[Update] 修改目录 (#173)

* [Update] 修改目录

* [Update] 修改docker file

Dockerfile

@@ -15,7 +15,7 @@ COPY . /opt/coco
 VOLUME /opt/coco/logs
 VOLUME /opt/coco/keys
 
-RUN cp conf_docker.py conf.py
+RUN cp config_example.yml config.yml
 
 EXPOSE 2222
 CMD python run_server.py

coco/app.py

@@ -10,6 +10,8 @@ import json
 import signal
 import copy
 
+import psutil
+
 from .conf import config
 from .sshd import SSHServer
 from .httpd import HttpServer
@@ -83,10 +85,26 @@ class Coco:
         self.monitor_sessions()
         self.monitor_sessions_replay()
 
-    @ignore_error
+    # @ignore_error
     def heartbeat(self):
-        _sessions = [s.to_json() for s in Session.sessions.values() if s]
-        tasks = app_service.terminal_heartbeat(_sessions)
+        sessions = list(Session.sessions.keys())
+        p = psutil.Process(os.getpid())
+        cpu_used = p.cpu_percent(interval=1.0)
+        memory_used = int(p.memory_info().rss / 1024 / 1024)
+        connections = len(p.connections())
+        threads = p.num_threads()
+        session_online = len(sessions)
+        data = {
+            "cpu_used": cpu_used,
+            "memory_used": memory_used,
+            "connections": connections,
+            "threads": threads,
+            "boot_time": p.create_time(),
+            "session_online": session_online,
+            "sessions": sessions,
+        }
+        tasks = app_service.terminal_heartbeat(data)
+
         if tasks:
             self.handle_task(tasks)
         if tasks is False:
@@ -107,7 +125,7 @@ class Coco:
             while not self.stop_evt.is_set():
                 try:
                     self.heartbeat()
-                except Exception as e:
+                except IndexError as e:
                     logger.error("Unexpected error occur: {}".format(e))
                 time.sleep(config["HEARTBEAT_INTERVAL"])
         thread = threading.Thread(target=func)

coco/conf.py

@@ -300,15 +300,23 @@ class Config(dict):
     def __getattr__(self, item):
         return self.__getitem__(item)
 
+    def __setattr__(self, key, value):
+        return self.__setitem__(key, value)
+
     def __repr__(self):
         return '<%s %s>' % (self.__class__.__name__, dict.__repr__(self))
 
 
-access_key_path = os.path.abspath(os.path.join(root_path, 'keys', '.access_key'))
+access_key_path = os.path.abspath(
+    os.path.join(root_path, 'data', 'keys', '.access_key')
+)
+host_key_path = os.path.abspath(
+    os.path.join(root_path, 'data', 'keys', 'host_rsa_key')
+)
 defaults = {
     'NAME': socket.gethostname(),
     'CORE_HOST': 'http://127.0.0.1:8080',
-    'BOOTSTRAP_TOKEN': os.environ.get("BOOTSTRAP_TOKEN") or 'PleaseChangeMe',
+    'BOOTSTRAP_TOKEN': '',
     'ROOT_PATH': root_path,
     'DEBUG': True,
     'BIND_HOST': '0.0.0.0',
@@ -316,17 +324,17 @@ defaults = {
     'HTTPD_PORT': 5000,
     'COCO_ACCESS_KEY': '',
     'ACCESS_KEY_FILE': access_key_path,
+    'HOST_KEY_FILE': host_key_path,
     'SECRET_KEY': 'SDK29K03%MM0ksf&#2',
     'LOG_LEVEL': 'INFO',
-    'LOG_DIR': os.path.join(root_path, 'logs'),
-    'SESSION_DIR': os.path.join(root_path, 'sessions'),
+    'LOG_DIR': os.path.join(root_path, 'data', 'logs'),
     'ASSET_LIST_SORT_BY': 'hostname',  # hostname, ip
     'PASSWORD_AUTH': True,
     'PUBLIC_KEY_AUTH': True,
     'SSH_TIMEOUT': 10,
     'ALLOW_SSH_USER': [],
     'BLOCK_SSH_USER': [],
-    'HEARTBEAT_INTERVAL': 5,
+    'HEARTBEAT_INTERVAL': 20,
     'MAX_CONNECTIONS': 500,  # Not use now
     'ADMINS': '',
     'COMMAND_STORAGE': {'TYPE': 'server'},   # server
@@ -380,3 +388,13 @@ def load_user_config():
 
 
 config = load_user_config()
+
+old_host_key_path = os.path.join(root_path, 'keys', 'host_rsa_key')
+old_access_key_path = os.path.join(root_path, 'keys', '.access_key')
+
+if os.path.isfile(old_host_key_path) and not os.path.isfile(config.HOST_KEY_FILE):
+    config.HOST_KEY_FILE = old_host_key_path
+
+if os.path.isfile(old_access_key_path) and not os.path.isfile(config.ACCESS_KEY_FILE):
+    config.ACCESS_KEY_FILE = old_access_key_path
+

coco/recorder.py

@@ -2,7 +2,6 @@
 # -*- coding: utf-8 -*-
 #
 
-import abc
 import threading
 import time
 import os
@@ -13,7 +12,7 @@ from copy import deepcopy
 import jms_storage
 
 from .conf import config
-from .utils import get_logger, Singleton
+from .utils import get_logger
 from .struct import MemoryQueue
 from .service import app_service
 

coco/service.py

@@ -6,7 +6,6 @@ from .conf import config
 
 
 inited = False
-
 app_service = AppService(config)
 
 if not inited:

coco/sshd.py

@@ -29,7 +29,7 @@ class SSHServer:
 
     @property
     def host_key(self):
-        host_key_path = os.path.join(config['ROOT_PATH'], 'keys', 'host_rsa_key')
+        host_key_path = config['HOST_KEY_FILE']
         if not os.path.isfile(host_key_path):
             if config.HOST_KEY:
                 with open(host_key_path, 'w') as f:

config_example.yml

@@ -6,7 +6,7 @@ CORE_HOST: http://127.0.0.1:8080
 
 # Bootstrap Token, 预共享秘钥, 用来注册coco使用的service account和terminal
 # 请和jumpserver 配置文件中保持一致，注册完成后可以删除
-BOOTSTRAP_TOKEN: <ChangeIT>
+BOOTSTRAP_TOKEN: <PleasgeChangeSameWithJumpserver>
 
 # 启动时绑定的ip, 默认 0.0.0.0
 # BIND_HOST: 0.0.0.0
@@ -22,7 +22,7 @@ BOOTSTRAP_TOKEN: <ChangeIT>
 # ACCESS_KEY: null
 
 # ACCESS KEY 保存的地址, 默认注册后会保存到该文件中
-# ACCESS_KEY_STORE: keys/.access_key
+# ACCESS_KEY_FILE: data/keys/.access_key
 
 # 加密密钥
 # SECRET_KEY: null

requirements/requirements.txt

@@ -19,7 +19,7 @@ itsdangerous==0.24
 Jinja2==2.10
 jmespath==0.9.3
 jms-storage==0.0.20
-jumpserver-python-sdk==0.0.54
+jumpserver-python-sdk==0.0.55
 MarkupSafe==1.0
 oss2==2.4.0
 paramiko==2.4.1