From 801153d86b1b5913ec92beb72560c51948d031e7 Mon Sep 17 00:00:00 2001 From: garnier-quentin Date: Thu, 10 Jan 2019 17:45:41 +0100 Subject: [PATCH] add openvpn management plugin and is_verbose method --- apps/openvpn/omi/custom/api.pm | 261 +++++++++++++++++++++++++++ apps/openvpn/omi/mode/serverusage.pm | 145 +++++++++++++++ apps/openvpn/omi/plugin.pm | 49 +++++ centreon/plugins/output.pm | 9 + 4 files changed, 464 insertions(+) create mode 100644 apps/openvpn/omi/custom/api.pm create mode 100644 apps/openvpn/omi/mode/serverusage.pm create mode 100644 apps/openvpn/omi/plugin.pm diff --git a/apps/openvpn/omi/custom/api.pm b/apps/openvpn/omi/custom/api.pm new file mode 100644 index 000000000..aac4d3e52 --- /dev/null +++ b/apps/openvpn/omi/custom/api.pm @@ -0,0 +1,261 @@ +# +# Copyright 2019 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package apps::openvpn::omi::custom::api; + +use strict; +use warnings; +use IO::Socket::INET; +use IO::Select; + +sub new { + my ($class, %options) = @_; + my $self = {}; + bless $self, $class; + + if (!defined($options{output})) { + print "Class Custom: Need to specify 'output' argument.\n"; + exit 3; + } + if (!defined($options{options})) { + $options{output}->add_option_msg(short_msg => "Class Custom: Need to specify 'options' argument."); + $options{output}->option_exit(); + } + + if (!defined($options{noptions})) { + $options{options}->add_options(arguments => + { + "omi-hostname:s@" => { name => 'omi_hostname' }, + "omi-port:s@" => { name => 'omi_port' }, + "omi-password:s@" => { name => 'omi_password' }, + "timeout:s@" => { name => 'timeout' }, + }); + } + $options{options}->add_help(package => __PACKAGE__, sections => 'MANAGEMENT API OPTIONS', once => 1); + + $self->{output} = $options{output}; + $self->{mode} = $options{mode}; + $self->{cnx_omi} = undef; + + return $self; + +} + +sub set_options { + my ($self, %options) = @_; + + $self->{option_results} = $options{option_results}; +} + +sub set_defaults { + my ($self, %options) = @_; + + foreach (keys %{$options{default}}) { + if ($_ eq $self->{mode}) { + for (my $i = 0; $i < scalar(@{$options{default}->{$_}}); $i++) { + foreach my $opt (keys %{$options{default}->{$_}[$i]}) { + if (!defined($self->{option_results}->{$opt}[$i])) { + $self->{option_results}->{$opt}[$i] = $options{default}->{$_}[$i]->{$opt}; + } + } + } + } + } +} + +sub check_options { + my ($self, %options) = @_; + + $self->{omi_hostname} = (defined($self->{option_results}->{omi_hostname})) ? shift(@{$self->{option_results}->{omi_hostname}}) : undef; + $self->{omi_password} = (defined($self->{option_results}->{omi_password})) ? shift(@{$self->{option_results}->{omi_password}}) : undef; + $self->{omi_port} = (defined($self->{option_results}->{omi_port})) ? shift(@{$self->{option_results}->{omi_port}}) : 7505; + $self->{timeout} = (defined($self->{option_results}->{timeout})) ? shift(@{$self->{option_results}->{timeout}}) : 10; + + if (!defined($self->{omi_hostname})) { + $self->{output}->add_option_msg(short_msg => "Need to specify --omi-hostname option."); + $self->{output}->option_exit(); + } + + if (!defined($self->{omi_hostname}) || + scalar(@{$self->{option_results}->{omi_hostname}}) == 0) { + return 0; + } + + return 1; +} + +sub get_connect_info { + my ($self, %options) = @_; + + return $self->{omi_hostname} . '_' . $self->{omi_port}; +} + +sub write_omi_protocol { + my ($self, %options) = @_; + + $self->{cnx_omi}->send($options{cmd}); +} + +sub read_omi_protocol { + my ($self, %options) = @_; + + my $select = IO::Select->new($self->{cnx_omi}); + my $read_msg; + my $message = ''; + while (1) { + if (!$select->can_read(10)) { + $self->{output}->output_add(long_msg => $message, debug => 1); + $self->{output}->add_option_msg(short_msg => "Communication issue [Timeout or unexpected protocol]"); + $self->{output}->option_exit(); + } + + my $status = $self->{cnx_omi}->recv($read_msg, 4096); + $message .= $read_msg; + last if ($message =~ /$options{expected}/ms); + } + + $self->{output}->output_add(long_msg => $message, debug => 1); + $message =~ s/\r//msg; + #if ($response !~ /Success|Follows/) { + # $message =~ s/\n+$//msg; + # $message =~ s/\n/ -- /msg; + # $self->{output}->add_option_msg(short_msg => "Communication issue [" . $message . "]"); + # $self->{output}->option_exit(); + #} + return $message; +} + +sub command_omi_protocol { + my ($self, %options) = @_; + + # Three types of message: + # CMD1 + # SUCCESS: nclients=5,bytesin=7761549522,bytesout=18417469629 + # + # CMD1 + # ERROR: unknown command, enter 'help' for more options + # + # CMD1 + # ... + # END + $self->write_omi_protocol(cmd => "$options{cmd} +"); + my $message = $self->read_omi_protocol(expected => '^(END[^\n]*?|SUCCESS:[^\n]*?|ERROR:[^\n]*?)\n'); + if ($message =~ /^ERROR:(.*)/m) { + $self->{output}->add_option_msg(short_msg => "Protocol error [" . $message . "]"); + $self->{output}->option_exit(); + } + + return $message; +} + +sub login { + my ($self, %options) = @_; + + my $message = $self->read_omi_protocol(expected => '^(>INFO:OpenVPN.*|ENTER\s+PASSWORD:)'); + if ($message =~ /PASSWORD/) { + if (!defined($self->{omi_password}) || $self->{omi_password} eq '') { + $self->{output}->add_option_msg(short_msg => "Openvpn management interface require a password. please set --omi-password option"); + $self->{output}->option_exit(); + } + $self->write_omi_protocol(cmd => $self->{omi_password}); + $message = $self->read_omi_protocol(expected => '^(SUCCESS|ERROR):[^\n]*?\n'); + if ($message =~ /^ERROR:(.*)/m) { + $self->{output}->add_option_msg(short_msg => "Password error [" . $1 . "]"); + $self->{output}->option_exit(); + } + } +} + +sub connect { + my ($self, %options) = @_; + + $self->{cnx_omi} = IO::Socket::INET->new( + PeerAddr => $self->{omi_hostname}, + PeerPort => $self->{omi_port}, + Proto => 'tcp', + Timeout => $self->{timeout}, + ); + if (!defined($self->{cnx_omi})) { + $self->{output}->add_option_msg(short_msg => "Can't bind : $@"); + $self->{output}->option_exit(); + } + + $self->{cnx_omi}->autoflush(1); + $self->login(); +} + +sub command { + my ($self, %options) = @_; + + if (!defined($self->{cnx_omi})) { + $self->connect(); + } + + return $self->command_omi_protocol(%options); +} + +sub DESTROY { + my $self = shift; + + if (defined($self->{cnx_omi})) { + $self->{cnx_omi}->close(); + } +} + +1; + +__END__ + +=head1 NAME + +Openvpn Management interface + +=head1 SYNOPSIS + +Openvpn Management interface custom mode + +=head1 MANAGEMENT API OPTIONS + +=over 8 + +=item B<--omi-hostname> + +OMI hostname. + +=item B<--omi-port> + +OMI port (Default: 7505). + +=item B<--omi-password> + +OMI password. + +=item B<--timeout> + +Set TCP timeout + +=back + +=head1 DESCRIPTION + +B. + +=cut diff --git a/apps/openvpn/omi/mode/serverusage.pm b/apps/openvpn/omi/mode/serverusage.pm new file mode 100644 index 000000000..b7041c849 --- /dev/null +++ b/apps/openvpn/omi/mode/serverusage.pm @@ -0,0 +1,145 @@ +# +# Copyright 2019 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package apps::openvpn::omi::mode::serverusage; + +use base qw(centreon::plugins::templates::counter); + +use strict; +use warnings; +use Digest::MD5 qw(md5_hex); + +sub set_counters { + my ($self, %options) = @_; + + $self->{maps_counters_type} = [ + { name => 'global', type => 0 }, + ]; + + $self->{maps_counters}->{global} = [ + { label => 'num-clients', set => { + key_values => [ { name => 'num_clients' } ], + output_template => 'Current Clients: %s', + perfdatas => [ + { label => 'num_clients', value => 'num_clients_absolute', template => '%s', min => 0 }, + ], + } + }, + { label => 'traffic-in', set => { + key_values => [ { name => 'traffic_in', diff => 1 } ], + per_second => 1, output_change_bytes => 2, + output_template => 'Traffic In: %s %s/s', + perfdatas => [ + { label => 'traffic_in', value => 'traffic_in_per_second', template => '%.2f', + min => 0, unit => 'b/s' }, + ], + } + }, + { label => 'traffic-out', set => { + key_values => [ { name => 'traffic_out', diff => 1 } ], + per_second => 1, output_change_bytes => 2, + output_template => 'Traffic Out: %s %s/s', + perfdatas => [ + { label => 'traffic_out', value => 'traffic_out_per_second', template => '%.2f', + min => 0, unit => 'b/s' }, + ], + } + } + ]; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, statefile => 1); + bless $self, $class; + + $self->{version} = '1.0'; + $options{options}->add_options(arguments => + { + }); + + return $self; +} + +sub manage_selection { + my ($self, %options) = @_; + + my $result = $options{custom}->command(cmd => 'load-stats'); + # SUCCESS: nclients=6,bytesin=7765329961,bytesout=18435500727 + + $self->{global} = { num_clients => 0, traffic_in => 0, traffic_out => 0 }; + if ($result =~ /nclients=(\d+),bytesin=(\d+),bytesout=(\d+)/) { + $self->{global} = { num_clients => $1, traffic_in => $2 * 8, traffic_out => $3 * 8 }; + } + + #status + #OpenVPN CLIENT LIST + #Updated,Thu Jan 10 16:05:32 2019 + #Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since + #plop1,xxxx.xxx.xxx.xxxx:56702,104525967,29529209,Thu Jan 10 08:53:46 2019 + #plop2,xxx.xxxx.xxx.xxx:39374,1814536,8630412,Thu Jan 10 15:27:13 2019 + #plop3,xxx.xxxx.xxxx.xxxx:62866,8208936,85352252,Thu Jan 10 08:14:49 2019 + #ROUTING TABLE + #Virtual Address,Common Name,Real Address,Last Ref + #10.8.1.xxx,plop1,xxx.xx.xx.xxx:53725,Thu Jan 10 16:05:31 2019 + #... + #GLOBAL STATS + #Max bcast/mcast queue length,9 + #END + if ($self->{output}->is_verbose()) { + $result = $options{custom}->command(cmd => 'status'); + if ($result =~ /OpenVPN CLIENT LIST\n(.*?)ROUTING TABLE/ms) { + my @users = split /\n/, $1; + splice @users, 0, 2; + foreach (@users) { + my ($user) = split /,/; + $self->{output}->add_option_msg(long_msg => "user '$user' connected"); + } + } + } + + $self->{cache_name} = "openvpn" . '_' . $self->{mode} . '_' . $options{custom}->get_connect_info() . '_' . + (defined($self->{option_results}->{filter_counters}) ? md5_hex($self->{option_results}->{filter_counters}) : md5_hex('all')) . '_' . + (defined($self->{option_results}->{filter_name}) ? md5_hex($self->{option_results}->{filter_name}) : md5_hex('all')); +} + +1; + +__END__ + +=head1 MODE + +Check server usage. + +=over 8 + +=item B<--warning-*> + +Threshold warning. +Can be: 'num-clients', 'traffic-in', 'traffic-out'. + +=item B<--critical-*> + +Threshold critical. +Can be: 'num-clients', 'traffic-in', 'traffic-out'. + +=back + +=cut diff --git a/apps/openvpn/omi/plugin.pm b/apps/openvpn/omi/plugin.pm new file mode 100644 index 000000000..608ea9b3b --- /dev/null +++ b/apps/openvpn/omi/plugin.pm @@ -0,0 +1,49 @@ +# +# Copyright 2019 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package apps::openvpn::omi::plugin; + +use strict; +use warnings; +use base qw(centreon::plugins::script_custom); + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options); + bless $self, $class; + + $self->{version} = '1.0'; + %{$self->{modes}} = ( + 'server-usage' => 'apps::openvpn::omi::mode::serverusage', + ); + + $self->{custom_modes}{api} = 'apps::openvpn::omi::custom::api'; + return $self; +} + +1; + +__END__ + +=head1 PLUGIN DESCRIPTION + +Check Openvpn through management interface. + +=cut diff --git a/centreon/plugins/output.pm b/centreon/plugins/output.pm index 48a98a603..d7a7925ce 100644 --- a/centreon/plugins/output.pm +++ b/centreon/plugins/output.pm @@ -709,6 +709,15 @@ sub is_disco_show { return 0; } +sub is_verbose { + my ($self) = @_; + + if (defined($self->{option_results}->{verbose})) { + return 1; + } + return 0; +} + sub parse_pfdata_scale { my ($self, %options) = @_;