Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kubelet: migrate pkg/kubelet/certificate to structured logging #98993

Merged
merged 1 commit into from Mar 4, 2021
Merged

kubelet: migrate pkg/kubelet/certificate to structured logging #98993

merged 1 commit into from Mar 4, 2021

Conversation

SataQiu
Copy link
Member

@SataQiu SataQiu commented Feb 11, 2021
edited

What type of PR is this?

/kind cleanup

What this PR does / why we need it:

Which issue(s) this PR fixes:

Ref #98976

Special notes for your reviewer:

Does this PR introduce a user-facing change?

Migrate `pkg/kubelet/certificate` to structured logging
ACTION REQUIRED: Exit code changed from 255 to 1

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. labels Feb 11, 2021
@k8s-ci-robot k8s-ci-robot added area/kubelet sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/node Categorizes an issue or PR as relevant to SIG Node. and removed do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Feb 11, 2021
@kikisdeliveryservice kikisdeliveryservice added the priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. label Feb 11, 2021
@k8s-ci-robot k8s-ci-robot removed the needs-priority Indicates a PR lacks a `priority/foo` label and requires one. label Feb 11, 2021
@kikisdeliveryservice kikisdeliveryservice added this to Waiting on Author in SIG Node PR Triage Feb 11, 2021
@kikisdeliveryservice kikisdeliveryservice added the triage/accepted Indicates an issue or PR is ready to be actively worked on. label Feb 11, 2021
@k8s-ci-robot k8s-ci-robot removed the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Feb 11, 2021
@ehashman
Copy link
Member

Because this is updating the exit code of a Fatal log call, we need an ACTION REQUIRED: release note.

/hold

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 11, 2021
adisky
adisky reviewed Feb 15, 2021
View reviewed changes
pkg/kubelet/certificate/bootstrap/bootstrap.go Outdated Show resolved Hide resolved
pkg/kubelet/certificate/bootstrap/bootstrap.go Outdated Show resolved Hide resolved
pkg/kubelet/certificate/transport.go Outdated Show resolved Hide resolved
@k8s-ci-robot k8s-ci-robot added release-note-action-required Denotes a PR that introduces potentially breaking changes that require user action. and removed release-note Denotes a PR that will be considered when it comes time to generate release notes. labels Feb 18, 2021
@SataQiu
migrate to structured logging
c88ef90 
Signed-off-by: SataQiu <shidaqiu2018@gmail.com>
@SataQiu
Copy link
Member Author

SataQiu commented Feb 18, 2021

Because this is updating the exit code of a Fatal log call, we need an ACTION REQUIRED: release note.

/hold

The ACTION REQUIRED was added to the release note.
And all the suggestions were applied.

@SataQiu
Copy link
Member Author

SataQiu commented Feb 18, 2021

/test pull-kubernetes-e2e-kind

@SataQiu
Copy link
Member Author

SataQiu commented Feb 26, 2021

@ehashman @serathius Can we proceed with this PR?

@SataQiu
Copy link
Member Author

SataQiu commented Mar 1, 2021

Follow the robot's instruction
/assign @liggitt

ehashman
ehashman reviewed Mar 3, 2021
View reviewed changes
Copy link
Member

@ehashman ehashman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/hold cancel
/lgtm

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 3, 2021
@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Mar 3, 2021
@SataQiu
Copy link
Member Author

SataQiu commented Mar 3, 2021

kindly ping @liggitt
@ehashman had already left LGTM.

@SataQiu
Copy link
Member Author

SataQiu commented Mar 3, 2021

/test all

liggitt
liggitt reviewed Mar 3, 2021
View reviewed changes
pkg/kubelet/certificate/transport.go
} else {
klog.Errorf("It has been %s since a valid client cert was found, but the server is not responsive. A restart may be necessary to retrieve new initial credentials.", exitAfter)
klog.ErrorS(nil, "No valid client certificate is found but the server is not responsive. A restart may be necessary to retrieve new initial credentials.", "lastCertificateAvailabilityTime", lastCertAvailable, "shutdownThreshold", exitAfter)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are the keys selected for messages like these considered a stable API log consumers can write extraction/monitoring around?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not as of beta but we're moving in that direction for GA. Right now we're trying to figure out a good (loose, non-enforced) schema that we can later enforce.

liggitt
liggitt reviewed Mar 3, 2021
View reviewed changes
pkg/kubelet/certificate/transport.go
} else {
klog.Errorf("The currently active client certificate has expired, but the server is not responsive. A restart may be necessary to retrieve new initial credentials.")
klog.ErrorS(nil, "The currently active client certificate has expired, but the server is not responsive. A restart may be necessary to retrieve new initial credentials.")
Copy link
Member

@liggitt liggitt Mar 3, 2021
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

passing a nil error to ErrorS seems strange... should this do something like klog.ErrorS(errors.New("The currently active client...")) instead? (same question for several places above as well)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Docs on calling ErrorS with nil: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/migration-to-structured-logging.md#using-errors

Calling ErrorS with nil as error is semi-acceptable if there is error condition that deserves a stack trace at this origin point. For expected errors (errors that can happen during routine operations) please consider using klog.InfoS and pass error in err key instead.

I think this is an unexpected error so this is ok?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it looks like the klog implementation gracefully omits the err=nil from the output:

kubernetes/vendor/k8s.io/klog/v2/klog.go

Lines 803 to 806 in c8fe1d9

if err != nil {
b.WriteByte(' ')
b.WriteString(fmt.Sprintf("err=%q", err.Error()))
}

but the structured logger always includes an err param, even if nil:

kubernetes/staging/src/k8s.io/component-base/logs/json/json.go

Lines 171 to 173 in c8fe1d9

func handleError(err error) zap.Field {
return zap.NamedError("err", err)
}

is that expected by structured log consumers?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's right. We just get the log message with no named error, so it's equivalent to the current behaviour.

@ehashman
Copy link
Member

ehashman commented Mar 4, 2021

/retest

@liggitt
Copy link
Member

liggitt commented Mar 4, 2021

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: liggitt, SataQiu

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 4, 2021
@ehashman ehashman moved this from Needs Approver to Done in Structured Logging Migration for Kubelet, 1.21 Mar 4, 2021
@ehashman ehashman mentioned this pull request Mar 4, 2021
Closed
@k8s-ci-robot k8s-ci-robot merged commit 508a883 into kubernetes:master Mar 4, 2021
SIG Node PR Triage automation moved this from Waiting on Author to Done Mar 4, 2021
@k8s-ci-robot k8s-ci-robot added this to the v1.21 milestone Mar 4, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@liggitt liggitt liggitt left review comments

@endocrimes endocrimes endocrimes left review comments

@ehashman ehashman ehashman left review comments

@adisky adisky adisky left review comments

@smarterclayton smarterclayton Awaiting requested review from smarterclayton

@sttts sttts Awaiting requested review from sttts

Assignees

@liggitt liggitt

@ehashman ehashman

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/kubelet cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. release-note-action-required Denotes a PR that introduces potentially breaking changes that require user action. sig/auth Categorizes an issue or PR as relevant to SIG Auth. sig/node Categorizes an issue or PR as relevant to SIG Node. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
SIG Node PR Triage
Done
Structured Logging Migration for Kube...
  
Done
Milestone
v1.21
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@SataQiu @ehashman @liggitt @k8s-ci-robot @endocrimes @adisky @kikisdeliveryservice