Refactoring Glance logging

Glance is currently logging lots of operator relevant information as DEBUG. Also the logged messages are translated in various ways. I would like to refactor the whole Glance codebase reflecting the current logging guidelines [1].

Problem description

OPS are complaining that OpenStack as whole does not utilize the logging levels appropriately and production implementations needs to run on DEBUG- level to get needed information out of the logs.

Glance is logging a lot of operator relevant information as DEBUG. [1]

Proposed change

I would like to see whole Glance codebase revisited and the logging changed to use appropriate logging level and reflect the translation functions to those levels as well. This would be also good opportunity to ensure that we have no logging left that would write sensitive information like URIs and credentials to logfiles.

Unify the way how exceptions are logged. Exception message should be always logged if anything to ensure that operators can find the event based on end user problem description.

Alternatives

We could implement error codes to differentiate the messages sent to user and logged having still unique linkage between the two. This would cause more documentation overhead but provide greater flexibility and granularity.

Data model impact

None

REST API impact

None

Security impact

This would reinforce the confidence that we do not log sensitive/confidential information. [2]

Notifications impact

Some notification messages might have minor changes.

Other end user impact

None

Performance Impact

This should not have performance hit outside of the corrected amount of translation function calls made.

Other deployer impact

Users who have their own logging filtering in place would need to review those rules after the logging level has been changed.

Developer impact

The logging on correct levels should make developer life easier when trying to debug the code.

Implementation

Assignee(s)

Primary assignee:

Erno Kuvaja <jokke>

Other contributors:

<launchpad-id or None>

Work Items

  • Review OpenStack logging guidelines [1][2]

  • Review the current logging pattern and make decision where changing the message content would be appropriate (sensitive data, etc.)

  • Determine the correct logging level message by message and align the translation functions used on that log level.

Dependencies

  • Related proposal in the Security Guideline draft [2] to implement some sanitizing and tagging to oslo. This is not dependency nor should affect this work other than possible adobtation if the proposed functionality gets implemented.

Testing

None

Documentation Impact

New log level use cases should be documented so deployers would know what to expect finding from their logs.

References

[1] https://wiki.openstack.org/wiki/LoggingStandards [2] https://wiki.openstack.org/wiki/Security/Guidelines/logging_guidelines