1405809 – [RFE] Allow setting metrics store params

Bug 1405809 - [RFE] Allow setting metrics store params

Summary: [RFE] Allow setting metrics store params

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	ovirt-engine
Classification:	oVirt
Component:	Backend.Core
Sub Component:
Version:	4.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	ovirt-4.1.0-rc
Target Release:	4.1.0.3
Assignee:	Yedidyah Bar David
QA Contact:	Lukas Svaty
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	oVirt-Metrics-and-Logs 1405813 1410044
TreeView+	depends on / blocked

Reported:	2016-12-18 15:21 UTC by Yedidyah Bar David
Modified:	2017-04-27 09:36 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2017-04-27 09:36:46 UTC
oVirt Team:	Integration
Embargoed:
Dependent Products:
Flags:	rule-engine: ovirt-4.1+ rule-engine: exception+ gklein: testing_plan_complete- ylavi: planning_ack+ rule-engine: devel_ack+ lsvaty: testing_ack+

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
oVirt gerrit	69928	0	master	ABANDONED	core: Add Metrics conf	2017-01-16 08:32:51 UTC

Description Yedidyah Bar David 2016-12-18 15:21:20 UTC

Description of problem:

Opening this bug following a discussion with ydary about bug 1371530.

Suppose that fluentd secure forward on the hosts will be configured like this:

<match **>
  @type secure_forward
  shared_key $METRICS_STORE_SECRET
  self_hostname $HOSTNAME
  secure true
  ca_cert_path $METRICS_STORE_CACERT_PATH

  <server>
    host $METRICS_STORE_HOST
    port $METRICS_STORE_PORT # default 24284
  </server>
</match>

Then we should have a few new config parameters in vdc_options, to be configured by the user using engine-config:

1. $METRICS_STORE_HOST

2. $METRICS_STORE_PORT

3. $METRICS_STORE_SECRET - needs to be stored securely, need to check how exactly

4. Whether we use engine CA for this or a 3rd party. Allow more than two values, as we might have different behavior in the future if using the internal OCP CA.

5. $METRICS_STORE_CACERT_PATH - if previous option is "engine ca", this value is not needed, and will use the engine ca. Otherwise, we will have to document how to use a 3rd party CA.

6. Turn on/off - perhaps we want the user to turn this on/off. "This" is the cron job that will configure the hosts using ansible, not actual metrics forwarding. If you want to allow on/off for metrics forwarding, that's another bug.

HOSTNAME will be set by ansible

Comment 1 Yedidyah Bar David 2017-01-16 08:38:06 UTC

Considering that Metrics params are not really relevant for the engine, I decided to abandon the patch and revert the decision to use engine-config for them.

Current plan for the ansible stuff is to require:

1. A conf file with two params:
fluentd_fluentd_host: FQDN
fluentd_shared_key: KEY

2. A file with the ca cert to be used by the central fluentd.

Locations of these are still TBD, perhaps something like /etc/ovirt-metrics or something like that.

For current bug, the above will probably be the only thing we'll do, so it will only be a doc bug. If someone wants nicer means, such as a tool asking for above 3 items and placing them in the right place (with some simple verification/sanitization), please open another bug.

Comment 2 Yedidyah Bar David 2017-02-06 14:51:07 UTC

For now, user will set params manually. More details in bug 1405813 comment 1.

Comment 3 Lukas Svaty 2017-03-29 14:34:12 UTC

good enough in config, example file provided
verified with ovirt-engine-metrics-1.0.0-1.el7ev.noarch

Note You need to log in before you can comment on or make changes to this bug.