Example on Envoy-xray integration #10442
Comments
mattklein123
added
question
|
cc @marcomagdy would be nice to get a doc update on this if needed. |
tracing:
http:
name: envoy.tracers.xray
config:
sampling_rule_manifest:
filename: /tmp/rules.json
daemon_endpoint:
protocol: UDP
address: 127.0.0.1
port_value: 2000For more information on the contents of the rule.json file see the x-ray documentation I'll update the documentation in Envoy with a complete example as soon as I can. |
|
Hi @marcomagdy thanks for quick response, I added following configuration in envoy.yaml, still i don't see segment are being push to xray_daemon. tracing: debug logs from xray_daemon |
|
There is no more configuration needed. You either have a low sampling rate that's why you are not seeing anything sent to the daemon. You need to send more requests. Or the rules you set are not matching any of the requests you are making. |
|
I am allowing all paths with * here is my rules.json file { |
|
Verify two things:
static_resources:
listeners:
- name: listener_0
address:
socket_address: { address: 0.0.0.0, port_value: 10000 }
filter_chains:
- filters:
- name: envoy.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
stat_prefix: ingress_http
tracing: {} # <---- this MUST exist for the tracer to work
codec_type: AUTO
route_config:Use the non-deprecated configuration: tracing:
http:
name: envoy.tracers.xray
typed_config:
"@type": type.googleapis.com/envoy.config.trace.v3.XRayConfig
segment_name: "Envoy" # You must set this until v1.14
daemon_endpoint:
protocol: UDP
address: 127.0.0.1
port_value: 2000
sampling_rule_manifest:
filename: /xray_daemon/rules.json
|
|
Hi @marcomagdy, Thank for quick help, After adding tracing:{}, I can now see segments buffer being pushed by xray_daemon to xray API and able to view trace in console. However i can only see client--> envoy trace in console, what is the configuration needed for tracing http filters like "envoy.filters.http.jwt_authn , envoy.config.filter.http.ext_authz.v2.ExtAuthz" and downstream routes. |
|
None of the tracers collect traces inside of Envoy AFAIK (definitely not X-Ray). |
|
@marcomagdy if am understanding correct, xray tace id cannot be passed to upstream clusters to see end-end distrbuted trace view map in AWS console ? |
|
xray-trace-id does get passed to upstream clusters. |
|
@marcomagdy, Without xray-trace-id being passed to upstream, how can we implement distributed tracing using envoy? Can we except this feature anytime soon? |
|
it DOES get passed to upstream |
|
@marcomagdy Thank you, Sorry i overlooked your previous comment |
|
One last final question, xray-trace-id is being passed to http_filters and upstream cluster. ParentId is being passed to http_filters, but it's not passing parentId to upstream cluster which is resulting in creating two map view in aws Xray console. XRAY RAW DATA{ |
|
Maybe the filter is stripping out the trace header. That's not something the tracer is doing. |
|
@marcomagdy after upgrading envoy version to latest 1.14.1, i can now see parentId is being is passed to upstream clusters. However i am seeing same document name(defaulted to route cluster name) for all http_filters(envoy.filters.http.jwt_authn and envoy.ext_authz) is this expected behaviour ? {
"Duration": 0.254,
"Id": "1-5e959e6f-b7b2649af04414a63b1c9fcc",
"Segments": [
{
"Document": {
"id": "00001e8e513c491b",
"name": "app",
"start_time": 1586863728.045335,
"trace_id": "1-5e959e6f-b7b2649af04414a63b1c9fcc",
"end_time": 1586863728.048488,
"parent_id": "00001e8e4272f98b",
"annotations": {
"ext_authz_status": "ext_authz_ok",
"component": "proxy",
"upstream_cluster": "ext_authz"
}
},
"Id": "00001e8e513c491b"
},
{
"Document": {
"id": "2b871b497b07c104",
"name": "webservice",
"start_time": 1586863728.049,
"trace_id": "1-5e959e6f-b7b2649af04414a63b1c9fcc",
"end_time": 1586863728.05,
"parent_id": "00001e8e4272f98b",
"http": {
"request": {
"url": "http://example.com/api/v1/test",
"method": "GET",
"user_agent": "PostmanRuntime/7.17.1",
"client_ip": "xxxxxx",
"x_forwarded_for": true
},
"response": {
"status": 200,
"content_length": 50
}
},
"aws": {
"xray": {
"sdk_version": "2.3.0",
"sdk": "X-Ray for Java"
}
},
"service": {
"runtime": "OpenJDK 64-Bit Server VM",
"runtime_version": "1.8.0_242"
}
},
"Id": "2b871b497b07c104"
},
{
"Document": {
"id": "00001e8e4272f98b",
"name": "app",
"start_time": 1586863727.797046,
"trace_id": "1-5e959e6f-b7b2649af04414a63b1c9fcc",
"end_time": 1586863728.050865,
"http": {
"request": {
"url": "http://example.com/api/v1/test",
"method": "GET",
"user_agent": "PostmanRuntime/7.17.1",
"client_ip": "xxxxxxx"
},
"response": {}
},
"annotations": {
"response_flags": "-",
"component": "proxy",
"upstream_cluster": "app",
"request_size": "0",
"downstream_cluster": "-"
}
},
"Id": "00001e8e4272f98b"
},
{
"Document": {
"id": "00001e8e427512a1",
"name": "app",
"start_time": 1586863727.797399,
"trace_id": "1-5e959e6f-b7b2649af04414a63b1c9fcc",
"end_time": 1586863728.044906,
"parent_id": "00001e8e4272f98b",
"http": {
"response": {}
},
"annotations": {
"response_flags": "-",
"component": "proxy",
"upstream_cluster": "jkws_cluster",
"upstream_address": "xxxxxxxxxxxx"
}
},
"Id": "00001e8e427512a1"
}
]
}``` |
|
The segment name is that same for all traces of a given envoy. |
|
@marcomagdy In my current configuration segment_name is same for all traces which "app", is there a way to add unique segment_name for each upstream_cluster ? |
|
Not that I know of. Envoy uses a single tracer for all clusters. |
|
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or other activity occurs. Thank you for your contributions. |
stale
bot
added
the
stale
|
This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted". Thank you for your contributions. |
|
I am trying with below config in envoy, but not working. any suggestions?
|
|
Hello @marcomagdy! Could you please suggest how one should modify config to use DNS (resolvable inside k8s cluster with istio) for address instead of IP ? |
Can someone provide configuration example on Envoy with Aws xray?
Thanks
The text was updated successfully, but these errors were encountered: