[oracle_weblogic] Add Integration Package with Admin Server Logs Data Stream #3066
Conversation
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
🤖 GitHub commentsTo re-run your PR in the CI, just comment with:
|
packages/oracle_weblogic/data_stream/admin_server/fields/fields.yml
Outdated
Show resolved
Hide resolved
🌐 Coverage report
|
packages/oracle_weblogic/data_stream/admin_server/elasticsearch/ingest_pipeline/default.yml
Show resolved
Hide resolved
| required: true | ||
| show_user: true | ||
| default: | ||
| - /tmp/service_logs/logs/AdminServer.log |
There was a problem hiding this comment.
In general, i have seen /user_projects/domains/wls_domain/servers/AdminServer.log or similar as the default path fof AdminServer log. You may validate this to correct the default path of AdminServer.log file
There was a problem hiding this comment.
kush-elastic
added
enhancement
| weblogic-log: | ||
| image: alpine | ||
| volumes: | ||
| - ./sample_logs:/sample_logs:ro | ||
| - ${SERVICE_LOGS_DIR}:/var/log |
There was a problem hiding this comment.
It isn't the Oracle WebLogic. Please use the right Docker image with the application running.
There was a problem hiding this comment.
That makes sense. However, I see in the documentation (Page 8) that we'll need to download supported supplements for Oracle WebLogic which seems to have a Oracle Account signed in as a prerequisite and accepting their terms and policies via GUI (which does not seem to be feasible to achieve here).
First, decide which installation type you want to use, either generic, quick, or slim installer, and then download the required Oracle WebLogic Server installer to the dockerfiles/12.2.1.4 folder.
@mtojek / @kush-elastic, do you have any ideas for the same?
There was a problem hiding this comment.
Have you tried playing with any of these: dockerfiles?
There was a problem hiding this comment.
Yes, we tried using this. But what is blocking us to use that docker image directly is while running that dockerfile present in repo, we need to download this supplements.
To download that supplements we need oracle login (manually).
There was a problem hiding this comment.
It seems that we need access to container-registry.oracle.com to run:
docker pull container-registry.oracle.com/middleware/weblogic:12.2.1.4, right?
@v1v do you think that we can pull/copy them into our Docker registry? Let me justify as this is a longer path. If we want to maintain and develop observability tools for Oracle products, then we need an official/corp account there.
There was a problem hiding this comment.
do you think that we can pull/copy them into our Docker registry?
I think so, if you can raise an issue in the obt-robots
There was a problem hiding this comment.
Thanks, raised an internal issue.
@kush-elastic Please note here which images would be useful for testing.
There was a problem hiding this comment.
Thanks @mtojek, We will check for the exact requirement over the docker image and the required supplements and will get back on this.
There was a problem hiding this comment.
Hey @mtojek,
With reference to this discussion #3298
We had a query related to the sample docker files and container scripts used in the docker files, we will be copying and combining these two docker-files (File1, File2) into a single docker file as we want an application to be deployed on managed and admin server. We hope there won't be any consequences in combining these files and using them as one.
We will also be combining all the scripts under one folder from these two folders folder1 and folder2 as it is required for the current use case. we just wanted to confirm this as we can see the Copyright License on each of the files mentioned, hope that it won't cause any issue here as this are the samples files, or is their any other suggestions from your side.
There was a problem hiding this comment.
As far as I can see, these files are distributed based on the UPL 1.0 license, which is considered safe according to the Open Source policy in Elastic.
Please add the NOTICE.txt file with a copy of the original license and the link to the docker-images repository.
| "diagnostic_context_id": "1648117791865", | ||
| "machine_name": "wlsadmin", | ||
| "message_id": "BEA-002622", | ||
| "message_text": "The protocol \"admin\" is now configured.", |
There was a problem hiding this comment.
It isn't aligned with ECS, there is a log.message field.
There was a problem hiding this comment.
Ah, sorry, my bad. Not log.message but just message.
|
|
||
| ignore_failure: true | ||
| - script: | ||
| description: Drops null/empty values recursively |
There was a problem hiding this comment.
Why is it required? What exactly are you dropping?
There was a problem hiding this comment.
This script is used for removing empty fields. So we are using it when we get empty value for any of the fields in the log message.
There was a problem hiding this comment.
Why don't you use the drop_fields? https://www.elastic.co/guide/en/beats/metricbeat/current/drop-fields.html
There was a problem hiding this comment.
In the drop_fields processor we will explicitly need to provide set of all the possible fields which can possibly have a NULL value, However the above script processor will go through every field in the document and check if any field is NULL or "" and will drop the fields accordingly. Still WDYT should we change this?
There was a problem hiding this comment.
I would go with the prebuilt processor as this is less error-prone. Is it common to observe "" fields?
There was a problem hiding this comment.
We tried going through drop_fields processor it seems that drop_fields is used to preprocess the document before it actually parse through the ingest pipeline. We also looked into the drop processor which actually drops the entire document and not just the empty fields. So can we prefer this Script instead of any other processor as we can find same script in previously created integrations as well
Ref:
- https://github.com/elastic/integrations/blob/main/packages/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml#:~:text=Drops%20null/empty%20values%20recursively
- https://github.com/elastic/integrations/blob/main/packages/okta/data_stream/system/elasticsearch/ingest_pipeline/default.yml#:~:text=Drops%20null/empty%20values%20recursively
There was a problem hiding this comment.
Ok, thanks for explaining!
@andrewkroh, QQ as you have definitely more experience with pipeline processing. Does it look like a good candidate for a new ES processor?
There was a problem hiding this comment.
It's a common enough pattern that I think it could be processor. Often we see data sources that put values like "-" or empty strings into the event and we want to "clean" those from the event. Alternatively we could check every known field and conditionally drop it, but that becomes verbose.
| # newer versions go on top | ||
| - version: "0.1.0" | ||
| changes: | ||
| - description: Oracle WebLogic integration package with Admin server datastream |
|
|
||
| ### Admin Server logs | ||
|
|
||
| The `admin_server` data stream collects Admin Server logs from Adminserver.log. |
| title: "Oracle WebLogic" | ||
| version: 0.1.0 | ||
| license: basic | ||
| description: "This Elastic integration collects logs and metrics from Oracle WebLogic." |
There was a problem hiding this comment.
Let's keep it consistent with other integrations. Please refer #2614 (comment)
| @@ -0,0 +1,31 @@ | |||
| format_version: 1.0.0 | |||
| name: oracle_weblogic | |||
| title: "Oracle WebLogic" | |||
There was a problem hiding this comment.
nit: title: Oracle WebLogic
| @@ -0,0 +1,23 @@ | |||
| paths: | |||
| {{#each paths as |path i|}} | |||
| {{#if preserve_original_event}} | ||
| - preserve_original_event | ||
| {{/if}} | ||
| {{#each tags as |tag i|}} |
We discussed with @akshay-saraswat for the same and based on discussion we decided to separate logs to 4 logs data-stream. |
packages/oracle_weblogic/NOTICE.txt
Outdated
| @@ -0,0 +1,37 @@ | |||
| Repository: https://github.com/oracle/docker-images | |||
There was a problem hiding this comment.
Let's move this NOTICE.txt to the _dev/deploy as, as far as I can see, Oracle resources are only used for testing.
There was a problem hiding this comment.
When we moved NOTICE.txt to _dev/deploy, we faced a lint error when linting the integration using elastic-package lint.
Error: linting package failed: found 1 validation error:
1. item [NOTICE.txt] is not allowed in folder [/home/devuser/kush/integrations/packages/oracle_weblogic/_dev/deploy]
Should we keep it as it is or do you suggest moving it somewhere else?
There was a problem hiding this comment.
Let's move it close to the Dockerfile.
There was a problem hiding this comment.
LGTM, I am not sure on how the NOTICE.txt entry should be added as per #3066 (comment). Please wait for @mtojek's approval over the same.
|
|
||
| # Pull base image | ||
| # --------------- | ||
| FROM docker.elastic.co/observability-ci/weblogic:12.2.1.3-dev |
There was a problem hiding this comment.
Just wanted to clarify: did you copy all files from the original repository (docker-images) or implemented them manually?
| services: | ||
| wlsadmin: | ||
| build: | ||
| context: . |
There was a problem hiding this comment.
Why exactly do we need to build this image?
There was a problem hiding this comment.
We are actually adding sample application along with Admin Server and Managed Server configuration. Also, we are downloading and configuring Jolokia for data collection. so we would need to build the image.
There was a problem hiding this comment.
Ok, I see now.
One more question, are those scripts bound to a specific image version of Oracle? If so, it might be worth mentioning it. Maybe another CONTRIBUTING.md file?
There was a problem hiding this comment.
No they aren't we tried to run the system test with same configuration using three docker images (three versions of weblogic)
- container-registry.oracle.com/middleware/weblogic:14.1.1.0-dev-8 (14.1.1.0 version)
- container-registry.oracle.com/middleware/weblogic:12.2.1.4-dev (12.2.1.4 version)
- container-registry.oracle.com/middleware/weblogic:12.2.1.3-dev (12.2.1.3 version)
| context: . | ||
| args: | ||
| - APPLICATION_NAME=sample | ||
| - APPLICATION_PKG=archive.zip |
There was a problem hiding this comment.
It would be great if you can drop sources somewhere or, even better, use sources and build them in-the-fly.
There was a problem hiding this comment.
Just to give you a quick background, we built the archieve.zip by running build.sh locally, we thought it would be a good idea to keep it here (because of its tiny size) rather than building it in-the-fly.
Just in case we run into any troubles building it in-the-fly, can you please elaborate how do we "drop sources somewhere"?
There was a problem hiding this comment.
I mean a similar way to what Sunny implemented here: spring_boot. We don't need a full blown WAR application, just a simple and small PoC.
There was a problem hiding this comment.
I don't think this is a full-blown WAR application, it's just a single page application which basically gives data related to server and it's pretty small in size.
There was a problem hiding this comment.
That's the point, it's easier for developers to the main source than repack WAR, setup environment, maven deps, etc.
packages/oracle_weblogic/NOTICE.txt
Outdated
| @@ -0,0 +1,37 @@ | |||
| Repository: https://github.com/oracle/docker-images | |||
There was a problem hiding this comment.
Let's move this NOTICE.txt to the _dev/deploy as, as far as I can see, Oracle resources are only used for testing.
|
Thanks for the approval, @mtojek! |
|
Sure @kush-elastic . Checking .. |
What does this PR do?
Checklist
changelog.ymlfile.How to test this PR locally
elastic-package testRelated issues
Screenshots