[SVLS-8160] Add serverless-identifying tag to Azure App Service Windows profiles#44488
Conversation
github-actions
Bot
added
short review
kathiehuang
added
changelog/no-changelog
Static quality checks✅ Please find below the results from static quality gates Successful checksInfo
25 successful checks with minimal change (< 2 KiB)
On-wire sizes (compressed)
|
Regression DetectorRegression Detector ResultsMetrics dashboard Baseline: b663779 Optimization Goals: ✅ No significant changes detected
|
| perf | experiment | goal | Δ mean % | Δ mean % CI | trials | links |
|---|---|---|---|---|---|---|
| ➖ | docker_containers_cpu | % cpu utilization | -0.25 | [-3.17, +2.68] | 1 | Logs |
Fine details of change detection per experiment
| perf | experiment | goal | Δ mean % | Δ mean % CI | trials | links |
|---|---|---|---|---|---|---|
| ➖ | quality_gate_metrics_logs | memory utilization | +1.86 | [+1.63, +2.08] | 1 | Logs bounds checks dashboard |
| ➖ | ddot_metrics | memory utilization | +1.08 | [+0.87, +1.30] | 1 | Logs |
| ➖ | ddot_metrics_sum_delta | memory utilization | +0.16 | [-0.04, +0.37] | 1 | Logs |
| ➖ | otlp_ingest_logs | memory utilization | +0.07 | [-0.04, +0.17] | 1 | Logs |
| ➖ | file_to_blackhole_500ms_latency | egress throughput | +0.04 | [-0.34, +0.43] | 1 | Logs |
| ➖ | uds_dogstatsd_to_api_v3 | ingress throughput | +0.01 | [-0.10, +0.12] | 1 | Logs |
| ➖ | file_to_blackhole_100ms_latency | egress throughput | +0.00 | [-0.04, +0.05] | 1 | Logs |
| ➖ | tcp_dd_logs_filter_exclude | ingress throughput | -0.00 | [-0.09, +0.09] | 1 | Logs |
| ➖ | file_to_blackhole_0ms_latency | egress throughput | -0.01 | [-0.51, +0.48] | 1 | Logs |
| ➖ | uds_dogstatsd_to_api | ingress throughput | -0.02 | [-0.14, +0.11] | 1 | Logs |
| ➖ | otlp_ingest_metrics | memory utilization | -0.02 | [-0.18, +0.13] | 1 | Logs |
| ➖ | ddot_metrics_sum_cumulativetodelta_exporter | memory utilization | -0.06 | [-0.29, +0.17] | 1 | Logs |
| ➖ | file_to_blackhole_1000ms_latency | egress throughput | -0.06 | [-0.48, +0.36] | 1 | Logs |
| ➖ | quality_gate_idle | memory utilization | -0.13 | [-0.17, -0.08] | 1 | Logs bounds checks dashboard |
| ➖ | quality_gate_idle_all_features | memory utilization | -0.16 | [-0.20, -0.12] | 1 | Logs bounds checks dashboard |
| ➖ | ddot_logs | memory utilization | -0.17 | [-0.22, -0.11] | 1 | Logs |
| ➖ | docker_containers_memory | memory utilization | -0.18 | [-0.25, -0.11] | 1 | Logs |
| ➖ | docker_containers_cpu | % cpu utilization | -0.25 | [-3.17, +2.68] | 1 | Logs |
| ➖ | uds_dogstatsd_20mb_12k_contexts_20_senders | memory utilization | -0.29 | [-0.34, -0.23] | 1 | Logs |
| ➖ | file_tree | memory utilization | -0.34 | [-0.39, -0.28] | 1 | Logs |
| ➖ | ddot_metrics_sum_cumulative | memory utilization | -0.45 | [-0.60, -0.29] | 1 | Logs |
| ➖ | tcp_syslog_to_blackhole | ingress throughput | -1.14 | [-1.23, -1.05] | 1 | Logs |
| ➖ | quality_gate_logs | % cpu utilization | -1.72 | [-3.18, -0.27] | 1 | Logs bounds checks dashboard |
Bounds Checks: ✅ Passed
| perf | experiment | bounds_check_name | replicates_passed | links |
|---|---|---|---|---|
| ✅ | docker_containers_cpu | simple_check_run | 10/10 | |
| ✅ | docker_containers_memory | memory_usage | 10/10 | |
| ✅ | docker_containers_memory | simple_check_run | 10/10 | |
| ✅ | file_to_blackhole_0ms_latency | lost_bytes | 10/10 | |
| ✅ | file_to_blackhole_0ms_latency | memory_usage | 10/10 | |
| ✅ | file_to_blackhole_1000ms_latency | lost_bytes | 10/10 | |
| ✅ | file_to_blackhole_1000ms_latency | memory_usage | 10/10 | |
| ✅ | file_to_blackhole_100ms_latency | lost_bytes | 10/10 | |
| ✅ | file_to_blackhole_100ms_latency | memory_usage | 10/10 | |
| ✅ | file_to_blackhole_500ms_latency | lost_bytes | 10/10 | |
| ✅ | file_to_blackhole_500ms_latency | memory_usage | 10/10 | |
| ✅ | quality_gate_idle | intake_connections | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_idle | memory_usage | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_idle_all_features | intake_connections | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_idle_all_features | memory_usage | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_logs | intake_connections | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_logs | lost_bytes | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_logs | memory_usage | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_metrics_logs | cpu_usage | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_metrics_logs | intake_connections | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_metrics_logs | lost_bytes | 10/10 | bounds checks dashboard |
| ✅ | quality_gate_metrics_logs | memory_usage | 10/10 | bounds checks dashboard |
Explanation
Confidence level: 90.00%
Effect size tolerance: |Δ mean %| ≥ 5.00%
Performance changes are noted in the perf column of each table:
- ✅ = significantly better comparison variant performance
- ❌ = significantly worse comparison variant performance
- ➖ = no significant change in performance
A regression test is an A/B test of target performance in a repeatable rig, where "performance" is measured as "comparison variant minus baseline variant" for an optimization goal (e.g., ingress throughput). Due to intrinsic variability in measuring that goal, we can only estimate its mean value for each experiment; we report uncertainty in that value as a 90.00% confidence interval denoted "Δ mean % CI".
For each experiment, we decide whether a change in performance is a "regression" -- a change worth investigating further -- if all of the following criteria are true:
-
Its estimated |Δ mean %| ≥ 5.00%, indicating the change is big enough to merit a closer look.
-
Its 90.00% confidence interval "Δ mean % CI" does not contain zero, indicating that if our statistical model is accurate, there is at least a 90.00% chance there is a difference in performance between baseline and comparison variants.
-
Its configuration does not mark it "erratic".
Replicate Execution Details
We run multiple replicates for each experiment/variant. However, we allow replicates to be automatically retried if there are any failures, up to 8 times, at which point the replicate is marked dead and we are unable to run analysis for the entire experiment. We call each of these attempts at running replicates a replicate execution. This section lists all replicate executions that failed due to the target crashing or being oom killed.
Note: In the below tables we bucket failures by experiment, variant, and failure type. For each of these buckets we list out the replicate indexes that failed with an annotation signifying how many times said replicate failed with the given failure mode. In the below example the baseline variant of the experiment named experiment_with_failures had two replicates that failed by oom kills. Replicate 0, which failed 8 executions, and replicate 1 which failed 6 executions, all with the same failure mode.
| Experiment | Variant | Replicates | Failure | Logs | Debug Dashboard |
|---|---|---|---|---|---|
| experiment_with_failures | baseline | 0 (x8) 1 (x6) | Oom killed | Debug Dashboard |
The debug dashboard links will take you to a debugging dashboard specifically designed to investigate replicate execution failures.
❌ Retried Profiling Replicate Execution Failures (target internal profiling)
Note: Profiling replicas may still be executing. See the debug dashboard for up to date status.
| Experiment | Variant | Replicates | Failure | Debug Dashboard |
|---|---|---|---|---|
| quality_gate_idle_all_features | baseline | 11 (x3) | Oom killed | Debug Dashboard |
| quality_gate_idle_all_features | comparison | 11 (x4) | Oom killed | Debug Dashboard |
CI Pass/Fail Decision
✅ Passed. All Quality Gates passed.
- quality_gate_logs, bounds check lost_bytes: 10/10 replicas passed. Gate passed.
- quality_gate_logs, bounds check memory_usage: 10/10 replicas passed. Gate passed.
- quality_gate_logs, bounds check intake_connections: 10/10 replicas passed. Gate passed.
- quality_gate_idle_all_features, bounds check intake_connections: 10/10 replicas passed. Gate passed.
- quality_gate_idle_all_features, bounds check memory_usage: 10/10 replicas passed. Gate passed.
- quality_gate_idle, bounds check memory_usage: 10/10 replicas passed. Gate passed.
- quality_gate_idle, bounds check intake_connections: 10/10 replicas passed. Gate passed.
- quality_gate_metrics_logs, bounds check memory_usage: 10/10 replicas passed. Gate passed.
- quality_gate_metrics_logs, bounds check intake_connections: 10/10 replicas passed. Gate passed.
- quality_gate_metrics_logs, bounds check cpu_usage: 10/10 replicas passed. Gate passed.
- quality_gate_metrics_logs, bounds check lost_bytes: 10/10 replicas passed. Gate passed.
kathiehuang
added
the
qa/done
|
|
||
| // BuildAppServiceOriginTagForProfiles builds the serverless-identifying tag string for use in profiles. | ||
| func BuildAppServiceOriginTagForProfiles() string { | ||
| return ",_dd.origin:appservice" |
There was a problem hiding this comment.
Is the leading comma necessary?
There was a problem hiding this comment.
It was—there's a comment here about how the AzureServerlessTags string needs to start with a comma, and it's because the tags get added to existing tags here. But I just added some refactoring in 6bc72cc and fdf659d that rename AzureServerlessTags so it's not serverless-specific in the profiling code and also make it a map rather than a string so that the initializer doesn't have to worry about the leading comma!
github-actions
Bot
added
medium review
| @@ -32,7 +32,9 @@ import ( | |||
| "github.com/DataDog/datadog-agent/pkg/config/structure" | |||
| "github.com/DataDog/datadog-agent/pkg/config/utils" | |||
| "github.com/DataDog/datadog-agent/pkg/opentelemetry-mapping-go/otlp/attributes" | |||
| serverlessenv "github.com/DataDog/datadog-agent/pkg/serverless/env" | |||
There was a problem hiding this comment.
can we not do this in the trace component? we want to minimize how far our serverless code spreads around the datadog agent codebase. ideally this would be done in serverless-init or similar. since this is intended for the extension for windows, we should probably be doing this somewhere in the trace-agent command. though actually the ideal place would probably be up in the extension scaffolding, and we'd just pass in a "generic additional profile tags" value to the config without actually putting "serverless" in that generic code.
There was a problem hiding this comment.
That makes sense! I updated this and made a PR in datadog-aas-extension to set the profile tag through the APM config to prune our serverless footprint in the codebase
kathiehuang
removed
the
qa/done
kathiehuang
force-pushed
the
kathie.huang/svls-8160/add-serverless-tags-to-aas-windows
branch
from
1530c84 to
bdda86f
Compare
…p for building tags instead of string with leading comma
kathiehuang
force-pushed
the
kathie.huang/svls-8160/add-serverless-tags-to-aas-windows
branch
from
bdda86f to
5f72691
Compare
kathiehuang
force-pushed
the
kathie.huang/svls-8160/add-serverless-tags-to-aas-windows
branch
from
5f72691 to
2b310d4
Compare
kathiehuang
added
the
qa/done
| # profiling_receiver_timeout: 5 | ||
| # | ||
| # # @param additional_profile_tags - map of key:value elements - optional | ||
| # # @env DD_APM_ADDITIONAL_PROFILE_TAGS - JSON string - optional |
There was a problem hiding this comment.
is this a json string? don't we usually just have comma separated colon delimited simple text for this? json would imply adding quotes and such?
There was a problem hiding this comment.
either way, might be worth adding an example here
There was a problem hiding this comment.
Yes! It seems that viper can automatically parse json into maps. If we want to make it similar to the DD_TAGS format then we can parse it ourselves like how DD_TAGS does. But I agree either way I'll add an example for how the env var should look!
| c.DebugServerPort = core.GetInt("apm_config.debug.port") | ||
| c.APMMode = normalizeAPMMode(core.GetString("apm_config.mode")) | ||
| c.ContainerTagsBuffer = core.GetBool("apm_config.enable_container_tags_buffer") | ||
| c.AdditionalProfileTags = core.GetStringMapString("apm_config.additional_profile_tags") |
There was a problem hiding this comment.
can we add this to some existing test? or add a test for it?
| config.BindEnv("apm_config.profiling_dd_url", "DD_APM_PROFILING_DD_URL") //nolint:forbidigo // TODO: replace by 'SetDefaultAndBindEnv' | ||
| config.BindEnv("apm_config.profiling_additional_endpoints", "DD_APM_PROFILING_ADDITIONAL_ENDPOINTS") //nolint:forbidigo // TODO: replace by 'SetDefaultAndBindEnv' | ||
| config.BindEnv("apm_config.profiling_receiver_timeout", "DD_APM_PROFILING_RECEIVER_TIMEOUT") //nolint:forbidigo // TODO: replace by 'SetDefaultAndBindEnv' | ||
| config.BindEnv("apm_config.additional_profile_tags", "DD_APM_ADDITIONAL_PROFILE_TAGS") //nolint:forbidigo // TODO: replace by 'SetDefaultAndBindEnv' |
There was a problem hiding this comment.
can we add this to some existing test? or add a test for it?
There was a problem hiding this comment.
Yes! I added tests for the config variable getting parsed correctly from both the yaml and the env var in 6b4a989
There was a problem hiding this comment.
Can you please update to use the non deprecated SetDefaultAndBindEnv?
github-actions
Bot
added
long review
| # # @env DD_APM_ADDITIONAL_PROFILE_TAGS - JSON string - optional | ||
| # # Additional tags to add to all profiles. These tags are added on the agent side | ||
| # # before forwarding profiles to Datadog. This is useful for environment-identifying | ||
| # # tags that should be applied to all profiles (e.g., origin). |
There was a problem hiding this comment.
would it be appropriate to add a note in here that this env var is set in a specific way for azure app services in windows and that overriding it there should be done with reference to our aas windows extension docs?
There was a problem hiding this comment.
That makes sense, it wouldn't hurt! I added a note in 31ff747 to reference our Confluence page on profiling
There was a problem hiding this comment.
since this is a public repo, we should probably document it in our public docs, too
There was a problem hiding this comment.
Hmm would that make things confusing since adding additional profile tags doesn't seem to be normal user flow and isn't on the official Continuous Profiler docs?
I could also use SetDefault instead of BindEnvAndSetDefault so that this config isn't attached to an env var?
There was a problem hiding this comment.
no. i guess make it configurable normally and add a note to our confluence to indicate this somewhat strange workflow.
ajgajg1134
left a comment
ajgajg1134
left a comment
There was a problem hiding this comment.
Overall looks good just a very small nit
| // Azure serverless apps tags, in the form of a comma-separated list of | ||
| // key-value pairs, starting with a comma | ||
| AzureServerlessTags string | ||
| // Additional profile tags |
There was a problem hiding this comment.
Nit: can you expand a bit on this comment since right now it doesn't give any details: e.g. AdditionalProfileTags are statically defined tags to attach to proxied profiles, this is primarily used by serverless
|
All contributors have signed the CLA ✍️ ✅ |
|
I have read the CLA Document and I hereby sign the CLA |
|
/merge |
|
View all feedbacks in Devflow UI.
This pull request is not mergeable according to GitHub. Common reasons include pending required checks, missing approvals, or merge conflicts — but it could also be blocked by other repository rules or settings.
The expected merge time in
|
dd-mergequeue
Bot
deleted the
kathie.huang/svls-8160/add-serverless-tags-to-aas-windows
branch
7 participants
What does this PR do?
_dd.origin:appservicetag to profiles for Azure App Service Windows Appsapm_config.additional_profile_tags, which is set in this PR in the AAS Site ExtensionAdditionalProfileTagsfor clearer future useMotivation
See related PR
Describe how you validated your changes
Deployed Node.js and .NET Azure App Service Windows Apps with the Site Extension with
DD_PROFILING_ENABLED=trueand looked at network request to validate that_dd.originis set correctlydatadog-trace-agent.exeanddogstatsd.exefrom thepackage_build > windows_zip_agent_binaries_x64-a7jobdatadog-trace-agent.exeanddogstatsd.exewith the dev versiondatadog.yamlfrom the related AAS Extension PR over_dd.originin the profile tags!