Make GCP proxy log in a Stackdriver logging compliant format

When not running locally, the logging formatter is set to convert the log record to a single-line JSON string that Stackdriver logging agent running in GKE will pick up and parse correctly. Also removed redundant logging handler in the proxy frontend connection. They have two problems: 1) it is possible to leak PII when all frontend traffic is logged, such as client IPs. Even though this is less of a concern because the GCP TCP proxy load balancer masquerade source IPs. 2) We are only logging the HTTP request/response that the frontend connection is sending to/receiving from the backend connection, but the backend already has its own logging handler to log the same message that it gets from/sends to the GAE app, so the logging in the frontend connection does not really give extra information. Logging of some potential PII information such as the source IP of a proxied connection are also removed. Thirdly, added a k8s autoscaling object that scales the containers based on CPU load. The default target load is 80%. This, in connection with GKE cluster VM autoscaling, means that when traffic is low, we'll only have one VM running one container of the proxy. Fixes a bug where the MetricsComponent generates a separate ProxyConfig that does not call parse method on the command line args passed, resulting default Environment always being used in constructing the metric reporter. Lastly a little bit of cleaning of the MOE config script, no newlines are necessary as the BUILD are formatted after string substitution. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=188029019
2025-05-12 22:38:16 +02:00 · 2018-03-06 08:55:35 -08:00 · 2018-03-06 08:55:35 -08:00 · 84eab90000
commit 84eab90000
parent 09e9823b9d
12 changed files with 317 additions and 51 deletions
--- a/java/google/registry/proxy/handler/ProxyProtocolHandler.java
+++ b/java/google/registry/proxy/handler/ProxyProtocolHandler.java
@ -17,7 +17,6 @@ package google.registry.proxy.handler;
 import static com.google.common.base.Preconditions.checkState;
 import static java.nio.charset.StandardCharsets.US_ASCII;

-import google.registry.util.FormattingLogger;
 import io.netty.buffer.ByteBuf;
 import io.netty.channel.ChannelHandlerContext;
 import io.netty.handler.codec.ByteToMessageDecoder;
@ -56,8 +55,6 @@ public class ProxyProtocolHandler extends ByteToMessageDecoder {
  public static final AttributeKey<String> REMOTE_ADDRESS_KEY =
      AttributeKey.valueOf("REMOTE_ADDRESS_KEY");

-  private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
-
  // The proxy header must start with this prefix.
  // Sample header: "PROXY TCP4 255.255.255.255 255.255.255.255 65535 65535\r\n".
  private static final byte[] HEADER_PREFIX = "PROXY".getBytes(US_ASCII);
@ -73,8 +70,6 @@ public class ProxyProtocolHandler extends ByteToMessageDecoder {
    super.channelRead(ctx, msg);
    if (finished) {
      if (proxyHeader != null) {
-        logger.finefmt("PROXIED CONNECTION: %s", ctx.channel());
-        logger.finefmt("PROXY HEADER: %s", proxyHeader);
        ctx.channel().attr(REMOTE_ADDRESS_KEY).set(proxyHeader.split(" ")[2]);
      } else {
        SocketAddress remoteAddress = ctx.channel().remoteAddress();
@ -82,7 +77,6 @@ public class ProxyProtocolHandler extends ByteToMessageDecoder {
          ctx.channel()
              .attr(REMOTE_ADDRESS_KEY)
              .set(((InetSocketAddress) remoteAddress).getAddress().getHostAddress());
-          logger.finefmt("REMOTE IP ADDRESS: %s", ctx.channel().attr(REMOTE_ADDRESS_KEY).get());
        }
      }
      ctx.pipeline().remove(this);