Configuring 采样、组和加密设置,并使用 Amazon X-RayAPI - Amazon X-Ray
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

Configuring 采样、组和加密设置,并使用 Amazon X-RayAPI

Amazon X-Ray 提供用于配置采样规则、组规则和加密设置的 API。

加密设置

使用PutEncryptionConfig指定一个Amazon密钥管理服务 (AmazonKMS) 用于加密的客户主密钥 (CMK)。

注意

X-Ray 不支持非对称 CMK。

$ aws xray put-encryption-config --type KMS --key-id alias/aws/xray { "EncryptionConfig": { "KeyId": "arn:aws:kms:us-east-2:123456789012:key/c234g4e8-39e9-4gb0-84e2-b0ea215cbba5", "Status": "UPDATING", "Type": "KMS" } }

对于密钥 ID,您可以使用别名(如示例中所示)、密钥 ID 或 Amazon 资源名称 (ARN)。

使用 GetEncryptionConfig 获取当前配置。当 X-Ray 应用设置时,状态将从UPDATINGACTIVE

$ aws xray get-encryption-config { "EncryptionConfig": { "KeyId": "arn:aws:kms:us-east-2:123456789012:key/c234g4e8-39e9-4gb0-84e2-b0ea215cbba5", "Status": "ACTIVE", "Type": "KMS" } }

要停止使用 CMK 并使用默认加密,请将加密类型设置为 NONE

$ aws xray put-encryption-config --type NONE { "EncryptionConfig": { "Status": "UPDATING", "Type": "NONE" } }

采样规则

您可以管理采样规则在您的帐户中使用 X-Ray API。有关添加和管理标签的更多信息,请参阅标签 X-Ray 采样规则和组

利用 GetSamplingRules 获取所有采样规则。

$ aws xray get-sampling-rules { "SamplingRuleRecords": [ { "SamplingRule": { "RuleName": "Default", "RuleARN": "arn:aws:xray:us-east-2:123456789012:sampling-rule/Default", "ResourceARN": "*", "Priority": 10000, "FixedRate": 0.05, "ReservoirSize": 1, "ServiceName": "*", "ServiceType": "*", "Host": "*", "HTTPMethod": "*", "URLPath": "*", "Version": 1, "Attributes": {} }, "CreatedAt": 0.0, "ModifiedAt": 1529959993.0 } ] }

默认规则应用于与其他规则不匹配的所有请求。它是优先级最低的规则,无法删除。但是,您可以使用 UpdateSamplingRule 更改速率和容器大小。

例 的 API 输入UpdateSamplingRule— 10000-defat.json

{ "SamplingRuleUpdate": { "RuleName": "Default", "FixedRate": 0.01, "ReservoirSize": 0 } }

以下示例使用上一个文件作为输入,将默认规则更改为不含储层的百分比。标签是可选的。如果选择添加标签,则需要标签键,并且标签值是可选的。要从采样规则中删除现有标签,请使用UntagResource

$ aws xray update-sampling-rule --cli-input-json file://1000-default.json --tags [{"Key": "key_name","Value": "value"},{"Key": "key_name","Value": "value"}] { "SamplingRuleRecords": [ { "SamplingRule": { "RuleName": "Default", "RuleARN": "arn:aws:xray:us-east-2:123456789012:sampling-rule/Default", "ResourceARN": "*", "Priority": 10000, "FixedRate": 0.01, "ReservoirSize": 0, "ServiceName": "*", "ServiceType": "*", "Host": "*", "HTTPMethod": "*", "URLPath": "*", "Version": 1, "Attributes": {} }, "CreatedAt": 0.0, "ModifiedAt": 1529959993.0 },

利用 CreateSamplingRule 创建更多采样规则。创建规则时,大多数规则字段都是必需的。以下示例将创建两个规则。这第一个规则为 Scoreep 示例应用程序设置基本费率。它匹配 API 提供的与更高优先级规则不匹配的所有请求。

例 的 API 输入UpdateSamplingRule— 9000-base-scorekeep.json

{ "SamplingRule": { "RuleName": "base-scorekeep", "ResourceARN": "*", "Priority": 9000, "FixedRate": 0.1, "ReservoirSize": 5, "ServiceName": "Scorekeep", "ServiceType": "*", "Host": "*", "HTTPMethod": "*", "URLPath": "*", "Version": 1 } }

第二条规则也适用于 Scoreep,但它具有更高的优先级,更具体。此规则为轮询请求设置了非常低的采样率。这些是客户端每隔几秒钟发出的 GET 请求,用于检查游戏状态的更改。

例 的 API 输入UpdateSamplingRule—5000-pol-scorekeep.json

{ "SamplingRule": { "RuleName": "polling-scorekeep", "ResourceARN": "*", "Priority": 5000, "FixedRate": 0.003, "ReservoirSize": 0, "ServiceName": "Scorekeep", "ServiceType": "*", "Host": "*", "HTTPMethod": "GET", "URLPath": "/api/state/*", "Version": 1 } }

标签是可选的。如果选择添加标签,则需要标签键,并且标签值是可选的。

$ aws xray create-sampling-rule --cli-input-json file://5000-polling-scorekeep.json --tags [{"Key": "key_name","Value": "value"},{"Key": "key_name","Value": "value"}] { "SamplingRuleRecord": { "SamplingRule": { "RuleName": "polling-scorekeep", "RuleARN": "arn:aws:xray:us-east-1:123456789012:sampling-rule/polling-scorekeep", "ResourceARN": "*", "Priority": 5000, "FixedRate": 0.003, "ReservoirSize": 0, "ServiceName": "Scorekeep", "ServiceType": "*", "Host": "*", "HTTPMethod": "GET", "URLPath": "/api/state/*", "Version": 1, "Attributes": {} }, "CreatedAt": 1530574399.0, "ModifiedAt": 1530574399.0 } } $ aws xray create-sampling-rule --cli-input-json file://9000-base-scorekeep.json { "SamplingRuleRecord": { "SamplingRule": { "RuleName": "base-scorekeep", "RuleARN": "arn:aws:xray:us-east-1:123456789012:sampling-rule/base-scorekeep", "ResourceARN": "*", "Priority": 9000, "FixedRate": 0.1, "ReservoirSize": 5, "ServiceName": "Scorekeep", "ServiceType": "*", "Host": "*", "HTTPMethod": "*", "URLPath": "*", "Version": 1, "Attributes": {} }, "CreatedAt": 1530574410.0, "ModifiedAt": 1530574410.0 } }

要删除采样规则,请使用 DeleteSamplingRule

$ aws xray delete-sampling-rule --rule-name polling-scorekeep { "SamplingRuleRecord": { "SamplingRule": { "RuleName": "polling-scorekeep", "RuleARN": "arn:aws:xray:us-east-1:123456789012:sampling-rule/polling-scorekeep", "ResourceARN": "*", "Priority": 5000, "FixedRate": 0.003, "ReservoirSize": 0, "ServiceName": "Scorekeep", "ServiceType": "*", "Host": "*", "HTTPMethod": "GET", "URLPath": "/api/state/*", "Version": 1, "Attributes": {} }, "CreatedAt": 1530574399.0, "ModifiedAt": 1530574399.0 } }

Groups

您可以使用 X-Ray API 管理您账户中的组。组是由筛选条件表达式定义的跟踪的集合。您可以使用组生成其他服务图并提供 Amazon CloudWatch 指标。请参阅从获取数据Amazon X-Ray以了解更多详情Abement 使用通过 X-Ray API 提供的服务图和指标。有关组的更多信息,请参阅在 X-Ray 控制台中配置组。有关添加和管理标签的更多信息,请参阅标签 X-Ray 采样规则和组

使用创建一个组CreateGroup。标签是可选的。如果选择添加标签,则需要标签键,并且标签值是可选的。

$ aws xray create-group --group-name "TestGroup" --filter-expression "service(\"example.com\") {fault}" --tags [{"Key": "key_name","Value": "value"},{"Key": "key_name","Value": "value"}] { "GroupName": "TestGroup", "GroupARN": "arn:aws:xray:us-east-2:123456789012:group/TestGroup/UniqueID", "FilterExpression": "service(\"example.com\") {fault OR error}" }

获取所有现有群组GetGroups

$ aws xray get-groups { "Groups": [ { "GroupName": "TestGroup", "GroupARN": "arn:aws:xray:us-east-2:123456789012:group/TestGroup/UniqueID", "FilterExpression": "service(\"example.com\") {fault OR error}" }, { "GroupName": "TestGroup2", "GroupARN": "arn:aws:xray:us-east-2:123456789012:group/TestGroup2/UniqueID", "FilterExpression": "responsetime > 2" } ], "NextToken": "tokenstring" }

使用更新组UpdateGroup。标签是可选的。如果选择添加标签,则需要标签键,并且标签值是可选的。要从组中删除现有标签,请使用UntagResource

$ aws xray update-group --group-name "TestGroup" --group-arn "arn:aws:xray:us-east-2:123456789012:group/TestGroup/UniqueID" --filter-expression "service(\"example.com\") {fault OR error}" --tags [{"Key": "Stage","Value": "Prod"},{"Key": "Department","Value": "QA"}] { "GroupName": "TestGroup", "GroupARN": "arn:aws:xray:us-east-2:123456789012:group/TestGroup/UniqueID", "FilterExpression": "service(\"example.com\") {fault OR error}" }

删除带有的组DeleteGroup

$ aws xray delete-group --group-name "TestGroup" --group-arn "arn:aws:xray:us-east-2:123456789012:group/TestGroup/UniqueID" { }