Kraken Base

Kraken Base controls sentry and collects logs from remote site. Kraken sentries connect to kraken base. They make two connections: command channel and log (data) channel.

Author

• xeraph ( xeraph@nchovy.com)

Certificate Configuration

• Kraken RPC supports client verification using X.509 (SSL) certificate.
• You should configure CA certificate (JKS format) and public-private key pairs (PKCS12 format) for RPC.
• Desired state:

  kraken> keystore.list
  Key Stores
  =============
  [rpc-ca] type: JKS, password: PASSWORD, path: /root/kraken/certs/CA.jks
  [rpc-agent] type: PKCS12, password: PASSWORD, path: /root/kraken/certs/Agent.pfx
  

• Use keystore.register command:

  kraken> keystore.register rpc-ca JKS /root/kraken/certs/CA.jks PASSWORD
  [rpc-ca] key store registered
  kraken> keystore.register rpc-agent PKCS12 /root/kraken/certs/Agent.pfx PASSWORD
  [rpc-agent] key store registered
  

• For now, it does not support CN (common name) based access control.
  • Use SentryGuidChecker instead

Command

• base.list
  • List all connected sentries

    kraken> base.list
    Connected Sentry List
    -------------------------
    guid=aa9098bc-dbd1-4696-b7a9-ff3fab100133, remote=/10.0.1.8:45100
    

• base.call [guid] [method] [params]
  • Invoke remote procedure call

    kraken> base.call aa9098bc-dbd1-4696-b7a9-ff3fab100133 getSystemInfo
    {
      "java.vm.version": 14.0-b16
      "os.version": 6.1
      "user.home": C:\
      "os.arch": x86
      "host.name": ZARD
      "java.vm.name": Java HotSpot(TM) Server VM
      "user.dir": C:\Program Files\Kraken
      "java.version": 1.6.0_14
      "java.vendor": Sun Microsystems Inc.
      "os.name": Windows 7
      "java.vm.vendor": Sun Microsystems Inc.
    }
    
    kraken> base.call aa9098bc-dbd1-4696-b7a9-ff3fab100133 getFeatures
    [
     netstat
     arp-cache
     process-list
     routing-table
     logger-control
     disk-info
     nic-info
    ]
    

• base.remoteLoggerFactories [guid]
  • List all remote logger factories

    kraken> base.remoteLoggerFactories aa9098bc-dbd1-4696-b7a9-ff3fab100133
    Remote Logger Factories
    -------------------------
    name=process-check, type=Process Check, description=Check process running status periodically
    name=network-usage, type=Network Usage Logger, description=Check Network Usage
    name=windows-event-logger, type=Windows EventLog, description=Windows EventLog
    name=memory-usage, type=Memory Usage Logger, description=Check Memory Usage
    name=cpu-usage, type=CPU Usage Logger, description=Check CPU Usage
    name=disk-usage, type=Disk Usage Logger, description=Check Disk Usage
    

• base.remoteLoggers [guid]
  • List all remote loggers

    Remote Loggers
    ---------------------
    name=aa9098bc-dbd1-4696-b7a9-ff3fab100133\event, factory=aa9098bc-dbd1-4696-b7a9-ff3fab100133\windows-event-logger, log count=0, last log=null, running=false, interval=0
    name=aa9098bc-dbd1-4696-b7a9-ff3fab100133\cpu, factory=aa9098bc-dbd1-4696-b7a9-ff3fab100133\cpu-usage, log count=0, last log=null, running=true, interval=5000
    name=aa9098bc-dbd1-4696-b7a9-ff3fab100133\mem, factory=aa9098bc-dbd1-4696-b7a9-ff3fab100133\memory-usage, log count=0, last log=null, running=false, interval=0
    

• base.connectRemoteLogger [guid] [logger name]
  • Connect log pipe to remote logger. Sentry will send all logs of specified remote logger to base. Logger will collects or generates log when it is started.
• base.disconnectRemoteLogger [guid] [logger name]
  • Disconnect log pipe from remote logger. Sentry will stop remote log pumping. However, local log aggregation task will continue.
• base.createRemoteLogger [guid] [logger factory name] [logger name] [description]
  • Create remote logger.
• base.removeRemoteLogger [guid] [logger name]
  • Remove remote logger.
• base.startRemoteLogger [guid] [logger name] [interval (millisecond)]
  • Start remote logger.

    kraken> base.startRemoteLogger aa9098bc-dbd1-4696-b7a9-ff3fab100133 cpu 5000
    logger started
    

• base.stopRemoteLogger [guid] [logger name] [stop timeout (millisecond)]
  • Stop remote logger

    kraken> base.stopRemoteLogger aa9098bc-dbd1-4696-b7a9-ff3fab100133 cpu 1000
    logger stopped
    

• base.requestLogChannel
  • Force create a log channel. It will be ignored if log channel already exists.

Interface

SentryProxyRegistry

When sentry is connected, kraken base registers new sentry proxy to sentry proxy registry:

public interface SentryProxyRegistry {
	// get connected sentry list
	Collection<String> getSentryGuids();
	SentryProxy getSentry(String guid);

	// sentry registration 
	void register(SentryProxy sentry);
	void unregister(SentryProxy sentry);

	// sentry registration event callback
	void addListener(SentryProxyEventListener callback);
	void removeListener(SentryProxyEventListener callback);

	// enforce access control by guid
	void addGuidChecker(SentryGuidChecker checker);
	void removeGuidChecker(SentryGuidChecker checker);
}

SentryProxy

You can get sentry proxy from sentry proxy registry, and control remote agent:

public interface SentryProxy {
	// check proxy state
	boolean isOpen();

	// disconnect and clear all resources
	void close();

	// all sentry has own unique identifier
	String getGuid();

	// invoke sentry RPC method (marked as @SentryMethod)
	Object call(String method, Object[] params) throws RpcException, InterruptedException;
	Object call(String method, Object[] params, long timeout) throws RpcException, InterruptedException;

	// set log channel
	void requestLogChannel() throws RpcException, InterruptedException;
	RpcSession getLogSession();
	void setLogSession(String nonce, RpcSession logSession);

	// get remote logger factories and loggers
	Map<String, RemoteLoggerFactoryInfo> getRemoteLoggerFactories() throws RpcException, InterruptedException;
	RemoteLoggerFactoryInfo getRemoteLoggerFactory(String name) throws RpcException, InterruptedException;
	Map<String, Logger> getRemoteLoggers() throws RpcException, InterruptedException;

	// remote logger control
	Collection<Logger> getConnectedLoggers();
	Logger getConnectedLogger(String name);
	Logger createRemoteLogger(String factoryName, String name, String description, Properties props) throws RpcException, InterruptedException;
	void removeRemoteLogger(String name) throws RpcException, InterruptedException;
	void startRemoteLogger(String name, int interval) throws RpcException, InterruptedException;
	void stopRemoteLogger(String name, int timeout) throws RpcException, InterruptedException;

	// connect or disconnect log pipe to remote logger
	void connectRemoteLogger(String loggerFullName) throws RpcException, InterruptedException;
	void disconnectRemoteLogger(String loggerFullName) throws RpcException, InterruptedException;
	
	// fetch all logger factories and loggers at first time
	void syncLoggerFactories() throws RpcException, InterruptedException;
	void syncLoggers() throws RpcException, InterruptedException;

	// sync logger factory list
	void registerLoggerFactory(RemoteLoggerFactoryInfo factory);
	void unregisterLoggerFactory(String factoryFullName);

	// sync logger list
	void registerLogger(Logger logger);
	void unregisterLogger(String loggerFullName);
	
	// receive remote logger event callback
	void loggerStarted(String loggerFullName, int interval);	
	void loggerStopped(String loggerFullName);
}

SentryProxyEventListener

If you need to catch sentry proxy connection event, add event listener to sentry proxy registry:

public interface SentryProxyEventListener {
	void sentryConnected(SentryProxy sentry);

	void sentryDisconnected(SentryProxy sentry);
}

SentryGuidChecker

SentryGuidChecker provides guid based access control:

public interface SentryGuidChecker {
	boolean check(String guid);
}

Add your own guid checker to sentry proxy registry. Sentry login will be denied if you returns false.

See also

• Kraken RPC?
• Kraken Sentry
• Kraken Log API
• Kraken CA

History

• 1.0.0 release (2010-12-27)