From d2903bb6454c2f51b483872f635e32b10a464966 Mon Sep 17 00:00:00 2001 From: Christian Kreibich Date: Thu, 12 May 2022 09:59:51 -0700 Subject: [PATCH] Management framework: increase robustness of agent/controller naming The fallback mechanism when no explicit agent/controller names are configured didn't work properly, because many places in the code relied on accessing the name via the variables meant for explicit configuration, such as Management::Agent::name. Agent and controller now offer functions for computing the correct effective name, and we use that throughout. --- .../frameworks/management/agent/api.zeek | 7 +++++-- .../frameworks/management/agent/config.zeek | 20 +++++++++++++------ .../frameworks/management/agent/main.zeek | 14 ++++++------- .../frameworks/management/controller/api.zeek | 5 ++++- .../management/controller/config.zeek | 17 +++++++++++----- 5 files changed, 42 insertions(+), 21 deletions(-) diff --git a/scripts/policy/frameworks/management/agent/api.zeek b/scripts/policy/frameworks/management/agent/api.zeek index 8ba47ee67d..f8dc1239a7 100644 --- a/scripts/policy/frameworks/management/agent/api.zeek +++ b/scripts/policy/frameworks/management/agent/api.zeek @@ -79,6 +79,7 @@ export { ## nodes: a set of cluster node names (e.g. "worker-01") to retrieve ## the values from. An empty set, supplied by default, means ## retrieval from all nodes managed by the agent. + ## global node_dispatch_request: event(reqid: string, action: vector of string, nodes: set[string] &default=set()); @@ -93,6 +94,7 @@ export { ## agent. Upon success, each :zeek:see:`Management::Result` record's ## data member contains the dispatches' response in a data type ## appropriate for the respective dispatch. + ## global node_dispatch_response: event(reqid: string, result: Management::ResultVec); @@ -145,7 +147,8 @@ export { ## communicate with. It is a controller-level equivalent of ## `:zeek:see:`Broker::peer_added`. ## - ## instance: an instance name, really the agent's name as per :zeek:see:`Management::Agent::name`. + ## instance: an instance name, really the agent's name as per + ## :zeek:see:`Management::Agent::get_name`. ## ## host: the IP address of the agent. (This may change in the future.) ## @@ -168,4 +171,4 @@ export { # Report informational message. global notify_log: event(instance: string, msg: string, node: string &default=""); - } +} diff --git a/scripts/policy/frameworks/management/agent/config.zeek b/scripts/policy/frameworks/management/agent/config.zeek index 29567b8f5e..1a94fc8df1 100644 --- a/scripts/policy/frameworks/management/agent/config.zeek +++ b/scripts/policy/frameworks/management/agent/config.zeek @@ -15,7 +15,7 @@ export { ## Agent stdout log configuration. If the string is non-empty, Zeek will ## produce a free-form log (i.e., not one governed by Zeek's logging ## framework) in Zeek's working directory. The final log's name is - ## ".", where the name is taken from :zeek:see:`Management::Agent::name`, + ## ".", where the name is taken from :zeek:see:`Management::Agent::get_name`, ## and the suffix is defined by the following variable. If left empty, ## no such log results. ## @@ -44,7 +44,7 @@ export { const default_port = 2151/tcp &redef; ## The agent's Broker topic prefix. For its own communication, the agent - ## suffixes this with "/", based on :zeek:see:`Management::Agent::name`. + ## suffixes this with "/", based on :zeek:see:`Management::Agent::get_name`. const topic_prefix = "zeek/management/agent" &redef; ## The network coordinates of the controller. When defined, the agent @@ -66,6 +66,9 @@ export { ## cluster nodes. const cluster_directory = "" &redef; + ## Returns the effective name of this agent. + global get_name: function(): string; + ## Returns a :zeek:see:`Management::Instance` describing this ## instance (its agent name plus listening address/port, as applicable). global instance: function(): Management::Instance; @@ -76,6 +79,14 @@ export { global endpoint_info: function(): Broker::EndpointInfo; } +function get_name(): string + { + if ( name != "" ) + return name; + + return fmt("agent-%s", gethostname()); + } + function instance(): Management::Instance { local epi = endpoint_info(); @@ -89,10 +100,7 @@ function endpoint_info(): Broker::EndpointInfo local epi: Broker::EndpointInfo; local network: Broker::NetworkInfo; - if ( Management::Agent::name != "" ) - epi$id = Management::Agent::name; - else - epi$id = fmt("agent-%s", gethostname()); + epi$id = get_name(); if ( Management::Agent::listen_address != "" ) network$address = Management::Agent::listen_address; diff --git a/scripts/policy/frameworks/management/agent/main.zeek b/scripts/policy/frameworks/management/agent/main.zeek index 45993b29c4..4d977939a4 100644 --- a/scripts/policy/frameworks/management/agent/main.zeek +++ b/scripts/policy/frameworks/management/agent/main.zeek @@ -77,7 +77,7 @@ event SupervisorControl::create_response(reqid: string, result: string) Management::Log::error(msg); Broker::publish(agent_topic(), Management::Agent::API::notify_error, - Management::Agent::name, msg, name); + Management::Agent::get_name(), msg, name); } Management::Request::finish(reqid); @@ -97,7 +97,7 @@ event SupervisorControl::destroy_response(reqid: string, result: bool) Management::Log::error(msg); Broker::publish(agent_topic(), Management::Agent::API::notify_error, - Management::Agent::name, msg, name); + Management::Agent::get_name(), msg, name); } Management::Request::finish(reqid); @@ -150,7 +150,7 @@ event Management::Agent::API::set_configuration_request(reqid: string, config: M for ( node in config$nodes ) { - if ( node$instance == Management::Agent::name ) + if ( node$instance == Management::Agent::get_name() ) g_nodes[node$name] = node; # The cluster and supervisor frameworks require a port for every @@ -214,7 +214,7 @@ event Management::Agent::API::set_configuration_request(reqid: string, config: M { local res = Management::Result( $reqid = reqid, - $instance = Management::Agent::name); + $instance = Management::Agent::get_name()); Management::Log::info(fmt("tx Management::Agent::API::set_configuration_response %s", Management::result_to_string(res))); @@ -232,7 +232,7 @@ event SupervisorControl::status_response(reqid: string, result: Supervisor::Stat Management::Request::finish(reqid); local res = Management::Result( - $reqid = req$parent_id, $instance = Management::Agent::name); + $reqid = req$parent_id, $instance = Management::Agent::get_name()); local node_statuses: Management::NodeStatusVec; @@ -494,7 +494,7 @@ event Management::Agent::API::agent_welcome_request(reqid: string) local res = Management::Result( $reqid = reqid, - $instance = Management::Agent::name); + $instance = Management::Agent::get_name()); Management::Log::info(fmt("tx Management::Agent::API::agent_welcome_response %s", Management::result_to_string(res))); @@ -515,7 +515,7 @@ event Management::Agent::API::agent_standby_request(reqid: string) local res = Management::Result( $reqid = reqid, - $instance = Management::Agent::name); + $instance = Management::Agent::get_name()); Management::Log::info(fmt("tx Management::Agent::API::agent_standby_response %s", Management::result_to_string(res))); diff --git a/scripts/policy/frameworks/management/controller/api.zeek b/scripts/policy/frameworks/management/controller/api.zeek index d3822f3d02..b840aecab6 100644 --- a/scripts/policy/frameworks/management/controller/api.zeek +++ b/scripts/policy/frameworks/management/controller/api.zeek @@ -97,6 +97,7 @@ export { ## member is a vector of :zeek:see:`Management::NodeStatus` ## records, covering the nodes at that instance. Results may also indicate ## failure, with error messages indicating what went wrong. + ## global get_nodes_response: event(reqid: string, result: Management::ResultVec); @@ -115,6 +116,7 @@ export { ## nodes: a set of cluster node names (e.g. "worker-01") to retrieve ## the values from. An empty set, supplied by default, means ## retrieval from all current cluster nodes. + ## global get_id_value_request: event(reqid: string, id: string, nodes: set[string] &default=set()); @@ -128,6 +130,7 @@ export { ## data field contains a string with the JSON rendering (as produced ## by :zeek:id:`to_json`, including the error strings it potentially ## returns). + ## global get_id_value_response: event(reqid: string, result: Management::ResultVec); @@ -167,4 +170,4 @@ export { ## instances: the set of instance names now ready. ## global notify_agents_ready: event(instances: set[string]); - } +} diff --git a/scripts/policy/frameworks/management/controller/config.zeek b/scripts/policy/frameworks/management/controller/config.zeek index c97c11bb6a..83c067e76c 100644 --- a/scripts/policy/frameworks/management/controller/config.zeek +++ b/scripts/policy/frameworks/management/controller/config.zeek @@ -49,6 +49,9 @@ export { ## output gets garbled. const directory = "" &redef; + ## Returns the effective name of the controller. + global get_name: function(): string; + ## Returns a :zeek:see:`Broker::NetworkInfo` record describing the controller. global network_info: function(): Broker::NetworkInfo; @@ -56,6 +59,14 @@ export { global endpoint_info: function(): Broker::EndpointInfo; } +function get_name(): string + { + if ( name != "" ) + return name; + + return fmt("controller-%s", gethostname()); + } + function network_info(): Broker::NetworkInfo { local ni: Broker::NetworkInfo; @@ -79,11 +90,7 @@ function endpoint_info(): Broker::EndpointInfo { local epi: Broker::EndpointInfo; - if ( Management::Controller::name != "" ) - epi$id = Management::Controller::name; - else - epi$id = fmt("controller-%s", gethostname()); - + epi$id = Management::Controller::get_name(); epi$network = network_info(); return epi;