[Jenkins-infra] Backend considerations for the Telemetry API
Olblak
me at olblak.com
Fri Aug 31 08:48:42 UTC 2018
Hey,
Indeed it sounds like a simple application, we just need to agree how we store the state, file vs database.
Personnaly it doesn't matter, it's just a different terraform resource.
We just have to know how we'll display those data (ELK?).
"HTTP endpoint" -> "Application logic in Container" -> "State"
Regarding Azure Function I am not feeling confortable to start allowing developpers to access the Azure account today, we have a lot of critical information/services their at the moment and we never took the time to really define access policies and if we do, we'll have to regularly review them.
And I don't have the time a the moment to do that neither be the proxy with the azure account especially when I see how often Tyler had to deal with the Azure functions support.
If we want to use a serverless solution, I would prefer deploying something on top of a Kubernetes cluster with limited access to some namespaces.
The main advantage that I see with this approach is that I can easily deploy a framework with Helm and then let developers be autonomous with the applications they are maintaining.
Fission sounds interesting for that but I don't have much experience with serverless frameworks.
https://fission.io/
Or we could 'just' deploy another application like we do at the moment with kubernetes, build self contained docker container, configure needed services (postgres,...).
The advantages of this approach are
* Well knowned workflow
* Easy to replicate, docker-compose for local environment
* We can also provide read-only access to namespaces
> I believe I _could_ implement GitHub-based OAuth authorization for this in an afternoon
I don't understand why you need that?
Isn't there existing solution that we could reuse?
Personally I am more interested to see serverless frameworks in action :) , but I think it's better to let the person in charge of maintaining that application to take the final decision.
To make it short
Azure Function
-> It requires Azure access, and I have the feeling that it doesn't scale
Serverless Framework
-> First need to be deployed, and I probably won't have the time to that before JW
-> It sounds the funniest scenario to me
"Classic" application
-> We already have a lot of example and I can redirect to the best existing example and once you have a container to display it's easy for me to deploy it
-> It sounds the easiest scenario to me
---
-> gpg --keyserver keys.gnupg.net --recv-key 52210D3D
---
On Fri, Aug 31, 2018, at 1:16 AM, R. Tyler Croy wrote:
> Reading through Daniel's proposal for a Telemetry API
> (https://github.com/jenkinsci/jep/tree/master/jep/214),
> I wanted to share some thoughts on how we might support or implement this in
> the current state of Jenkins infrastructure.
>
> Based on the description laid forth by Daniel, what is needed is a relatively
> low-effort append-only data store, with a simple HTTP endpoint in front of it.
>
> An option originally suggested by Daniel would be to utilize Azure
> Functions.
> Currently, I'm not the most thrilled with the performance and
> maintainability
> of Azure Functions, but if we were to go that route, using the Table
> Storage
> output binding (seeL
> https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-storage-table#input---javascript-example)
> to append rows to an Azure Table Storage
> (https://docs.microsoft.com/en-us/azure/storage/tables/table-storage-overview)
> instance does _appear_ to be relatively straight-forward.
>
> Pros:
> * Allegedly quite simple to implement
> * Allegedly scalable
> Cons:
> * When things fail, it is incredibly difficult to notice, and hell to
> debug.
> * Access control for developers to specific parts of Azure Table Storage
> would need to be added into Azure Active Directory. Otherwise we would
> need a dedicated person with access to export data for individuals.
>
>
> Perhaps my preferred option, which is more work, but a little more maintainable
> would be to implement a small web application deployed in our Kubernetes
> environment, which sits in front of a PostgreSQL database. That database could
> be very simple, treating PostgreSQL as a simple key-value store with columns
> for: telemetry_type, json_data, timestamp. I think it could be generally
> useful in the future to have this "utility" PostgreSQL database shared across a
> number of different services which need some little bits of storage, like this
> Telemetry API. For export, this approach may suffer from the same problem as the
> Azure Functions-based approach however. I believe I _could_ implement
> GitHub-based OAuth authorization for this in an afternoon if I were to be using
> the same type of stack which Jenkins Evergreen uses on the backend however.
>
> Pros:
> * More control over the runtime environment
> * As scalable as our Kubernetes environment
> Cons:
> * More costly, an Azure PostgreSQL database would need to be provisioned
> * Data export is still a challenge and must be implemented
>
>
>
> I wanted to write these thoughts up to start the discussion with Olivier to see
> what he thinks as well, as perhaps there is a different appraoch he might have
> in mind.
>
> I'm partial to the latter approach, and in exchange for some beers or Daniel
> taking some tasks off my plate, I might be able to whip something up in a day
> if I were uninterrupted ;)
>
>
> Whatcha think?
>
>
> _______________________________________________
> Jenkins-infra mailing list
> Jenkins-infra at lists.jenkins-ci.org
> http://lists.jenkins-ci.org/mailman/listinfo/jenkins-infra
> Email had 1 attachment:
> + signature.asc
> 1k (application/pgp-signature)
More information about the Jenkins-infra
mailing list