XRay跟踪未在AWS控制台中显示 [英] XRay Traces not showing up in AWS Console

问题描述

我已遵循AWS文档为在AWS ECS上部署的Spring Boot应用程序设置XRAY，但无法在AWS控制台中看到我的服务的跟踪.这是我已实施的更改的高级视图:

I've followed the AWS documentation on setting up XRAY for our Spring Boot application deployed on AWS ECS, but I'm not able to see the traces for my services in the AWS Console. Here's a high level view of the changes I've implemented:

向我的EC2添加了具有策略权限的角色

Added Role with Policy permissions to my EC2

"xray:BatchGetTraces",
"xray:GetServiceGraph",
"xray:GetTraceGraph",
"xray:GetTraceSummaries",
"xray:PutTelemetryRecords",
"xray:PutTraceSegments"

添加了跟踪过滤器

@Bean
public Filter TracingFilter() {
    return new AWSXRayServletFilter("myService");
}

将XRAY依赖项添加到我们的POM文件中，并将 @XRayEnabled 注释添加到我们的Controller方法中:

Added XRAY dependencies to our POM file and added @XRayEnabled annotation to our Controller method:

将XRAY守护程序下载到我们的ec2实例并安装

Downloaded the XRAY Daemon to our ec2 instance and installed

curl https://s3.dualstack.us-east-1.amazonaws.com/aws-xray-assets.us-east-1/xray-daemon/aws-xray-daemon-3.x.rpm -o /home/ec2-user/xray.rpm
yum install -y /home/ec2-user/xray.rpm

我已验证我们正在看到UDP日志记录语句，例如: com.amazonaws.xray.emitters.UDPEmitter:

I've verified that we are seeing UDP logging statements for example: com.amazonaws.xray.emitters.UDPEmitter:

 {
  "name" : "myService",
  "id" : "1234",
  "start_time" : 1.546020031234E9,
  "trace_id" : "myTraceId",
  "end_time" : 1.546020031234E9,
  "http" : {
    "request" : {
      "method" : "POST",
      "client_ip" : "myIp",
      "url" : "myURL",
      "user_agent" : "PostmanRuntime/7.4.0",
      "x_forwarded_for" : true
    },
    "response" : {
      "content_length" : 200,
      "status" : 200
    }
  },
  "aws" : {
    "xray" : {
      "sdk_version" : "1.2.1",
      "sdk" : "X-Ray for Java"
    }
  },
  "service" : {
    "runtime" : "OpenJDK 64-Bit Server VM",
    "runtime_version" : "1.8.0_151"
  }
}

我还使用netstat -tulpn验证了守护程序是否在ec2上运行

And I've also verified that the daemon is running on the ec2 using netstat -tulpn

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
udp        0      0 127.0.0.1:2000          0.0.0.0:*                           14126/xray 

要使XRAY跟踪显示在AWS控制台中还需要什么?

What else is needed to be able to get the XRAY traces to show up in the AWS Console?

我已经在启用日志记录的情况下启动了docker守护程序，但是我没有看到任何迹象表明docker守护程序正在向AWS发送数据，仅是启动信息，就是这样:

I've started the docker daemon with logging enabled, but I'm not seeing any indication that the docker daemon is sending data to AWS, just startup information and that's it:

2018-12-28T23:14:19Z [Info] Initializing AWS X-Ray daemon 3.0.0
2018-12-28T23:14:19Z [Info] Using buffer memory limit of 304 MB
2018-12-28T23:14:19Z [Info] 4864 segment buffers allocated
2018-12-28T23:14:19Z [Info] Using region: us-east-1
2018-12-28T23:14:19Z [Info] Starting proxy http server on 127.0.0.1:2000

推荐答案

我猜这是因为您在EC2主机上运行X-Ray守护程序，并且您的Java容器默认尝试将事件发送到127.0.0.1:2000在java容器本身内部，但不在主机地址内. Docker容器将127.0.0.1视为容器范围之内.

I am guessing the issue is because you are running X-Ray Daemon on EC2 host and your java container is trying to send events to 127.0.0.1:2000 by default which is inside the java container itself but not the host address. Docker container sees 127.0.0.1 as within the container scope.

您将需要在Java应用程序中正确配置X射线守护程序地址.

You will need to configure the X-Ray Daemon Address properly on your Java App.

AWS_XRAY_DAEMON_ADDRESS –设置X-Ray守护程序的主机和端口 听众.默认情况下，SDK将127.0.0.1:2000用于两个跟踪数据 (UDP)和采样(TCP).如果您已经配置了 守护程序在其他端口上侦听，或者它是否正在某个端口上运行 不同的主机.

AWS_XRAY_DAEMON_ADDRESS – Set the host and port of the X-Ray daemon listener. By default, the SDK uses 127.0.0.1:2000 for both trace data (UDP) and sampling (TCP). Use this variable if you have configured the daemon to listen on a different port or if it is running on a different host.

格式

相同的端口–地址:端口

Same port – address:port

不同的端口– tcp:address:port udp:address:port

Different ports – tcp:address:port udp:address:port

由于您正在检测基于ECS的应用程序，因此我建议将X-Ray守护程序作为Docker容器启动，而不是作为EC2主机上的实际进程启动.

Since you are instrumenting the ECS based application, I would advise to spin up X-Ray Daemon as Docker Container but not as actual process on EC2 host.

示例-

1. 将X射线后台驻留程序作为ECS容器运行(作为后台驻留程序调度类型). https://docs.aws.amazon.com/xray/latest/devguide/xray-daemon-ecs.html https://docs.aws.amazon.com/AmazonECS/Latest/developerguide/ecs_services.html#service_scheduler
2. 基于您在ECS上使用的网络模型，您应该能够与Java容器中的X-Ray容器地址"和端口"进行交互.

1. Run the X-Ray Daemon as ECS Container(As Daemon scheduling type). https://docs.aws.amazon.com/xray/latest/devguide/xray-daemon-ecs.html https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html#service_scheduler
2. Based on which networking model you are using on ECS, you should be able to interact with X-Ray container Address and Port from your java container.

如果您有任何疑问，请告诉我.

Let me know if you have any questions.

将X-RAY守护程序作为Docker容器与在主机上运行它吗?

X-RAY Daemon as a Docker Container vs running it on the host?

这只是一些意见，似乎是AWS的一些推荐方法.我能想到的很少有优势

It's just some opinion and it seems like some recommended way from AWS. Few advantages I can think of are

1. 您无需维护脚本/序列即可将X-Ray Daemon进程作为EC2 AMI的一部分.
2. 您不必授予整个EC2角色将数据发送到X-Ray的权限，而是使用容器，只有该特定任务角色才具有权限，而没有其他所有权限.
3. 如果由于某种原因停止了进程，则必须手动启动进程或从群集中删除EC2或维护AMI上的复杂脚本.但是，由于是ECS托管容器，它将确保任务始终运行.
4. ECS守护程序调度文档说您的情况就是为什么他们带了这种类型的容器.

https://aws.amazon.com/about-aws/whats-new/2018/06/amazon-ecs-adds-daemon-scheduling/

再次，这只是我的意见，但您也可以按照自己的方式去做.

Again, this is just my opinion but you can go with desired way as well.

这篇关于XRay跟踪未在AWS控制台中显示的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！