O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

TDC 2015 - POA - Trilha PHP - Shit Happens

499 visualizações

Publicada em

Centralize logs and get your insight into the errors that affect your customers.

Publicada em: Internet
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

TDC 2015 - POA - Trilha PHP - Shit Happens

  1. 1. Shit happens Centralize logs and get your insight into the errors that affect your customers.
  2. 2. Jackson F. de A. Mafra http://about.me/jacksonfdam https://bitbucket.org/jacksonfdam https://github.com/jacksonfdam http://linkedin.com/in/jacksonfdam @jacksonfdam Software Engineer at Aggrega Group, mobile training instructor at Targettrust. Developer for 15 years with background in e- commerce projects and real estate, since 2009 with focused interests for the development of mobile and MEAP and applications interfaces.
  3. 3. Aspect oriented programming (AOP) allows us to keep implement different concerns in isolation
  4. 4. Cross-cutting concerns are conceptually separate from (but often embedded directly within) the application’s business logic. Separating these cross-cutting concerns from the business logic is where aspect- oriented programming (AOP) goes to work.
  5. 5. Whereas DI helps you decouple your application objects from each other, AOP helps you decouple cross-cutting concerns from the objects that they affect.
  6. 6. Centralize concerns implementation More reusable code Cleaner code Write less code Easy to understand More maintainable Less boilerplate code More interesting work Why AOP?
  7. 7. Caching Profiling Security Pooling Exception Handling Transactions Logging Concern
  8. 8. Program execution Join Points Advice Pointcut Terminology
  9. 9. Aspects are often described in terms of advice, pointcuts, and join points. Terminology
  10. 10. Advice defines what needs to be applied and when. Jointpoint is where the advice is applied. Pointcut is the combination of different joinpoints where the advice needs to be applied. Aspect is applying the Advice at the pointcuts. Definitions
  11. 11. Definitions Method Method Method Concern Concern Advice Join Points Logger Transaction Manager
  12. 12. Advice Types Method Method Method Method Exception Before advice After advice After returning advice Around advice Throws advice
  13. 13. AOP is a PECL extension that enables you to use Aspect Oriented Programming in PHP, without the need to compile or proceed to any other intermediate step before publishing your code. The AOP extension is designed to be the easiest way you can think of for integrating AOP to PHP. AOP aims to allow separation of cross-cutting concerns (cache, log, security, transactions, ...) https://github.com/AOP-PHP/AOP AOP
  14. 14. You can use pecl sudo pecl install aop-beta Installation
  15. 15. <?php class UsersServices { public function authorizeUser () { //some stuff only the admin should do echo "Calling authorizeUser"; } public function authorizeGroup () { //some stuff only the admin should do echo "Calling authorizeGroup"; } } Basic tutorial
  16. 16. <?php class UsersServices { public function authorizeUser () { //some stuff only the admin should do echo "Calling authorizeUser"; } public function authorizeGroup () { //some stuff only the admin should do echo "Calling authorizeGroup"; } } Basic tutorial
  17. 17. Now you want your code to be safe, you don't want non admin users to be able to call authorize methods. Basic tutorial
  18. 18. Add some code to check the credentials "IN" you UsersServices class. The drawback is that it will pollute your code, and your core service will be less readable. Let the clients have the responsibility to check the credentials when required. The drawbacks are that you will duplicate lots of code client side if you have to call the service from multiple places Add some kind of credential proxy that will check the credentials before calling the actual service. The drawbacks are that you will have to write some extra code, adding another class on the top of your services. What are your solutions ?
  19. 19. Moreover, those solutions tends to increase in complexity while you are adding more cross-cutting concerns like caching or logging. What are your solutions ?
  20. 20. That's where AOP comes into action as you will be able to tell PHP to do some extra actions while calling your MyServices's admin methods. What are your solutions ?
  21. 21. So let's first write the rule needed to check if we can or cannot access the admin services. <?php function adviceForDoAdmin () { if ((! isset($_SESSION['user_type'])) || ($_SESSION['user_type'] !== 'admin')) { throw new Exception('Sorry, you should be an admin to do this'); } } What are your solutions ?
  22. 22. Dead simple : we check the current PHP session to see if there is something telling us the current user is an admin (Of course we do realize that you may have more complex routines to do that, be we'll keep this for the example) What are your solutions ?
  23. 23. Now, let's use AOP to tell PHP to execute this method "before" any execution of admin methods. <?php aop_add_before('UsersServices->authorize*()', 'adviceForDoAdmin'); What are your solutions ?
  24. 24. Now, each time you'll invoke a method of an object of the class UsersServices, starting by authorize, AOP will launch the function basicAdminChecker before the called method. What are your solutions ?
  25. 25. <?php //session is started and we added the above examples to configure UsersServices & basicAdminChecker $services = new UsersServices(); try { $services-> authorizeUser();//will raise an exception as nothing in the current session tells us we are an admin } catch (Exception $e) { echo "You cannot access the service, you're not an admin"; } $_SESSION['user_type'] = 'admin';//again, this is ugly for the sake of the example try { $service-> authorizeUser(); $service-> authorizeGroup(); } catch (Exception $e) { //nothing will be caught here, we are an admin }
  26. 26. Logging is an important part of the app development/maintenance cycle. Logging
  27. 27. To know the best method of logging data of different contexts for specific environments such as test/dev and production Take Away
  28. 28. Even with use of computers there was a real need to measure the overall performance of any reasearch Early 1980's there was a Instrument called VELA (virtual laboratory) used for data harvesting History of Logging
  29. 29. Late 1980's, A device was invented to collect information through sensors Later then data logging/harvesting has been used widely in all applications/reasearches/ products. History of Logging
  30. 30. Track Users activity/Movement Transaction Logging Track user errors System level failures/warnings Research Data collection and Interpretation Need of Logging
  31. 31. Error / Exception logs Access logs System logs Application logs Database logs Transaction logs Mailer logs etc... Types of Logging
  32. 32. Apache NGINX PostgreSQL MySQL php php-fpm System Logs
  33. 33. Debug Information - Errors (connections, uncaught exceptions, resource exhaustion) Narrative Information - Methods Calls, Event Triggers Business Events - Purchases, Logins, Registrations, Unsubscribes Application Log
  34. 34. ssh webserver@mydomain.net tail -f /var/log/nginx/my-site.access.log tail -f /var/log/my.application.log ssh data@mydomain.net tail -f /var/log/mysql/mysql.log ssh q@mydomain.net tail -f /var/log/rabbitmq/nodename.log Keeping Track Of All This
  35. 35. Apache/PHP <VirtualHost *:80> <Directory /var/www/html/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> Current Conventions
  36. 36. Monolog is a PHP library that support different levels of logging for PHP Applications and depends on PSR. Inspired by Python Logbook library Provides stack of handlers More Powerful than conventional way of logging in applications Monolog Enters Here
  37. 37. Monolog sends your logs to files, sockets, inboxes, databases and various web services. Channel based approach Different stack of handlers for specific channels Pile up handler stack based on severity. Format Interpretation depending on severity and channel Prevents Bubbling when severity is reached What's different ?
  38. 38. Log Levels 2013 - PSR03 - PHP Logging Interface Standard Phrase / Severity emergency Emergency: system is unusable alert Alert: action must be taken immediately critical Critical: critical conditions error Error: error conditions warning Warning: warning conditions notice Notice: normal but significant condition info Informational: informational messages debug Debug: debug-level messages http://www.php-fig.org/psr/psr-3/ Log Levels
  39. 39. What about Apache’s error_log?
  40. 40. error_log is too basic (message, file, line) difficult to read / parse depends on “error_reporting” setting Why?
  41. 41. monolog phpconsole log4php RavenPHP + Sentry FirePHP (dev environment) Roll your own Logging Options Logging Options
  42. 42. Fire & forget Minimum or zero latency Highly available Should be PSR-3 compatible Log everything: - Exceptions - Errors - Fatal Errors Requirements (for everyone)
  43. 43. Typical PSR-3 Compatible Design Capture Method Logger (PSR-3) Handler / Adapter Data Storage
  44. 44. Monolog MonologErrorHandler -> handleException() MonologLogger ->log() MonologHandler ->handle() MongoDB
  45. 45. Option to have different channel for different module Custom detailing Different handlers for different development Thorough participation in different stages of lifecycle Open for third party integration Readable and Beautiful Layered message Advantages
  46. 46. PSR-3 makes it easy However you want… Monolog has loads: - syslog-compatible / error_log - Email, HipChat - AMQP, Sentry, Zend Monitor, Graylog2 - Redis, MongoDB, CouchDB Sending Log Messages
  47. 47. CakePHP - https://github.com/jadb/cakephp-monolog Symfony2 - https://github.com/symfony/MonologBundle Slim – https://github.com/flynsarmy/Slim-Monolog Zend2 - https://packagist.org/packages/enlitepro/enlite-monolog CodeIgniter - https://github.com/pfote/Codeigniter-Monolog Laravel – Inbuilt Support. Drupal - https://drupal.org/project/monolog Wordpress - https://packagist.org/packages/fancyguy/wordpress- monolog more: https://github.com/Seldaek/monolog#frameworks-integration Do you use Frameworks / CMS ?
  48. 48. Monolog is available on Packagist, which means that you can install it via Composer. composer require 'monolog/monolog:1.13.*' Installation
  49. 49. <?php use MonologLogger; use MonologHandlerStreamHandler; // create a log channel $log = new Logger('name'); $log->pushHandler(new StreamHandler('path/to/your.log', Logger::WARNING)); // add records to the log $log->addWarning('Foo'); $log->addError('Bar'); Basic Usage
  50. 50. <?php use MonologLogger; use MonologHandlerFingersCrossedHandler; use MonologHandlerStreamHandler; $logEnv = getenv('LOG_LEVEL'); $level = empty($logLevel) ? $logEnv : Logger::WARNING; $appLog = new Logger('AppLog'); $strHandler = new StreamHandler('/var/log/app.log', Logger::DEBUG); $fcHandler = new FingersCrossedHandler($strHandler, $level); $appLog−>pushHandler($fcHandler); $appLog−>debug('LOGGING!'); Loggers And Handlers
  51. 51. <?php // Set A Log Level $logEnv = getenv(‘LOG_LEVEL'); $level = empty($logLevel) ? $logEnv : Logger::WARNING; // Create A Logger $appLog = new Logger('AppLog'); Loggers And Handlers
  52. 52. <?php // Create Handlers $strHandler = new StreamHandler('/var/log/app.log', Logger::DEBUG); $fcHandler = new FingersCrossedHandler($strHandler, $level); // Push The Handler And Start Logging $appLog−>pushHandler($fcHandler); $appLog−>debug('Start Logging!'); $appLog−>emergency('Something Terrible Happened'); Loggers And Handlers
  53. 53. <?php use MonologLogger; use SymfonyComponentEventDispatcherEventDispatcher; $dispatcher = new EventDispatcher(); $dispatcher−>addListener( "business.registration.post", function () use ($busLog) { $busLog−>info("Customer registered"); } ); $dispatcher−>dispatch("business.registration.post"); Event Logging
  54. 54. http://www.sitepoint.com/logging-with-monolog-from-devtools-to-slack/ More usages
  55. 55. Stop logging exceptions the old fashioned way.
  56. 56. The Elk Stack
  57. 57. Indexing and search engine Near real-time Distributed, auto-discover clustering – AWS Plugin Elasticsearch
  58. 58. Collects logs Parses, extracts and formats data Passes data to Elasticsearch Logstash
  59. 59. example filter { if [file] == "/var/log/secure" and ( [syslog_message] =~ /Invalid user/ or [syslog_message] =~ /User root from/ ) { grok { add_tag => [ "LOGIN" ] match => {"syslog_message" => “user %{ WORD:username} from %{IP:srcip}" } } } } Logstash
  60. 60. Web interface to query Elasticsearch node.js Kibana
  61. 61. Kibana
  62. 62. Kibana
  76. 76. Logstash Architecture
  77. 77. AWS Architecture
  78. 78. Questions?
  79. 79. Thank you.