Introduce disk alerter

Fix access to rootfs

Rename constant

Fix shellcheck findings

Workaround for strange swarm api behavior

Add more logging

Found mystery culprit - two instances running and overwriting temp files

Author: brablc

config.sh

@@ -5,6 +5,7 @@ SCRIPT_PATH=$(readlink -f "$0")
 SCRIPT_DIR=${SCRIPT_PATH%/*}
 cd "$SCRIPT_DIR"
 
+export DISK_USAGE_MAX=${DISK_USAGE_MAX:-85}
 export LABEL_PORT="swarm-health-alerter.port"
 export LABEL_SOCK="swarm-health-alerter.sock"
 export LOGGER_USE_SYSLOG=0

disk-alerter.sh

@@ -0,0 +1,63 @@
+#!/usr/bin/env bash
+
+source "./config.sh"
+source "./logger.sh"
+source "./checks.sh"
+
+DATA_PREFIX="$DATA_DIR/disk-alerter"
+
+function check_disks() {
+  local swarm_name=$SWARM_NAME
+  while read -r mount usage; do
+    unique_name="${swarm_name} ${mount}"
+    unique_code=$(echo "${unique_name,,}" | sed -e 's/ /_/g' -e 's/[^a-zA-Z0-9_-]/_/g')
+    random_str=$(tr -dc 'a-zA-Z0-9' </dev/urandom | head -c 10)
+    read -r unique_id _ < <(echo -n "$unique_name $random_str" | md5sum)
+    prefix="${DATA_PREFIX}-${unique_code}"
+    pending_file="${prefix}.pending"
+    log_file="${prefix}.log"
+
+    df -h "$mount" >"$log_file"
+
+    action=""
+    appendix=""
+    message="${swarm_name} disk ${mount:7:24} at $HOSTNAME usage $usage% >= $DISK_USAGE_MAX"
+    if ((usage >= DISK_USAGE_MAX)); then
+      if [[ -f $pending_file ]]; then
+        log_warn "Pending alert: $message"
+      else
+        echo "$unique_id" >"$pending_file"
+        action="create"
+        appendix="is out of space"
+      fi
+    else
+      if [[ -f $pending_file ]]; then
+        action="resolve"
+        appendix="has space"
+        unique_id=$(cat "$pending_file")
+        rm -f "$pending_file"
+      fi
+    fi
+    if [[ -n $action ]]; then
+      jq -n \
+        --arg action "$action" \
+        --arg unique_id "$unique_id" \
+        --arg message "$message $appendix" \
+        --arg summary "$(cat "$log_file")" \
+        '{
+           "action": $action,
+           "unique_id": $unique_id,
+           "message": $message,
+           "summary": $summary
+         }' | /bin/bash -c "$ALERT_SCRIPT"
+    fi
+    rm -f "$log_file"
+  done < <(df -h -PT | awk -vlimit="$DISK_MAX_USAGE" 'NR>1&&int($6)>limit&&/rootfs/ {print($7,int($6))}')
+}
+
+log_info "Disk alerter is entering loop with ${LOOP_SLEEP} sleep on entry ..."
+
+while true; do
+  sleep "$LOOP_SLEEP"
+  check_disks
+done

docker-cmd.sh

@@ -1,4 +1,5 @@
 #!/usr/bin/env bash
+# shellcheck disable=SC2064,SC2181
 
 source "./config.sh"
 source "./logger.sh"
@@ -11,19 +12,23 @@ if [ $? != 0 ]; then
   services=$(./services.sh 2>&1)
 fi
 
-if [[ "$services" != "" ]]; then
+if [[ $services != "" ]]; then
   log_info "Starting port/sock alerter (initial list of services) ..."
   echo "$services"
 
   ./port-alerter.sh &
   trap "kill $!" EXIT
 
   log_info "Starting swarm alerter (initial state of nodes) ..."
-  ./nodes.sh --verbose
+  ./nodes.sh
 
   ./swarm-alerter.sh &
   trap "kill $!" EXIT
 fi
 
+log_info "Starting disk alerter..."
+./disk-alerter.sh &
+trap "kill $!" EXIT
+
 log_info "Starting event alerter ..."
 ./event-alerter.py

integrations/zenduty.sh

@@ -1,15 +1,15 @@
 #!/usr/bin/env bash
 
-SCRIPT_PATH=$(readlink -f $0)
+SCRIPT_PATH=$(readlink -f "$0")
 SCRIPT_DIR=${SCRIPT_PATH%/*}
 source "$SCRIPT_DIR/../logger.sh"
 
 DATA_DIR=${DATA_DIR:-$SCRIPT_DIR/../data}
 
-input_file=$(mktemp $DATA_DIR/zenduty-input.XXXXXX)
-trap "rm -f $input_file" EXIT
+input_file=$(mktemp "$DATA_DIR/zenduty-input.XXXXXX")
+trap 'rm -f "$input_file"' EXIT
 
-if ! timeout 2s cat >$input_file; then
+if ! timeout 2s cat >"$input_file"; then
   log_error "Reading from stdin timed out."
   exit 1
 fi
@@ -19,9 +19,9 @@ if [[ -z $ZENDUTY_API_KEY ]]; then
   exit 1
 fi
 
-action=$(jq -r .action $input_file)
-message=$(jq -r .message $input_file)
-entity_id=$(jq -r .unique_id $input_file)
+action=$(jq -r .action "$input_file")
+message=$(jq -r .message "$input_file")
+entity_id=$(jq -r .unique_id "$input_file")
 
 alert_type=""
 case $action in
@@ -38,33 +38,33 @@ case $action in
     ;;
 esac
 
-request_file=$DATA_DIR/${entity_id}-zenduty-request.json
-response_file=$DATA_DIR/${entity_id}-zenduty-response.json
+request_file=$DATA_DIR/zenduty-request-${entity_id}.json
+response_file=$DATA_DIR/-zenduty-response-${entity_id}.json
 
 jq -r \
   --arg alert_type "$alert_type" \
   '{
-        "alert_type": $alert_type,
-        "entity_id": .unique_id,
-        "message": .message,
-        "summary": .summary
-    }' $input_file >$request_file
+     "alert_type": $alert_type,
+     "entity_id": .unique_id,
+     "message": .message,
+     "summary": .summary
+   }' "$input_file" >"$request_file"
 
 test -n "$VERBOSE" && log_info "Request file:"
-test -n "$VERBOSE" && (jq . $request_file 2>/dev/null || cat $request_file)
+test -n "$VERBOSE" && (jq . "$request_file" 2>/dev/null || cat "$request_file")
 
 url="https://www.zenduty.com/api/events/${ZENDUTY_API_KEY}/"
-curl -s -X POST "$url" -H 'Content-Type: application/json' -d @$request_file >$response_file
+curl -s -X POST "$url" -H 'Content-Type: application/json' -d @"$request_file" >"$response_file"
 return_code=$?
 
 if [ $return_code -ne 0 ]; then
   log_error "Curl failed with code $return_code"
 fi
 
 test -n "$VERBOSE" && log_info "Response file:"
-test -n "$VERBOSE" && (jq . $response_file 2>/dev/null || cat $response_file)
+test -n "$VERBOSE" && (jq . "$response_file" 2>/dev/null || cat "$response_file")
 
 if [[ $action == "resolve" ]]; then
-  rm -f $request_file
-  rm -f $response_file
+  rm -f "$request_file"
+  rm -f "$response_file"
 fi

nodes.sh

@@ -1,10 +1,14 @@
 #!/usr/bin/env bash
 
+# shellcheck disable=SC2002
+
 source "./config.sh"
 source "./logger.sh"
 source "./checks.sh"
 
 if ! ./docker-api.sh /nodes >/tmp/nodes; then
+  log_error "Call to docker-api.sh failed."
+  cat /tmp/nodes
   log_error "$(jq -r .message /tmp/nodes 2>/dev/null || cat /tmp/nodes)"
   exit 1
 fi

port-alerter.sh

@@ -6,30 +6,32 @@ source "./checks.sh"
 
 declare -A REPORTED_SOCKS
 
+DATA_PREFIX="$DATA_DIR/port-alerter"
+
 function check_services() {
   local swarm_name=$SWARM_NAME
-  while read service_name network_alias check_type check_value; do
-    unique_name=$(echo "${swarm_name} ${service_name} ${network_alias} ${check_type} ${check_value}")
+  while read -r service_name network_alias check_type check_value; do
+    unique_name="${swarm_name} ${service_name} ${network_alias} ${check_type} ${check_value}"
     unique_code=$(echo "${unique_name,,}" | sed -e 's/ /_/g' -e 's/[^a-zA-Z0-9_-]/_/g')
     random_str=$(tr -dc 'a-zA-Z0-9' </dev/urandom | head -c 10)
-    read unique_id _ < <(echo -n "$unique_name $random_str" | md5sum)
-    prefix="$DATA_DIR/${unique_code}"
+    read -r unique_id _ < <(echo -n "$unique_name $random_str" | md5sum)
+    prefix="${DATA_PREFIX}-${unique_code}"
     pending_file="${prefix}.pending"
     log_file="${prefix}.log"
 
     if [[ $check_type == "port" ]]; then
       port=$check_value
       real_port="$port"
       # used for testing
-      if [[ -f "$DATA_DIR/test-change-port-$port" ]]; then
-        real_port=$(<"$DATA_DIR/test-change-port-$port")
+      if [[ -f "${DATA_PREFIX}-test-change-port-$port" ]]; then
+        real_port=$(<"${DATA_PREFIX}-test-change-port-$port")
       fi
       WAIT="tcp://$network_alias:$real_port"
       WHERE="via mesh"
     fi
 
     if [[ $check_type == "sock" ]]; then
-      IFS=":" read sock_type sock_file <<<"$check_value"
+      IFS=":" read -r _sock_type sock_file <<<"$check_value"
       if [[ ! -S $sock_file ]]; then
         if [[ ! -v REPORTED_SOCKS[$sock_file] ]]; then
           log_warn "Sock file $sock_file does not exist locally!"
@@ -44,43 +46,42 @@ function check_services() {
     action=""
     appendix=""
     message="${swarm_name} service ${service_name} (${network_alias}:${check_value})"
-    /usr/local/bin/dockerize -timeout 5s -wait "$WAIT" true 2>$log_file
-    if [ $? -ne 0 ]; then
+    if ! /usr/local/bin/dockerize -timeout 5s -wait "$WAIT" true 2>"$log_file"; then
       if [[ -f $pending_file ]]; then
         log_warn "Pending alert: $message"
       else
-        echo "$unique_id" >$pending_file
+        echo "$unique_id" >"$pending_file"
         action="create"
         appendix="not available $WHERE"
       fi
     else
       if [[ -f $pending_file ]]; then
         action="resolve"
         appendix="is available $WHERE"
-        unique_id=$(cat $pending_file)
-        rm -f $pending_file
+        unique_id=$(cat "$pending_file")
+        rm -f "$pending_file"
       fi
     fi
     if [[ -n $action ]]; then
       jq -n \
         --arg action "$action" \
         --arg unique_id "$unique_id" \
         --arg message "$message $appendix" \
-        --arg summary "$(cat $log_file)" \
+        --arg summary "$(cat "$log_file")" \
         '{
-                  "action": $action,
-                  "unique_id": $unique_id,
-                  "message": $message,
-                  "summary": $summary
-                }' | /bin/bash -c "$ALERT_SCRIPT"
+          "action": $action,
+          "unique_id": $unique_id,
+          "message": $message,
+          "summary": $summary
+         }' | /bin/bash -c "$ALERT_SCRIPT"
     fi
-    rm -f $log_file
+    rm -f "$log_file"
   done < <(./services.sh)
 }
 
-log_info "Entering loop with ${LOOP_SLEEP} sleep on entry ..."
+log_info "Port alerter is entering loop with ${LOOP_SLEEP} sleep on entry ..."
 
 while true; do
-  sleep $LOOP_SLEEP
+  sleep "$LOOP_SLEEP"
   check_services
 done

swarm-alerter.sh

@@ -4,21 +4,24 @@ source "./config.sh"
 source "./logger.sh"
 source "./checks.sh"
 
+DATA_PREFIX="$DATA_DIR/swarm-alerter"
+
 function check_nodes() {
   local active_node_count
-  active_node_count=$(./nodes.sh | wc -l)
   local swarm_name=$SWARM_NAME
-  local prefix="$DATA_DIR/swarm_failure"
+  local prefix="${DATA_PREFIX}"
   local pending_file="${prefix}.pending"
   local log_file="${prefix}.log"
   local where="at $HOSTNAME"
 
-  ./nodes.sh --verbose >"$log_file"
+  active_node_count=$(./nodes.sh | wc -l)
 
   action=""
   appendix=""
   message="${swarm_name} swarm active managers count $active_node_count"
   if ((SWARM_MANAGER_MIN > active_node_count)); then
+    ./nodes.sh --verbose &>"$log_file"
+
     if [[ -f $pending_file ]]; then
       log_warn "Pending alert: $message"
     else
@@ -48,10 +51,9 @@ function check_nodes() {
          "summary": $summary
        }' | /bin/bash -c "$ALERT_SCRIPT"
   fi
-  rm -f "$log_file"
 }
 
-log_info "Entering loop with ${LOOP_SLEEP} sleep on entry ..."
+log_info "Swarm alerter is entering loop with ${LOOP_SLEEP} sleep on entry ..."
 
 while true; do
   sleep "$LOOP_SLEEP"

test.sh

@@ -14,6 +14,7 @@ PARAMS=(
   --env LOOP_SLEEP="${LOOP_SLEEP:-10}"
   --env SWARM_NAME="${SWARM_NAME:-Swarm}"
   --env ZENDUTY_API_KEY="${ZENDUTY_API_KEY:-N/A}"
+  --volume /:/rootfs:ro
   --volume /var/run/docker.sock:/var/run/docker.sock
   --volume .:/app/
 )