Enable debug loglevel for aws component in relay

[suniltheta]

Summary

Enable debug loglevel for aws component in relay

Since major of function of Relay is to sign the request by fetching the IMDSv2 credentials, we can afford to have debug logs in production for only aws component.

The log is not dependent on customer's dataplane traffic and is only fetched every 1 hour to refresh the credentials. In case of issue fetching the credentials the logs will help identify the problem faster instead of teaching customer how to fetch the debug level logs from relay container.

This will help chase the issues where Relay is not able to fetch the credentials because IMDS is disabled. Or in other instances token fetch fails and Envoy end up doing IMDSv1 calls etc.

Implementation details

Enable https://www.envoyproxy.io/docs/envoy/latest/operations/cli.html#cmdoption-component-log-level component log level only for aws component.

Testing

New tests cover the changes: yes

Manual testing logs which will start showing up inside relay container at /var/logs/*

[2023-11-27 18:44:12.302][2768][debug][aws] [source/extensions/common/aws/credentials_provider_impl.cc:281] Getting AWS credentials from the EC2MetadataService
[2023-11-27 18:44:12.302][2768][debug][aws] [source/extensions/common/aws/metadata_fetcher.cc:78] fetch AWS Metadata from the cluster ec2_instance_metadata_server_internal at [uri = http://169.254.169.254/latest/api/token]
[2023-11-27 18:44:12.303][2768][debug][aws] [source/extensions/common/aws/metadata_fetcher.cc:127] onSuccess: fetch AWS Metadata [cluster = ec2_instance_metadata_server_internal]: success
[2023-11-27 18:44:12.303][2768][debug][aws] [source/extensions/common/aws/credentials_provider_impl.cc:452] AWS Instance metadata fetch success, calling callback func
[2023-11-27 18:44:12.303][2768][debug][aws] [source/extensions/common/aws/metadata_fetcher.cc:78] fetch AWS Metadata from the cluster ec2_instance_metadata_server_internal at [uri = http://169.254.169.254/latest/meta-data/iam/security-credentials]
[2023-11-27 18:44:12.304][2768][debug][aws] [source/extensions/common/aws/metadata_fetcher.cc:127] onSuccess: fetch AWS Metadata [cluster = ec2_instance_metadata_server_internal]: success
[2023-11-27 18:44:12.304][2768][debug][aws] [source/extensions/common/aws/credentials_provider_impl.cc:452] AWS Instance metadata fetch success, calling callback func
[2023-11-27 18:44:12.304][2768][debug][aws] [source/extensions/common/aws/credentials_provider_impl.cc:375] AWS credentials list:
loadtest-asg-ECSInstanceRole
[2023-11-27 18:44:12.304][2768][debug][aws] [source/extensions/common/aws/credentials_provider_impl.cc:382] AWS credentials path: /latest/meta-data/iam/security-credentials/loadtest-asg-ECSInstanceRole
[2023-11-27 18:44:12.304][2768][debug][aws] [source/extensions/common/aws/metadata_fetcher.cc:78] fetch AWS Metadata from the cluster ec2_instance_metadata_server_internal at [uri = http://169.254.169.254/latest/meta-data/iam/security-credentials/loadtest-asg-ECSInstanceRole]
[2023-11-27 18:44:12.304][2768][debug][aws] [source/extensions/common/aws/metadata_fetcher.cc:127] onSuccess: fetch AWS Metadata [cluster = ec2_instance_metadata_server_internal]: success
[2023-11-27 18:44:12.304][2768][debug][aws] [source/extensions/common/aws/credentials_provider_impl.cc:452] AWS Instance metadata fetch success, calling callback func
[2023-11-27 18:44:12.304][2768][debug][aws] [source/extensions/common/aws/credentials_provider_impl.cc:438] Obtained following AWS credentials from the EC2MetadataService: AWS_ACCESS_KEY_ID=ASIA5AKVMPN45UBMHOR2, AWS_SECRET_ACCESS_KEY=*****, AWS_SESSION_TOKEN=*****

Description for the changelog

Licensing

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.