X-Ray Flashcards
What service provides you with Automated Trace Analysis & Central Service Map Visualization?
X-Ray
What is X-Ray?
AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture. With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors. X-Ray provides an end-to-end view of requests as they travel through your application, and shows a map of your application’s underlying components. You can use X-Ray to analyze both applications in development and in production, from simple three-tier applications to complex microservices applications consisting of thousands of services.
What services are compatible with X-Ray?
- AWS Lambda
- Elastic Beanstalk
- ECS
- ELB
- API Gateway
- EC2 Instances or any application server (even on premise)
How can you start using X-Ray in your instances, including on-prem?
Installing the daemon in the instance user data. The daemon is the only option for on-prem
What provides X-Ray for requests?
- Tracing is an end to end way to following a “request”
* Each component dealing with the request adds its own “trace”
What options are provided by X-Ray to trace the requests?
Ability to trace:
o Every request
o Sample request (as a % for example or a rate per minute)
What is X-Ray security?
X-Ray Security:
o IAM for authorization
o KMS for encryption at rest
How can you enable X-Ray?
- Your code (Java, Python, Go, Node.js, .NET) must import the AWS X-Ray SDK
- Install the X-Ray daemon or enable X-Ray AWS Integration
What will your application capture once the AWS X-Ray SDK is imported?
Calls to AWS services
HTTP / HTTPS requests
Database Calls (MySQL, PostgreSQL, DynamoDB)
Queue calls (SQS)
Do you need to perform heavy code modifications to use the AWS X-Ray SDK in your application?
Very little code modification needed
How does work the X-Ray daemon?
X-Ray daemon works as a low level UDP packet interceptor (Linux / Windows / Mac…)
How can you install the X-Ray daemon in your Lambdas?
AWS Lambda / other AWS services already run the X-Ray daemon for you
What must have each application to write data to X-Ray?
Each application must have the IAM rights to write data to X-Ray
What to do if X-Ray is not working on EC2?
o Ensure the EC2 IAM Role has the proper permissions
o Ensure the EC2 instance is running the X-Ray Daemon
What to do to enable X-Ray on AWS Lambda:?
o Ensure it has an IAM execution role with proper policy (AWSX-RayWriteOnlyAccess)
o Ensure that X-Ray is imported in the code
How can you instrument X-Ray in your code?
You can modify your application code to customize and annotation the data that the SDK sends to XRay, using interceptors, filters, handlers, middleware… (ADVANCED)
What is a X-Ray segment?
each application / service will send them
What is a X-Ray sub-segment?
if you need more details in your segment
What is a X-Ray trace?
segments collected together to form an end-to-end trace
What are X-Ray annotations?
Key Value pairs used to index traces and use with filters. Used for searching
What is X-Ray metadata?
Key Value pairs, not indexed, not used for searching
What can you do with X-Ray sampling rules?
With sampling rules, you control the amount of data that you record, reduce cost
What is recorded by the X-Ray SDK by default?
By default, the X-Ray SDK records the first request each second, and five percent of any additional requests
What are in X-Ray the reservoir and the rate?
- One request per second is the reservoir, which ensures that at least one trace is recorded each second as long the service is serving requests.
- Five percent is the rate at which additional requests beyond the reservoir size are sampled
Can you create your own X-Ray Sampling Rules?
You can create your own rules with the reservoir and rate
How is X-Ray Sampling Rules precedence determined?
Lower priority values have higher precedence
Suppose you have these 2 X-Ray Sampling Rules and your app receives 100 requests per second; define the number of requests traced: Example 1: - reservoir - 10 - rate - 0.10 Example 2: - reservoir - 1 - rate - 1
o 10 + 10% of 90 = 19
o 1 + 100% of 99 = 100
Which are the X-Ray APIs used to write?
- PutTraceSegments
- PutTelemetryRecords
- GetSamplingRules
- GetSamplingTargets (Advanced)
- GetSamplingStatisticSummaries (Advanced)
What is used for X-Ray Write API PutTraceSegments?
Uploads segment documents to AWS X-Ray. Necessary to write into X-Ray
What is used for X-Ray Write API PutTelemetryRecords?
Used by the AWS X-Ray daemon to upload telemetry. Helps with the metrics
o SegmentsReceivedCount
o SegmentsRejectedCounts
o BackendConnectionErrors
What is used for X-Ray Write API GetSamplingRules?
Retrieve all sampling rules (to know what/when to send)
What does need the X-Ray daemon to perform X-Ray Write API calls?
The X-Ray daemon needs to have an IAM policy authorizing the correct API calls to function correctly
Which are the X-Ray APIs used to read?
- GetServiceGraph
- BatchGetTraces
- GetTraceSummaries
- GetTraceGraph
What is used for X-Ray Read API GetServiceGraph?
main graph
What is used for X-Ray Read API BatchGetTraces?
Retrieves a list of traces specified by ID. Each trace is a collection of segment documents that originates from a single request
What is used for X-Ray Read API GetTraceSummaries?
Retrieves IDs and annotations for traces available for a specified time frame using an optional filter. To get the full traces, pass the trace IDs to BatchGetTraces
What is used for X-Ray Read API GetTraceGraph?
Retrieves a service graph for one or more specific trace IDs
How can you run the X-Ray daemon in Beanstalk?
You can run the daemon by setting an option in the Elastic Beanstalk console or with a configuration file (in .ebextensions/xray-daemon.config)
Besides running the X-Ray daemon in Beanstalk, what else you must ensure?
Make sure to give your instance profile the correct IAM permissions so that the X-Ray daemon can function correctly.
Then make sure your application code is instrumented with the X-Ray SDK
What Beanstalk platform does not work with X-Ray?
Multi container Docker
How is X-Ray integrated to ECS?
ECS Classic Cluster:
o 1 X-Ray Daemon Container per EC2 instance
o 1 X-Ray Sidecar Container per Container
Fargate Cluster (no instance management)
o 1 X-Ray Sidecar Container per Container in a Fargate Task
How does work X-Ray + ECS Sidecar pattern task definition?
- Map the Container Port of the X-Ray Daemon to 2000 UDP
- Set an environment variable called AWS_XRAY_DAEMON_ADDRESS
- Link these two containers from a networking perspective
