-
Notifications
You must be signed in to change notification settings - Fork 166
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Admin] add log level customization command #1362
Changes from 6 commits
f45e37a
d7ee94d
50e20f4
3c9febd
5cb80c9
041127c
8c6b7ae
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
package commands | ||
|
||
import "github.com/onflow/flow-go/admin" | ||
|
||
type AdminCommand struct { | ||
Handler admin.CommandHandler | ||
Validator admin.CommandValidator | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
package common | ||
|
||
import ( | ||
"context" | ||
"errors" | ||
"fmt" | ||
|
||
"github.com/rs/zerolog" | ||
|
||
"github.com/onflow/flow-go/admin" | ||
"github.com/onflow/flow-go/admin/commands" | ||
) | ||
|
||
var SetLogLevelCommand commands.AdminCommand = commands.AdminCommand{ | ||
Handler: func(ctx context.Context, req *admin.CommandRequest) error { | ||
level := req.ValidatorData.(zerolog.Level) | ||
zerolog.SetGlobalLevel(level) | ||
return nil | ||
}, | ||
Validator: func(req *admin.CommandRequest) error { | ||
level, ok := req.Data["level"] | ||
if !ok { | ||
return errors.New("the \"level\" field must be provided") | ||
} | ||
levelStr, ok := level.(string) | ||
if !ok { | ||
return errors.New("\"level\" must be a string") | ||
} | ||
logLevel, err := zerolog.ParseLevel(levelStr) | ||
if err != nil { | ||
return fmt.Errorf("failed to parse level: %w", err) | ||
} | ||
req.ValidatorData = logLevel | ||
return nil | ||
}, | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -22,6 +22,7 @@ import ( | |
"github.com/spf13/pflag" | ||
|
||
"github.com/onflow/flow-go/admin" | ||
"github.com/onflow/flow-go/admin/commands/common" | ||
"github.com/onflow/flow-go/cmd/build" | ||
"github.com/onflow/flow-go/fvm" | ||
"github.com/onflow/flow-go/model/bootstrap" | ||
|
@@ -138,10 +139,10 @@ func (fnb *FlowNodeBuilder) BaseFlags() { | |
fnb.flags.UintVar(&fnb.BaseConfig.tracerSensitivity, "tracer-sensitivity", defaultConfig.tracerSensitivity, | ||
"adjusts the level of sampling when tracing is enabled. 0 means capture everything, higher value results in less samples") | ||
|
||
fnb.flags.StringVar(&fnb.BaseConfig.adminAddr, "admin-addr", defaultConfig.adminAddr, "address to bind on for admin HTTP server") | ||
fnb.flags.StringVar(&fnb.BaseConfig.adminCert, "admin-cert", defaultConfig.adminCert, "admin cert file (for TLS)") | ||
fnb.flags.StringVar(&fnb.BaseConfig.adminKey, "admin-key", defaultConfig.adminKey, "admin key file (for TLS)") | ||
fnb.flags.StringVar(&fnb.BaseConfig.adminClientCAs, "admin-client-certs", defaultConfig.adminClientCAs, "admin client certs (for mutual TLS)") | ||
fnb.flags.StringVar(&fnb.BaseConfig.AdminAddr, "admin-addr", defaultConfig.AdminAddr, "address to bind on for admin HTTP server") | ||
fnb.flags.StringVar(&fnb.BaseConfig.AdminCert, "admin-cert", defaultConfig.AdminCert, "admin cert file (for TLS)") | ||
fnb.flags.StringVar(&fnb.BaseConfig.AdminKey, "admin-key", defaultConfig.AdminKey, "admin key file (for TLS)") | ||
fnb.flags.StringVar(&fnb.BaseConfig.AdminClientCAs, "admin-client-certs", defaultConfig.AdminClientCAs, "admin client certs (for mutual TLS)") | ||
|
||
fnb.flags.DurationVar(&fnb.BaseConfig.DNSCacheTTL, "dns-cache-ttl", dns.DefaultTimeToLive, "time-to-live for dns cache") | ||
fnb.flags.UintVar(&fnb.BaseConfig.guaranteesCacheSize, "guarantees-cache-size", bstorage.DefaultCacheSize, "collection guarantees cache size") | ||
|
@@ -261,37 +262,44 @@ func (fnb *FlowNodeBuilder) EnqueueMetricsServerInit() { | |
} | ||
|
||
func (fnb *FlowNodeBuilder) EnqueueAdminServerInit(ctx context.Context) { | ||
fnb.Component("admin server", func(builder NodeBuilder, node *NodeConfig) (module.ReadyDoneAware, error) { | ||
var opts []admin.CommandRunnerOption | ||
if fnb.AdminAddr != NotSet { | ||
if (fnb.AdminCert != NotSet || fnb.AdminKey != NotSet || fnb.AdminClientCAs != NotSet) && | ||
!(fnb.AdminCert != NotSet && fnb.AdminKey != NotSet && fnb.AdminClientCAs != NotSet) { | ||
fnb.Logger.Fatal().Msg("admin cert / key and client certs must all be provided to enable mutual TLS") | ||
} | ||
fnb.RegisterDefaultAdminCommands() | ||
fnb.Component("admin server", func(builder NodeBuilder, node *NodeConfig) (module.ReadyDoneAware, error) { | ||
var opts []admin.CommandRunnerOption | ||
|
||
if node.adminCert != NotSet { | ||
serverCert, err := tls.LoadX509KeyPair(node.adminCert, node.adminKey) | ||
if err != nil { | ||
return nil, err | ||
if node.AdminCert != NotSet { | ||
serverCert, err := tls.LoadX509KeyPair(node.AdminCert, node.AdminKey) | ||
if err != nil { | ||
return nil, err | ||
} | ||
clientCAs, err := ioutil.ReadFile(node.AdminClientCAs) | ||
if err != nil { | ||
return nil, err | ||
} | ||
certPool := x509.NewCertPool() | ||
certPool.AppendCertsFromPEM(clientCAs) | ||
config := &tls.Config{ | ||
MinVersion: tls.VersionTLS13, | ||
Certificates: []tls.Certificate{serverCert}, | ||
ClientAuth: tls.RequireAndVerifyClientCert, | ||
ClientCAs: certPool, | ||
} | ||
|
||
opts = append(opts, admin.WithTLS(config)) | ||
} | ||
clientCAs, err := ioutil.ReadFile(node.adminClientCAs) | ||
if err != nil { | ||
|
||
command_runner := fnb.adminCommandBootstrapper.Bootstrap(fnb.Logger, fnb.AdminAddr, opts...) | ||
if err := command_runner.Start(ctx); err != nil { | ||
return nil, err | ||
} | ||
certPool := x509.NewCertPool() | ||
certPool.AppendCertsFromPEM(clientCAs) | ||
config := &tls.Config{ | ||
MinVersion: tls.VersionTLS13, | ||
Certificates: []tls.Certificate{serverCert}, | ||
ClientAuth: tls.RequireAndVerifyClientCert, | ||
ClientCAs: certPool, | ||
} | ||
|
||
opts = append(opts, admin.WithTLS(config)) | ||
} | ||
|
||
command_runner := fnb.adminCommandBootstrapper.Bootstrap(fnb.Logger, fnb.adminAddr, opts...) | ||
if err := command_runner.Start(ctx); err != nil { | ||
return nil, err | ||
} | ||
|
||
return command_runner, nil | ||
}) | ||
return command_runner, nil | ||
}) | ||
} | ||
} | ||
|
||
func (fnb *FlowNodeBuilder) RegisterBadgerMetrics() error { | ||
|
@@ -363,7 +371,8 @@ func (fnb *FlowNodeBuilder) initLogger() { | |
if err != nil { | ||
log.Fatal().Err(err).Msg("invalid log level") | ||
} | ||
log = log.Level(lvl) | ||
log = log.Level(zerolog.DebugLevel) | ||
zerolog.SetGlobalLevel(lvl) | ||
Comment on lines
+390
to
+391
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. why using debug level as global level? Better to use There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The way this works, is that So, I set the root logger to Debug level, and use Hope this makes sense. |
||
|
||
fnb.Logger = log | ||
} | ||
|
@@ -915,19 +924,17 @@ func (fnb *FlowNodeBuilder) Initialize() error { | |
} | ||
} | ||
|
||
if fnb.adminAddr != NotSet { | ||
if (fnb.adminCert != NotSet || fnb.adminKey != NotSet || fnb.adminClientCAs != NotSet) && | ||
!(fnb.adminCert != NotSet && fnb.adminKey != NotSet && fnb.adminClientCAs != NotSet) { | ||
fnb.Logger.Fatal().Msg("admin cert / key and client certs must all be provided to enable mutual TLS") | ||
} | ||
fnb.EnqueueAdminServerInit(ctx) | ||
} | ||
fnb.EnqueueAdminServerInit(ctx) | ||
|
||
fnb.EnqueueTracer() | ||
|
||
return nil | ||
} | ||
|
||
func (fnb *FlowNodeBuilder) RegisterDefaultAdminCommands() { | ||
fnb.AdminCommand("set-log-level", common.SetLogLevelCommand.Handler, common.SetLogLevelCommand.Validator) | ||
} | ||
|
||
// Run calls Ready() to start all the node modules and components. It also sets up a channel to gracefully shut | ||
// down each component if a SIGINT is received. Until a SIGINT is received, Run will block. | ||
// Since, Run is a blocking call it should only be used when running a node as it's own independent process. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
better to log the input and output of each command call.
received new command
finish running the command
failed to run the command
with the error message.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this will be done in a separate PR :)