mirror of https://github.com/jumpserver/jumpserver
feat: 添加组件监控;TerminalModel添加type字段; (#5206)
* feat: 添加组件监控;TerminalModel添加type字段; * feat: Terminal序列类添加type字段 * feat: Terminal序列类添加type字段为只读 * feat: 修改组件status文案 * feat: 取消上传组件状态序列类count字段 * reactor: 修改termina/models目录结构 * feat: 修改ComponentTypeChoices * feat: 取消考虑CoreComponent类型 * feat: 修改Terminal status判断逻辑 * feat: 终端列表添加status过滤; 组件状态序列类添加default值 * feat: 添加PrometheusMetricsAPI * feat: 修改PrometheusMetricsAPI Co-authored-by: Bai <bugatti_it@163.com>pull/5221/head
parent
d4feaf1e08
commit
856e7c16e5
|
@ -2,13 +2,14 @@ from django.core.cache import cache
|
|||
from django.utils import timezone
|
||||
from django.utils.timesince import timesince
|
||||
from django.db.models import Count, Max
|
||||
from django.http.response import JsonResponse
|
||||
from django.http.response import JsonResponse, HttpResponse
|
||||
from rest_framework.views import APIView
|
||||
from collections import Counter
|
||||
|
||||
from users.models import User
|
||||
from assets.models import Asset
|
||||
from terminal.models import Session
|
||||
from terminal.utils import ComponentsPrometheusMetricsUtil
|
||||
from orgs.utils import current_org
|
||||
from common.permissions import IsOrgAdmin, IsOrgAuditor
|
||||
from common.utils import lazyproperty
|
||||
|
@ -305,3 +306,11 @@ class IndexApi(TotalCountMixin, DatesLoginMetricMixin, APIView):
|
|||
return JsonResponse(data, status=200)
|
||||
|
||||
|
||||
class PrometheusMetricsApi(APIView):
|
||||
permission_classes = ()
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
util = ComponentsPrometheusMetricsUtil()
|
||||
metrics_text = util.get_prometheus_metrics_text()
|
||||
return HttpResponse(metrics_text, content_type='text/plain; version=0.0.4; charset=utf-8')
|
||||
|
||||
|
|
|
@ -23,6 +23,7 @@ api_v1 = [
|
|||
path('common/', include('common.urls.api_urls', namespace='api-common')),
|
||||
path('applications/', include('applications.urls.api_urls', namespace='api-applications')),
|
||||
path('tickets/', include('tickets.urls.api_urls', namespace='api-tickets')),
|
||||
path('prometheus/metrics/', api.PrometheusMetricsApi.as_view())
|
||||
]
|
||||
|
||||
api_v2 = [
|
||||
|
|
|
@ -5,3 +5,4 @@ from .session import *
|
|||
from .command import *
|
||||
from .task import *
|
||||
from .storage import *
|
||||
from .component import *
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
||||
import logging
|
||||
from rest_framework import generics, status
|
||||
from rest_framework.views import Response
|
||||
|
||||
from .. import serializers
|
||||
from ..utils import ComponentsMetricsUtil
|
||||
from common.permissions import IsAppUser, IsSuperUser
|
||||
|
||||
logger = logging.getLogger(__file__)
|
||||
|
||||
|
||||
__all__ = [
|
||||
'ComponentsStateAPIView', 'ComponentsMetricsAPIView',
|
||||
]
|
||||
|
||||
|
||||
class ComponentsStateAPIView(generics.CreateAPIView):
|
||||
""" koko, guacamole, omnidb 上报状态 """
|
||||
permission_classes = (IsAppUser,)
|
||||
serializer_class = serializers.ComponentsStateSerializer
|
||||
|
||||
|
||||
class ComponentsMetricsAPIView(generics.GenericAPIView):
|
||||
""" 返回汇总组件指标数据 """
|
||||
permission_classes = (IsSuperUser,)
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
component_type = request.query_params.get('type')
|
||||
util = ComponentsMetricsUtil(component_type)
|
||||
metrics = util.get_metrics()
|
||||
return Response(metrics, status=status.HTTP_200_OK)
|
|
@ -27,7 +27,7 @@ class TerminalViewSet(JMSBulkModelViewSet):
|
|||
queryset = Terminal.objects.filter(is_deleted=False)
|
||||
serializer_class = serializers.TerminalSerializer
|
||||
permission_classes = (IsSuperUser,)
|
||||
filter_fields = ['name', 'remote_addr']
|
||||
filter_fields = ['name', 'remote_addr', 'type']
|
||||
|
||||
def create(self, request, *args, **kwargs):
|
||||
if isinstance(request.data, list):
|
||||
|
@ -60,6 +60,15 @@ class TerminalViewSet(JMSBulkModelViewSet):
|
|||
logger.error("Register terminal error: {}".format(data))
|
||||
return Response(data, status=400)
|
||||
|
||||
def filter_queryset(self, queryset):
|
||||
queryset = super().filter_queryset(queryset)
|
||||
status = self.request.query_params.get('status')
|
||||
if not status:
|
||||
return queryset
|
||||
filtered_queryset_id = [str(q.id) for q in queryset if q.status == status]
|
||||
queryset = queryset.filter(id__in=filtered_queryset_id)
|
||||
return queryset
|
||||
|
||||
def get_permissions(self):
|
||||
if self.action == "create":
|
||||
self.permission_classes = (AllowAny,)
|
||||
|
@ -104,15 +113,11 @@ class StatusViewSet(viewsets.ModelViewSet):
|
|||
task_serializer_class = serializers.TaskSerializer
|
||||
|
||||
def create(self, request, *args, **kwargs):
|
||||
self.handle_status(request)
|
||||
self.handle_sessions()
|
||||
tasks = self.request.user.terminal.task_set.filter(is_finished=False)
|
||||
serializer = self.task_serializer_class(tasks, many=True)
|
||||
return Response(serializer.data, status=201)
|
||||
|
||||
def handle_status(self, request):
|
||||
request.user.terminal.is_alive = True
|
||||
|
||||
def handle_sessions(self):
|
||||
sessions_id = self.request.data.get('sessions', [])
|
||||
# guacamole 上报的 session 是字符串
|
||||
|
|
|
@ -108,3 +108,27 @@ COMMAND_STORAGE_TYPE_CHOICES_EXTENDS = [
|
|||
COMMAND_STORAGE_TYPE_CHOICES = COMMAND_STORAGE_TYPE_CHOICES_DEFAULT + \
|
||||
COMMAND_STORAGE_TYPE_CHOICES_EXTENDS
|
||||
|
||||
|
||||
from django.db.models import TextChoices
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
|
||||
class ComponentStatusChoices(TextChoices):
|
||||
critical = 'critical', _('Critical')
|
||||
high = 'high', _('High')
|
||||
normal = 'normal', _('Normal')
|
||||
|
||||
@classmethod
|
||||
def status(cls):
|
||||
return set(dict(cls.choices).keys())
|
||||
|
||||
|
||||
class TerminalTypeChoices(TextChoices):
|
||||
koko = 'koko', 'KoKo'
|
||||
guacamole = 'guacamole', 'Guacamole'
|
||||
omnidb = 'omnidb', 'OmniDB'
|
||||
|
||||
@classmethod
|
||||
def types(cls):
|
||||
return set(dict(cls.choices).keys())
|
||||
|
||||
|
|
|
@ -0,0 +1,42 @@
|
|||
# Generated by Django 3.1 on 2020-12-10 07:05
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
TERMINAL_TYPE_KOKO = 'koko'
|
||||
TERMINAL_TYPE_GUACAMOLE = 'guacamole'
|
||||
TERMINAL_TYPE_OMNIDB = 'omnidb'
|
||||
|
||||
|
||||
def migrate_terminal_type(apps, schema_editor):
|
||||
terminal_model = apps.get_model("terminal", "Terminal")
|
||||
db_alias = schema_editor.connection.alias
|
||||
terminals = terminal_model.objects.using(db_alias).all()
|
||||
for terminal in terminals:
|
||||
name = terminal.name.lower()
|
||||
if 'koko' in name:
|
||||
_type = TERMINAL_TYPE_KOKO
|
||||
elif 'gua' in name:
|
||||
_type = TERMINAL_TYPE_GUACAMOLE
|
||||
elif 'omnidb' in name:
|
||||
_type = TERMINAL_TYPE_OMNIDB
|
||||
else:
|
||||
_type = TERMINAL_TYPE_KOKO
|
||||
terminal.type = _type
|
||||
terminal_model.objects.bulk_update(terminals, ['type'])
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('terminal', '0029_auto_20201116_1757'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name='terminal',
|
||||
name='type',
|
||||
field=models.CharField(choices=[('koko', 'KoKo'), ('guacamole', 'Guacamole'), ('omnidb', 'OmniDB')], default='koko', max_length=64, verbose_name='type'),
|
||||
preserve_default=False,
|
||||
),
|
||||
migrations.RunPython(migrate_terminal_type)
|
||||
]
|
|
@ -1,486 +0,0 @@
|
|||
from __future__ import unicode_literals
|
||||
|
||||
import os
|
||||
import uuid
|
||||
import jms_storage
|
||||
|
||||
from django.db import models
|
||||
from django.db.models.signals import post_save
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.utils import timezone
|
||||
from django.conf import settings
|
||||
from django.core.files.storage import default_storage
|
||||
from django.core.cache import cache
|
||||
|
||||
from assets.models import Asset
|
||||
from users.models import User
|
||||
from orgs.mixins.models import OrgModelMixin
|
||||
from common.mixins import CommonModelMixin
|
||||
from common.fields.model import EncryptJsonDictTextField
|
||||
from common.db.models import ChoiceSet
|
||||
from .backends import get_multi_command_storage
|
||||
from .backends.command.models import AbstractSessionCommand
|
||||
from . import const
|
||||
|
||||
|
||||
class Terminal(models.Model):
|
||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||
name = models.CharField(max_length=128, verbose_name=_('Name'))
|
||||
remote_addr = models.CharField(max_length=128, blank=True, verbose_name=_('Remote Address'))
|
||||
ssh_port = models.IntegerField(verbose_name=_('SSH Port'), default=2222)
|
||||
http_port = models.IntegerField(verbose_name=_('HTTP Port'), default=5000)
|
||||
command_storage = models.CharField(max_length=128, verbose_name=_("Command storage"), default='default')
|
||||
replay_storage = models.CharField(max_length=128, verbose_name=_("Replay storage"), default='default')
|
||||
user = models.OneToOneField(User, related_name='terminal', verbose_name='Application User', null=True, on_delete=models.CASCADE)
|
||||
is_accepted = models.BooleanField(default=False, verbose_name='Is Accepted')
|
||||
is_deleted = models.BooleanField(default=False)
|
||||
date_created = models.DateTimeField(auto_now_add=True)
|
||||
comment = models.TextField(blank=True, verbose_name=_('Comment'))
|
||||
STATUS_KEY_PREFIX = 'terminal_status_'
|
||||
|
||||
@property
|
||||
def is_alive(self):
|
||||
key = self.STATUS_KEY_PREFIX + str(self.id)
|
||||
return bool(cache.get(key))
|
||||
|
||||
@is_alive.setter
|
||||
def is_alive(self, value):
|
||||
key = self.STATUS_KEY_PREFIX + str(self.id)
|
||||
cache.set(key, value, 60)
|
||||
|
||||
@property
|
||||
def is_active(self):
|
||||
if self.user and self.user.is_active:
|
||||
return True
|
||||
return False
|
||||
|
||||
@is_active.setter
|
||||
def is_active(self, active):
|
||||
if self.user:
|
||||
self.user.is_active = active
|
||||
self.user.save()
|
||||
|
||||
def get_command_storage(self):
|
||||
storage = CommandStorage.objects.filter(name=self.command_storage).first()
|
||||
return storage
|
||||
|
||||
def get_command_storage_config(self):
|
||||
s = self.get_command_storage()
|
||||
if s:
|
||||
config = s.config
|
||||
else:
|
||||
config = settings.DEFAULT_TERMINAL_COMMAND_STORAGE
|
||||
return config
|
||||
|
||||
def get_command_storage_setting(self):
|
||||
config = self.get_command_storage_config()
|
||||
return {"TERMINAL_COMMAND_STORAGE": config}
|
||||
|
||||
def get_replay_storage(self):
|
||||
storage = ReplayStorage.objects.filter(name=self.replay_storage).first()
|
||||
return storage
|
||||
|
||||
def get_replay_storage_config(self):
|
||||
s = self.get_replay_storage()
|
||||
if s:
|
||||
config = s.config
|
||||
else:
|
||||
config = settings.DEFAULT_TERMINAL_REPLAY_STORAGE
|
||||
return config
|
||||
|
||||
def get_replay_storage_setting(self):
|
||||
config = self.get_replay_storage_config()
|
||||
return {"TERMINAL_REPLAY_STORAGE": config}
|
||||
|
||||
@staticmethod
|
||||
def get_login_title_setting():
|
||||
login_title = None
|
||||
if settings.XPACK_ENABLED:
|
||||
from xpack.plugins.interface.models import Interface
|
||||
login_title = Interface.get_login_title()
|
||||
return {'TERMINAL_HEADER_TITLE': login_title}
|
||||
|
||||
@property
|
||||
def config(self):
|
||||
configs = {}
|
||||
for k in dir(settings):
|
||||
if not k.startswith('TERMINAL'):
|
||||
continue
|
||||
configs[k] = getattr(settings, k)
|
||||
configs.update(self.get_command_storage_setting())
|
||||
configs.update(self.get_replay_storage_setting())
|
||||
configs.update(self.get_login_title_setting())
|
||||
configs.update({
|
||||
'SECURITY_MAX_IDLE_TIME': settings.SECURITY_MAX_IDLE_TIME
|
||||
})
|
||||
return configs
|
||||
|
||||
@property
|
||||
def service_account(self):
|
||||
return self.user
|
||||
|
||||
def create_app_user(self):
|
||||
random = uuid.uuid4().hex[:6]
|
||||
user, access_key = User.create_app_user(
|
||||
name="{}-{}".format(self.name, random), comment=self.comment
|
||||
)
|
||||
self.user = user
|
||||
self.save()
|
||||
return user, access_key
|
||||
|
||||
def delete(self, using=None, keep_parents=False):
|
||||
if self.user:
|
||||
self.user.delete()
|
||||
self.user = None
|
||||
self.is_deleted = True
|
||||
self.save()
|
||||
return
|
||||
|
||||
def __str__(self):
|
||||
status = "Active"
|
||||
if not self.is_accepted:
|
||||
status = "NotAccept"
|
||||
elif self.is_deleted:
|
||||
status = "Deleted"
|
||||
elif not self.is_active:
|
||||
status = "Disable"
|
||||
return '%s: %s' % (self.name, status)
|
||||
|
||||
class Meta:
|
||||
ordering = ('is_accepted',)
|
||||
db_table = "terminal"
|
||||
|
||||
|
||||
class Status(models.Model):
|
||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||
session_online = models.IntegerField(verbose_name=_("Session Online"), default=0)
|
||||
cpu_used = models.FloatField(verbose_name=_("CPU Usage"))
|
||||
memory_used = models.FloatField(verbose_name=_("Memory Used"))
|
||||
connections = models.IntegerField(verbose_name=_("Connections"))
|
||||
threads = models.IntegerField(verbose_name=_("Threads"))
|
||||
boot_time = models.FloatField(verbose_name=_("Boot Time"))
|
||||
terminal = models.ForeignKey(Terminal, null=True, on_delete=models.CASCADE)
|
||||
date_created = models.DateTimeField(auto_now_add=True)
|
||||
|
||||
class Meta:
|
||||
db_table = 'terminal_status'
|
||||
get_latest_by = 'date_created'
|
||||
|
||||
def __str__(self):
|
||||
return self.date_created.strftime("%Y-%m-%d %H:%M:%S")
|
||||
|
||||
|
||||
class Session(OrgModelMixin):
|
||||
class LOGIN_FROM(ChoiceSet):
|
||||
ST = 'ST', 'SSH Terminal'
|
||||
WT = 'WT', 'Web Terminal'
|
||||
|
||||
class PROTOCOL(ChoiceSet):
|
||||
SSH = 'ssh', 'ssh'
|
||||
RDP = 'rdp', 'rdp'
|
||||
VNC = 'vnc', 'vnc'
|
||||
TELNET = 'telnet', 'telnet'
|
||||
MYSQL = 'mysql', 'mysql'
|
||||
ORACLE = 'oracle', 'oracle'
|
||||
MARIADB = 'mariadb', 'mariadb'
|
||||
POSTGRESQL = 'postgresql', 'postgresql'
|
||||
K8S = 'k8s', 'kubernetes'
|
||||
|
||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||
user = models.CharField(max_length=128, verbose_name=_("User"), db_index=True)
|
||||
user_id = models.CharField(blank=True, default='', max_length=36, db_index=True)
|
||||
asset = models.CharField(max_length=128, verbose_name=_("Asset"), db_index=True)
|
||||
asset_id = models.CharField(blank=True, default='', max_length=36, db_index=True)
|
||||
system_user = models.CharField(max_length=128, verbose_name=_("System user"), db_index=True)
|
||||
system_user_id = models.CharField(blank=True, default='', max_length=36, db_index=True)
|
||||
login_from = models.CharField(max_length=2, choices=LOGIN_FROM.choices, default="ST", verbose_name=_("Login from"))
|
||||
remote_addr = models.CharField(max_length=128, verbose_name=_("Remote addr"), blank=True, null=True)
|
||||
is_success = models.BooleanField(default=True, db_index=True)
|
||||
is_finished = models.BooleanField(default=False, db_index=True)
|
||||
has_replay = models.BooleanField(default=False, verbose_name=_("Replay"))
|
||||
has_command = models.BooleanField(default=False, verbose_name=_("Command"))
|
||||
terminal = models.ForeignKey(Terminal, null=True, on_delete=models.DO_NOTHING, db_constraint=False)
|
||||
protocol = models.CharField(choices=PROTOCOL.choices, default='ssh', max_length=16, db_index=True)
|
||||
date_start = models.DateTimeField(verbose_name=_("Date start"), db_index=True, default=timezone.now)
|
||||
date_end = models.DateTimeField(verbose_name=_("Date end"), null=True)
|
||||
|
||||
upload_to = 'replay'
|
||||
ACTIVE_CACHE_KEY_PREFIX = 'SESSION_ACTIVE_{}'
|
||||
_DATE_START_FIRST_HAS_REPLAY_RDP_SESSION = None
|
||||
|
||||
def get_rel_replay_path(self, version=2):
|
||||
"""
|
||||
获取session日志的文件路径
|
||||
:param version: 原来后缀是 .gz,为了统一新版本改为 .replay.gz
|
||||
:return:
|
||||
"""
|
||||
suffix = '.replay.gz'
|
||||
if version == 1:
|
||||
suffix = '.gz'
|
||||
date = self.date_start.strftime('%Y-%m-%d')
|
||||
return os.path.join(date, str(self.id) + suffix)
|
||||
|
||||
def get_local_path(self, version=2):
|
||||
rel_path = self.get_rel_replay_path(version=version)
|
||||
if version == 2:
|
||||
local_path = os.path.join(self.upload_to, rel_path)
|
||||
else:
|
||||
local_path = rel_path
|
||||
return local_path
|
||||
|
||||
@property
|
||||
def asset_obj(self):
|
||||
return Asset.objects.get(id=self.asset_id)
|
||||
|
||||
@property
|
||||
def _date_start_first_has_replay_rdp_session(self):
|
||||
if self.__class__._DATE_START_FIRST_HAS_REPLAY_RDP_SESSION is None:
|
||||
instance = self.__class__.objects.filter(
|
||||
protocol='rdp', has_replay=True
|
||||
).order_by('date_start').first()
|
||||
if not instance:
|
||||
date_start = timezone.now() - timezone.timedelta(days=365)
|
||||
else:
|
||||
date_start = instance.date_start
|
||||
self.__class__._DATE_START_FIRST_HAS_REPLAY_RDP_SESSION = date_start
|
||||
return self.__class__._DATE_START_FIRST_HAS_REPLAY_RDP_SESSION
|
||||
|
||||
def can_replay(self):
|
||||
if self.has_replay:
|
||||
return True
|
||||
if self.date_start < self._date_start_first_has_replay_rdp_session:
|
||||
return True
|
||||
return False
|
||||
|
||||
@property
|
||||
def can_join(self):
|
||||
_PROTOCOL = self.PROTOCOL
|
||||
if self.is_finished:
|
||||
return False
|
||||
if self.protocol in [_PROTOCOL.SSH, _PROTOCOL.TELNET, _PROTOCOL.K8S]:
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
|
||||
@property
|
||||
def db_protocols(self):
|
||||
_PROTOCOL = self.PROTOCOL
|
||||
return [_PROTOCOL.MYSQL, _PROTOCOL.MARIADB, _PROTOCOL.ORACLE, _PROTOCOL.POSTGRESQL]
|
||||
|
||||
@property
|
||||
def can_terminate(self):
|
||||
_PROTOCOL = self.PROTOCOL
|
||||
if self.is_finished:
|
||||
return False
|
||||
if self.protocol in self.db_protocols:
|
||||
return False
|
||||
else:
|
||||
return True
|
||||
|
||||
def save_replay_to_storage(self, f):
|
||||
local_path = self.get_local_path()
|
||||
try:
|
||||
name = default_storage.save(local_path, f)
|
||||
except OSError as e:
|
||||
return None, e
|
||||
|
||||
if settings.SERVER_REPLAY_STORAGE:
|
||||
from .tasks import upload_session_replay_to_external_storage
|
||||
upload_session_replay_to_external_storage.delay(str(self.id))
|
||||
return name, None
|
||||
|
||||
@classmethod
|
||||
def set_sessions_active(cls, sessions_id):
|
||||
data = {cls.ACTIVE_CACHE_KEY_PREFIX.format(i): i for i in sessions_id}
|
||||
cache.set_many(data, timeout=5*60)
|
||||
|
||||
@classmethod
|
||||
def get_active_sessions(cls):
|
||||
return cls.objects.filter(is_finished=False)
|
||||
|
||||
def is_active(self):
|
||||
if self.protocol in ['ssh', 'telnet', 'rdp', 'mysql']:
|
||||
key = self.ACTIVE_CACHE_KEY_PREFIX.format(self.id)
|
||||
return bool(cache.get(key))
|
||||
return True
|
||||
|
||||
@property
|
||||
def command_amount(self):
|
||||
command_store = get_multi_command_storage()
|
||||
return command_store.count(session=str(self.id))
|
||||
|
||||
@property
|
||||
def login_from_display(self):
|
||||
return self.get_login_from_display()
|
||||
|
||||
@classmethod
|
||||
def generate_fake(cls, count=100, is_finished=True):
|
||||
import random
|
||||
from orgs.models import Organization
|
||||
from users.models import User
|
||||
from assets.models import Asset, SystemUser
|
||||
from orgs.utils import get_current_org
|
||||
from common.utils.random import random_datetime, random_ip
|
||||
|
||||
org = get_current_org()
|
||||
if not org or not org.is_real():
|
||||
Organization.default().change_to()
|
||||
i = 0
|
||||
users = User.objects.all()[:100]
|
||||
assets = Asset.objects.all()[:100]
|
||||
system_users = SystemUser.objects.all()[:100]
|
||||
while i < count:
|
||||
user_random = random.choices(users, k=10)
|
||||
assets_random = random.choices(assets, k=10)
|
||||
system_users = random.choices(system_users, k=10)
|
||||
|
||||
ziped = zip(user_random, assets_random, system_users)
|
||||
sessions = []
|
||||
now = timezone.now()
|
||||
month_ago = now - timezone.timedelta(days=30)
|
||||
for user, asset, system_user in ziped:
|
||||
ip = random_ip()
|
||||
date_start = random_datetime(month_ago, now)
|
||||
date_end = random_datetime(date_start, date_start+timezone.timedelta(hours=2))
|
||||
data = dict(
|
||||
user=str(user), user_id=user.id,
|
||||
asset=str(asset), asset_id=asset.id,
|
||||
system_user=str(system_user), system_user_id=system_user.id,
|
||||
remote_addr=ip,
|
||||
date_start=date_start,
|
||||
date_end=date_end,
|
||||
is_finished=is_finished,
|
||||
)
|
||||
sessions.append(Session(**data))
|
||||
cls.objects.bulk_create(sessions)
|
||||
i += 10
|
||||
|
||||
class Meta:
|
||||
db_table = "terminal_session"
|
||||
ordering = ["-date_start"]
|
||||
|
||||
def __str__(self):
|
||||
return "{0.id} of {0.user} to {0.asset}".format(self)
|
||||
|
||||
|
||||
class Task(models.Model):
|
||||
NAME_CHOICES = (
|
||||
("kill_session", "Kill Session"),
|
||||
)
|
||||
|
||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||
name = models.CharField(max_length=128, choices=NAME_CHOICES, verbose_name=_("Name"))
|
||||
args = models.CharField(max_length=1024, verbose_name=_("Args"))
|
||||
terminal = models.ForeignKey(Terminal, null=True, on_delete=models.SET_NULL)
|
||||
is_finished = models.BooleanField(default=False)
|
||||
date_created = models.DateTimeField(auto_now_add=True)
|
||||
date_finished = models.DateTimeField(null=True)
|
||||
|
||||
class Meta:
|
||||
db_table = "terminal_task"
|
||||
|
||||
|
||||
class CommandManager(models.Manager):
|
||||
def bulk_create(self, objs, **kwargs):
|
||||
resp = super().bulk_create(objs, **kwargs)
|
||||
for i in objs:
|
||||
post_save.send(i.__class__, instance=i, created=True)
|
||||
return resp
|
||||
|
||||
|
||||
class Command(AbstractSessionCommand):
|
||||
objects = CommandManager()
|
||||
|
||||
class Meta:
|
||||
db_table = "terminal_command"
|
||||
ordering = ('-timestamp',)
|
||||
|
||||
|
||||
class CommandStorage(CommonModelMixin):
|
||||
TYPE_CHOICES = const.COMMAND_STORAGE_TYPE_CHOICES
|
||||
TYPE_DEFAULTS = dict(const.REPLAY_STORAGE_TYPE_CHOICES_DEFAULT).keys()
|
||||
TYPE_SERVER = const.COMMAND_STORAGE_TYPE_SERVER
|
||||
|
||||
name = models.CharField(max_length=128, verbose_name=_("Name"), unique=True)
|
||||
type = models.CharField(
|
||||
max_length=16, choices=TYPE_CHOICES, verbose_name=_('Type'),
|
||||
default=TYPE_SERVER
|
||||
)
|
||||
meta = EncryptJsonDictTextField(default={})
|
||||
comment = models.TextField(
|
||||
max_length=128, default='', blank=True, verbose_name=_('Comment')
|
||||
)
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
@property
|
||||
def config(self):
|
||||
config = self.meta
|
||||
config.update({'TYPE': self.type})
|
||||
return config
|
||||
|
||||
def in_defaults(self):
|
||||
return self.type in self.TYPE_DEFAULTS
|
||||
|
||||
def is_valid(self):
|
||||
if self.in_defaults():
|
||||
return True
|
||||
storage = jms_storage.get_log_storage(self.config)
|
||||
return storage.ping()
|
||||
|
||||
def is_using(self):
|
||||
return Terminal.objects.filter(command_storage=self.name).exists()
|
||||
|
||||
|
||||
class ReplayStorage(CommonModelMixin):
|
||||
TYPE_CHOICES = const.REPLAY_STORAGE_TYPE_CHOICES
|
||||
TYPE_SERVER = const.REPLAY_STORAGE_TYPE_SERVER
|
||||
TYPE_DEFAULTS = dict(const.REPLAY_STORAGE_TYPE_CHOICES_DEFAULT).keys()
|
||||
|
||||
name = models.CharField(max_length=128, verbose_name=_("Name"), unique=True)
|
||||
type = models.CharField(
|
||||
max_length=16, choices=TYPE_CHOICES, verbose_name=_('Type'),
|
||||
default=TYPE_SERVER
|
||||
)
|
||||
meta = EncryptJsonDictTextField(default={})
|
||||
comment = models.TextField(
|
||||
max_length=128, default='', blank=True, verbose_name=_('Comment')
|
||||
)
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
def convert_type(self):
|
||||
s3_type_list = [const.REPLAY_STORAGE_TYPE_CEPH]
|
||||
tp = self.type
|
||||
if tp in s3_type_list:
|
||||
tp = const.REPLAY_STORAGE_TYPE_S3
|
||||
return tp
|
||||
|
||||
def get_extra_config(self):
|
||||
extra_config = {'TYPE': self.convert_type()}
|
||||
if self.type == const.REPLAY_STORAGE_TYPE_SWIFT:
|
||||
extra_config.update({'signer': 'S3SignerType'})
|
||||
return extra_config
|
||||
|
||||
@property
|
||||
def config(self):
|
||||
config = self.meta
|
||||
extra_config = self.get_extra_config()
|
||||
config.update(extra_config)
|
||||
return config
|
||||
|
||||
def in_defaults(self):
|
||||
return self.type in self.TYPE_DEFAULTS
|
||||
|
||||
def is_valid(self):
|
||||
if self.in_defaults():
|
||||
return True
|
||||
storage = jms_storage.get_object_storage(self.config)
|
||||
target = 'tests.py'
|
||||
src = os.path.join(settings.BASE_DIR, 'common', target)
|
||||
return storage.is_valid(src, target)
|
||||
|
||||
def is_using(self):
|
||||
return Terminal.objects.filter(replay_storage=self.name).exists()
|
|
@ -0,0 +1,6 @@
|
|||
from .command import *
|
||||
from .session import *
|
||||
from .status import *
|
||||
from .storage import *
|
||||
from .task import *
|
||||
from .terminal import *
|
|
@ -0,0 +1,21 @@
|
|||
from __future__ import unicode_literals
|
||||
|
||||
from django.db import models
|
||||
from django.db.models.signals import post_save
|
||||
from ..backends.command.models import AbstractSessionCommand
|
||||
|
||||
|
||||
class CommandManager(models.Manager):
|
||||
def bulk_create(self, objs, **kwargs):
|
||||
resp = super().bulk_create(objs, **kwargs)
|
||||
for i in objs:
|
||||
post_save.send(i.__class__, instance=i, created=True)
|
||||
return resp
|
||||
|
||||
|
||||
class Command(AbstractSessionCommand):
|
||||
objects = CommandManager()
|
||||
|
||||
class Meta:
|
||||
db_table = "terminal_command"
|
||||
ordering = ('-timestamp',)
|
|
@ -0,0 +1,210 @@
|
|||
from __future__ import unicode_literals
|
||||
|
||||
import os
|
||||
import uuid
|
||||
|
||||
from django.db import models
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.utils import timezone
|
||||
from django.conf import settings
|
||||
from django.core.files.storage import default_storage
|
||||
from django.core.cache import cache
|
||||
|
||||
from assets.models import Asset
|
||||
from orgs.mixins.models import OrgModelMixin
|
||||
from common.db.models import ChoiceSet
|
||||
from ..backends import get_multi_command_storage
|
||||
from .terminal import Terminal
|
||||
|
||||
|
||||
class Session(OrgModelMixin):
|
||||
class LOGIN_FROM(ChoiceSet):
|
||||
ST = 'ST', 'SSH Terminal'
|
||||
WT = 'WT', 'Web Terminal'
|
||||
|
||||
class PROTOCOL(ChoiceSet):
|
||||
SSH = 'ssh', 'ssh'
|
||||
RDP = 'rdp', 'rdp'
|
||||
VNC = 'vnc', 'vnc'
|
||||
TELNET = 'telnet', 'telnet'
|
||||
MYSQL = 'mysql', 'mysql'
|
||||
ORACLE = 'oracle', 'oracle'
|
||||
MARIADB = 'mariadb', 'mariadb'
|
||||
POSTGRESQL = 'postgresql', 'postgresql'
|
||||
K8S = 'k8s', 'kubernetes'
|
||||
|
||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||
user = models.CharField(max_length=128, verbose_name=_("User"), db_index=True)
|
||||
user_id = models.CharField(blank=True, default='', max_length=36, db_index=True)
|
||||
asset = models.CharField(max_length=128, verbose_name=_("Asset"), db_index=True)
|
||||
asset_id = models.CharField(blank=True, default='', max_length=36, db_index=True)
|
||||
system_user = models.CharField(max_length=128, verbose_name=_("System user"), db_index=True)
|
||||
system_user_id = models.CharField(blank=True, default='', max_length=36, db_index=True)
|
||||
login_from = models.CharField(max_length=2, choices=LOGIN_FROM.choices, default="ST", verbose_name=_("Login from"))
|
||||
remote_addr = models.CharField(max_length=128, verbose_name=_("Remote addr"), blank=True, null=True)
|
||||
is_success = models.BooleanField(default=True, db_index=True)
|
||||
is_finished = models.BooleanField(default=False, db_index=True)
|
||||
has_replay = models.BooleanField(default=False, verbose_name=_("Replay"))
|
||||
has_command = models.BooleanField(default=False, verbose_name=_("Command"))
|
||||
terminal = models.ForeignKey(Terminal, null=True, on_delete=models.DO_NOTHING, db_constraint=False)
|
||||
protocol = models.CharField(choices=PROTOCOL.choices, default='ssh', max_length=16, db_index=True)
|
||||
date_start = models.DateTimeField(verbose_name=_("Date start"), db_index=True, default=timezone.now)
|
||||
date_end = models.DateTimeField(verbose_name=_("Date end"), null=True)
|
||||
|
||||
upload_to = 'replay'
|
||||
ACTIVE_CACHE_KEY_PREFIX = 'SESSION_ACTIVE_{}'
|
||||
_DATE_START_FIRST_HAS_REPLAY_RDP_SESSION = None
|
||||
|
||||
def get_rel_replay_path(self, version=2):
|
||||
"""
|
||||
获取session日志的文件路径
|
||||
:param version: 原来后缀是 .gz,为了统一新版本改为 .replay.gz
|
||||
:return:
|
||||
"""
|
||||
suffix = '.replay.gz'
|
||||
if version == 1:
|
||||
suffix = '.gz'
|
||||
date = self.date_start.strftime('%Y-%m-%d')
|
||||
return os.path.join(date, str(self.id) + suffix)
|
||||
|
||||
def get_local_path(self, version=2):
|
||||
rel_path = self.get_rel_replay_path(version=version)
|
||||
if version == 2:
|
||||
local_path = os.path.join(self.upload_to, rel_path)
|
||||
else:
|
||||
local_path = rel_path
|
||||
return local_path
|
||||
|
||||
@property
|
||||
def asset_obj(self):
|
||||
return Asset.objects.get(id=self.asset_id)
|
||||
|
||||
@property
|
||||
def _date_start_first_has_replay_rdp_session(self):
|
||||
if self.__class__._DATE_START_FIRST_HAS_REPLAY_RDP_SESSION is None:
|
||||
instance = self.__class__.objects.filter(
|
||||
protocol='rdp', has_replay=True
|
||||
).order_by('date_start').first()
|
||||
if not instance:
|
||||
date_start = timezone.now() - timezone.timedelta(days=365)
|
||||
else:
|
||||
date_start = instance.date_start
|
||||
self.__class__._DATE_START_FIRST_HAS_REPLAY_RDP_SESSION = date_start
|
||||
return self.__class__._DATE_START_FIRST_HAS_REPLAY_RDP_SESSION
|
||||
|
||||
def can_replay(self):
|
||||
if self.has_replay:
|
||||
return True
|
||||
if self.date_start < self._date_start_first_has_replay_rdp_session:
|
||||
return True
|
||||
return False
|
||||
|
||||
@property
|
||||
def can_join(self):
|
||||
_PROTOCOL = self.PROTOCOL
|
||||
if self.is_finished:
|
||||
return False
|
||||
if self.protocol in [_PROTOCOL.SSH, _PROTOCOL.TELNET, _PROTOCOL.K8S]:
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
|
||||
@property
|
||||
def db_protocols(self):
|
||||
_PROTOCOL = self.PROTOCOL
|
||||
return [_PROTOCOL.MYSQL, _PROTOCOL.MARIADB, _PROTOCOL.ORACLE, _PROTOCOL.POSTGRESQL]
|
||||
|
||||
@property
|
||||
def can_terminate(self):
|
||||
_PROTOCOL = self.PROTOCOL
|
||||
if self.is_finished:
|
||||
return False
|
||||
if self.protocol in self.db_protocols:
|
||||
return False
|
||||
else:
|
||||
return True
|
||||
|
||||
def save_replay_to_storage(self, f):
|
||||
local_path = self.get_local_path()
|
||||
try:
|
||||
name = default_storage.save(local_path, f)
|
||||
except OSError as e:
|
||||
return None, e
|
||||
|
||||
if settings.SERVER_REPLAY_STORAGE:
|
||||
from .tasks import upload_session_replay_to_external_storage
|
||||
upload_session_replay_to_external_storage.delay(str(self.id))
|
||||
return name, None
|
||||
|
||||
@classmethod
|
||||
def set_sessions_active(cls, sessions_id):
|
||||
data = {cls.ACTIVE_CACHE_KEY_PREFIX.format(i): i for i in sessions_id}
|
||||
cache.set_many(data, timeout=5*60)
|
||||
|
||||
@classmethod
|
||||
def get_active_sessions(cls):
|
||||
return cls.objects.filter(is_finished=False)
|
||||
|
||||
def is_active(self):
|
||||
if self.protocol in ['ssh', 'telnet', 'rdp', 'mysql']:
|
||||
key = self.ACTIVE_CACHE_KEY_PREFIX.format(self.id)
|
||||
return bool(cache.get(key))
|
||||
return True
|
||||
|
||||
@property
|
||||
def command_amount(self):
|
||||
command_store = get_multi_command_storage()
|
||||
return command_store.count(session=str(self.id))
|
||||
|
||||
@property
|
||||
def login_from_display(self):
|
||||
return self.get_login_from_display()
|
||||
|
||||
@classmethod
|
||||
def generate_fake(cls, count=100, is_finished=True):
|
||||
import random
|
||||
from orgs.models import Organization
|
||||
from users.models import User
|
||||
from assets.models import Asset, SystemUser
|
||||
from orgs.utils import get_current_org
|
||||
from common.utils.random import random_datetime, random_ip
|
||||
|
||||
org = get_current_org()
|
||||
if not org or not org.is_real():
|
||||
Organization.default().change_to()
|
||||
i = 0
|
||||
users = User.objects.all()[:100]
|
||||
assets = Asset.objects.all()[:100]
|
||||
system_users = SystemUser.objects.all()[:100]
|
||||
while i < count:
|
||||
user_random = random.choices(users, k=10)
|
||||
assets_random = random.choices(assets, k=10)
|
||||
system_users = random.choices(system_users, k=10)
|
||||
|
||||
ziped = zip(user_random, assets_random, system_users)
|
||||
sessions = []
|
||||
now = timezone.now()
|
||||
month_ago = now - timezone.timedelta(days=30)
|
||||
for user, asset, system_user in ziped:
|
||||
ip = random_ip()
|
||||
date_start = random_datetime(month_ago, now)
|
||||
date_end = random_datetime(date_start, date_start+timezone.timedelta(hours=2))
|
||||
data = dict(
|
||||
user=str(user), user_id=user.id,
|
||||
asset=str(asset), asset_id=asset.id,
|
||||
system_user=str(system_user), system_user_id=system_user.id,
|
||||
remote_addr=ip,
|
||||
date_start=date_start,
|
||||
date_end=date_end,
|
||||
is_finished=is_finished,
|
||||
)
|
||||
sessions.append(Session(**data))
|
||||
cls.objects.bulk_create(sessions)
|
||||
i += 10
|
||||
|
||||
class Meta:
|
||||
db_table = "terminal_session"
|
||||
ordering = ["-date_start"]
|
||||
|
||||
def __str__(self):
|
||||
return "{0.id} of {0.user} to {0.asset}".format(self)
|
|
@ -0,0 +1,28 @@
|
|||
from __future__ import unicode_literals
|
||||
|
||||
import uuid
|
||||
|
||||
from django.db import models
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
from .terminal import Terminal
|
||||
|
||||
|
||||
class Status(models.Model):
|
||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||
session_online = models.IntegerField(verbose_name=_("Session Online"), default=0)
|
||||
cpu_used = models.FloatField(verbose_name=_("CPU Usage"))
|
||||
memory_used = models.FloatField(verbose_name=_("Memory Used"))
|
||||
connections = models.IntegerField(verbose_name=_("Connections"))
|
||||
threads = models.IntegerField(verbose_name=_("Threads"))
|
||||
boot_time = models.FloatField(verbose_name=_("Boot Time"))
|
||||
terminal = models.ForeignKey(Terminal, null=True, on_delete=models.CASCADE)
|
||||
date_created = models.DateTimeField(auto_now_add=True)
|
||||
|
||||
class Meta:
|
||||
db_table = 'terminal_status'
|
||||
get_latest_by = 'date_created'
|
||||
|
||||
def __str__(self):
|
||||
return self.date_created.strftime("%Y-%m-%d %H:%M:%S")
|
||||
|
|
@ -0,0 +1,103 @@
|
|||
from __future__ import unicode_literals
|
||||
|
||||
import os
|
||||
import jms_storage
|
||||
|
||||
from django.db import models
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.conf import settings
|
||||
|
||||
from common.mixins import CommonModelMixin
|
||||
from common.fields.model import EncryptJsonDictTextField
|
||||
from .. import const
|
||||
from .terminal import Terminal
|
||||
|
||||
|
||||
class CommandStorage(CommonModelMixin):
|
||||
TYPE_CHOICES = const.COMMAND_STORAGE_TYPE_CHOICES
|
||||
TYPE_DEFAULTS = dict(const.REPLAY_STORAGE_TYPE_CHOICES_DEFAULT).keys()
|
||||
TYPE_SERVER = const.COMMAND_STORAGE_TYPE_SERVER
|
||||
|
||||
name = models.CharField(max_length=128, verbose_name=_("Name"), unique=True)
|
||||
type = models.CharField(
|
||||
max_length=16, choices=TYPE_CHOICES, verbose_name=_('Type'),
|
||||
default=TYPE_SERVER
|
||||
)
|
||||
meta = EncryptJsonDictTextField(default={})
|
||||
comment = models.TextField(
|
||||
max_length=128, default='', blank=True, verbose_name=_('Comment')
|
||||
)
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
@property
|
||||
def config(self):
|
||||
config = self.meta
|
||||
config.update({'TYPE': self.type})
|
||||
return config
|
||||
|
||||
def in_defaults(self):
|
||||
return self.type in self.TYPE_DEFAULTS
|
||||
|
||||
def is_valid(self):
|
||||
if self.in_defaults():
|
||||
return True
|
||||
storage = jms_storage.get_log_storage(self.config)
|
||||
return storage.ping()
|
||||
|
||||
def is_using(self):
|
||||
return Terminal.objects.filter(command_storage=self.name).exists()
|
||||
|
||||
|
||||
class ReplayStorage(CommonModelMixin):
|
||||
TYPE_CHOICES = const.REPLAY_STORAGE_TYPE_CHOICES
|
||||
TYPE_SERVER = const.REPLAY_STORAGE_TYPE_SERVER
|
||||
TYPE_DEFAULTS = dict(const.REPLAY_STORAGE_TYPE_CHOICES_DEFAULT).keys()
|
||||
|
||||
name = models.CharField(max_length=128, verbose_name=_("Name"), unique=True)
|
||||
type = models.CharField(
|
||||
max_length=16, choices=TYPE_CHOICES, verbose_name=_('Type'),
|
||||
default=TYPE_SERVER
|
||||
)
|
||||
meta = EncryptJsonDictTextField(default={})
|
||||
comment = models.TextField(
|
||||
max_length=128, default='', blank=True, verbose_name=_('Comment')
|
||||
)
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
def convert_type(self):
|
||||
s3_type_list = [const.REPLAY_STORAGE_TYPE_CEPH]
|
||||
tp = self.type
|
||||
if tp in s3_type_list:
|
||||
tp = const.REPLAY_STORAGE_TYPE_S3
|
||||
return tp
|
||||
|
||||
def get_extra_config(self):
|
||||
extra_config = {'TYPE': self.convert_type()}
|
||||
if self.type == const.REPLAY_STORAGE_TYPE_SWIFT:
|
||||
extra_config.update({'signer': 'S3SignerType'})
|
||||
return extra_config
|
||||
|
||||
@property
|
||||
def config(self):
|
||||
config = self.meta
|
||||
extra_config = self.get_extra_config()
|
||||
config.update(extra_config)
|
||||
return config
|
||||
|
||||
def in_defaults(self):
|
||||
return self.type in self.TYPE_DEFAULTS
|
||||
|
||||
def is_valid(self):
|
||||
if self.in_defaults():
|
||||
return True
|
||||
storage = jms_storage.get_object_storage(self.config)
|
||||
target = 'tests.py'
|
||||
src = os.path.join(settings.BASE_DIR, 'common', target)
|
||||
return storage.is_valid(src, target)
|
||||
|
||||
def is_using(self):
|
||||
return Terminal.objects.filter(replay_storage=self.name).exists()
|
|
@ -0,0 +1,25 @@
|
|||
from __future__ import unicode_literals
|
||||
|
||||
import uuid
|
||||
|
||||
from django.db import models
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from .terminal import Terminal
|
||||
|
||||
|
||||
class Task(models.Model):
|
||||
NAME_CHOICES = (
|
||||
("kill_session", "Kill Session"),
|
||||
)
|
||||
|
||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||
name = models.CharField(max_length=128, choices=NAME_CHOICES, verbose_name=_("Name"))
|
||||
args = models.CharField(max_length=1024, verbose_name=_("Args"))
|
||||
terminal = models.ForeignKey(Terminal, null=True, on_delete=models.SET_NULL)
|
||||
is_finished = models.BooleanField(default=False)
|
||||
date_created = models.DateTimeField(auto_now_add=True)
|
||||
date_finished = models.DateTimeField(null=True)
|
||||
|
||||
class Meta:
|
||||
db_table = "terminal_task"
|
||||
|
|
@ -0,0 +1,247 @@
|
|||
from __future__ import unicode_literals
|
||||
import uuid
|
||||
|
||||
from django.db import models
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.conf import settings
|
||||
from django.core.cache import cache
|
||||
|
||||
from users.models import User
|
||||
from .. import const
|
||||
|
||||
|
||||
class ComputeStatusMixin:
|
||||
|
||||
# system status
|
||||
@staticmethod
|
||||
def _common_compute_system_status(value, thresholds):
|
||||
if thresholds[0] <= value <= thresholds[1]:
|
||||
return const.ComponentStatusChoices.normal.value
|
||||
elif thresholds[1] < value <= thresholds[2]:
|
||||
return const.ComponentStatusChoices.high.value
|
||||
else:
|
||||
return const.ComponentStatusChoices.critical.value
|
||||
|
||||
def _compute_system_cpu_load_1_status(self, value):
|
||||
thresholds = [0, 5, 20]
|
||||
return self._common_compute_system_status(value, thresholds)
|
||||
|
||||
def _compute_system_memory_used_percent_status(self, value):
|
||||
thresholds = [0, 85, 95]
|
||||
return self._common_compute_system_status(value, thresholds)
|
||||
|
||||
def _compute_system_disk_used_percent_status(self, value):
|
||||
thresholds = [0, 80, 99]
|
||||
return self._common_compute_system_status(value, thresholds)
|
||||
|
||||
def _compute_system_status(self, state):
|
||||
system_status_keys = [
|
||||
'system_cpu_load_1', 'system_memory_used_percent', 'system_disk_used_percent'
|
||||
]
|
||||
system_status = []
|
||||
for system_status_key in system_status_keys:
|
||||
state_value = state[system_status_key]
|
||||
status = getattr(self, f'_compute_{system_status_key}_status')(state_value)
|
||||
system_status.append(status)
|
||||
return system_status
|
||||
|
||||
def _compute_component_status(self, state):
|
||||
system_status = self._compute_system_status(state)
|
||||
if const.ComponentStatusChoices.critical in system_status:
|
||||
return const.ComponentStatusChoices.critical
|
||||
elif const.ComponentStatusChoices.high in system_status:
|
||||
return const.ComponentStatusChoices.high
|
||||
else:
|
||||
return const.ComponentStatusChoices.normal
|
||||
|
||||
@staticmethod
|
||||
def _compute_component_status_display(status):
|
||||
return getattr(const.ComponentStatusChoices, status).label
|
||||
|
||||
|
||||
class TerminalStateMixin(ComputeStatusMixin):
|
||||
CACHE_KEY_COMPONENT_STATE = 'CACHE_KEY_COMPONENT_STATE_TERMINAL_{}'
|
||||
CACHE_TIMEOUT = 120
|
||||
|
||||
@property
|
||||
def cache_key(self):
|
||||
return self.CACHE_KEY_COMPONENT_STATE.format(str(self.id))
|
||||
|
||||
# get
|
||||
def _get_from_cache(self):
|
||||
return cache.get(self.cache_key)
|
||||
|
||||
def _set_to_cache(self, state):
|
||||
cache.set(self.cache_key, state, self.CACHE_TIMEOUT)
|
||||
|
||||
# set
|
||||
def _add_status(self, state):
|
||||
status = self._compute_component_status(state)
|
||||
status_display = self._compute_component_status_display(status)
|
||||
state.update({
|
||||
'status': status,
|
||||
'status_display': status_display
|
||||
})
|
||||
|
||||
@property
|
||||
def state(self):
|
||||
state = self._get_from_cache()
|
||||
return state or {}
|
||||
|
||||
@state.setter
|
||||
def state(self, state):
|
||||
self._add_status(state)
|
||||
self._set_to_cache(state)
|
||||
|
||||
|
||||
class TerminalStatusMixin(TerminalStateMixin):
|
||||
|
||||
# alive
|
||||
@property
|
||||
def is_alive(self):
|
||||
return bool(self.state)
|
||||
|
||||
# status
|
||||
@property
|
||||
def status(self):
|
||||
if self.is_alive:
|
||||
return self.state['status']
|
||||
else:
|
||||
return const.ComponentStatusChoices.critical.value
|
||||
|
||||
@property
|
||||
def status_display(self):
|
||||
return self._compute_component_status_display(self.status)
|
||||
|
||||
@property
|
||||
def is_normal(self):
|
||||
return self.status == const.ComponentStatusChoices.normal.value
|
||||
|
||||
@property
|
||||
def is_high(self):
|
||||
return self.status == const.ComponentStatusChoices.high.value
|
||||
|
||||
@property
|
||||
def is_critical(self):
|
||||
return self.status == const.ComponentStatusChoices.critical.value
|
||||
|
||||
|
||||
class Terminal(TerminalStatusMixin, models.Model):
|
||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||
name = models.CharField(max_length=128, verbose_name=_('Name'))
|
||||
type = models.CharField(choices=const.TerminalTypeChoices.choices, max_length=64, verbose_name=_('type'))
|
||||
remote_addr = models.CharField(max_length=128, blank=True, verbose_name=_('Remote Address'))
|
||||
ssh_port = models.IntegerField(verbose_name=_('SSH Port'), default=2222)
|
||||
http_port = models.IntegerField(verbose_name=_('HTTP Port'), default=5000)
|
||||
command_storage = models.CharField(max_length=128, verbose_name=_("Command storage"), default='default')
|
||||
replay_storage = models.CharField(max_length=128, verbose_name=_("Replay storage"), default='default')
|
||||
user = models.OneToOneField(User, related_name='terminal', verbose_name='Application User', null=True, on_delete=models.CASCADE)
|
||||
is_accepted = models.BooleanField(default=False, verbose_name='Is Accepted')
|
||||
is_deleted = models.BooleanField(default=False)
|
||||
date_created = models.DateTimeField(auto_now_add=True)
|
||||
comment = models.TextField(blank=True, verbose_name=_('Comment'))
|
||||
|
||||
@property
|
||||
def is_active(self):
|
||||
if self.user and self.user.is_active:
|
||||
return True
|
||||
return False
|
||||
|
||||
@is_active.setter
|
||||
def is_active(self, active):
|
||||
if self.user:
|
||||
self.user.is_active = active
|
||||
self.user.save()
|
||||
|
||||
def get_command_storage(self):
|
||||
from .storage import CommandStorage
|
||||
storage = CommandStorage.objects.filter(name=self.command_storage).first()
|
||||
return storage
|
||||
|
||||
def get_command_storage_config(self):
|
||||
s = self.get_command_storage()
|
||||
if s:
|
||||
config = s.config
|
||||
else:
|
||||
config = settings.DEFAULT_TERMINAL_COMMAND_STORAGE
|
||||
return config
|
||||
|
||||
def get_command_storage_setting(self):
|
||||
config = self.get_command_storage_config()
|
||||
return {"TERMINAL_COMMAND_STORAGE": config}
|
||||
|
||||
def get_replay_storage(self):
|
||||
from .storage import ReplayStorage
|
||||
storage = ReplayStorage.objects.filter(name=self.replay_storage).first()
|
||||
return storage
|
||||
|
||||
def get_replay_storage_config(self):
|
||||
s = self.get_replay_storage()
|
||||
if s:
|
||||
config = s.config
|
||||
else:
|
||||
config = settings.DEFAULT_TERMINAL_REPLAY_STORAGE
|
||||
return config
|
||||
|
||||
def get_replay_storage_setting(self):
|
||||
config = self.get_replay_storage_config()
|
||||
return {"TERMINAL_REPLAY_STORAGE": config}
|
||||
|
||||
@staticmethod
|
||||
def get_login_title_setting():
|
||||
login_title = None
|
||||
if settings.XPACK_ENABLED:
|
||||
from xpack.plugins.interface.models import Interface
|
||||
login_title = Interface.get_login_title()
|
||||
return {'TERMINAL_HEADER_TITLE': login_title}
|
||||
|
||||
@property
|
||||
def config(self):
|
||||
configs = {}
|
||||
for k in dir(settings):
|
||||
if not k.startswith('TERMINAL'):
|
||||
continue
|
||||
configs[k] = getattr(settings, k)
|
||||
configs.update(self.get_command_storage_setting())
|
||||
configs.update(self.get_replay_storage_setting())
|
||||
configs.update(self.get_login_title_setting())
|
||||
configs.update({
|
||||
'SECURITY_MAX_IDLE_TIME': settings.SECURITY_MAX_IDLE_TIME
|
||||
})
|
||||
return configs
|
||||
|
||||
@property
|
||||
def service_account(self):
|
||||
return self.user
|
||||
|
||||
def create_app_user(self):
|
||||
random = uuid.uuid4().hex[:6]
|
||||
user, access_key = User.create_app_user(
|
||||
name="{}-{}".format(self.name, random), comment=self.comment
|
||||
)
|
||||
self.user = user
|
||||
self.save()
|
||||
return user, access_key
|
||||
|
||||
def delete(self, using=None, keep_parents=False):
|
||||
if self.user:
|
||||
self.user.delete()
|
||||
self.user = None
|
||||
self.is_deleted = True
|
||||
self.save()
|
||||
return
|
||||
|
||||
def __str__(self):
|
||||
status = "Active"
|
||||
if not self.is_accepted:
|
||||
status = "NotAccept"
|
||||
elif self.is_deleted:
|
||||
status = "Deleted"
|
||||
elif not self.is_active:
|
||||
status = "Disable"
|
||||
return '%s: %s' % (self.name, status)
|
||||
|
||||
class Meta:
|
||||
ordering = ('is_accepted',)
|
||||
db_table = "terminal"
|
||||
|
|
@ -4,3 +4,4 @@ from .terminal import *
|
|||
from .session import *
|
||||
from .storage import *
|
||||
from .command import *
|
||||
from .components import *
|
||||
|
|
|
@ -0,0 +1,25 @@
|
|||
|
||||
from rest_framework import serializers
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
|
||||
class ComponentsStateSerializer(serializers.Serializer):
|
||||
# system
|
||||
system_cpu_load_1 = serializers.FloatField(
|
||||
required=False, default=0, label=_("System cpu load 1 minutes")
|
||||
)
|
||||
system_memory_used_percent = serializers.FloatField(
|
||||
required=False, default=0, label=_('System memory used percent')
|
||||
)
|
||||
system_disk_used_percent = serializers.FloatField(
|
||||
required=False, default=0, label=_('System disk used percent')
|
||||
)
|
||||
# sessions
|
||||
session_active_count = serializers.IntegerField(
|
||||
required=False, default=0, label=_("Session active count")
|
||||
)
|
||||
|
||||
def save(self, **kwargs):
|
||||
request = self.context['request']
|
||||
terminal = request.user.terminal
|
||||
terminal.state = self.validated_data
|
|
@ -6,19 +6,25 @@ from common.utils import is_uuid
|
|||
from ..models import (
|
||||
Terminal, Status, Session, Task, CommandStorage, ReplayStorage
|
||||
)
|
||||
from .components import ComponentsStateSerializer
|
||||
|
||||
|
||||
class TerminalSerializer(BulkModelSerializer):
|
||||
session_online = serializers.SerializerMethodField()
|
||||
is_alive = serializers.BooleanField(read_only=True)
|
||||
status = serializers.CharField(read_only=True)
|
||||
status_display = serializers.CharField(read_only=True)
|
||||
state = ComponentsStateSerializer(read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = Terminal
|
||||
fields = [
|
||||
'id', 'name', 'remote_addr', 'http_port', 'ssh_port',
|
||||
'id', 'name', 'type', 'remote_addr', 'http_port', 'ssh_port',
|
||||
'comment', 'is_accepted', "is_active", 'session_online',
|
||||
'is_alive', 'date_created', 'command_storage', 'replay_storage'
|
||||
'is_alive', 'date_created', 'command_storage', 'replay_storage',
|
||||
'status', 'status_display', 'state'
|
||||
]
|
||||
read_only_fields = ['type', 'date_created']
|
||||
|
||||
@staticmethod
|
||||
def get_kwargs_may_be_uuid(value):
|
||||
|
|
|
@ -33,7 +33,10 @@ urlpatterns = [
|
|||
path('commands/export/', api.CommandExportApi.as_view(), name="command-export"),
|
||||
path('commands/insecure-command/', api.InsecureCommandAlertAPI.as_view(), name="command-alert"),
|
||||
path('replay-storages/<uuid:pk>/test-connective/', api.ReplayStorageTestConnectiveApi.as_view(), name='replay-storage-test-connective'),
|
||||
path('command-storages/<uuid:pk>/test-connective/', api.CommandStorageTestConnectiveApi.as_view(), name='command-storage-test-connective')
|
||||
path('command-storages/<uuid:pk>/test-connective/', api.CommandStorageTestConnectiveApi.as_view(), name='command-storage-test-connective'),
|
||||
# components
|
||||
path('components/metrics/', api.ComponentsMetricsAPIView.as_view(), name='components-metrics'),
|
||||
path('components/state/', api.ComponentsStateAPIView.as_view(), name='components-state'),
|
||||
# v2: get session's replay
|
||||
# path('v2/sessions/<uuid:pk>/replay/',
|
||||
# api.SessionReplayV2ViewSet.as_view({'get': 'retrieve'}),
|
||||
|
|
|
@ -11,6 +11,7 @@ import jms_storage
|
|||
from common.tasks import send_mail_async
|
||||
from common.utils import get_logger, reverse
|
||||
from settings.models import Setting
|
||||
from . import const
|
||||
|
||||
from .models import ReplayStorage, Session, Command
|
||||
|
||||
|
@ -101,3 +102,104 @@ def send_command_alert_mail(command):
|
|||
logger.debug(message)
|
||||
|
||||
send_mail_async.delay(subject, message, recipient_list, html_message=message)
|
||||
|
||||
|
||||
class ComponentsMetricsUtil(object):
|
||||
|
||||
def __init__(self, component_type=None):
|
||||
self.type = component_type
|
||||
self.components = []
|
||||
self.initial_components()
|
||||
|
||||
def initial_components(self):
|
||||
from .models import Terminal
|
||||
terminals = Terminal.objects.all().order_by('type')
|
||||
if self.type:
|
||||
terminals = terminals.filter(type=self.type)
|
||||
self.components = list(terminals)
|
||||
|
||||
def get_metrics(self):
|
||||
total_count = normal_count = high_count = critical_count = session_active_total = 0
|
||||
for component in self.components:
|
||||
total_count += 1
|
||||
if not component.is_alive:
|
||||
critical_count += 1
|
||||
continue
|
||||
session_active_total += component.state.get('session_active_count', 0)
|
||||
if component.is_normal:
|
||||
normal_count += 1
|
||||
elif component.is_high:
|
||||
high_count += 1
|
||||
else:
|
||||
critical_count += 1
|
||||
metrics = {
|
||||
'total': total_count,
|
||||
'normal': normal_count,
|
||||
'high': high_count,
|
||||
'critical': critical_count,
|
||||
'session_active': session_active_total
|
||||
}
|
||||
return metrics
|
||||
|
||||
|
||||
class ComponentsPrometheusMetricsUtil(ComponentsMetricsUtil):
|
||||
|
||||
@staticmethod
|
||||
def get_status_metrics(metrics):
|
||||
return {
|
||||
'any': metrics['total'],
|
||||
'normal': metrics['normal'],
|
||||
'high': metrics['high'],
|
||||
'critical': metrics['critical']
|
||||
}
|
||||
|
||||
def get_prometheus_metrics_text(self):
|
||||
prometheus_metrics = []
|
||||
prometheus_metrics.append('# JumpServer 各组件状态个数汇总')
|
||||
base_status_metric_text = 'jumpserver_components_status_total{component_type="%s", status="%s"} %s'
|
||||
for component in self.components:
|
||||
component_type = component.type
|
||||
base_metrics = self.get_metrics()
|
||||
|
||||
prometheus_metrics.append(f'## 组件: {component_type}')
|
||||
status_metrics = self.get_status_metrics(base_metrics)
|
||||
for status, value in status_metrics.items():
|
||||
metric_text = base_status_metric_text % (component_type, status, value)
|
||||
prometheus_metrics.append(metric_text)
|
||||
|
||||
prometheus_metrics.append('\n')
|
||||
prometheus_metrics.append('# JumpServer 各组件在线会话数汇总')
|
||||
base_session_active_metric_text = 'jumpserver_components_session_active_total{component_type="%s"} %s'
|
||||
for component in self.components:
|
||||
component_type = component.type
|
||||
prometheus_metrics.append(f'## 组件: {component_type}')
|
||||
base_metrics = self.get_metrics()
|
||||
metric_text = base_session_active_metric_text % (
|
||||
component_type,
|
||||
base_metrics['session_active']
|
||||
)
|
||||
prometheus_metrics.append(metric_text)
|
||||
|
||||
prometheus_metrics.append('\n')
|
||||
prometheus_metrics.append('# JumpServer 各组件节点一些指标')
|
||||
base_system_state_metric_text = 'jumpserver_components_%s{component_type="%s", component="%s"} %s'
|
||||
system_states_name = [
|
||||
'system_cpu_load_1', 'system_memory_used_percent',
|
||||
'system_disk_used_percent', 'session_active_count'
|
||||
]
|
||||
for system_state_name in system_states_name:
|
||||
prometheus_metrics.append(f'## 指标: {system_state_name}')
|
||||
for component in self.components:
|
||||
if not component.is_alive:
|
||||
continue
|
||||
component_type = component.type
|
||||
metric_text = base_system_state_metric_text % (
|
||||
system_state_name,
|
||||
component_type,
|
||||
component.name,
|
||||
component.state.get(system_state_name)
|
||||
)
|
||||
prometheus_metrics.append(metric_text)
|
||||
|
||||
prometheus_metrics_text = '\n'.join(prometheus_metrics)
|
||||
return prometheus_metrics_text
|
||||
|
|
Loading…
Reference in New Issue