Skip to content

Commit

Permalink
Add Log Label to Audit Logging
Browse files Browse the repository at this point in the history 
Antrea native policies support firewall rule logs. Adding a rule
label to the log allows convenient post-processing of the logs
like grepping the same log labels.

This feature adds a field "logLabel" to the CRDs, which will be
printed in the logs and exported to flow records. "logLabel"
defaults to empty value.

Fixes antrea-io#4652

Signed-off-by: Qiyue Yao <yaoq@vmware.com>
  • Loading branch information
@qiyueyao
qiyueyao committed May 18, 2023
1 parent 545e6d7 commit e06a11a
Show file tree
Hide file tree
Showing 38 changed files with 659 additions and 311 deletions.
6 changes: 6 additions & 0 deletions build/charts/antrea/crds/clusternetworkpolicy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -387,6 +387,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -653,6 +656,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down
6 changes: 6 additions & 0 deletions build/charts/antrea/crds/networkpolicy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -330,6 +330,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -567,6 +570,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down
12 changes: 12 additions & 0 deletions build/yamls/antrea-aks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -765,6 +765,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -1031,6 +1034,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down Expand Up @@ -1889,6 +1895,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -2126,6 +2135,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down
12 changes: 12 additions & 0 deletions build/yamls/antrea-crds.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -758,6 +758,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -1024,6 +1027,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down Expand Up @@ -1870,6 +1876,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -2107,6 +2116,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down
12 changes: 12 additions & 0 deletions build/yamls/antrea-eks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -765,6 +765,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -1031,6 +1034,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down Expand Up @@ -1889,6 +1895,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -2126,6 +2135,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down
12 changes: 12 additions & 0 deletions build/yamls/antrea-gke.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -765,6 +765,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -1031,6 +1034,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down Expand Up @@ -1889,6 +1895,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -2126,6 +2135,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down
12 changes: 12 additions & 0 deletions build/yamls/antrea-ipsec.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -765,6 +765,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -1031,6 +1034,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down Expand Up @@ -1889,6 +1895,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -2126,6 +2135,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down
12 changes: 12 additions & 0 deletions build/yamls/antrea.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -765,6 +765,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -1031,6 +1034,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down Expand Up @@ -1889,6 +1895,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
egress:
type: array
items:
Expand Down Expand Up @@ -2126,6 +2135,9 @@ spec:
type: string
enableLogging:
type: boolean
logLabel:
type: string
pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]{0,61})?[A-Za-z0-9])?$"
status:
type: object
properties:
Expand Down
Loading

0 comments on commit e06a11a

Please sign in to comment.