Configure http log files

[fortuneFelix]

Hello,

I've got a question regarding accessing the http log files.

Do you have an example how to configure syslog-endpoint so the log files are written to a location?

Thanks!

Cheers,
Felix

[jcmoraisjr]

I'm using graylog on my devel environment but you can also use socat to listen to an UDP port (if you don't want to burn 3GiB RAM). Eg on Alpine Linux:

$ docker run -ti -p 514:514/udp alpine sh
/ # apk add --no-cache socat
...
/ # socat -t0 -T0 -u udp4-listen:514,reuseaddr,fork -

Now configure the syslog-endpoint to <IP>:514 where your docker daemon is running.

[fortuneFelix]

Thanks for the tip with socat!
We have it now working with logstash!

[Scukerman]

@fortuneFelix You could also configure a syslog on the host machine and parse logs with logstash.

[dobesv]

See also #110

[AlexProfi]

Hello I use this config

apiVersion: v1
kind: ConfigMap
metadata:
  name: haproxy-ingress
  namespace: ingress-controller
data:
#  ssl-options: force-tlsv12
#  ssl-ciphers: ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS:!RC4:!eNULL:!aNULL:!EXP;
#  proxy-protocol: v2
  syslog-endpoint: "localhost:514"
  proxy-body-size: "100m"
  timeout-connect: "30s"
  timeout-client: "300s"
  timeout-http-request: "300s"
  timeout-keep-alive: "2m"
  timeout-queue: "300s"
  timeout-stop: "300s"
  http-log-format: default
  https-log-format: default
  log-format: https-log-format
  backend-check-interval: "60s"
#  TODO Maybe need to set up during testing below parameter
#  ingress.kubernetes.io/maxconn-server: 0
#  maxconn-server: "64000"
#TODO for long session use leastconn
  balance-algorithm: roundrobin
#  balance-algorithm: leastconn
  nbproc: "4"
  nbthread: "4"
# TODO for config to internal services like redis
#  tcp-services-configmap

---

apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
  labels:
    run: haproxy-ingress
  name: haproxy-ingress
  namespace: ingress-controller
spec:
  updateStrategy:
    type: RollingUpdate
  selector:
    matchLabels:
      run: haproxy-ingress
  template:
    metadata:
      labels:
        run: haproxy-ingress
    spec:
      hostNetwork: true
      nodeSelector:
        role: edge-router
      serviceAccountName: ingress-controller
      containers:
      - name: haproxy-ingress
        image: quay.io/jcmoraisjr/haproxy-ingress
        args:
        - --default-backend-service=$(POD_NAMESPACE)/ingress-default-backend
        - --default-ssl-certificate=default/tls-secret
        - --configmap=$(POD_NAMESPACE)/haproxy-ingress
        - --sort-backends
        ports:
        - name: http
          containerPort: 80
        - name: https
          containerPort: 443
        - name: stat
          containerPort: 1936
        env:
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
      - name: access-log
        image: appropriate/nc
        ports:
        - name: udp
          containerPort: 514
          protocol: UDP
        args: ["-ul","514"]

When I run command
kubectl logs -n ingress-controller haproxy-ingress-gs8tn access-log

I get

``- Proxy default-cpronginx-svc-443 started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy upstream-default-backend started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy httpsfront started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy httpback-shared-backend started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy httpsback-shared-backend started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy httpfront-shared-frontend started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy httpback-default-backend started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy httpfront-default-backend started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy error413 started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy error495 started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy error496 started.
<133>1 2019-01-25T13:56:04+00:00 hb-router01 ingress 22 - - Proxy error503noendpoints started.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping backend default-cpronginx-svc-443 in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping backend upstream-default-backend in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping frontend httpsfront in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping backend httpback-shared-backend in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping backend httpsback-shared-backend in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping frontend httpfront-shared-frontend in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping backend httpback-default-backend in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping frontend httpfront-default-backend in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping backend error413 in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping backend error495 in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping backend error496 in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Stopping proxy error503noendpoints in 0 ms.
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy default-cpronginx-svc-443 stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy upstream-default-backend stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy httpsfront stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy httpback-shared-backend stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy httpsback-shared-backend stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy httpfront-shared-frontend stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy httpback-default-backend stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy httpfront-default-backend stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy error413 stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy error495 stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy error496 stopped (FE: 0 conns, BE: 0 conns).
<132>1 2019-01-25T13:56:07+00:00 hb-router01 ingress 23 - - Proxy error503noendpoints stopped (FE: 0 conns, BE: 0 conns).

And there are no logs of my connection to haproxy through http
How to fix?

[Scukerman]

@AlexProfi I think it'll work if you comment these three invalid lines in the configmap:

http-log-format: default
https-log-format: default
log-format: https-log-format

[AlexProfi]

@AlexProfi I think it'll work if you comment these three invalid lines in the configmap:

http-log-format: default
https-log-format: default
log-format: https-log-format

Thnks very much. It works. But how receive error logs from haproxy?
I get errors
SSL read failed (5) - closing connection
during AB test

I get only this in access logs
kubectl logs -n ingress-controller haproxy-ingress-2g6pp access-log|grep error. But I think it is not that I need.

<133>1 2019-01-25T20:23:12+00:00 hb-router01 ingress 34 - - Proxy error413 started.
<133>1 2019-01-25T20:23:12+00:00 hb-router01 ingress 34 - - Proxy error495 started.
<133>1 2019-01-25T20:23:12+00:00 hb-router01 ingress 34 - - Proxy error496 started.
<133>1 2019-01-25T20:23:12+00:00 hb-router01 ingress 34 - - Proxy error503noendpoints started.

[Scukerman]

@AlexProfi, I believe it's better to address this question to the haproxy docs. This repo is basically a config assembler and nothing else. The way how you set up your haproxy depends only on you.

[AlexProfi]

@AlexProfi, I believe it's better to address this question to the haproxy docs. This repo is basically a config assembler and nothing else. The way how you set up your haproxy depends only on you.

I found Error log format in docs
https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#8.2.5
But how to use this in Haproxy-ingress ?
I need it to debug why I get errors SSL read failed(5) closing connection

[GMartinez-Sisti]

@AlexProfi I use it like this:

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: haproxy-int
  namespace: ingress-controller
data:
  max-connections: "10000"
  ssl-ciphers: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
  ssl-options: no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
  syslog-endpoint: localhost:514
  http-log-format: "%ci:%cp\\ [%t]\\ %ft\\ %b/%s\\ %Tq/%Tw/%Tc/%Tr/%Tt\\ %ST\\ %B\\ %CC\\ \\ %CS\\ %tsc\\ %ac/%fc/%bc/%sc/%rc\\ %sq/%bq\\ %hr\\ %hs\\ %{+Q}r\\ {request_id=%ID\\ ssl_version=%sslv\\ ssl_cypher=%sslc}"
  https-log-format: "%ci:%cp\\ [%t]\\ %ft\\ %b/%s\\ %ST\\ %B\\ %tsc\\ %ac/%fc/%bc/%sc/%rc\\ %sq/%bq\\ %hr\\ %hs"
  use-proxy-protocol: "true"
  config-global: |
    unique-id-format %{+X}o\ %ci%cp_%fi%fp_%Ts_%rt%pid
    unique-id-header X-Request-ID
  config-frontend: |
    capture request header Host len 32
    capture request header X-Request-ID len 64
    capture request header User-Agent len 200

Hope it helps.

[AlexProfi]

@AlexProfi I use it like this:

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: haproxy-int
  namespace: ingress-controller
data:
  max-connections: "10000"
  ssl-ciphers: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
  ssl-options: no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets
  syslog-endpoint: localhost:514
  http-log-format: "%ci:%cp\\ [%t]\\ %ft\\ %b/%s\\ %Tq/%Tw/%Tc/%Tr/%Tt\\ %ST\\ %B\\ %CC\\ \\ %CS\\ %tsc\\ %ac/%fc/%bc/%sc/%rc\\ %sq/%bq\\ %hr\\ %hs\\ %{+Q}r\\ {request_id=%ID\\ ssl_version=%sslv\\ ssl_cypher=%sslc}"
  https-log-format: "%ci:%cp\\ [%t]\\ %ft\\ %b/%s\\ %ST\\ %B\\ %tsc\\ %ac/%fc/%bc/%sc/%rc\\ %sq/%bq\\ %hr\\ %hs"
  use-proxy-protocol: "true"
  config-global: |
    unique-id-format %{+X}o\ %ci%cp_%fi%fp_%Ts_%rt%pid
    unique-id-header X-Request-ID
  config-frontend: |
    capture request header Host len 32
    capture request header X-Request-ID len 64
    capture request header User-Agent len 200

Hope it helps.

Thanks. I will try it