Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-2003

httpslogformat Option for the Ingress Controller

XMLWordPrintable

    • Product / Portfolio Work
    • None
    • 0% To Do, 100% In Progress, 0% Done
    • False
    • Hide

      None

      Show
      None
    • False
    • S
    • None
    • None
    • None
    • None
    • None
    • None

      Feature Overview (aka. Goal Summary)  

      Create an httpslogformat option in ingresscontroller similar to HAProxy's [https-access-log-format|httpslogformat similar to
      https://www.haproxy.com/documentation/hapee/latest/observability/logging/log-formats/#https-access-log-format

      Goals (aka. expected user outcomes)

      Customers require the ability to ** log extra SSL-related attributes for troubleshooting purposes.  

      Requirements (aka. Acceptance Criteria):

      • Add an API field for the functionality. 

      Anyone reviewing this Feature needs to know which deployment configurations that the Feature will apply to (or not) once it's been completed.  Describe specific needs (or indicate N/A) for each of the following deployment scenarios. For specific configurations that are out-of-scope for a given release, ensure you provide the OCPSTRAT (for the future to be supported configuration) as well.

      Deployment considerations List applicable specific needs (N/A = not applicable)
      Self-managed, managed, or both  
      Classic (standalone cluster)  
      Hosted control planes  
      Multi node, Compact (three node), or Single node (SNO), or all  
      Connected / Restricted Network  
      Architectures, e.g. x86_x64, ARM (aarch64), IBM Power (ppc64le), and IBM Z (s390x)  
      Operator compatibility  
      Backport needed (list applicable versions)  
      UI need (e.g. OpenShift Console, dynamic plugin, OCM)  
      Other (please specify)  

      Background

      While it is currently possible to customize the HTTP log format (via the spec.logging.access.httpLogFormat field), the HTTPS log format cannot be changed.

      Development effort is sized S/M. 

      Customer Considerations

      Currently, the only work-around is to run an unmanaged instance of HAProxy with the configuration. 

              mcurry@redhat.com Marc Curry
              mcurry@redhat.com Marc Curry
              None
              Miciah Masters, Ryan O'Hara
              Ben Bennett Ben Bennett
              Ryan O'Hara Ryan O'Hara
              None
              Ashley Hardin Ashley Hardin
              Chris Fields Chris Fields
              Miciah Masters Miciah Masters
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: