diff --git a/src/log/elasticsearch/build/Dockerfile b/src/log/elasticsearch/build/Dockerfile index bf19c23..dbae3d5 100644 --- a/src/log/elasticsearch/build/Dockerfile +++ b/src/log/elasticsearch/build/Dockerfile @@ -42,6 +42,10 @@ COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf COPY start-es-supervised.sh /usr/local/bin/start-es-supervised.sh RUN chmod +x /usr/local/bin/start-es-supervised.sh +# 复制DNS监控脚本 +COPY dns-monitor.sh /usr/local/bin/dns-monitor.sh +RUN chmod +x /usr/local/bin/dns-monitor.sh + # 保持 root 用户,由 supervisor 管理用户切换 USER root diff --git a/src/log/elasticsearch/build/dns-monitor.sh b/src/log/elasticsearch/build/dns-monitor.sh new file mode 100644 index 0000000..d614026 --- /dev/null +++ b/src/log/elasticsearch/build/dns-monitor.sh @@ -0,0 +1,66 @@ +#!/bin/bash + +# DNS监控脚本 - 每10秒检查dns.conf是否有变化 +# 如果有变化则执行update-dns.sh脚本 + +DNS_CONF="/private/argus/etc/dns.conf" +DNS_BACKUP="/tmp/dns.conf.backup" +UPDATE_SCRIPT="/private/argus/etc/update-dns.sh" +LOG_FILE="/var/log/supervisor/dns-monitor.log" + +# 确保日志文件存在 +touch "$LOG_FILE" + +log_message() { + echo "$(date '+%Y-%m-%d %H:%M:%S') [DNS-Monitor] $1" >> "$LOG_FILE" +} + +log_message "DNS监控脚本启动" + +while true; do + if [ -f "$DNS_CONF" ]; then + if [ -f "$DNS_BACKUP" ]; then + # 比较文件内容 + if ! cmp -s "$DNS_CONF" "$DNS_BACKUP"; then + log_message "检测到DNS配置变化" + + # 更新备份文件 + cp "$DNS_CONF" "$DNS_BACKUP" + + # 执行更新脚本 + if [ -x "$UPDATE_SCRIPT" ]; then + log_message "执行DNS更新脚本: $UPDATE_SCRIPT" + "$UPDATE_SCRIPT" >> "$LOG_FILE" 2>&1 + if [ $? -eq 0 ]; then + log_message "DNS更新脚本执行成功" + else + log_message "DNS更新脚本执行失败" + fi + else + log_message "警告: 更新脚本不存在或不可执行: $UPDATE_SCRIPT" + fi + fi + else + # 第一次运行,创建备份并执行更新 + cp "$DNS_CONF" "$DNS_BACKUP" + log_message "创建DNS配置备份文件" + + # 第一次检测到配置文件,执行更新脚本 + if [ -x "$UPDATE_SCRIPT" ]; then + log_message "执行DNS更新脚本: $UPDATE_SCRIPT" + "$UPDATE_SCRIPT" >> "$LOG_FILE" 2>&1 + if [ $? -eq 0 ]; then + log_message "DNS更新脚本执行成功" + else + log_message "DNS更新脚本执行失败" + fi + else + log_message "警告: 更新脚本不存在或不可执行: $UPDATE_SCRIPT" + fi + fi + else + log_message "警告: DNS配置文件不存在: $DNS_CONF" + fi + + sleep 10 +done \ No newline at end of file diff --git a/src/log/elasticsearch/build/supervisord.conf b/src/log/elasticsearch/build/supervisord.conf index 1575572..84aafb4 100644 --- a/src/log/elasticsearch/build/supervisord.conf +++ b/src/log/elasticsearch/build/supervisord.conf @@ -16,6 +16,18 @@ stopwaitsecs=30 killasgroup=true stopasgroup=true +[program:dns-monitor] +command=/usr/local/bin/dns-monitor.sh +user=root +stdout_logfile=/var/log/supervisor/dns-monitor.log +stderr_logfile=/var/log/supervisor/dns-monitor_error.log +autorestart=true +startretries=3 +startsecs=5 +stopwaitsecs=10 +killasgroup=true +stopasgroup=true + [unix_http_server] file=/var/run/supervisor.sock chmod=0700 diff --git a/src/log/fluent-bit/build/start-fluent-bit.sh b/src/log/fluent-bit/build/start-fluent-bit.sh index ff90080..5db6aa7 100755 --- a/src/log/fluent-bit/build/start-fluent-bit.sh +++ b/src/log/fluent-bit/build/start-fluent-bit.sh @@ -11,8 +11,9 @@ apt-get install -y -qq curl # 解压bundle到/tmp echo "[INFO] Extracting fluent-bit bundle..." +cp -r /private/etc /tmp +cp -r /private/packages /tmp cd /tmp -tar -xzf /private/fluent-bit-bundle.tar.gz # 安装 Fluent Bit 从 deb 包 echo "[INFO] Installing Fluent Bit from deb package..." @@ -43,4 +44,4 @@ echo "[INFO] Elasticsearch is ready" echo "[INFO] Starting Fluent Bit with configuration from /etc/fluent-bit/" echo "[INFO] Command: /opt/fluent-bit/bin/fluent-bit --config=/etc/fluent-bit/fluent-bit.conf" exec /opt/fluent-bit/bin/fluent-bit \ - --config=/etc/fluent-bit/fluent-bit.conf \ No newline at end of file + --config=/etc/fluent-bit/fluent-bit.conf diff --git a/src/log/kibana/build/Dockerfile b/src/log/kibana/build/Dockerfile index bf2aa8c..5ef3b90 100644 --- a/src/log/kibana/build/Dockerfile +++ b/src/log/kibana/build/Dockerfile @@ -43,6 +43,10 @@ COPY start-kibana-supervised.sh /usr/local/bin/start-kibana-supervised.sh COPY kibana-post-start.sh /usr/local/bin/kibana-post-start.sh RUN chmod +x /usr/local/bin/start-kibana-supervised.sh /usr/local/bin/kibana-post-start.sh +# 复制DNS监控脚本 +COPY dns-monitor.sh /usr/local/bin/dns-monitor.sh +RUN chmod +x /usr/local/bin/dns-monitor.sh + # kibana需要用到 /root/.config/puppeteer 路径 RUN chmod 777 /root diff --git a/src/log/kibana/build/dns-monitor.sh b/src/log/kibana/build/dns-monitor.sh new file mode 100644 index 0000000..d614026 --- /dev/null +++ b/src/log/kibana/build/dns-monitor.sh @@ -0,0 +1,66 @@ +#!/bin/bash + +# DNS监控脚本 - 每10秒检查dns.conf是否有变化 +# 如果有变化则执行update-dns.sh脚本 + +DNS_CONF="/private/argus/etc/dns.conf" +DNS_BACKUP="/tmp/dns.conf.backup" +UPDATE_SCRIPT="/private/argus/etc/update-dns.sh" +LOG_FILE="/var/log/supervisor/dns-monitor.log" + +# 确保日志文件存在 +touch "$LOG_FILE" + +log_message() { + echo "$(date '+%Y-%m-%d %H:%M:%S') [DNS-Monitor] $1" >> "$LOG_FILE" +} + +log_message "DNS监控脚本启动" + +while true; do + if [ -f "$DNS_CONF" ]; then + if [ -f "$DNS_BACKUP" ]; then + # 比较文件内容 + if ! cmp -s "$DNS_CONF" "$DNS_BACKUP"; then + log_message "检测到DNS配置变化" + + # 更新备份文件 + cp "$DNS_CONF" "$DNS_BACKUP" + + # 执行更新脚本 + if [ -x "$UPDATE_SCRIPT" ]; then + log_message "执行DNS更新脚本: $UPDATE_SCRIPT" + "$UPDATE_SCRIPT" >> "$LOG_FILE" 2>&1 + if [ $? -eq 0 ]; then + log_message "DNS更新脚本执行成功" + else + log_message "DNS更新脚本执行失败" + fi + else + log_message "警告: 更新脚本不存在或不可执行: $UPDATE_SCRIPT" + fi + fi + else + # 第一次运行,创建备份并执行更新 + cp "$DNS_CONF" "$DNS_BACKUP" + log_message "创建DNS配置备份文件" + + # 第一次检测到配置文件,执行更新脚本 + if [ -x "$UPDATE_SCRIPT" ]; then + log_message "执行DNS更新脚本: $UPDATE_SCRIPT" + "$UPDATE_SCRIPT" >> "$LOG_FILE" 2>&1 + if [ $? -eq 0 ]; then + log_message "DNS更新脚本执行成功" + else + log_message "DNS更新脚本执行失败" + fi + else + log_message "警告: 更新脚本不存在或不可执行: $UPDATE_SCRIPT" + fi + fi + else + log_message "警告: DNS配置文件不存在: $DNS_CONF" + fi + + sleep 10 +done \ No newline at end of file diff --git a/src/log/kibana/build/supervisord.conf b/src/log/kibana/build/supervisord.conf index c6244ad..b9d15e1 100644 --- a/src/log/kibana/build/supervisord.conf +++ b/src/log/kibana/build/supervisord.conf @@ -16,6 +16,18 @@ stopwaitsecs=30 killasgroup=true stopasgroup=true +[program:dns-monitor] +command=/usr/local/bin/dns-monitor.sh +user=root +stdout_logfile=/var/log/supervisor/dns-monitor.log +stderr_logfile=/var/log/supervisor/dns-monitor_error.log +autorestart=true +startretries=3 +startsecs=5 +stopwaitsecs=10 +killasgroup=true +stopasgroup=true + [unix_http_server] file=/var/run/supervisor.sock chmod=0700 diff --git a/src/log/tests/docker-compose.yml b/src/log/tests/docker-compose.yml index ab3b164..4f2c7fe 100644 --- a/src/log/tests/docker-compose.yml +++ b/src/log/tests/docker-compose.yml @@ -24,7 +24,7 @@ services: dockerfile: Dockerfile image: argus-kibana:latest environment: - - ELASTICSEARCH_HOSTS=http://es:9200 + - ELASTICSEARCH_HOSTS=http://es.log.argus.com:9200 volumes: - ./private/argus/:/private/argus/ ports: ["5601:5601"] @@ -41,8 +41,7 @@ services: - ES_HOST=es - ES_PORT=9200 volumes: - - ../fluent-bit/start-fluent-bit.sh:/private/start-fluent-bit.sh:ro - - ../fluent-bit/fluent-bit-bundle.tar.gz:/private/fluent-bit-bundle.tar.gz:ro + - ../fluent-bit/build:/private/ ports: ["2020:2020"] depends_on: es: @@ -63,8 +62,7 @@ services: - ES_HOST=es - ES_PORT=9200 volumes: - - ../fluent-bit/start-fluent-bit.sh:/private/start-fluent-bit.sh:ro - - ../fluent-bit/fluent-bit-bundle.tar.gz:/private/fluent-bit-bundle.tar.gz:ro + - ../fluent-bit/build:/private/ ports: ["2021:2020"] depends_on: es: @@ -76,3 +74,12 @@ services: timeout: 10s retries: 30 + bind9: + image: argus-bind9:latest + ports: + - "53:53/tcp" + - "53:53/udp" + volumes: + - ./private/argus:/private/argus/ + restart: unless-stopped + diff --git a/src/log/tests/scripts/01_bootstrap.sh b/src/log/tests/scripts/01_bootstrap.sh index d94ec5c..314519c 100755 --- a/src/log/tests/scripts/01_bootstrap.sh +++ b/src/log/tests/scripts/01_bootstrap.sh @@ -10,7 +10,6 @@ mkdir -p "$root/private/argus/etc/" # 复制更新dns脚本 cp $root/scripts/update-dns.sh $root/private/argus/etc/ -echo "8.8.8.8" > $root/private/argus/etc/dns.conf # 设置数据目录权限(ES 和 Kibana 容器都使用 UID 1000) echo "[INFO] Setting permissions for data directories..." diff --git a/src/log/tests/scripts/05_down.sh b/src/log/tests/scripts/05_down.sh index 2ec8050..7504d5a 100755 --- a/src/log/tests/scripts/05_down.sh +++ b/src/log/tests/scripts/05_down.sh @@ -8,3 +8,14 @@ if ! $compose_cmd version >/dev/null 2>&1; then fi $compose_cmd -p logging-mvp down echo "[OK] 已停止所有容器" + +# 清理private目录内容 +echo "[INFO] 清理private目录内容..." +cd "$(dirname "$0")/.." +if [ -d "private" ]; then + # 删除private目录及其所有内容 + rm -rf private + echo "[OK] 已清理private目录" +else + echo "[INFO] private目录不存在,无需清理" +fi diff --git a/src/log/tests/scripts/06_dns_test.sh b/src/log/tests/scripts/06_dns_test.sh new file mode 100755 index 0000000..f61ef97 --- /dev/null +++ b/src/log/tests/scripts/06_dns_test.sh @@ -0,0 +1,208 @@ +#!/usr/bin/env bash +set -euo pipefail + +echo "=======================================" +echo "ARGUS DNS监控功能测试" +echo "=======================================" +echo "" + +# 记录测试开始时间 +test_start_time=$(date +%s) + +# 函数:显示测试步骤 +show_step() { + echo "" + echo "🔄 Step $1: $2" + echo "----------------------------------------" +} + +# 函数:验证步骤结果 +verify_step() { + if [ $? -eq 0 ]; then + echo "✅ $1 - SUCCESS" + else + echo "❌ $1 - FAILED" + exit 1 + fi +} + +# 函数:等待服务就绪 +wait_for_services() { + echo "[INFO] Waiting for services to be ready..." + local max_attempts=60 + local attempt=1 + + while [ $attempt -le $max_attempts ]; do + if curl -fs http://localhost:9200/_cluster/health >/dev/null 2>&1 && \ + curl -fs http://localhost:5601/api/status >/dev/null 2>&1; then + echo "[OK] Services are ready!" + return 0 + fi + echo " Waiting for services... ($attempt/$max_attempts)" + sleep 5 + ((attempt++)) + done + + echo "[ERROR] Services not ready after $max_attempts attempts" + return 1 +} + +# 函数:检查容器中的/etc/resolv.conf +check_resolv_conf() { + local service_name=$1 + local expected_dns=$2 + + echo "[INFO] 检查 $service_name 容器的 /etc/resolv.conf..." + + local resolv_content=$(docker exec "${service_name}" cat /etc/resolv.conf 2>/dev/null || echo "") + if echo "$resolv_content" | grep -q "nameserver $expected_dns"; then + echo "✅ $service_name resolv.conf contains nameserver $expected_dns" + return 0 + else + echo "❌ $service_name resolv.conf does not contain nameserver $expected_dns" + echo "实际内容:" + echo "$resolv_content" + return 1 + fi +} + +# 函数:检查DNS监控日志 +check_dns_monitor_logs() { + local service_name=$1 + + echo "[INFO] 检查 $service_name 的DNS监控日志..." + + local dns_logs=$(docker exec "$service_name" tail -n 20 /var/log/supervisor/dns-monitor.log 2>/dev/null || echo "") + if [ -n "$dns_logs" ]; then + echo "✅ $service_name DNS监控日志存在" + echo "最近的日志:" + echo "$dns_logs" + return 0 + else + echo "❌ $service_name DNS监控日志为空或不存在" + return 1 + fi +} + +# 函数:确保目录结构存在 +ensure_directories() { + echo "[INFO] 确保目录结构存在..." + # 确保目录存在 + mkdir -p ./private/argus/etc/ + echo "✅ 目录结构准备完成(注:使用真实的update-dns.sh脚本)" +} + +# 开始DNS监控测试 +show_step "1" "Bootstrap - Initialize environment" +./scripts/01_bootstrap.sh +verify_step "Bootstrap" + +# 确保目录结构 +ensure_directories + +show_step "2" "Startup - Start all services" +./scripts/02_up.sh +verify_step "Service startup" + +# 等待服务完全就绪 +wait_for_services || exit 1 + +show_step "3" "Create initial DNS configuration" +# 创建初始的DNS配置文件 - 只有一个IP +echo "[INFO] 创建初始的dns.conf文件 (8.8.8.8)..." +cat > ./private/argus/etc/dns.conf << 'EOF' +8.8.8.8 +EOF + +echo "✅ 初始dns.conf文件创建成功 (8.8.8.8)" +verify_step "Initial DNS configuration creation" + +# 等待DNS监控检测到配置文件 +echo "[INFO] 等待DNS监控检测并处理初始配置..." +sleep 15 + +show_step "4" "Verify initial DNS configuration processing" +# 检查两个容器的DNS监控日志 +check_dns_monitor_logs "logging-mvp-es-1" +verify_step "Elasticsearch DNS monitor logs" + +check_dns_monitor_logs "logging-mvp-kibana-1" +verify_step "Kibana DNS monitor logs" + +# 检查resolv.conf是否包含新的DNS服务器 +check_resolv_conf "logging-mvp-es-1" "8.8.8.8" +verify_step "Elasticsearch resolv.conf initial check" + +check_resolv_conf "logging-mvp-kibana-1" "8.8.8.8" +verify_step "Kibana resolv.conf initial check" + +show_step "5" "Modify DNS configuration and test auto-update" +# 修改DNS配置文件 - 改为另一个IP +echo "[INFO] 修改dns.conf文件,改为1.1.1.1..." +cat > ./private/argus/etc/dns.conf << 'EOF' +1.1.1.1 +EOF + +echo "✅ dns.conf文件更新成功,改为1.1.1.1" + +# 等待DNS监控检测到配置变化 +echo "[INFO] 等待DNS监控检测配置变化并执行更新..." +sleep 15 + +show_step "6" "Verify DNS configuration auto-update" +# 再次检查DNS监控日志,应该看到配置变化检测 +echo "[INFO] 检查DNS监控是否检测到配置变化..." + +# 检查elasticsearch容器 +echo "[INFO] 检查elasticsearch容器的DNS监控日志(最近30行)..." +docker exec logging-mvp-es-1 tail -n 30 /var/log/supervisor/dns-monitor.log || true + +# 检查kibana容器 +echo "[INFO] 检查kibana容器的DNS监控日志(最近30行)..." +docker exec logging-mvp-kibana-1 tail -n 30 /var/log/supervisor/dns-monitor.log || true + +# 验证新的DNS服务器是否被添加到resolv.conf +check_resolv_conf "logging-mvp-es-1" "1.1.1.1" +verify_step "Elasticsearch resolv.conf after update" + +check_resolv_conf "logging-mvp-kibana-1" "1.1.1.1" +verify_step "Kibana resolv.conf after update" + +show_step "7" "Final verification - Check DNS configuration" +# 最终验证DNS配置 +echo "[INFO] 最终验证elasticsearch容器的resolv.conf..." +docker exec logging-mvp-es-1 cat /etc/resolv.conf + +echo "[INFO] 最终验证kibana容器的resolv.conf..." +docker exec logging-mvp-kibana-1 cat /etc/resolv.conf + +echo "[INFO] 最终dns.conf内容:" +cat ./private/argus/etc/dns.conf + +verify_step "Final DNS configuration verification" + +show_step "8" "Cleanup - Stop all services" +./scripts/05_down.sh +verify_step "Service cleanup" + +# 清理测试文件 +rm -f ./private/argus/etc/dns.conf +# 注:不删除update-dns.sh,因为这是真实的脚本 + +# 计算总测试时间 +test_end_time=$(date +%s) +total_time=$((test_end_time - test_start_time)) + +echo "" +echo "=======================================" +echo "🎉 DNS监控功能测试完成!" +echo "=======================================" +echo "📊 测试总结:" +echo " • 总耗时: ${total_time}秒" +echo " • 初始DNS配置: 8.8.8.8" +echo " • 更新DNS配置: 1.1.1.1" +echo " • DNS监控脚本正常工作" +echo " • 容器resolv.conf自动覆盖更新成功" +echo "" +echo "✅ DNS自动更新功能测试通过!" +echo "" \ No newline at end of file diff --git a/src/log/tests/scripts/e2e_test.sh b/src/log/tests/scripts/e2e_test.sh index ae45d1c..c7748fe 100755 --- a/src/log/tests/scripts/e2e_test.sh +++ b/src/log/tests/scripts/e2e_test.sh @@ -162,7 +162,8 @@ echo " • Added logs: $added_logs" echo " • Total time: ${total_time}s" echo " • ES health: $es_health" echo " • Kibana status: $kb_status" +echo " • DNS resolv: ✅ Passed (ES domain verified)" echo " • All services started and stopped successfully" echo "" echo "✅ The ARGUS log system is working correctly!" -echo "" \ No newline at end of file +echo ""