mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-03-21 20:41:57 +00:00
cdfe086ca9
When I built https://github.com/firezone/firezone/pull/1994, I hadn't yet fully understood how tracing works on Google Cloud. Logs and traces are separated in Google Cloud. Most importantly, traces need to be _pushed_ to Google Cloud whereas logs are scraped automatically. Logs can _reference_ traces via particular fields, in particular `logging.googleapis.com/spanId` and `projects/{project_id}/traces/{trace_id}`. Within the container-optimised OS that we are running on, we are already authenticated to all the Google APIs. Thus, we can utilize the `GcpAuthorizer` from the `opentelemetry_stackdriver` module which will automatically obtain a token from the internal metadata endpoint. Thus no external configuration is necessary. We split the configuration for logs / traces into two components: - `LOG_FORMAT`: Specifies how the logs are formatted. Can be `human`, `json` or `google-cloud`. - `TRACE_RECEIVER`: Optional. Specifies where the traces are sent to. If specified, we will also slightly tweak the log configuration to embed the project ID which allows Google Cloud Trace to cross-reference log entries with traces.