Last active
April 28, 2024 15:11
-
-
Save jessegoodier/9e7f43040267bd665599243cd2c1e3a3 to your computer and use it in GitHub Desktop.
Kubernetes proxy-logger using nginx to log requests to a json file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This proxy can help you understand what requests a container is making. | |
# You'll need to point that container to this and this to what ever the container really wanted to make the request to. | |
# Alternatives to this are to use a system proxy/service mesh (istio) | |
# kubectl logs deployments/proxy-logger --tail -1|grep {|jq -r .request_query | |
# a use vscode extension to decode querystrings: https://marketplace.visualstudio.com/items?itemName=sryze.uridecode | |
# to use that, pipe the output to a file and then use that extension to decode uri as URI Component | |
--- | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: proxy-logger | |
labels: | |
app: proxy-logger | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
app: proxy-logger | |
template: | |
metadata: | |
labels: | |
app: proxy-logger | |
spec: | |
containers: | |
- name: proxy-logger | |
image: nginxinc/nginx-unprivileged | |
ports: | |
- containerPort: 8080 | |
protocol: TCP | |
resources: {} | |
imagePullPolicy: IfNotPresent | |
volumeMounts: | |
- mountPath: /etc/nginx/conf.d | |
name: default-conf | |
readOnly: true | |
volumes: | |
- name: tmp | |
emptyDir: {} | |
- name: default-conf | |
configMap: | |
name: nginx-config | |
items: | |
- key: default.conf | |
path: default.conf | |
--- | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: proxy-logger | |
spec: | |
ports: | |
- name: proxy-logger | |
protocol: TCP | |
port: 8080 | |
targetPort: 8080 | |
selector: | |
app: proxy-logger | |
type: ClusterIP | |
--- | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: nginx-config | |
data: | |
default.conf: | | |
log_format json_analytics escape=json '{"time": "$time_iso8601", "remote_addr": "$proxy_protocol_addr","x_forwarded_for": "$proxy_add_x_forwarded_for", "remote_user": "$remote_user", "bytes_sent": $bytes_sent, "request_time": $request_time, "status": $status, "vhost": "$host", "request_proto": "$server_protocol", "path": "$uri", "request_query": "$args", "request_length": $request_length, "duration": $request_time,"method": "$request_method", "http_referrer": "$http_referer", "http_user_agent": "$http_user_agent"}'; | |
server { | |
listen 8080; | |
location / { | |
# normal k8s logging: | |
access_log /dev/stdout json_analytics; | |
# or log to a file: | |
# access_log /tmp/proxy-logs.json json_analytics; | |
proxy_pass http://proxied-host$request_uri; | |
# proxy_pass http://amp/workspaces/ws-XXX-XXX-XXX-XXX$request_uri; | |
} | |
} | |
upstream proxied-host { | |
server prometheus-operator-kube-p-prometheus.monitoring:9090; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment