diff options
| author |   Fiete Ostkamp <Fiete.Ostkamp@telekom.de> | 2024-01-04 13:56:15 +0100 |
|---|---|---|
| committer | Fiete Ostkamp <fiete.ostkamp@telekom.de> | 2024-01-04 15:58:51 +0000 |
| commit | 42de54678378ce54f476f520cce970ce1fd1ba69 (patch) | |
| tree | 40f82575d8cb01cba799f19212c17b35eefc8d8a | |
| parent | 72caf09f07b4530e1bb34be348c4b845c9d0bfde (diff) | |
[AAI] Add option to disable access logging for liveness probes
- do not log probes when livenessAccessLogEnabled: false
Issue-ID: AAI-3715
Change-Id: Ic0197f37a6e835a44ecfc4163390ba5b28da66c8
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
4 files changed, 77 insertions, 33 deletions
diff --git a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml index 5ddd293658..07919a97a2 100644 --- a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml +++ b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml @@ -27,14 +27,17 @@ <configuration>
<property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}'/>
+ <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}' />
<property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
<property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
+ <property name="livenessAccessLogEnabled"
+ value='{{.Values.accessLogback.livenessAccessLogEnabled}}' />
+
<if condition='property("logToFileEnabled").contains("true")'>
<then>
<appender name="ACCESS"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}.zip
@@ -43,17 +46,36 @@ <totalSizeCap>${totalSizeCap}</totalSizeCap>
</rollingPolicy>
<encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU}
+ %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST}
+ %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter}
+ %i{X-AAI-SSL-Client-DN} %D</Pattern>
</encoder>
</appender>
- <appender-ref ref="ACCESS"/>
+ <appender-ref ref="ACCESS" />
</then>
</if>
<appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - "logType": "access"</Pattern>
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O}
+ %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C}
+ %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D -
+ "logType": "access"</Pattern>
</encoder>
+ <if condition='property("livenessAccessLogEnabled").contains("false")'>
+ <then>
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.access.net.URLEvaluator">
+ <URL>/aai/util/echo</URL>
+ </evaluator>
+ <OnMismatch>NEUTRAL</OnMismatch>
+ <OnMatch>DENY</OnMatch>
+ </filter>
+ </then>
+ </if>
</appender>
<appender-ref ref="STDOUTACCESS" />
@@ -83,5 +105,4 @@ %z - Custom pattern that parses the cert for the subject
%y - Custom pattern determines rest or dme2
-->
-*/}}
-
+*/}}
\ No newline at end of file diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml index 3a4d568799..6bcc0f85a0 100644 --- a/kubernetes/aai/components/aai-resources/values.yaml +++ b/kubernetes/aai/components/aai-resources/values.yaml @@ -330,6 +330,7 @@ logback: queueSize: 1000 accessLogback: + livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes logToFileEnabled: false maxHistory: 7 totalSizeCap: 1GB diff --git a/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml index 1d32a521a1..5e3a15c66a 100644 --- a/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml +++ b/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml @@ -21,35 +21,56 @@ -->
*/}}
<configuration scan="true" scanPeriod="60 seconds" debug="false">
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
- <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
- <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}'/>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
+ <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
+ <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}' />
+ <property name="livenessAccessLogEnabled"
+ value='{{.Values.accessLogback.livenessAccessLogEnabled}}' />
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <appender name="ACCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
- </encoder>
- </appender>
- <appender-ref ref="ACCESS" />
- </then>
- </if>
-
- <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
+ <if condition='property("logToFileEnabled").contains("true")'>
+ <then>
+ <appender name="ACCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
<encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - "logType": "access"</Pattern>
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU}
+ %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST}
+ %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter}
+ %i{X-AAI-SSL-Client-DN} %D</Pattern>
</encoder>
- </appender>
- <appender-ref ref="STDOUTACCESS" />
+ </appender>
+ <appender-ref ref="ACCESS" />
+ </then>
+ </if>
+
+ <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O}
+ %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C}
+ %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D -
+ "logType": "access"</Pattern>
+ </encoder>
+ <if condition='property("livenessAccessLogEnabled").contains("false")'>
+ <then>
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.access.net.URLEvaluator">
+ <URL>/aai/util/echo</URL>
+ </evaluator>
+ <OnMismatch>NEUTRAL</OnMismatch>
+ <OnMatch>DENY</OnMatch>
+ </filter>
+ </then>
+ </if>
+ </appender>
+ <appender-ref ref="STDOUTACCESS" />
</configuration>
{{/*<!--
%a - Remote IP address
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index 2b7e78f517..a3772d888a 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -248,6 +248,7 @@ logback: queueSize: 1000 accessLogback: + livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes logToFileEnabled: false maxHistory: 7 totalSizeCap: 6GB |