Envoy ALS(access log service) provides fully logs about RPC routed, including HTTP and TCP.
If solution initialized and first implemented by Sheng Wu, Hongtao Gao, Lizan Zhou, and Dhi Aurrahman at 17 May. 2019, and presented on KubeCon China 2019. Here is the recorded Video.
SkyWalking is the first open source project introducing this ALS based solution to the world. This provides a new way with very low payload to service mesh, but the same observability.
You need three steps to open ALS.
Open envoyAccessLogService in istio by enabling envoyAccessLogService in ProxyConfig.
Upper istio 1.6.0, if istio installed by demo profile, you can open ALS ues command:
istioctl manifest apply --set profile=demo --set meshConfig.defaultConfig.envoyAccessLogService.address=skywalking-oap.skywalking.svc:11800 --set meshConfig.enableEnvoyAccessLogService=true
Note:Skywalking oap service is at skywalking namespace, and the port of gRPC service is 11800
(Default is ACTIVATED) Activate SkyWalking envoy receiver.
Active ALS k8s-mesh analysis, set system env variable SW_ENVOY_METRIC_ALS_HTTP_ANALYSIS
=k8s-mesh
envoy-metric: selector: ${SW_ENVOY_METRIC:default} default: acceptMetricsService: ${SW_ENVOY_METRIC_SERVICE:true} alsHTTPAnalysis: ${SW_ENVOY_METRIC_ALS_HTTP_ANALYSIS:""} # Setting the system env variable would override this.
Note multiple value,please use ,
symbol split
Here's an example to deploy SkyWalking by Helm chart.
istioctl install --set profile=demo --set meshConfig.defaultConfig.envoyAccessLogService.address=skywalking-oap.istio-system:11800 --set meshConfig.enableEnvoyAccessLogService=true git checkout https://github.com/apache/skywalking-kubernetes.git cd skywalking-kubernetes/chart helm repo add elastic https://helm.elastic.co helm dep up skywalking helm install 8.1.0 skywalking -n istio-system --set oap.env.SW_ENVOY_METRIC_ALS_HTTP_ANALYSIS=k8s-mesh --set fullnameOverride=skywalking --set oap.envoy.als.enabled=true
Notice, only use this when envoy under Istio controlled, also in k8s env. The OAP requires the read right to k8s API server for all pods IPs.
You can use kubectl logs ${You-OAP-Pod} | grep "K8sALSServiceMeshHTTPAnalysis"
to ensure OAP ALS k8s-mesh analysis has been active.