Telemetry
microgateway.airlock.com/v1alpha1
Telemetry contains the configuration for telemetry (logging, metrics & tracing).
apiVersion: microgateway.airlock.com/v1alpha1
kind: Telemetry
metadata:
name: telemetry-example
spec:
logging:
accessLog:
format:
json:
"@timestamp": "%START_TIME(%Y-%m-%dT%T.%3f%z)%"
ecs:
version: "8.5"
log:
logger: "access"
level: "info"
event:
kind: "event"
category: ["web"]
type: "%EVENT_TYPE%"
module: "envoy"
dataset: "envoy.access"
outcome: "success"
start: "%START_TIME(%Y-%m-%dT%T.%3f%z)%"
end: "%END_TIME(%Y-%m-%dT%T.%3f%z)%"
duration: "%DURATION_IN_NANOSECONDS%"
airlock:
authentication: "%AUTHENTICATION%"
deny_rules: "%DENY_RULES%"
encoding: "%ENCODING%"
header_rewrites: "%HEADER_REWRITES%"
http:
request:
accept_language: "%REQ(ACCEPT-LANGUAGE):100%"
response:
redirect_url: "%RESP(LOCATION):1000%"
log_correlation: "%LOG_CORRELATION%"
parser: "%PARSER%"
response:
details: "%RESPONSE_CODE_DETAILS%"
flags: "%RESPONSE_FLAGS%"
upstream:
destination:
ip: "%UPSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"
port: "%UPSTREAM_REMOTE_PORT%"
http:
version: "%UPSTREAM_HTTP_VERSION%"
limits: "%LIMITS%"
destination:
ip: "%DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT%"
port: "%DOWNSTREAM_LOCAL_PORT%"
http:
request:
body:
bytes: "%BYTES_RECEIVED%"
bytes: "%REQUEST_HEADERS_AND_BODY_BYTES%"
id: "%STREAM_ID%"
method: "%REQ(:METHOD):100%"
mime_type: "%REQ_MIME_TYPE:500%"
referrer: "%REQ(REFERER):1000%"
response:
body:
bytes: "%BYTES_SENT%"
bytes: "%RESPONSE_HEADERS_AND_BODY_BYTES%"
mime_type: "%RESP_MIME_TYPE:500%"
status_code: "%RESPONSE_CODE%"
version: "%HTTP_VERSION%"
network:
forwarded_ip: "%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"
observer:
product: "Airlock Microgateway"
type: "waap"
vendor: "Ergon Informatik AG"
version: "%ENVIRONMENT(ENGINE_VERSION)%"
source:
ip: "%DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT%"
port: "%DOWNSTREAM_DIRECT_REMOTE_PORT%"
url:
domain: "%HTTP_HOST:500%"
path: "%REQ_WITHOUT_QUERY(:PATH):1000%"
query: "%REQ_QUERY(:PATH):1000%"
user_agent:
original: "%REQ(USER-AGENT):500%"
# Additional log keys under 'custom'.
custom:
downstream:
# Log TLS attributes of the downstream connection.
tls:
protocol: "%DOWNSTREAM_TLS_VERSION%"
cipher: "%DOWNSTREAM_TLS_CIPHER%"
session_id: "%DOWNSTREAM_TLS_SESSION_ID%"
# Log the direct remote ip address and port.
direct_remote_address:
ip: "%DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT%"
port: "%DOWNSTREAM_DIRECT_REMOTE_PORT%"
http:
request:
# Log the request header 'Cookie'.
cookie: "%REQ(cookie):500%"
# Log the request header 'X-Request-ID'.
x_request_id: "%REQ(X-Request-ID):500%"
apiVersion: microgateway.airlock.com/v1alpha1
kind: Telemetry
metadata:
name: default
spec:
logging:
accessLog:
format:
json:
"@timestamp": "%START_TIME(%Y-%m-%dT%T.%3f%z)%"
ecs:
version: "8.5"
log:
logger: "access"
level: "info"
event:
kind: "event"
category: [ "web" ]
type: "%EVENT_TYPE%"
module: "envoy"
dataset: "envoy.access"
outcome: "success"
start: "%START_TIME(%Y-%m-%dT%T.%3f%z)%"
end: "%END_TIME(%Y-%m-%dT%T.%3f%z)%"
duration: "%DURATION_IN_NANOSECONDS%"
airlock:
authentication: "%AUTHENTICATION%"
deny_rules: "%DENY_RULES%"
encoding: "%ENCODING%"
header_rewrites: "%HEADER_REWRITES%"
http:
request:
accept_language: "%REQ(ACCEPT-LANGUAGE):100%"
response:
redirect_url: "%RESP(LOCATION):1000%"
log_correlation: "%LOG_CORRELATION%"
openapi: "%OPENAPI%"
parser: "%PARSER%"
response:
details: "%RESPONSE_CODE_DETAILS%"
flags: "%RESPONSE_FLAGS%"
upstream:
destination:
ip: "%UPSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"
port: "%UPSTREAM_REMOTE_PORT%"
http:
version: "%UPSTREAM_HTTP_VERSION%"
limits: "%LIMITS%"
destination:
ip: "%DOWNSTREAM_LOCAL_ADDRESS_WITHOUT_PORT%"
port: "%DOWNSTREAM_LOCAL_PORT%"
http:
request:
body:
bytes: "%BYTES_RECEIVED%"
bytes: "%REQUEST_HEADERS_AND_BODY_BYTES%"
id: "%STREAM_ID%"
method: "%REQ(:METHOD):100%"
mime_type: "%REQ_MIME_TYPE:500%"
referrer: "%REQ(REFERER):1000%"
response:
body:
bytes: "%BYTES_SENT%"
bytes: "%RESPONSE_HEADERS_AND_BODY_BYTES%"
mime_type: "%RESP_MIME_TYPE:500%"
status_code: "%RESPONSE_CODE%"
version: "%HTTP_VERSION%"
network:
forwarded_ip: "%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"
observer:
product: "Airlock Microgateway"
type: "waap"
vendor: "Ergon Informatik AG"
version: "%ENVIRONMENT(ENGINE_VERSION)%"
source:
ip: "%DOWNSTREAM_DIRECT_REMOTE_ADDRESS_WITHOUT_PORT%"
port: "%DOWNSTREAM_DIRECT_REMOTE_PORT%"
url:
domain: "%HTTP_HOST:500%"
path: "%REQ_WITHOUT_QUERY(:PATH):1000%"
query: "%REQ_QUERY(:PATH):1000%"
user_agent:
original: "%REQ(USER-AGENT):500%"
correlation:
request:
alterRequestID: true
allowDownstreamRequestID: true
Telemetry
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
metadata |
ObjectMeta | Refer to Kubernetes API documentation for fields of metadata |
yes | ||
spec | object | Specification of the desired telemetry behavior. | no |
Telemetry.spec
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
correlation | object | Correlation defines the correlation aspects of Telemetry. | no | ||
logging | object | Logging defines the logging aspects of Telemetry. | no |
Telemetry.spec.correlation
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
request | object | Request defines the request related correlation settings of Telemetry. | no |
Telemetry.spec.correlation.request
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
allowDownstreamRequestID |
bool | AllowDownstreamRequestID defines whether trace sampling will consider a provided x-request-id. | no | true |
true , false |
alterRequestID |
bool | AlterRequestID defines whether to alter the UUID to reflect the trace sampling decision. If disabled no modification to the UUID will be performed, this may break tracing in the upstream. | no | true |
true , false |
Telemetry.spec.logging
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
accessLog | object | AccessLog defines the access log settings of Telemetry. | no |
Telemetry.spec.logging.accessLog
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
format | object | Format defines the Access Log format of the sidecar. | no |
Telemetry.spec.logging.accessLog.format
Field | Type | Description | Required | Default | Allowed Values |
---|---|---|---|---|---|
json |
unstructured | JSON defines the Access Log format as JSON. | no |