Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Proposed name for projects: Logging and Analytics
  • Proposed name for the repository: logging-analytics

Why a Logging Project

Keywords:

Centralized, Role based access, tracking, streaming, reporting

Feature /

Requirement

Description
F1Centralized Logs - all the logs available streamed in one place - search, visualize and report ready
F2Role based access - logs are accessible from outside the container - no ssh into the pod or tailing of the logs per microservice
F3

Tracking - If a unique ID is passed across microservices we can trace a transaction pass/failure through the system

requestID, InvocationID, Timestamp indexed

F4Reporting - track multiple transaction patterns and generate emergent or correlated behavior
F5Control over log content - collect, index, filter
F6Machine readable json oriented elasticsearch storage of logs


R1Logs are in the same (currently 29 field) format
R2Logging library requires minimal changes for use - using Spring AOP to get MARKER entry/exit logs for free without code changes
R3Logs are streamed to a central ELK stack
R4ELK stack provides for tracing, dashboards, query API


Project Description

ONAP consists of many components and containers, and consequently writes to many logfiles. The volume of logger output may be enormous, especially when debugging. Large, disparate logfiles are difficult to monitor and analyze, and tracing requests across many files, file systems and containers is untenable without tooling. 

...

Logger configurations in ONAP are diverse and idiosyncratic. Addressing these issues will prevent costs from being externalized to consumers such as analytics. It also affords the opportunity to remedy any issues with the handling and propagation of contextual information such as transaction identifiers (presently passed as X-ECOMP-RequestID - to be X-ONAP-RequestID). This propagation is critical to tracing requests as they traverse ONAP and related systems, and is the basis for many analytics functions. 

...

  1. ONAP-wide changes to regularize logger providers, logger configuration and logger output. The changes are largely cosmetic, but greater coherence will simplify deployment orchestration and customization, and improve extensibility and support for analytics. 
  2. A reference analytics pipeline configuration consisting of:
  3. Documentation:
  4. Other example configurations, including: 
    • JSON output. 
    • Non-file transports, including SYSLOG and TCP.  
    • Durable shipping transports, such as Logstash persistent queues, or Kafka or Redis or similar if there's interest.
    • Kibana Dashboards.Kibana Dashboards.
  5. Audit:
    1. Specifically Post orchestration model based audit - Logging Scope Change for POMBA seed code  

Out of scope:

  • No impact on EELF or its use. Some ONAP components log via EELF, and some do not. This won't change.
  • No prescription of logging providers. Standardization is encouraged but not mandatory. Note that certain providers (e.g. legacy Log4j 1.X) may not support all output options.   
  • No changes to any ONAP component without consultation with its owners. Note that components whose provider configuration is NOT aligned may not have their logs indexed without (potentially costly) ad hoc indexing configuration.

...

Standardization

All changes augment ONAP application logging guidelines on the ONAP wiki. 

Commits to 2 repos

...

  • Currently: varies (though a default is loosely prescribed in ONAP application logging guidelines).
  • Affects: most ONAP components, superficially. 
  • Priority: HIGH.
  • Why
    • Reduced complexity. 
    • Fewer special cases:
      • Easier configuration.
      • Easier indexing.
      • Easier orchestration.
  • Notes:
    • These paths may be on a mounted persistent volume so that:
      • Logs are accessible to shippers such as Filebeat or Fluentd.
      • Logs are persistent, and independent of the lifecycle of individual containers.
    • Any indirection for multiple instances of a container writing to a shared volume can be managed in one of two ways:
      • By including a container identifier in the above spec. 
      • By deployment automation; in volume mappings, so that tenant applications don't need to know. 

...

  • Currently: varies (no default prescribed by ONAP application logging guidelines).
  • Affects: most ONAP components, superficially. 
  • Priority: HIGH.
  • Why:
    • Reduced complexity. 
    • Fewer special cases, simplified automation. 
    • Certain components are presently not configurable, e.g. Portal, for which even trivial reconfiguration of logging requires reassembly of its WAR.
    • See Support for analytics pipelines
  • Notes:
    • This greatly simplifies deployment automation, reconfiguration, etc. 
    • These paths will normally be local to a container, not on a mounted volume, but either is fine.
    • The exact path can be fine-tuned, but:
      • The benefit of an ONAP-wide convention should be evident.
      • This corresponds to the convention implemented (updated for ONAP) by MSO and others.
      • It should be aligned with conventions for other component- and subcomponent-specific configuration documents. 

...

  1. Standardized configuration, simplifying unilateral reconfiguration and automated updates. 
  2. Standardized output, simplifying the configuration of analytics pipelines. 

MDCs

The MDCs in ONAP application logging guidelines are closely matched to existing MDC usage in seed ONAP components, but there may be many arbitrarily many others, and there's no need for them to be listed in configuration. Itemizing them means changing all configuration documents when new MDCs are introduced. 

...

On the basis of regularized provider configuration and output, and the work of the ONAP Operations Manager project, a complete Elastic Stack pipeline can be deployed automatically. 

...

  • Filebeat shipping:
    • Line format and locations as discussed. 
    • Other shipping transports are simplified by regularized logger provider configuration. 
  • Logstash indexing.
  • Elasticsearch in a TBD minimal three-node cluster - currently a single container. 
  • Kibana Discover UI.
  • Fullly automated Kubernetes deployment based on ONAP Operations Manager.

  • Currently: Available via 20170914 master build
  • Affects
    • Adds analytics capability, but no impact on individual ONAP components. 
    • Reconfiguration, including replacement with OTHER analytics pipelines will be similarly transparent.
  • Priority: HIGH.
  • Why
    • Demonstrates a bolt-on analytics capability.
    • Provides a working analytics OOB.
    • Elastic Stack is available as FOSS. 
  • Notes:
    • Files + Filebeat are the lowest common denominator. They provide a simple mechanism for resilience, and yet require no disruptive (for example classpath) changes. 
    • Other sources of logs can be indexed, with appropriate configuration. Generally these will not be able to be correlated with an ONAP transaction, however. 

...

  • Currently: X-ECOMP-RequestID.
  • Affects: all ONAP components. 
  • Why: ECOMP renamed to ONAP.
  • Notes:
    • This may already have been fixed in another branch. 
    • If not, it can be dealt with at the same time as applying changes to defaults, etc.

Key Project Facts

...

Key Project Facts

...

Resources

Existing logging guidelines:

Logging providers:

...