Eminyakeni emibili edlule ngase ngikwenzile kakade okuthunyelwe cishe . Manje kukhona ukuthuthukiswa kwephrojekthi, futhi ngiphinde ngashicilela ngaphansi , yingakho nginqume ukubhala lesi sibuyekezo esifushane ku-Habr.
[ ]
Kungaba nentshisekelo kubo
Lokhu kungase kukuthakazelise uma usebenza eqenjini elincane noma uwedwa. Awunakho ukuqapha futhi awunaso isiqiniseko sokuthi uyakudinga ngempela. Kungakhathaliseki ukuthi uzame ukuqapha okujulile okudumile "kubafana abakhulu", kodwa ngandlela-thile "akuzange kusuke" kuwe, noma kusebenza ngokulungiselelwa okuzenzakalelayo futhi akuzange kushintshe kakhulu impilo yakho. Futhi futhi - uma ungahleleli ukwaba isisebenzi sonke (noma ngisho umnyango) ukuthi sigade ideshibhodi yokuqapha okungenani amahora ambalwa ngosuku noma siyilungiselele.
Kungani okerr engavamile
Okulandelayo ngizobonisa izici ezithakazelisayo ze-okrra eziyehlukanisa kwezinye izinhlelo zokuqapha.
I-Okerr iyi-hybrid monitoring
Ngesikhathi sokuqapha kwangaphakathi, "i-ejenti" isebenza emishinini egadiwe, edlulisela idatha kuseva yokuqapha (isibonelo, isikhala sediski samahhala). Uma ingaphandle, iseva yenza ukuhlola kunethiwekhi (isibonelo, i-ping noma ukutholakala kwewebhusayithi). Indlela ngayinye inemikhawulo yayo. U-Okerr usebenzisa zombili izinketho. Ukuhlola ngaphakathi kwamaseva kwenziwa yi-ejenti elula kakhulu (30Kb) noma imibhalo yakho nezinhlelo zokusebenza, futhi ukuhlolwa kwenethiwekhi kwenziwa ngezinzwa ze-okrr emazweni ahlukene.
okerr akuyona nje isofthiwe, kodwa futhi isevisi
Ingxenye yeseva yanoma yikuphi ukuqapha inkulu futhi iyinkimbinkimbi, kunzima ukuyifaka nokulungisa, futhi idinga izinsiza. Nge-okrr ungakwazi ukufaka iseva yakho yokuqapha (imahhala futhi ivulekile), noma ungasebenzisa kuphela ingxenye yeklayenti futhi usebenzise isevisi yeseva yethu. Futhi mahhala.
Uma ukuqapha kukuvumela ukuthi unxephezele futhi uvale ukuntuleka kokwethembeka kumaseva nezinhlelo zokusebenza, khona-ke kuphakama umbuzo wefilosofi - ubani umlindi? Ukuqapha kuzositshela kanjani ngenkinga uma yona ngokwayo “ifile” ngesizathu esithile, ngokwehlukana noma kanye nezinye izinsiza zakho (isibonelo, isiteshi sesikhungo sedatha siwile)? Uma usebenzisa i-okerr yesevisi yangaphandle - le nkinga iyaxazululwa - uzothola isexwayiso noma ngabe yonke isikhungo sedatha esinamaseva akho singenawo amandla noma sihlaselwa ama-zombies.
Yiqiniso, kunengozi yokuthi iseva ye-okrr ngokwayo ngeke itholakale, lokhu kuyiqiniso (njengoba wazi, i-90% yokuthembeka ihlale itholakala kalula futhi "mahhala", 99% ngomzamo omncane, futhi isishiyagalolunye ngayinye elandelayo nzima kakhulu). Kodwa, okokuqala, amathuba okuba lokhu kwenzeke aphansi, futhi okwesibili, inkinga ingase ingabonakali kuphela uma ihambisana nezinkinga kumaseva ethu. Uma sinokwethenjwa okungu-99.9%, futhi uno-99.9% (hhayi izinombolo eziphakeme kakhulu), khona-ke ithuba lokwehluleka okungabonwa ngu-0.1% ka-0.1% = 0.0001%. Ukwengeza ama-nines amathathu ekuthembekeni kwakho cishe ngaphandle komzamo futhi ngaphandle kwezindleko kuhle kakhulu!
Enye inzuzo yokuqapha njengesevisi ukuthi umhlinzeki wokubamba noma isitudiyo sewebhu angafaka iseva ye-okr futhi anikeze ukufinyelela kumakhasimende njengesevisi eyengeziwe ekhokhelwayo noma yamahhala. Izimbangi zakho zinokubamba kanye namawebhusayithi, kodwa unokusingathwa okuthembekile ngokuqapha.
I-Okerr imayelana nezinkomba
Inkomba “iyisibani”. Inezifunda ezimbili eziyinhloko - oluhlaza (OK) noma obomvu (ERR). Iphrojekthi iqukethe izinkomba eziningi eziqoqwe (isibonelo, ngeseva). Ekhasini eliyinhloko lephrojekthi, ubona ngokushesha ukuthi konke kuluhlaza (futhi ungayivala), noma kukhona okukhanyayo okubomvu futhi kudinga ukulungiswa. Uma ushintsha phakathi kwalezi zifunda, isaziso siyathunyelwa. Kanye ngosuku ngenkathi uyimisa, kuthunyelwa isifinyezo sephrojekthi.
Inkomba ngayinye ye-okrr inezimo ezakhelwe ngaphakathi eshintsha ngazo isimo (ku-Zabbix lokhu kubizwa ngokuthi i-trigger). Isibonelo, isilinganiso sokulayisha akufanele sibe ngaphezu kuka-2 (Yebo, lokhu kuyalungiseka). Futhi ngesheke ngalinye langaphakathi (isilinganiso somthwalo, idiski mahhala, ...) kukhona i-watchdog. Uma ngesizathu esithile singakutholi ukuqinisekiswa okuyimpumelelo ngesikhathi esimisiwe, iphutha lilogwa futhi isaziso siyathunyelwa.
Iphethini yethu evamile yomsebenzi ukuhlola ama-imeyili ekuseni, futhi sibheke isifinyezo phakathi kwezinye izincwadi (siyasihlela ekuqaleni komsebenzi). Uma yonke into ilungile kuyo, senza ezinye izinto ezibalulekile (kodwa ukuze siphephe, singabheka ngokushesha ideshibhodi ye-okerra futhi siqiniseke ukuthi yonke into iluhlaza njengamanje). Uma isaziso sifika, siyasabela.
Yiqiniso, kungenzeka ukugcina izinkomba "zolwazi" (ukubona isithombe senethiwekhi ekuqaphelweni), kodwa konke kwenziwa ukuze kube lula, kalula futhi ngokushesha ukudala izinkomba eziqondiswe ukuqapha okuzenzakalelayo nokuthumela izaziso.
Inhloso oyibekela yona i-okrr isezixwayiso, ukuze ukwazi ukudala inkomba ngomzuzu, ingase "ilale" unyaka wonke, ivele yamukele izibuyekezo, futhi uma ngemva konyaka okuthile kuphuka, ikhanyisa futhi ithumele isixwayiso . Umzuzu owake wawusebenzisa udala inkomba ukhokhelwe; ufunde ngenkinga ngokushesha, ngaphambi kwanoma ubani omunye. Kungenzeka ukuthi balungise ngaphambi kokuba kuqalwe muntu. Into ephakanyiswa ngokushesha ayibhekwa njengewile!
Ukuphepha
Kungaba yihlazo uma umisa ukuqapha ngenjongo yokwandisa ukuthembeka, kodwa ngenxa yalokho, uhlaselwa inethiwekhi ngayo, futhi kukhona ubungozi obuningi benethiwekhi kumathuluzi okuqapha ahlukene (, ).
Umenzeli (okerrmod kusuka kuphakheji ) esebenza ohlelweni akuyona iseva yenethiwekhi, kodwa iklayenti. Ngakho-ke, awekho amachweba avulekile angeziwe kuseva egadiwe, iklayenti lisebenza kalula ngemuva kwe-firewall noma i-NAT futhi linzima kakhulu (ngingathi "akunakwenzeka") ukugebenga inethiwekhi, ngoba empeleni ayilaleli inethiwekhi. isisekelo.
Ukuqapha okugcwele
Manje umthetho wethu ukuthi sifunda ngazo zonke izinkinga zobuchwepheshe kusuka ku-okrr. Uma ngokuzumayo umthetho wephulwa (okerr akazange axwayise mayelana nokuvela kwayo okuseduze (uma lokhu kungenzeka) noma ukuthi sekuvele kwenzeka) - sengeza amasheke ku-okrr.
Ukuhlola kwangaphandle
Isethi ejwayelekile:
- ping
- Isimo se-http
- ukuhlola ukufaneleka nokusha kwesitifiketi se-SSL (kuzoxwayisa uma sesizophelelwa yisikhathi)
- vula imbobo ye-TCP nesibhengezo kuso
- http grep (ikhasi [akumele] libe nombhalo othile)
- sha1 hash ukuze ubambe izinguquko zekhasi.
- I-DNS (irekhodi le-DNS kufanele libe nenani elithile)
- I-WHOIS (izoxwayisa uma isizinda sesizohamba kabi)
- I-Antispam DNSBL (hlola umninikhaya ngokumelene nama-50+ ama-antispam avinjelwe ngesikhathi esisodwa)
Ukuhlola kwangaphakathi
Futhi, isethi evamile evamile (kodwa enwebeka kalula).
- df (isikhala sediski samahhala)
- isilinganiso sokulayisha
- opentcp (vula amasokhethi okulalela e-TCP - izokwazisa uma okuthile kuqalile noma kuphahlazekile)
- isikhathi sokuphumula - isikhathi sokuphumula kuseva. Izokwazisa uma ishintshile (okungukuthi, iseva ilayishe ngokweqile)
- client_ip
- i-dirsize - siyisebenzisela ukulandelela lapho i-rootfs yethu yomshini we-virtual idlula usayizi ovunyelwe, ngaphandle kokwethula imikhawulo eqinile, kanye nosayizi wezinkomba zasekhaya zabasebenzisi.
- engenalutho futhi engenalutho - qapha amafayela okufanele angabi nalutho (noma angabi nalutho). Isibonelo, ilogi yephutha yeseva ye-okrr ngokwayo kufanele ingabi nalutho, futhi uma kukhona ngisho nomugqa kuyo, ngizothola isaziso futhi ngisihlole. Kodwa i-mail.log kuseva yemeyili AKUMELE ingabi nalutho (imizuzu engu-N ngemva kokuzungezisa). Futhi ngezinye izikhathi ibingenalutho kithina ngemva kokubuyekezwa kwesistimu, lapho i-logrotate ingakwazi ukuqala kabusha i-rsyslog ngendlela efanele.
- linecount - inombolo yemigqa efayeleni (njenge-wc -l). Siyisebenzisa njengokushintsha okuthambile kokungenalutho, lapho ilogu yephutha isengakhula, kodwa kancane kancane (ngokwesibonelo, i-Googlebot ishaya amakhasi athile avaliwe). Kukhona umkhawulo wemigqa emi-2 emizuzwini engama-20. Uma ingaphezulu, kuzoba nesexwayiso
Ukuhlola kwangaphakathi okuthakazelisayo
Uma ngabe ufunda "diagonally" kuze kube manje, manje kuzoba mnandi kakhulu ukufunda ngokucophelela.
Ukusekela ngokulondoloza
Iqapha izipele ohlwini lwemibhalo. Amafayela ethu ayisipele anamagama afana ne-“ServerName-20200530.tar.gz”. Kuseva ngayinye ku-okrr, inkomba ye-ServerName-DATE.tar.gz iyakhiwa (usuku lwangempela lushintshela emugqeni othi “IDETHI”). Khona kanye ubukhona bekhophi yasenqolobaneni entsha kanye nosayizi wayo nakho kuyagadwa (isibonelo, angeke kube ngaphansi kwama-90% ekhophi yasenqolobaneni yangaphambilini).
Yini okudingeka yenziwe ukuze ikhophi yasenqolobaneni entsha iqale ukulandelelwa ngemva kokuba sesiqalile ukuyidala futhi siyifake kulolu hlu lwemibhalo? Lutho! Lena indlela elula kakhulu uma udinga "ungenzi lutho" ngoba:
- Ukwenza “lutho” kuyashesha kakhulu, konga isikhathi
- Kunzima ukukhohlwa ukwenza "lutho"
- Kunzima “ukwenza lutho” olungalungile, ngephutha. Ayikho indlela ethembeke kakhulu
Uma kungazelelwe amafayela ayisipele amasha ayeka ukuvela, kuzoba nesexwayiso. Uma, ngokwesibonelo, ukhubaze enye yeziphakeli, futhi akumele kusaba khona izipele, uzodinga ukususa inkomba (ngesixhumi esibonakalayo sewebhu noma kusuka kugobolondo nge-API).
maxfilesz
Ilandelela usayizi wamafayela amakhulu (ngokuvamile: /var/log/*). Lokhu kukuvumela ukuthi ubambe izinkinga ezingalindelekile, isibonelo, ukuphoqa amagama ayimfihlo noma ukuthumela ugaxekile ngeseva.
runstatus/runline
Lawa amamojula amabili abalulekile ommeleli wokusebenzisa ezinye izinhlelo kuseva. I-Runstatus ibika ikhodi yokuphuma yohlelo kusibonisi. Isibonelo, i-okrr (ayidingi) imojuli ukuze ihlole ukuthi izinsiza ze-systemd ziyasebenza yini. Lokhu kwenziwa nge-runstatus (bona ngezansi). I-Runline - ibika kuseva umugqa okhiqizwa uhlelo. Ngokwesibonelo, temp_RUN="cat /sys/class/thermal/thermal_zone0/temp" ku-Runline config kuseva yethu kwakha inkomba yegama leseva:izinga lokushisa elinezinga lokushisa lokucubungula.
i-sql
Isebenzisa umbuzo wezinombolo ku-MySQL futhi ibika umphumela kusibonisi. Esimweni esilula, ungenza, isibonelo, "KHETHA 1" - lokhu kuzohlola ukuthi i-DBMS iyonke iyasebenza.
Kodwa uhlelo lokusebenza oluthakazelisa kakhulu, ngokwesibonelo, ukulandelela inani lama-oda esitolo se-inthanethi. Uma wazi ukuthi unama-oda ayi-100 noma ngaphezulu ngehora, ungasetha umkhawulo omncane ube ngu-100 noma 80. Khona-ke uma ukuthengisa kwakho kwehla kungazelelwe, uzothola isexwayiso futhi ungasithola.
Qaphela ukuthi akunandaba ukuthi kungani lokhu kwenzeke ngenxa yesizathu esingalindelekile:
- Iseva ayitholakali (iphelelwe amandla noma ingenayo inethiwekhi), futhi isexwayiso sivela eqinisweni lokuthi inkomba "yayibolile".
- Iseva ilayishwe kakhulu ngokuthile, isebenza kancane noma amaphakethe ayalahleka, akulula kubasebenzisi futhi bahamba ngaphandle kokuthenga.
- Iseva ifakiwe ohlwini logaxekile futhi i-imeyili evela kuyo ayamukelwa, abasebenzisi abakwazi ukubhalisa
- Isabelomali somkhankaso wokukhangisa sesiphelile, izibhengezo aziphenduki.
Kungaba nenani lezizathu, futhi zonke azikwazi ukubonwa kusengaphambili, futhi kunzima ngokobuchwepheshe ukuzilandela. Kodwa ungakwazi ukuqapha kalula ipharamitha yokugcina (ama-oda) futhi unqume kubo ukuthi isimo siyasolisa futhi kufanele kubhekwane naso.
Izinkomba ezinengqondo
Ivumela ukusetshenziswa kwezinkulumo ze-Boolean (Python syntax) ngemojula (). Idatha evela kuphrojekthi kanye nezinkomba zayo ziyatholakala ukuze zichazwe. Isibonelo, esahlukweni mayelana nokuhlola kwe-SQL ngenhla, kungenzeka ukuthi uqaphele iphuzu elibuthakathaka - phakathi nosuku singaba nokuthengiswa kwe-100 ngehora, kodwa ebusuku - 20, futhi lokhu kuvamile, akuyona inkinga. Kumele ngenzeni? Inkomba izohlala ithukile ebusuku.
Ungakha izinkomba ezimbili, imini nobusuku. Yenza kokubili "kuthule" (ngeke bathumele izexwayiso). Futhi dala inkomba enengqondo edinga ukuthi inkomba yosuku ilunge ngaphambi kuka-20:00, futhi emva kuka-20:00 kwanele ukuthi inkomba yasebusuku ilungile.
Esinye isibonelo sokusebenzisa inkomba enengqondo yi ukukhuphuka. Isibonelo, umphathi wephrojekthi uyazikhipha ohlwini lwezaziso (akakho isidingo sokwenza lokhu, abaphathi kufanele baphendule ezinkingeni ezijwayelekile), kodwa ubhalisele inkomba enengqondo ephenduka ibe bomvu uma noma iyiphi inkomba kuphrojekthi ingalungiswa ngesikhathi esibekiwe.
Futhi, kungenzeka ukusetha isikhathi esivunyelwe sokusebenza, isibonelo, kusukela ngo-3 kuya ku-5 ekuseni. Asinandaba uma amaseva namasayithi aphahlazeka ngalesi sikhathi. Kodwa ngo-5:00 kufanele basebenze. Uma zingasebenzi nganoma yisiphi esinye isikhathi - qaphela. Inkomba enengqondo futhi ikuvumela ukuthi ucabangele ukuphindaphinda kweseva. Uma unamaseva ewebhu angu-5, lapho-ke abalawuli bangavala amaseva angu-1-2 nganoma yisiphi isikhathi. Kodwa uma kunamaseva angaphansi kwezi-3 kwezi-5 empini, kuzoba khona isexwayiso.
Izibonelo ezingenhla akuzona imisebenzi ye-oker, hhayi ezinye izici ezidinga ukwenziwa zisebenze futhi zilungiselelwe. I-Okerra ayinayo yonke le misebenzi, kodwa kukhona imojula enengqondo evumela ukuthi usebenzise lokhu kusebenza (Cishe njengolimi lokuhlela - uma sinama-opharetha wezibalo, asidingi umsebenzi okhethekile wokubala u-20% we-VAT kusukela olimini, ungazenzela ngokwakho ukuze kuhambisane nezidingo zakho).
I-Logic Indicator cishe ingesinye sezihloko ezimbalwa eziyinkimbinkimbi ku-okerr, kodwa izindaba ezinhle ukuthi asikho isidingo sokukwazi kahle kuze kube yilapho udinga. Kodwa ngesikhathi esifanayo, bakhulisa kakhulu amakhono, kuyilapho begcina uhlelo ngokwalo lulula.
Ungeza amasheke akho
Ngingathanda ngempela ukudlulisa umqondo wokuthi okerr akuyona isethi yezinkulungwane zamasheke esenziwe ngomumo azo zonke izikhathi, kodwa ngokuphambene - okokuqala - injini elula enekhono elilula lokuzenzela amasheke akho. Ukudala amasheke akho ku-okrr akuwona umsebenzi wabaduni, abathuthukisi besistimu, noma okungenani abasebenzisi be-okrr abathuthukile, kodwa kuwumsebenzi ongenzeka kunoma yimuphi umlawuli ofake i-Linux okokuqala ngqa enyangeni edlule.
Amasheke kumaholo amancane enziwa ngemojula :
Lo mugqa ku-config izokwazisa uma /bin/true kungazelelwe kungaqali noma kubuyise okuthile ngaphandle kuka-0.
true_OK=/bin/trueUmugqa owodwa nje - futhi lapha sesivele sikuncane kunwetshiwe ukusebenza okerr.
Ngisho nesheke elinjalo selivele linenani laso: uma ngokuzumayo iseva yakho iphahlazeka, inkomba ehambisanayo kuseva ye-okrr ngeke ibuyekezwe ngesikhathi esifanele, futhi ngemva kokuba isikhathi sesidlulile, kuzovela isaziso.
Lokhu kuhlola kuzokwazisa ukuthi iseva ye-apache2 iphahlazekile (kahle, ngeke wazi...):
apache_OK="systemctl is-active --quiet apache2"Ngakho-ke, uma ukhuluma noma yiluphi ulimi lokuhlela, futhi okungenani ungabhala imibhalo yegobolondo, usungakwazi kakade ukwengeza amasheke akho.
Kunzima kakhulu - ungabhala (nganoma yiluphi ulimi) imojula yakho ye-okermod. Esimweni esilula kubonakala kanje:
#!/usr/bin/python3
print("STATUS: OK")Akunzima kakhulu? Imojula kufanele izihlole yona futhi ikhiphe imiphumela ku-STDOUT. Imojula eyinkimbinkimbi kakhulu inikeza, isibonelo, lokhu:
$ okerrmod --dump df
NAME: pi:df-/
TAGS: df
METHOD: numerical|maxlim=90
DETAILS: 49.52%, 13.9G/28.2G used, 13.0G free
STATUS: 49.52
NAME: pi:df-/boot
TAGS: df
METHOD: numerical|maxlim=90
DETAILS: 84.32%, 53.1M/62.9M used, 9.9M free
STATUS: 84.32Ibuyekeza izinkomba eziningana ngesikhathi esisodwa (ihlukaniswe umugqa ongenalutho), idala uma kunesidingo, ikhombisa imininingwane yokuqinisekisa kanye nethegi okulula ngayo ukuthola izinkomba ezidingekayo kudeshibhodi.
yocingo
Kukhona i-Telegraph bot . Awudingi ukuhlanganisa ifoni yakho ngezinhlelo zokusebenza ezihlukene (angithandi ukuthi i-Pyaterochka udinga uhlelo lokusebenza olulodwa olunemephu, i-Lenta enye, i-MTS yesithathu, njalonjalo kuwo wonke umuntu, konke, konke). Ithelegramu eyodwa yanele. Nge-telegraph ungathola ngokushesha izexwayiso, uhlole isimo sephrojekthi futhi unikeze umyalo wokuphinda uhlole zonke izinkomba eziyinkinga. Sishiye ithiyetha/indiza, asizange sigcine umunwe wethu ekushayeni amahora amabili, savula ifoni, sacindezela inkinobho eyodwa ku-chatbot, futhi saqinisekisa ukuthi konke kuhamba kahle.
Amakhasi Wesimo
Kulezi zinsuku, amakhasi ezimo acishe abe nawo kunoma yiliphi ibhizinisi eline-IT, isimo sengqondo esinomthwalo wemfanelo ngokwethembeka futhi eliphatha amakhasimende/abasebenzisi balo ngenhlonipho.
Cabanga ngesimo - umsebenzisi ufuna ukwenza okuthile, abuke ulwazi noma afake i-oda, futhi okuthile kungasebenzi. Akazi ukuthi kwenzekani, inkinga ikubani futhi izoxazululeka nini. Mhlawumbe inkampani yakho imane inewebhusayithi engasebenzi? Noma yaphuka ezinyangeni eziyisithupha ezedlule futhi izolungiswa eminyakeni emibili? Kodwa udinga ukuthenga isiqandisi manje, sesivele sisenqoleni ... Futhi kuyindaba ehluke ngokuphelele lapho umuntu ebona ukuthi kukhona okungalungile ngawe (okungenani kuyacaca ukuthi inkinga ayikho ohlangothini lwakhe), ukuthi inkinga itholakele, ukuthi usuvele usebenza kuyo, futhi mhlawumbe ubhale phansi isikhathi esilinganiselwe sokulungisa. Umsebenzisi angabhalisa futhi athole isaziso se-imeyili uma inkinga isilungisiwe futhi angakwazi ukwenza abekufuna (ukuthenga isiqandisi).
Izinkinga nesikhathi sokuphumula kwenzeka kuwo wonke umuntu. Kodwa abasebenzisi kanye nozakwethu bathemba kakhulu labo abangafihli lutho futhi abanomthwalo wemfanelo endleleni yabo yokubhekana nalokhu.
Lapha . Nazi izibonelo zokuthi la makhasi ephrojekthi abukeka kanjani и . .
I-Failover
Ukuze singenzi lesi sihloko sibe side nakakhulu, ngizophinda ngibheke esihlokweni sami sangaphambilini - . Uma ungenza iseva eyimpinda, bese usebenzisa i-failover, ngokuyisisekelo ngeke ube nesikhathi eside sokuphumula - ngokushesha nje lapho inkinga itholwa, abasebenzisi bazoqondiswa kabusha ngokuzenzakalelayo kuseva eyisipele esebenzayo. Futhi kubonakala kimi ukuthi lesi isici esithakazelisa kakhulu, esikhanyayo esingavamile ukutholakala noma kuphi.
Izidingo zesistimu eziphansi
Kumaseva we-okrr, sisebenzisa imishini ene-RAM evela ku-2Gb. Ezinzwa zenethiwekhi, ngisho ne-512Mb yanele. Ingxenye yeklayenti ngokuvamile icishe ibe nguziro. (Isikhwama sePlastiki isisindo esingu-26 KB, kodwa sidinga i-Python3 namalabhulali ajwayelekile). Iklayenti liqala kuskripthi se-cron, ngakho-ke alinakho ukusetshenziswa kwememori okungapheli. Phakathi kwemishini esiyiqaphile, sinezinzwa (i-VPS eshibhe kakhulu ene-RAM engu-512Mb) kanye ne-Raspberry Pi. Kungenzeka ngisho ngaphandle kwengxenye yeklayenti ! (bona ngezansi)
Ukucabangela lokhu - okerr, mhlawumbe iningi mahhala uhlelo lokuqapha oluvela kwabatholakalayo, ngoba ngisho nokusebenzisa enye isistimu yomthombo ovulekile yamahhala njenge-Zabbix noma i-Nagios, udinga ukwaba izinsiza (iseva) kuyo, futhi lokhu sekuvele kuyimali. Ngaphezu kwalokho, okunye ukugcinwa kweseva kusadingeka. Nge-okrr, le ngxenye ingasuswa. Noma akudingekile ukuthi uyisuse futhi usebenzise iseva yakho, kuye ngokuthi yini oyithanda kakhulu.
I-API nokuhlanganiswa kusofthiwe yokuphathelene
Izakhiwo ezilula nezivulekile. okerr unomunye olula , okulula ukusebenza nayo. Udinga ukudala izinkomba eziyi-1000? Isikripthi segobolondo esisodwa semigqa emi-3-4 sizokwenza lokhu. Udinga ukulungisa kabusha izinkomba eziyi-1000? Kulula kakhulu futhi. Isibonelo, sifuna ukuhlola kabili zonke izitifiketi zethu ze-HTTPS kusuka kunzwa yesiRashiya:
#!/bin/sh
for indicator in `okerrclient --api-filter sslcert`
do
echo set location for $indicator
okerrclient --api-set location=ru retest=1 --name $indicator
doneUngabuyekeza inkomba usebenzisa imojuli yeklayenti lethu, noma ngaphandle kwayo, nge-curl.
# short and nice (using okerrupdate and config file)
$ okerrupdate MyIndicator OK
# only curl is enough!
$ curl -d 'textid=MyProject&name=MyIndicator&secret=MySecret&status=OK' https://bravo.okerr.com/Ungabuyekeza izinkomba ngokuqondile ohlelweni lwakho. Isibonelo, ukuthumela amasignali okushaya kwenhliziyo ukuze u-okrr azi ukuthi iyasebenza futhi iphakamisa i-alamu uma iphahlazeka noma iqhwa. By the way, okerr components do just that - okerr monitors itself, kanye nezinkinga cishe kunoma iyiphi imojuli izotholwa futhi ikhiqize isexwayiso mayelana nenkinga. (Futhi uma kwenzeka lokhu "cishe" - ahlolwe kusuka kwenye iseva)
Nansi ikhodi (eyenziwe lula) ku-telegraph bot yethu:
from okerrupdate import OkerrProject, OkerrExc
op = OkerrProject()
uptimei = op.indicator("{}:telebot_uptime".format(hostname))
...
uptimei.update('OK', 'pid: {} Uptime: {} cmds: {}'.format(
os.getpid(), dhms(uptime), commands_cnt))Kukhona umtapo wolwazi wokubuyekeza izinkomba ezinhlelweni zePython , kunoma yiziphi ezinye izilimi azikho imitapo yolwazi, kodwa ungashayela iskripthi se-okerrupdate noma wenze isicelo se-HTTP kuseva ye-okrr.
Indlela okerr isisiza ngayo
U-Okerr washintsha izimpilo zethu. Ngempela. Mhlawumbe olunye uhlelo lokuqapha lungenza okufanayo, kodwa ukusebenza no-okrr kulula futhi kulula kithi futhi lunayo yonke imisebenzi ebesiyidinga (sengeze lokho ebingenakho). Ngendlela, uma kukhona ezinye izici ezingekho, cela futhi ngizozengeza (angithembisi, kodwa ngifuna i-okrr ibe uhlelo olungcono kakhulu lokuqapha lwamaphrojekthi amancane aphakathi). Noma okungcono, yengeze ngokwakho - kulula.
Sakwazi ukuphila ngesimiso esithi “funda ngazo zonke izinkinga ku-kerra.” Uma ngokuzumayo kuvela inkinga esingazange sifunde ngayo ku-okrr, sengeza isheke ku-okrr. (kulokhu, ngokuthi “thina” ngiqonde thina njengabasebenzisi bohlelo, hhayi abathuthukisi ababambisene nabo). Ekuqaleni lokhu kwakuvamile, kodwa manje sekuyivelakancane kakhulu.
Ukuqapha
Nge-okrr siqapha amasayizi welogi kuwo wonke amaseva. Yebo, akunakwenzeka ukufunda ngokucabangisisa wonke umugqa welogi ngamehlo akho, kodwa ukumane ugade izinga lokukhula kunikeza okuningi. Ngalokhu, sithole ukuthunyelwa kogaxekile nokuseshwa kwephasiwedi okunamandla, futhi uma ezinye zezinhlelo zokusebenza “zihlanya,” kukhona okungabasebenzeli futhi bakuphinda kaningi (ngaso sonke isikhathi kwengeza imigqa embalwa kulogi. ).
Izitifiketi ze-SSL. Cishe ngokushesha ngemva kokwethulwa ikhasimende lethu laqala ukuhlinzeka ngezitifiketi ze-SSL zamahhala kumakhasimende alo (cishe inkulungwane yazo). Futhi kwaba isihogo nje sokuphatha! Iqiniso liwukuthi amasayithi "abukhoma", amaklayenti avame ukuwacela ukuthi enze okuthile, abahleli bayakwenza. Bangakwazi ukudlulisa ngokuphelele isayithi kwenye i-DocumentRoot, isibonelo. Noma engeza Bhala kabusha okungenamibandela ekucushweni kwe-virtualhost. Ngokwemvelo, emva kwalokhu, ukuvuselelwa okuzenzakalelayo kwezitifiketi kuphuka. Manje sesinabo bonke abasingathi be-SSL abangezwe ku-okrr ngokuzenzakalelayo ngezinye zezinsiza zethu eziwusizo ezivela kuphakheji . Ake sethule nje a2okerr.py — futhi uma amasayithi amasha amaningana evela kuseva, azovela ngokuzenzakalelayo ku-okerr. Uma ngokuzumayo ngesizathu esithile isitifiketi singavuselelwa, amasonto amathathu ngaphambi kokuba isitifiketi siphelelwe yisikhathi, sinolwazi, futhi sizothola ukuthi kungani singabuyekeziwe, inja enjalo. a2certbot.py kusukela kuphakheji efanayo - kuyasiza kakhulu nalokhu (ngokushesha ihlola izinkinga okungenzeka kakhulu - futhi ibhala lokho okuhloliwe kahle, futhi lapho kungenzeka khona inkinga).
Siqapha idethi yokuphelelwa yisikhathi yazo zonke izizinda zethu. Futhi zonke iziphakeli zethu zemeyili ezithumela imeyili nazo ziyahlolwa ngokumelene nezinhla ezivinjelwe ezihlukene ezingu-50+. (Futhi ngezinye izikhathi bawela kuzo). Kodwa-ke, bewazi ukuthi amaseva e-imeyili e-Google nawo avinjelwe? Ukuze sizihlole nje, sengeze i-mail-wr1-f54.google.com kumaseva agadiwe, futhi isesohlwini oluvinjelwe lwe-SORBS! (Lokhu kumayelana nenani elithi “anti-spammers”)
Izipele - Sengivele ngibhale ngenhla ukuthi kulula kangakanani ukuwaqapha nge-okrr. Kodwa siqapha kokubili izipele zakamuva kuseva yethu futhi (sisebenzisa insiza ehlukile esebenzisa i-okr) izipele esizilayisha ku-Amazon Glacier. Futhi, yebo, izinkinga zenzeka ngezikhathi ezithile. Akumangalisi ukuthi babebukele.
Sisebenzisa inkomba yokwenyuka. Ibonisa uma inkinga ethile ingalungiswanga isikhathi eside. Futhi mina ngokwami, lapho ngixazulula ezinye izinkinga, ngezinye izikhathi ngiyakwazi ukukhohlwa ngazo. Ukwenyuka kuyisikhumbuzo esihle, noma ngabe uziqaphile.
Sekukonke, ngikholelwa ukuthi izinga lomsebenzi wethu liye lenyuka ngohlelo lobukhulu. Cishe asikho isikhathi sokuphumula (noma iklayenti alinaso isikhathi sokukuqaphela. Vele shh!), kuyilapho inani lomsebenzi liye laba lincane futhi nezimo zokusebenza sezizolile. Sisuke emsebenzini ophuthumayo ngezimbobo zokunamathisela nge-tape ukuze sizole futhi silinganise umsebenzi, lapho izinkinga eziningi zibikezelwa kusengaphambili futhi kunesikhathi sokuzivimbela. Ngisho nezinkinga eziye zenzeka sekulula ukuzilungisa: okokuqala, sithola ngazo ngaphambi kokuba amaklayenti ethuke, futhi okwesibili, kuvame ukwenzeka ukuthi inkinga ihlobene nomsebenzi wakamuva (ngenkathi ngenza into eyodwa, ngephule enye) - ngakho-ke kuyashisa Kulula ngemikhondo ukubhekana nakho.
Kodwa kwakukhona elinye icala ...
Ubuwazi ukuthi ku-Debian 9 ethandwayo (Yelula) iphakheji edumile njenge-phpmyadmin namanje (izinyanga eziningi!) Isesimweni esisengozini? (). Lapho ubungozi buvela, sakumboza ngokushesha ngezindlela ezahlukene. Kodwa ngimise ukuqapha kwekhasi le-tracker yezokuphepha ku-okrr ukuze ngazi ukuthi isixazululo “esihle” sizophuma nini (ngesamba se-SHA1 sokuqukethwe). Inkomba yangithinta izikhathi eziningana, ikhasi lashintsha, kodwa njengoba ubona, namanje (kusukela ngoJanuwari 2019!) alibonisi ukuthi inkinga isixazululiwe. Mhlawumbe, ngendlela, othile uyazi ukuthi yini inkinga ukuthi iphakheji elibaluleke kangaka lisesengozini isikhathi esingaphezu konyaka?
Esinye isikhathi esimeni esifanayo: ngemva kokuba sengozini ku-SSH, bekudingeka ukubuyekeza wonke amaseva. Futhi uma usetha umsebenzi, udinga ukulawula ukwenziwa. (Abangaphansi bavame ukungaqondi, bakhohlwe, badideke, futhi benze amaphutha). Ngakho-ke, okokuqala sengeze isheke lenguqulo ye-SSH ku-okrr kuwo wonke amaseva, futhi ngokusebenzisa i-okrr senze isiqiniseko sokuthi izibuyekezo zikhishiwe kuwo wonke amaseva. (Kulula! Ngikhethe lolu hlobo lwenkomba, futhi ungabona ngokushesha ukuthi iyiphi iseva enayiphi inguqulo). Lapho siqiniseka ukuthi umsebenzi usuqediwe kuwo wonke amaseva, sasusa izinkomba.
Izikhathi ezimbalwa kwakunesimo lapho kuphakama inkinga ethile, bese izihambela yodwa. (mhlawumbe ujwayelene nawo wonke umuntu?). Ngesikhathi uqaphela, ngesikhathi uhlola-futhi akukho okufanele uhlole-yonke into isivele isebenza kahle. Kodwa-ke liyaphuka futhi. Lokhu kwenzeke, isibonelo, ngemikhiqizo esiyilayishe ku-Amazon Marketplace (MWS). Ngesinye isikhathi, i-inventory elayishiwe yayingalungile (inani elingalungile lezimpahla nezintengo ezingalungile). Sakuqonda. Kodwa ukuze uyithole, kwakubalulekile ukuthola ngenkinga ngokushesha. Ngeshwa, i-MWS, njengazo zonke izinsiza ze-Amazon, ihamba kancane, ngakho-ke bekuhlala kubambezeleka, kepha noma kunjalo, sakwazi ukuqonda okungenani ukuxhumana phakathi kwenkinga nemibhalo eyidalayo (senze isheke, sanamathela. ku-okr, futhi wayihlola ngokushesha ethola isexwayiso).
Ikesi elithakazelisayo lisanda kwengezwa eqoqweni ngumsingathi omkhulu futhi obizayo waseYurophu, osetshenziswa ikhasimende lethu. Kungazelelwe, ZONKE iziphakeli zethu zanyamalala ku-radar! Okokuqala, ikhasimende ngokwalo (ngokushesha kune-okerra!) laqaphela ukuthi isiza asebenza ngaso sasingavuli futhi lenza ithikithi ngayo. Kodwa akwehlanga isiza esisodwa, kodwa zonke! (Natasha, silahle konke!). Lapha u-Okerr waqala ukuthumela izinyawo ezinde ezisongayo nazo zonke izinkomba ezazikhanya kuye. Ukwethuka, ukwethuka, sigijima siyimibuthano (yini enye esingayenza?). Khona-ke konke kwaphakama. Kuvele ukuthi bekunokugcinwa okujwayelekile esikhungweni sedatha (kanye njalo eminyakeni eminingi) futhi, kunjalo, bekufanele sexwayiswe. Kodwa uhlobo oluthile lwenkinga lwenzeka kubo futhi abazange basixwayise. Yebo, ukuhlaselwa yinhliziyo okwengeziwe, ukuhlaselwa yinhliziyo kuyancipha. Kodwa ngemva kokubuyiselwa konke, udinga ukuhlola kabili konke! Angikwazi ukucabanga ukuthi ngizokwenza kanjani ngezandla zami. U-Okerr uhlole yonke into emizuzwini embalwa. Kuvele ukuthi amaseva amaningi abengatholakali okwesikhashana, kodwa ayasebenza. Abanye babethwele kanzima, kodwa baphinde basukuma njengoba bekufanele. Kukho konke ukulahlekelwa, silahlekelwe ama-backups amabili, okumele ngokusho komqhele ukuthi adalwe futhi alayishwe ngenkathi leli bhanana eligcwele liqhubeka. Angizange ngizihluphe nokuzidala, ngemva nje kosuku kwafika izexwayiso zokuthi konke kuhamba kahle, kwase kuvele izipele. Ngisithanda kakhulu lesi sibonelo ngoba u-okrr ubonakale ewusizo kakhulu esimweni ebesingakaze sicabange ngaso kusenesikhathi, kodwa lokho kuyinhloso yokuqapha - ukumelana nokungalindelekile.
Kuzinzwa ze-Okerr, sisebenzisa ukusingathwa okushibhile okungenzeka (lapho ikhwalithi nokuthembeka kungabalulekile, ziyaqinisekisana). Ngakho-ke, sisanda kuthola ukusingathwa okuhle kakhulu futhi okushibhile kakhulu, amabhentshimakhi ayamangalisa. Kodwa ... ngezinye izikhathi kuvela ukuthi ukuxhumeka okuphumayo okuvela emshinini we-virtual kwenziwa kusuka kwenye (i-IP engumakhelwane). Izimangaliso. Client_ip module nge ithola i-IP engalungile. Futhi kusukela kumalogi wesiphakeli wenkomba kuyacaca ukuthi isibuyekezo sibuye sivela kule IP engumakhelwane. Asibhekane nokwesekwa manje. Kuhle ukuthi sikuqaphele lokhu ngesikhathi sokuthula. Kodwa, isibonelo, kuvame ukwenzeka ukuthi ukufinyelela kunqunyelwe ngokohlu olumhlophe lwe-IP - futhi uma iseva ngezinye izikhathi icwayiza kanje isikhathi esifushane - ungazama ukubamba le nkinga isikhathi eside kakhulu.
Nokho, enye into - njengoba sikhuluma ngokusingathwa kwe-VPS - sihlala sisebenzisa ezingabizi (i-hetzner, ovh, scaleway). Ngiyithanda kakhulu kokubili ngokwezilinganiso nokuzinza. Futhi sisebenzisa i-Amazon EC2 ebiza kakhulu kwamanye amaphrojekthi. Ngakho, sibonga u-okrr, sinombono wethu onolwazi. Bawa bobabili. Futhi ngeke ngisho ukuthi phakathi nesikhathi eside sokubuka kwethu, ukusingathwa okushibhile okufana ne-hetzner kubonakale kuzinzile ngokuphawulekayo kune-EC2. Ngakho-ke, uma ungaboshiwe kwezinye izici ze-Amazon, kungani ukhokha ngaphezulu? 🙂
Yini okulandelayo?
Uma kulesi sigaba ngingakakusabisi u-Okerr okwamanje, zama! Ungaya ngqo kulesi sixhumanisi (Chofoza manje!) Kodwa khumbula ukuthi kune-akhawunti eyodwa kuphela yedemo yawo wonke umuntu, ngakho-ke uma wenza okuthile, omunye umuntu ku-akhawunti efanayo angase akuphazamise ngesikhathi esifanayo. Noma (okungcono) bhalisa ngesixhumanisi esiya ku - konke kulula, ngaphandle kwe-SMS. Uma ungathandi ukusebenzisa i-imeyili yakho yangempela, ungasebenzisa elahlwayo, njengomthumeli weposi (ngiyancoma ). Ama-akhawunti anjalo angase asuswe ngokuhamba kwesikhathi, kodwa azobe alungele ukuhlolwa.
Ngemuva kokubhaliswa, uzocelwa ukuthi uqeqeshelwe (wenze imisebenzi embalwa yokuqeqesha engenzima kakhulu). Imikhawulo yokuqala mincane kakhulu, kodwa ukuqeqeshwa noma iseva eyodwa yanele. Ngemva kokuqeda ukuqeqeshwa, imingcele (isibonelo, inombolo enkulu yezinkomba) izokwandiswa.
Kusukela kumadokhumenti - okokuqala ohlangothini lweseva nakuklayenti (). Kodwa uma kukhona okungacacile, bhala ukuze usekele (ku) okerr.com noma ushiye ithikithi - sizozama ukuxazulula yonke into ngokushesha.
Uma uyisebenzisa ngokungathí sina futhi le mikhawulo ekhuphukile ayanele, bhala usekele futhi sizoyandisa (mahhala).
Ungathanda ukufaka iseva ye-okrr kuseva yakho? Lapha . Sincoma ukuthi ufake emshinini we-virtual ohlanzekile, bese ungavele ukwenze ngombhalo wokufaka. Emshinini wakho obonakalayo - akukho mingcele :-). Nokho, futhi, uma kukhona okwenzekayo, siyohlala sizama ukusiza.
Sifuna ukuthi le phrojekthi iqale, ukuze umhlaba ube nokubonga okuthembekile kithi. Ngenxa yesofthiwe yamahhala kanye nezinsizakalo, umhlaba uye waba nobungane futhi uthuthuka ngamandla. Imithombo ingagcinwa ku-github yamahhala, ukuze uthole i-imeyili ungasebenzisa i-gmail yamahhala. Sisebenzisa mahhala ukuze uthole ukwesekwa. Kunoma yikuphi kwalokhu, awudingi ukukhokhela amaseva, awudingi ukulanda futhi ulungiselele, futhi awudingi ukuxazulula izinkinga ezihlukahlukene zokusebenza. Yonke iphrojekthi entsha, ithimba ngalinye ngokushesha linemeyili, amakhosombe kanye ne-CRM. Futhi konke lokhu kuyikhwalithi ephezulu kakhulu futhi mahhala futhi ngokushesha. Sifuna kube okufanayo ukuqapha - izinkampani ezincane kanye namaphrojekthi angasebenzisa okerr mahhala futhi ngisho esigabeni sokuzalwa nokukhula babe nokwethenjelwa omdala amaphrojekthi sina.
Source: www.habr.com