CN107707415B - SaltStack-based automatic monitoring and warning method for server configuration - Google Patents
SaltStack-based automatic monitoring and warning method for server configuration Download PDFInfo
- Publication number
- CN107707415B CN107707415B CN201711183370.3A CN201711183370A CN107707415B CN 107707415 B CN107707415 B CN 107707415B CN 201711183370 A CN201711183370 A CN 201711183370A CN 107707415 B CN107707415 B CN 107707415B
- Authority
- CN
- China
- Prior art keywords
- configuration
- change
- server
- saltstack
- content
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/42—Mailbox-related aspects, e.g. synchronisation of mailboxes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Debugging And Monitoring (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a SaltStack-based automatic monitoring and warning method for server configuration, which comprises the following steps: the managed server carries out periodic scheduling through a timing task scheduling tool and executes a SaltStack client command; the SaltStack client requests the SaltStack server, pulls the expected configuration, compares the expected configuration with the actual configuration file on the current server, and returns the json format difference result between the configuration on the current server and the expected configuration; configuring a difference analysis program to read the result; writing the judged change state and the contents of all the change files into a message queue; the configuration monitoring end maintains a configuration file list and information of a responsible person and a mailbox; configuring a monitoring end to read queue contents; and by changing the state value, if the content is changed, sending an alarm mail to the administrator for the client and the changed content. The invention solves the safety and reliability of the configuration file of the online server, and can timely monitor and alarm under the condition that the file is wrongly modified or tampered.
Description
Technical Field
The invention relates to the field of basic configuration and service configuration of each system on a server node, in particular to a SaltStack-based automatic monitoring and alarming method for server configuration.
Background
In order to ensure the normal operation of the server, it is necessary to manage and maintain the basic configuration files of each system, the configuration files of the service tools, the configuration files of the service codes, and the like of the server, so as to prevent the operation failure of the server or the problem of the service caused by the configuration error modification by an operator, and also prevent the server from being blacked and tampering the configuration files, and the like.
The traditional server configuration is mainly manually managed and maintained, and during deployment and subsequent maintenance, if configuration changes exist, the configuration needs to be manually modified from one server to another. Some server configuration management tools, such as SaltStack, have appeared in recent years, which predefine the configuration to be managed at the SlatStack server by writing a configuration template, and then compare the predefined expected configuration with the actual configuration of the online machine (client) by periodically and manually executing a command tool (salt-call command) provided by SaltStack, and do nothing if there is no difference; if the configuration of the machine is different from that of the on-line machine, the change content is output in the test mode.
Although server configuration management tools such as SaltStack exist at present, the core concern of the server configuration management tools is the management of the configuration, namely, the on-line actual configuration is updated to the expected configuration, and the batch update and maintenance are facilitated. For the configured monitoring and alarm block, no provision is made, and each time the check is required, an execution command needs to be manually operated, and then a result is waited to be returned; and the wrong configuration cannot be timely known and corrected, and even if the machine is blacked out, the file is tampered, newly added or deleted, and cannot be timely known.
SaltStack: the configuration management tool is a C/S structure configuration management tool, and the managed client can execute operations of client command (salt-call) installation of specified service, updating of specified configuration on the client server, display of changed content, comparison of hash values of files and the like by writing a configuration template in the server.
A timing task scheduling tool: reference may be made in particular to https:// zh.wikipedia.org/zh-hans/Cron for a tool for periodic execution of a given command, for example a Cron command tool.
Message queue: one end generates data to write into the message queue, and the other end consumes (reads) the data, so as to ensure the reliability and consistency of the data, such as Kafka tools, which can be referred to https:// zh.
json: a text markup language facilitates reading and using data by a program.
Disclosure of Invention
The technical problem to be solved by the invention is to provide an automatic monitoring and alarming method for the configuration of the server based on the SaltStack, which solves the safety and reliability of the configuration file of the online server and ensures that the file can be monitored and alarmed in time under the condition that the file is wrongly modified or tampered.
In order to solve the technical problems, the invention adopts the technical scheme that:
a SaltStack-based server configuration automatic monitoring and warning method comprises the following steps:
step 1: the managed server carries out periodic scheduling through a timing task scheduling tool and executes a SaltStack client command;
step 2: the SaltStack client requests the SaltStack server to pull the expected configuration, compares the expected configuration with the actual configuration file on the current server, and returns the json format difference result of the configuration and the expected configuration on the current server, wherein the result content is each configuration and the change content thereof;
and step 3: reading results through difference analysis, traversing each configuration item result, and judging whether the configuration file has change, wherein the value of the field name of change indicates the change content, if the change content is a null value, the change content is consistent with the expectation, otherwise, the change content is the difference of change;
and 4, step 4: writing the judged change state and the contents of all the change files into a message queue;
and 5: the configuration monitoring end maintains a configuration file list and information of a responsible person and a mailbox, if the system configuration is carried out, the responsible person is a system administrator, and if the service configuration is carried out, the responsible person is the system administrator and a corresponding service responsible person; a configuration monitoring end reads queue contents and obtains a change state value and change contents of a client;
step 6: by changing the state value, if the client side has no content change, the client side ignores the change; if the content is changed, sending an alarm mail to the administrator for the client and the changed content, and if the content is the service configuration, sending a mail alarm to a service responsible person;
and 7: if no data about the managed server is received in the message queue beyond the cycle time, the managed server is indicated to have a security risk, and an email is sent to an administrator for alarming.
Specifically, in step 1, the timing task scheduling tool is cron.
Compared with the prior art, the invention has the beneficial effects that:
1) if in step 6, a certain operation and maintenance person needs to modify a certain configuration file on the server a, but the operation is wrongly logged on the server B, which results in the wrong operation of the business service; at this time, the client analysis program can monitor, and finally the monitoring end is configured to send an alarm and know and repair the alarm at the first time.
2) If in step 6, the service is updated and upgraded, the configuration needs to be changed, and the operation and maintenance personnel operate a batch of servers on the line to update the configuration. After the updating is finished, attention can be paid to the alarm information, and if the alarm information is not available, the specified configuration of the server is changed correctly; otherwise, the updating is indicated to be problematic and needs to be processed in time.
3) As in step 6, server a is hacked and logged in by hacker, some service configuration and some program files are maliciously tampered, and the monitoring program can also discover that the files are tampered.
4) If the hacker finds out the periodic monitoring probe service and stops it to stop reporting, but finds out that the data of the server A is not received in the period exceeding the specified period at the configuration monitoring end, the server A is considered to have a problem, and the alarm can be given.
Drawings
FIG. 1 is a flow chart of a monitoring and warning method according to the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and specific embodiments. SaltStack already provides a very good configuration management, and the method of the invention adds a layer of configuration difference analysis checking program on top of the SaltStack layer; and acquiring the difference of the server configuration through the SaltStack, then configuring a difference analysis program to check the difference content, judging whether the difference exists, and if so, giving an alarm to an administrator and a service responsible person. The details are as follows:
1. the managed server (client) executes the SaltStack client command (salt-call) by periodically scheduling through a timed task scheduling tool (such as cron).
2. The SaltStack client requests the SaltStack server to pull the expected configuration, compares the expected configuration with the actual configuration file on the current server, and returns the json format difference result of the configuration on the current server and the expected configuration, wherein the result content is each configuration and the change content thereof.
3. And analyzing the reading result through difference, traversing each configuration item result, and judging whether the configuration file has change, wherein the value of the field name of change indicates the change content, if the change content is a null value, the change content is consistent with the expectation, and if not, the change content is the difference of the change.
For example, the core pseudocode fragments implemented by the python language are as follows:
4. the judged change status value (indicating whether the server has a change or not, and considering that there is a change if any one of the servers is configured) and the contents of all the changed files are written into a message queue (for example, kafka).
5. And the configuration monitoring end maintains a configuration file list and information of the responsible person and the mailbox, if the configuration is the system configuration, the responsible person is a system administrator, and if the configuration is the service configuration, the responsible person is the system administrator and the corresponding service responsible person. And the configuration monitoring end reads the queue content and acquires the change state value and the change content of the client.
6. By changing the state value, if the client side has no content change, the client side ignores the change; if the content is changed, sending an alarm mail to the administrator for the client and the changed content, and if the content is the service configuration, sending a mail alarm to a service responsible person.
7. If no data about the managed server is received in the message queue beyond the period time, the safety risk of the managed server is also indicated, the periodic task is possibly stopped by non-safety, and an alarm should be sent to an administrator.
Claims (2)
1. A SaltStack-based server configuration automatic monitoring and alarming method is characterized by comprising the following steps:
step 1: the managed server carries out periodic scheduling through a timing task scheduling tool and executes a SaltStack client command;
step 2: the SaltStack client requests the SaltStack server to pull the expected configuration, compares the expected configuration with the actual configuration file on the current server, and returns the json format difference result of the configuration and the expected configuration on the current server, wherein the result content is each configuration and the change content thereof;
and step 3: reading results through difference analysis, traversing each configuration item result, and judging whether the configuration file has change, wherein the value of the field name of change indicates the change content, if the change content is a null value, the change content is consistent with the expectation, otherwise, the change content is the difference of change;
and 4, step 4: writing the judged change state value and the contents of all the change files into a message queue;
and 5: the configuration monitoring end maintains a configuration file list and information of a responsible person and a mailbox, if the system configuration is carried out, the responsible person is a system administrator, and if the service configuration is carried out, the responsible person is the system administrator and a corresponding service responsible person; a configuration monitoring end reads queue contents and obtains a change state value and change contents of a client;
step 6: by changing the state value, if the client side has no content change, the client side ignores the change; if the content is changed, sending an alarm mail to a system administrator from the client and the changed content, and if the content is service configuration, sending a mail alarm to a service responsible person;
and 7: if no data about the managed server is received in the message queue beyond the cycle time, the managed server is indicated to have a security risk, and an email is sent to a system administrator for alarming.
2. The SaltStack-based server configuration automatic monitoring and warning method as claimed in claim 1, wherein in step 1, the timed task scheduling tool is cron.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711183370.3A CN107707415B (en) | 2017-11-23 | 2017-11-23 | SaltStack-based automatic monitoring and warning method for server configuration |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711183370.3A CN107707415B (en) | 2017-11-23 | 2017-11-23 | SaltStack-based automatic monitoring and warning method for server configuration |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107707415A CN107707415A (en) | 2018-02-16 |
CN107707415B true CN107707415B (en) | 2021-03-19 |
Family
ID=61185708
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711183370.3A Active CN107707415B (en) | 2017-11-23 | 2017-11-23 | SaltStack-based automatic monitoring and warning method for server configuration |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107707415B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109144607A (en) * | 2018-08-06 | 2019-01-04 | 成都知道创宇信息技术有限公司 | A kind of large-scale server automatic deployment and configuration method |
CN110162510A (en) * | 2019-04-26 | 2019-08-23 | 平安普惠企业管理有限公司 | Transcription comparison method, device, computer equipment and storage medium |
CN112579554A (en) * | 2019-09-29 | 2021-03-30 | 北京金山云网络技术有限公司 | Batch comparison method and device for server configuration files and electronic equipment |
CN112801516A (en) * | 2021-02-01 | 2021-05-14 | 天津五八到家货运服务有限公司 | Policy matching method, computer device, and storage medium |
CN114584600A (en) * | 2022-01-20 | 2022-06-03 | 国网青海省电力公司 | Data audit monitoring system |
CN115168137A (en) * | 2022-06-17 | 2022-10-11 | 北京结慧科技有限公司 | Monitoring method and system for timing task, computer equipment and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916839A (en) * | 2012-10-26 | 2013-02-06 | 南宁职业技术学院 | Automatic monitoring system for agricultural work in sugarhouse |
CN105553871A (en) * | 2015-12-15 | 2016-05-04 | 厦门贝启科技有限公司 | Method and system for remotely managing equipment parameters |
CN105681113A (en) * | 2016-03-29 | 2016-06-15 | 浪潮软件集团有限公司 | Automatic operation and maintenance method based on SaltStack |
WO2017053789A1 (en) * | 2015-09-24 | 2017-03-30 | Circadence Corporation | Mission-based, game-implemented cyber training system and method |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170270157A1 (en) * | 2016-03-21 | 2017-09-21 | Virtual Network Element, Inc. | TCP/IP Network Automation and Orchestration Tools |
-
2017
- 2017-11-23 CN CN201711183370.3A patent/CN107707415B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916839A (en) * | 2012-10-26 | 2013-02-06 | 南宁职业技术学院 | Automatic monitoring system for agricultural work in sugarhouse |
WO2017053789A1 (en) * | 2015-09-24 | 2017-03-30 | Circadence Corporation | Mission-based, game-implemented cyber training system and method |
CN105553871A (en) * | 2015-12-15 | 2016-05-04 | 厦门贝启科技有限公司 | Method and system for remotely managing equipment parameters |
CN105681113A (en) * | 2016-03-29 | 2016-06-15 | 浪潮软件集团有限公司 | Automatic operation and maintenance method based on SaltStack |
Non-Patent Citations (1)
Title |
---|
《基于Puppet 的自动化部署工具的设计与实现》;李小文 等;《软件》;20151231;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN107707415A (en) | 2018-02-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107707415B (en) | SaltStack-based automatic monitoring and warning method for server configuration | |
CN102937930B (en) | Application program monitoring system and method | |
US9542177B1 (en) | Peer configuration analysis and enforcement | |
CN108092836A (en) | The monitoring method and device of a kind of server | |
CN102624570A (en) | Monitoring system and method for detecting availability of web server | |
JP6160064B2 (en) | Application determination program, failure detection apparatus, and application determination method | |
CN100549975C (en) | Computer maintenance support system and analysis server | |
US20230039566A1 (en) | Automated system and method for detection and remediation of anomalies in robotic process automation environment | |
CN105404581A (en) | Database evaluation method and device | |
CN105141478A (en) | Method for monitoring state of sas card hard disk of linux server | |
US11897527B2 (en) | Automated positive train control event data extraction and analysis engine and method therefor | |
CN111181775B (en) | Integrated operation and maintenance management alarm method based on automatic host asset discovery | |
US9405657B2 (en) | Application architecture assessment system | |
CN106385343B (en) | Method and device for monitoring client under distributed system and distributed system | |
CN110832464A (en) | Application recovery from errors | |
CN111782481A (en) | Universal data interface monitoring system and monitoring method | |
CN110069382B (en) | Software monitoring method, server, terminal device, computer device and medium | |
WO2023200597A1 (en) | Automated positive train control event data extraction and analysis engine for performing root cause analysis of unstructured data | |
US20150186809A1 (en) | System and method for tracking ami assets | |
CN113242147B (en) | Automatic operation and maintenance deployment method, device, equipment and storage medium of multi-cloud environment | |
CN112035315A (en) | Webpage data monitoring method and device, computer equipment and storage medium | |
CN114490272A (en) | Data processing method and device, electronic equipment and computer readable storage medium | |
US11709480B2 (en) | System and method for automatic data classification for use with data collection system and process control system | |
CN112988439A (en) | Server fault discovery method and device, electronic equipment and storage medium | |
CN111444032A (en) | Computer system fault repairing method, system and equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP02 | Change in the address of a patent holder | ||
CP02 | Change in the address of a patent holder |
Address after: 9/F, Block C, No. 28 Tianfu Avenue North Section, Chengdu High tech Zone, China (Sichuan) Pilot Free Trade Zone, Chengdu City, Sichuan Province, 610000 Patentee after: CHENGDU KNOWNSEC INFORMATION TECHNOLOGY Co.,Ltd. Address before: 610000, 11th floor, building 2, No. 219, Tianfu Third Street, hi tech Zone, Chengdu, Sichuan Province Patentee before: CHENGDU KNOWNSEC INFORMATION TECHNOLOGY Co.,Ltd. |