Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Notes

  • Last week - LOG Meeting Minutes 2018-06-19
  • POMBA scope change vote Thu morning at 0245 EDT (GMT-5) at TSC beijing meet
    • Note from Michael O'Brien on June 21: At 0510 (20 min over) Alla clarified that we do not need a vote (usually we do) – we all heard an OK – I mark this issue as closed – thanks Alla for the final push.
  • No pending commits for logging-analytics repo
  • board - https://jira.onap.org/secure/RapidBoard.jspa?rapidView=53&view=planning&selectedIssue=LOG-471&epics=visible
  • Casablanca release planning - Logging Casablanca Scope
  • RequestID:
    • Example code in spec is the 1.2 spec (ONAP Application Logging Specification v1.2 (Casablanca)#MDC-RequestID) is out of date. Still refers to X-RequestID, should be X-ONAP-RequestID. 
    • Agreed to specify all three – past and future – headers for the duration of Casablanca, and standardize on one – X-ONAP-Request-ID after Casablanca release. 
    • Debated cutover versus supporting all three, and agreed that the impact on existing behavior would be unpalatable for many teams. 
    • TODO: go back and update specification. (LP: done).
  • Casablanca:
    • Machine-readable format:
      • Pipe-separated format vs. tab-separated → pipe-separated.
      • Original agreement was to revert to pipe-separated as per the Text Output example in the specification. That's the final decision.
      • Once provider configuration is templated, we can put the separator in values.yaml, 
    • Streams transports:
      • Options were logstash (native) and syslog. 
      • If we want to provide one out of the box, it has to be one that doesn't incur new dependencies in the classpath → syslog. 
      • This still leaves us with the problem of persistent queues at the logstash end. 
      • Assumption: syslog (since appenders are always available) AND logstash queues for persistence AND the ability to turn off any appender using values.yaml
      • TODO: find out where we are with log4j 1.X. (Since its support is likely limited without extra classes)
    • Finalizing the specification:
      • But for typos and example code pending update, it's final. 
      • TODO: X-Request-ID (again)
    • Security:
      • Files owned by root (elasticsearch, filebeat, logstash). - the norm is not be root - but be "ubuntu" for example - see 
        Jira Legacy
        serverSystem Jira
        serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
        keyLOG-481
      • Credentials and other sensitive information to K8s secrets.
      • General hardening and port closure.
      • Search Guard:
        • FOSS.
        • RBA for log entries. 
        • AT&T have a sample implementation.  
    • Templated provider configuration:
      • (Helm)
      • Submit templated logback configuration for next week. 
      • TODO: add syslog appender under the control of values.yaml. 
      • TODO: by next week! (LP: will be the week after, new ETA July 10th.)
    • Compliance and backporting:
      • Limited developer capacity. 
      • Options:
        • Make changes ourselves → insufficient capacity. 
        • Raise bugs → obnoxious. 
        • Rate compliance → compliance matrix. Still requires us to do the analysis. 
        • Encourage adoption of reference libraries. 
        • Bring the architecture committee to bear on the problem.