PrintBody插件_服务网格(ASM)-阿里云帮助中心

PrintBody可以让Sidecar拦截并解析HTTP请求的请求及响应体。搭配ASM自定义数据面访问日志功能，可以将请求与响应体在Sidecar的访问日志中输出。

重要

此插件需要与访问日志搭配使用，您需要在访问日志格式中增加变量值为%DYNAMIC_METADATA(envoy.lua)%的访问日志变量（变量名称可随意设定），才能在访问日志中查看请求的HTTP Body。

前提条件

已开启Sidecar自动注入。
已部署入口网关。具体操作，请参见创建入口网关。
已在数据面集群部署httpbin服务。具体操作，请参见部署httpbin应用。

配置字段

名称	数据类型	填写要求	默认值	描述
port_number	string	必填	-	需要解析并响应请求、响应体的服务对应Pod的容器端口。

配置示例

配置PrintBody插件

启用PrintBody插件，配置插件参数如下：

port_number: "80"

本示例将配置在访问日志中打印httpbin服务所收到服务的请求及响应体，httpbin服务的容器端口为80，因此这里port_number参数配置为80。将插件生效范围设定为全局生效。

参考自定义数据面访问日志中步骤，自定义访问日志格式，加入一条新的访问日志字段：

http_body: %DYNAMIC_METADATA(envoy.lua)%

测试请求，向httpbin服务发送带有请求体{"msg":"OK!"}的POST请求

$ curl -H "Content-Type: application/json" -X POST -d '{"msg":"OK!"}' {网关ip地址}/post
{
  "args": {}, 
  "data": "{\"msg\":\"OK!\"}", 
  "files": {}, 
  "form": {}, 
  "headers": {
    "Accept": "*/*", 
    "Content-Length": "13", 
    "Content-Type": "application/json", 
    "Host": "*******", 
    "User-Agent": "curl/7.79.1", 
    "X-Envoy-Attempt-Count": "1", 
    "X-Envoy-Internal": "true", 
    "X-Forwarded-Client-Cert": "By=spiffe://cluster.local/ns/default/sa/httpbin;Hash=3f512ea654ce60e2d80f91f8896033db8**********;Subject=\"\";URI=spiffe://cluster.local/ns/istio-system/sa/istio-ingressgateway-service-account"
  }, 
  "json": {
    "msg": "OK!"
  }, 
  "origin": "*******", 
  "url": "http://*******/post"
}

查看httpbin Pod Sidecar的访问日志：

kc logs httpbin-669******-tx*** -c istio-proxy|grep msg

可以获取到以下的日志内容：

{"downstream_local_address":"172.17.80.6:80","upstream_cluster":"inbound|80||","start_time":"2022-**-**T12:01:*.533Z","bytes_sent":673,"response_flags":"-","response_code":200,"x_forwarded_for":"10.0.0.130","http_body":{"responseBody":"{\n  \"args\": {}, \n  \"data\": \"{\\\"msg\\\":\\\"OK!\\\"}\", \n  \"files\": {}, \n  \"form\": {}, \n  \"headers\": {\n    \"Accept\": \"*/*\", \n    \"Content-Length\": \"13\", \n    \"Content-Type\": \"application/json\", \n    \"Host\": \"121.40.183.72\", \n    \"User-Agent\": \"curl/7.79.1\", \n    \"X-Envoy-Attempt-Count\": \"1\", \n    \"X-Envoy-Internal\": \"true\", \n    \"X-Forwarded-Client-Cert\": \"By=spiffe://cluster.local/ns/default/sa/httpbin;Hash=3f512ea654ce60e2d80f91f8896033db8b0f**********;Subject=\\\"\\\";URI=spiffe://cluster.local/ns/istio-system/sa/istio-ingressgateway-service-account\"\n  }, \n  \"json\": {\n    \"msg\": \"OK!\"\n  }, \n  \"origin\": \"********\", \n  \"url\": \"http://********/post\"\n}\n","requestBody":"{\"msg\":\"OK!\"}"},"downstream_remote_address":"10.0.0.130:0","method":"POST","bytes_received":13,"upstream_host":"172.17.80.6:80","upstream_service_time":"1","upstream_local_address":"127.0.0.6:48862","protocol":"HTTP/1.1","user_agent":"curl/7.79.1","trace_id":null,"route_name":"default","request_id":"0ca6ac34-7141-46b3-85c3-f98b087ea674","upstream_transport_failure_reason":null,"path":"/post","duration":2,"authority":"121.40.183.72","istio_policy_status":null,"authority_for":"121.40.183.72","requested_server_name":"outbound_.8000_._.httpbin.default.svc.cluster.local"}

可以看到在访问日志中打印了http_body字段。该字段内的requestBody子字段打印了请求体内容，而responseBody子字段打印了响应体内容。