Improve logging (#89)

* Fix ES index template dynamic mappings
* Add basic common logging setting
* Add stdout log configuration for shumway (with hardcode)
* Fix hellgate mapping

Co-authored-by: Sergey Yelin <elinsn@gmail.com>
This commit is contained in:
Andrey Abramov 2020-10-22 15:03:15 +03:00 committed by GitHub
parent 51cdd7737a
commit a979b58a3e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
21 changed files with 2620 additions and 67 deletions

View File

@ -0,0 +1,6 @@
{{ if eq (index .Release.Labels "logfmt") "json" }}
podAnnotations:
co.elastic.logs/json.keys_under_root: "true"
co.elastic.logs/json.overwrite_keys: "true"
co.elastic.logs/json.add_error_key: "true"
{{ end }}

2473
config/logs/template.json Normal file

File diff suppressed because it is too large Load Diff

View File

@ -1,18 +1,9 @@
{{ readFile "hf-templates.yaml" }}
repositories:
- name: prometheus-community
url: https://prometheus-community.github.io/helm-charts
templates:
default: &default
chart: ./services/{{`{{ .Release.Name }}`}}
namespace: default
# This prevents helmfile exiting when it encounters a missing file
# Valid values are "Error", "Warn", "Info", "Debug". The default is "Error"
# Use "Debug" to make missing files errors invisible at the default log level(--log-level=INFO)
missingFileHandler: Warn
values:
- config/{{`{{ .Release.Name }}`}}/values.yaml
releases:
- name: prometheus
<<: *default
@ -21,4 +12,6 @@ releases:
- name: logs
<<: *default
chart: ./services/elk
set:
- name: filebeat.indextemplate
file: config/logs/template.json

View File

@ -1,3 +1,5 @@
{{ readFile "hf-templates.yaml" }}
repositories:
- name: stable
url: https://kubernetes-charts.storage.googleapis.com
@ -10,19 +12,6 @@ repositories:
- name: codecentric
url: https://codecentric.github.io/helm-charts
templates:
default: &default
chart: ./services/{{`{{ .Release.Name }}`}}
namespace: default
# This prevents helmfile exiting when it encounters a missing file
# Valid values are "Error", "Warn", "Info", "Debug". The default is "Error"
# Use "Debug" to make missing files errors invisible at the default log level(--log-level=INFO)
missingFileHandler: Warn
values:
- config/{{`{{ .Release.Name }}`}}/values.yaml
timeout: 900
helmfiles:
- # Path to the helmfile state file being processed BEFORE releases in this state file
path: helmfile-infra.yaml
@ -61,18 +50,22 @@ releases:
chart: codecentric/keycloak
version: 9.0.1
needs:
- default/postgres
- default/postgres
wait: true
- name: holmes
<<: *default
- name: riak
<<: *default
labels:
logfmt: json
chart: ./services/riak
set:
- name: config.user
file: config/riak/user.yaml
- name: machinegun
<<: *default
labels:
logfmt: json
needs:
- default/consul
- default/riak
@ -82,6 +75,8 @@ releases:
file: config/machinegun/config.yaml
- name: bender
<<: *default
labels:
logfmt: json
set:
- name: appConfig
file: config/bender/sys.config
@ -89,6 +84,8 @@ releases:
file: config/vm/erl_inetrc
- name: kds
<<: *default
labels:
logfmt: json
set:
- name: appConfig
file: config/kds/sys.config
@ -100,6 +97,8 @@ releases:
file: config/kds/server.pem
- name: cds
<<: *default
labels:
logfmt: json
needs:
- default/kds
- default/riak
@ -114,6 +113,8 @@ releases:
file: config/cds/client.pem
- name: shumway
<<: *default
labels:
logfmt: json
needs:
- default/vault
- default/postgres
@ -131,6 +132,8 @@ releases:
- default/kafka
- name: dominant
<<: *default
labels:
logfmt: json
needs:
- default/shumway
wait: true
@ -157,6 +160,8 @@ releases:
<<: *default
- name: hellgate
<<: *default
labels:
logfmt: json
set:
- name: appConfig
file: config/hellgate/sys.config
@ -164,6 +169,8 @@ releases:
file: config/vm/erl_inetrc
- name: capi-pcidss-v2
<<: *default
labels:
logfmt: json
set:
- name: fetchKeycloakPubkey
file: config/api-common/fetch-keycloak-pubkey.sh
@ -183,6 +190,8 @@ releases:
- default/keycloak
- name: capi-pcidss-v1
<<: *default
labels:
logfmt: json
set:
- name: fetchKeycloakPubkey
file: config/api-common/fetch-keycloak-pubkey.sh
@ -209,6 +218,8 @@ releases:
file: config/vm/erl_inetrc
- name: capi-v1
<<: *default
labels:
logfmt: json
set:
- name: fetchKeycloakPubkey
file: config/api-common/fetch-keycloak-pubkey.sh
@ -228,6 +239,8 @@ releases:
- default/keycloak
- name: capi-v2
<<: *default
labels:
logfmt: json
set:
- name: fetchKeycloakPubkey
file: config/api-common/fetch-keycloak-pubkey.sh
@ -247,6 +260,8 @@ releases:
- default/keycloak
- name: wapi-pcidss-v0
<<: *default
labels:
logfmt: json
set:
- name: fetchKeycloakPubkey
file: config/api-common/fetch-keycloak-pubkey.sh
@ -262,6 +277,8 @@ releases:
- default/keycloak
- name: wapi
<<: *default
labels:
logfmt: json
set:
- name: fetchKeycloakPubkey
file: config/api-common/fetch-keycloak-pubkey.sh

9
hf-templates.yaml Normal file
View File

@ -0,0 +1,9 @@
templates:
default: &default
chart: ./services/{{ .Release.Name }}
namespace: default
missingFileHandler: Warn
values:
- config/_common/logging.yaml.gotmpl
- config/{{ .Release.Name }}/values.yaml
timeout: 900

View File

@ -2,7 +2,7 @@
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 3
replicaCount: 1
image:
repository: docker.io/rbkmoney/bender

View File

@ -4,7 +4,7 @@ image:
imagePullSecrets: []
replicaCount: 3
replicaCount: 1
cdsUrl: http://cds.default.svc.cluster.local:8022/v2/storage

View File

@ -4,7 +4,7 @@ image:
imagePullSecrets: []
replicaCount: 3
replicaCount: 1
beam:
disableSBWT: false
@ -59,4 +59,3 @@ affinity: {}
ingress:
host: api.rbk.dev
path: /v1/processing/payment-resources

View File

@ -4,7 +4,7 @@ image:
imagePullSecrets: []
replicaCount: 3
replicaCount: 1
beam:
disableSBWT: false
@ -59,4 +59,3 @@ affinity: {}
ingress:
host: api.rbk.dev
path: /v2/processing/payment-resources

View File

@ -57,8 +57,6 @@ spec:
mountPath: /opt/dominant/erl_inetrc
subPath: erl_inetrc
readOnly: true
- name: logs-volume
mountPath: /var/log
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:
@ -72,10 +70,6 @@ spec:
path: vm.args
- key: erl_inetrc
path: erl_inetrc
- name: logs-volume
hostPath:
path: /datalog/rbk
type: DirectoryOrCreate
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

View File

@ -22,17 +22,27 @@ spec:
type: container
paths:
- /var/log/containers/*${data.kubernetes.container.id}.log
templates:
- condition:
equals:
kubernetes.namespace: default
config:
- type: log
paths:
- /datalog/rbk/${data.kubernetes.container.name}/*.json
processors:
- add_cloud_metadata: {}
- add_host_metadata: {}
- decode_json_fields:
fields: ["log"]
max_depth: 5
target: ""
overwrite_keys: true
add_error_key: true
setup:
template:
enabled: true
name: filebeat-rbkm # could it conflict with .json.name?..
pattern: filebeat-*
overwrite: true
settings:
index:
number_of_shards: 1
number_of_replicas: 1
json:
enabled: true
path: "/etc/template.json"
name: filebeat-rbkm
daemonSet:
podTemplate:
spec:
@ -54,8 +64,9 @@ spec:
mountPath: /var/log/pods
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
- name: rbkdatalogfolder
mountPath: /datalog/rbk
- name: index-template
mountPath: /etc/template.json
subPath: template.json
env:
- name: NODE_NAME
valueFrom:
@ -71,9 +82,9 @@ spec:
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers
- name: rbkdatalogfolder
hostPath:
path: /datalog/rbk
- name: index-template
configMap:
name: filebeat-index-template
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole

View File

@ -0,0 +1,8 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: filebeat-index-template
data:
template.json: |
{{- .Values.filebeat.indextemplate | nindent 4 }}

View File

@ -46,19 +46,17 @@ spec:
port: api
volumeMounts:
- name: config-volume
mountPath: /opt/hellgate/releases/0.1.0/sys.config
mountPath: /opt/hellgate/releases/0.1/sys.config
subPath: sys.config
readOnly: true
- name: config-volume
mountPath: /opt/hellgate/releases/0.1.0/vm.args
mountPath: /opt/hellgate/releases/0.1/vm.args
subPath: vm.args
readOnly: true
- name: config-volume
mountPath: /opt/hellgate/erl_inetrc
subPath: erl_inetrc
readOnly: true
- name: logs-volume
mountPath: /var/log
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:
@ -72,10 +70,6 @@ spec:
path: vm.args
- key: erl_inetrc
path: erl_inetrc
- name: logs-volume
hostPath:
path: /datalog/rbk
type: DirectoryOrCreate
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

View File

@ -4,7 +4,7 @@ image:
imagePullSecrets: []
replicaCount: 3
replicaCount: 1
nameOverride: ""
fullnameOverride: ""

View File

@ -4,7 +4,7 @@ image:
imagePullSecrets: []
replicaCount: 3
replicaCount: 1
entrypoint: |
#!/bin/sh

View File

@ -4,7 +4,7 @@ image:
imagePullSecrets: []
replicaCount: 3
replicaCount: 1
cdsUrl: http://cds.default.svc.cluster.local:8022/v2/storage
hellgateUrl: http://hellgate.default.svc.cluster.local:8022/v1/proxyhost/provider

View File

@ -8,3 +8,44 @@ metadata:
data:
entrypoint.sh: |
{{- .Values.entrypoint | nindent 4 }}
# TODO: вынести в отдельный файл!
logback.xml: |
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<include resource="org/springframework/boot/logging/logback/defaults.xml"/>
<include resource="org/springframework/boot/logging/logback/console-appender.xml"/>
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="net.logstash.logback.encoder.LoggingEventCompositeJsonEncoder">
<providers>
<mdc/>
<threadName/>
<message/>
<version/>
<loggerName/>
<context/>
<pattern>
<pattern>
{
"@timestamp": "%date{yyy-MM-dd'T'HH:mm:ss.SSSXXX, UTC}",
"@severity": "%level",
"application": {{ include "shumway.fullname" . | quote }}
}
</pattern>
</pattern>
<stackTrace>
<throwableConverter class="net.logstash.logback.stacktrace.ShortenedThrowableConverter">
<shortenedClassNameLength>20</shortenedClassNameLength>
<rootCauseFirst>true</rootCauseFirst>
</throwableConverter>
</stackTrace>
</providers>
</encoder>
</appender>
<root level="INFO">
<appender-ref ref="STDOUT"/>
</root>
<logger name="com.rbkmoney" level="INFO"/>
</configuration>

View File

@ -49,12 +49,17 @@ spec:
mountPath: /opt/shumway/entrypoint.sh
subPath: entrypoint.sh
readOnly: true
- name: config-volume
mountPath: /opt/shumway/logback.xml
subPath: logback.xml
readOnly: true
command: ["/opt/shumway/entrypoint.sh"]
args:
- -jar
- /opt/shumway/shumway.jar
- --spring.flyway.table=schema_version
- --spring.flyway.schemas=shm
- --logging.config=/opt/shumway/logback.xml
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:
@ -65,6 +70,9 @@ spec:
- key: entrypoint.sh
path: entrypoint.sh
mode: 0755
- key: logback.xml
path: logback.xml
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}

View File

@ -4,7 +4,7 @@ image:
imagePullSecrets: []
replicaCount: 3
replicaCount: 1
nameOverride: ""
fullnameOverride: ""

View File

@ -4,7 +4,7 @@ image:
imagePullSecrets: []
replicaCount: 3
replicaCount: 1
beam:
disableSBWT: false
@ -57,7 +57,7 @@ affinity: {}
ingress:
host: api.rbk.dev
paths:
paths:
- path: /privdoc/v0
- path: /payres/v0

View File

@ -4,5 +4,6 @@ kubectl delete deploy,rs,pvc,svc,crd,ing,sts,job,cj,cm,secret,sa --all \
&& kubectl delete mutatingwebhookconfigurations,validatingwebhookconfigurations prometheus-prometheus-oper-admission || echo "prometheus webhooks already deleted" \
&& kubectl delete ns monitoring elastic-system || echo "namespaces not found" \
&& kubectl delete -f https://raw.githubusercontent.com/cilium/cilium/v1.8/install/kubernetes/quick-install.yaml || echo "cilium not found" \
&& sleep 45 \
&& kubectl apply -f https://raw.githubusercontent.com/cilium/cilium/v1.8/install/kubernetes/quick-install.yaml \
&& kubectl apply -f config/vault/init-cm.yaml