From 4d9116d7590ddbd8266074bd202c3bc623cdc469 Mon Sep 17 00:00:00 2001 From: Hans Hasselberg Date: Fri, 7 Jun 2019 11:26:43 +0200 Subject: [PATCH] connect: provide -admin-access-log-path for envoy (#5858) --- command/connect/envoy/bootstrap_tpl.go | 7 ++- command/connect/envoy/envoy.go | 14 +++++ command/connect/envoy/envoy_test.go | 30 ++++++++++ .../envoy/testdata/access-log-path.golden | 60 +++++++++++++++++++ 4 files changed, 110 insertions(+), 1 deletion(-) create mode 100644 command/connect/envoy/testdata/access-log-path.golden diff --git a/command/connect/envoy/bootstrap_tpl.go b/command/connect/envoy/bootstrap_tpl.go index d7a89425b4..5e43706012 100644 --- a/command/connect/envoy/bootstrap_tpl.go +++ b/command/connect/envoy/bootstrap_tpl.go @@ -27,6 +27,11 @@ type BootstrapTplArgs struct { // TLS is enabled. AgentCAFile string + // AdminAccessLogPath The path to write the access log for the + // administration server. If no access log is desired specify + // "/dev/null". By default it will use "/dev/null". + AdminAccessLogPath string + // AdminBindAddress is the address the Envoy admin server should bind to. AdminBindAddress string @@ -86,7 +91,7 @@ type BootstrapTplArgs struct { const bootstrapTemplate = `{ "admin": { - "access_log_path": "/dev/null", + "access_log_path": "{{ .AdminAccessLogPath }}", "address": { "socket_address": { "address": "{{ .AdminBindAddress }}", diff --git a/command/connect/envoy/envoy.go b/command/connect/envoy/envoy.go index bfb0ae4a76..9e3e06fbcf 100644 --- a/command/connect/envoy/envoy.go +++ b/command/connect/envoy/envoy.go @@ -34,6 +34,8 @@ func New(ui cli.Ui) *cmd { return c } +const DefaultAdminAccessLogPath = "/dev/null" + type cmd struct { UI cli.Ui flags *flag.FlagSet @@ -44,6 +46,7 @@ type cmd struct { // flags proxyID string sidecarFor string + adminAccessLogPath string adminBind string envoyBin string bootstrap bool @@ -67,6 +70,11 @@ func (c *cmd) init() { "The full path to the envoy binary to run. By default will just search "+ "$PATH. Ignored if -bootstrap is used.") + c.flags.StringVar(&c.adminAccessLogPath, "admin-access-log-path", DefaultAdminAccessLogPath, + fmt.Sprintf("The path to write the access log for the administration server. If no access "+ + "log is desired specify %q. By default it will use %q.", + DefaultAdminAccessLogPath, DefaultAdminAccessLogPath)) + c.flags.StringVar(&c.adminBind, "admin-bind", "localhost:19000", "The address:port to start envoy's admin server on. Envoy requires this "+ "but care must be taken to ensure it's not exposed to an untrusted network "+ @@ -258,6 +266,11 @@ func (c *cmd) templateArgs() (*BootstrapTplArgs, error) { cluster = c.sidecarFor } + adminAccessLogPath := c.adminAccessLogPath + if adminAccessLogPath == "" { + adminAccessLogPath = DefaultAdminAccessLogPath + } + return &BootstrapTplArgs{ ProxyCluster: cluster, ProxyID: c.proxyID, @@ -265,6 +278,7 @@ func (c *cmd) templateArgs() (*BootstrapTplArgs, error) { AgentPort: agentPort, AgentTLS: useTLS, AgentCAFile: httpCfg.TLSConfig.CAFile, + AdminAccessLogPath: adminAccessLogPath, AdminBindAddress: adminBindIP.String(), AdminBindPort: adminPort, Token: httpCfg.Token, diff --git a/command/connect/envoy/envoy_test.go b/command/connect/envoy/envoy_test.go index df9b886d4b..2f15ac59a8 100644 --- a/command/connect/envoy/envoy_test.go +++ b/command/connect/envoy/envoy_test.go @@ -84,6 +84,7 @@ func TestGenerateConfig(t *testing.T) { ProxyID: "test-proxy", AgentAddress: "127.0.0.1", AgentPort: "8502", // Note this is the gRPC port + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -99,6 +100,7 @@ func TestGenerateConfig(t *testing.T) { ProxyID: "test-proxy", AgentAddress: "127.0.0.1", AgentPort: "8502", // Note this is the gRPC port + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -116,6 +118,7 @@ func TestGenerateConfig(t *testing.T) { ProxyID: "test-proxy", AgentAddress: "127.0.0.1", AgentPort: "8502", // Note this is the gRPC port + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -136,6 +139,7 @@ func TestGenerateConfig(t *testing.T) { ProxyID: "test-proxy", AgentAddress: "127.0.0.1", AgentPort: "8502", // Note this is the gRPC port + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -156,6 +160,7 @@ func TestGenerateConfig(t *testing.T) { ProxyID: "test-proxy", AgentAddress: "127.0.0.1", AgentPort: "8502", // Note this is the gRPC port + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -175,6 +180,7 @@ func TestGenerateConfig(t *testing.T) { // to do. AgentAddress: "127.0.0.1", AgentPort: "9999", + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -194,6 +200,25 @@ func TestGenerateConfig(t *testing.T) { // to do. AgentAddress: "127.0.0.1", AgentPort: "9999", + AdminAccessLogPath: "/dev/null", + AdminBindAddress: "127.0.0.1", + AdminBindPort: "19000", + LocalAgentClusterName: xds.LocalAgentClusterName, + }, + }, + { + Name: "access-log-path", + Flags: []string{"-proxy-id", "test-proxy", "-admin-access-log-path", "/some/path/access.log"}, + Env: []string{}, + WantArgs: BootstrapTplArgs{ + ProxyCluster: "test-proxy", + ProxyID: "test-proxy", + // Should resolve IP, note this might not resolve the same way + // everywhere which might make this test brittle but not sure what else + // to do. + AgentAddress: "127.0.0.1", + AgentPort: "8502", + AdminAccessLogPath: "/some/path/access.log", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -230,6 +255,7 @@ func TestGenerateConfig(t *testing.T) { ProxyID: "test-proxy", AgentAddress: "127.0.0.1", AgentPort: "8502", + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -261,6 +287,7 @@ func TestGenerateConfig(t *testing.T) { ProxyID: "test-proxy", AgentAddress: "127.0.0.1", AgentPort: "8502", + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -297,6 +324,7 @@ func TestGenerateConfig(t *testing.T) { ProxyID: "test-proxy", AgentAddress: "127.0.0.1", AgentPort: "8502", + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -320,6 +348,7 @@ func TestGenerateConfig(t *testing.T) { ProxyID: "test-proxy", AgentAddress: "127.0.0.1", AgentPort: "8502", + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, @@ -373,6 +402,7 @@ func TestGenerateConfig(t *testing.T) { ProxyID: "test-proxy", AgentAddress: "127.0.0.1", AgentPort: "8502", + AdminAccessLogPath: "/dev/null", AdminBindAddress: "127.0.0.1", AdminBindPort: "19000", LocalAgentClusterName: xds.LocalAgentClusterName, diff --git a/command/connect/envoy/testdata/access-log-path.golden b/command/connect/envoy/testdata/access-log-path.golden new file mode 100644 index 0000000000..ff389654ad --- /dev/null +++ b/command/connect/envoy/testdata/access-log-path.golden @@ -0,0 +1,60 @@ +{ + "admin": { + "access_log_path": "/some/path/access.log", + "address": { + "socket_address": { + "address": "127.0.0.1", + "port_value": 19000 + } + } + }, + "node": { + "cluster": "test-proxy", + "id": "test-proxy" + }, + "static_resources": { + "clusters": [ + { + "name": "local_agent", + "connect_timeout": "1s", + "type": "STATIC", + "http2_protocol_options": {}, + "hosts": [ + { + "socket_address": { + "address": "127.0.0.1", + "port_value": 8502 + } + } + ] + } + ] + }, + "stats_config": { + "stats_tags": [ + { + "tag_name": "local_cluster", + "fixed_value": "test-proxy" + } + ], + "use_all_default_tags": true + }, + "dynamic_resources": { + "lds_config": { "ads": {} }, + "cds_config": { "ads": {} }, + "ads_config": { + "api_type": "GRPC", + "grpc_services": { + "initial_metadata": [ + { + "key": "x-consul-token", + "value": "" + } + ], + "envoy_grpc": { + "cluster_name": "local_agent" + } + } + } + } +}