dev_1.0.0_yuyr 完成 log和bind模块开发部署测试 #8

Merged
yuyr merged 26 commits from dev_1.0.0_yuyr into dev_1.0.0 2025-09-22 16:39:39 +08:00
12 changed files with 400 additions and 9 deletions
Showing only changes of commit 4eaeb5f93a - Show all commits

View File

@ -42,6 +42,10 @@ COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
COPY start-es-supervised.sh /usr/local/bin/start-es-supervised.sh
RUN chmod +x /usr/local/bin/start-es-supervised.sh
# 复制DNS监控脚本
COPY dns-monitor.sh /usr/local/bin/dns-monitor.sh
RUN chmod +x /usr/local/bin/dns-monitor.sh
# 保持 root 用户,由 supervisor 管理用户切换
USER root

View File

@ -0,0 +1,66 @@
#!/bin/bash
# DNS监控脚本 - 每10秒检查dns.conf是否有变化
# 如果有变化则执行update-dns.sh脚本
DNS_CONF="/private/argus/etc/dns.conf"
DNS_BACKUP="/tmp/dns.conf.backup"
UPDATE_SCRIPT="/private/argus/etc/update-dns.sh"
LOG_FILE="/var/log/supervisor/dns-monitor.log"
# 确保日志文件存在
touch "$LOG_FILE"
log_message() {
echo "$(date '+%Y-%m-%d %H:%M:%S') [DNS-Monitor] $1" >> "$LOG_FILE"
}
log_message "DNS监控脚本启动"
while true; do
if [ -f "$DNS_CONF" ]; then
if [ -f "$DNS_BACKUP" ]; then
# 比较文件内容
if ! cmp -s "$DNS_CONF" "$DNS_BACKUP"; then
log_message "检测到DNS配置变化"
# 更新备份文件
cp "$DNS_CONF" "$DNS_BACKUP"
# 执行更新脚本
if [ -x "$UPDATE_SCRIPT" ]; then
log_message "执行DNS更新脚本: $UPDATE_SCRIPT"
"$UPDATE_SCRIPT" >> "$LOG_FILE" 2>&1
if [ $? -eq 0 ]; then
log_message "DNS更新脚本执行成功"
else
log_message "DNS更新脚本执行失败"
fi
else
log_message "警告: 更新脚本不存在或不可执行: $UPDATE_SCRIPT"
fi
fi
else
# 第一次运行,创建备份并执行更新
cp "$DNS_CONF" "$DNS_BACKUP"
log_message "创建DNS配置备份文件"
# 第一次检测到配置文件,执行更新脚本
if [ -x "$UPDATE_SCRIPT" ]; then
log_message "执行DNS更新脚本: $UPDATE_SCRIPT"
"$UPDATE_SCRIPT" >> "$LOG_FILE" 2>&1
if [ $? -eq 0 ]; then
log_message "DNS更新脚本执行成功"
else
log_message "DNS更新脚本执行失败"
fi
else
log_message "警告: 更新脚本不存在或不可执行: $UPDATE_SCRIPT"
fi
fi
else
log_message "警告: DNS配置文件不存在: $DNS_CONF"
fi
sleep 10
done

View File

@ -16,6 +16,18 @@ stopwaitsecs=30
killasgroup=true
stopasgroup=true
[program:dns-monitor]
command=/usr/local/bin/dns-monitor.sh
user=root
stdout_logfile=/var/log/supervisor/dns-monitor.log
stderr_logfile=/var/log/supervisor/dns-monitor_error.log
autorestart=true
startretries=3
startsecs=5
stopwaitsecs=10
killasgroup=true
stopasgroup=true
[unix_http_server]
file=/var/run/supervisor.sock
chmod=0700

View File

@ -11,8 +11,9 @@ apt-get install -y -qq curl
# 解压bundle到/tmp
echo "[INFO] Extracting fluent-bit bundle..."
cp -r /private/etc /tmp
cp -r /private/packages /tmp
cd /tmp
tar -xzf /private/fluent-bit-bundle.tar.gz
# 安装 Fluent Bit 从 deb 包
echo "[INFO] Installing Fluent Bit from deb package..."

View File

@ -43,6 +43,10 @@ COPY start-kibana-supervised.sh /usr/local/bin/start-kibana-supervised.sh
COPY kibana-post-start.sh /usr/local/bin/kibana-post-start.sh
RUN chmod +x /usr/local/bin/start-kibana-supervised.sh /usr/local/bin/kibana-post-start.sh
# 复制DNS监控脚本
COPY dns-monitor.sh /usr/local/bin/dns-monitor.sh
RUN chmod +x /usr/local/bin/dns-monitor.sh
# kibana需要用到 /root/.config/puppeteer 路径
RUN chmod 777 /root

View File

@ -0,0 +1,66 @@
#!/bin/bash
# DNS监控脚本 - 每10秒检查dns.conf是否有变化
# 如果有变化则执行update-dns.sh脚本
DNS_CONF="/private/argus/etc/dns.conf"
DNS_BACKUP="/tmp/dns.conf.backup"
UPDATE_SCRIPT="/private/argus/etc/update-dns.sh"
LOG_FILE="/var/log/supervisor/dns-monitor.log"
# 确保日志文件存在
touch "$LOG_FILE"
log_message() {
echo "$(date '+%Y-%m-%d %H:%M:%S') [DNS-Monitor] $1" >> "$LOG_FILE"
}
log_message "DNS监控脚本启动"
while true; do
if [ -f "$DNS_CONF" ]; then
if [ -f "$DNS_BACKUP" ]; then
# 比较文件内容
if ! cmp -s "$DNS_CONF" "$DNS_BACKUP"; then
log_message "检测到DNS配置变化"
# 更新备份文件
cp "$DNS_CONF" "$DNS_BACKUP"
# 执行更新脚本
if [ -x "$UPDATE_SCRIPT" ]; then
log_message "执行DNS更新脚本: $UPDATE_SCRIPT"
"$UPDATE_SCRIPT" >> "$LOG_FILE" 2>&1
if [ $? -eq 0 ]; then
log_message "DNS更新脚本执行成功"
else
log_message "DNS更新脚本执行失败"
fi
else
log_message "警告: 更新脚本不存在或不可执行: $UPDATE_SCRIPT"
fi
fi
else
# 第一次运行,创建备份并执行更新
cp "$DNS_CONF" "$DNS_BACKUP"
log_message "创建DNS配置备份文件"
# 第一次检测到配置文件,执行更新脚本
if [ -x "$UPDATE_SCRIPT" ]; then
log_message "执行DNS更新脚本: $UPDATE_SCRIPT"
"$UPDATE_SCRIPT" >> "$LOG_FILE" 2>&1
if [ $? -eq 0 ]; then
log_message "DNS更新脚本执行成功"
else
log_message "DNS更新脚本执行失败"
fi
else
log_message "警告: 更新脚本不存在或不可执行: $UPDATE_SCRIPT"
fi
fi
else
log_message "警告: DNS配置文件不存在: $DNS_CONF"
fi
sleep 10
done

View File

@ -16,6 +16,18 @@ stopwaitsecs=30
killasgroup=true
stopasgroup=true
[program:dns-monitor]
command=/usr/local/bin/dns-monitor.sh
user=root
stdout_logfile=/var/log/supervisor/dns-monitor.log
stderr_logfile=/var/log/supervisor/dns-monitor_error.log
autorestart=true
startretries=3
startsecs=5
stopwaitsecs=10
killasgroup=true
stopasgroup=true
[unix_http_server]
file=/var/run/supervisor.sock
chmod=0700

View File

@ -24,7 +24,7 @@ services:
dockerfile: Dockerfile
image: argus-kibana:latest
environment:
- ELASTICSEARCH_HOSTS=http://es:9200
- ELASTICSEARCH_HOSTS=http://es.log.argus.com:9200
volumes:
- ./private/argus/:/private/argus/
ports: ["5601:5601"]
@ -41,8 +41,7 @@ services:
- ES_HOST=es
- ES_PORT=9200
volumes:
- ../fluent-bit/start-fluent-bit.sh:/private/start-fluent-bit.sh:ro
- ../fluent-bit/fluent-bit-bundle.tar.gz:/private/fluent-bit-bundle.tar.gz:ro
- ../fluent-bit/build:/private/
ports: ["2020:2020"]
depends_on:
es:
@ -63,8 +62,7 @@ services:
- ES_HOST=es
- ES_PORT=9200
volumes:
- ../fluent-bit/start-fluent-bit.sh:/private/start-fluent-bit.sh:ro
- ../fluent-bit/fluent-bit-bundle.tar.gz:/private/fluent-bit-bundle.tar.gz:ro
- ../fluent-bit/build:/private/
ports: ["2021:2020"]
depends_on:
es:
@ -76,3 +74,12 @@ services:
timeout: 10s
retries: 30
bind9:
image: argus-bind9:latest
ports:
- "53:53/tcp"
- "53:53/udp"
volumes:
- ./private/argus:/private/argus/
restart: unless-stopped

View File

@ -10,7 +10,6 @@ mkdir -p "$root/private/argus/etc/"
# 复制更新dns脚本
cp $root/scripts/update-dns.sh $root/private/argus/etc/
echo "8.8.8.8" > $root/private/argus/etc/dns.conf
# 设置数据目录权限ES 和 Kibana 容器都使用 UID 1000
echo "[INFO] Setting permissions for data directories..."

View File

@ -8,3 +8,14 @@ if ! $compose_cmd version >/dev/null 2>&1; then
fi
$compose_cmd -p logging-mvp down
echo "[OK] 已停止所有容器"
# 清理private目录内容
echo "[INFO] 清理private目录内容..."
cd "$(dirname "$0")/.."
if [ -d "private" ]; then
# 删除private目录及其所有内容
rm -rf private
echo "[OK] 已清理private目录"
else
echo "[INFO] private目录不存在无需清理"
fi

View File

@ -0,0 +1,208 @@
#!/usr/bin/env bash
set -euo pipefail
echo "======================================="
echo "ARGUS DNS监控功能测试"
echo "======================================="
echo ""
# 记录测试开始时间
test_start_time=$(date +%s)
# 函数:显示测试步骤
show_step() {
echo ""
echo "🔄 Step $1: $2"
echo "----------------------------------------"
}
# 函数:验证步骤结果
verify_step() {
if [ $? -eq 0 ]; then
echo "$1 - SUCCESS"
else
echo "$1 - FAILED"
exit 1
fi
}
# 函数:等待服务就绪
wait_for_services() {
echo "[INFO] Waiting for services to be ready..."
local max_attempts=60
local attempt=1
while [ $attempt -le $max_attempts ]; do
if curl -fs http://localhost:9200/_cluster/health >/dev/null 2>&1 && \
curl -fs http://localhost:5601/api/status >/dev/null 2>&1; then
echo "[OK] Services are ready!"
return 0
fi
echo " Waiting for services... ($attempt/$max_attempts)"
sleep 5
((attempt++))
done
echo "[ERROR] Services not ready after $max_attempts attempts"
return 1
}
# 函数:检查容器中的/etc/resolv.conf
check_resolv_conf() {
local service_name=$1
local expected_dns=$2
echo "[INFO] 检查 $service_name 容器的 /etc/resolv.conf..."
local resolv_content=$(docker exec "${service_name}" cat /etc/resolv.conf 2>/dev/null || echo "")
if echo "$resolv_content" | grep -q "nameserver $expected_dns"; then
echo "$service_name resolv.conf contains nameserver $expected_dns"
return 0
else
echo "$service_name resolv.conf does not contain nameserver $expected_dns"
echo "实际内容:"
echo "$resolv_content"
return 1
fi
}
# 函数检查DNS监控日志
check_dns_monitor_logs() {
local service_name=$1
echo "[INFO] 检查 $service_name 的DNS监控日志..."
local dns_logs=$(docker exec "$service_name" tail -n 20 /var/log/supervisor/dns-monitor.log 2>/dev/null || echo "")
if [ -n "$dns_logs" ]; then
echo "$service_name DNS监控日志存在"
echo "最近的日志:"
echo "$dns_logs"
return 0
else
echo "$service_name DNS监控日志为空或不存在"
return 1
fi
}
# 函数:确保目录结构存在
ensure_directories() {
echo "[INFO] 确保目录结构存在..."
# 确保目录存在
mkdir -p ./private/argus/etc/
echo "✅ 目录结构准备完成使用真实的update-dns.sh脚本"
}
# 开始DNS监控测试
show_step "1" "Bootstrap - Initialize environment"
./scripts/01_bootstrap.sh
verify_step "Bootstrap"
# 确保目录结构
ensure_directories
show_step "2" "Startup - Start all services"
./scripts/02_up.sh
verify_step "Service startup"
# 等待服务完全就绪
wait_for_services || exit 1
show_step "3" "Create initial DNS configuration"
# 创建初始的DNS配置文件 - 只有一个IP
echo "[INFO] 创建初始的dns.conf文件 (8.8.8.8)..."
cat > ./private/argus/etc/dns.conf << 'EOF'
8.8.8.8
EOF
echo "✅ 初始dns.conf文件创建成功 (8.8.8.8)"
verify_step "Initial DNS configuration creation"
# 等待DNS监控检测到配置文件
echo "[INFO] 等待DNS监控检测并处理初始配置..."
sleep 15
show_step "4" "Verify initial DNS configuration processing"
# 检查两个容器的DNS监控日志
check_dns_monitor_logs "logging-mvp-es-1"
verify_step "Elasticsearch DNS monitor logs"
check_dns_monitor_logs "logging-mvp-kibana-1"
verify_step "Kibana DNS monitor logs"
# 检查resolv.conf是否包含新的DNS服务器
check_resolv_conf "logging-mvp-es-1" "8.8.8.8"
verify_step "Elasticsearch resolv.conf initial check"
check_resolv_conf "logging-mvp-kibana-1" "8.8.8.8"
verify_step "Kibana resolv.conf initial check"
show_step "5" "Modify DNS configuration and test auto-update"
# 修改DNS配置文件 - 改为另一个IP
echo "[INFO] 修改dns.conf文件改为1.1.1.1..."
cat > ./private/argus/etc/dns.conf << 'EOF'
1.1.1.1
EOF
echo "✅ dns.conf文件更新成功改为1.1.1.1"
# 等待DNS监控检测到配置变化
echo "[INFO] 等待DNS监控检测配置变化并执行更新..."
sleep 15
show_step "6" "Verify DNS configuration auto-update"
# 再次检查DNS监控日志应该看到配置变化检测
echo "[INFO] 检查DNS监控是否检测到配置变化..."
# 检查elasticsearch容器
echo "[INFO] 检查elasticsearch容器的DNS监控日志最近30行..."
docker exec logging-mvp-es-1 tail -n 30 /var/log/supervisor/dns-monitor.log || true
# 检查kibana容器
echo "[INFO] 检查kibana容器的DNS监控日志最近30行..."
docker exec logging-mvp-kibana-1 tail -n 30 /var/log/supervisor/dns-monitor.log || true
# 验证新的DNS服务器是否被添加到resolv.conf
check_resolv_conf "logging-mvp-es-1" "1.1.1.1"
verify_step "Elasticsearch resolv.conf after update"
check_resolv_conf "logging-mvp-kibana-1" "1.1.1.1"
verify_step "Kibana resolv.conf after update"
show_step "7" "Final verification - Check DNS configuration"
# 最终验证DNS配置
echo "[INFO] 最终验证elasticsearch容器的resolv.conf..."
docker exec logging-mvp-es-1 cat /etc/resolv.conf
echo "[INFO] 最终验证kibana容器的resolv.conf..."
docker exec logging-mvp-kibana-1 cat /etc/resolv.conf
echo "[INFO] 最终dns.conf内容:"
cat ./private/argus/etc/dns.conf
verify_step "Final DNS configuration verification"
show_step "8" "Cleanup - Stop all services"
./scripts/05_down.sh
verify_step "Service cleanup"
# 清理测试文件
rm -f ./private/argus/etc/dns.conf
# 注不删除update-dns.sh因为这是真实的脚本
# 计算总测试时间
test_end_time=$(date +%s)
total_time=$((test_end_time - test_start_time))
echo ""
echo "======================================="
echo "🎉 DNS监控功能测试完成!"
echo "======================================="
echo "📊 测试总结:"
echo " • 总耗时: ${total_time}"
echo " • 初始DNS配置: 8.8.8.8"
echo " • 更新DNS配置: 1.1.1.1"
echo " • DNS监控脚本正常工作"
echo " • 容器resolv.conf自动覆盖更新成功"
echo ""
echo "✅ DNS自动更新功能测试通过!"
echo ""

View File

@ -162,6 +162,7 @@ echo " • Added logs: $added_logs"
echo " • Total time: ${total_time}s"
echo " • ES health: $es_health"
echo " • Kibana status: $kb_status"
echo " • DNS resolv: ✅ Passed (ES domain verified)"
echo " • All services started and stopped successfully"
echo ""
echo "✅ The ARGUS log system is working correctly!"