Giters

anthcourtney / docker-sensu-over-http

PoC of making sensu's ntp check available over HTTP

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

docker sensu-over-http

Background

This is a quick and dirty PoC of providing a HTTP interface to sensu-plugins for the purpose of performing health monitoring of an EC2 instance.

In other words:

  • We have deployed some internal NTP servers.
  • We haven't setup any custom metric -> CloudWatch for NTP time sync.
  • We like sensu, but we don't use it elsewhere yet.
  • We like sensu's plugins, because we know they work.
  • Sensu has a nice 'check-ntp' plugin which will check the offset of the local ntpd process against upstream servers.
  • We want to expose this plugin over HTTP, so we can query it (i.e. remotely) and perform some sort of action.

This is a little contrived, and the example is very hacky, but it's a quick and dirty PoC.

Build and Run

$ docker build -t ac:sensu-over-http ./
$ docker run -it -p 127.0.0.1:8080:8080 ac:sensu-over-http

Test

Connect to the docker container on port 8080 and make a HTTP request.

If ntpd is in sync, a 200 OK will be returned .

i.e.

$ curl -v http://localhost:8080/ntp
> GET /ntp HTTP/1.1
> User-Agent: curl/7.38.0
> Host: localhost:8080
> Accept: */*
> 
< HTTP/1.1 200 OK
< Date: Wed, 07 Sep 2016 06:08:03 GMT
< Content-Length: 35
< Content-Type: text/plain; charset=utf-8
< 
CheckNTP OK: NTP offset by 2.085ms

If ntpd is not in sync or there's an unknown status, a 503 Service Unavailable will be returned.

$ curl -v http://localhost:8080/ntp
> GET /ntp HTTP/1.1
> User-Agent: curl/7.38.0
> Host: localhost:8080
> Accept: */*
> 
< HTTP/1.1 503 Service Unavailable
< Content-Type: text/plain; charset=utf-8
< X-Content-Type-Options: nosniff
< Date: Wed, 07 Sep 2016 06:07:58 GMT
< Content-Length: 75
< 
CheckNTP UNKNOWN: NTP command Failed

In both cases, the body of the response will contain the output of the sensu check.

Notes

  • CentOS was used because alpine linux doesn't include ntpq in any packages. It's kind of essential to the sensu plugin.
  • We should do a two-phase build (i.e. build container, run container, copy in go binary, build container from running container), but we don't.
  • We could add more checks, but again, it's a PoC.
  • Similarly, supported HTTP methods/schemes could be tightened up.
  • Stuff is hardcoded.
  • This is all a little contrived.

About

PoC of making sensu's ntp check available over HTTP

Languages

Language:Go 91.6%Language:Ruby 8.4%