sig-instrumentation: Add charter document

[brancz]

This PR is currently work in progress and meant for sig-instrumentation to iterate on its charter document.

@kubernetes/sig-instrumentation-misc

[coffeepac]

Topics we don't cover (suggested):

• event (metric, log) processing
• prescribing what are error states

[philips]

I think these are reasonable additions.

[coffeepac]

should this be a link to the testgrid at: https://k8s-testgrid.appspot.com/sig-instrumentation ?

[coffeepac]

https://groups.google.com/forum/#!forum/kubernetes-sig-instrumentation

[philips]

Thank you for your patience as we work to your SIG charter merged.

Through the process of reviewing the first 11 charters the Steering Committee (SC) found a lot of copy/paste language caused by our poorly designed initial charter template. To fix this there is a new SIG charter template which focuses on the main things we want to see in charters: scope and responsibilities.

Please consider updating to this charter template and putting focus into the scope and responsibilities. SC members will focus more on a deep review of scope more than anything else and using this template will help with that focus.

[brancz]

@coffeepac @philips I updated this PR with the new charter template and incorporated your comments. Let's go through this in today's sig-instrumentation meeting.

[DirectXMan12]

comments inline

[DirectXMan12]

this doesn't end up at the right place

[DirectXMan12]

(it's a missing page for me)

[philips]

Sorry, oversight in the template #2423

[DirectXMan12]

make this members (plural), and maybe add a note about having multiple people who can maintain.

[DirectXMan12]

two concerns here:

• being the "reviewers" for instrumentation (somewhat akin to api-reviewers)
• being involved in things like node monitoring, where we collaborate with another sig on the details of monitoring parts of kubernetes

[philips]

agreed, I think people should come to this SIG for advice on what metrics to export and the best practices on the dimensions

[DirectXMan12]

maybe say "the SIG does not have chairs separately from the technical leads"

[philips]

Great start! Added some suggestions.

[philips]

agreed, I think people should come to this SIG for advice on what metrics to export and the best practices on the dimensions

[philips]

Prescribing? I don't know if predescribing works here. Maybe something like this:

• Cataloging thresholds or other error states based on instrumentation e.g. alert configurations

[philips]

Scope should be what a SIG owns. So, perhaps:

"Owns best practices for cluster..."

[philips]

It would be worthwhile to link to the SIG's sub-projects https://github.com/kubernetes/community/tree/master/sig-instrumentation#subprojects

[philips]

Probably better to link here since it is generated from sigs.yaml https://github.com/kubernetes/community/tree/master/sig-instrumentation#subprojects

[brancz]

@coffeepac @DirectXMan12 @philips All comments addressed. I think we're in a good shape. Let me know if there anything else. Removing [WIP] as I'd be happy with this state.

[philips]

PTAL @derekwaynecarr @spiffxp as the steering committee reviewers.

[philips]

Looking good. Just want to be concrete on the code/binaries/services list.

[philips]

I don't understand this line. Can you explain further?

[philips]

Can you link to those APIs and Interfaces that this SIG owns?

[philips]

What are those components? Are they the subprojects or something else? Can you link to them?

[brancz]

@philips I linked out to projects and prospects as examples for each category. Let me know if you like this format or if you have other suggestions.

[coffeepac]

LGTM, thanks @brancz !

[spiffxp]

Thanks a bunch for using the shorter format.

I hope these don't come across as nitpicky, I'm trying to look for clarity, overlap and gaps. If these questions are better answered through a high bandwidth medium I can be available as well.

[spiffxp]

all Kubernetes components

What does this mean? eg:

• external dependencies: docker, cri-containerd, rioetcd
• control plane binaries: kube-apiserver, kube-scheduler, kube-controller-manager
• node binaries: kubelet, kube-proxy
• addons: dns, ingress, fluentd, etc.

relevant components

What does this mean? I suspect you're trying to imply things like heapster and metrics-server here, but is there a less open ended way of doing so?

[spiffxp]

events

Needs more clarity, eg:

• how does this relate to the events API and its use as represented by kubectl get events?
• how does this related to the event compression algorithm implemented by sig-api-machinery?
• do you own best practices on the creation of events?
• how does this relate to the pod lifecycle event generator used by kubelet?
• how does this relate to the events generated as part of audit logging?

[derekwaynecarr]

please just strike the term "events" from the charter. it has not been historically the role of this sig and causes confusion.

[derekwaynecarr]

to clarify more on events:

• the event API itself is owned by sig-arch imho given its cross-cutting concern; it predates sigs.
• the client side compression algo was done by me before formation of sig, but its part of client-go so api-machinery owns it now.
• the event v2 api proposal is grouped under sig-instrumentation at this time, but in my opinion its addressing the api from a scalability perspective.

see: https://github.com/kubernetes/community/blob/f367271772f6616088473a6d99a0f084266d4047/contributors/design-proposals/instrumentation/events-redesign.md

all this to say, events and their best practices are not owned by a single sig imho. its by definition cross-cutting.

[coffeepac]

this SIG is mostly concerned with cross-cutting topics and standardizing them. this SIG owns very little by way of implementations in kubernetes and tries to focus on setting best practices.

with that in mind, would this be a good time to formally move best practices for events into this SIG? this would primarily focus on what is a good event, when should it be emitted, how should it be emitted, etc and little with the concrete implementation of those actions.

to be clear, I am not putting a stake in the ground on this, I am exploring a model that fits with what we've been doing with metrics and logging so far.

[spiffxp]

I feel like there are many addons missing from this list, eg:

• cluster-monitoring
• fluentd-elasticsearch
• fluentd-gcp
• metadata-agent
• prometheus

etc.

[derekwaynecarr]

@spiffxp i think addons a conflated with a concept of a distribution, and i am not sure this sig should be the owning body for all of those. defer to @brancz for his input, but i think its a grey area.

[spiffxp]

I think the question for me is whether these are examples of a metrics pipeline, not necessarily a reference impl, and not ownership of vendor-maintained addons. I know there are folks in this sig who are in these OWNERS files

[brancz]

None of the above fall into the "metrics pipeline" category per se, a subset of them could be selected to build one. fluentd-gcp and metadata-agent are or at least should be owned by sig-gcp, both depend on external third party services. Regarding the others:

• cluster-monitoring: is owned by this sig, but deprecated due to heapster deprecation
• fluentd-elasticsearch: we never discussed this formally, but I believe this is maintained by sig-instrumentation members, and I'm ok with that.
• prometheus: this is owned and maintained by us, however as its readme says: "This add-on is an experimental configuration of k8s monitoring using Prometheus used for e2e tests."

What do you want to do with this information? Should we add the addons we own in the sigs.yaml? Generally all of these addons fit into the "Well established but optional components or adapters for Kubernetes clusters" category.

[spiffxp]

just metrics? or also logs and events?

[derekwaynecarr]

historically to my knowledge, it has just been metrics and not logs or events.

[coffeepac]

logging has been a concern owned by this SIG since at least January 2017 and there are e2e tests owned by this sig that predate that.

[brancz]

Correct, but it's wildly disputed what "correct" APIs for logging could and should look like, this goes from logging libraries (glog) to the actual format outputted by these. The only thing about logging that sig-instrumentation somewhat owns is the interface of log file directory structure. It neither owns the actual act of writing the files (typically done by the container runtime) nor does it dictate a format or how logs are to be processed afterwards. I believe we do own and maintain optional addons for this though.

[spiffxp]

It may be helpful to have a counterpart to this in the "in scope" part. This seems to imply to me that if you're not about ingesting, you're about exposing/producing.

[spiffxp]

What roles do these fill / functionality do they provide that they are required?

[derekwaynecarr]

i think this is clear enough, but we could say "core metrics pipeline" that used by core components (scheduler, kubectl, etc.)

[spiffxp]

Same question here

[derekwaynecarr]

this is really api extension points for supporting metric sources consumed by core k8s components (i.e. hpa consuming custom metric sources via api) where the metric source itself is not a k8s project (i.e. prometheus, etc.)

[spiffxp]

Do these exist today?

[brancz]

It does :) https://github.com/kubernetes/community/blob/master/contributors/devel/instrumentation.md

[spiffxp]

It may be helpful to specifically call out which kinds of addons you view as out of scope because they are cloud-provider specific (eg: those that rely on stackdriver likely fall to sig-gcp)

[derekwaynecarr]

i would say alert management is outside the scope entirely?

[coffeepac]

we've been discussing have a base set of 'suggested alerts' around core kubernetes functionality. things like 99% API response time, pod startup time and then make it very clear that the actual thresholds need to be tuned by the user but provide some sane defaults. would that be too prescriptive?

[brancz]

Yes, what @coffeepac said is correct. We have been discussing that suggestions for alerts could be something we can own, as that it already falls into most members daily work, and this could allow to centralize suggested alert sets more and better.

[spiffxp]

I would rephrase this as "Tech Leads must also fulfill all of the responsibilities of the Chair role as outlined in [sig-governance]"

You may also want to consider whether Tech Leads also doing Chair duties just happens to be the state of today, or something you wish to require of all future Tech Leads

[derekwaynecarr]

see comments.

[derekwaynecarr]

please just strike the term "events" from the charter. it has not been historically the role of this sig and causes confusion.

[derekwaynecarr]

historically to my knowledge, it has just been metrics and not logs or events.

[derekwaynecarr]

to clarify more on events:

• the event API itself is owned by sig-arch imho given its cross-cutting concern; it predates sigs.
• the client side compression algo was done by me before formation of sig, but its part of client-go so api-machinery owns it now.
• the event v2 api proposal is grouped under sig-instrumentation at this time, but in my opinion its addressing the api from a scalability perspective.

see: https://github.com/kubernetes/community/blob/f367271772f6616088473a6d99a0f084266d4047/contributors/design-proposals/instrumentation/events-redesign.md

all this to say, events and their best practices are not owned by a single sig imho. its by definition cross-cutting.

[derekwaynecarr]

@spiffxp i think addons a conflated with a concept of a distribution, and i am not sure this sig should be the owning body for all of those. defer to @brancz for his input, but i think its a grey area.

[derekwaynecarr]

i think this is clear enough, but we could say "core metrics pipeline" that used by core components (scheduler, kubectl, etc.)

[derekwaynecarr]

this is really api extension points for supporting metric sources consumed by core k8s components (i.e. hpa consuming custom metric sources via api) where the metric source itself is not a k8s project (i.e. prometheus, etc.)

[derekwaynecarr]

i would say alert management is outside the scope entirely?

[brancz]

Added further updates according to the comments. Please take a look and let me know if I should add any more information from comments that I have replied with.

[philips]

/lgtm

[philips]

@spiffxp and @derekwaynecarr if you think the SIG Instrumentation charter now looks good can you please approve?

[brancz]

Does this look good to people now or anything else we should change?

[spiffxp]

looking...

[spiffxp]

I have two tiny nits on in-scope/out-of-scope. You've got my attention today, I'll see if we can iterate on this quickly.

[spiffxp]

I'm still not sure "Kubernetes components" is a well understood, well defined term, but I will assume you are OK deferring the definition of this term to SIG Architecture and accepting whatever scope that implies if the definition is refined.

[derekwaynecarr]

i am fine w/ that caveat as described by @spiffxp

[spiffxp]

I feel like this should contain some of @brancz's response

It neither owns the actual act of writing the files (typically done by the container runtime) nor does it dictate a format or how logs are to be processed afterwards.

eg:

• The act of writing log files, their format, or how they are to be processed afterwards

[spiffxp]

This seems relevant as well

The only thing about logging that sig-instrumentation somewhat owns is the interface of log file directory structure.

[spiffxp]

Should we add the addons we own in the sigs.yaml?

Yes, I'll open a follow on PR based on your input, it needn't block this

[spiffxp]

nit: s/advise/advice

[spiffxp]

/approve

[spiffxp]

If I see no objections by end of day I'm going to re-add the LGTM per the above

[philips]

sounds good to me @spiffxp

[derekwaynecarr]

we did not discuss this in the sig-node charter.

i think this should have some further refinement.

at best I think this is with sig-node, and not exclusively instrumentation. the sig-node charter says "Issues related to node, pod, container monitoring (with sig-instrumentation)" and probably should have also had a line for logging w/ sig-instrumentation. I think this is shared responsibility across the two sigs.

[brancz]

Makes sense. Will move that to shared responsibilities.

[brancz]

I deleted this line and added "The interface of log files and their directory structure written out by container runtimes to be processed by other systems further, is shared responsibility between SIG Node and SIG Instrumentation." To the cross-cutting section.

[derekwaynecarr]

i have the one request that we treat the log file and directory structure as a shared responsibility with sig-node, otherwise this is fine w/ me.

[derekwaynecarr]

/approve
/lgtm

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: derekwaynecarr, spiffxp

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• sig-instrumentation/OWNERS [derekwaynecarr,spiffxp]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment