Add ability to customize upstream and stream log format

Author: gianrubio

controllers/nginx/pkg/config/config.go

@@ -21,6 +21,7 @@ import (
 
 "github.com/golang/glog"
 
+"fmt"
 "k8s.io/ingress/core/pkg/ingress"
 "k8s.io/ingress/core/pkg/ingress/defaults"
 )
@@ -46,6 +47,10 @@ const (
 
 gzipTypes = "application/atom+xml application/javascript application/x-javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/svg+xml image/x-icon text/css text/plain text/x-component"
 
+logFormatUpstream = "'%v - [$proxy_add_x_forwarded_for] - $remote_user [$time_local] \"$request\" $status $body_bytes_sent \"$http_referer\" \"$http_user_agent\" $request_length $request_time [$proxy_upstream_name] $upstream_addr $upstream_response_length $upstream_response_time $upstream_status'"
+
+logFormatStream = "'$remote_addr [$time_local] $protocol [$ssl_preread_server_name] [$stream_upstream] $status $bytes_sent $bytes_received $session_time'"
+
 // http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_buffer_size
 // Sets the size of the buffer used for sending data.
 // 4k helps NGINX to improve TLS Time To First Byte (TTTFB)
@@ -143,6 +148,14 @@ type Configuration struct {
 // Default: 4 8k
 LargeClientHeaderBuffers string `json:"large-client-header-buffers"`
 
+// Customize upstream log_format
+// http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format
+LogFormatUpstream string `json:"log-format-upstream,omitempty"`
+
+// Customize stream log_format
+// http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format
+LogFormatStream string `json:"log-format-stream,omitempty"`
+
 // Maximum number of simultaneous connections that can be opened by each worker process
 // http://nginx.org/en/docs/ngx_core_module.html#worker_connections
 MaxWorkerConnections int `json:"max-worker-connections,omitempty"`
@@ -250,6 +263,8 @@ func NewDefault() Configuration {
 GzipTypes: gzipTypes,
 KeepAlive: 75,
 LargeClientHeaderBuffers: "4 8k",
+LogFormatStream: logFormatStream,
+LogFormatUpstream: BuildLogFormatUpstream(false),
 MaxWorkerConnections: 16384,
 MapHashBucketSize: 64,
 ProxyRealIPCIDR: defIPCIDR,
@@ -291,6 +306,15 @@ func NewDefault() Configuration {
 return cfg
 }
 
+// BuildLogFormatUpstream format the log_format upstream based on proxy_protocol
+func BuildLogFormatUpstream(useProxyProtocol bool) string {
+
+if useProxyProtocol {
+return fmt.Sprintf(logFormatUpstream, "$proxy_protocol_addr")
+}
+return fmt.Sprintf(logFormatUpstream, "$remote_addr")
+}
+
 // TemplateConfig contains the nginx configuration to render the file nginx.conf
 type TemplateConfig struct {
 ProxySetHeaders map[string]string

controllers/nginx/pkg/config/config_test.go

@@ -0,0 +1,27 @@
+package config
+
+import (
+"fmt"
+"testing"
+)
+
+func TestBuildLogFormatUpstream(t *testing.T) {
+
+testCases := []struct {
+useProxyProtocol bool // use proxy protocol
+expected string
+}{
+{true, fmt.Sprintf(logFormatUpstream, "$proxy_protocol_addr")},
+{false, fmt.Sprintf(logFormatUpstream, "$remote_addr")},
+}
+
+for _, testCase := range testCases {
+
+result := BuildLogFormatUpstream(testCase.useProxyProtocol)
+
+if result != testCase.expected {
+t.Errorf(" expected %v but return %v", testCase.expected, result)
+}
+
+}
+}

controllers/nginx/pkg/template/template.go

@@ -31,6 +31,7 @@ import (
 "github.com/golang/glog"
 
 "k8s.io/ingress/controllers/nginx/pkg/config"
+nginxconfig "k8s.io/ingress/controllers/nginx/pkg/config"
 "k8s.io/ingress/core/pkg/ingress"
 ing_net "k8s.io/ingress/core/pkg/net"
 "k8s.io/ingress/core/pkg/watch"
@@ -134,12 +135,12 @@ var (
 "buildSSLPassthroughUpstreams": buildSSLPassthroughUpstreams,
 "buildResolvers": buildResolvers,
 "isLocationAllowed": isLocationAllowed,
-
-"contains": strings.Contains,
-"hasPrefix": strings.HasPrefix,
-"hasSuffix": strings.HasSuffix,
-"toUpper": strings.ToUpper,
-"toLower": strings.ToLower,
+"buildLogFormatUpstream": buildLogFormatUpstream,
+"contains":  strings.Contains,
+"hasPrefix":  strings.HasPrefix,
+"hasSuffix":  strings.HasSuffix,
+"toUpper":  strings.ToUpper,
+"toLower":  strings.ToLower,
 }
 )
 
@@ -227,6 +228,17 @@ func buildAuthLocation(input interface{}) string {
 return fmt.Sprintf("/_external-auth-%v", str)
 }
 
+func buildLogFormatUpstream(input interface{}) string {
+config, ok := input.(config.Configuration)
+
+if !ok {
+glog.Errorf("error an ingress.buildLogFormatUpstream type but %T was returned", input)
+}
+
+return nginxconfig.BuildLogFormatUpstream(config.UseProxyProtocol)
+
+}
+
 // buildProxyPass produces the proxy pass string, if the ingress has redirects
 // (specified through the ingress.kubernetes.io/rewrite-to annotation)
 // If the annotation ingress.kubernetes.io/add-base-url:"true" is specified it will

controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl

@@ -77,11 +77,9 @@ http {
  gzip_proxied any;
  {{ end }}
 
- server_tokens {{ if $cfg.ShowServerTokens }}on{{ else }}off{{ end }}; 
+ server_tokens {{ if $cfg.ShowServerTokens }}on{{ else }}off{{ end }};
 
- log_format upstreaminfo '{{ if $cfg.UseProxyProtocol }}$proxy_protocol_addr{{ else }}$remote_addr{{ end }} - '
- '[$proxy_add_x_forwarded_for] - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" '
- '$request_length $request_time [$proxy_upstream_name] $upstream_addr $upstream_response_length $upstream_response_time $upstream_status';
+ log_format upstreaminfo {{ buildLogFormatUpstream $cfg }};
 
  {{/* map urls that should not appear in access.log */}}
  {{/* http://nginx.org/en/docs/http/ngx_http_log_module.html#access_log */}}
@@ -448,7 +446,7 @@ stream {
  default nginx-ssl-backend;
  }
 
- log_format log_stream '$remote_addr [$time_local] $protocol [$ssl_preread_server_name] [$stream_upstream] $status $bytes_sent $bytes_received $session_time';
+ log_format log_stream {{ $cfg.LogFormatStream }};
 
  {{ if $cfg.DisableAccessLog }}
  access_log off;