summaryrefslogtreecommitdiffstats
path: root/docs/sections/logging.rst
blob: 65d08108df2164ba59104f6225627cb1b0e88282 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2020 NOKIA


Logging
=======

CertService API
---------------
To see CertService console logs use:

- Docker:

.. code-block:: bash

    docker logs <cert-service-container-name>

    e.g.
    docker logs aafcert-service

- Kubernetes:

.. code-block:: bash

    kubectl -n onap logs <cert-service-pod-name>

    e.g.
    kubectl -n onap logs $(kubectl -n onap get pods | grep cert-service | awk '{print $1}')

Console logs contains logs for logging levels from **DEBUG** to **ERROR**.

CertService logs for different logging levels are available in the container:

- Docker:

.. code-block:: bash

    docker exec -it <cert-service-container-name> bash

    e.g.
    docker exec -it aafcert-service bash

- Kubernetes:

.. code-block:: bash

    kubectl -n onap exec -it <cert-service-pod-name> bash

    e.g.
    kubectl -n onap exec -it $(kubectl -n onap get pods | grep cert-service | awk '{print $1}') bash

Path to logs:

    /var/log/onap/aaf/certservice

Available log files:

    - audit.log - contains logs for **INFO** logging level
    - debug.log - contains logs for logging levels from **DEBUG** to **ERROR**
    - error.log - contains logs for **ERROR** logging level

User cannot change logging levels.

.. _cert_logs:

CertService client
------------------
To see CertService client console logs use :

- Docker: 

.. code-block:: bash
   
    docker logs <cert-service-client-container-name>

    e.g.
    docker logs aafcert-client

- Kubernetes: 
  CertService client is used as init container in other components. In the following example:
    - *<some-component-pod-name>* refers to the component that uses CertService client as init container
    - *<cert-service-client-init-container-name>* refers to name of init container used by the mentioned component. It can be found by executing *'kubectl -n onap descrine pod <some-component-pod-name>'* and looking into 'Init Containers section'

.. code-block:: bash

    kubectl -n onap logs <some-component-pod-name> -c <cert-service-client-init-container-name>

    e.g.
    kubectl -n onap logs <some-component-pod-name> -c cert-service-client



| Container stops after execution, so all available logs are printed on console.
| User cannot change logging levels.

Client application exits with following exit codes:


+-------+------------------------------------------------+
| Code  | Information                                    |
+=======+================================================+
| 0     | Success                                        |
+-------+------------------------------------------------+
| 1     | Invalid client configuration                   |
+-------+------------------------------------------------+
| 2     | Invalid CSR configuration                      |
+-------+------------------------------------------------+
| 3     | Fail in key pair generation                    |
+-------+------------------------------------------------+
| 4     | Fail in CSR generation                         |
+-------+------------------------------------------------+
| 5     | CertService HTTP unsuccessful response         |
+-------+------------------------------------------------+
| 6     | Internal HTTP Client connection problem        |
+-------+------------------------------------------------+
| 7     | Fail in PKCS12 conversion                      |
+-------+------------------------------------------------+
| 8     | Fail in Private Key to PEM Encoding            |
+-------+------------------------------------------------+
| 9     | Wrong TLS configuration                        |
+-------+------------------------------------------------+