-
Notifications
You must be signed in to change notification settings - Fork 407
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[oracle_weblogic] Add Integration Package with Admin Server Logs Data Stream #3066
[oracle_weblogic] Add Integration Package with Admin Server Logs Data Stream #3066
Conversation
packages/oracle_weblogic/data_stream/admin_server/fields/fields.yml
Outdated
Show resolved
Hide resolved
🌐 Coverage report
|
packages/oracle_weblogic/data_stream/admin_server/elasticsearch/ingest_pipeline/default.yml
Show resolved
Hide resolved
required: true | ||
show_user: true | ||
default: | ||
- /tmp/service_logs/logs/AdminServer.log |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In general, i have seen /user_projects/domains/wls_domain/servers/AdminServer.log
or similar as the default path fof AdminServer log. You may validate this to correct the default path of AdminServer.log file
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AFAIR there are two types of logs: server and domain. What are format differences between admin_server, managed_server and domain logs? Can we squeeze them into a single data stream?
weblogic-log: | ||
image: alpine | ||
volumes: | ||
- ./sample_logs:/sample_logs:ro | ||
- ${SERVICE_LOGS_DIR}:/var/log |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It isn't the Oracle WebLogic. Please use the right Docker image with the application running.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That makes sense. However, I see in the documentation (Page 8) that we'll need to download supported supplements for Oracle WebLogic which seems to have a Oracle Account signed in as a prerequisite and accepting their terms and policies via GUI (which does not seem to be feasible to achieve here).
First, decide which installation type you want to use, either generic, quick, or slim installer, and then download the required Oracle WebLogic Server installer to the dockerfiles/12.2.1.4 folder.
@mtojek / @kush-elastic, do you have any ideas for the same?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Have you tried playing with any of these: dockerfiles?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, we tried using this. But what is blocking us to use that docker image directly is while running that dockerfile present in repo, we need to download this supplements.
To download that supplements we need oracle login (manually).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems that we need access to container-registry.oracle.com to run:
docker pull container-registry.oracle.com/middleware/weblogic:12.2.1.4
, right?
@v1v do you think that we can pull/copy them into our Docker registry? Let me justify as this is a longer path. If we want to maintain and develop observability tools for Oracle products, then we need an official/corp account there.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do you think that we can pull/copy them into our Docker registry?
I think so, if you can raise an issue in the obt-robots
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, raised an internal issue.
@kush-elastic Please note here which images would be useful for testing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @mtojek, We will check for the exact requirement over the docker image and the required supplements and will get back on this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @mtojek,
With reference to this discussion #3298
We had a query related to the sample docker files and container scripts used in the docker files, we will be copying and combining these two docker-files (File1, File2) into a single docker file as we want an application to be deployed on managed and admin server. We hope there won't be any consequences in combining these files and using them as one.
We will also be combining all the scripts under one folder from these two folders folder1 and folder2 as it is required for the current use case. we just wanted to confirm this as we can see the Copyright License on each of the files mentioned, hope that it won't cause any issue here as this are the samples files, or is their any other suggestions from your side.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As far as I can see, these files are distributed based on the UPL 1.0 license, which is considered safe according to the Open Source policy in Elastic.
Please add the NOTICE.txt
file with a copy of the original license and the link to the docker-images repository.
"diagnostic_context_id": "1648117791865", | ||
"machine_name": "wlsadmin", | ||
"message_id": "BEA-002622", | ||
"message_text": "The protocol \"admin\" is now configured.", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It isn't aligned with ECS, there is a log.message
field.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, sorry, my bad. Not log.message
but just message
.
|
||
ignore_failure: true | ||
- script: | ||
description: Drops null/empty values recursively |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is it required? What exactly are you dropping?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This script is used for removing empty fields. So we are using it when we get empty value for any of the fields in the log message.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why don't you use the drop_fields
? https://www.elastic.co/guide/en/beats/metricbeat/current/drop-fields.html
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the drop_fields
processor we will explicitly need to provide set of all the possible fields which can possibly have a NULL value, However the above script processor will go through every field in the document and check if any field is NULL or "" and will drop the fields accordingly. Still WDYT should we change this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would go with the prebuilt processor as this is less error-prone. Is it common to observe "" fields?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We tried going through drop_fields
processor it seems that drop_fields
is used to preprocess the document before it actually parse through the ingest pipeline. We also looked into the drop
processor which actually drops the entire document and not just the empty fields. So can we prefer this Script instead of any other processor as we can find same script in previously created integrations as well
Ref:
- https://github.com/elastic/integrations/blob/main/packages/aws/data_stream/cloudtrail/elasticsearch/ingest_pipeline/default.yml#:~:text=Drops%20null/empty%20values%20recursively
- https://github.com/elastic/integrations/blob/main/packages/okta/data_stream/system/elasticsearch/ingest_pipeline/default.yml#:~:text=Drops%20null/empty%20values%20recursively
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, thanks for explaining!
@andrewkroh, QQ as you have definitely more experience with pipeline processing. Does it look like a good candidate for a new ES processor?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a common enough pattern that I think it could be processor. Often we see data sources that put values like "-"
or empty strings into the event and we want to "clean" those from the event. Alternatively we could check every known field and conditionally drop it, but that becomes verbose.
# newer versions go on top | ||
- version: "0.1.0" | ||
changes: | ||
- description: Oracle WebLogic integration package with Admin server datastream |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: data stream
|
||
### Admin Server logs | ||
|
||
The `admin_server` data stream collects Admin Server logs from Adminserver.log. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: Adminserver.log
title: "Oracle WebLogic" | ||
version: 0.1.0 | ||
license: basic | ||
description: "This Elastic integration collects logs and metrics from Oracle WebLogic." |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's keep it consistent with other integrations. Please refer #2614 (comment)
@@ -0,0 +1,31 @@ | |||
format_version: 1.0.0 | |||
name: oracle_weblogic | |||
title: "Oracle WebLogic" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: title: Oracle WebLogic
@@ -0,0 +1,23 @@ | |||
paths: | |||
{{#each paths as |path i|}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unused variable: i
{{#if preserve_original_event}} | ||
- preserve_original_event | ||
{{/if}} | ||
{{#each tags as |tag i|}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unused variable i
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Requested some changes
We discussed with @akshay-saraswat for the same and based on discussion we decided to separate logs to 4 logs data-stream. |
packages/oracle_weblogic/NOTICE.txt
Outdated
@@ -0,0 +1,37 @@ | |||
Repository: https://github.com/oracle/docker-images |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's move this NOTICE.txt to the _dev/deploy
as, as far as I can see, Oracle resources are only used for testing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When we moved NOTICE.txt
to _dev/deploy
, we faced a lint error when linting the integration using elastic-package lint
.
Error: linting package failed: found 1 validation error:
1. item [NOTICE.txt] is not allowed in folder [/home/devuser/kush/integrations/packages/oracle_weblogic/_dev/deploy]
Should we keep it as it is or do you suggest moving it somewhere else?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's move it close to the Dockerfile.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, I am not sure on how the NOTICE.txt entry should be added as per #3066 (comment). Please wait for @mtojek's approval over the same.
|
||
# Pull base image | ||
# --------------- | ||
FROM docker.elastic.co/observability-ci/weblogic:12.2.1.3-dev |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just wanted to clarify: did you copy all files from the original repository (docker-images) or implemented them manually?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
services: | ||
wlsadmin: | ||
build: | ||
context: . |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why exactly do we need to build this image?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We are actually adding sample application along with Admin Server and Managed Server configuration. Also, we are downloading and configuring Jolokia for data collection. so we would need to build the image.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, I see now.
One more question, are those scripts bound to a specific image version of Oracle? If so, it might be worth mentioning it. Maybe another CONTRIBUTING.md
file?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No they aren't we tried to run the system test with same configuration using three docker images (three versions of weblogic)
- container-registry.oracle.com/middleware/weblogic:14.1.1.0-dev-8 (14.1.1.0 version)
- container-registry.oracle.com/middleware/weblogic:12.2.1.4-dev (12.2.1.4 version)
- container-registry.oracle.com/middleware/weblogic:12.2.1.3-dev (12.2.1.3 version)
context: . | ||
args: | ||
- APPLICATION_NAME=sample | ||
- APPLICATION_PKG=archive.zip |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be great if you can drop sources somewhere or, even better, use sources and build them in-the-fly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just to give you a quick background, we built the archieve.zip
by running build.sh locally, we thought it would be a good idea to keep it here (because of its tiny size) rather than building it in-the-fly.
Just in case we run into any troubles building it in-the-fly, can you please elaborate how do we "drop sources somewhere"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I mean a similar way to what Sunny implemented here: spring_boot. We don't need a full blown WAR application, just a simple and small PoC.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this is a full-blown WAR application, it's just a single page application which basically gives data related to server and it's pretty small in size.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's the point, it's easier for developers to the main source than repack WAR, setup environment, maven deps, etc.
packages/oracle_weblogic/NOTICE.txt
Outdated
@@ -0,0 +1,37 @@ | |||
Repository: https://github.com/oracle/docker-images |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's move this NOTICE.txt to the _dev/deploy
as, as far as I can see, Oracle resources are only used for testing.
Thanks for the approval, @mtojek! |
Sure @kush-elastic . Checking .. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me
What does this PR do?
Checklist
changelog.yml
file.How to test this PR locally
elastic-package test
Related issues
Screenshots