Nginx Access Logs => Metrics? #966
Comments
|
Nope. (as in doesn't exist) |
|
I would be open to having to viability/feasibility results on https://www.npmjs.com/package/throttled-request if it's worth it... it's about the only thing on npmjs.com that I've found. There's also this, https://www.npmjs.com/package/throttle-function, but it's even older. If I can one of these confirmed as usable and possibly a PR for it... I can release the |
|
I meant for serverside logs. You dont have console access? Bleh. I mean, Then do you have a log dump with morgan logging turned on of the past If you are interested, send it to my email since there might be something
|
I do... however still prefer to keep this inside the project and off the OS CLI as much as possible for cross-platform considerations... although it's been a really long time since I've tried Windows with our project with Git Bash.
I do not. See here and #430 esp. the dismissal but I'm willing to consider this a new day. The stdout and stderr messages are inclusive with the
I'd be willing to look at them for sure to ease up some typing. |
cool
So will the scripts be able to parse |
It's not nodejitsu anymore ... if you do a I've already just blocked two new IPs in the 21 minutes I've been on the keyboard as the manual instance in my shell was filling up with it. |
|
So what's your tech stack then? Just a node instance on a DO droplet?
You log stdout to a file right, or do you have to start a new instance with debug enabled whenever you want to check the logs? If you log to file, you can use the |
Correct and usually a process manager to keep it alive... one of them which strips out date/times too which is annoying. We had to roll back to forever because the other one lost all instances launched when memory went away but I might have that more managed with the recent kernel update and this code.
See here again and this as to why we're not logging fully in production. nodejitsu had this issue as well and I'd rather not store something that could be handled in memory and or with a throttling package. e.g. if the function is requested too many times from the same ip send them off to 503... or the request itself... however that package I mentioned doesn't appear to support the express
This is a last resort as that sends out tons of info and is why I created #430 along with debug, dev and pro modes... plus you would see Right now I'm twiddling with logging, to the terminal for now, the requests to .user.js ... the IP, the Accept header, script route, and UA. That's how I'm establishing monitoring statistics for #957.
Been a while since I've seen that command... thanks for the tip... will help if we log for sure and need a quick shell snapshot. I'm contemplating doing something similar in the Admin tools as well but not sure how much bandwidth that would use. |
|
If you don't want requests being logged with the other logs, log them directly to file. Then rotate the log file + compress them. I'm sure it should have a way to limit the size taken up somewhere as well. Nginx uses So something like this: var logrotateStream = require('logrotate-stream');
var accessLogStream = logrotateStream({
file: './logs/app.log',
size: '1m', // Should sate your worries about that issue
keep: 100, // 100mb dedicated to logs
compress: true, // well not really 100mb
});
app.use(morgan('combine', { stream: accessLogStream }));I haven't tested this, I don't even have node installed atm I think. I'll setup a load test in a bit. |
|
So with the following app: var express = require('express')
var fs = require('fs')
var morgan = require('morgan')
var app = express()
var logrotateStream = require('logrotate-stream');
var accessLogStream = logrotateStream({
file: './logs/app.log',
size: '1m',
keep: 100,
compress: true,
});
app.use(morgan('combined', { stream: accessLogStream }));
app.get('/', function (req, res) {
res.send('hello, world!')
})
app.listen(3000);and using loadtest with Edit: The |
What do you mean by this?
If we do log anything this massive I would want the rotate to tar.xz these on rotation automatically. e.g. not a cron job. This is a reason why we should keep these things in the project and not on the OS CLI. (P.S. I had to move exec calls to private because on low memory it would crash the server... so native node would be nice to have)
This in mandatory right now. Let me think about it some more... working on a few other ideas that may help. Appreciate the package refs as the terminology is all over the place with this kind of system management. |
Our other process manager date/times stamps too... and eventually we'll go back to that. |
When a log is rotated out when it hits the maximum filesize, it gets zipped. Edit: Should note that I set it to
That's what logrotate-stream does. It's a pure Node.JS solution. It's basically the same thing as logging to a file except it checks the filesize of the log after writing to it, and rotates it out. Rotating means it renames it to It should also limit the amount of logs rotated out as well |
|
Sure would be nice if it did xz... that's usually about 60% smaller for these types of logs. I already have a rotate function in for some things CLI but will look into it for this application. |
|
Just for stats pre analysis I logged ~ 12 minutes and that generated an uncompressed log of 494028B (482KiB) with a routine I have in place to with the filtering of the problematic IPs with this sort of output : |
|
So you can use var logFormat = ':remote-addr :date[iso] :method ":url" ":referrer"\\n\\t":user-agent"\\n\\t:req[Accept]\\n\\t:status :res[content-length] - :response-time ms'
app.use(morgan(logFormat, { stream: accessLogStream }));With both Edit: oh I see you found out about |
|
Keep in mind I'm capturing only the script sources too... at this time I really don't care about any other route as that's not the problem with TM right now... although perhaps a configurable match would be good for future expanding outwards if we can't detect what's happening. Would a app.use(
function (aReq, aRes, aNext) {
if (/^\/install\//.test(aReq._parsedUrl.pathname) ) { // Basic source route... there are others
morgan(logFormat, { stream: accessLogStream }); // Only then use morgan?
}
}
);We'd also need a way of stating capturing of stdout and stderr via morgan has pretty much been neglected by us and I installed it as part of the express |
|
The morgan function returns a route handler callback var logRequestHandler = morgan(logFormat, { stream: accessLogStream });
app.get('/test', function (req, res) {
logRequestHandler(req, res, function(){}); // empty next() since we want it break out of the function
res.send('test, world!')
}) |
|
Supposed we could just continue using the The logrotate-stream would have to not crash forever or other process managers during swap out. I'll have to set the log file to a static name in order to use that. The loadtest worries me with:
We can easily be above 100% which is what causes the memory to get eaten up... hence why I check _node_s |
|
Node.JS only uses a single thread no (with an event loop). How are you getting above 100% (1 full core used up)? Also, why would you use loadtest on the production site when it's already had 1 drink too many, are you mad? It's used to send thousands of requests to the url you specify.
So we're trying to serve too many scripts at once. Does that mean the requests we're trying to keep too mana scripts in memory at once? Aren't we piping the response from AWS to the user (in the case of install)? Do update/meta checks pull the entire source file into memory to read it? |
|
https://github.com/OpenUserJs/OpenUserJS.org/blob/master/controllers/scriptStorage.js#L308 Why aren't we piping on install. We should be serving the exact same data that's on AWS to the user. https://medium.com/@stockholmux/node-js-streams-proxies-and-amazon-s3-50b4fabdedbd#.l8gssrukz |
See here... had the same reaction as you.
I haven't... just doing preliminary reading... it does have some API usage instead of just CLI although it's scattered all over the place. Trying to get on the same page as you with a question is all.
That's part of the kernel issue we had (have?) as well as TM sending out exponential update check requests.
Because that has a verified worse memory leak and was removed because of this entire incident... plus if we encapsulate those scripts without
See previous response in this reply... there's also an issue of UTF-16 which we still accept but we set encoding to UTF-8... but this is all beyond the scope here of logging to do auto-magic wizardry to block (and count) traffic... which none of this logging is addressing that yet. |
|
Btw the one you linked (commit localized) is for the minification routine. |
Additional thoughts...
|
|
Re:
And content of:
Labeling as WONTFIX ... we are still being bombarded but I think it's managed now... so the logs would still show 100% of the requests pre-management... that won't happen as previously mentioned about storage getting filled up. Closing but appreciate the ideas shared. |
Martii
added
wontfix
But it won't fill it up. |
Yes it will... issue is ended and won't happen... as I said before I was filtering the problem IPs so the actual log size is probably 1000 times bigger. Not going to happen. |
|
Do you even know how many requests you were serving before and during these problems? Once they subside, you'll have no way of knowing how close you are to your current stack flopping over as you continue to scale. Though I guess you could try to emulate the load with loadtest but it might not distribute the load correctly to trip it. |
|
@Zren Another option is to turn the install counts to owner and moderator/admin+ and never show them to the public. |
Do you have access to
/var/log/nginx/*.logfiles? You could perform some wizardry with those files to count the meta/update/install requests filtered by timestamp / ip / user agent.The text was updated successfully, but these errors were encountered: