OpenTelemetry is an observability framework, which consists of tools, APIs and SDKs. It is used to generate, collect, and export telemetry data. This can help the user analyze their software’s performance and behavior. In this article we will talk about how OpenTelemetry works and we will explain some of its basics.
What is OpenTelemetry?
OpenTelemetry is a collection of tools that can create and collect telemetry data (logs, traces, and metrics) from your software and services. This open-source project was created by the merge of OpenTracing and OpenCensus projects. Other components of OpenTelemetry, aside from APIs and SDKs, are the OpenTelemetry Collector and OTLP. We will talk about each of these components separately below:
- APIs and SDKs: OpenTelemetry provides an API and an SDK for each programming language, which it uses to instrument an application to generate tracing data and metrics. The APIs ensure that switching between different SDK implementations, won’t require code changes. The SDKs take care of the required processing and then exports the data to OpenTelemetry Collector.
- Collector: The OpenTelemetry Collector collects data from SDKs and exports it to any supported backend, such as Prometheus or Kafka queues. Collector is composed of three main parts: receivers, processors, and exporters. Receivers ingest incoming data of various protocols and formats, processors perform collector processing logic, such as data aggregation, filtering and sampling, and exporters emit the telemetry data to backend destinations in various formats and protocols.
- OpenTelemetry Protocol: OTLP describes the encoding, transport and delivery mechanism of logs, traces, and metrics between telemetry sources, immediate nodes and telemetry backends.
OpenTelemetry is composed of many components with different groups working on each of them. Consequently, every component can be in a different stage of its life cycle, such as an experimental or a stable stage. For example, OpenTelemetry signals are in various stages of their life cycle right now. Tracing was the first type of telemetry data to become generally available (GA). This means that tracing SDKs, APIs, and protocol are stable. Metrics are currently a release candidate (RC), which means they are no longer in the experimental stage and are almost ready to be generally available. Finally, log signals are in the experimental/beta stage.
If a user instruments a service for tracing, every invocation of an operation emits one or multiple spans. API and SDK can be in a code to manually create spans. Additionally, in some cases, you can use auto-instrumentation agents to generate spans automatically. This way you will not need to change the code in the application.
Spans contain data related to the invoked service and operation, the start and finish timestamps of the invocation, the span context and a list of attributes defined by the user. The SDK propagates the context through the involved services in order to ensure that the causal relationship between the spans is captured. After that, the span is formatted to a protocol and transmitted with the SDK to a collector backend and then to a tracing analysis backend tool (e.g. Jaeger).The spans are collected on the backend and traces are reconstructed from them according to causality.
In this article we showed some of the basics of OpenTelemetry, but there are still more to talk about. We analyzed what exactly is OpenTelemetry and what is its current state and talked about some of its basic concepts. In the second part of this article, we will continue analyzing the instrumentation. We will show both automatic and manual types as well as some instrumentation recommendations.
Logstail provides a complete log management solution which is necessary for every organization and brings this functionality to your hands. Now you can convert your data into actionable insights with just some tweaks and prevent performance and security issues. You can maximize the performance of your infrastructure or be notified of potential problems to take the appropriate actions.
In Logstail we are also offering the full range of services required to effectively mitigate cyber-attacks. Incident response and consulting, penetration testing and red team operations are aiming to help our customers reduce their cyber incidents. Sign-up for a free demo to realize the power of Logstail!