openstack/tacker-specs
Code Issues Proposed changes
tacker-specs/specs/newton/event_logging.rst
Nguyen Hai d543040a4e Refactor and clean up specs dir 
- Follow new PTI building docs
- Add dir for Stein specs
- Remove skeleton.rst file because the template is enough
- Remove archive specs because they are invalid.
- Remove test_tiltles.py because it is useless (no actuall check
the spec files), instead, enable pep8 and waring-as-error for
.rst files, clear error those files.
- Add placeholder.rst for stein/rocky dir, if not they will
show error when building docs, delete them when it has
approved specs.

Change-Id: I8c387c0a480844b111562a9e77eac6ab26c58bce
2018-04-05 15:21:56 +09:00

266 lines
11 KiB
ReStructuredText
Raw Blame History

..
This work is licensed under a Creative Commons Attribution 3.0 Unported
License.
http://creativecommons.org/licenses/by/3.0/legalcode
========================================
Tacker Resource life-cycle audit support
========================================
https://blueprints.launchpad.net/tacker/+spec/audit-support
This spec describes the plan to introduce generic audit/event logging
capability for lifecycle management operations of Tacker managed resources
such as VNF, VIM, VNFFG and any future such resources.
Problem description
===================
Currently there is no mechanism available in Tacker for an admin or an
operator to obtain information on when and by whom certain Tacker resources
were created, updated and terminated and what life cycle state changes it
went through. This kind of information becomes critical when deployed in
production for purposes of audit and troubleshooting. Also it helps to track
the progress of the lifcycle operation.
Proposed change
===============
This spec proposes to introduce:
- A generic approach that aims to capture in a new table of the Tacker
database the below information:
#. Tacker resource status changes caused by lifecycle management operations
such as create, update (e.g; VNF configuration update and VNF manual
scaling) and terminate.
#. Timestamp value when the status change occurs.
#. Associated UUID of the resource.
#. Associated Resource Type such as VIM, VNF, VNFFG, VNFD etc.
#. Additional information related to the event and/or resource that would be
useful(e.g; VDU1 health monitoring failed - mgmt-ip unreachable).
- Add new columns created_at, updated_at and deleted_at to the existing
resources vim, devices and devicetemplates tables to capture timestamp
values for corresponding create, update and delete operations. The existing
DB api's have to be updated to support adding the above mentioned values to
the db tables.
- REST API to query the events created for given resource type based on
status, time-window, and also with pagination from given index. A new
'event' extension that defines the event interface layer and describes the
event REST APIs will be introduced.
- Horizon changes to display events in time sequential order per resource
Example: On clicking a VNF instance entry in the VNF Manager, it will open
up details page where two tabs will be provided 1.details tab 2.events tab.
- Tacker client changes to retrieve events based on supported queries in API
as below:
tacker event-list --type <resource-type> <query options and values>
tacker event-show <event id>
- Additional Tacker client changes to retrieve event(s) in the context of
resource as shown below will be supported as well:
tacker vnf-event-list <vnf-name or vnf-id> --filter <query options/values>
tacker vnf-event-show <vnf-name or vnf-id> --event-id <event-id>
NOTE: The 'filter' could be mentioned multiple times to add more than one
query. Similar support as above would be provided for VNFD, VIM and other
Tacker managed resources.
Alternatives
------------
None
Data model impact
-----------------
A new table in tacker database to capture the event/audit logs will be added.
The table will hold the below attributes:
+----------------+----------+---------------------------------------+
| Attribute Name | Type | Description |
+----------------+----------+---------------------------------------+
| id | Integer | Autogenerated Event ID |
+----------------+----------+---------------------------------------+
| resource_id | string | UUID of event source |
| | (UUID) | |
+----------------+----------+---------------------------------------+
| timestamp | datetime | Event Time Stamp in UTC |
+----------------+----------+---------------------------------------+
| resource_state | string | Captured state of event source |
+----------------+----------+---------------------------------------+
| event_type | string | Type of actionsuch as create,update, |
| | | scale_out, etc. |
+----------------+----------+---------------------------------------+
| resource_type | string | Event resource type such as VNFD, |
| | | VNF, VIM, VNFFG, etc. |
+----------------+----------+---------------------------------------+
| event_details | string | Captures Event specific information |
+----------------+----------+---------------------------------------+
vims, devices and devicetemplates tables will be updated with below columns:
- created_at
- updated_at
- deleted_at
Here deleted_at column helps to introduce the soft delete - when user deletes
a resource, deleted_at will be marked with current time stamp and
tacker-db-manage will be provided with below option to purge the soft deleted
resources based on the age:
tacker-db-manage purge --age <count> --timeline <days|hours|minutes>
REST API impact
---------------
/events?resource_id=<uuid>&index=<event-id>&
count=<number of events>&status=[<supported status>]&event_type=<event-type>&
resource_type=<resource-type>&start-time=<time-val>&end-time=<time-val>
+----------------+----------+---------+------------+-------------+---------------------+
| Attribute Name | Type | Access | Default | Validation/ | Description |
| | | | Value | Conversion | |
+----------------+----------+---------+------------+-------------+---------------------+
| id | Integer | RO, all | generated | N/A | Autogenerated |
| | | | | | Event ID |
+----------------+----------+---------+------------+-------------+---------------------+
| resource_id | string | RO, all | None | N/A | UUID of event |
| | (UUID) | | (required) | | source |
+----------------+----------+---------+------------+-------------+---------------------+
| timestamp | datetime | RO, all | None | N/A | Event Time Stamp |
| | | | (required) | | in UTC |
+----------------+----------+---------+------------+-------------+---------------------+
| resource_state | string | RO, all | None | N/A | Captured state of |
| | | | (required) | | event source |
+----------------+----------+---------+------------+-------------+---------------------+
| event_type | string | RO, all | None | N/A | Type of action such |
| | | | (required) | | as create,update, |
| | | | | | scale_out, etc. |
+----------------+----------+---------+------------+-------------+---------------------+
| resource_type | string | RO, all | None | N/A | Event resource type |
| | | | (required) | | such as VNFD,VNF, |
| | | | | | VIM, VNFFG, etc. |
+----------------+----------+---------+------------+-------------+---------------------+
| event_details | string | RO, all | '' | N/A | Event specific |
| | | | | | information |
+----------------+----------+---------+------------+-------------+---------------------+
+-------------------------------+--------+----------+-----------+---------------------------+
| REST Calls | Type | Expected | Body Data | Description |
| | | Response | Schema | |
+-------------------------------+--------+----------+-----------+---------------------------+
| /events/<event-id> | get | 200 OK | None | Returns output of |
| | | | | specific event ID |
+-------------------------------+--------+----------+-----------+---------------------------+
| /events?resource_id=<res_id> | get | 200 OK | None | Returns list of events |
| | | | | for a given resource |
+-------------------------------+--------+----------+-----------+---------------------------+
| /events?resource_id=<res_id>& | get | 200 OK | None | Returns specified count |
| index=<event-id>&count=<cnt> | | | | of events for a given |
| | | | | resource from a specified |
| | | | | event id |
+-------------------------------+--------+----------+-----------+---------------------------+
| /events?resource_id=<res_id>& | get | 200 OK | None | Returns all events of |
| event_type=<etype> | | | | a requested type for a |
| | | | | given resource |
+-------------------------------+--------+----------+-----------+---------------------------+
| /events?resource_id=<res_id>& | get | 200 OK | None | Returns all events for a |
| start-time=<tval1>&end-time=< | | | | given resource between |
| tval2> | | | | specified time interval |
+-------------------------------+--------+----------+-----------+---------------------------+
+--------------------------+------+----------+------------+----------------------+
| REST Call Failures | Type | Negative | Response | Scenario |
| | | Response | Message | |
+--------------------------+------+----------+------------+----------------------+
| /events/<event-id> | get | 404 Not | Event Does | Specified event ID |
| | | Found | not exist | does not exist in DB |
+--------------------------+------+----------+------------+----------------------+
Security impact
---------------
New ReST API will be supported only for owners and admins and other users
will be forbidden from performing those operations.
Other end user impact
---------------------
None
Performance Impact
------------------
None
Other deployer impact
---------------------
None
Developer impact
----------------
None
Implementation
==============
Assignee(s)
-----------
Primary assignee:
Vishwanath Jayaraman <vishwanathj@hotmail.com>
Other contributors:
Kanagaraj Manickam <mkr1481@gmail.com>
Work Items
----------
1) Tacker DB configuration for audit/events log table.
2) Tacker client support and tacker-db-manage command support.
3) Tacker server support.
4) Add support in Tacker Horizon to provide a link for a tacker resource
which when clicked displays resource details tab and events tab.
5) Add unit tests cases.
6) Add functional test cases as required.
7) Add user and developer document for this feature
Dependencies
============
None
Testing
=======
Unit test cases will be written.
Documentation Impact
====================
New User and Developer guide will be provided.
References
==========
None
View Git Blame Copy Permalink