add check to detect increased etcd traffic

[juanvallejo]

Related trello card: https://trello.com/c/7pJdHj4F
Related bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1415839

An update in OSE 3.4 caused an increase in etcd traffic due to increased quorum reads.
This check scans etcd logs (journalctl -ru <unit>) and recommends an upgrade to OSE 3.6 if the message etcd: sync duration of ..., expected less than 1s is found (this message is a direct symptom of the increased traffic update).

Based on oadm diagnostics

TODO

• add unit tests

cc @brenton @rhcarvalho @sosiouxme

[juanvallejo]

@sosiouxme will make this a module param. Not sure what the value should be

[sosiouxme]

The unit? It'll be etcd for multi-master clusters or the master unit name which depends on the deployment type

[juanvallejo]

aos-ci-test

[juanvallejo]

@sosiouxme will begin adding tests

[sosiouxme]

Mostly looking pretty good!

[sosiouxme]

The unit? It'll be etcd for multi-master clusters or the master unit name which depends on the deployment type

[sosiouxme]

no real reason to parameterize this, you'll always want json because it's machine-readable that way

[sosiouxme]

hard to believe there isn't a module for journalctl... guess it just shows, no one is doing monitoring/diagnostics with ansible yet

[sosiouxme]

there's actually nothing about this module that's specific to the task at hand; it could probably be renamed to search_journal.py or some such. although in a more generic implementation you'd probably search for several things at the same time in a single unit's journal. but we can cross that bridge later.

[juanvallejo]

although in a more generic implementation you'd probably search for several things at the same time in a single unit's journal. but we can cross that bridge later.

@sosiouxme yeah, was thinking of implementing this, but was not sure how to handle "callbacks" for different "matchers". Ideally I would send an array of dictionaries, with each dictionary containing a regexp field, and a function to be called if that regex was matched, to the remote module.

[sosiouxme]

I would just have it pass back what matched which regex and let the caller figure out how to respond.

[sosiouxme]

# don't need to look past the most recent service restart

[sosiouxme]

(just because that may not be obvious)

[sosiouxme]

don't do that...

[sosiouxme]

so, it's masters if there's only one master; etcd if there are multiple masters. there's a variable for figuring out what's in all the groups - maybe just groups?

it's not exactly critical to get this right in is_active but we might as well.

[sosiouxme]

use r' so the backslashes aren't misinterpreted - or does that not work across the module invocation? i think it should be fine.

[sosiouxme]

Pending an upgrade there are a few tricks for mitigating this; can we mention those too? Or best, refer to a kbase if we have one.

[juanvallejo]

done, linked to https://access.redhat.com/solutions/291638

[openshift-bot]

error: aos-ci-jenkins/OS_3.6_containerized for 6a1ff5f (logs)

[openshift-bot]

success: "aos-ci-jenkins/OS_3.5_NOT_containerized, aos-ci-jenkins/OS_3.5_NOT_containerized_e2e_tests" for 6a1ff5f (logs)

[openshift-bot]

success: "aos-ci-jenkins/OS_3.5_containerized, aos-ci-jenkins/OS_3.5_containerized_e2e_tests" for 6a1ff5f (logs)

[openshift-bot]

success: "aos-ci-jenkins/OS_3.6_NOT_containerized, aos-ci-jenkins/OS_3.6_NOT_containerized_e2e_tests" for 6a1ff5f (logs)

[openshift-bot]

error: "aos-ci-jenkins/OS_3.6_NOT_containerized, aos-ci-jenkins/OS_3.6_NOT_containerized_e2e_tests" for 6a1ff5f (logs)

[sosiouxme]

@juanvallejo is this still [WIP]? looks pretty done-ish. got some lint/flake8 stuff to fix though.

[juanvallejo]

@sosiouxme thanks, removed WIP tag. Will address lint stuff

[juanvallejo]

@rhcarvalho thanks for the feedback, comments addressed

[rhcarvalho]

It will be less confusing for us if failed is a boolean. Please make it bool(errors) (note you don't need len to get what you mean, an empty sequence is false, otherwise true).

[rhcarvalho]

No raise statements in this function body, is this comment true / up-to-date?

[juanvallejo]

Will update docstring

[rhcarvalho]

General suggestion for docstrings: speak about what a function does, and why somebody would want to call it. Often you can omit how it does it, leave it as an implementation detail unless the algorithm has particular importance.
That way, comments will be less prone to getting out of sync when the implementation changes, because the how tends to change more predominantly than why or what.

E.g.:

def get_log_output(matcher):
    """Return an iterator on the logs of a given matcher."""

BTW, why is the function called "log_input"? Shouldn't it be "output"?!

[rhcarvalho]

(please consider this a continuation to the comment below about docstrings)

Another example of docstring:

def get_log_matches(matchers, log_count_limit, timestamp_limit_seconds):
    """Return a list of up to log_count_limit matches for each matcher.

    Log entries are only considered if older than timestamp_limit_seconds.
    """

The current doscstring seems to be spelling out a procedure, enumerating the algorithm that reflects the current implementation. It however does not explain what log_count_limit and timestamp_limit_seconds are meant for (and maybe my example above is documenting them wrong).

[rhcarvalho]

This docstring is outdated. Please review the docstrings. Some are really verbose and still miss fundamental points like explaining non-obvious arguments. Better to aim for concise strings that are still helpful in understanding the purpose of the functions/methods.

[juanvallejo]

@rhcarvalho thanks, comments addressed

[juanvallejo]

aos-ci-test

[openshift-bot]

success: "aos-ci-jenkins/OS_3.6_containerized, aos-ci-jenkins/OS_3.6_containerized_e2e_tests" for 65758ab (logs)

[openshift-bot]

success: "aos-ci-jenkins/OS_3.5_NOT_containerized, aos-ci-jenkins/OS_3.5_NOT_containerized_e2e_tests" for 65758ab (logs)

[openshift-bot]

success: "aos-ci-jenkins/OS_3.5_containerized, aos-ci-jenkins/OS_3.5_containerized_e2e_tests" for 65758ab (logs)

[openshift-bot]

success: "aos-ci-jenkins/OS_3.6_NOT_containerized, aos-ci-jenkins/OS_3.6_NOT_containerized_e2e_tests" for 65758ab (logs)

[rhcarvalho]

Minor nits, let's get this in and avoid another CI cycle.

[rhcarvalho]

Shouldn't we check this before match.get("matched")? It will probably work the same this way, but it seems logical to check for errors first, and then look at matches.

[juanvallejo]

Done

[rhcarvalho]

Seems more logical to first check "failed" and only then check "extra_words".

[rhcarvalho]

[merge]

[openshift-bot]

[test]ing while waiting on the merge queue

[rhcarvalho]

Flake openshift/origin#13977

[merge]

[rhcarvalho]

Not merging until the queue is open again.

[openshift-bot]

Evaluated for openshift ansible merge up to 7895589

[openshift-bot]

Evaluated for openshift ansible test up to 7895589

[openshift-bot]

continuous-integration/openshift-jenkins/test FAILURE (https://ci.openshift.redhat.com/jenkins/job/test_pull_request_openshift_ansible/349/) (Base Commit: e432f8a) (PR Branch Commit: 7895589)

[openshift-bot]

continuous-integration/openshift-jenkins/merge FAILURE (https://ci.openshift.redhat.com/jenkins/job/merge_pull_request_openshift_ansible/715/) (Base Commit: e432f8a) (PR Branch Commit: 7895589)

[rhcarvalho]

Code was changed since last test run, need another run.

[rhcarvalho]

aos-ci-test

[openshift-bot]

success: "aos-ci-jenkins/OS_3.6_NOT_containerized, aos-ci-jenkins/OS_3.6_NOT_containerized_e2e_tests" for 7895589 (logs)

[openshift-bot]

success: "aos-ci-jenkins/OS_3.6_containerized, aos-ci-jenkins/OS_3.6_containerized_e2e_tests" for 7895589 (logs)

[rhcarvalho]

[merge]

[openshift-bot]

The OpenShift Ansible merge job could not be run again for this pull request.

• If the proposed changes in this pull request caused the job to fail, update this pull request with new code to fix the issue(s).
• If flaky tests caused the job to fail, leave a comment with links to the GitHub issue(s) in the openshift/origin repository with the kind/test-flake label that are tracking the flakes. If no issue already exists for the flake you encountered, create one.
• If something else like CI system downtime or maintenance caused the job to fail, contact a member of the Team Project Committers group to trigger the job again.