cloud_controller_ng icon indicating copy to clipboard operation
cloud_controller_ng copied to clipboard

Published 20 hours ago verified publisher icon cloudfoundry

Introducing a new syslog drain endpoint

Open dark5un opened this issue 1 year ago • 1 comments

We are working against a feature supporting mTLS on syslog-agent. To make it possible the pair of keys/certificates for each mTLS drain are required. Unfortunately the existing endpoint /internal/v4/syslog_drain_urls was not exposing the payload of such credentials.

The easiest way to provide those credentials would be to attach them on the existing syslog-drain payload. That would produce a lot of credential duplication as the existing response is app centric. A new response was required to efficiently deliver what we needed. This new response is drain centric to avoid the aforementioned duplication.

This change would break the api contract with syslog-agent's binding-cache and would require a lot of synchronisation between the two projects. Therefore we decided to publish a new endpoint /internal/v5/syslog_drain_urls offering this feature.

The proposal can be found in this document. Additionally there is an ongoing PR with the loggregator-agent-release.

Panagiotis Xynos [email protected] & Felix Hambrecht [email protected]

  • [x] I have reviewed the contributing guide

  • [x] I have viewed, signed, and submitted the Contributor License Agreement

  • [x] I have made this pull request to the main branch

  • [x] I have run all the unit tests using bundle exec rake

  • [ ] I have run CF Acceptance Tests

dark5un avatar Aug 04 '22 14:08 dark5un

Can you update the the internal docs with this new endpoint? Still have to read the proposal but know we'll want this documented

moleske avatar Aug 04 '22 17:08 moleske

Hi @philippthun, we have addressed all the recommended changes. Please let us know if there is anything else we should do.

dark5un avatar Sep 12 '22 11:09 dark5un

Hi @dark5un - The new specs are failing (at least sporadically). You should either define an order in the result (e.g. should the entries in the array be ordered by syslog_drain_url? / should the apps for an URL be ordered by hostname or guid?) or you need to make the checks independent of the order.

philippthun avatar Sep 13 '22 15:09 philippthun

I am sorting the apps entries now, which seems to not ~solve the problem~ @philippthun . Still looking for a solution.

dark5un avatar Sep 15 '22 10:09 dark5un

@philippthun please let me know if you see any other changes needed.

dark5un avatar Sep 22 '22 08:09 dark5un