From 409b071161644cd38c0966d796dabf3c761a492c Mon Sep 17 00:00:00 2001 From: Gus Luxton Date: Fri, 14 Jan 2022 22:21:13 -0400 Subject: [PATCH] helm: Add logging configuration to teleport-kube-agent chart (#9632) * [helm] Re-add space after type in service definition (#9503) The whitespace after `type:` was being trimmed, which was causing a lint error. Not sure how this got through the linter in the first place. * helm: Adds log configuration to teleport-kube-agent chart * Remove erroneous value * Update reference.mdx Remove shell prompt character --- .../kubernetes-access/helm/reference.mdx | 90 ++++++++++++++++++- .../teleport-kube-agent/.lint/log-basic.yaml | 6 ++ .../teleport-kube-agent/.lint/log-extra.yaml | 8 ++ .../teleport-kube-agent/.lint/log-legacy.yaml | 4 + .../teleport-kube-agent/templates/config.yaml | 8 +- .../teleport-kube-agent/values.schema.json | 38 ++++++-- .../chart/teleport-kube-agent/values.yaml | 23 +++-- 7 files changed, 160 insertions(+), 17 deletions(-) create mode 100644 examples/chart/teleport-kube-agent/.lint/log-basic.yaml create mode 100644 examples/chart/teleport-kube-agent/.lint/log-extra.yaml create mode 100644 examples/chart/teleport-kube-agent/.lint/log-legacy.yaml diff --git a/docs/pages/kubernetes-access/helm/reference.mdx b/docs/pages/kubernetes-access/helm/reference.mdx index b4d7717253d74..714025c39b326 100644 --- a/docs/pages/kubernetes-access/helm/reference.mdx +++ b/docs/pages/kubernetes-access/helm/reference.mdx @@ -1894,13 +1894,19 @@ $ kubectl --namespace teleport create secret generic teleport-kube-agent-join-to -## `logLevel` +## `log` + +### `log.level` + + + This field used to be called `logLevel`. For backwards compatibility this name can still be used, but we recommend changing your values file to use `log.level`. + | Type | Default value | | - | - | | `string` | `INFO` | -`logLevel` sets the log level used for the Teleport process. +`log.level` sets the log level used for the Teleport process. Available log levels (in order of most to least verbose) are: `DEBUG`, `INFO`, `WARNING`, `ERROR`. @@ -1911,12 +1917,88 @@ The default is `INFO`, which is recommended in production. ```yaml - logLevel: DEBUG + log: + level: DEBUG + ``` + + + ```code + --set log.level=DEBUG + ``` + + + +### `log.output` + +| Type | Default value | Can be used in `custom` mode? | `teleport.yaml` equivalent | +| - | - | - | - | +| `string` | `stderr` | ❌ | `teleport.log.output` | + +`log.output` sets the output destination for the Teleport process. + +This can be set to any of the built-in values: `stdout`, `stderr` or `syslog` to use that destination. + +The value can also be set to a file path (such as `/var/log/teleport.log`) to write logs to a file. Bear in mind that a few service startup messages will still go to `stderr` for resilience. + + + + ```yaml + log: + output: stderr + ``` + + + ```code + --set log.output=stderr + ``` + + + +### `log.format` + +| Type | Default value | Can be used in `custom` mode? | `teleport.yaml` equivalent | +| - | - | - | - | +| `string` | `text` | ❌ | `teleport.log.format.output` | + +`log.format` sets the output type for the Teleport process. + +Possible values are `text` (default) or `json`. + + + + ```yaml + log: + format: json ``` ```code - $ --set logLevel=DEBUG + --set log.format=json + ``` + + + +### `log.extraFields` + +| Type | Default value | Can be used in `custom` mode? | `teleport.yaml` equivalent | +| - | - | - | - | +| `list` | `["timestamp", "level", "component", "caller"]` | ❌ | `teleport.log.format.extra_fields` | + +`log.extraFields` sets the fields used in logging for the Teleport process. + +See the [Teleport config file reference](../../setup/reference/config.mdx) for more details on possible values for `extra_fields`. + + + + ```yaml + log: + extraFields: ["timestamp", "level"] + ``` + + + ```code + --set "log.extraFields[0]=timestamp" \ + --set "log.extraFields[1]=level" ``` diff --git a/examples/chart/teleport-kube-agent/.lint/log-basic.yaml b/examples/chart/teleport-kube-agent/.lint/log-basic.yaml new file mode 100644 index 0000000000000..46d87a7864887 --- /dev/null +++ b/examples/chart/teleport-kube-agent/.lint/log-basic.yaml @@ -0,0 +1,6 @@ +authToken: auth-token +proxyAddr: proxy.example.com:3080 +kubeClusterName: test-kube-cluster-name +log: + format: json + level: INFO diff --git a/examples/chart/teleport-kube-agent/.lint/log-extra.yaml b/examples/chart/teleport-kube-agent/.lint/log-extra.yaml new file mode 100644 index 0000000000000..656190d461bf6 --- /dev/null +++ b/examples/chart/teleport-kube-agent/.lint/log-extra.yaml @@ -0,0 +1,8 @@ +authToken: auth-token +proxyAddr: proxy.example.com:3080 +kubeClusterName: test-kube-cluster-name +log: + format: json + level: DEBUG + output: /var/lib/teleport/test.log + extraFields: ["level", "timestamp", "component", "caller"] diff --git a/examples/chart/teleport-kube-agent/.lint/log-legacy.yaml b/examples/chart/teleport-kube-agent/.lint/log-legacy.yaml new file mode 100644 index 0000000000000..8d3767b63b1c2 --- /dev/null +++ b/examples/chart/teleport-kube-agent/.lint/log-legacy.yaml @@ -0,0 +1,4 @@ +authToken: auth-token +proxyAddr: proxy.example.com:3080 +kubeClusterName: test-kube-cluster-name +logLevel: DEBUG diff --git a/examples/chart/teleport-kube-agent/templates/config.yaml b/examples/chart/teleport-kube-agent/templates/config.yaml index 0bfdfb556c830..aceb7506b8935 100644 --- a/examples/chart/teleport-kube-agent/templates/config.yaml +++ b/examples/chart/teleport-kube-agent/templates/config.yaml @@ -1,3 +1,4 @@ +{{- $logLevel := (coalesce .Values.logLevel .Values.log.level "INFO") -}} apiVersion: v1 kind: ConfigMap metadata: @@ -12,8 +13,11 @@ data: auth_token: "/etc/teleport-secrets/auth-token" auth_servers: ["{{ required "proxyAddr is required in chart values" .Values.proxyAddr }}"] log: - severity: {{ .Values.logLevel }} - output: stderr + severity: {{ $logLevel }} + output: {{ .Values.log.output }} + format: + output: {{ .Values.log.format }} + extra_fields: {{ .Values.log.extraFields | toJson }} kubernetes_service: {{- if or (contains "kube" (.Values.roles | toString)) (empty .Values.roles) }} diff --git a/examples/chart/teleport-kube-agent/values.schema.json b/examples/chart/teleport-kube-agent/values.schema.json index 19095187047c2..6706eb9e37d25 100644 --- a/examples/chart/teleport-kube-agent/values.schema.json +++ b/examples/chart/teleport-kube-agent/values.schema.json @@ -19,7 +19,7 @@ "clusterRoleBindingName", "serviceAccountName", "secretName", - "logLevel", + "log", "affinity", "annotations", "extraVolumes", @@ -146,11 +146,37 @@ "type": "string", "default": "teleport-kube-agent-join-token" }, - "logLevel": { - "$id": "#/properties/logLevel", - "type": "string", - "enum": ["DEBUG", "INFO", "WARN", "WARNING", "ERROR"], - "default": "INFO" + "log": { + "$id": "#/properties/log", + "type": "object", + "required": [ + "output", + "format", + "extraFields" + ], + "properties": { + "level": { + "$id": "#/properties/log/properties/level", + "type": "string", + "enum": ["DEBUG", "INFO", "WARN", "WARNING", "ERROR"], + "default": "INFO" + }, + "deployment": { + "$id": "#/properties/log/properties/output", + "type": "string", + "default": {} + }, + "pod": { + "$id": "#/properties/log/properties/format", + "type": "string", + "default": {} + }, + "service": { + "$id": "#/properties/log/properties/extraFields", + "type": "array", + "default": {} + } + } }, "affinity": { "$id": "#/properties/affinity", diff --git a/examples/chart/teleport-kube-agent/values.yaml b/examples/chart/teleport-kube-agent/values.yaml index 5b98215a835a6..6fb600fca67ce 100644 --- a/examples/chart/teleport-kube-agent/values.yaml +++ b/examples/chart/teleport-kube-agent/values.yaml @@ -101,11 +101,24 @@ clusterRoleBindingName: "" serviceAccountName: "" # Name of the Secret to store the teleport join token. secretName: teleport-kube-agent-join-token -# Log level for the Teleport process. -# Available log levels are: DEBUG, INFO, WARNING, ERROR. -# The default is INFO, which is recommended in production. -# DEBUG is useful during first-time setup or to see more detailed logs for debugging. -logLevel: INFO + +# Teleport logging configuration +log: + # Log level for the Teleport process. + # Available log levels are: DEBUG, INFO, WARNING, ERROR. + # The default is INFO, which is recommended in production. + # DEBUG is useful during first-time setup or to see more detailed logs for debugging. + level: INFO + # Log output + # Use a file path to log to disk: e.g. '/var/lib/teleport/teleport.log' + # Other supported values: 'stdout', 'stderr' and 'syslog' + output: stderr + # Log format configuration + # Possible output values are 'json' and 'text' (default). + format: text + # Possible extra_fields values include: timestamp, component, caller, and level. + # All extra fields are included by default. + extraFields: ["timestamp", "level", "component", "caller"] ################################## # Extra Kubernetes configuration #