Skip to content

Instantly share code, notes, and snippets.

@bianpengyuan

bianpengyuan/gist:448d640436d5a9e0696bbb2116a83a8c

Created May 24, 2019 00:14
Show Gist options
  • Save bianpengyuan/448d640436d5a9e0696bbb2116a83a8c to your computer and use it in GitHub Desktop.
Save bianpengyuan/448d640436d5a9e0696bbb2116a83a8c to your computer and use it in GitHub Desktop.
Download ZIP
sd metric and log
Raw
gistfile1.txt
apiVersion: "config.istio.io/v1alpha2"
kind: stackdriver
metadata:
name: handler
namespace: istio-system
spec:
pushInterval: 10s
metricInfo:
server-request-count.metric.istio-system:
# Due to a bug in gogoproto deserialization, Enums in maps must be
# specified by their integer value, not variant name. See
# https://github.com/googleapis/googleapis/blob/master/google/api/metric.proto
# MetricKind and ValueType for the values to provide.
kind: 3 # CUMULATIVE
value: 2 # INT64
metric_type: "istio.io/service/server/request_count"
server-request-bytes.metric.istio-system:
kind: 3 # CUMULATIVE
value: 5 # DISTRIBUTION
buckets:
exponentialBuckets:
numFiniteBuckets: 20
scale: 1
growthFactor: 2
metric_type: "istio.io/service/server/request_bytes"
server-response-bytes.metric.istio-system:
kind: 3 # CUMULATIVE
value: 5 # DISTRIBUTION
buckets:
exponentialBuckets:
numFiniteBuckets: 20
scale: 1
growthFactor: 2
metric_type: "istio.io/service/server/response_bytes"
server-response-latencies.metric.istio-system:
kind: 3 # CUMULATIVE
value: 5 # DISTRIBUTION
buckets:
exponentialBuckets:
numFiniteBuckets: 20
scale: 1
growthFactor: 2
metric_type: "istio.io/service/server/response_latencies"
server-received-bytes-count.metric.istio-system:
kind: 3 # CUMULATIVE
value: 2 # INT64
metric_type: "istio.io/service/server/received_bytes_count"
server-sent-bytes-count.metric.istio-system:
kind: 3 # CUMULATIVE
value: 2 # INT64
metric_type: "istio.io/service/server/sent_bytes_count"
client-request-count.metric.istio-system:
kind: 3 # CUMULATIVE
value: 2 # INT64
metric_type: "istio.io/service/client/request_count"
client-request-bytes.metric.istio-system:
kind: 3 # CUMULATIVE
value: 5 # DISTRIBUTION
buckets:
exponentialBuckets:
numFiniteBuckets: 20
scale: 1
growthFactor: 2
metric_type: "istio.io/service/client/request_bytes"
client-response-bytes.metric.istio-system:
kind: 3 # CUMULATIVE
value: 5 # DISTRIBUTION
buckets:
exponentialBuckets:
numFiniteBuckets: 20
scale: 1
growthFactor: 2
metric_type: "istio.io/service/client/response_bytes"
client-roundtrip-latencies.metric.istio-system:
kind: 3 # CUMULATIVE
value: 5 # DISTRIBUTION
buckets:
exponentialBuckets:
numFiniteBuckets: 20
scale: 1
growthFactor: 2
metric_type: "istio.io/service/client/roundtrip_latencies"
client-received-bytes-count.metric.istio-system:
kind: 3 # CUMULATIVE
value: 2 # INT64
metric_type: "istio.io/service/client/received_bytes_count"
client-sent-bytes-count.metric.istio-system:
kind: 3 # CUMULATIVE
value: 2 # INT64
metric_type: "istio.io/service/client/sent_bytes_count"
logInfo:
server-accesslog-stackdriver.logentry.istio-system:
labelNames:
- source_uid
- source_ip
- source_app
- source_principal
- source_name
- source_workload
- source_namespace
- source_owner
- destination_uid
- destination_app
- destination_ip
- destination_service_host
- destination_workload
- destination_name
- destination_namespace
- destination_owner
- destination_principal
- api_name
- api_version
- api_claims
- api_key
- request_operation
- protocol
- method
- url
- response_code
- response_size
- request_size
- request_id
- latency
- service_authentication_policy
- user_agent
- response_timestamp
- received_bytes
- sent_bytes
- referer
server-tcp-accesslog-stackdriver.logentry.istio-system:
labelNames:
- connection_id
- connection_event
- source_uid
- source_ip
- source_app
- source_principal
- source_name
- source_workload
- source_namespace
- source_owner
- destination_uid
- destination_app
- destination_ip
- destination_service_host
- destination_workload
- destination_name
- destination_namespace
- destination_owner
- destination_principal
- protocol
- connction_duration
- service_authentication_policy
- received_bytes
- sent_bytes
- total_received_bytes
- total_sent_bytes
---
#################################################
############## Metric Config ####################
#################################################
apiVersion: "config.istio.io/v1alpha2"
kind: rule
metadata:
name: stackdriver-server
namespace: istio-system
spec:
match: (context.protocol == "http" || context.protocol == "grpc") && (context.reporter.kind | "inbound" == "inbound")
actions:
- handler: handler.stackdriver
instances:
- server-request-count.metric
- server-request-bytes.metric
- server-response-bytes.metric
- server-response-latencies.metric
---
apiVersion: "config.istio.io/v1alpha2"
kind: rule
metadata:
name: stackdriver-client
namespace: istio-system
spec:
match: (context.protocol == "http" || context.protocol == "grpc") && (context.reporter.kind | "inbound" == "outbound")
actions:
- handler: handler.stackdriver
instances:
- client-request-count.metric
- client-request-bytes.metric
- client-response-bytes.metric
- client-roundtrip-latencies.metric
---
apiVersion: "config.istio.io/v1alpha2"
kind: rule
metadata:
name: stackdriver-tcp-server
namespace: istio-system
spec:
match: context.protocol == "tcp" && (context.reporter.kind | "inbound" == "inbound")
actions:
- handler: handler.stackdriver
instances:
- server-received-bytes-count.metric
- server-sent-bytes-count.metric
---
apiVersion: "config.istio.io/v1alpha2"
kind: rule
metadata:
name: stackdriver-tcp-client
namespace: istio-system
spec:
match: context.protocol == "tcp" && (context.reporter.kind | "inbound" == "outbound")
actions:
- handler: handler.stackdriver
instances:
- client-received-bytes-count.metric
- client-sent-bytes-count.metric
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: server-request-count
namespace: istio-system
spec:
value: "1"
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_operation: conditional((context.protocol | "unknown") == "grpc", request.path | "unknown", request.method | "unknown")
request_protocol: context.protocol | "unknown"
api_version: api.version | "unknown"
api_name: api.service | "unknown"
response_code: response.code | 0
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_container"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: destination.workload.namespace | "unknown"
location: '""'
container_name: conditional((destination.name | "unknown").startsWith("istio-telemetry") || (destination.name | "unknown").startsWith("istio-policy"), "mixer", destination.container.name | "unknown")
pod_name: destination.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: client-request-count
namespace: istio-system
spec:
value: "1"
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_operation: conditional((context.protocol | "unknown") == "grpc", request.path | "unknown", request.method | "unknown")
request_protocol: context.protocol | "unknown"
api_version: api.version | "unknown"
api_name: api.service | "unknown"
response_code: response.code | 0
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_pod"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: source.workload.namespace | "unknown"
location: '""'
pod_name: source.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: server-request-bytes
namespace: istio-system
spec:
value: request.total_size
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_operation: conditional((context.protocol | "unknown") == "grpc", request.path | "unknown", request.method | "unknown")
request_protocol: context.protocol | "unknown"
api_version: api.version | "unknown"
api_name: api.service | "unknown"
response_code: response.code | 0
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_container"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: destination.workload.namespace | "unknown"
location: '""'
container_name: conditional((destination.name | "unknown").startsWith("istio-telemetry") || (destination.name | "unknown").startsWith("istio-policy"), "mixer", destination.container.name | "unknown")
pod_name: destination.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: client-request-bytes
namespace: istio-system
spec:
value: request.total_size
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_operation: conditional((context.protocol | "unknown") == "grpc", request.path | "unknown", request.method | "unknown")
request_protocol: context.protocol | "unknown"
api_version: api.version | "unknown"
api_name: api.service | "unknown"
response_code: response.code | 0
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_pod"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: source.workload.namespace | "unknown"
location: '""'
pod_name: source.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: server-response-bytes
namespace: istio-system
spec:
value: response.total_size
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_operation: conditional((context.protocol | "unknown") == "grpc", request.path | "unknown", request.method | "unknown")
request_protocol: context.protocol | "unknown"
api_version: api.version | "unknown"
api_name: api.service | "unknown"
response_code: response.code | 0
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_container"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: destination.workload.namespace | "unknown"
location: '""'
container_name: conditional((destination.name | "unknown").startsWith("istio-telemetry") || (destination.name | "unknown").startsWith("istio-policy"), "mixer", destination.container.name | "unknown")
pod_name: destination.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: client-response-bytes
namespace: istio-system
spec:
value: response.total_size
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_operation: conditional((context.protocol | "unknown") == "grpc", request.path | "unknown", request.method | "unknown")
request_protocol: context.protocol | "unknown"
api_version: api.version | "unknown"
api_name: api.service | "unknown"
response_code: response.code | 0
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_pod"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: source.workload.namespace | "unknown"
location: '""'
pod_name: source.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: server-response-latencies
namespace: istio-system
spec:
value: response.duration
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_operation: conditional((context.protocol | "unknown") == "grpc", request.path | "unknown", request.method | "unknown")
request_protocol: context.protocol | "unknown"
api_version: api.version | "unknown"
api_name: api.service | "unknown"
response_code: response.code | 0
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_container"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: destination.workload.namespace | "unknown"
location: '""'
container_name: conditional((destination.name | "unknown").startsWith("istio-telemetry") || (destination.name | "unknown").startsWith("istio-policy"), "mixer", destination.container.name | "unknown")
pod_name: destination.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: client-roundtrip-latencies
namespace: istio-system
spec:
value: response.duration
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_operation: conditional((context.protocol | "unknown") == "grpc", request.path | "unknown", request.method | "unknown")
request_protocol: context.protocol | "unknown"
api_version: api.version | "unknown"
api_name: api.service | "unknown"
response_code: response.code | 0
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_pod"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: source.workload.namespace | "unknown"
location: '""'
pod_name: source.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: server-received-bytes-count
namespace: istio-system
spec:
value: connection.received.bytes | 0
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_protocol: context.protocol | "unknown"
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_container"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: destination.workload.namespace | "unknown"
location: '""'
container_name: conditional((destination.name | "unknown").startsWith("istio-telemetry") || (destination.name | "unknown").startsWith("istio-policy"), "mixer", destination.container.name | "unknown")
pod_name: destination.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: client-received-bytes-count
namespace: istio-system
spec:
value: connection.received.bytes | 0
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_protocol: context.protocol | "unknown"
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_pod"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: source.workload.namespace | "unknown"
location: '""'
pod_name: source.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: server-sent-bytes-count
namespace: istio-system
spec:
value: connection.sent.bytes | 0
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_protocol: context.protocol | "unknown"
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_container"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: destination.workload.namespace | "unknown"
location: '""'
container_name: conditional((destination.name | "unknown").startsWith("istio-telemetry") || (destination.name | "unknown").startsWith("istio-policy"), "mixer", destination.container.name | "unknown")
pod_name: destination.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: metric
metadata:
name: client-sent-bytes-count
namespace: istio-system
spec:
value: connection.sent.bytes | 0
dimensions:
destination_service_name: destination.service.name | "unknown"
destination_service_namespace: destination.service.namespace | "unknown"
destination_port: destination.port | 0
request_protocol: context.protocol | "unknown"
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
source_workload_namespace: source.workload.namespace | "unknown"
source_workload_name: source.workload.name | "unknown"
source_owner: source.owner | "unknown"
destination_workload_namespace: destination.workload.namespace | "unknown"
destination_workload_name: destination.workload.name | "unknown"
destination_owner: destination.owner | "unknown"
destination_principal: destination.principal | "unknown"
source_principal: source.principal | "unknown"
monitoredResourceType: '"k8s_pod"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: source.workload.namespace | "unknown"
location: '""'
pod_name: source.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: logentry
metadata:
name: server-accesslog-stackdriver
namespace: istio-system
spec:
severity: '"Info"'
timestamp: request.time
variables:
source_uid: source.uid | ""
source_ip: source.ip | ip("0.0.0.0")
source_app: source.labels["app"] | ""
source_principal: source.principal | ""
source_name: source.name | ""
source_workload: source.workload.name | ""
source_namespace: source.namespace | ""
source_owner: source.owner | ""
destination_uid: destination.uid | ""
destination_app: destination.labels["app"] | ""
destination_ip: destination.ip | ip("0.0.0.0")
destination_service_host: destination.service.host | ""
destination_workload: destination.workload.name | ""
destination_name: destination.name | ""
destination_namespace: destination.namespace | ""
destination_owner: destination.owner | ""
destination_principal: destination.principal | ""
api_name: api.service | ""
api_version: api.version | ""
api_claims: request.auth.raw_claims | ""
api_key: request.api_key | request.headers["x-api-key"] | ""
request_operation: conditional((context.protocol | "unknown") == "grpc", request.path | "unknown", request.method | "unknown")
protocol: request.scheme | context.protocol | "http"
method: request.method | ""
url: request.path | ""
response_code: response.code | 0
response_size: response.size | 0
request_size: request.size | 0
request_id: request.headers["x-request-id"] | ""
latency: response.duration | "0ms"
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
user_agent: request.useragent | ""
response_timestamp: response.time
received_bytes: request.total_size | 0
sent_bytes: response.total_size | 0
referer: request.referer | ""
monitored_resource_type: '"k8s_container"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: destination.namespace | "unknown"
location: '""'
container_name: conditional((destination.name | "unknown").startsWith("istio-telemetry") || (destination.name | "unknown").startsWith("istio-policy"), "mixer", destination.container.name | "unknown")
pod_name: destination.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: logentry
metadata:
name: server-tcp-accesslog-stackdriver
namespace: istio-system
spec:
severity: '"Info"'
timestamp: context.time | timestamp("2017-01-01T00:00:00Z")
variables:
source_uid: source.uid | ""
connection_id: connection.id | ""
connection_event: connection.event | ""
source_ip: source.ip | ip("0.0.0.0")
source_app: source.labels["app"] | ""
source_principal: source.principal | ""
source_name: source.name | ""
source_workload: source.workload.name | ""
source_namespace: source.namespace | ""
source_owner: source.owner | ""
destination_uid: destination.uid | ""
destination_app: destination.labels["app"] | ""
destination_ip: destination.ip | ip("0.0.0.0")
destination_service_host: destination.service.host | ""
destination_workload: destination.workload.name | ""
destination_name: destination.name | ""
destination_namespace: destination.namespace | ""
destination_owner: destination.owner | ""
destination_principal: destination.principal | ""
protocol: context.protocol | "tcp"
connction_duration: connection.duration | "0ms"
service_authentication_policy: conditional((context.reporter.kind | "inbound") == "outbound", "unknown", conditional(connection.mtls | false, "mutual_tls", "none"))
received_bytes: connection.received.bytes | 0
sent_bytes: connection.sent.bytes | 0
total_received_bytes: connection.received.bytes_total | 0
total_sent_bytes: connection.sent.bytes_total | 0
monitored_resource_type: '"k8s_container"'
monitoredResourceDimensions:
project_id: '""'
cluster_name: '""'
namespace_name: destination.namespace | "unknown"
location: '""'
container_name: conditional((destination.name | "unknown").startsWith("istio-telemetry") || (destination.name | "unknown").startsWith("istio-policy"), "mixer", destination.container.name | "unknown")
pod_name: destination.name | "unknown"
---
apiVersion: "config.istio.io/v1alpha2"
kind: rule
metadata:
name: stackdriver-log
namespace: istio-system
spec:
match: (context.protocol == "http" || context.protocol == "grpc") && (context.reporter.kind | "inbound" == "inbound")
actions:
- handler: handler.stackdriver
instances:
- server-accesslog-stackdriver.logentry
---
apiVersion: "config.istio.io/v1alpha2"
kind: rule
metadata:
name: stackdriver-log-tcp
namespace: istio-system
spec:
match: (context.protocol == "tcp") && (context.reporter.kind | "inbound" == "inbound")
actions:
- handler: handler.stackdriver
instances:
- server-tcp-accesslog-stackdriver.logentry
---
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment