Skip to content

GitLab

Commit 24c54c45 authored by Andrii Salnikov's avatar Andrii Salnikov
Browse files
Options

ARCHERY support in ldap-monitor

parent 7dcc6c62
Hide whitespace changes
Inline Side-by-side
Showing with 291 additions and 96 deletions
src/services/ldap-monitor/includes/archery.inc 0 → 100644
View file @ 24c54c45
<?php
// Author: manf@grid.org.ua
if ( file_exists("blacklist.inc") ) include('blacklist.inc');
/**
* @param $error_str
*/
function dbgerr_html($error_str){
dbgmsg("<div><span style='color: #ff0000; font-weight: bold'>" .$error_str."</span></div>\n");
}
/**
* @param $hostname
* @return int
*/
function check_blacklist($hostname) {
global $blacklist;
if ( ! isset($blacklist) ) {
return 0;
}
if ( in_array($hostname, $blacklist) ) {
return $blacklist[$hostname];
}
return 0;
}
/**
* @param $endpoint
* @param $errors
* @param $debug
* @return array
*/
function query_dns_archery($endpoint, $errors, $debug)
{
$archery_endpoints = array();
// get dns record hostname according to ARCHERY entree point convention
if (substr($endpoint, 0, 6) == 'dns://') {
$dns_endpoint = substr($endpoint, 6);
} else {
$dns_endpoint = '_archery.' . $endpoint;
}
// perform query
$dnsquery = dns_get_record($dns_endpoint, DNS_TXT);
if ( $dnsquery === FALSE ) {
if ( $debug ) dbgerr_html($errors["132"].$endpoint);
return $archery_endpoints;
}
// parse query
foreach ( $dnsquery as $dnsrr ) {
if (isset($dnsrr['entries'])) {
foreach ($dnsrr['entries'] as $dnsrr_value) {
$erecord_arr = array();
$akv = explode(' ', $dnsrr_value);
foreach ($akv as $kv) {
$ae = explode('=', $kv, 2);
if ( count($ae) == 2 ) {
$erecord_arr[$ae[0]] = $ae[1];
}
}
$archery_endpoints[] = $erecord_arr;
}
} else {
if ( $debug ) dbgerr_html($errors["132"].$endpoint);
}
}
return $archery_endpoints;
}
/**
* @param $endpoint
* @param $schema
* @param $errors
* @param int $debug
* @param int $looplimit
* @return array
*/
function recursive_archery_info ($endpoint, $schema, $errors, $debug=0, $looplimit=5) {
$endpoints = array();
// Just in case recursion limit
if ( $looplimit == 0 ) {
dbgerr_html($errors["133"].$endpoint);
return $endpoints;
}
// Query archery for endpoints info
$archery_endpoints = query_dns_archery($endpoint, $errors, $debug);
foreach ($archery_endpoints as $ainfo) {
if ($ainfo['t'] == 'org.nordugrid.archery') {
$more_endpoints = recursive_archery_info ($ainfo['u'], $schema, $errors, $debug=0, $looplimit-1);
$endpoints = array_merge($endpoints, $more_endpoints);
} elseif ($ainfo['t'] == 'org.nordugrid.ldapegiis') {
//TODO: invoke egiis query
continue;
} elseif ($ainfo['t'] == 'org.nordugrid.emir') {
//TODO: invoke emir query (or maybe we should abandone it)
continue;
} elseif ($ainfo['t'] == 'org.nordugrid.ldapng') {
if ( $schema !== 'NG' ) continue;
// ldap://<host>:2135/Mds-Vo-Name=local,o=grid
$parsed_url = array();
if ( preg_match('/^ldap:\/\/(?P<host>[^:]+):(?<port>[0-9]+)\/(?P<base>.*)/', $ainfo['u'], $parsed_url) ) {
if ( check_blacklist($parsed_url['host'])) {
if ( $debug ) dbgerr_html($errors["122"].$parsed_url['host']);
continue;
}
$endpoints[] = array (
'host' => $parsed_url['host'],
'port' => $parsed_url['port'],
'base' => "nordugrid-cluster-name=".$parsed_url['host'].",".$parsed_url['base']
);
}
} elseif ($ainfo['t'] == 'org.nordugrid.ldapglue2') {
if ( $schema !== 'GLUE2' ) continue;
// ldap://<host>:2135/o=glue
$parsed_url = array();
if ( preg_match('/^ldap:\/\/(?P<host>[^:]+):(?<port>[0-9]+)\/(?P<base>.*)/', $ainfo['u'], $parsed_url) ) {
if ( check_blacklist($parsed_url['host'])) {
if ( $debug ) dbgerr_html($errors["122"].$parsed_url['host']);
continue;
}
$endpoints[] = array (
'host' => $parsed_url['host'],
'port' => $parsed_url['port'],
// dirty hack, monitor only works with array of ldapng endpoints even for GLUE2 :-)
'base' => "nordugrid-cluster-name=".$parsed_url['host'].",".DN_LOCAL
);
}
} elseif ($ainfo['t'] == 'org.ogf.glue.emies.resourceinfo') {
// silently skip EMIES endpoints for now
continue;
} else {
if ($debug) dbgerr_html(sprintf($errors["134"],$ainfo['t'],$ainfo['u']));
}
}
return $endpoints;
}
/**
* @return array
* @param archery_list array
* @param schema string
* @param debug integer
* @param loopcnt integer
* @desc Returns list of LDAP endpoints
*/
function archery_info($archery_list, $schema, $errors, $debug="0") {
// show the debug message regarding ARCHERY timeouts
if($debug && ! empty($archery_list)) {
dbgmsg("<div align=\"left\"><i>:::&gt; " . $errors["131"] . " &lt;:::</div><br/>");
}
// start recursively querying ARCHERY
$entries = array();
foreach ( $archery_list as $archery ) {
$entries = array_merge($entries, recursive_archery_info($archery['endpoint'], $schema, $errors, $debug));
}
return $entries;
}
?>
src/services/ldap-monitor/includes/emirs_info.inc
View file @ 24c54c45
......@@ -23,7 +23,7 @@ function emirs_info($emirslist,$element,$errors,$gentries,$debug="0",$cert)
$tlim = 2;
$tout = 5;
if($debug && count($emirslist) < 5) dbgmsg("<div align=\"left\"><i>:::&gt; ".$errors["130"].$tlim.$errors["102"].$tout.$errors["103"]." &lt;:::</div><BR>");
if($debug && !empty($emirslist)) dbgmsg("<div align=\"left\"><i>:::&gt; ".$errors["130"].$tlim.$errors["102"].$tout.$errors["103"]." &lt;:::</div><BR>");
$nemirs = count($emirslist);
......
src/services/ldap-monitor/includes/headfoot.inc
View file @ 24c54c45
......@@ -40,6 +40,8 @@ class LmDoc { // class LmDoc
var $emirslist = array();
var $cert;
var $archery_list = array();
/**
* @return LmDoc
* @param wintyp string
......@@ -67,87 +69,92 @@ class LmDoc { // class LmDoc
if ( $wintyp ) {
$this->module = $wintyp;
// Localize
$yaccept = @$_SERVER["HTTP_ACCEPT_LANGUAGE"] ;
if ( !$yaccept ) $yaccept = "en";
if ( FORCE_LANG != "default" ) $yaccept = FORCE_LANG;
$yazyk = "en";
$yazyki = explode(",",$yaccept);
foreach ( $yazyki as $option ) {
if ( $yazyk != "en" ) continue;
$option = trim($option);
$option = substr($option,0,2);
// some sniffing
// touch("test/".$option);
// echo "<!--$option-->\n";
$locfile = $option.".inc";
if ( !file_exists("lang/".$locfile) ) continue;
$yazyk = $option;
$this->module = $wintyp;
// Localize
$yaccept = @$_SERVER["HTTP_ACCEPT_LANGUAGE"] ;
if ( !$yaccept ) $yaccept = "en";
if ( FORCE_LANG != "default" ) $yaccept = FORCE_LANG;
$yazyk = "en";
$yazyki = explode(",",$yaccept);
foreach ( $yazyki as $option ) {
if ( $yazyk != "en" ) continue;
$option = trim($option);
$option = substr($option,0,2);
// some sniffing
// touch("test/".$option);
// echo "<!--$option-->\n";
$locfile = $option.".inc";
if ( !file_exists("lang/".$locfile) ) continue;
$yazyk = $option;
}
$locfile = $yazyk.".inc";
include $locfile;
setlocale(LC_ALL, $yazyk);
$this->language = $yazyk;
$this->strings = $message;
$this->errors = $message["errors"];
$this->countries = $message["tlconvert"];
$this->mdsattr = $message["mdsattr"];
$this->isattr = $message["isattr"];
// Assigns $this->clusdes = $message["clusdes"];
$this->$wintyp = $message[$wintyp];
$toptitle = $message[$wintyp][0];
// Set page parameters
require ('settings.inc');
$inpnam = implode("_",array("def",$wintyp));
// Page style definitions (see settings.inc)
// Sets top window title
$this->title = ( $toptitle ) ? $toptitle : "";
// Refresh rate
$this->refresh = (${$inpnam}["refresh"]) ? ${$inpnam}["refresh"] : 0;
// Background and link colors
$this->bg = (${$inpnam}["bgcolor"]) ? ${$inpnam}["bgcolor"] : "#ffffff";
$this->lc = (${$inpnam}["lcolor"]) ? ${$inpnam}["lcolor"] : "#cc0000";
// Dumps the header HTML code
$titles = explode(":",$this->title); // sometimes titles are many
echo "<title>".$titles[0]." ".$extratitle."</title>\n";
if ( $this->refresh ) echo "<meta http-equiv=\"refresh\" content=".$this->refresh.">\n";
echo "<style>\n";
echo "<!--\n";
echo "A {text-decoration:none; }\n";
echo "A:link {color: ".$this->lc."; }\n";
echo "A:visited {color: ".$this->lc."; }\n";
echo "A:first-child {color: ".$this->lc."; }\n";
echo "BODY {background-color: ".$this->bg."; font-size:small; height:auto;}\n";
echo "P {padding: 0em; margin: 10px 0px 6px 0px; font-size:small; }\n";
echo "TD {font-size:small;}\n";
echo "DT {text-align: justify;}\n";
echo "DD {text-align: justify;}\n";
echo ".right {text-align: right; padding: 0em; margin: 0em;}\n";
echo ".fix {font-family: monospace;}\n";
echo "//-->\n";
echo "</style>\n";
// define giislist
if ( ! isset($emirslist) ) {
$emirslist = array ();
}
$locfile = $yazyk.".inc";
include $locfile;
setlocale(LC_ALL, $yazyk);
$this->language = $yazyk;
$this->strings = $message;
$this->errors = $message["errors"];
$this->countries = $message["tlconvert"];
$this->mdsattr = $message["mdsattr"];
$this->isattr = $message["isattr"];
// Assigns $this->clusdes = $message["clusdes"];
$this->$wintyp = $message[$wintyp];
$toptitle = $message[$wintyp][0];
// Set page parameters
require ('settings.inc');
$inpnam = implode("_",array("def",$wintyp));
// Page style definitions (see settings.inc)
// Sets top window title
$this->title = ( $toptitle ) ? $toptitle : "";
// Refresh rate
$this->refresh = (${$inpnam}["refresh"]) ? ${$inpnam}["refresh"] : 0;
// Background and link colors
$this->bg = (${$inpnam}["bgcolor"]) ? ${$inpnam}["bgcolor"] : "#ffffff";
$this->lc = (${$inpnam}["lcolor"]) ? ${$inpnam}["lcolor"] : "#cc0000";
// Dumps the header HTML code
$titles = explode(":",$this->title); // sometimes titles are many
echo "<title>".$titles[0]." ".$extratitle."</title>\n";
if ( $this->refresh ) echo "<meta http-equiv=\"refresh\" content=".$this->refresh.">\n";
echo "<style>\n";
echo "<!--\n";
echo "A {text-decoration:none; }\n";
echo "A:link {color: ".$this->lc."; }\n";
echo "A:visited {color: ".$this->lc."; }\n";
echo "A:first-child {color: ".$this->lc."; }\n";
echo "BODY {background-color: ".$this->bg."; font-size:small; height:auto;}\n";
echo "P {padding: 0em; margin: 10px 0px 6px 0px; font-size:small; }\n";
echo "TD {font-size:small;}\n";
echo "DT {text-align: justify;}\n";
echo "DD {text-align: justify;}\n";
echo ".right {text-align: right; padding: 0em; margin: 0em;}\n";
echo ".fix {font-family: monospace;}\n";
echo "//-->\n";
echo "</style>\n";
// define giislist
$this->giislist = $giislist;
$this->emirslist= $emirslist;
$this->cert = $cert;
if ( ! isset($archery_list)) {
$archery_list = array ();
}
$this->giislist = $giislist;
$this->emirslist = $emirslist;
$this->cert = $cert;
$this->archery_list = $archery_list;
}
// Finishes HTML header, starts document body
......
src/services/ldap-monitor/includes/settings.inc
View file @ 24c54c45
......@@ -38,21 +38,25 @@ array("host" => "index4.nordugrid.org",
// "vo" => "Germany")
);
// list of ARCHERY endpoints to query
$archery_list = array (
array (
"endpoint" => "grid.org.ua",
// TODO: add country grouping identifier if needed (something not sounds like VO :-))
)
);
// list of available EMIRs
/*
$emirslist = array(
array("schema" => "https",
"host" => "testbed-emi5.grid.upjs.sk",
"port" => "54321",
"base" => "mds-vo-name=NorduGrid,o=grid")
);
/*
* place of the certificate file
*
* Set up SSL connection to server that requires client certificate:
*
* To set up TLS connection to EMIR server client certificate is mandatory:
* Convert client certificate from *.pfx (pkcs12) into *.pem with openssl (if needed):
*
* > openssl pkcs12 -in keys.pfx -out keys.pem
*/
$cert = "/var/www/ldap-monitor-svn/includes/test.pem";
......
src/services/ldap-monitor/lang/en.inc
View file @ 24c54c45
......@@ -571,6 +571,10 @@ $message = array (
"128" => " while not being authorized",
"129" => "Can not get object data: error ",
"130" => " Monitor timeouts for EMIR: ",
"131" => " Monitor timeouts for ARCHERY depends on OS DNS resolver settings (In DNS cache we trust!)",
"132" => "Failed to query the following ARCHERY endpoint: ",
"133" => "Reached the recursive loop limit while querying ARCHERY endpoint: ",
"134" => "Unsupported ARCHERY endpoint type %s for endpoint URL %s",
// icon titles
"301" => "Refresh",
"302" => "Print",
......
src/services/ldap-monitor/loadmon.php
View file @ 24c54c45
......@@ -31,6 +31,7 @@ require_once('toreload.inc');
require_once('ldap_purge.inc');
require_once('recursive_giis_info.inc');
require_once('emirs_info.inc');
require_once('archery.inc');
require_once('postcode.inc');
require_once('cache.inc');
......@@ -58,6 +59,7 @@ $giislist = &$toppage->giislist;
$emirslist= &$toppage->emirslist;
$cert = &$toppage->cert;
$yazyk = &$toppage->language;
$archery_list = &$toppage->archery_list;
// Header table
......@@ -149,17 +151,24 @@ if ( !$tcont || $debug || $display != "all" ) { // Do LDAP search
if ($debug) dbgmsg("<b> ::: ".$errors["105"]."$showvo</b>");
}
if ( $display != "all" && !$showvo ) $filter = "(&".$filstr."(".$display."))";
// Top GIIS server: get all from the pre-defined list
$ngiis = count($giislist);
$ts1 = time();
//========================= GET CLUSTER LIST ============================
$gentries = recursive_giis_info($giislist,"cluster",$errors,$debug);
$gentries = emirs_info($emirslist,"cluster",$errors,$gentries,$debug,$cert);
$gentries = array();
// EGIIS
if ( ! empty($giislist) ) {
$ngiis = count($giislist);
$ts1 = time();
$gentries = recursive_giis_info($giislist,"cluster",$errors,$debug);
$ts2 = time();
if($debug) dbgmsg("<br><b>".$errors["106"].$ngiis." (".($ts2-$ts1).$errors["104"].")</b><br>");
}
// EMIR
if ( ! empty($emirslist)) $gentries = emirs_info($emirslist,"cluster",$errors,$gentries,$debug,$cert);
// ARCHERY
if ( ! empty($archery_list) ) $gentries = array_merge($gentries, archery_info($archery_list, $schema, $errors, $debug));
//=======================================================================
$ts2 = time(); if($debug) dbgmsg("<br><b>".$errors["106"].$ngiis." (".($ts2-$ts1).$errors["104"].")</b><br>");
$nc = count($gentries);
if ( !$nc ) {
......@@ -167,6 +176,11 @@ if ( !$tcont || $debug || $display != "all" ) { // Do LDAP search
$errno = "1";
echo "<br><font color=\"red\"><b>".$errors[$errno]."</b></font>\n";
return $errno;
} else {
if ( $debug == 2 ) {
dbgmsg("<div align=\"center\"><br><u>".$errors["119"]."cluster: ".$nc."</u><br></div>");
foreach ( $gentries as $num=>$val ) dbgmsg($val["host"].":".$val["base"]."<br>");
}
}
$dsarray = array ();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment