You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@metron.apache.org by nickwallen <gi...@git.apache.org> on 2016/05/03 22:54:00 UTC

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

GitHub user nickwallen opened a pull request:

    https://github.com/apache/incubator-metron/pull/103

    METRON-132 Manage all sensors and topologies with Monit

    
    
    Adds Monit as a process watchdog to manage all sensors and topologies.
    
    - Monit web interface exposed at http://hostname:2812 which can be used to start, stop, check status of any of the sensors or topologies.
    
    - When monitoring is enabled (on by default) if a process dies, it will be restarted.
    
    - Monit command line tools also simplify the process of managing Metron ingestion.
    
        For example, tired of the noise from your laptop fan when running Metron's 'single node vagrant'?  This will quiet her down.  Finally, peace and quiet!
    
        ```
        monit stop all
        ```
    
        Need to work on a single ingest feed?
    
        ```
        monit start bro
        monit start bro-topology
        ```
    
        Getting cold and need some heat?  Start everything.
    
        ```
        monit start all
        ```
    
    - Post-deployment report for Amazon-EC2 provides links to Monit's web interface.
    
      ```
      ok: [localhost] => {
        "Success": [
            "Apache Metron deployed successfully",
            "   Metron          @ http://ec2-52-39-143-62.us-west-2.compute.amazonaws.com:5000",
            "   Ambari          @ http://ec2-52-39-4-93.us-west-2.compute.amazonaws.com:8080",
            "   Sensor Status   @ http://ec2-52-39-4-93.us-west-2.compute.amazonaws.com:2812",
            "   Topology Status @ http://ec2-52-39-130-62.us-west-2.compute.amazonaws.com:2812",
            "For additional information, see https://metron.incubator.apache.org/'"
        ]
      }
      ```
    
    - Will not monitor a service that is not installed.


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/nickwallen/incubator-metron METRON-132

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-metron/pull/103.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #103
    
----
commit d6b8c9759c35b2f47cf86970708975ad2edb1f1c
Author: Nick Allen <ni...@nickallen.org>
Date:   2016-04-29T16:44:27Z

    METRON-132 Manage all sensors and topologies with Monit.

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

Github user nickwallen commented on a diff in the pull request:

    https://github.com/apache/incubator-metron/pull/103#discussion_r62039681
  
    --- Diff: metron-deployment/amazon-ec2/tasks/check-hosts.yml ---
    @@ -16,5 +16,5 @@
     #
     ---
     - name: Wait for connectivity to host(s)
    -  local_action: wait_for host={{ inventory_hostname }} state=started timeout=300 delay=10
    +  local_action: wait_for host={{ inventory_hostname }} state=started port=22 timeout=300 delay=10
    --- End diff --
    
    Yes, I wanted to call this out specifically to you, but forgot.  I have been adding this "fix" in my working branch and then removing it before commits.  It has been working well for me.
    
    Without specifying `port=22`, `wait_for` simply sleeps until the timeout.  Until now, it has just been waiting 5 minutes, every time, no matter what the state of the hosts is.
    
    I have seen others using the following, but I think this wasn't working for you early on?  This not only waits for the port to open, but also for SSH to be ready to respond.
    
    ```
    - local_action: wait_for port=22 host="{{ hostname }}" search_regex=OpenSSH delay=10
    ```


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by dlyle65535 <gi...@git.apache.org>.

Github user dlyle65535 commented on a diff in the pull request:

https://github.com/apache/incubator-metron/pull/103#discussion_r62065980

--- Diff: metron-deployment/roles/monit-sensors/defaults/main.yml ---
@@ -0,0 +1,17 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+---
--- End diff --

Oh, I get it. So what would you think about omitting the file until we have the static settings?

---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

Github user nickwallen commented on the pull request:

    https://github.com/apache/incubator-metron/pull/103#issuecomment-217176604
  
    And just to be clear, this is just a stop-gap measure until this kind of functionality gets integrated into a proper Metron UI.



---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

Github user nickwallen commented on a diff in the pull request:

https://github.com/apache/incubator-metron/pull/103#discussion_r62039861

Yes, it gets copied to the host and I then use Ansible to add config to the file based on certain variable values. The original thought was that we could add static settings here and it would get copied over. May not be useful though.

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

Github user nickwallen closed the pull request at:

    https://github.com/apache/incubator-metron/pull/103


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

GitHub user nickwallen reopened a pull request:

    https://github.com/apache/incubator-metron/pull/103

    METRON-132 Manage all sensors and topologies with Monit

    
    
    Adds Monit as a process watchdog to manage all sensors and topologies.
    
    - Monit web interface exposed at http://hostname:2812 which can be used to start, stop, check status of any of the sensors or topologies.
    
    - When monitoring is enabled (on by default) if a process dies, it will be restarted.
    
    - Monit command line tools also simplify the process of managing Metron ingestion.
    
        For example, tired of the noise from your laptop fan when running Metron's 'single node vagrant'?  This will quiet her down.  Finally, peace and quiet!
    
        ```
        monit stop all
        ```
    
        Need to work on a single ingest feed?
    
        ```
        monit start bro
        monit start bro-topology
        ```
    
        Getting cold and need some heat?  Start everything.
    
        ```
        monit start all
        ```
    
    - Post-deployment report for Amazon-EC2 provides links to Monit's web interface.
    
      ```
      ok: [localhost] => {
        "Success": [
            "Apache Metron deployed successfully",
            "   Metron          @ http://ec2-52-39-143-62.us-west-2.compute.amazonaws.com:5000",
            "   Ambari          @ http://ec2-52-39-4-93.us-west-2.compute.amazonaws.com:8080",
            "   Sensor Status   @ http://ec2-52-39-4-93.us-west-2.compute.amazonaws.com:2812",
            "   Topology Status @ http://ec2-52-39-130-62.us-west-2.compute.amazonaws.com:2812",
            "For additional information, see https://metron.incubator.apache.org/'"
        ]
      }
      ```
    
    - Will not monitor a service that is not installed.


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/nickwallen/incubator-metron METRON-132

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-metron/pull/103.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #103
    
----

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

Github user nickwallen commented on the pull request:

    https://github.com/apache/incubator-metron/pull/103#issuecomment-217525876
  
    Just to document for future generations, this is what the PR looks like once deployed.
    
    <img width="1009" alt="screenshot 2016-05-06 14 42 18" src="https://cloud.githubusercontent.com/assets/2475409/15082991/cc91e1fe-1398-11e6-8203-81921edc75c0.png">
    



---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

Github user nickwallen commented on the pull request:

    https://github.com/apache/incubator-metron/pull/103#issuecomment-216671448
  
    Closing and reopening since it seems we hit a transient test failure.  Need to trigger Travis again.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by merrimanr <gi...@git.apache.org>.

Github user merrimanr commented on the pull request:

    https://github.com/apache/incubator-metron/pull/103#issuecomment-217902300
  
    I like it.  +1


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by dlyle65535 <gi...@git.apache.org>.

Github user dlyle65535 commented on a diff in the pull request:

    https://github.com/apache/incubator-metron/pull/103#discussion_r62017742
  
    --- Diff: metron-deployment/roles/monit-sensors/defaults/main.yml ---
    @@ -0,0 +1,17 @@
    +#
    +#  Licensed to the Apache Software Foundation (ASF) under one or more
    +#  contributor license agreements.  See the NOTICE file distributed with
    +#  this work for additional information regarding copyright ownership.
    +#  The ASF licenses this file to You under the Apache License, Version 2.0
    +#  (the "License"); you may not use this file except in compliance with
    +#  the License.  You may obtain a copy of the License at
    +#
    +#      http://www.apache.org/licenses/LICENSE-2.0
    +#
    +#  Unless required by applicable law or agreed to in writing, software
    +#  distributed under the License is distributed on an "AS IS" BASIS,
    +#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    +#  See the License for the specific language governing permissions and
    +#  limitations under the License.
    +#
    +---
    --- End diff --
    
    Did you intend to leave this in the changeset?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

Github user nickwallen commented on the pull request:

    https://github.com/apache/incubator-metron/pull/103#issuecomment-217981572
  
    Based on feedback, I need to do the following:
    - Rename the sensors to include -sensor in their name; example `snort` => `yaf-sensor`
    - Rename `-topology` to `-parser`; example `yaf-topology` => `yaf-parser`
    - Investigate whether aggregations of functionality can be configured; example: Create a single `yaf` monit service that turns on/off both the `yaf-sensor` and the `yaf-parser` at the same time.
    - Ensure that monit does not impact performance when running on a development platform


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

Github user nickwallen closed the pull request at:

    https://github.com/apache/incubator-metron/pull/103


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by dlyle65535 <gi...@git.apache.org>.

Github user dlyle65535 commented on a diff in the pull request:

    https://github.com/apache/incubator-metron/pull/103#discussion_r62065723
  
    --- Diff: metron-deployment/amazon-ec2/tasks/check-hosts.yml ---
    @@ -16,5 +16,5 @@
     #
     ---
     - name: Wait for connectivity to host(s)
    -  local_action: wait_for host={{ inventory_hostname }} state=started timeout=300 delay=10
    +  local_action: wait_for host={{ inventory_hostname }} state=started port=22 timeout=300 delay=10
    --- End diff --
    
    Yeah, that last line was exactly what was failing in rare occasions before. Still have no idea how. Wouldn't have believed it if I hadn't seen it myself. 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by dlyle65535 <gi...@git.apache.org>.

Github user dlyle65535 commented on a diff in the pull request:

    https://github.com/apache/incubator-metron/pull/103#discussion_r62017590
  
    --- Diff: metron-deployment/amazon-ec2/tasks/check-hosts.yml ---
    @@ -16,5 +16,5 @@
     #
     ---
     - name: Wait for connectivity to host(s)
    -  local_action: wait_for host={{ inventory_hostname }} state=started timeout=300 delay=10
    +  local_action: wait_for host={{ inventory_hostname }} state=started port=22 timeout=300 delay=10
    --- End diff --
    
    Could you reference METRON-85 for this, provided you agree it would address that? Thanks!


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

Github user nickwallen commented on a diff in the pull request:

    https://github.com/apache/incubator-metron/pull/103#discussion_r62076306
  
    --- Diff: metron-deployment/roles/monit-sensors/defaults/main.yml ---
    @@ -0,0 +1,17 @@
    +#
    +#  Licensed to the Apache Software Foundation (ASF) under one or more
    +#  contributor license agreements.  See the NOTICE file distributed with
    +#  this work for additional information regarding copyright ownership.
    +#  The ASF licenses this file to You under the Apache License, Version 2.0
    +#  (the "License"); you may not use this file except in compliance with
    +#  the License.  You may obtain a copy of the License at
    +#
    +#      http://www.apache.org/licenses/LICENSE-2.0
    +#
    +#  Unless required by applicable law or agreed to in writing, software
    +#  distributed under the License is distributed on an "AS IS" BASIS,
    +#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    +#  See the License for the specific language governing permissions and
    +#  limitations under the License.
    +#
    +---
    --- End diff --
    
    Makes waaaay too much sense.  I'll do that.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-metron pull request: METRON-132 Manage all sensors and t...

Posted by nickwallen <gi...@git.apache.org>.

Github user nickwallen commented on a diff in the pull request:

https://github.com/apache/incubator-metron/pull/103#discussion_r62081554

Ah, this a totally different file than what I was thinking. Yes, I can definitely delete this and the "defaults" directory.