Cloud Service Mesh (CSM)

Istio adalah komponen Cloud Service Mesh yang dapat dioperasikan dan diaudit.

Lokasi workload

Workload root dan organisasi
Sumber log audit

Istio Service Mesh Envoy
Operasi yang diaudit

Permintaan dan respons yang diterima

Permintaan dan respons yang diterima

Kolom dalam entri log yang berisi informasi audit
Metadata audit Nama kolom audit Nilai
Identitas pengguna atau layanan username

Misalnya,

"username": "fop-cluster-admin@example.com"

Target

(Kolom dan nilai yang memanggil API)
  • authority
  • resource.cluster_name
  • resource.log_name
  • resource.node_name
  • resource.zone_name

Misalnya,

"authority": "console.zone1.google.gdch.test",
"resource": {
  "cluster_name": "fleet-admin-platform.gpc-system",
  "log_name": "otel_envoy_accesslog",
  "node_name": "sidecar~10.253.132.163",
  "zone_name": "europe-west4-a"
  }

Tindakan

(Kolom yang berisi operasi yang dilakukan)
  • body
  • bytes_received
  • bytes_sent
  • connection_termination_details
  • downstream_local_address
  • downstream_remote_address
  • duration
  • method

Misalnya,

"body": {},
"bytes_received": "0",
"bytes_sent": "46259",
"connection_termination_details": "-",
"downstream_local_address": "10.253.132.163:80",
"downstream_remote_address": "10.200.0.1:0",
"duration": "4",
"method": "GET"

Stempel waktu peristiwa
  • start_time
  • time_unix_nano

Misalnya,

"start_time": "2022-11-15T23:59:41.041Z",
"time_unix_nano": 1668556781041333000

Sumber tindakan downstream_remote_address

Misalnya,

"downstream_remote_address": "10.200.0.1:0"
Hasil response_code

Misalnya,

"response_code": "200"
Kolom lainnya Tidak berlaku Tidak berlaku

Contoh log

{
  "authority":"cortex-tenant.obs-system.svc:9009",
  "body":{},
  "bytes_received":"573",
  "bytes_sent":"19",
  "connection_termination_details":"-",
  "downstream_local_address":"10.253.132.167:9009",
  "downstream_remote_address":"10.253.132.122:48272",
  "duration":"1",
  "method":"POST",
  "observed_time_unix_nano":0,
  "path":"/push",
  "protocol":"HTTP/1.1",
  "requested_server_name":"-",
  "resource":{
    "cluster_name":"cortex-tenant.obs-system",
    "log_name":"otel_envoy_accesslog",
    "node_name":"sidecar~10.253.132.167~cortex-tenant-7b9678cfb5-tl4xz.obs-system~obs-system.svc.cluster.local",
    "zone_name":"us-east1-b"
    },
  "response_code":"503",
  "response_code_details":"via_upstream",
  "response_flags":"-",
  "route_name":"default",
  "severity_number":0,
  "severity_text":"",
  "start_time":"2022-11-18T15:59:55.958Z",
  "time_unix_nano":1668787195958027000,
  "upstream_cluster":"inbound|9009||",
  "upstream_host":"10.253.132.167:9009",
  "upstream_local_address":"127.0.0.6:43899",
  "upstream_transport_failure_reason":"-",
  "user_agent":"Prometheus/2.29.2",
  "username":"-",
  "x_envoy_upstream_service_time":"1",
  "x_forwarded_for":"-",
  "x_goog_api_client":"-",
  "x_request_id":"9e942509-9d28-4164-850f-9666b3eb272e"
}