GCP日志在每秒提交超过1个日志时抛出错误。

huangapple go评论106阅读模式
英文:

GCP logging throwing an error when submitting more that 1 log per seco

问题

I am trying to implement logging in Flask. The API run on Google App Engine and I am using GCP Logging. It works, unless I submit more that around 1 log per second. I have the permission to create logs since some of them are recorded without any issues and some of them aren't.

The Python code is:

...
import logging
import google.cloud.logging

...
@app.route("/log", methods=['GET'])
    def log():
        logging.basicConfig(
            level=logging.INFO,
        )
        logging.info('Hello')

        client = google.cloud.logging.Client()
        client.get_default_handler()
        client.setup_logging()

        return 'info log'

The error:

Failed to submit 1 logs.

Traceback:

File "/layers/google.python.pip/pip/lib/python3.10/site-packages/google/api_core/grpc_helpers.py", line 57, in error_remapped_callable
    return callable_(*args, **kwargs)
  File "/layers/google.python.pip/pip/lib/python3.10/site-packages/grpc/_channel.py", line 946, in __call__
    return _end_unary_response_blocking(state, call, False, None)
  File "/layers/google.python.pip/pip/lib/python3.10/site-packages/grpc/_channel.py", line 849, in _end_unary_response_blocking
    raise _InactiveRpcError(state)
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
status = StatusCode.PERMISSION_DENIED
details = "Permission 'logging.logEntries.create' denied on resource (or it may not exist)."


The above exception was the direct cause of the following exception:

  File "/layers/google.python.pip/pip/lib/python3.10/site-packages/google/cloud/logging_v2/handlers/transports/background_thread.py", line 114, in _safely_commit_batch
    batch.commit()
  File "/layers/google.python.pip/pip/lib/python3.10/site-packages/google/cloud/logging_v2/logger.py", line 453, in commit
    client.logging_api.write_entries(entries, **kwargs)
  File "/layers/google.python.pip/pip/lib/python3.10/site-packages/google/cloud/logging_v2/_gapic.py", line 160, in write_entries
    self._gapic_api.write_log_entries(request=request)
  File "/layers/google.python.pip/pip/lib/python3.10/site-packages/google/cloud/logging_v2/services/logging_service_v2/client.py", line 631, in write_log_entries
    response = rpc(request, retry=retry, timeout=timeout, metadata=metadata,)
  File "/layers/google.python.pip/pip/lib/python3.10/site-packages/google/api_core/gapic_v1/method.py", line 154, in __call__
    return wrapped_func(*args, **kwargs)
  File "/layers/google.python.pip/pip/lib/python3.10/site-packages/google/api_core/retry.py", line 283, in retry_wrapped_func
    return retry_target(
  File "/layers/google.python.pip/pip/lib/python3.10/site-packages/google/api_core/retry.py", line 190, in retry_target
    return target()
  File "/layers/google.python.pip/pip/lib/python3.10/site-packages/google/api_core/grpc_helpers.py", line 59, in error_remapped_callable
    raise exceptions.from_grpc_error(exc) from exc
google.api_core.exceptions.PermissionDenied: 403 Permission 'logging.logEntries.create' denied on resource (or it may not exist). [reason: "IAM_PERMISSION_DENIED"
domain: "iam.googleapis.com"]

I followed Google tutorial https://cloud.google.com/logging/docs/setup/python and I didn't have any issues locally with Python's logging library. I tried rewriting code to instantiate the handler only once from a Python module but then I was getting this error every time.

英文:

I am trying to implement logging in Flask. The API run on Google App Engine and I am using GCP Logging. It works, unless I submit more that around 1 log per second. I have the permission to create logs since some of them are recorded without any issues and some of them aren't.

The Python code is:

...
import logging
import google.cloud.logging

...
@app.route(&quot;/log&quot;, methods=[&#39;GET&#39;])
    def log():
        logging.basicConfig(
            level=logging.INFO,
        )
        logging.info(&#39;Hello&#39;)

        client = google.cloud.logging.Client()
        client.get_default_handler()
        client.setup_logging()

        return &#39;info log&#39;

The error:

`Failed to submit 1 logs.`

Traceback:

File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/google/api_core/grpc_helpers.py&quot;, line 57, in error_remapped_callable
    return callable_(*args, **kwargs)
  File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/grpc/_channel.py&quot;, line 946, in __call__
    return _end_unary_response_blocking(state, call, False, None)
  File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/grpc/_channel.py&quot;, line 849, in _end_unary_response_blocking
    raise _InactiveRpcError(state)
grpc._channel._InactiveRpcError: &lt;_InactiveRpcError of RPC that terminated with:
status = StatusCode.PERMISSION_DENIED
details = &quot;Permission &#39;logging.logEntries.create&#39; denied on resource (or it may not exist).&quot;


The above exception was the direct cause of the following exception:

  File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/google/cloud/logging_v2/handlers/transports/background_thread.py&quot;, line 114, in _safely_commit_batch
    batch.commit()
  File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/google/cloud/logging_v2/logger.py&quot;, line 453, in commit
    client.logging_api.write_entries(entries, **kwargs)
  File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/google/cloud/logging_v2/_gapic.py&quot;, line 160, in write_entries
    self._gapic_api.write_log_entries(request=request)
  File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/google/cloud/logging_v2/services/logging_service_v2/client.py&quot;, line 631, in write_log_entries
    response = rpc(request, retry=retry, timeout=timeout, metadata=metadata,)
  File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/google/api_core/gapic_v1/method.py&quot;, line 154, in __call__
    return wrapped_func(*args, **kwargs)
  File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/google/api_core/retry.py&quot;, line 283, in retry_wrapped_func
    return retry_target(
  File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/google/api_core/retry.py&quot;, line 190, in retry_target
    return target()
  File &quot;/layers/google.python.pip/pip/lib/python3.10/site-packages/google/api_core/grpc_helpers.py&quot;, line 59, in error_remapped_callable
    raise exceptions.from_grpc_error(exc) from exc
google.api_core.exceptions.PermissionDenied: 403 Permission &#39;logging.logEntries.create&#39; denied on resource (or it may not exist). [reason: &quot;IAM_PERMISSION_DENIED&quot;
domain: &quot;iam.googleapis.com&quot;

I followed Google tutorial https://cloud.google.com/logging/docs/setup/python and I didn't have any issues locally with Pythons logging library. I tried rewriting code to instantiate the handler only once from a Python module but then I was getting this error every time.

答案1

得分: 0

在这种情况下,错误 IAM_PERMISSION_DENIED 意味着执行操作的主体缺少 logging.logEntries.create 权限。该权限包含在Logs Writer 预定义角色中。

阅读您分享的文章,似乎如果您想要在本地和其他地方运行应用程序,您需要首先:

如果不是这种情况,请检查基础服务帐户是否具有 Logs Writer 角色。希望对您有所帮助! GCP日志在每秒提交超过1个日志时抛出错误。

英文:

The error IAM_PERMISSION_DENIED, in this case, means that the principal performing the action is lacking the logging.logEntries.create permission. This permission is included in the Logs Writer predefined role.

Reading through the article you shared, looks like if you would like to run your application locally and elsewhere, you need to first:

If this is not the case, then check that the underlying service account has the Logs Writer role. Hope it helped! GCP日志在每秒提交超过1个日志时抛出错误。

huangapple
  • 本文由 发表于 2023年4月17日 22:35:21
  • 转载请务必保留本文链接:https://go.coder-hub.com/76036307.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定