Commit 2115712f authored by Rafael Monnerat's avatar Rafael Monnerat

Monitoring SR: Refactoring, fix and improve

 Removed local Ploting (use renderjs)
 Remove Password need, use a big hash on the URL Instead
 Fix rsync call to collect the logs.
 Several minor improvements
parent 32d4a14c
PidFile "{{ httpd_configuration.get('pid-file') }}"
ServerName example.com
ServerAdmin someone@email
<IfDefine !MonitorPort>
Listen [{{ httpd_configuration.get('listening-ip') }}]:{{ monitor_parameters.get('port') }}
Define MonitorPort
</IfDefine>
DocumentRoot "{{ directory.get('www') }}"
ErrorLog "{{ httpd_configuration.get('error-log') }}"
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule mime_module modules/mod_mime.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule dir_module modules/mod_dir.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule alias_module modules/mod_alias.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule headers_module modules/mod_headers.so
LoadModule env_module modules/mod_env.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
SetEnvIf Origin "http(s)?://(www\.)?(.*)$" AccessControlAllowOrigin=$0
Header always set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header set Access-Control-Allow-Credentials "true"
Header set Access-Control-Allow-Methods "PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST"
Header set Access-Control-Allow-Headers "Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Authorization"
# SSL Configuration
<IfDefine !SSLConfigured>
Define SSLConfigured
SSLCertificateFile {{ httpd_configuration.get('certificate') }}
SSLCertificateKeyFile {{ httpd_configuration.get('key') }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLRandomSeed startup /dev/urandom 256
SSLRandomSeed connect builtin
SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
SSLSessionCache shmcb:/{{ directory.get("mod-ssl") }}/ssl_scache(512000)
SSLSessionCacheTimeout 300
</IfDefine>
SSLEngine On
ScriptSock {{ httpd_configuration.get('cgid-pid-file') }}
<Directory {{ directory.get('www') }}>
SSLVerifyDepth 1
SSLRequireSSL
SSLOptions +StrictRequire
# XXX: security????
Options +ExecCGI
AddHandler cgi-script .cgi
DirectoryIndex {{ monitor_parameters.get('index-filename') }}
</Directory>
Alias /{{ monitor_private_hash }} {{ directory.get('private-directory') }}/
<Directory {{ directory.get('private-directory') }}>
Order Allow,Deny
Allow from all
AllowOverride All
Satisfy Any
Options Indexes FollowSymLinks
DirectoryIndex index.html
<Files .htaccess>
order allow,deny
deny from all
</Files>
</Directory>
<Location /rewrite>
AuthType Basic
AuthName "Private access"
AuthUserFile "{{ monitor_parameters.get('htaccess-file') }}"
Require valid-user
</Location>
ProxyVia On
RewriteEngine On
{% for key, value in monitor_rewrite_rule.iteritems() %}
RewriteRule ^/rewrite/{{ key }}($|/.*) {{ value }}/$1 [P,L]
{% endfor %}
This source diff could not be displayed because it is too large. You can view the blob instead.
#!{{ extra_eggs_interpreter }}
# Beginning of response
print "Content-Type: text/plain"
print
print "OK"
......@@ -19,8 +19,6 @@ parts =
monitor-promise
monitor-instance-log-access
cron-rsync-logs
plot-html
dygraph-js
extends = ${monitor-template:output}
......@@ -46,20 +44,6 @@ context =
raw rsync_binary ${rsync:location}/bin/rsync
key server_log_directory monitor-directory:server-log
[plot-html]
recipe = slapos.recipe.template:jinja2
template = ${template-plot-html:output}
rendered = $${monitor-directory:server-log}/plot.html
mode = 0644
context =
[dygraph-js]
recipe = slapos.recipe.template:jinja2
template = ${template-dygraph-js:output}
rendered = $${monitor-directory:server-log}/dygraph-combined.js
mode = 0644
context =
[pwgen]
recipe = slapos.cookbook:generate.password
user = admin
......@@ -70,18 +54,38 @@ recipe = slapos.cookbook:generate.password
user = admin
bytes = 16
[htpasswd-generate]
recipe = plone.recipe.command
output = $${monitor-parameters:htaccess-file}
long_passwd = $${pwgen:passwd}$${pwgen32:passwd}
update-command = $${:command}
command =
echo ${apache:location}/bin/htpasswd $${:output} $${pwgen:user} $${:long_passwd}
${apache:location}/bin/htpasswd -cb $${:output} $${pwgen:user} $${:long_passwd}
[monitor-directory]
server-log = $${:private-directory}/server-log
cache = $${:var}/cache
mod-ssl = $${:cache}/httpd_mod_ssl
[slap-parameter]
private-hash = $${pwgen:passwd}$${pwgen32:passwd}
frontend-domain =
[monitor-parameters]
url = https://$${pwgen:user}:$${htpasswd-generate:long_passwd}@[$${slap-parameters:ipv6-random}]:$${:port}
[monitor-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Monitor Frontend
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
config = url domain
config-url = $${monitor-parameters:url}
config-domain = $${slap-parameter:frontend-domain}
return = site_url domain
[publish-connection-informations]
recipe = slapos.cookbook:publish
monitor_url = $${monitor-parameters:url}
server_log_url = $${:url}$${slap-parameter:private-hash}/
url = $${monitor-frontend:connection-site_url}
[monitor-httpd-configuration-file]
context =
section directory monitor-directory
section monitor_parameters monitor-parameters
section httpd_configuration monitor-httpd-configuration
section monitor_rewrite_rule monitor-rewrite-rule
key monitor_private_hash slap-parameter:private-hash
<html>
<head>
<meta charset="utf-8">
<style>
div {
float: left;
margin: 5px;
}
</style>
</head>
<body>
<div> <b> LOADAVG </b> <div class="chart"id="loadavg"> </div></div>
<div> <b> CPU PERCENT </b> <div class="chart"id="cpu_percent"> </div></div>
<div> <b> MEMORY USED </b> <div class="chart"id="memory_used"> </div></div>
<div> <b> MEMORY FREE </b> <div class="chart"id="memory_free"> </div></div>
<div> <b> NET IN BYTES </b> <div class="chart"id="net_in_bytes"> </div></div>
<div> <b> NET IN ERROR </b> <div class="chart"id="net_in_errors"> </div></div>
<div> <b> NET IN DROPPED </b> <div class="chart"id="net_in_dropped"> </div></div>
<div> <b> NET OUT BYTES </b> <div class="chart"id="net_out_bytes"> </div></div>
<div> <b> NET OUT ERRORS </b> <div class="chart"id="net_out_errors"> </div></div>
<div> <b> NET OUT DROPPED </b> <div class="chart"id="net_out_dropped"> </div></div>
<script type="text/javascript" src="dygraph-combined.js"></script>
<script>
new Dygraph(
document.getElementById("loadavg"), "system_loadavg.csv");
new Dygraph(
document.getElementById("cpu_percent"), "system_cpu_percent.csv");
new Dygraph(
document.getElementById("memory_used"), "system_memory_used.csv");
new Dygraph(
document.getElementById("memory_free"), "system_memory_free.csv");
new Dygraph(
document.getElementById("net_in_bytes"), "system_net_in_bytes.csv");
new Dygraph(
document.getElementById("net_in_errors"), "system_net_in_errors.csv");
new Dygraph(
document.getElementById("net_in_dropped"), "system_net_in_dropped.csv");
new Dygraph(
document.getElementById("net_out_bytes"), "system_net_out_bytes.csv");
new Dygraph(
document.getElementById("net_out_errors"), "system_net_out_errors.csv");
new Dygraph(
document.getElementById("net_out_dropped"), "system_net_out_dropped.csv");
</script>
</body>
</html>
#!${dash-output:dash}
RSYNC_BIN={{ rsync_binary }}
SLAPGRID_LOGS={{ buildout_directory }}/../var/data-logs/
SLAPGRID_LOGS={{ buildout_directory }}/../var/data-log/
SERVERLOGS={{ server_log_directory }}
$RSYNC_BIN -a $SLAPGRID_LOGS $SERVERLOGS
$RSYNC_BIN -a --delete $SLAPGRID_LOGS $SERVERLOGS
......@@ -15,35 +15,25 @@ parts =
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
output = ${buildout:directory}/instance.cfg
md5sum = 68e146558156c0702344c83876b4daf8
md5sum = 6ad84a0061df0c00a9f41d8b302adc45
mode = 0644
# stupify index for now
[index]
url = ${:_profile_base_location_}/${:filename}
md5sum = 99ad2a7a9dbdae35e3d9aef352c4f0d5
md5sum = 876f18b159fbd9325332d0f42e9172ac
[monitor-httpd-template]
url = ${:_profile_base_location_}/${:filename}
md5sum = 1f30b17f5ea11fd033984d17c38bcfd3
[rsync-logs-script]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/rsync-logs.sh.in
md5sum = e48c41cf1cebcaf33353e950edc94717
md5sum = 33900b1f30f9d1de19814d6d3bacb03b
output = ${buildout:directory}/template-rsync-logs.sh.in
mode = 0644
[template-plot-html]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/plot.html.in
md5sum = 7f9f201f6695ae56b26b742e571478f5
output = ${buildout:directory}/template-plot-html.in
mode = 0644
[template-dygraph-js]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/dygraph-combined.js
md5sum = 9bbf0b64dc1ee1ed3b6f4e2c302e21aa
output = ${buildout:directory}/dygraph-combined.js
mode = 0644
[eggs]
recipe = z3c.recipe.scripts
eggs =
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment