nordic-institute / x-road-metrics Goto Github PK
View Code? Open in Web Editor NEWX-Road Metrics is a tool for collecting, storing and analysing reporting data and metrics from an X-Road® ecosystem.
License: MIT License
X-Road Metrics is a tool for collecting, storing and analysing reporting data and metrics from an X-Road® ecosystem.
License: MIT License
Currently application logs report that application version is 1.0.0, but the software was updated to 1.1.0
Software version:
1.1.0
Log example:
{"level": "INFO", "timestamp": 1678447142, "local_timestamp": "2023-03-10 13:19:02 +0200", "module": "collector", "activity": "collector_end", "msg": "Total collected: 1, Total error: 1, Total time: 00:00:00", "version": "1.0.0"}
Source example:
https://github.com/nordic-institute/X-Road-Metrics/blob/develop/collector_module/opmon_collector/__init__.py#L23
But the problem is with other modules as well.
Solution:
Bump versions in __init__.py
files.
Currently, the xroad-metrics-init-postgresql script can not re-run in case there were problems during the initialisation. At least one example is that users are already created, and they need to be manually dropped in order for the script to succeed.
Related scripts are available here:
The ticket this issue was created from can be found here: https://nordic-institute.atlassian.net/browse/OPMONDEV-149
Acceptance criteria:
X-Road monitoring data is collected from Estonian X-Road members security servers available by X-Road Center (Republic of Estonia Information System Authority, Riigi Infosüsteemi Amet, RIA) and published as opendata with a delay of 10 days from actual transaction execution time.
Is there any way to change this behavior to configure opendata as a real-time operational monitoring solution ? or Is there any other operational monitoring product that is real time monitoring instead of 10 days delay?
Currently, there is no way to configure the components to connect to PostgreSQL using client TLS even if the PostgreSQL is configured to accept them. We should extend the settings so that PostgreSQL can also be configured to use TLS. Currently, the following modules require access to PostgreSQL:
More information about the X-Road Metrics system architecture is available here.
The ticket this issue was created from is available here: https://nordic-institute.atlassian.net/browse/OPMONDEV-150
Acceptance criteria:
settings.yaml
for PostgreSQL connections in all Metrics modules that use PostgreSQLsettings.yaml
files of all affected modules are updatedHi!
I have a structure with a CS(ip: 10.114.80.16), SS Management(ip: 10.114.10.17), SS1(ip: 10.114.10.18), SS2(ip: 10.114.10.19) and a server for Metrics(ip: 10.114.80.20 ) in which the different modules (collector, corrector, reports) and mongodb are installed.
I have the 'setting.yaml' of the collector configured like this:
Where should I download the "tls-client-certificate" and "tls-client-key"? and then put 'true' in the "tls-server-certificate"
I also have the following error, when using the collector and executing "xroad-metrics-collector update" it returns the following error:
File "/usr/lib/python3/dist-packages/pymongo/topology.py", line 208, in _select_servers_loop
raise ServerSelectionTimeoutError(
pymongo.errors.ServerSelectionTimeoutError: SSL handshake failed: 127.0.0.1:27017: EOF occurred in violation of protocol (_ssl.c:1131)
But when I run "xroad-metrics-collector list" it works correctly.
Currently anonymizer fails to initialize empty database because of typo made while refactoring code.
Software version:
1.1.0
Error message:
Failed initializing postgresql database connector.
ERROR: Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/opmon_anonymizer/main.py", line 93, in setup_writer
writer = OpenDataWriter(settings, logger)
File "/usr/lib/python3/dist-packages/opmon_anonymizer/iio/opendata_writer.py", line 42, in __init__
self.db_manager = PostgreSqlManager(settings['postgres'], schema, index_columns, logger)
File "/usr/lib/python3/dist-packages/opmon_anonymizer/iio/postgresql_manager.py", line 43, in __init__
self._ensure_table(table_schema, index_columns)
File "/usr/lib/python3/dist-packages/opmon_anonymizer/iio/postgresql_manager.py", line 95, in _ensure_table
if not self._table_exists(cursor):
File "/usr/lib/python3/dist-packages/opmon_anonymizer/iio/postgresql_manager.py", line 112, in _table_exists
""", (cursor._table_name,))
AttributeError: 'psycopg2.extensions.cursor' object has no attribute '_table_name'
Solution:
cursor._table_name
should be renamed back to self._table_name
as it was before change:
65a1357#diff-2de518dd9301590a33d32a07fdcdf45bcaba485b18e61d65f29e5f8dcfd0b3e5L110
Additional problems:
Source:
Notation "%s" should be used for escaping data, not Identifiers like table names and user names. The constructed SQL just silently fails because of except Exception: pass
:
GRANT USAGE ON SCHEMA public TO 'opendata_inst';
GRANT SELECT ON 'logs' TO 'opendata_inst';
Solution:
Identifiers should be properly escaped: https://www.psycopg.org/docs/sql.html#module-usage
If possible exception should not "pass" on all errors.
The same problem with identifiers occurs in other places, for example it is not possible to display opendata due to SQL error because of the bug in code:
Currently tag 1.2.0 is not available.
Currently, there is no way to configure the components to connect to MongoDB using client TLS even if the MongoDB is configured to accept them. We should extend the settings so that MongoClient can also be configured to use TLS. Currently, the following modules require access to MongoDB:
More information about the X-Road Metrics system architecture is available here.
The ticket this issue was created from is available here: https://nordic-institute.atlassian.net/browse/OPMONDEV-147
Acceptance criteria:
Currently xroad-metrics-networking package does not include required dependencies.
As it was mentioned in #15 pull request package needs to depend on "r-cran-rodbc" and "odbc-postgresql", and the following dependencies should not be required anymore: "r-cran-rpostgresql" and "r-cran-dbi"
When changing the listen_addresses, there is a wrong filename for postgresql14
/etc/postgresql/14/main/pg_hba.conf should be /etc/postgresql/14/main/postgresql.conf
Sources:
Currently, the Networking module’s prepare_data process loads all the entries from the PostgreSQL database into memory, where it then aggregates the results. This increases the required amount of memory which must be made available to the module.
Suggestions:
This suggestion would lower the required amount of memory for the module since the data queried from the database is already aggregated and ready to be used.
The ticket this issue is created from can be found here: https://nordic-institute.atlassian.net/browse/OPMONDEV-152
Acceptance criteria:
X-Road Metrics has two data storages:
We have indexes for MongoDB, but we should also investigate if any indexes could be added to the PostgreSQL database to make queries faster.
More information about the X-Road Metrics system architecture is available here.
The ticket this issue is created from is available here: https://nordic-institute.atlassian.net/browse/OPMONDEV-110
Acceptance criteria:
Sources:
Currently, the opendata module saves the entire PostgreSQL response to memory, after which it creates the TGZ object in memory and forwards the response via the HttpResponse method. This creates a very high (200+GB) memory requirement since the data is stored in the memory.
Possible solutions:
The changes should help reduce the amount of memory required from 200+GB to a more reasonable level, meaning that the hardware requirements could be greatly reduced.
The ticket this issue is created from can be found here: https://nordic-institute.atlassian.net/browse/OPMONDEV-151
Acceptance criteria:
hi, i am just starting to install x-road metrics and i wanted to know where i have to install the modules.
Currently ssl_mode configuration parameter is ignored by networking application:
https://github.com/nordic-institute/X-Road-Metrics/blob/develop/networking_module/prepare_data.R#L63-L83
It seems that odbc-postgresql ignores PGSSLMODE env variable, and it is required to put sslmode parameter into connection string.
For example the following code would fix the problem:
#if ("ssl_mode" %in% names(settings$postgres)) {
# Sys.setenv(PGSSLMODE = settings$postgres$ssl_mode)
#}
if ("ssl_root_cert" %in% names(settings$postgres)) {
Sys.setenv(PGSSLROOTCERT = settings$postgres$ssl_root_cert)
}
tryCatch(
con <- odbcDriverConnect(
connection = paste0(
"Driver={PostgreSQL UNICODE}",
";Server=", settings$postgres$host,
";Port=", settings$postgres$port,
";Database=opendata_", settings$postgres$suffix,
";Uid=", settings$postgres$user,
";Pwd=", settings$postgres$password,
";UseDeclareFetch=1",
";Fetch=", fetchsize,
";sslmode=", settings$postgres$ssl_mode,
";"
)
),
Currently query executed by get_faulty_raw_documents() is slow because it does not use indexes:
https://github.com/nordic-institute/X-Road-Metrics/blob/develop/corrector_module/opmon_corrector/database_manager.py#L110-L118
It can be solved for new installations by adding new index to raw_messages in xroad-metrics-init-mongo:
https://github.com/nordic-institute/X-Road-Metrics/blob/develop/collector_module/opmon_mongodb_maintenance/create_indexes.py#L32
[('corrected', ASC), ('xRequestId', ASC)]
Or by running indexing command manually:
db.raw_messages.createIndex({"corrected": 1, "xRequestId": 1})
Additional notes: If would be great to mention the need to create new indexes in release notes.
Opendata DB primary key sequence runs out of integer (int4) values in larger X-Road instances. Bigint should be used instead.
Software version:
1.1.1, 1.2.0
Host OS and version:
Ubuntu 20.04
The schema in anonymizer defines bigint
as id
column type:
But id
column type is discarded during schema object creation:
Then during creation of table id
column type is hardcoded to be SERIAL
:
Example error log of anonymizer:
File \"/usr/lib/python3/dist-packages/opmon_anonymizer/iio/postgresql_manager.py\", line 58, in add_data
cursor.execute(query)psycopg2.errors.SequenceGeneratorLimitExceeded: nextval:
reached maximum value of sequence \"logs_id_seq\" (2147483647)
Proposed solution:
Replace id SERIAL PRIMARY KEY
with id BIGINT PRIMARY KEY GENERATED ALWAYS AS IDENTITY
in postgresql_manager.py because SERIAL
types are soft-deprecated:
https://wiki.postgresql.org/wiki/Don't_Do_This#Don.27t_use_serial
Hotfix for existing installations (NB! This is slow operation that locks tables, may take hours to complete and requires at least 50% of free drive space):
ALTER TABLE logs ALTER COLUMN id TYPE BIGINT;
ALTER SEQUENCE logs_id_seq AS BIGINT MAXVALUE 9223372036854775807;
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.