Adds HttpLogging middleware

[jkotalik]

Fixes #3700

There are a few follow up issues that I'll file:

• W3C Logging
• Request Response Trailers Logging
• Redaction/Additional logging

I'll write the API proposal in the issue linked with the information here.

There are a few tests failing ATM as I have some questions that review will help with.

[davidfowl]

We need to do an api review

[jkotalik]

For sure; I'm scheduling one for tomorrow/friday one off.

[ghost]

Thank you for submitting this for API review. This will be reviewed by @dotnet/aspnet-api-review at the next meeting of the ASP.NET Core API Review group. Please ensure you take a look at the API review process documentation and ensure that:

• The PR contains changes to the reference-assembly that describe the API change. Or, you have included a snippet of reference-assembly-style code that illustrates the API change.
• The PR describes the impact to users, both positive (useful new APIs) and negative (breaking changes).
• Someone is assigned to "champion" this change in the meeting, and they understand the impact and design of the change.

[davidfowl]

[Redacted] instead of X

[davidfowl]

Do we need Size in this name? We have size everywhere else in Kestrel.

long RequestBodySizeLimit
long ResponseBodySizeLimit

Why didn't we go with longs, we didn't learn from IIS 😄

[halter73]

It's a long in Kestrel. I can only imagine the logs with 2 GB+ bodies inside 😆

[halter73]

We could even make it nullable for consistency with Kestrel. Why force an upper bound of 2^63 bytes!

[jkotalik]

Is this a serious conversation? I guess we can make it a long....

[davidfowl]

OK we can leave it as an int and rename it to SizeLimit

[Tratcher]

We covered this in the API review and picked LogLimit over SizeLimit. In kestrel it's an absolute size limit and exceeding it causes the request to fail. Here it's a limit on the amount that will be logged before we truncate.

You really want to support GB of logged data? We'll definitely need to switch to a chunking/streaming model then to avoid buffering the whole thing.

[davidfowl]

Lets stick with an int (2GB is still GB) but I think Size should be in the name. It's the size of the request and response body in bytes.

[jkotalik]

I agree with @Tratcher, unless we have a name like RequestBodyLogSizeLimit which seems needlessly verbose.

[davidfowl]

What's the deal here?

[jkotalik]

Wanted to have the APIs present for binary logging format, which are currently not supported.

[halter73]

#31884

[davidfowl]

I notice we don't check if Logging is enabled before we do any of this stuff. Seems like we should no?

[davidfowl]

Why? There's no more data coming in right?

[davidfowl]

nit: Remove space

[davidfowl]

LGTM

[jkotalik]

I did a bunch of perf runs locally to generally get a picture of what's going on.

With a custom logging provider which noop'd (to remove the impact of the actual logging), I saw around a 3% regression with logging the request, response, and response body.

Before (no HttpLoggingMiddleware)

Bombarding http://localhost:5000 for 10s using 125 connection(s)
[=================================================================================================================================================================================================================================================================================] 10s
Done!
Statistics        Avg      Stdev        Max
  Reqs/sec     70548.12   12436.92  144929.16
  Latency        1.72ms   763.52us    70.14ms
  HTTP codes:
    1xx - 0, 2xx - 713518, 3xx - 0, 4xx - 0, 5xx - 0
    others - 0
  Throughput:    14.36MB/s

After (with middleware and noop logging)

Bombarding http://localhost:5000 for 10s using 125 connection(s)
[=================================================================================================================================================================================================================================================================================] 10s
Done!
Statistics        Avg      Stdev        Max
  Reqs/sec     68877.66   14550.83  114951.68
  Latency        1.77ms   629.66us   139.06ms
  HTTP codes:
    1xx - 0, 2xx - 696073, 3xx - 0, 4xx - 0, 5xx - 0
    others - 0
  Throughput:    14.01MB/s

I averaged a few runs here and in general, removing the middleware showed around a 3% gain, which is expected.

I'm going to try some worst case scenarios just for kicks now. But there isn't anything obscenely wrong perf wise.

[jkotalik]

To no surprise, a larger response body affects perf even more, seeing around a 40% regression. Writing a 50 KB response, perf numbers go from 21k RPS to 13K RPS.

Bombarding http://localhost:5000 for 10s using 125 connection(s)
[=================================================================================================================================================================================================================================================================================] 10s
Done!
Statistics        Avg      Stdev        Max
  Reqs/sec     20990.03    8384.13   52401.26
  Latency        5.97ms     1.81ms    70.33ms
  HTTP codes:
    1xx - 0, 2xx - 209109, 3xx - 0, 4xx - 0, 5xx - 0
    others - 0
  Throughput:     0.98GB/s
C:\Users\jukotali> ^C
C:\Users\jukotali> bombardier localhost:5000
Bombarding http://localhost:5000 for 10s using 125 connection(s)
[=================================================================================================================================================================================================================================================================================] 10s
Done!
Statistics        Avg      Stdev        Max
  Reqs/sec     12807.25    5641.34   28040.42
  Latency        9.52ms     3.94ms   226.19ms
  HTTP codes:
    1xx - 0, 2xx - 131084, 3xx - 0, 4xx - 0, 5xx - 0
    others - 0
  Throughput:   628.02MB/s

[Tratcher]

To no surprise, a larger response body affects perf even more, seeing around a 40% regression. Writing a 50 KB response, perf numbers go from 21k RPS to 13K RPS.

Buffering the bytes shouldn't cause much throughput overhead(?). Is it the decoding and logging a big string that slows it down? I suspect streaming/chunked body logging will help here.

[jkotalik]

Buffering the bytes shouldn't cause much throughput overhead(?). Is it the decoding and logging a big string that slows it down? I suspect streaming/chunked body logging will help here.

Yeah there are many things we can do to improve perf here, but that's for after this PR is merged 😄 . I mostly wanted to make sure there wasn't something horrendously wrong.

[BrennanConroy]

Buffering the bytes shouldn't cause much throughput overhead(?).

Console logging pushes to a BlockingCollection which will hold a few items before blocking more logs. So once the queue is full, it completely blocks the thread.

[davidfowl]

Buffering the bytes shouldn't cause much throughput overhead(?). Is it the decoding and logging a big string that slows it down? I suspect streaming/chunked body logging will help here.

Copying the body will have CPU overhead and decoding UTF8 will have even more CPU overhead.

[jkotalik]

This isn't logging to console atm, it's nooping that portion. This is to primarily check the perf of the middleware and buffering.

[BrennanConroy]

Oh, that doesn't seem great then 😄

[jkotalik]

@dotnet/aspnet-build please merge.