<%- # Bootstrap manifest to pull in environment variable configuration. def enabled?(var, default=false) if ENV.key?(var) ENV[var] == "true" else default end end -%> version: v1 removes: - /etc/rsyslog.conf - /etc/rsyslog.d/*.conf <%- if ENV["DRAIN_MODE"] == "proxy" -%> - /etc/nginx/*.conf - /etc/nginx/conf.d/*.conf <%- end -%> templates: - input: /config/templates/rsyslog/rsyslog.conf output: /etc/rsyslog.conf - input: /config/templates/rsyslog/outputs.conf.erb output: /etc/rsyslog.d/05-outputs.conf - input: /config/templates/rsyslog/drain.conf.erb output: /etc/rsyslog.d/10-drain.conf <%- if ENV["DRAIN_MODE"] == "proxy" -%> - input: /config/templates/nginx/nginx.conf.erb output: /etc/nginx/nginx.conf - input: /config/templates/nginx/proxy.conf.erb output: /etc/nginx/conf.d/proxy.conf - input: /config/templates/rsyslog/syslog.conf.erb output: /etc/rsyslog.d/10-syslog.conf <%- end -%> data: _pki: cacert: <%= ENV["PKI_CACERT"] || "/etc/identity/ca/cacerts.pem" %> client: cert: <%= ENV["PKI_CLIENT_CERT"] || "/etc/identity/client/certificates/client.pem" %> key: <%= ENV["PKI_CLIENT_KEY"] || "/etc/identity/client/keys/client-key.pem" %> _funnel: host: <%= ENV["ENDPOINT_FUNNEL"] || "ajna-api.salesforce.com" %> port: 443 scheme: https _funnel_logs: host: <%= ENV["ENDPOINT_FUNNEL_LOGS"] || ENV["ENDPOINT_FUNNEL"] || "ajna-api.salesforce.com" %> port: 443 scheme: https api: <%= ENV["FUNNEL_LOGS_API"] || "logs" %> # Set restpath, content_type, batch_format based on `api` setting <%- if ENV["FUNNEL_LOGS_API"] == "data" -%> <%- topic_namespace = ENV["FUNNEL_LOGS_TOPIC_NAMESPACE"] || "sfdc.prod.rsyslog" -%> <%- topic_name = ENV["FUNNEL_LOGS_TOPIC_NAME"] || "logs.general" -%> rest_path: <%= "v1/data/namespaces/#{topic_namespace}/topics/#{topic_name}" %> http_content_type: application/vnd.kafka.v1+json batch_format: kafkarest <%- else -%> rest_path: v1/logs/v1 http_content_type: application/vnd.kafka.json.v1+json batch_format: jsonarray <%- end-%> log_drain: # Enable debug mode. debug: <%= enabled?("DRAIN_DEBUG") %> # Publish logs to Funnel. publish_logs: <%= enabled?("DRAIN_PUBLISH_LOGS", true) %> # Publish enabled metrics to Funnel. publish_metrics: <%= enabled?("DRAIN_PUBLISH_METRICS", true) %> # Parse Heroku dyno runtime-metrics and addon log-based metrics. runtime_metrics: <%= enabled?("DRAIN_RUNTIME_METRICS", true) %> # Parse Heroku router logs into metrics. router_metrics: <%= enabled?("DRAIN_ROUTER_METRICS", true) %> # Enable internal self-metrics. self_metrics: <%= enabled?("DRAIN_SELF_METRICS", true) %> # Serving port. port: <%= ENV["DRAIN_PORT"] || ENV["PORT"] || 5000 %> <%- if enabled?("DRAIN_BASIC_AUTH", false) -%> # Basic Authentication. basic_auth_file: <%= ENV["BASIC_AUTH_FILE"] %> <%- end -%> # Set base environment for this drain environment: <%= ENV["DRAIN_DEFAULT_ENVIRONMENT"] %> # Set base cloud value for this drain cloud: <%= ENV["DRAIN_DEFAULT_CLOUD"] %> # UUID for this Drain. uuid: <%= ENV["DRAIN_UUID"] %> # Impstats reporting interval. stats_interval_seconds: 60 # Main ruleset and output action queue sizes. queue_size: <%= ENV["DRAIN_QUEUE_SIZE"] || 100000 %> # workers > 1 does not appear to have any appreciable effect. logs_batch_worker_threads: <%= ENV["DRAIN_PUBLISH_LOGS_BATCH_WORKER_THREADS"] || 1 %> # Buffer 10000 logs per batch by default. logs_batch_size: <%= ENV["DRAIN_PUBLISH_LOGS_BATCH_SIZE"] || 10000 %> # Buffer up to 10MB by default. Funnel accepts up to 25MB batches. logs_batch_max_bytes: <%= ENV["DRAIN_PUBLISH_LOGS_BATCH_MAX_BYTES"] || 10000000 %> # Wait for up to 10 seconds by default between batch flushes. logs_batch_timeout_ms: <%= ENV["DRAIN_PUBLISH_LOGS_BATCH_TIMEOUT_MS"] || 10000 %> # The "http_*" fields correspond to imhttp/civetweb HTTP options. # Reference https://github.com/civetweb/civetweb/blob/master/docs/UserManual.md # Heroku router logs access requests too, no need to log twice. http_access_log_file: <%= ENV["DRAIN_HTTP_ACCESS_LOG_FILE"] || "/dev/null" %> http_error_log_file: <%= ENV["DRAIN_HTTP_ACCESS_LOG_FILE"] || "/dev/stderr" %> http_num_threads: <%= ENV["DRAIN_HTTP_NUM_THREADS"] || 50 %> http_listen_backlog: <%= ENV["DRAIN_HTTP_LISTEN_BACKLOG"] || 32 %> http_connection_queue: <%= ENV["DRAIN_HTTP_CONNECTION_QUEUE"] || 16 %> # Document root used to serve received logs for testing abd debugging. http_document_root: /www/data # DNR (Detection n' Response) filtering. filter_dnr_logs: <%= enabled?("DRAIN_FILTER_DNR_LOGS", false) %> filter_dnr_logs_expression: <%= ENV["DRAIN_FILTER_DNR_LOGS_EXPRESSION"] || "" %> # In proxy mode, allow nginx to log locally. syslog_udp_port: 10514 <%- if ENV["DRAIN_MODE"] == "proxy" -%> proxy: port: <%= ENV["PORT"] || 5001 %> drain_port: <%= ENV["DRAIN_PORT"] || 5000 %> mirror_resolver: <%= ENV["MIRROR_RESOLVER"] || "1.1.1.1" %> # Reference https://docs.nginx.com/nginx/admin-guide/monitoring/logging/ # Can also be a file, e.g. /dev/null <%- if enabled?("DRAIN_PROXY_ACCESS_LOG", false) -%> access_log: syslog:server=127.0.0.1:10514,facility=local7,tag=nginx,severity=info <%- else -%> access_log: /dev/null <%- end -%> error_log: syslog:server=127.0.0.1:10514 <%- end -%>