How to enable HAProxy ingress router access log in Openshift 4
Environment
- Red Hat OpenShift Container Platform (RHOCP)
- 4
- IngressController
- HAProxy
Issue
- Is it possible to enable HAProxy access logs in the ingress router in Openshift 4?
- How to workaround ingress access logging for Openshift prior to 4.5?
Resolution
Note: For OSD and ROSA, refer to Customize the ingresscontroller in OSD and ROSA.
Starting with OpenShift 4.5, enabling the ingress access logs is available as per explained in Ingress Controller enhancements. Refer to current documentation for Configuring Ingress access logging.
Refer also to Gathering HAProxy Ingress Access Logs and how to analyze them for additional information.
Note: while it is currently possible to customize the HTTP log format (via the
spec.logging.access.httpLogFormatfield), the HTTPS log format cannot be changed, and RFE-3811 was created for requesting it to be customizable.
Root Cause
Enabling the ingress access logs is available in current OpenShift 4 versions.
Diagnostic Steps
Check if the Ingress access logging is enabled:
$ oc get ingresscontroller default -n openshift-ingress-operator
[...]
logging:
access:
destination:
type: Container
httpLogFormat: '%ci:%cp [%t] %ft %b/%s %B %bq %HM %HU %HV'
[...]
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments