[AAI] Add option to disable access logging for liveness probes
- do not log probes when livenessAccessLogEnabled: false
Issue-ID: AAI-3715
Change-Id: Ic0197f37a6e835a44ecfc4163390ba5b28da66c8
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
diff --git a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
index 5ddd293..07919a9 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
+++ b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
@@ -27,14 +27,17 @@
<configuration>
<property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}'/>
+ <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}' />
<property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
<property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
+ <property name="livenessAccessLogEnabled"
+ value='{{.Values.accessLogback.livenessAccessLogEnabled}}' />
+
<if condition='property("logToFileEnabled").contains("true")'>
<then>
<appender name="ACCESS"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
<file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}.zip
@@ -43,17 +46,36 @@
<totalSizeCap>${totalSizeCap}</totalSizeCap>
</rollingPolicy>
<encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU}
+ %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST}
+ %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter}
+ %i{X-AAI-SSL-Client-DN} %D</Pattern>
</encoder>
</appender>
- <appender-ref ref="ACCESS"/>
+ <appender-ref ref="ACCESS" />
</then>
</if>
<appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
<encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - "logType": "access"</Pattern>
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O}
+ %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C}
+ %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D -
+ "logType": "access"</Pattern>
</encoder>
+ <if condition='property("livenessAccessLogEnabled").contains("false")'>
+ <then>
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.access.net.URLEvaluator">
+ <URL>/aai/util/echo</URL>
+ </evaluator>
+ <OnMismatch>NEUTRAL</OnMismatch>
+ <OnMatch>DENY</OnMatch>
+ </filter>
+ </then>
+ </if>
</appender>
<appender-ref ref="STDOUTACCESS" />
@@ -83,5 +105,4 @@
%z - Custom pattern that parses the cert for the subject
%y - Custom pattern determines rest or dme2
-->
-*/}}
-
+*/}}
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index 3a4d568..6bcc0f8 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -330,6 +330,7 @@
queueSize: 1000
accessLogback:
+ livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes
logToFileEnabled: false
maxHistory: 7
totalSizeCap: 1GB
diff --git a/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml
index 1d32a52..5e3a15c 100644
--- a/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml
+++ b/kubernetes/aai/components/aai-traversal/resources/config/localhost-access-logback.xml
@@ -21,35 +21,56 @@
-->
*/}}
<configuration scan="true" scanPeriod="60 seconds" debug="false">
- <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
- <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
- <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
- <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}'/>
+ <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />
+ <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />
+ <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />
+ <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}' />
+ <property name="livenessAccessLogEnabled"
+ value='{{.Values.accessLogback.livenessAccessLogEnabled}}' />
- <if condition='property("logToFileEnabled").contains("true")'>
- <then>
- <appender name="ACCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
- </fileNamePattern>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>
- </encoder>
- </appender>
- <appender-ref ref="ACCESS" />
- </then>
- </if>
-
- <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
+ <if condition='property("logToFileEnabled").contains("true")'>
+ <then>
+ <appender name="ACCESS" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}
+ </fileNamePattern>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
<encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
- <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - "logType": "access"</Pattern>
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU}
+ %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST}
+ %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter}
+ %i{X-AAI-SSL-Client-DN} %D</Pattern>
</encoder>
- </appender>
- <appender-ref ref="STDOUTACCESS" />
+ </appender>
+ <appender-ref ref="ACCESS" />
+ </then>
+ </if>
+
+ <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">
+ <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}
+ %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O}
+ %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C}
+ %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D -
+ "logType": "access"</Pattern>
+ </encoder>
+ <if condition='property("livenessAccessLogEnabled").contains("false")'>
+ <then>
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.access.net.URLEvaluator">
+ <URL>/aai/util/echo</URL>
+ </evaluator>
+ <OnMismatch>NEUTRAL</OnMismatch>
+ <OnMatch>DENY</OnMatch>
+ </filter>
+ </then>
+ </if>
+ </appender>
+ <appender-ref ref="STDOUTACCESS" />
</configuration>
{{/*<!--
%a - Remote IP address
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index 2b7e78f..a3772d8 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -248,6 +248,7 @@
queueSize: 1000
accessLogback:
+ livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes
logToFileEnabled: false
maxHistory: 7
totalSizeCap: 6GB