Merge pull request #1385 from bcgov/bcgov/feature/loki-log-streaming

feat: Loki Log Streaming
bcgov · Jan 17, 2025 · dbd5199 · dbd5199
2 parents 9fb2faa + aa263fd
commit dbd5199
Show file tree

Hide file tree

Showing 32 changed files with 4,112 additions and 7,462 deletions.
diff --git a/charts/traction/templates/ui/configmap.yaml b/charts/traction/templates/ui/configmap.yaml
@@ -19,6 +19,7 @@ data:
   FRONTEND_SESSION_TIMEOUT_SECONDS: {{ .Values.ui.oidc.session.timeoutSeconds | quote }}
   FRONTEND_SESSION_COUNTDOWN_SECONDS: {{ .Values.ui.oidc.session.countdownSeconds | quote }}
   FRONTEND_TENANT_PROXY_URL: https://{{ include "tenant_proxy.host" . }}
+  # FRONTEND_LOG_STREAM_URL: wss://{{ include "tenant-ui.fullname" . }}:{{ .Values.ui.service.httpPort }}/logStream
   SERVER_OIDC_JWKS: {{ .Values.ui.oidc.jwksUri | quote }}
   SERVER_OIDC_REALM: {{ .Values.ui.oidc.realm | quote }}
   SERVER_OIDC_ROLE: {{ .Values.ui.oidc.roleName | quote }}
@@ -29,6 +30,7 @@ data:
   SERVER_SMTP_SECURE: {{ .Values.ui.smtp.secure | quote }}
   SERVER_SMTP_USER: {{ .Values.ui.smtp.user | quote }}
   SERVER_TRACTION_URL: http://{{ include "tenant_proxy.fullname" . }}:{{ .Values.tenant_proxy.service.port }}
+  SERVER_LOKI_URL: {{ .Values.ui.lokiUrl | quote }}
   UX_APP_INNKEEPER_TITLE: {{ .Values.ui.ux.appInnkeeperTitle | quote }}
   UX_APP_TITLE: {{ .Values.ui.ux.appTitle | quote }}
   UX_COPYRIGHT: {{ .Values.ui.ux.copyright | quote }}

diff --git a/charts/traction/values.yaml b/charts/traction/values.yaml
@@ -603,6 +603,8 @@ ui:
   ## @param ui.requireEmailForReservation Whether the Email field is needed for a tenant reservation
   ## If false will default [email protected] to API 
   requireEmailForReservation: true
+  ## @param ui.lokiUrl The endpoint to stream loki logs from for the Tenant UI
+  lokiUrl: ""
   image:
     ## @param ui.image.repository
     repository: ghcr.io/bcgov/traction-tenant-ui

diff --git a/scripts/.env-example b/scripts/.env-example
@@ -178,7 +178,9 @@ TENANT_UI_PORT=5101
 # which traction api are we using?
 # naming convention follows what is used by the tenant ui config
 SERVER_TRACTION_URL=http://localhost:8032
+SERVER_LOKI_URL=
 FRONTEND_TENANT_PROXY_URL=http://localhost:8032
+FRONTEND_LOG_STREAM_URL=
 IMAGE_BUILDTIME=
 IMAGE_TAG=scripts_tenant-ui:latest
 IMAGE_VERSION=latest

diff --git a/scripts/README.md b/scripts/README.md
@@ -63,6 +63,8 @@ The default configuration will stand up the following environment:
 - BCovrin Test ledger... see `ACAPY_GENESIS_URL` environment variable ([http://test.bcovrin.vonx.io/genesis](http://test.bcovrin.vonx.io/genesis)).
 - previously registered Endorser DID... see `ACAPY_ENDORSER_PUBLIC_DID` environment variable.
 
+### Log streaming
+The Traction Tenant UI can optionally be configured to stream Tenant logs via a specified Loki endpoint. To see details on testing this with the local Docker setup see here.
 
 ## Run Local Traction
 - docker
@@ -128,7 +130,7 @@ docker build -f ./Dockerfile --tag traction:plugins-acapy ..
 cd ../../services/aca-py
 docker build -f ./Dockerfile.acapy --tag traction:traction-agent .
 cd ../../scripts
-docker compose up
+docker compose -f docker-compose.logs.yml -f docker-compose.yml up
 ```
 
 If there are still errors, try turning buildkit off. In the terminal where you are running your builds:
@@ -203,4 +205,37 @@ You can use the wallet id and key to retrieve a token and use the Tenant API.
 9. In the bottom `AuthorizationHeader (apiKey)` section, for the Value field, enter `Bearer <your token value>` and Authorize.
 10. You are now logged in as your tenant/wallet/agent.
 11. Scroll to [GET /tenant](http://localhost:8032/api/doc#/traction-tenant/get_tenant), expand, Try it out and Execute.
-12. These are your tenant's details. Only you are authorized to fetch your tenant data.
+12. These are your tenant's details. Only you are authorized to fetch your tenant data.
+
+## Optional Local Log Streaming Setup
+The local development environment can optionally be set up to stream Tenant logs from the Traction services to the Tenant UI using Grafana Promtail and Loki.
+
+This requires some additional infrastructure that can be stood up in the docker compose environment to use locally. (in a operational deployment of Traction you would likely just need to specify your own Loki url to the Tenant UI environment, and set up the infrastructure as desired in your archetecture). By defuault these logging services will not build, but you can enable them as follows.
+
+**Ensure Loki driver is enabled in your Docker environment**  
+Can set up if needed with `docker plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions`. Traction assumes 'loki' alias for this.
+
+**Set environment**  
+In your local .env modify the following values
+```
+FRONTEND_LOG_STREAM_URL=ws://localhost:5101/logStream
+SERVER_LOKI_URL=ws://localhost:3100
+```
+
+For operational setup of the Tenant UI when deploying with Helm, 
+the Tenant UI configmap.yaml can be set with the following to pull the correct endpoint for the frontend:
+`FRONTEND_LOG_STREAM_URL: wss://{{ include "tenant-ui.fullname" . }}:{{ .Values.ui.service.httpPort }}/logStream`
+
+
+
+**Start up additional logging services**  
+In `/scripts` instead of just running the single docker compose, add on the logging one:  
+```
+docker compose -f docker-compose.logs.yml -f docker-compose.yml up
+```
+
+If using the `manage` script run
+```
+./manage build loki  
+./manage start loki  
+```
diff --git a/scripts/configs/promtail.yml b/scripts/configs/promtail.yml
@@ -0,0 +1,84 @@
+server:
+  http_listen_address: 0.0.0.0
+  http_listen_port: 9080
+
+positions:
+  filename: /tmp/positions.yaml
+
+clients:
+  - url: http://loki:3100/loki/api/v1/push
+
+scrape_configs:
+  - job_name: system
+    static_configs:
+    - targets:
+        - localhost
+      labels:
+        job: varlogs
+        __path__: /var/log/*log
+
+  - job_name: journal
+    journal:
+      json: false
+      max_age: 12h
+      path: /var/log/journal
+      # matches: _syslog_identifier=dockerd
+      labels:
+        job: systemd-journal
+    relabel_configs:
+      - source_labels:
+          - __journal__systemd_unit
+        target_label: systemd_unit
+      - source_labels:
+          - __journal__hostname
+        target_label: hostname
+      - source_labels:
+          - __journal_syslog_identifier
+        target_label: syslog_identifier
+      - source_labels:
+          - __journal__transport
+        target_label: transport
+
+  - job_name: containers
+    static_configs:
+    - targets:
+        - localhost
+      labels:
+        job: containerlogs
+        __path__: /var/lib/docker/containers/*/*log
+
+    # --log-opt tag="{{.Name}}"
+    pipeline_stages:
+
+    - json:
+        expressions:
+          stream: stream
+          attrs: attrs
+          tag: attrs.tag
+
+    - regex:
+        expression: (?P<container_name>(?:[^|]*[^|]))
+        source: "tag"
+
+    - labels:
+        tag:
+        stream:
+        container_name:
+
+  - job_name: flog_scrape 
+    docker_sd_configs:
+      - host: unix:///var/run/docker.sock
+        refresh_interval: 5s
+        filters:
+          - name: name
+            values: [flog] 
+    relabel_configs:
+      - source_labels: ['__meta_docker_container_name']
+        regex: '/(.*)\.[0-9]\..*'
+        target_label: 'name'
+      - source_labels: ['__meta_docker_container_name']
+        regex: '/(.*)\.[0-9a-z]*\..*'
+        target_label: 'name'
+      - source_labels: ['__meta_docker_container_name']
+        regex: '/.*\.([0-9]{1,2})\..*'
+        target_label: 'replica'
diff --git a/scripts/docker-compose.logs.yml b/scripts/docker-compose.logs.yml
@@ -0,0 +1,91 @@
+version: "3.9"
+
+x-logging: &default-logging
+  driver: loki
+  options:
+    loki-url: http://localhost:3100/loki/api/v1/push
+    loki-retries: 5
+    loki-batch-size: 400
+
+services:
+  loki:
+    image: grafana/loki:2.9.2
+    ports:
+      - "3100:3100"
+    command: -config.file=/etc/loki/local-config.yaml
+    logging: *default-logging
+    networks:
+      - loki
+
+  promtail:
+    image: grafana/promtail:2.9.2
+    volumes:
+      - /var/log:/var/log
+      - /var/lib/docker/containers:/var/lib/docker/containers
+      - ./configs/promtail.yml:/etc/promtail/config.yml
+    command: -config.file=/etc/promtail/config.yml
+    networks:
+      - loki
+
+  grafana:
+    environment:
+      - GF_PATHS_PROVISIONING=/etc/grafana/provisioning
+      - GF_AUTH_ANONYMOUS_ENABLED=true
+      - GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
+    logging: *default-logging
+    entrypoint:
+      - sh
+      - -euc
+      - |
+        mkdir -p /etc/grafana/provisioning/datasources
+        cat <<EOF > /etc/grafana/provisioning/datasources/ds.yaml
+        apiVersion: 1
+        datasources:
+        - name: Loki
+          type: loki
+          access: proxy 
+          orgId: 1
+          url: http://loki:3100
+          basicAuth: false
+          isDefault: true
+          version: 1
+          editable: false
+        EOF
+        /run.sh
+    image: grafana/grafana:latest
+    ports:
+      - "3000:3000"
+    networks:
+      - loki
+
+  # Override the logging config for the services in the main docker compose
+  ngrok-traction-agent:
+    logging: *default-logging
+
+  traction-acapy-image-builder:
+    logging: *default-logging
+
+  traction-agent:
+    logging: *default-logging
+
+  traction-db:
+    logging: *default-logging
+
+  tenant-ui:
+    logging: *default-logging
+
+  tenant-proxy:
+    logging: *default-logging 
+
+  endorser-agent:
+    logging: *default-logging
+
+  endorser-db:
+    logging: *default-logging
+
+  endorser-agent-1:
+    logging: *default-logging
+
+
+networks:
+  loki:
diff --git a/scripts/docker-compose.yml b/scripts/docker-compose.yml
@@ -1,4 +1,5 @@
 version: "3.12"
+
 services:
   ngrok-traction-agent:
     image: ngrok/ngrok
@@ -122,7 +123,9 @@ services:
         condition: service_started
     environment:
       - SERVER_TRACTION_URL=${SERVER_TRACTION_URL}
+      - SERVER_LOKI_URL=${SERVER_LOKI_URL}
       - FRONTEND_TENANT_PROXY_URL=${FRONTEND_TENANT_PROXY_URL}
+      - FRONTEND_LOG_STREAM_URL=${FRONTEND_LOG_STREAM_URL}
       - IMAGE_BUILDTIME=${IMAGE_BUILDTIME}
       - IMAGE_TAG=${IMAGE_TAG}
       - IMAGE_VERSION=${IMAGE_VERSION}

diff --git a/scripts/manage b/scripts/manage
@@ -24,13 +24,19 @@ generate_traction_ascii_art() {
 
 # Global variable to hold Docker Compose command
 compose_cmd=""
+compose_files_opt=""
+include_loki_services=false
+if [ "$2" == "loki" ]; then
+  include_loki_services=true
+  compose_files_opt="-f docker-compose.logs.yml -f docker-compose.yml"
+fi
 
 # Function to determine the correct Docker Compose command
 get_docker_compose_command() {
   if command -v "docker" > /dev/null && docker compose version > /dev/null 2>&1; then
-    compose_cmd="docker compose"
+    compose_cmd="docker compose $compose_files_opt"
   elif command -v docker-compose > /dev/null 2>&1; then
-    compose_cmd="docker-compose"
+    compose_cmd="docker-compose $compose_files_opt"
   else
     echo "Error: Neither 'docker compose' nor 'docker-compose' is installed." >&2
     exit 1
@@ -65,7 +71,12 @@ build_docker_images() {
   fi
 
   built_services="traction-acapy-image-builder tenant-ui tenant-proxy endorser-api endorser-api-1"
-  pulled_services="ngrok-traction-agent traction-db endorser-db endorser-db-1 maildev endorser-agent endorser-agent-1"
+  if [ "$include_loki_services" == true ]; then
+    pulled_services="loki promtail grafana ngrok-traction-agent traction-db endorser-db endorser-db-1 maildev endorser-agent endorser-agent-1"
+  else
+    pulled_services="ngrok-traction-agent traction-db endorser-db endorser-db-1 maildev endorser-agent endorser-agent-1"
+  fi
+
   $compose_cmd build $built_services --no-cache --parallel
   $compose_cmd pull $pulled_services
 }

diff --git a/services/tenant-ui/.vscode/launch.json b/services/tenant-ui/.vscode/launch.json
@@ -7,10 +7,7 @@
     {
       "name": "backend - run dev",
       "request": "launch",
-      "runtimeArgs": [
-        "run-script",
-        "dev"
-      ],
+      "runtimeArgs": ["run-script", "dev"],
       "runtimeExecutable": "npm",
       "skipFiles": [],
       "type": "node",
@@ -19,11 +16,8 @@
     {
       "name": "frontend - run dev",
       "request": "launch",
-      "cwd":"${workspaceFolder}/frontend", 
-      "runtimeArgs": [
-        "run-script",
-        "dev"
-      ],
+      "cwd": "${workspaceFolder}/frontend",
+      "runtimeArgs": ["run-script", "dev", "--", "--host"],
       "runtimeExecutable": "npm",
       "skipFiles": [],
       "type": "node",
@@ -39,9 +33,6 @@
       "sourceMapPathOverrides": {
         "webpack:///./src/*": "${webRoot}/*"
       }
-    },
-
-
-
+    }
   ]
 }
diff --git a/services/tenant-ui/.vscode/settings.json b/services/tenant-ui/.vscode/settings.json
@@ -1,7 +1,7 @@
 {
   "editor.formatOnSave": true,
   "editor.codeActionsOnSave": {
-    "source.fixAll.eslint": true
+    "source.fixAll.eslint": "explicit"
   },
   "prettier.enable": true,
   "[javascript]": {

diff --git a/services/tenant-ui/README.md b/services/tenant-ui/README.md
@@ -146,3 +146,7 @@ If no value is set using either of these methods MATOMO tracker code will never
 
 For more information on configuration settings see
 [Set up your configuration](https://github.com/bcgov/traction/tree/main/services/tenant-ui#set-up-your-configuration)
+
+## Log Streaming
+
+The Tenant UI can display streamed logs from a Loki aggregator. For details on setup, see ["Optional Local Log Streaming Setup" in the scripts README](../../scripts/README.md)