Welcome!

Microservices Expo Authors: Liz McMillan, Elizabeth White, Astadia CloudGPS, Jason Bloomberg, Karthick Viswanathan

Related Topics: Microservices Expo, Java IoT, Industrial IoT, Agile Computing, @CloudExpo, @BigDataExpo

Microservices Expo: Article

In Defense of the Agent

They're not all bad...

Last week we published an article entitled 'Log Management 101 - Where Do Logs Come From?' to which one of our more witty readers retorted:

"Sometimes a server and an app love each other very very much..."  :-)

Screen Shot 2013-12-10 at 6.07.50 AM

The article covered some of the basics around collecting log data from various parts of the stack as shown here.

Application_Stack_Graphic

In short these fall into the following categories:

  • Libraries for common languages and frameworks - Allowing you to log directly from your application source code.
  • Collector agents - Usually built for common operating systems, agents will collect data from your file system in real time and forward it on to a third party service.
  • Syslog - Ships out of the box on all Linux and Unix distros and is commonly supported by devices such as routers and switches. It comes in a number of flavors (rsyslogsyslogdsyslog-ng...), with some more capable that others.

Over the coming weeks we'll be diving into these different options in more detail explaining the pros and cons and best practices around using these. This week we've decide to look at agents.

In Defense of the Agent
While some providers tout the evils of running agents on your system and can oft be heard shouting, "no agents here!!!", we prefer to keep an open mind at Logentries. We'd rather not dictate to our community what approach to take when collecting log data nor do we try to prescribe what's best for you - rather, we'd prefer to give you the different options and allow you to make that decision for yourself.

That being said, like most things in life, agents have their pros and cons. They are certainly not a silver bullet, but they do have their advantages in certain scenarios.

We Want Agents
The two main advantages of using an agent to forward your log data are (1) quick setup and (2) additional functionality.

Having the option to get setup with new tools and technologies quickly is important. It's often overlooked by providers, but it adds great value for users and, in my opinion, it is a critical component of a service that strives to provide a low barrier of entry to the wider community. From our many conversations with users over the past few years we have found that they do not have a lot of time when it comes to evaluating new tools and technologies. Having the ability to get setup and using features quickly is a must for many of them. I can certainly relate to this, even when I was completing my PhD - where I researched and built performance profiling tools for a living - I had a rule of thumb whereby if configuring a profiler took more than 10 minutes I usually just moved on. I generally had something more important to be doing that forced this - and that was in an academic setting where time could move more slowly than in the commercial world :) In the commercial world people usually have smaller time windows to work in.

Well built and documented agents should allow you to get up and running quickly. For example the Logentries agent can get you up and running within 60 seconds with a single command. It works as follows:

  • Copy and paste our single line instruction from our quick start guide to your terminal
  • The agent will be downloaded and installed
    • You will be asked for your Logentries credentials.
    • The install process will automatically find standard logs on your system and configure them to send data to your Logentries account.
    • The install process will automatically send some sample log events into your account to (1) make sure you have connected to our service and (2) to give you some data to play with so you can immediately play with our features without having to generate log data from your system.
    • The install process will automatically configure some sample tags and reports so you can immediately see the value of being able to highlight important events, creating alerts and building reports.

The alternative to the above is configuring syslog (which often assumes a level of understanding for syslog), where its config files live, and how to go about editing them. While this can also be documented (and we have been making our syslog process easier and easier to follow) we find that you can get more easily get tripped up, especially when there are lots of different flavous and versions of syslog. This can be particularly painstaking if you are running some outdated version where instructions or config formats can differ ever so slightly. Syslog can also be a challenge if you want to collect data from non-syslog log files that do not live in the /var/log folder.

Furthermore, if you are living in the Windows world, syslog is not going to be an option (well not out of the box anyway...you can always download and configure Snare - the windows equivalent of syslog). If you fall into this category you will likely require an agent to be able to start collecting your logs without a major time investment.

The second main advantage of agents is that they can come with additional functionality. For example the Logentries agent also provides for the following:

  • Data filtering - This can be important if you have sensitive data in your logs. The Logentries agent has a filtering component that can be configured to cleanse your data and to strip out any private information before it leaves your network.
  • A command line interface - Traditionally Sysadmins and devs worked with their logs on the command line with a combination of commands like tail -f, grep, awk, etc. So it makes sense that from time to time you may want to reuse some of these old skills even if you are using a log management tool with nice browser-based functionality (e.g. search, tagging, alerts, reports ...). The Logentries agent gives you command line access to all your logs contained within your account. For example you can easily search, export and filer data from your Logentries account via the CLI - you can also navigate your account and list your logs as if you are navigating your file system.

No Agents Here
The most common reasons for not using agents are:

  • Maintenance - If you have a large environment with 100's of server instances, the thought of installing/updating/patching another piece of code might be undesirable. This may especially be the case if your systems already ship with syslog. That being said, if you do have such a large environment, you are likely automating deployment through something like Chef or Puppet and so this may be less of an issue. Agents thus need to provide for a silent install so that they can be deployed en masse. Furthermore, if the agent is properly managed and maintained (e.g. though the various *nix package managers - as is the case with the Logentries agent) updating your agent to new versions will be fairly seamless and will happen along with the rest of your updates.
  • Trust - Running someone else's code on your system takes a level of trust. You need to know that it has been well written and isn't going to kill performance or have any major security holes. To help alleviate any concerns however, we have open sourced the Logentries agent so that you can view our code, and even modify it if you so wish. Although it is understandable if you do not have the time (or inclination) to spend reviewing our agent code base :) Furthermore, in some cases, using an agent is just not going to be an option (perhaps due to strict security policies or hard performance constraints). Again this is where syslog may be more of a known and trusted quantity.

In summary agents are not necessarily good or bad, they are not perfect, nor are they evil :) Like most of us, they have their good point and bad points.

This article originally posted on the Logentries blog.

Logentries_Try_It_Free_Promo_W

More Stories By Trevor Parsons

Trevor Parsons is Chief Scientist and Co-founder of Logentries. Trevor has over 10 years experience in enterprise software and, in particular, has specialized in developing enterprise monitoring and performance tools for distributed systems. He is also a research fellow at the Performance Engineering Lab Research Group and was formerly a Scientist at the IBM Center for Advanced Studies. Trevor holds a PhD from University College Dublin, Ireland.

@MicroservicesExpo Stories
"We focus on SAP workloads because they are among the most powerful but somewhat challenging workloads out there to take into public cloud," explained Swen Conrad, CEO of Ocean9, Inc., in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"As we've gone out into the public cloud we've seen that over time we may have lost a few things - we've lost control, we've given up cost to a certain extent, and then security, flexibility," explained Steve Conner, VP of Sales at Cloudistics,in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"Peak 10 is a hybrid infrastructure provider across the nation. We are in the thick of things when it comes to hybrid IT," explained , Chief Technology Officer at Peak 10, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"I think DevOps is now a rambunctious teenager – it’s starting to get a mind of its own, wanting to get its own things but it still needs some adult supervision," explained Thomas Hooker, VP of marketing at CollabNet, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"I will be talking about ChatOps and ChatOps as a way to solve some problems in the DevOps space," explained Himanshu Chhetri, CTO of Addteq, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Your homes and cars can be automated and self-serviced. Why can't your storage? From simply asking questions to analyze and troubleshoot your infrastructure, to provisioning storage with snapshots, recovery and replication, your wildest sci-fi dream has come true. In his session at @DevOpsSummit at 20th Cloud Expo, Dan Florea, Director of Product Management at Tintri, provided a ChatOps demo where you can talk to your storage and manage it from anywhere, through Slack and similar services with...
If you are thinking about moving applications off a mainframe and over to open systems and the cloud, consider these guidelines to prioritize what to move and what to eliminate. On the surface, mainframe architecture seems relatively simple: A centrally located computer processes data through an input/output subsystem and stores its computations in memory. At the other end of the mainframe are printers and terminals that communicate with the mainframe through protocols. For all of its apparen...
Many organizations are now looking to DevOps maturity models to gauge their DevOps adoption and compare their maturity to their peers. However, as enterprise organizations rush to adopt DevOps, moving past experimentation to embrace it at scale, they are in danger of falling into the trap that they have fallen into time and time again. Unfortunately, we've seen this movie before, and we know how it ends: badly.
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
From manual human effort the world is slowly paving its way to a new space where most process are getting replaced with tools and systems to improve efficiency and bring down operational costs. Automation is the next big thing and low code platforms are fueling it in a significant way. The Automation era is here. We are in the fast pace of replacing manual human efforts with machines and processes. In the world of Information Technology too, we are linking disparate systems, softwares and tool...
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
DevOps sees the coming together of practices, philosophies, and tools that allow you to create services and applications very quickly. This means that you can improve on your apps and evolve them at a much faster rate than those developers who are using traditional software development processes. We’ve talked about DevOps, in general, a great deal, but today, we’re going to dig a little deeper and take a look at Java DevOps specifically.
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
With continuous delivery (CD) almost always in the spotlight, continuous integration (CI) is often left out in the cold. Indeed, it's been in use for so long and so widely, we often take the model for granted. So what is CI and how can you make the most of it? This blog is intended to answer those questions. Before we step into examining CI, we need to look back. Software developers often work in small teams and modularity, and need to integrate their changes with the rest of the project code b...
From personal care products to groceries and movies on demand, cloud-based subscriptions are fulfilling the needs of consumers across an array of market sectors. Nowhere is this shift to subscription services more evident than in the technology sector. By adopting an Everything-as-a-Service (XaaS) delivery model, companies are able to tailor their computing environments to shape the experiences they want for customers as well as their workforce.
If you read a lot of business and technology publications, you might think public clouds are universally preferred over all other cloud options. To be sure, the numbers posted by Amazon Web Services (AWS) and Microsoft’s Azure platform are nothing short of impressive. Statistics reveal that public clouds are growing faster than private clouds and analysts at IDC predict that public cloud growth will be 3 times that of private clouds by 2019.
"Outscale was founded in 2010, is based in France, is a strategic partner to Dassault Systémes and has done quite a bit of work with divisions of Dassault," explained Jackie Funk, Digital Marketing exec at Outscale, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
SYS-CON Events announced today that Calligo has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Calligo is an innovative cloud service provider offering mid-sized companies the highest levels of data privacy. Calligo offers unparalleled application performance guarantees, commercial flexibility and a personalized support service from its globally located cloud platfor...