TF Analytics指南丨TF警报流（Alert Streaming） | SDNLAB

TF警报（alert）是在基于每个用户可见实体（UVE）提供的。TF分析（analytics）使用Python编码的规则来触发或解除警报，这些规则将检查UVE的内容和对象的配置。一些规则是内置的，其它规则可以使用Python stevedore插件添加。

本主题介绍了Tungsten Fabric警报功能。

警报API格式

TF警报分析API提供以下内容。

作为UVE GET APIs的一部分，读取对警报的访问。
使用POST请求进行警报确认。
使用服务器发送的事件（SSE）进行UVE和警报流。

例如：

GET http:// :8081/analytics/alarms。

{
    analytics-node: [
        {
            name: "nodec40",
            value: {
                UVEAlarms: {
                    alarms: [
                        {
                            any_of: [
                                {
                                    all_of: [
                                        {
                                            json_operand1_value: ""PROCESS_STATE_STOPPED"",
                                            rule: {
                                                oper: "!=",
                                                operand1: {
                                                    keys: [
                                                        "NodeStatus",
                                                        "process_info",
                                                        "process_state"
                                                    ]
                                                },
                                                operand2: {
                                                    json_value: ""PROCESS_STATE_RUNNING""
                                                }
                                            },
                                            json_vars: {
                                                NodeStatus.process_info.process_name: "contrail-topology"
                                            }
                                        }
                                    ]
                                }
                            ],
                            severity: 3,
                            ack: false,
                            timestamp: 1457395052889182,
                            token: "eyJ0aW1lc3RhbXAiOiAxNDU3Mzk1MDUyODg5MTgyLCAiaHR0cF9wb3J0I
................................... jogNTk5NSwgImhvc3RfaXAiOiAiMTAuMjA0LjIxNy4yNCJ9",
                            type: "ProcessStatus"
                        }
                    ]
                }
            }
        }
    ]
}

{

analytics-node: [

{

name: "nodec40",

value: {

UVEAlarms: {

alarms: [

{

any_of: [

{

all_of: [

{

json_operand1_value: ""PROCESS_STATE_STOPPED"",

rule: {

oper: "!=",

operand1: {

keys: [

"NodeStatus",

"process_info",

"process_state"

]

operand2: {

json_value: ""PROCESS_STATE_RUNNING""

}

json_vars: {

NodeStatus.process_info.process_name: "contrail-topology"

}

]

}

severity: 3,

ack: false,

timestamp: 1457395052889182,

token: "eyJ0aW1lc3RhbXAiOiAxNDU3Mzk1MDUyODg5MTgyLCAiaHR0cF9wb3J0I

................................... jogNTk5NSwgImhvc3RfaXAiOiAiMTAuMjA0LjIxNy4yNCJ9",

type: "ProcessStatus"

}

]

}

]

}

在这个例子中：

any_of属性包含以[ [rule1 AND rule2 AND … AND ruleN] … OR [rule11 AND rule22 AND … AND ruleNN] ]格式定义的报警（alarm）规则。
警报是在每个UVE的基础上发出的，可以通过在UVE上的GET来检索。
ack表示警报是否已被确认。
token用于客户端的请求确认。

用于警报的分析API

下面的示例显示了用于显示警报（alert）和报警（alarm），以及确认报警（alarm）的API。

检索对名为aXXsYY的控制节点发出的警报列表。

GET http://<analytics-ip>:<rest-api-port>/analytics/uves/control-node/aXXsYY&cfilt=UVEAlarms

1	GET http://<analytics-ip>:<rest-api-port>/analytics/uves/control-node/aXXsYY&cfilt=UVEAlarms

这适用于所有UVE表类型。

检索系统中所有报警（alarm）的列表。

GET http://<analytics-ip>:<rest-api-port>/analytics/alarms

1	GET http://<analytics-ip>:<rest-api-port>/analytics/alarms

确认报警（alarm）。

POST http://<analytics-ip>:<rest-api-port>/analytics/alarms/acknowledge
Body: {“table”: <object-type>,“name”: <key>, “type”: <alarm type>, “token”: <token>}

1 2	POST http://<analytics-ip>:<rest-api-port>/analytics/alarms/acknowledge Body: {“table”: <object-type>,“name”: <key>, “type”: <alarm type>, “token”: <token>}

可以使用以下URL查询参数和前面列出的GET操作具体查询已确认和未确认的报警（alarm）。

ackFilt=True
ackFilt=False

1 2	ackFilt=True ackFilt=False

SSE流的分析API

下面的例子展示了用于检索全部或部分SE流的API。

检索基于SSE的UVE更新流，用于控制节点报警（alarm）。

GET http://<analytics-ip>:<rest-api-port> /analytics/uve-stream?tablefilt=control-node

1	GET http://<analytics-ip>:<rest-api-port> /analytics/uve-stream?tablefilt=control-node

这对所有UVE表类型都可用。如果没有提供tablefilt URL查询参数，则会检索所有UVE。

只检索基于SSE的UVE更新流的警报部分，而不是整个内容。

GET http://<analytics-ip>:<rest-api-port> /analytics/alarm-stream?tablefilt=control-node

1	GET http://<analytics-ip>:<rest-api-port> /analytics/alarm-stream?tablefilt=control-node

这对所有UVE表类型都可用。如果没有提供tablefilt URL查询参数，则会检索所有UVE。

内置节点警报

可以使用分析API中列出的API来检索以下内置节点警报。

control‐node: {
PartialSysinfoControl: "Basic System Information is absent for this node in BgpRouterState.build_info",
ProcessStatus: "NodeMgr reports abnormal status for process(es) in NodeStatus.process_info",
XmppConnectivity: "Not enough XMPP peers are up in BgpRouterState.num_up_bgp_peer",
BgpConnectivity: "Not enough BGP peers are up in BgpRouterState.num_up_bgp_peer",
AddressMismatch: “Mismatch between configured IP Address and operational IP Address",
ProcessConnectivity: "Process(es) are reporting non‐functional components in NodeStatus.process_status"
},

vrouter: {
PartialSysinfoCompute: "Basic System Information is absent for this node in VrouterAgent.build_info",
ProcessStatus: "NodeMgr reports abnormal status for process(es) in NodeStatus.process_info",
ProcessConnectivity: "Process(es) are reporting non‐functional components in NodeStatus.process_status",
VrouterInterface: "VrouterAgent has interfaces in error state in VrouterAgent.error_intf_list”,
VrouterConfigAbsent: “Vrouter is not present in Configuration”,
},

config‐node: {
PartialSysinfoConfig: "Basic System Information is absent for this node in ModuleCpuState.build_info",
ProcessStatus: "NodeMgr reports abnormal status for process(es) in NodeStatus.process_info",
ProcessConnectivity: "Process(es) are reporting non‐functional components in NodeStatus.process_status"
},

analytics‐node: {
ProcessStatus: "NodeMgr reports abnormal status for process(es) in NodeStatus.process_info"
PartialSysinfoAnalytics: "Basic System Information is absent for this node in CollectorState.build_info",
ProcessConnectivity: "Process(es) are reporting non‐functional components in NodeStatus.process_status"
},

database‐node: {
ProcessStatus: "NodeMgr reports abnormal status for process(es) in NodeStatus.process_info",
ProcessConnectivity: "Process(es) are reporting non‐functional components in NodeStatus.process_status"
},

control‐node: {

PartialSysinfoControl: "Basic System Information is absent for this node in BgpRouterState.build_info",

ProcessStatus: "NodeMgr reports abnormal status for process(es) in NodeStatus.process_info",

XmppConnectivity: "Not enough XMPP peers are up in BgpRouterState.num_up_bgp_peer",

BgpConnectivity: "Not enough BGP peers are up in BgpRouterState.num_up_bgp_peer",

AddressMismatch: “Mismatch between configured IP Address and operational IP Address",

ProcessConnectivity: "Process(es) are reporting non‐functional components in NodeStatus.process_status"

vrouter: {

PartialSysinfoCompute: "Basic System Information is absent for this node in VrouterAgent.build_info",

ProcessStatus: "NodeMgr reports abnormal status for process(es) in NodeStatus.process_info",

ProcessConnectivity: "Process(es) are reporting non‐functional components in NodeStatus.process_status",

VrouterInterface: "VrouterAgent has interfaces in error state in VrouterAgent.error_intf_list”,

VrouterConfigAbsent: “Vrouter is not present in Configuration”,

config‐node: {

PartialSysinfoConfig: "Basic System Information is absent for this node in ModuleCpuState.build_info",

ProcessStatus: "NodeMgr reports abnormal status for process(es) in NodeStatus.process_info",

ProcessConnectivity: "Process(es) are reporting non‐functional components in NodeStatus.process_status"

analytics‐node: {

ProcessStatus: "NodeMgr reports abnormal status for process(es) in NodeStatus.process_info"

PartialSysinfoAnalytics: "Basic System Information is absent for this node in CollectorState.build_info",

ProcessConnectivity: "Process(es) are reporting non‐functional components in NodeStatus.process_status"

database‐node: {

ProcessStatus: "NodeMgr reports abnormal status for process(es) in NodeStatus.process_info",

ProcessConnectivity: "Process(es) are reporting non‐functional components in NodeStatus.process_status"

原文链接：
https://www.juniper.net/documentation/en_US/contrail20/topics/concept/alerts-overview.html

警报API格式

用于警报的分析API

SSE流的分析API

内置节点警报

《未来网络2030》重磅来袭！

算力网络——云网融合2.0时代的网络架构与关键技术

软硬件融合——超大规模云计算架构创新之路

网络工程师的Python之路：网络运维自动化实战

SRv6网络编程：开启IP网络新时代

ODL技术内幕：架构设计与实现原理

ONAP技术详解与应用实践

边缘计算原理与实践