Overview
This document introduces how to configure Nginx Ingress to integrate monitoring and logging systems to enhance observability, including integration with Tencent Cloud hosted products like Prometheus, Grafana, and CLS, as well as with self-built Prometheus and Grafana.
Integrating with Prometheus Monitoring
controller:
metrics:
enabled: true
serviceMonitor:
enabled: true
Integrating with Grafana Monitoring Dashboards
Integrating with CLS
The following content introduces how to collect the access log of Nginx Ingress Controller to CLS and analyze logs using the CLS dashboard.
1. Configure the format of the Nginx access logs in values.yaml
and set the timezone to display the local time for better readability:
controller:
config:
log-format-upstream:
$remote_addr - $remote_user [$time_local] "$request"
$status $body_bytes_sent "$http_referer" "$http_user_agent"
$request_length $request_time [$proxy_upstream_name] [$proxy_alternative_upstream_name] $upstream_addr
$upstream_response_length $upstream_response_time $upstream_status $req_id $host
extraEnvs:
- name: TZ
value: Asia/Shanghai
2. Ensure that the log collection feature is enabled for the cluster.
3. Prepare CLS log sets and log topics for Nginx Ingress Controller. If you do not have them, go to the CLS Console, create them as needed, and record the log topic ID. 4. Enable indexing for the log topic:
Go to the Index Configuration page of Log Topic, and click Edit: Enable indexing. The full-text segmentation symbol is @&?|#()='",;:<>[]{}/ \\n\\t\\r\\\\
:
Bulk add index fields (match the configuration shown below):
Perform advanced settings:
5. Create TKE log collection rules (choose one based on actual situation):
Note:
The configuration item that must be replaced is topicId
, which is the log topic ID, indicating that the collected logs will be sent to the corresponding CLS log topic.
Depending on your situation, choose whether to collect standard output or log files. By default, Nginx Ingress outputs logs to standard output. You can also choose to save logs to log files. For details, refer to [Log Rotation].
Collect standard output:
apiVersion: cls.cloud.tencent.com/v1
kind: LogConfig
metadata:
name: ingress-nginx-controller
spec:
clsDetail:
topicId: "********-****-****-****-************"
logType: fullregex_log
extractRule:
beginningRegex: (\\S+)\\s-\\s(\\S+)\\s\\[([^\\]]+)\\]\\s\\"(\\w+)\\s(\\S+)\\s([^\\"]+)\\"\\s(\\S+)\\s(\\S+)\\s\\"([^\\"]*)\\"\\s\\"([^\\"]*)\\"\\s(\\S+)\\s(\\S+)\\s\\[([^\\]]*)\\]\\s\\[([^\\]]*)\\]\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)
logRegex: (\\S+)\\s-\\s(\\S+)\\s\\[([^\\]]+)\\]\\s\\"(\\w+)\\s(\\S+)\\s([^\\"]+)\\"\\s(\\S+)\\s(\\S+)\\s\\"([^\\"]*)\\"\\s\\"([^\\"]*)\\"\\s(\\S+)\\s(\\S+)\\s\\[([^\\]]*)\\]\\s\\[([^\\]]*)\\]\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)
keys:
- remote_addr
- remote_user
- time_local
- timestamp
- method
- url
- version
- status
- body_bytes_sent
- http_referer
- http_user_agent
- request_length
- request_time
- proxy_upstream_name
- proxy_alternative_upstream_name
- upstream_addr
- upstream_response_length
- upstream_response_time
- upstream_status
- req_id
- sys_address
inputDetail:
type: container_stdout
containerStdout:
namespace: ingress-nginx
workload:
kind: deployment
name: ingress-nginx-controller
Collecting log files:
apiVersion: cls.cloud.tencent.com/v1
kind: LogConfig
metadata:
name: ingress-nginx-controller
spec:
clsDetail:
topicId: "********-****-****-****-************"
logType: fullregex_log
extractRule:
beginningRegex: (\\S+)\\s-\\s(\\S+)\\s\\[([^\\]]+)\\]\\s\\"(\\w+)\\s(\\S+)\\s([^\\"]+)\\"\\s(\\S+)\\s(\\S+)\\s\\"([^\\"]*)\\"\\s\\"([^\\"]*)\\"\\s(\\S+)\\s(\\S+)\\s\\[([^\\]]*)\\]\\s\\[([^\\]]*)\\]\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)
logRegex: (\\S+)\\s-\\s(\\S+)\\s\\[([^\\]]+)\\]\\s\\"(\\w+)\\s(\\S+)\\s([^\\"]+)\\"\\s(\\S+)\\s(\\S+)\\s\\"([^\\"]*)\\"\\s\\"([^\\"]*)\\"\\s(\\S+)\\s(\\S+)\\s\\[([^\\]]*)\\]\\s\\[([^\\]]*)\\]\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)\\s(\\S+)
keys:
- remote_addr
- remote_user
- time_local
- timestamp
- method
- url
- version
- status
- body_bytes_sent
- http_referer
- http_user_agent
- request_length
- request_time
- proxy_upstream_name
- proxy_alternative_upstream_name
- upstream_addr
- upstream_response_length
- upstream_response_time
- upstream_status
- req_id
- sys_address
inputDetail:
type: container_file
containerFile:
namespace: ingress-nginx
workload:
kind: deployment
name: ingress-nginx-controller
container: controller
logPath: /var/log/nginx
filePattern: nginx_access.log
6. Test Ingress requests to generate log data.
7. Go to the Search and Analyze page in the CLS console, select the log topic used by Nginx Ingress, and ensure the logs can be retrieved properly.
Was this page helpful?