def validSource(self) -> bool:
try:
return net.ipInNetwork(self._request.ip, GlobalConfig.ADMIN_TRUSTED_SOURCES.get(True))
except Exception as e:
logger.warning('Error checking truted ADMIN source: "%s" does not seems to be a valid network string. Using Unrestricted access.', GlobalConfig.ADMIN_TRUSTED_SOURCES.get())
return True
def _wrapped_view(request, *args, **kwargs):
"""
Wrapped function for decorator
"""
from uds.core.util import net
if net.ipInNetwork(request.ip, GlobalConfig.TRUSTED_SOURCES.get(True)) is False:
return HttpResponseForbidden()
return view_func(request, *args, **kwargs)
def _wrapped_view(request: HttpRequest, *args, **kwargs) -> RT:
"""
Wrapped function for decorator
"""
from uds.core.util import net
if net.ipInNetwork(request.ip, GlobalConfig.TRUSTED_SOURCES.get(True)) is False:
return HttpResponseForbidden()
return view_func(request, *args, **kwargs)
def getGroups(self, username, groupsManager: GroupsManager):
# these groups are a bit special. They are in fact ip-ranges, and we must check that the ip is in betwen
# The ranges are stored in group names
for g in groupsManager.getGroupsNames():
try:
if net.ipInNetwork(username, g):
groupsManager.validate(g)
except Exception as e:
logger.error('Invalid network for IP auth: %s', e)
def getGroups(self, ip, groupsManager):
# these groups are a bit special. They are in fact ip-ranges, and we must check that the ip is in betwen
# The ranges are stored in group names
for g in groupsManager.getGroupsNames():
try:
if net.ipInNetwork(ip, g):
groupsManager.validate(g)
except Exception as e:
logger.error('Invalid network for IP auth: {0}'.format(six.text_type(e)))
def _wrapped_view(request: HttpRequest, *args, **kwargs) -> RT:
"""
Wrapped function for decorator
"""
try:
if net.ipInNetwork(
request.ip,
GlobalConfig.TRUSTED_SOURCES.get(True)) is False:
return HttpResponseForbidden()
except Exception as e:
logger.warning(
'Error checking trusted source: "%s" does not seems to be a valid network string. Using Unrestricted access.',
GlobalConfig.TRUSTED_SOURCES.get())
return view_func(request, *args, **kwargs)
def wolURL(self, ip: str, mac: str) -> str:
"""Tries to get WOL server for indicated IP
Args:
ip (str): ip of target machine
Returns:
str: URL of WOL server or empty ('') if no server for the ip is found
"""
if not self.config.value or not ip or not mac:
return ''
# If ip is in fact a hostname...
if not net.ipToLong(ip):
# Try to resolve name...
try:
res = dns.resolver.resolve(ip)
ip = res[0].address
except Exception:
self.doLog(log.WARN, f'Name {ip} could not be resolved')
logger.warning('Name %s could not be resolved', ip)
return ''
url = ''
try:
config = configparser.ConfigParser()
config.read_string(self.config.value)
for key in config['wol']:
if net.ipInNetwork(ip, key):
return (config['wol'][key].replace('{MAC}', mac).replace(
'{IP}', ip))
except Exception as e:
logger.error('Error parsing advanced configuration: %s', e)
return ''
def isTrustedSource(ip: str) -> bool:
return net.ipInNetwork(ip, GlobalConfig.TRUSTED_SOURCES.get(True))
def prometheus_metrics(request: HttpRequest) -> HttpResponse:
'''
response with openuds metrics for:
A. authenticators
B. providers
C. provider services
D. service pools
'''
# manual ip check instead of auth.trustedSourceRequired decorator
if len(ALLOWED_IPS) and not net.ipInNetwork(request.ip, ALLOWED_IPS):
return HttpResponseForbidden()
if request.method == 'POST':
return HttpResponseNotAllowed(['GET'])
start_time = time.time()
response = ''
# A. authenticators
# names prefix: openuds_auth_
for auth in Authenticator.objects.all():
auth_name = map_name(auth.uuid, auth.name)
response += '# HELP openuds_auth_users_total Total number of users.\n'
response += '# TYPE openuds_auth_users_total counter\n'
response += ('openuds_auth_users_total{auth="%s"} %d\n' %
(auth_name, auth.users.count()))
response += '# HELP openuds_auth_groups_total Total number of groups.\n'
response += '# TYPE openuds_auth_groups_total gauge\n'
response += ('openuds_auth_groups_total{auth="%s"} %d\n' %
(auth_name, auth.groups.count()))
# ToDo
# B. providers
# names prefix: openuds_provider_
# ToDo
# C. provider services
# names prefix: openuds_providerservice_
# D. service pools
# names prefix: openuds_pool_
sps = ServicePool.objects.all()
response += '# HELP openuds_pool_total Total number of pools.\n'
response += '# TYPE openuds_pool_total gauge\n'
response += 'openuds_pool_total %d\n' % (len(sps))
for sp in sps:
sp_name = map_name(sp.uuid, sp.name)
response += '# HELP openuds_pool_pub_revision Pool publication revision.\n'
response += '# TYPE openuds_pool_pub_revision counter\n'
response += ('openuds_pool_pub_revision{pool="%s"} %d\n' %
(sp_name, int(sp.current_pub_revision)))
# access_allowed / maintenance / restrained
response += '# HELP openuds_pool_access_allowed Access allowed.\n'
response += '# TYPE openuds_pool_access_allowed untyped\n'
response += ('openuds_pool_access_allowed{pool="%s"} %d\n' %
(sp_name, int(sp.isAccessAllowed())))
response += '# HELP openuds_pool_in_maintenance In maintenance.\n'
response += '# TYPE openuds_pool_in_maintenance untyped\n'
response += ('openuds_pool_in_maintenance{pool="%s"} %d\n' %
(sp_name, int(sp.isInMaintenance())))
response += '# HELP openuds_pool_restrained Restrained.\n'
response += '# TYPE openuds_pool_restrained untyped\n'
response += ('openuds_pool_restrained{pool="%s"} %d\n' %
(sp_name, int(sp.isRestrained())))
# openuds_pool settings: initial_srvs, cache_l1, cache_l2, max
response += '# HELP openuds_pool_initial_srvs Initial services.\n'
response += '# TYPE openuds_pool_initial_srvs gauge\n'
response += ('openuds_pool_initial_srvs{pool="%s"} %d\n' %
(sp_name, sp.initial_srvs))
response += '# HELP openuds_pool_cache_l1_srvs L1 cache services.\n'
response += '# TYPE openuds_pool_cache_l1_srvs gauge\n'
response += ('openuds_pool_cache_l1_srvs{pool="%s"} %d\n' %
(sp_name, sp.cache_l1_srvs))
response += '# HELP openuds_pool_cache_l2_srvs L2 cache services.\n'
response += '# TYPE openuds_pool_cache_l2_srvs gauge\n'
response += ('openuds_pool_cache_l2_srvs{pool="%s"} %d\n' %
(sp_name, sp.cache_l2_srvs))
response += '# HELP openuds_pool_max_srvs Max services.\n'
response += '# TYPE openuds_pool_max_srvs gauge\n'
response += ('openuds_pool_max_srvs{pool="%s"} %d\n' %
(sp_name, sp.max_srvs))
# These are serviceProvider metrics, not servicePool ones...
# move to serviceProvider block?
try:
if sp.service.isOfType('FPService'):
serviceProvider = sp.service.getInstance()
response += '# HELP openuds_pool_maximal_srvs Max services.\n'
response += '# TYPE openuds_pool_maximal_srvs gauge\n'
counter = len(
serviceProvider.getFPHosts(serviceProvider.getGroupId()))
response += ('openuds_pool_maximal_srvs{pool="%s"} %d\n' %
(sp_name, counter))
except Exception as e:
date = datetime.datetime.now()
logger.error(
'%s - fog project connection error: pool %s - state %s - %s' %
(date, sp.name, sp.state, str(e)))
# openuds_pool state: A (active), .... Whatelse ?
response += '# HELP openuds_pool_state Pool state.\n'
response += '# TYPE openuds_pool_state gauge\n'
response += ('openuds_pool_state{pool="%s", state="A"} %d\n' %
(sp_name, int(sp.state == 'A')))
# here we could put more pool states...
response += ('openuds_pool_state{pool="%s", state="other"} %d\n' %
(sp_name, int(sp.state != 'A')))
# logging new pool states:
if sp.state not in 'A':
date = datetime.datetime.now()
logger.warning('%s - pool %s - estado %s' %
(date, sp.name, sp.state))
# E. user services
# names prefix: openuds_pool_userservice_
erroneousUserServices = sp.erroneousUserServices()
cachedUserServices = sp.cachedUserServices()
assignedUserServices = sp.assignedUserServices()
# restrained is a pool concept, not userservice's one
# restraineds = sp.getRestraineds()
# erroneous
response += ('# HELP openuds_pool_userservice_erroneous_count'
' Pool userservice erroneous counter.\n')
response += '# TYPE openuds_pool_userservice_erroneous_count gauge\n'
usl = len([us for us in erroneousUserServices if us.state != 'S'])
response += (
'openuds_pool_userservice_erroneous_count{pool="%s"} %d\n' %
(sp_name, usl))
'''
# restrained
response += ('# HELP openuds_pool_userservice_restrained_count'
' Pool userservice restrained counter.\n')
response += '# TYPE openuds_pool_userservice_restrained_count gauge\n'
usl = len([us for us in restraineds if us.state != 'S'])
response += ('openuds_pool_userservice_restrained_count{pool="%s"} %d\n'
% (sp_name, usl))
'''
# cached
response += ('# HELP openuds_pool_userservice_cached_count'
' Pool userservice cached counter.\n')
response += '# TYPE openuds_pool_userservice_cached_count gauge\n'
usl = len([us for us in cachedUserServices if us.state != 'S'])
response += ('openuds_pool_userservice_cached_count{pool="%s"} %d\n' %
(sp_name, usl))
# cached_valid_valid
response += ('# HELP openuds_pool_userservice_cached_valid_valid_count'
' Pool userservice cached valid_valid counter.\n')
response += '# TYPE openuds_pool_userservice_cached_valid_valid_count gauge\n'
usl = len([
us for us in cachedUserServices
if us.state == 'U' and us.os_state == 'U'
])
response += (
'openuds_pool_userservice_cached_valid_valid_count{pool="%s"} %d\n'
% (sp_name, usl))
# assigned_inuse
response += ('# HELP openuds_pool_userservice_assigned_inuse_count'
' Pool userservice assigned_inuse counter.\n')
response += '# TYPE openuds_pool_userservice_assigned_inuse_count gauge\n'
usl = len([
us for us in assignedUserServices if us.state != 'S' and us.in_use
])
usl_inuse = usl
response += (
'openuds_pool_userservice_assigned_inuse_count{pool="%s"} %d\n' %
(sp_name, usl))
# assigned
response += ('# HELP openuds_pool_userservice_assigned_count'
' Pool userservice assigned counter.\n')
response += '# TYPE openuds_pool_userservice_assigned_count gauge\n'
usl = len([us for us in assignedUserServices if us.state != 'S'])
response += (
'openuds_pool_userservice_assigned_count{pool="%s"} %d\n' %
(sp_name, usl))
# assigned_notinuse:
# ** this can be calculated by diff so maybe it is bad practice
# send it as new metric? but for using it in max_over_time
# aggregation function this is convenient (ToDo?)
response += ('# HELP openuds_pool_userservice_assigned_notinuse_count'
' Pool userservice assigned_notinuse counter.\n')
response += '# TYPE openuds_pool_userservice_assigned_notinuse_count gauge\n'
usl_notinuse = usl - usl_inuse
response += (
'openuds_pool_userservice_assigned_notinuse_count{pool="%s"} %d\n'
% (sp_name, usl_notinuse))
# metrics of userservices by states.
# maybe overkill ?
# but it's done: if you want them, uncomment it
"""
nm = 'openuds_pool_userservice'
response += '# HELP %s Pool userservice by_state counter.\n' % (nm)
response += '# TYPE %s gauge\n' % (nm)
known_us_states = []
for us_state in ['U', 'S', 'R', 'P', 'M', 'C', 'E', 'K']:
for os_state in ['U', 'P']:
state = '_'.join([us_state, os_state])
known_us_states.append(state)
# erroneous
usl = len([us for us in erroneousUserServices
if '_'.join([us.state, us.os_state]) == state])
response += ('%s{pool="%s", type="erroneous", state="%s"} %d\n'
% (nm, sp_name, state, usl))
'''
# restrained
usl = len([us for us in restraineds
if '_'.join([us.state, us.os_state]) == state])
response += ('%s{pool="%s", type="restrained", state="%s"} %d\n'
% (nm, sp_name, state, usl ))
'''
# cached
usl = len([us for us in cachedUserServices
if '_'.join([us.state, us.os_state]) == state])
response += ('%s{pool="%s", type="cached", state="%s"} %d\n'
% (nm, sp_name, state, usl))
# assigned_inuse
usl = len([us for us in assignedUserServices
if '_'.join([us.state, us.os_state]) == state and us.in_use])
usl_inuse = usl
response += ('%s{pool="%s", type="assigned_inuse", state="%s"} %d\n'
% (nm, sp_name, state, usl))
# assigned
usl = len([us for us in assignedUserServices
if '_'.join([us.state, us.os_state]) == state])
response += ('%s{pool="%s", type="assigned", state="%s"} %d\n'
% (nm, sp_name, state, usl))
# assigned_notinuse:
# ** this can be calculated by diff so maybe it is bad practice
# send it as new metric? but for using it in max_over_time
# aggregation function this is convenient (ToDo?)
usl_notinuse = usl - usl_inuse
response += ('%s{pool="%s", type="assigned_notinuse", state="%s"} %d\n'
% (nm, sp_name, state, usl_notinuse))
# learning userServices not considered states:
usl = []
usl.extend([us for us in cachedUserServices
if '_'.join([us.state, us.os_state]) not in known_us_states])
usl.extend([us for us in assignedUserServices
if '_'.join([us.state, us.os_state]) not in known_us_states])
usl.extend([us for us in erroneousUserServices
if '_'.join([us.state, us.os_state]) not in known_us_states])
if len(usl):
date = datetime.datetime.now()
new_states = ','.join(['_'.join([us.state, us.os_state]) for us in usl])
logger.warning('%s - pool %s have userservices in unknown'
' usstate_osstate: %s\n%s'
% (date, sp.name, new_states, str(usl)))
"""
# F. scrapping time
response += ('# HELP openuds_scrape_collector_duration_seconds'
' Duration of a collector scrape.\n')
response += '# TYPE openuds_scrape_collector_duration_seconds gauge\n'
response += ('openuds_scrape_collector_duration_seconds %f\n' %
(time.time() - start_time))
return HttpResponse(response, content_type='text/plain')
