cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Explorer Local Logs in Azure API Management Self-hosted Gateway
By
racchen
Published Mar 24 2021 11:16 PM 3,015 Views
racchen
Microsoft
‎Mar 24 2021 11:16 PM

Explorer Local Logs in Azure API Management Self-hosted Gateway

‎Mar 24 2021 11:16 PM

Overview
The self-hosted gateway features expand API Management support for multi-cloud environments. You can place the gateway in their Docker, Kubernetes, or any other container orchestration solution which allows customers to optimize traffic flows, security, and compliance. However, you may wonder how to manage related logs and monitoring. Does the admin still need to connect to Azure? In this post, I would like to share how to configure Local logs or Azure API Management self-hosted gateway.

 

As mentioned in Microsoft Document: Configure local metrics and logs for Azure API Management self-hosted gateway | Microsoft Docs , self-hosted gateway output logs to stdout and stderr by default, and also supports multiple protocols. How can we view or get those logs? Let’s take a look!

Solutions

First, please follow the document here: Deploy a self-hosted gateway to Azure Kubernetes Service | Microsoft Docs to deploy a self-hosted gateway to Azure Kubernetes. There are some options to check local logs.

 

Option 1. Self-hosted gateway output logs to stdout and stderr on the host machine by default.

  1. Check stdout and stderr logs in Kubernetes
    1)  kubectl get pods: received pods name
    2)  kubectl logs <pod name>:check stdout and stderr logs
    racchen_2-1616642339594.png

     

  2. In Docker, the stdout and stderr from each container are stored in /var/lib/docker/containers

In Kubernetes, it creates a directory structure to help you find logs based on Pods. You can find the container logs for each Pod running on a node at /var/log/pods/<namespace>_<pod_name>_<pod_id>/<container_name>/
ref: Logging Architecture | Kubernetes

Example.

1.  After creating a self-hosting gateway, follow this doc SSH into Azure Kubernetes Service (AKS) cluster nodes - Azure Kubernetes Service | Microsoft Docs to SSH into the Kubernetes node.

2.  Then you can find related logs in the folder:
racchen_1-1616639333425.png

 

Option 2. Use additional endpoints to realize local logging trough different protocols

Azure API Management self-hosted gateway also supports a number of protocols including localsyslog, rfc5424, and journal. To realize this feature,  you need to mount /dev/log into a container from the host machine. It is because API Management does not log into files, but it logs into Syslog (local or remote), JournalD, or remote UDP endpoint in JSON format.

  • telemetry.logs.local must be set to localsyslog to enable syslog logging
  • To log into localsyslog - mount /dev/log from container host into the container.
  • To log into remote Syslog - specify UDP endpoint instead.
  • To log into journal - mount /var/run/systemd/journal/socket. To make localsyslog/journal work, you must mount host sockets into API Management ‘s container.
  • To log into fluentd - specify remote UDP endpoint.

Sample yaml file: 
Below is a complete sample yaml file for localsyslog

 

# NOTE: Before deploying to a production environment, please review the documentation -> https://aka.ms/self-hosted-gateway-production
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: localgateway-env
data:
  config.service.endpoint: "https://<APIMname>.management.azure-api.net/subscriptions/<subscriptionID>/resourceGroups/APIM/providers/Microsoft.ApiManagement/service/<APIMname>?api-version=2019-12-01"
  telemetry.logs.std: "text"
  telemetry.logs.local: "localsyslog"
  telemetry.logs.local.localsyslog.endpoint: "/dev/log"
  telemetry.logs.local.localsyslog.facility: "7"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: localgateway
spec:
  replicas: 1
  selector:
    matchLabels:
      app: localgateway
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 0
      maxSurge: 25%
  template:
    metadata:
      labels:
        app: localgateway
    spec:
      terminationGracePeriodSeconds: 60
      containers:
      - name: localgateway
        image: mcr.microsoft.com/azure-api-management/gateway:latest
        volumeMounts:
        - name: logs
          mountPath: /dev/log
        ports:
        - name: http
          containerPort: 8080
        - name: https
          containerPort: 8081
        readinessProbe:
          httpGet:
            path: /internal-status-0123456789abcdef
            port: http
            scheme: HTTP
          initialDelaySeconds: 0
          periodSeconds: 5
          failureThreshold: 3
          successThreshold: 1
        env:
        - name: config.service.auth
          valueFrom:
            secretKeyRef:
              name: localgateway-token
              key: value
        envFrom:
        - configMapRef:
            name: localgateway-env
      volumes:
        - name: logs
          hostPath:
            path: /dev/log
            type: Socket
---
apiVersion: v1
kind: Service
metadata:
  name: localgateway
spec:
  type: LoadBalancer
  externalTrafficPolicy: Local
  ports:
  - name: http
    port: 80
    targetPort: 8080
  - name: https
    port: 443
    targetPort: 8081
  selector:
    app: localgateway

 

Lab

  • In this lab, I deployed the yaml file above in my AKS service.
  • After deployment, use kubectl get deployment to confirm the deployment is ready.
    racchen_0-1616645248918.png
  • Check the IP address of this service by the command kubectl get service.
  • Send a few requests from the Postman.
    racchen_0-1616645329341.png
  • Logs can be found under /var/log/syslog.
    racchen_1-1616645400085.png

     

 
Co-Authors
Version history
Last update:
‎Mar 24 2021 11:42 PM
Updated by:
Labels