Public Cloud – Flexible Engine
Cloud Trace Service (CTS) – Operation log with high reliability and low cost
Get operation log on cloud service resources with CTS
CTS record all traces that are triggered by open APIs and Console from every cloud service that’s integrated with CTS.
- In the architecture diagram above, we have three main. The third-party services record operations to Cloud Trace Service, e.g. when you create a ECS server, it will record the create operation to CTS server.
- CTS server will store the trace files to your OBS buckets, if there is new resource operations.
- Tenant can search and view the traces on the console of CTS.
CTS provide records of operations on cloud service resources. It also provides the trace list and query by filters, and delivers trace files containing operation records to the OBS buckets for tenant’s analysis.
There are three major features in CTS:
Tracker management
The tenant of cloud service can open CTS by creating a tracker, OBS bucket and the prefix of trace files are required for a tracker. Every tracker can be modified, deleted, viewed, started or stopped.
View and Search Trace
In order to view and search trace, CTS provide this feature for tenant to search trace by default search condition and customized filter on CTS console, supported filters include trace period, trace source, operator, trace status.
Store trace record to OBS
Generally the operation records will be saved in CTS for 7 days after the operation being recorded, and will be stored permanently in OBS periodically, so CTS provide this feature to execute transfer job.
With Using CTS, you can:
- Record operations on resources.
- Create and manage trackers.
- View and search the trace list.
- Search traces by filters.
- Transfer trace files to the OBS buckets periodically for archiving.
- Set prefixes for trace files delivered to the OBS buckets.
Benefits
Real-Time Trace Collection
CTS quickly collects generated traces. After a resource request (include create/change/delete) operation is performed, tenant can view the generated trace on the CTS console.
Full trace tracking
Traces generated by CTS record operations performed on the public cloud management console, calls made using the open APIs, and internal actions triggered in the public cloud system. The traces also record the operation results.
High Reliability and Low Cost
CTS can combine traces to periodically generate trace files. The trace files can be delivered to an OBS bucket, providing high availability and enabling the files to be stored for a long time period at low cost.
Scenarios
There are three general-purpose scenarios for CTS:
Security analysis
Traces generated by CTS record tenant who perform operations, the time when operations are performed, and IP addresses used to perform operations. You can use the information to conduct security analysis.
Operation troubleshooting
Traces generated by CTS record the causes of failed operations, using which you can troubleshoot operation faults. For example, you will fail to create an ECS if you delete the system disk during creation.
Resource change tracing
Traces generated by CTS record resource changes and the results. You can track the resource use using the records.
Compliance audit
CTS provides operation records and the operation query capability, and helps financial and payment enterprises pass authentications, such as PCI DSS.
Characteristics
There are three major kinds of functions provided by Cloud Trade Service:
Tracker management
Creating / Modifying / Editing / Deleting / Starting / Stopping tracker.
View and Search Trace
Viewing the trace list and search traces by multiple filters, which are generated within seven days.
Store trace record to OBS
CTS will check for new trace periodically and upload it to tenant’s OBS bucket and grant rights for tenant’s bucket.
The available service including: Elastic Cloud Server, Auto-Scaling, Image Management Service, Bare Metal Server, Cloud Container Engine, Identity & Access Management, Virtual Private Cloud, Elastic Load Balancer, Direct Connect, Cloud Eye Service, Cloud Trace Service, Simple Message Notification, Volume Backup Service, Relational Database Service, Anto-DDoS, Map Reduce Service.
Limitations
The tenant can create only one tracker in a region.
Billing
CTS is free, but tenant need to pay for OBS buckets fee. Tenant can refer to the standard of OBS charge provided by OBS service.