ingress-nginx持久化日志

发表于 | 分类于 | 浏览

介绍

nginx-ingress-controller的日志包括三个部分:

  • controller日志: 输出到stdout,通过启动参数中的–log_dir可已配置输出到文件,重定向到文件后会自动轮转,但不会自动清理
  • accesslog:输出到stdout,通过nginx-configuration中的字段可以配置输出到哪个文件。输出到文件后不会自动轮转或清理
  • errorlog:输出到stderr,配置方式与accesslog类似。

落盘

在ingress nginx所在的节点,创建落盘日志目录,并赋予权限

1
2
mkdir -pv /var/lib/docker/nginxlogs/ingress
chown -R 33:33 ingress

将controler日志输出到文件

1
2
3
4
5
6
7
8
9
10
args:
            - /nginx-ingress-controller
            - --configmap=$(POD_NAMESPACE)/nginx-configuration
            - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
            - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
            - --publish-service=$(POD_NAMESPACE)/ingress-nginx
            - --annotations-prefix=nginx.ingress.kubernetes.io
            # 设置controller日志的输出路径和方式
            - --log_dir=/var/log/nginx/
            - --logtostderr=false

修改configmap设置access日志,error日志,以及logformat格式

1
2
3
4
5
worker-processes: "4"
use-forwarded-headers: "true"
log-format-upstream: "[$host] [$remote_addr] [$http_x_forwarded_for] [$remote_user] [$time_local] [$request] [$status] [$body_bytes_sent] [$request_time] [$upstream_addr] [$upstream_response_time] [$connection] [$connection_requests] [$msec] [$uri] [$body_bytes_sent] [$http_referer] [$http_user_agent] [$request_length] [$http_session_id]"
access-log-path: "/var/log/nginx/access.log"
error-log-path: "/var/log/nginx/error.log"

挂载日志

1
2
3
4
5
6
7
8
9
10
11
12
13
    volumeMounts:
      - mountPath: /etc/localtime
        name: localtime
        readOnly: true
      - mountPath: /var/log/nginx
        name: app-log
volumes:
  - name: localtime
    hostPath:
      path: /etc/localtime
  - name: app-log
    hostPath:
      path: "/var/lib/docker/nginxlogs/ingress"

效果

1
2
3
4
5
6
7
8
9
10
[root@ingress]# ll
total 12
-rw-r--r-- 1 33 tape    0 March 23 09:25 access.log
-rw-r--r-- 1 33 tape    0 March  23 09:25 error.log
-rw-r--r-- 1 33 tape  265 March  23 09:25 nginx-ingress-controller.k8s-node-13.www-data.log.ERROR.20200423-092512.6
-rw-r--r-- 1 33 tape 2996 March  23 09:25 nginx-ingress-controller.k8s-node-13.www-data.log.INFO.20200423-092510.6
-rw-r--r-- 1 33 tape  543 March  23 09:25 nginx-ingress-controller.k8s-node-13.www-data.log.WARNING.20200423-092510.6
lrwxrwxrwx 1 33 tape   82 March  23 09:25 nginx-ingress-controller.ERROR -> nginx-ingress-controller.k8s-node-13.www-data.log.ERROR.20200323-092512.6
lrwxrwxrwx 1 33 tape   81 March  23 09:25 nginx-ingress-controller.INFO -> nginx-ingress-controller.k8s-node-13.www-data.log.INFO.20200323-092510.6
lrwxrwxrwx 1 33 tape   84 March  23 09:25 nginx-ingress-controller.WARNING -> nginx-ingress-controller.k8s-node-13.www-data.log.WARNING.20200323-092510.6

带域名的访问日志

没有找到全局通过变量日志自动带域名的方式, 有知道的小伙伴可以联系我

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: tomcat-test
  namespace: test
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/enable-access-log: "true"
    nginx.ingress.kubernetes.io/configuration-snippet: |
      access_log /var/log/nginx/test.sy.com.log;
spec:
  rules:
  - host: test.sy.com
    http:
      paths:
      - path: /
        backend:
          serviceName: tomcat-test
          servicePort: 6080
1
2
[root@ingress]# tail -f test.sy.com.log 
10.16.8.15 - - [23/March/2020:09:33:44 +0800] "GET /abc/check_health.jsp HTTP/1.1" 200 16 "-" "curl/7.29.0"

参考链接

Donate