Exemple #1
0
func setup() error {

	// Resolve bind address
	saddr, err := net.ResolveUDPAddr("udp", env.GetDefault("COLLECTD_PROXY_BIND", "127.0.0.1:25827"))
	if err != nil {
		return err
	}

	// Listen udp socket
	proxy, err = net.ListenUDP("udp", saddr)
	if err != nil {
		return err
	}

	// Resolve target address
	taddr, err := net.ResolveUDPAddr("udp", env.GetDefault("COLLECTD_PROXY_TARGET", "127.0.0.1:25826"))
	if err != nil {
		return err
	}

	target, err = net.DialUDP("udp", nil, taddr)
	if err != nil {
		return err
	}

	return nil
}
/**
 * 1 - Show a deployment
 */
func (ctl *DeploymentController) getDeploymentAction(c *gin.Context) {

	appId := c.Param("app_id")
	deployId := c.Param("deploy_id")

	application := ctl.getApplication(c, appId)
	if application == nil {
		return
	}

	deployment := ctl.getDeployment(c, application, deployId)
	if deployment == nil {
		return
	}

	karhuURL, _ := url.Parse(env.GetDefault("PUBLIC_HOST", "http://127.0.0.1:8080"))
	webSocketProto := "ws"
	if karhuURL.Scheme == "https" {
		webSocketProto = "wss"
	}

	c.HTML(http.StatusOK, "deployment_show.html", map[string]interface{}{
		"application":     application,
		"deployment":      deployment,
		"public_host":     karhuURL.Host,
		"websocket_proto": webSocketProto,
	})
}
Exemple #3
0
func init() {

	hosts := env.GetDefault("MGO_HOSTS", "127.0.0.1")
	db := env.GetDefault("MGO_DB", "karhu")

	log.Println("Connecting to mgo:", hosts)
	session, err := mgo.Dial(hosts)
	if err != nil {
		panic(err)
	}
	session.SetMode(mgo.Eventual, true)

	mongo = &Mongo{
		s:  session,
		db: db,
	}
}
Exemple #4
0
func init() {

	switch env.GetDefault("STORAGE_DRIVER", "fs") {
	case "fs":
		driver = newFSDriver()
	default:
		panic("Invalid storage driver")
	}
}
Exemple #5
0
func LogstashRefreshApplicationsFilters() error {

	// Get all node
	apps, err := ApplicationMapper.FetchAll()
	if err != nil {
		return err
	}

	filters := logstash.NewTagFilters()

	for _, app := range apps {

		// Fetch logfiles
		logfiles, err := LogfileMapper.FetchAllEnabled(app)
		if err != nil {
			return err
		}

		if len(logfiles) == 0 {
			continue
		}

		var filePaths []string
		for _, lf := range logfiles {
			filePaths = append(filePaths, strconv.Quote(lf.Path))
		}

		// Forge application tags
		var conds []string
		if len(filePaths) > 1 {
			conds = append(conds, fmt.Sprintf("[source] in [ %s ]", strings.Join(filePaths, ", ")))
		} else {
			conds = append(conds, fmt.Sprintf("[source] == %s", filePaths[0]))
		}
		for _, t := range app.Tags {
			conds = append(conds, fmt.Sprintf("%s in [karhu_tags]", strconv.Quote(t)))
		}

		filters.AddFilter(
			logstash.NewFilter(strings.Join(conds, " and ")).
				Mutate(logstash.NewMutate("karhu_app", strconv.Quote(app.Name))))
	}

	data, err := filters.Marshal()
	if err != nil {
		return err
	}

	log.Println(string(data))

	if err := ioutil.WriteFile(env.GetDefault("LOGSTASH_APPS_FILTERS", "./logstash/conf.d/11-apps-filters.conf"), data, 0644); err != nil {
		return err
	}

	return nil
}
Exemple #6
0
func keyDir() string {

	dir := env.GetDefault("STORAGE_PATH", "data")

	if !path.IsAbs(dir) {
		cwd, _ := os.Getwd()
		dir = path.Join(cwd, dir)
	}

	return path.Clean(fmt.Sprintf("%s/%s", dir, SSH_KEYS_DIR))
}
Exemple #7
0
func main() {

	rand.Seed(time.Now().UnixNano())

	s := web.NewServer()
	controllers.NewFrontController(s)
	controllers.NewAPIController(s)

	go alerts.Run()

	s.Run(env.GetDefault("LISTEN_ADDR", ":8080")) // listen and serve
}
Exemple #8
0
func main() {

	r := gin.Default()
	r.Use(AuthMiddleware())

	// Setup seed
	rand.Seed(time.Now().UnixNano())

	// Register actions
	r.POST("/job", postJobAction)
	r.GET("/job/:id", getJobAction)

	r.Run(env.GetDefault("BIND_ADDRESS", ":8080"))
}
Exemple #9
0
func ReadAuthfile() (string, string, error) {

	data, err := ioutil.ReadFile(env.GetDefault("LOGSTASH_AUTHFILE", "./logstash/certs/authfile"))
	if err != nil {
		return "", "", err
	}

	buf := bytes.NewBuffer(data)
	line, err := buf.ReadString('\n')
	if err != nil {
		return "", "", err
	}

	auth := strings.SplitN(string(line), ":", 2)

	return strings.TrimSpace(auth[0]), strings.TrimSpace(auth[1]), nil
}
func validateAuth(username, password string) bool {

	// Password sha1
	password = fmt.Sprintf("%x", sha1.Sum([]byte(password)))

	// Re-open auth file each time, to avoid reloading it
	file, err := os.Open(env.GetDefault("AUTH_FILE", "access"))
	if err != nil {
		panic(err)
	}
	defer file.Close()

	// Scan line by line
	scanner := bufio.NewScanner(file)
	for scanner.Scan() {
		line := scanner.Text()
		if line[0] == '#' {
			continue
		}

		// Split format: username:sha1_password
		splited := strings.SplitN(line, `:`, 2)
		if len(splited) != 2 {
			continue
		}

		log.Println(splited, username, password)
		// Check credentials
		if splited[0] == username && splited[1] == password {
			return true
		}
	}

	if err := scanner.Err(); err != nil {
		panic(err)
	}

	log.Println("Bad password")

	return false

}
Exemple #11
0
func LogstashRefreshTagsFilters() error {

	// Get all node
	nodes, err := NodeMapper.FetchAll()
	if err != nil {
		return err
	}

	filters := logstash.NewTagFilters()

	for _, n := range nodes {

		if len(n.Tags) == 0 {
			continue
		}

		var tags = []string{`"karhu"`}
		for _, t := range n.Tags {
			tags = append(tags, strconv.Quote(t))

		}

		log.Println("tags:", tags)

		filters.AddFilter(
			logstash.NewFilter("[host] == " + strconv.Quote(n.Hostname)).
				Mutate(logstash.NewMutate("karhu_tags", fmt.Sprintf("[ %s ]", strings.Join(tags, ", ")))))
	}

	data, err := filters.Marshal()
	if err != nil {
		return err
	}

	log.Println(string(data))

	if err := ioutil.WriteFile(env.GetDefault("LOGSTASH_TAGS_FILTERS", "./logstash/conf.d/10-tags-filters.conf"), data, 0644); err != nil {
		return err
	}

	return nil
}
Exemple #12
0
func newFSDriver() storageDriver {

	return &fsDriver{
		BaseDir: env.GetDefault("STORAGE_PATH", "./data"),
	}
}
Exemple #13
0
package alerts

import (
	"errors"
	// "fmt"
	"github.com/gotoolz/env"
	"github.com/karhuteam/karhu/models"
	"log"
	"os/exec"
	"path"
)

var nagiosPluginsPath = env.GetDefault("NAGIOS_PLUGINS_DIR", "/usr/lib/nagios/plugins")

type CheckNagios struct {
	Policy *models.AlertPolicy
	Plugin string
	Params string
}

func NewCheckNagios(policy *models.AlertPolicy) (*CheckNagios, error) {

	return &CheckNagios{
		Policy: policy,
		Plugin: policy.NagiosPlugin,
		Params: policy.NagiosParams,
	}, nil
}

func (c *CheckNagios) command() string {
Exemple #14
0
func (pc *NodeController) getRegisterSH(c *gin.Context) {

	publicKey, err := ssh.GetPublicKey()
	if err != nil {
		panic(err)
	}

	karhuHost := env.GetDefault("PUBLIC_HOST", "http://127.0.0.1:8080")
	logstashIP := env.GetDefault("LOGSTASH_IP", "127.0.0.1")
	collectdUser, collectdPassword, err := logstash.ReadAuthfile()
	if err != nil {
		panic(err)
	}

	log.Println("URL:", c.Request.URL)

	clientIP := c.ClientIP()

	basicAuth := ""
	if auth := env.Get("BASIC_AUTH"); auth != "" {
		basicAuth = `"-u ` + auth + `"`
	}

	c.String(http.StatusOK, fmt.Sprintf(`
#!/bin/bash
echo "Registering host on Karhu..."; echo
KARHU_HOST=%s
LOGSTASH_IP=%s
PUBLIC_KEY='%s'
LOGSTASH_CRT_URL=$KARHU_HOST/api/nodes/config/logstash.crt
LOGSTASH_CRT_PATH=/etc/filebeat/certs/logstash.crt
FILEBEAT_CONFIG_URL=$KARHU_HOST/api/nodes/config/filebeat.yml
FILEBEAT_CONFIG_PATH=/etc/filebeat/filebeat.yml
AUTHORIZED_KEYS_DIR=%s
AUTHORIZED_KEYS_FILE=%s
CLIENT_IP=%s
SSH_PORT=%s
SSH_USER=$(whoami)
BASIC_AUTH=%s
SETUP_MONITORING=%s
INFLUXDB_COLLECTD_HOST=%s
INFLUXDB_COLLECTD_PORT=%s
COLLECTD_USERNAME=%s
COLLECTD_PASSWORD=%s
COLLECTD_CONFIG_PATH=/etc/collectd/collectd.conf.d/karhu.conf
NO_REGISTER=%s

SUDO=
if [ "$SSH_USER" != "root" ]; then
	echo "Check sudo..."
	sudo -n true
	if [ "$?" != "0" ]; then
		echo "You need root access or sudo without password..."
		exit 1
	fi
	SUDO=sudo
fi

if [ "$NO_REGISTER" != "1" ]; then

	if [ ! -d "$AUTHORIZED_KEYS_DIR" ]; then
		mkdir -p $AUTHORIZED_KEYS_DIR || exit 1
	fi

	if [ ! -f "$AUTHORIZED_KEYS_FILE" ]; then
		touch $AUTHORIZED_KEYS_FILE || exit 1
	fi

	echo "Setting up ssh keys..."
	grep -q -F "$(echo $PUBLIC_KEY)" $AUTHORIZED_KEYS_FILE || echo $PUBLIC_KEY >> $AUTHORIZED_KEYS_FILE

	echo "Registering node..."
	curl --fail $BASIC_AUTH -X POST $KARHU_HOST/api/nodes -d hostname=$(hostname) -d ip=$CLIENT_IP -d ssh_port=$SSH_PORT -d ssh_user=$SSH_USER || exit 1
	echo
fi
if [ "$SETUP_MONITORING" = "1" ]; then

	echo "Setup logstash host"
	$SUDO sed '/ karhu$/{h;s/.*/'$LOGSTASH_IP' karhu/};${x;/^$/{s//'$LOGSTASH_IP' karhu/;H};x}' -i /etc/hosts

	echo "Setup monitoring..."
	if [ ! -f "$(which collectd)" ]; then
		$SUDO apt-get update || exit 1
		$SUDO apt-get install -y --no-install-recommends collectd || exit 1
	fi
	echo "LoadPlugin network
<Plugin "network">
    <Server \"karhu\" \"$INFLUXDB_COLLECTD_PORT\">
		SecurityLevel "Encrypt"
		Username "$COLLECTD_USERNAME"
		Password "$COLLECTD_PASSWORD"
	</Server>
</Plugin>" | $SUDO tee $COLLECTD_CONFIG_PATH || exit 1
	echo "Restard collectd"
	$SUDO service collectd restart || exit 1

	# Setup filebeat
	if [ ! -f "$(which filebeat)" ]; then
		echo "deb https://packages.elastic.co/beats/apt stable main" |  $SUDO tee /etc/apt/sources.list.d/beats.list || exit 1
		curl -L https://packages.elastic.co/GPG-KEY-elasticsearch | $SUDO apt-key add - || exit 1
		$SUDO apt-get update || exit 1
		$SUDO apt-get install -y filebeat || exit 1
	fi

	if [ ! -d "$(dirname $LOGSTASH_CRT_PATH)" ]; then
		$SUDO mkdir -p $(dirname $LOGSTASH_CRT_PATH) || exit 1
	fi

	# setup crt
	$SUDO curl $BASIC_AUTH -o $LOGSTASH_CRT_PATH $LOGSTASH_CRT_URL || exit 1
	# setup config
	$SUDO curl $BASIC_AUTH -o $FILEBEAT_CONFIG_PATH $FILEBEAT_CONFIG_URL || exit 1

	$SUDO service filebeat restart || exit 1
fi

# Alerts
$SUDO apt-get install -y nagios-plugins

echo "Done."`, karhuHost, logstashIP, publicKey, ssh.SSH_AUTHORIZED_KEYS_DIR, ssh.AuthorizedKeysPath(), clientIP, c.DefaultQuery("ssh_port", "22") /*, c.DefaultQuery("ssh_user", "root") */, basicAuth, c.DefaultQuery("monit", "1"), env.Get("INFLUXDB_COLLECTD_HOST"), env.Get("INFLUXDB_COLLECTD_PORT"), collectdUser, collectdPassword, c.DefaultQuery("noreg", "0")))
}
Exemple #15
0
package models

import (
	"encoding/json"
	"errors"
	"fmt"
	"github.com/gotoolz/env"
	"io"
	"io/ioutil"
	// "log"
	"net/http"
	"strings"
)

var esHost = env.GetDefault("ES_HOST", "http://127.0.0.1:9200")

type Hits struct {
	Total    int64   `json:"total"`
	MaxScore float32 `json:"max_score"`
	Hits     []Hit   `json:"hits"`
}
type Hit struct {
	Index  string           `json:"_index"`
	Type   string           `json:"_type"`
	Id     string           `json:"_id"`
	Score  float32          `json:"_score"`
	Source *json.RawMessage `json:"_source"`
}

type SearchResult struct {
	Took     int   `json:"took"`