ef-accesslog-filter-response_flag_filter.yaml
kubectl apply -f ef-accesslog-filter-response_flag_filter.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:response_flag_filter:flags:- UF- UC- URtypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
ef-fault-inject.yaml
kubectl apply -f ef-fault-inject.yaml -n istio
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: faultspec:workloadSelector:labels:app: productpageconfigPatches:- applyTo: HTTP_FILTERmatch:context: SIDECAR_INBOUNDlistener:portNumber: 9080filterChain:filter:name: "envoy.filters.network.http_connection_manager"subFilter:name: "envoy.filters.http.router"patch:operation: INSERT_BEFOREvalue:name: envoy.filters.http.faulttyped_config:'@type': type.googleapis.com/envoy.extensions.filters.http.fault.v3.HTTPFaultabort:httpStatus: 503percentage:denominator: MILLIONnumerator: 1000000
7.2.7grpc_status_filter
status:
•OK(DEFAULT) •CANCELED•UNKNOWN•INVALID_ARGUMENT•DEADLINE_EXCEEDED•NOT_FOUND•ALREADY_EXISTS•PERMISSION_DENIED•RESOURCE_EXHAUSTED•FAILED_PRECONDITION•ABORTED•OUT_OF_RANGE•UNIMPLEMENTED•INTERNAL•UNAVAILABLE•DATA_LOSS•UNAUTHENTICATED
ef-accesslog-filter-response_flag_filter.yaml
kubectl apply -f ef-accesslog-filter-response_flag_filter.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:grpc_status_filter:statuses:- OKtypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
7.2.8extension_filter
目前没有
7.2.9metadata_filter
ef-accesslog-filter-metadata_filter.yaml
kubectl apply -f ef-accesslog-filter-metadata_filter.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:metadata_filter:matcher:filter: envoy.lbpath:- key: canaryvalue:string_match:exact: testmatch_if_key_not_found: truetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
7.2.10and_filter
ef-accesslog-filter-and_filter.yaml
kubectl apply -f ef-accesslog-filter-and_filter.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:and_filter:filters:- metadata_filter:matcher:filter: envoy.lbpath:- key: canaryvalue:string_match:exact: testmatch_if_key_not_found: true- header_filter:header:name: testcontains_match: "1"invert_match: falsetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
7.2.11or_filter
ef-accesslog-filter-or_filter.yaml
kubectl apply -f ef-accesslog-filter-or_filter.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:or_filter:filters:- metadata_filter:matcher:filter: envoy.lbpath:- key: canaryvalue:string_match:exact: testmatch_if_key_not_found: true- header_filter:header:name: testcontains_match: "1"invert_match: falsetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
7.2.12 runtime_filter
ef-accesslog-filter-runtime_filter.yaml
kubectl apply -f ef-accesslog-filter-runtime_filter.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:runtime_filter:runtime_key: accesslog.enforcepercent_sampled:numerator: 100denominator: HUNDREDuse_independent_randomness: truetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%path: /dev/stdout
7.3envoy.access_loggers.stream
7.3.1stdout
ef-accesslog-stdout.yaml
kubectl apply -f ef-accesslog-stdout.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.streamtypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%
7.3.2stderror
ef-accesslog-stderror.yaml
kubectl apply -f ef-accesslog-stderror.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.streamtypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StderrAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %ROUTE_NAME%
7.4formatters
formatters :
•envoy.formatter.metadata显示元数据
%METADATA(TYPE:NAMESPACE:KEY):Z%
type:
•DYNAMIC•CLUSTER•ROUTE•envoy.formatter.req_without_query
%REQ_WITHOUT_QUERY(X?Y):Z%
7.4.1metadata
istio还不支持
ef-accesslog-filter-formatters-metadata.yaml
kubectl apply -f ef-accesslog-filter-formatters-metadata.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:status_code_filter:comparison:op: EQvalue:default_value: 200runtime_key: access_loggers.enforcetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %METADATA(ROUTE:envoy.lb)%formatters:- name: envoy.formatter.metadatatypedConfig:"@type": type.googleapis.com/envoy.extensions.formatter.metadata.v3.Metadatapath: /dev/stdout
7.4.2REQ_WITHOUT_QUERY
ef-accesslog-filter-formatters-REQ_WITHOUT_QUERY.yaml
kubectl apply -f ef-accesslog-filter-formatters-REQ_WITHOUT_QUERY.yaml -n istio-system
apiVersion: networking.istio.io/v1alpha3kind: EnvoyFiltermetadata:name: accesslogspec:workloadSelector:labels:istio: ingressgatewayconfigPatches:- applyTo: NETWORK_FILTERmatch:context: GATEWAYlistener:portNumber: 8080filterChain:filter:name: "envoy.filters.network.http_connection_manager"patch:operation: MERGEvalue:name: envoy.filters.network.http_connection_managertypedConfig:'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManageraccess_log:- name: envoy.access_loggers.filefilter:status_code_filter:comparison:op: EQvalue:default_value: 200runtime_key: access_loggers.enforcetypedConfig:'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLoglogFormat:textFormat: |[%START_TIME%] "%REQ(:METHOD)% %REQ_WITHOUT_QUERY(X?Y):Z%formatters:- name: envoy.formatter.metadatatypedConfig:"@type": type.googleapis.com/envoy.extensions.formatter.req_without_query.v3.ReqWithoutQuerypath: /dev/stdout
7.5als
skywalking
helm repo add skywalking https://apache.jfrog.io/artifactory/skywalking-helmcd skywalkinghelm install skywalking -n istio-system \--set oap.env.SW_ENVOY_METRIC_ALS_HTTP_ANALYSIS=k8s-mesh \--set fullnameOverride=skywalking \--set oap.envoy.als.enabled=true \--set ui.image.tag=8.7.0 \--set oap.image.tag=8.7.0-es6 \--set oap.storageType=elasticsearch \--set ui.image.repository=apache/skywalking-ui \--set oap.image.repository=apache/skywalking-oap-server \.暴露服务kubectl port-forward --address 0.0.0.0 svc/skywalking-ui 8080:80 --namespace istio-system配置istioenableEnvoyAccessLogService: trueextensionProviders:- skywalking:service: skywalking-oap.istio-system.svc.cluster.localport: 11800name: envoy.tracers.skywalkingdefaultConfig:envoyAccessLogService:address: skywalking-oap.istio-system:11800mesh: |-accessLogFile: /dev/stdoutenableEnvoyAccessLogService: truedefaultConfig:envoyAccessLogService:address: skywalking-oap.istio-system:11800discoveryAddress: istiod.istio-system.svc:15012proxyMetadata: {}tracing:zipkin:address: zipkin.istio-system:9411enablePrometheusMerge: truerootNamespace: istio-systemtrustDomain: cluster.localmeshNetworks: 'networks: {}'删除:helm uninstall skywalking -n istio-system
文章转载自k8s实战,如果涉嫌侵权,请发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。
