ProHoster > Blog > Utongi > Mhedziso yeOkerr hybrid yekutarisa system

Mhedziso yeOkerr hybrid yekutarisa system

Makore maviri apfuura ndakatoita post Kukundikana kuri nyore kune webhusaiti pamusoro oker. Ikozvino pane imwe budiriro yeprojekiti, uye ini ndakaburitsawo okerr server side source code pasi vhura rezinesi, ndosaka ndakasarudza kunyora iyi pfupi ongororo paHabr.

Mhedziso yeOkerr hybrid yekutarisa system
[ full size ]

Kunaani angafarira

Izvi zvingave zvekufarira kwauri kana ukashanda muchikwata chidiki kana wega. Iwe hauna chekutarisa uye hauna chokwadi kana uchichida chaizvo. Pamwe iwe wakaedza yakakurumbira yakakomba yekutarisa "yevakomana vakuru", asi neimwe nzira "haina kubva" kwauri, kana inoshanda mune ingangoita yekumisikidza uye haina kuchinja hupenyu hwako zvakanyanya. Uye zvakare - kana iwe usingaronge kugovera mushandi wese (kana kunyangwe dhipatimendi) kuti atarise dashboard yekutarisa ingangoita maawa mashoma pazuva kana kuigadzirisa.

Sei okerr isingajairiki

Tevere ini ndicharatidza zvinonakidza maficha eiyo okera ayo anoisiyanisa kubva kune mamwe masystem ekutarisa.

Okerr ndeye hybrid yekutarisa

Munguva yekutarisa kwemukati, "mumiririri" ari kushanda pamichina inotariswa, iyo inotumira data kune yekutarisa server (semuenzaniso, yemahara disk nzvimbo). Kana iri kunze, sevha inoita cheki pamusoro petiweki (semuenzaniso, ping kana kuwanikwa kwewebhusaiti). Nzira imwe neimwe ine miganhu yayo. Okerr anoshandisa zvese zviri zviviri sarudzo. Cheki mukati mesevha dzinoitwa neakareruka kwazvo (30Kb) mumiriri kana yako pachako zvinyorwa uye maapplication, uye network cheki inoitwa kuburikidza ne okerr sensors munyika dzakasiyana.

oker haisi software chete, asiwo sevhisi

Iyo sevha chikamu chechero chekutarisa yakakura uye yakaoma, yakaoma kuisa nekugadzirisa, uye inoda zviwanikwa. Ne okerr unogona kuisa yako yekutarisa server (yemahara uye yakavhurika), kana iwe unogona kungoshandisa chete chikamu chemutengi uye kushandisa sevhisi yeserver yedu. Zvakare zvemahara.

Kana kutarisa kuchikubvumira kubhadhara uye kuvhara kushayikwa kwekuvimbika mumaseva nemashandisirwo, saka mubvunzo wehuzivi unomuka - murindi ndiani? Kuongorora kunozotiudza sei nezve dambudziko kana iro pacharo "rakafa" nekuda kwechimwe chikonzero, zvakasiyana kana pamwe chete nezvimwe zviwanikwa zvako (semuenzaniso, chiteshi che data data chakadonha)? Paunenge uchishandisa yekunze sevhisi oker - dambudziko iri rinogadziriswa - iwe unogashira yambiro kunyangwe iyo yese data data nemaseva ako isina simba kana kurwiswa neZombies.

Ehe, pane njodzi yekuti okerr server pachayo haizovepo, ichi ichokwadi (sekuziva kwamunoita, 90% yekuvimbika inogara ichiwanikwa zviri nyore uye "yemahara", 99% nekushoma kwekuedza, uye imwe neimwe inotevera mapfumbamwe ndeye exponentially yakaoma zvakanyanya). Asi, chekutanga, mikana yekuitika kweizvi yakaderera, uye chechipiri, dambudziko rinogona kuenda risingaonekwe chete kana rakabatana nezvinetso pamaseva edu. Kana tine 99.9% kuvimbika, uye iwe une 99.9% (kwete nhamba dzakanyanyisa), ipapo mukana wekukundikana kusingaoneki ndeye 0.1% ye 0.1% = 0.0001%. Kuwedzera matatu mapfumbamwe pakuvimbika kwako kanenge pasina kuedza uye pasina muripo zvakanaka kwazvo!

Imwe mukana wekutarisa sevhisi nderekuti mupi wekutambira kana webhu studio inogona kuisa okerr server uye nekupa mukana kune vatengi seyakabhadharwa kana yemahara yekuwedzera sevhisi. Vakwikwidzi vako vanongove nekutambira uye mawebhusaiti, asi iwe une yakavimbika yekutambira nekutarisa.

Okerr ndeye zviratidzo

Chiratidzo i "girobhu rechiedza". Iine matunhu makuru maviri - girini (OK) kana tsvuku (ERR). Iyo purojekiti ine akawanda akaunganidzwa (semuenzaniso, neserver) zviratidzo. Pa peji guru reprojekiti, iwe unobva waona kuti zvese zvakasvibira (uye iwe unogona kuvhara), kana chimwe chinhu chakavhenekerwa uye chinoda kugadziriswa. Pakufamba pakati penyika idzi, chenjedzo inotumirwa. Kamwe chete pazuva paunenge uchigadzira, pfupiso yeprojekiti inotumirwa.

Mhedziso yeOkerr hybrid yekutarisa system

Imwe neimwe okerr chiratidzo ine yakavakirwa-mukati mamiriro ayo inoshandura mamiriro (muZabbix iyi inonzi trigger). Semuenzaniso, chiyero chemutoro hachifanirwe kunge chinopfuura 2 (zvechokwadi, izvi zvinogadziriswa). Uye kune yega yega cheki chemukati (mutoro wepakati, dhisiki yemahara, ...) kune imbwa yekurinda. Kana nekuda kwechimwe chikonzero isu tisingagamuchire simbiso yakabudirira panguva yakatarwa, chikanganiso chinonyorwa uye yambiro inotumirwa.

Yedu yenguva dzose maitiro ekushanda ndeyekutarisa maemail mangwanani, uye tarisa pfupiso pakati pemamwe mabhii (tinoironga pakutanga kwebasa). Kana zvinhu zvose zvakanaka mazviri, tinoita zvimwe zvinhu zvinokosha (asi kuti tive vakachengeteka, tinogona kukurumidza kutarisa dashboard ye okerra uye tive nechokwadi chokuti zvinhu zvose zvakasvibirira panguva ino). Kana nyevero ikasvika, tinoita.

Ehe, zvinokwanisika kungochengeta "ruzivo" zviratidzo (kuona mufananidzo wetiweki kubva pakutarisa), asi zvese zvinoitwa nyore, nyore uye nekukurumidza kugadzira zviratidzo zvakanangana nekutarisa otomatiki uye kutumira zviziviso.

Chinangwa chauri kumisikidza okerr chiri muchenjedzo, kuitira kuti iwe ugone kugadzira chiratidzo muminiti, inogona "kurara" kwegore, kungogamuchira zvigadziriso, uye kana gore gare gare chimwe chinhu chaputsika, chinovhenekera uye chinotumira. chenjedzo . Iyo miniti yawakamboshandisa kugadzira chiratidzo yakabhadhara; iwe wakadzidza nezvedambudziko nekukurumidza, pamberi pemumwe munhu. Zvinogoneka kuti vakazvigadzirisa munhu asati azviona. Chinhu chinosimudzwa nokukurumidza hachinzi chakawa!

Chengetedzo

Zvingave zvinonyadzisa kana iwe ukamisa yekutarisisa nekuda kwekuwedzera kuvimbika, asi semhedzisiro, iwe unorwiswa pamusoro petiweki kuburikidza nazvo, uye kune kwakawanda kwekusagadzikana kwetiweki mumaturusi akasiyana ekutarisa (Zabbix, Nagios).

Mumiririri (okerrmod kubva pasuru okerruptdate) kushanda pane system haisi network server, asi mutengi. Naizvozvo, hapana mamwe madoko akavhurika pane inotariswa sevha, mutengi anoshanda nyore kuseri kwe firewall kana NAT uye yakaoma kwazvo (ndingati "hazvigoneke") kubira netiweki, sezvo musimboti isingateerere kunetiweki. socket.

Full monitoring coverage

Iye zvino mutemo wedu ndewekuti tinodzidza nezvese matambudziko ehunyanzvi kubva okerr. Kana kamwe-kamwe mutemo ukaputswa (okerr haana kunyevera nezve chiitiko chayo chiri pedyo (kana izvi zvichibvira) kana kuti zvakatoitika) - tinowedzera cheki kune okerr.

Macheki ekunze

Yakakwana seti:

  • ping
  • http mamiriro
  • kutarisa chokwadi uye kutsva kwechitupa cheSSL (chichanyevera kana chave kuda kupera)
  • vhura TCP chiteshi uye banner pairi
  • http grep (iyo peji [haifanire] kuve nemavara chaiwo)
  • sha1 hash kuitira kubata shanduko yepeji.
  • DNS (DNS rekodhi inofanira kuva nemutengo chaiwo)
  • WHOIS (inonyevera kana iyo domain yave kuda kuipa)
  • Antispam DNSBL (mutarisi tarisa pamusoro pe50+ antispam blacklists kamwechete)

Macheki emukati

Zvakare, yakaringana yakajairwa seti (asi inokwidziridzwa zviri nyore).

  • df (yemahara dhisiki nzvimbo)
  • load average
  • opentcp (vhura TCP zvigadziko zvekuteerera - inozivisa kana chimwe chinhu chatanga kana kupunzika)
  • uptime - ingori nguva pane server. Ichazivisa kana yachinja pasi (kureva kuti sevha yakawandisa)
  • client_ip
  • dirsize - isu tinoishandisa kuteedzera kana yedu chaiyo muchina midzi inodarika saizi yakabvumidzwa, pasina kuunza zvirambidzo zvakasimba, uye saizi yemadhairekitori emushandisi.
  • isina chinhu uye isina chinhu - tarisa mafaera anofanirwa kunge asina chinhu (kana asina chinhu). Semuenzaniso, iyo yekukanganisa log ye okerr server pachayo inofanira kunge isina chinhu, uye kana paine kunyange mutsara mairi, ini ndichagamuchira chiziviso uye ndochitarisa. Asi mail.log pane mail server haifanire kunge isina chinhu (N maminetsi mushure mekutenderera). Uye dzimwe nguva yaive isina chinhu kwatiri mushure mekugadzirisa system, apo logrotate yaisakwanisa kutangazve rsyslog nemazvo.
  • linecount - nhamba yemitsara mufaira (sewc -l). Isu tinoishandisa seyakapfava yekutsiva isina chinhu, kana irogi rekukanganisa richigona kukura, asi zvishoma nezvishoma (semuenzaniso, Googlebot inorova mamwe mapeji akavharwa). Pane muganhu wemitsara miviri mumaminitsi makumi maviri. Kana yakakwirira, pachava nechenjedzo

Inonakidza macheki emukati

Kana wanga uchiverenga "diagonally" kusvika panguva ino, zvino zvichava zvinonakidza kuverenga zvakanyanya.

backups

Monitors backups mudhairekitori. Mafaira edu ekuchengetedza ane mazita akaita se "ServerName-20200530.tar.gz". Kune yega yega sevha mu okerr, chinongedzo ServerName-DATE.tar.gz chinogadzirwa (zuva chairo rinochinja kumutsara "DATE"). Iko kuvapo chaiko kwe backup nyowani uye saizi yayo inotariswa zvakare (semuenzaniso, haigone kuve isingasviki 90% yeyakare backup).

Chii chinoda kuitwa kuti backup itsva itange kurondwa mushure mekunge tatanga kuigadzira nekuiisa mudhairekitori iri? Hapana! Iyi inzira iri nyore kana iwe uchifanira kuita "hapana" nekuti:

  • Kuita "hapana" kunokurumidza, kunochengetedza nguva
  • Zvakaoma kukanganwa kuita "hapana"
  • Zvakaoma kuita "hapana" chakaipa, nekukanganisa. Hapana chinhu chinonyanya kuvimbika nzira

Kana kamwe kamwe mafaera ekuchengetedza matsva akarega kuoneka, pachava nechenjedzo. Kana, semuenzaniso, iwe wakaremara imwe yemaseva, uye hapafanirwe kunge paine ma backups, iwe unozofanirwa kudzima chiratidzo (kuburikidza newebhu interface kana kubva kugoko kuburikidza neAPI).

maxfilesz

Inochengeta saizi yemafaira makuru (kazhinji: /var/log/*). Izvi zvinokubvumira kuti ubate matambudziko asingatarisirwi, semuenzaniso, brute force passwords kana kutumira spam kuburikidza neserver.

runstatus/runline

Aya ndiwo maviri akakosha proxy modules ekushandisa mamwe mapurogiramu pane server. Runtatus inoshuma iyo purogiramu yekubuda kodhi kune chiratidzo. Semuenzaniso, okerr haidi (inoda) module yekutarisa kuti systemd masevhisi ari kushanda. Izvi zvinoitwa kuburikidza runstatus (ona pazasi). Runline - inoshuma kune sevha mutsara unogadzirwa nechirongwa. Semuyenzaniso, temp_RUN="cat /sys/class/thermal/thermal_zone0/temp" mu Runline config pane yedu server inogadzira chiratidzo servername: temp ine tembiricha yekupisa.

sql

Inoita mubvunzo wenhamba kuMySQL uye inoshuma mhedzisiro kune chiratidzo. Muchiitiko chakareruka, unogona kuita, semuenzaniso, "SARUDZA 1" - izvi zvichatarisa kuti DBMS yese iri kushanda.

Asi iyo inonyanya kunakidza application ndeye, semuenzaniso, kuteedzera huwandu hweodha muchitoro chepamhepo. Kana iwe uchiziva kuti une 100 kana kupfuura maodha paawa, unogona kuseta diki muganhu kusvika 100 kana 80. Zvino kana kutengesa kwako kwakangoerekana kwadonha, iwe uchagamuchira yambiro uye iwe unogona kuzvifungidzira.

Ziva kuti hazvina basa nechikonzero chipi chisingafanofungidziki zvakaitika izvi:

  • Sevha haingowanikwi (de-energized kana isina network), uye yambiro yakabva pakuti chiratidzo "chakaora".
  • Sevha inoremerwa nechimwe chinhu, inoshanda zvishoma nezvishoma kana mapaketi akarasika, hazvina kunaka kune vashandisi uye vanoenda vasina kutenga.
  • Sevha inosanganisirwa muzvinyorwa zve spam uye tsamba kubva mairi haina kugamuchirwa, vashandisi havagone kunyoresa
  • Iyo bhajeti yemushandirapamwe wekushambadzira yapera, mabhenji haasi kutenderera.

Panogona kuve nechero nhamba yezvikonzero, uye zvese hazvigone kufanoona, uye zvine hungwaru zvakaoma kutevedzera. Asi iwe unogona nyore kutarisa iyo yekupedzisira parameter (mirairo) uye kuona kubva kwavari kuti mamiriro acho ari kufungidzira uye anofanirwa kugadziriswa.

Zviratidzo zvine musoro

Inobvumira kushandiswa kweBoolean kutaura (Python syntax) kuburikidza nemodule evalidate(nyaya yaHabrΓ©) Dhata kubva kupurojekiti uye zviratidzo zvayo zviripo zvekutaura. Somuenzaniso, muchitsauko pamusoro peSQL kutarisa pamusoro, iwe unogona kunge wakacherechedza pfungwa isina simba - masikati tinogona kuva nekutengesa kwe100 paawa, asi usiku - 20, uye izvi zvinowanzoitika, kwete dambudziko. Ndoita sei? Chiratidzo chichagara chichitya usiku.

Iwe unogona kugadzira zviratidzo zviviri, masikati neusiku. Ita kuti ese ari maviri "anyarare" (haazotumire chenjedzo). Uye gadzira chiratidzo chine musoro chinoda kuti chiratidzo chezuva ive OK pamberi pe20:00, uye mushure me20:00 zvakakwana kuti chiratidzo chehusiku ive OK.

Mumwe muenzaniso wekushandisa chiratidzo chine musoro kuwedzera. Semuenzaniso, maneja wepurojekiti anoregedza kubva kune zviziviso (haana chikonzero chekuita izvi, admins anofanira kupindura kune zvakajairika matambudziko), asi anonyorera kune inonzwisisika chiratidzo chinoshanduka chitsvuku kana chero chiratidzo mupurojekiti chisina kugadziriswa mukati menguva yakatarwa.

Uyewo, zvinokwanisika kuisa nguva yakabvumirwa yebasa, somuenzaniso, kubva pa3 kusvika ku5 am. Hatina basa kana maseva nemasaiti zvaparara panguva ino. Asi na5:00 vanofanira kushanda. Kana vasingashande pane imwe nguva - chenjerera. Iyo inonzwisisika chiratidzo zvakare inobvumidza iwe kuti utore muakaundi server redundancy. Kana iwe uine 5 maseva ewebhu, saka admins anogona kudzima 1-2 maseva chero nguva. Asi kana paine asingasviki 3 kubva ku5 maseva muhondo, pachava nekuchenjerera.

Mienzaniso iri pamusoro haisi oker mabasa, kwete mamwe maficha anoda kuvhurwa nekugadziriswa. Okerra haina mabasa ese aya, asi pane inonzwisisika module inobvumidza iwe kuita basa iri (Inenge senge mumutauro wechirongwa - kana isu tine masvomhu anoshanda, saka isu hatidi yakakosha basa rekuverenga 20% VAT. kubva mumutauro, unogona kuzviita iwe pachako kuti uenderane nezvido zvako).

Logic Indicator ingangove imwe yemisoro mishoma yakaoma kunzwisisa mu okerr, asi nhau dzakanaka ndedzekuti haufanirwe kuzvigona kusvika wazvida. Asi panguva imwecheteyo, ivo vanowedzera zvakanyanya kugona, vachichengeta iyo system pachayo iri nyore.

Kuwedzera macheki ako

Ndinoda chaizvo kuburitsa pfungwa yekuti okerr haisi seti yezviuru zvecheki dzakagadzirirwa nguva dzese, asi zvinopesana - chekutanga - injini iri nyore ine kugona nyore kugadzira yako macheki. Kugadzira yako macheki mu oker harisi basa revanobira, system co-vagadziri, kana vangangoita advanced okerr vashandisi, asi basa rinogoneka kune chero admin akaisa Linux kekutanga mwedzi wapfuura.

Cheki pamihoro mishoma inoitwa kuburikidza nemodule runstatus:

Uyu mutsetse mune config runstatus ichakuzivisa iwe kana /bin/chokwadi kamwe kamwe isingatange kana kudzorera chimwe chinhu kunze kwe0.

true_OK=/bin/true

Mutsetse mumwe chete - uye pano tatova zvishoma expanded functionality okerr.

Kunyange cheki yakadaro yatova neukoshi hwayo: kana kamwe-kamwe sevha yako ikaparara, chiratidzo chinowirirana pane okerr server hachizogadziriswi munguva yakakodzera, uye mushure mokunge nguva yapfuura, nyevero ichaonekwa.

Cheki iyi ichazivisa kuti apache2 server yadonha (zvakanaka, haumboziva ...):

apache_OK="systemctl is-active --quiet apache2"

Saka, kana iwe ukataura chero mutauro wechirongwa, uye unogona kunyora zvinyorwa zvehombodo, saka unogona kutowedzera yako cheki.

Zvakaoma - iwe unogona kunyora (mune chero mutauro) yako wega module ye okerrmod. Muzviitiko zviri nyore zvinoita seizvi:

#!/usr/bin/python3

print("STATUS: OK")

Hazvina kuoma here? Iyo module inofanirwa kuita cheki pachayo uye inoburitsa mhinduro kuSTDOUT. Imwe module yakaoma inopa, semuenzaniso, izvi:

$ okerrmod --dump df
NAME: pi:df-/
TAGS: df
METHOD: numerical|maxlim=90
DETAILS: 49.52%, 13.9G/28.2G used, 13.0G free
STATUS: 49.52

NAME: pi:df-/boot
TAGS: df
METHOD: numerical|maxlim=90
DETAILS: 84.32%, 53.1M/62.9M used, 9.9M free
STATUS: 84.32

Inogadzirisa zviratidzo zvakati wandei kamwechete (zvakaparadzaniswa nemutsara usina chinhu), inozvigadzira kana zvichidikanwa, inoratidza ruzivo rwekusimbisa uye tag iyo zviri nyore kuwana zviratidzo zvinodiwa mudhibhodhi.

teregiramu

Pane Telegraph bot @OkerrBot. Iwe haufanire kusanganisa foni yako neakasiyana maapplication (Ini handifarire izvo zvePyaterochka iwe unoda imwe application ine mepu, yeLenta imwe, yeMTS chetatu, zvichingodaro kune wese, munhu wese, wese). Teregiramu imwe yakakwana. Kuburikidza neteregiramu unogona kugashira zviziviso, tarisa mamiriro epurojekiti uye upe murairo wekutarisazve zviratidzo zvese zvinonetsa. Takabva kuimba yemitambo / ndege, hatina kuchengeta chigunwe chedu pamhepo kwemaawa maviri, takabatidza runhare, takadzvanya bhatani rimwe muchatbot, uye takaita chokwadi chekuti zvese zvakanaka.

Status Mapeji

Mazuva ano, mapeji emamiriro anenge anofanirwa kuve nechero bhizinesi rine IT, maitiro ane mutoro kune akavimbika uye anobata vatengi varo / vashandisi neruremekedzo.

Fungidzira mamiriro - mushandisi anoda kuita chimwe chinhu, kuona ruzivo kana kuisa odha, uye chimwe chinhu hachishande. Haazive zviri kuitika, dambudziko riri kudivi raani uye kuti richagadziriswa riini. Zvichida kambani yako inongova newebhusaiti isingashande? Kana kuti yakatyoka mwedzi mitanhatu yapfuura uye ichagadziriswa mumakore maviri? Asi iwe unoda kutenga firiji ikozvino, yatova mungoro ... Uye inyaya yakasiyana zvachose kana munhu achiona kuti chimwe chinhu chakaipa newe (zvishoma zviri pachena kuti dambudziko harisi parutivi rwake), kuti dambudziko rawanikwa, kuti uri kutoshanda pairi, uye pamwe wakatonyora pasi nguva yakatarwa yekururamisa. Mushandisi anogona kunyorera uye kugamuchira email chiziviso kana dambudziko ragadziriswa uye anogona kuita zvaaida (kutenga firiji).

Mhedziso yeOkerr hybrid yekutarisa system

Matambudziko uye nguva yekudzikira zvinoitika kune wese munhu. Asi vashandisi uye vadyidzani vanovimba zvakanyanya avo vari pachena uye vane mutoro mukuita kwavo kune izvi.

pano ongororo yemamwe mapurojekiti gumi anotendera iwe kugadzira mapeji emamiriro. Heino mienzaniso yekuti mapeji eprojekiti aya anotaridzika sei Python ΠΈ Dropbox. okerr mamiriro peji.

Failover

Kuti ndisaite kuti chinyorwa ichi chive chakareba, ndichataura zvakare kune yangu yapfuura chinyorwa - Kukundikana kuri nyore kune webhusaiti . Kana iwe uchigona kugadzira sevha yakadhindwa, wobva washandisa failover, hauzove nenguva yakareba yekudzikira - kana dambudziko rikangoonekwa, vashandisi vanozongoendeswa kune inoshanda backup server. Uye zvinoratidzika kwandiri kuti ichi chinhu chinonakidza, chinopenya chisingawanzo kuwanikwa chero kupi.

Low system zvinodiwa

Kune maseva okerr, tinoshandisa michina ine RAM kubva ku2Gb. Kune network sensors, kunyange 512Mb yakakwana. Chikamu chevatengi chinowanzoita zero. (Plasitiki bhegi okerruptdate inorema 26 KB, asi inoda Python3 nemaraibhurari akajairwa). Mutengi anomhanya kubva kune cron script, saka ine zero inopfuurira ndangariro kushandiswa. Pakati pemichina yatakaongorora, tine masensa (yakanyanya-yakachipa VPS ine 512Mb RAM) uye Raspberry Pi. Zvinogoneka kunyangwe pasina chikamu chemutengi tumira zvigadziriso kuburikidza ne curl! (ona pazasi)

Tichifunga izvi - okerr, pamwe vazhinji vakasununguka yekutarisa sisitimu kubva kune iripo, nekuti kunyangwe kushandisa imwe yemahara yakavhurika-sosi system seZabbix kana Nagios, unofanirwa kugovera zviwanikwa (server) kwairi, uye iyi yatova mari. Mukuwedzera, imwe server kuchengetedza ichiri kudiwa. Ne okerr, chikamu ichi chinogona kubviswa. Kana kuti haufanirwe kuibvisa uye kushandisa yako sevha, zvichienderana nezvaunoda zvakanyanya.

API uye kubatanidzwa mune proprietary software

Nyore uye yakavhurika zvivakwa. oker ine yakareruka API, iyo iri nyore kushanda nayo. Unoda kugadzira 1000 zviratidzo? Imwe shell script ye 3-4 mitsetse ichaita izvi. Unoda kugadzirisa zvakare 1000 zviratidzo? Zviri nyore zvakare. Semuenzaniso, isu tinoda kupeta-kutarisa ese edu eHTTPS zvitupa kubva kuRussia sensor:

#!/bin/sh

for indicator in `okerrclient --api-filter sslcert`
do
    echo set location for $indicator
    okerrclient --api-set location=ru retest=1 --name $indicator
done

Iwe unogona kugadzirisa chiratidzo uchishandisa yedu mutengi module, kunyangwe isina iyo, kuburikidza ne curl.

# short and nice (using okerrupdate and config file)
$ okerrupdate MyIndicator OK

# only curl is enough!
$ curl -d 'textid=MyProject&name=MyIndicator&secret=MySecret&status=OK' https://bravo.okerr.com/

Iwe unogona kugadzirisa zviratidzo zvakananga kubva purogiramu yako. Semuyenzaniso, kutumira masaini ekurohwa kwemoyo kuitira kuti oker azive kuti irikumhanya uye anosimudza alarm kana ikabondera kana kugwamba. Nenzira, okerr zvikamu zvinoita izvo chete - okerr inozvitarisisa pachayo, uye matambudziko munenge chero module anozoonekwa uye kugadzira yambiro nezve dambudziko. (Uye kana iri "inenge" - ivo vanotariswa kubva kune imwe sevha)

Heino kodhi (yakareruka) mune yedu telegraph bot:

from okerrupdate import OkerrProject, OkerrExc

op = OkerrProject()
uptimei = op.indicator("{}:telebot_uptime".format(hostname))
...
uptimei.update('OK', 'pid: {} Uptime: {} cmds: {}'.format(
        os.getpid(), dhms(uptime), commands_cnt))

Kune raibhurari yekuvandudza zviratidzo kubva kuPython zvirongwa okerruptdate, kune chero mimwe mitauro hapana maraibhurari, asi unogona kufonera okerrupdate script kana kuita chikumbiro cheHTTP kune okerr server.

Oker anotibatsira sei

Okerr akachinja hupenyu hwedu. Chokwadi. Zvichida imwe yekutarisa system inogona kuita zvimwe chete, asi kushanda ne oker kuri nyore uye kuri nyore kwatiri uye ine mabasa ese ataida (takawedzera zvaasina). Nenzira, kana paine zvimwe zvisipo, bvunza uye ini ndichazviwedzera (ini handivimbise, asi ndinoda oker ive yakanakisa yekutarisa sisitimu yemapurojekiti madiki-epakati). Kana zviri nani zvakadaro, wedzera iwe pachako - zviri nyore.

Takakwanisa kurarama maererano nenheyo yokuti β€œdzidza nezvezvinetso zvose kubva kukerra.” Kana kamwe kamwe dambudziko rikaitika kuti isu hatina kudzidza pamusoro kubva okerr, tinowedzera cheki kune okerr. (munyaya iyi, ne "isu" ndinoreva isu sevashandisi vehurongwa, kwete vanogadzira pamwe). Pakutanga izvi zvakanga zvakajairika, asi iye zvino zvave zvishoma.

Kuongorora

Kuburikidza ne okerr tinotarisisa saizi yelogi pane ese maseva. Izvo, hongu, hazvigoneke kuverenga nekufunga mutsara wega wega wegi nemeso ako, asi kungotarisa kukura kwekukura kunotopa zvakawanda. Kuburikidza neizvi, takawana kutumira kwespam uye kutsvaga kwekumanikidza password, uye kana mamwe maapplication "apenga," chimwe chinhu hachishande kwavari uye vanochidzokorora kakawanda (nguva yega yega vachiwedzera mitsetse yakati wandei kulogi. )

SSL zvitupa. Kunenge pakarepo mushure mekutanga LetsEncrypt mutengi wedu akatanga kupa emahara SSL zvitupa kune vatengi vayo (anenge chiuru chazvo). Uye zvakazongove gehena rekutonga! Ichokwadi ndechokuti nzvimbo "dzinogara", vatengi nguva nenguva vanovakumbira kuti vaite chimwe chinhu, vanogadzira purogiramu vanozviita. Ivo vanogona kuendesa zvakasununguka saiti kune imwe DocumentRoot, semuenzaniso. Kana wedzera isina magumo Nyorazve kune iyo virtualhost config. Nomuzvarirwo, mushure meizvi, iyo otomatiki kuvandudzwa kwezvitupa inoputsika. Iye zvino isu tine ese maSSL mauto akawedzerwa kune okerr otomatiki kuburikidza neimwe yezvishandiso zvedu zvinobatsira kubva pasuru a2conf. Ngatitangei chete a2okerr.py - uye kana akati wandei mawebhusaiti akaonekwa pane sevha, anozongobuda okerr. Kana kamwe kamwe nekuda kwechimwe chikonzero chitupa hachina kuvandudzwa, mavhiki matatu chitupa chisati chapera, isu tiri mukuziva, uye isu tichaona kuti nei isina kuvandudzwa, imbwa yakadaro. a2certbot.py kubva pasuru imwe chete - inobatsira zvikuru neizvi (inotarisa pakarepo matambudziko angangoitika - uye inonyora izvo zvakaongororwa zvakanaka, uye apo pane zvingangoitika dambudziko).

Isu tinotarisisa zuva rekupera kwemadomasi edu ese. Uye ese maseva edu etsamba anotumira tsamba anotariswawo achipesana ne50+ akasiyana mablacklist. (Uye dzimwe nguva vanowira mavari). Nenzira, wanga uchiziva here kuti maseva eGoogle mail akanyoreswawo? Kungozviongorora, takawedzera mail-wr1-f54.google.com kumasevha akatariswa, uye ichiri paSORBS blacklist! (Izvi ndezve kukosha kwe "anti-spammers")

Backups - Ndakatonyora pamusoro kuti zviri nyore sei kuvatarisa ne okerr. Asi isu tinotarisisa ese achangoburwa backups pane yedu server uye (tichishandisa yakaparadzana utility inoshandisa oker) iyo backups yatinoisa kuAmazon Glacier. Uye, hongu, matambudziko anoitika nguva nenguva. Hameno zvavaiona.

Isu tinoshandisa chiratidzo chekuwedzera. Zvinoratidza kana rimwe dambudziko risati ragadziriswa kwenguva yakareba. Uye ini pachangu, pandinogadzirisa mamwe matambudziko, dzimwe nguva ndinogona kukanganwa nezvazvo. Kukwidziridza chiyeuchidzo chakanaka, kunyangwe iwe uri kuzviongorora iwe pachako.

Pakazara, ndinotenda kuti kunaka kwebasa redu kwakawedzera nekurongeka kwehukuru. Pane inenge isina nguva yekuderera (kana mutengi haana nguva yekuzviona. Just shh!), Nepo huwandu hwebasa hwave hudiki uye mamiriro ekushanda akadzikama. Isu takatama kubva kubasa rekukurumidzira nemakomba ekuvhara ne tepi kuti tidzikame uye kuyerwa basa, apo matambudziko mazhinji anofanotaurwa uye paine nguva yekuadzivirira. Kunyangwe matambudziko akaitika zvakare ave nyore kugadzirisa: chekutanga, tinoona nezvavo vatengi vasati vavhunduka, uye chechipiri, zvinowanzoitika kuti dambudziko rine chekuita nebasa razvino (pandakaita chimwe chinhu, ndakatyora chimwe) - saka inopisa Zviri nyore kune zviteshi kubata nazvo.

Asi pane imwe nyaya ...

Wakanga uchiziva here kuti mune yakakurumbira Debian 9 (Tambanudza) yakakurumbira package yakadai sephpmyadmin ichiri (kwemwedzi yakawanda!) (CVE-2019-6798) Apo kusagadzikana kwakabuda, takakurumidza kuifukidza nenzira dzakasiyana. Asi ini ndakamisikidza yekutarisa-yekuchengetedza-tracker peji mu okerr kuti ndizive kuti mhinduro "yakanaka" ichabuda riini (kuburikidza neSHA1 sum yezvirimo). Chiratidzo chakanditenderedza kakawanda, peji rakachinja, asi sezvauri kuona, richiri (kubva muna Ndira 2019!) Zvichida, nenzira, mumwe munhu anoziva kuti dambudziko nderei kuti pasuru yakakosha zvakadaro ichiri kunetseka kweanopfuura gore?

Imwe nguva mumamiriro akafanana: mushure mekusagadzikana muSSH, zvaive zvakafanira kugadzirisa ese maseva. Uye kana iwe ukaisa basa, iwe unofanirwa kudzora kuurayiwa. (Vatungamiriri vanowanzotadza kunzwisisa, kukanganwa, kuvhiringidzika, uye kukanganisa). Naizvozvo, chekutanga takawedzera SSH vhezheni cheki kune okerr pamaseva ese, uye kuburikidza neokr takava nechokwadi chekuti zvigadziriso zvakaburitswa pamaseva ese. (Zvakanaka! Ndakasarudza rudzi urwu rwechiratidzo, uye iwe unogona kuona pakarepo kuti ndeipi server ine shanduro ipi). Pataive nechokwadi chekuti basa rakapedzwa pamaseva ese, takabvisa zviratidzo.

Dzimwe nguva paive nemamiriro ezvinhu apo rimwe dambudziko rinomuka, uye rinobva raenda roga. (zvichida inozivikanwa kune wese?). Nenguva yaunoona, nenguva yaunotarisa-uye hapana chekutarisa-zvese zviri kutoshanda nemazvo. Asi zvino inotsemuka zvakare. Isu takaita kuti izvi zviitike, semuenzaniso, nezvigadzirwa zvatakarodha kuAmazon Marketplace (MWS). Pane imwe nguva, iyo yakatakurwa inventory yakanga isiriyo (zvisizvo uwandu hwezvinhu nemitengo isiriyo). Takazvinzwisisa. Asi kuti uzvinzwisise, zvakakosha kuti uzive nezvedambudziko nekukurumidza. Nehurombo, MWS, senge ese maAmazon masevhisi, inononoka zvishoma, saka kwaigara kuine lag, asi zvakadaro, takakwanisa kunyatsonzwisisa kubatana pakati pedambudziko uye zvinyorwa zvinokonzeresa (takaita cheki, takamira. iyo kune oker, ndokuitarisa pakarepo ichigamuchira yambiro).

Nyaya inonakidza ichangobva kuwedzerwa kuunganidzwa nehove huru uye inodhura yeEurope hoster, iyo inoshandiswa nemutengi wedu. Kamwe kamwe, ese maseva edu akanyangarika kubva pa radar! Kutanga, mutengi pachake (nokukurumidza kupfuura okerra!) akaona kuti nzvimbo yaaishanda nayo yakanga isiri kuvhura uye akaita tikiti pamusoro payo. Asi kwete saiti imwe chete yakadzikira, asi ese! (Natasha, takasiya zvese!). Apa Okerr akatanga kutumira makumbo marefu anemaindicators aimuvheneka. Kuvhunduka, kutya, tinomhanya mumatenderedzwa (chii chimwe chatingaite?). Ipapo zvinhu zvose zvakasimuka. Zvakazoitika kuti pakanga paine kugadzirisa kwechinyakare munzvimbo yedata (kamwe chete makore mazhinji) uye, hongu, isu taifanira kunge takanyeverwa. Asi imwe mhando yedambudziko yakaitika kwavari uye havana kutinyevera. Zvakanaka, kurova kwemoyo kwakawanda, kuderera kwemoyo. Asi mushure mekunge zvese zvadzoreredzwa, unofanirwa kuongorora kaviri zvese! Handigoni kufungidzira kuti ndaizozviita sei nemaoko angu. Okerr akaedza zvese mumaminetsi mashoma. Zvakazoitika kuti mazhinji emaseva aive asiri kuwanikwa kwenguva pfupi, asi akashanda. Vamwe vakaremerwa, asi vakasimukawo sezvavaifanira kuita. Pakati pezvose zvakarasikirwa, takarasikirwa nemabhakiti maviri, ayo maererano nekorona aifanira kunge akasikwa uye akatakurwa apo iyi bhanana yakazara ichienderera mberi. Handina kana kumbozvinetsa kuvagadzira, kwangopera zuva ziviso dzakasvika dzekuti zvese zvaive zvakanaka, ma backups akange aoneka. Ini ndinonyatsoda uyu muenzaniso nekuti oker akave anobatsira zvakanyanya mumamiriro ezvinhu atisina kumbofunga nezvazvo, asi ndicho chinangwa chekutarisa - kuramba zvisingatarisirwi.

Kune Okerr sensors, isu tinoshandisa yakachipa inokwanisika yekutambira (apo mhando uye kuvimbika zvisina kukosha, ivo vanochengetana). Saka, isu munguva pfupi yapfuura takawana yakanaka kwazvo yekutambira uye yakanyanya kudhura, mabhenji anoshamisa. Asi ... dzimwe nguva zvinoshanduka kuti kubuda kwekubatanidza kubva kumashini chaiwo kunogadzirwa kubva kune imwe (muvakidzani) IP. Zvishamiso. Client_ip module ine https://diagnostic.opendns.com/myip inowana IP isiriyo. Uye kubva kuseva matanda echiratidzo zviri pachena kuti iyo yekuvandudza zvakare yakabva kune iyi yakavakidzana IP. Ngatibatane nerutsigiro izvozvi. Zvakanaka kuti takazviona munguva yerunyararo. Asi, semuenzaniso, zvinowanzoitika kuti kuwanikwa kunonyoreswa zvinoenderana neiyo IP chena runyorwa - uye kana sevha dzimwe nguva ichibwaira seizvi kwenguva pfupi - unogona kuedza kubata dambudziko iri kwenguva yakareba.

Zvakanaka, chimwe chinhu - sezvo tiri kutaura nezveVPS kubata - tinogara tichishandisa zvisingadhuri (hetzner, ovh, scaleway). Ndinonyatsozvifarira zvese maererano nemabhenji uye kugadzikana. Isu tinoshandisa zvakare inodhura zvakanyanya Amazon EC2 kune mamwe mapurojekiti. Saka, tinotenda okerr, tine maonero edu pachedu. Vanowa vari vaviri. Uye handingatauri kuti mukati menguva refu yekutarisa kwedu, zvakachipa kutambira senge hetzner zvakazove zvisinganyanyi kugadzikana pane EC2. Naizvozvo, kana iwe usina kusungirirwa kune mamwe maAmazon maficha, sei uchibhadhara zvakanyanya? πŸ™‚

Chii chinotevera?

Kana panguva ino ini ndisati ndakuvhundutsa kubva kuOkerr, edza! Unogona kuenda zvakananga kune iyi link okerr demo account (Tinya ikozvino!) Asi ramba uchifunga kuti pane imwe chete demo account yemunhu wese, saka kana iwe ukaita chimwe chinhu, mumwe munhu muakaundi imwechete anogona kukukanganisa panguva imwe chete. Kana (zvirinani) rejista kuburikidza neiyi link kune offsite okerr - zvese zviri nyore, pasina SMS. Kana iwe usingade kushandisa yako email chaiyo, unogona kushandisa inoraswa, senge mailinator (ini ndinokurudzira getnada.com) Maakaunti akadaro anogona kudzimwa nekufamba kwenguva, asi anozove akanaka pakuyedzwa.

Mushure mekunyoresa, iwe unozokumbirwa kuti udzidziswe (ita akati wandei asina kuoma zvakanyanya mabasa ekudzidzisa). Miganho yekutanga idiki kwazvo, asi yekudzidziswa kana sevha imwe inokwana. Mushure mekupedza kudzidziswa, miganhu (somuenzaniso, iyo yakawanda nhamba yezviratidzo) ichawedzerwa.

Kubva pane zvinyorwa - kutanga kune zvose WIKI padivi reseva uye pamutengi (okerruptdate wiki) Asi kana chimwe chinhu chisina kujeka, nyora kuti utsigire (pa) okerr.com kana kusiya tikiti - tichaedza kugadzirisa zvinhu zvose nokukurumidza.

Kana iwe ukaishandisa zvakakomba uye iyi yakawedzera miganhu haina kukwana, nyora kuti utsigire uye isu tichaiwedzera (yemahara).

Unoda kuisa okerr server pane yako server? Here okerr-dev repository. Isu tinokurudzira kuisa pamushini wakachena chaiwo, ipapo unogona kungozviita nekuisa script. Pamuchina wako chaiwo - hapana zvirambidzo :-). Zvakanaka, zvakare, kana chero chinhu chikaitika, isu tichagara tichiedza kubatsira.

Tinoda kuti chirongwa ichi chitange, kuitira kuti nyika ive yakavimbika zvikuru nekuda kwedu. Nekuda kwemahara software nemasevhisi, nyika yave hushamwari uye iri kukura zvine simba. Zvinyorwa zvinogona kuchengetwa mumahara github, kune tsamba unogona kushandisa yemahara gmail. Isu tinoshandisa mahara newworks nokuda kwekutsigirwa. Kune chero cheizvi, haufanire kubhadhara maseva, haufanire kurodha nekugadzirisa, uye haufanire kugadzirisa matambudziko akasiyana ekushanda. Yese purojekiti nyowani, timu yega yega ine tsamba, repositori uye CRM. Uye izvi zvese zvakanyanya zvemhando yepamusoro uye zvemahara uye nekukurumidza. Tinoda kuti ive yakafanana yekutarisa - makambani madiki nemapurojekiti anogona kushandisa oker mahara uye kunyangwe padanho rekuzvarwa nekukura vane kuvimbika kwevakuru mapurojekiti akakomba.

Source: www.habr.com