From ca640664b503d0267bea598fbd8b63ce4c700abe Mon Sep 17 00:00:00 2001
From: "https://blog.iamtsm.cn" <1905333456@qq.com>
Date: Sun, 12 Mar 2023 22:38:16 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20v3.4.0=E7=89=88=E6=9C=AC=E6=9B=B4?=
=?UTF-8?q?=E6=96=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
feat: 支持负载详情多维度统计和展示
feat: 支持waf详情多维度统计和展示
feat: 支持管理后台退出登陆
feat: 优化代码注释
feat: 即将支持grpc代理插件
feat: 事务日程调整
---
.../tl_ops_api_get_balance_count_api.lua | 96 ++++++++
.../tl_ops_api_get_balance_count_body.lua | 97 ++++++++
.../tl_ops_api_get_balance_count_cookie.lua | 100 +++++++++
.../tl_ops_api_get_balance_count_header.lua | 100 +++++++++
.../tl_ops_api_get_balance_count_param.lua | 100 +++++++++
api/router/tl_ops_api_get_state.lua | 72 +++---
api/router/tl_ops_api_get_waf_count_api.lua | 97 ++++++++
api/router/tl_ops_api_get_waf_count_cc.lua | 100 +++++++++
.../tl_ops_api_get_waf_count_cookie.lua | 97 ++++++++
.../tl_ops_api_get_waf_count_header.lua | 100 +++++++++
api/router/tl_ops_api_get_waf_count_ip.lua | 97 ++++++++
api/router/tl_ops_api_get_waf_count_param.lua | 97 ++++++++
api/tl_ops_api_core.lua | 15 ++
balance/count/tl_ops_balance_count.lua | 31 +--
balance/count/tl_ops_balance_count_api.lua | 119 ++++++++++
balance/count/tl_ops_balance_count_body.lua | 115 ++++++++++
balance/count/tl_ops_balance_count_cookie.lua | 115 ++++++++++
balance/count/tl_ops_balance_count_core.lua | 111 +++-------
balance/count/tl_ops_balance_count_header.lua | 119 ++++++++++
balance/count/tl_ops_balance_count_node.lua | 115 ++++++++++
balance/count/tl_ops_balance_count_param.lua | 118 ++++++++++
balance/tl_ops_balance_core.lua | 33 +--
balance/tl_ops_balance_core_api.lua | 3 +
balance/tl_ops_balance_core_body.lua | 4 +
balance/tl_ops_balance_core_cookie.lua | 4 +
balance/tl_ops_balance_core_header.lua | 4 +
balance/tl_ops_balance_core_param.lua | 4 +
bin/install_centeros.sh | 2 +-
bin/install_ubuntu.sh | 2 +-
constant/tl_ops_constant.lua | 4 +-
constant/tl_ops_constant_balance.lua | 8 +-
constant/tl_ops_constant_balance_api.lua | 1 +
constant/tl_ops_constant_balance_body.lua | 1 +
constant/tl_ops_constant_balance_cookie.lua | 1 +
constant/tl_ops_constant_balance_count.lua | 25 +++
constant/tl_ops_constant_balance_header.lua | 1 +
constant/tl_ops_constant_balance_param.lua | 1 +
constant/tl_ops_constant_comm.lua | 6 +
constant/tl_ops_constant_health.lua | 5 +-
constant/tl_ops_constant_limit.lua | 30 ++-
constant/tl_ops_constant_plugins_manage.lua | 1 +
constant/tl_ops_constant_service.lua | 1 +
constant/tl_ops_constant_waf.lua | 11 +-
constant/tl_ops_constant_waf_api.lua | 3 +-
constant/tl_ops_constant_waf_cc.lua | 7 +-
constant/tl_ops_constant_waf_cookie.lua | 3 +-
constant/tl_ops_constant_waf_count.lua | 26 +++
constant/tl_ops_constant_waf_header.lua | 3 +-
constant/tl_ops_constant_waf_ip.lua | 5 +-
constant/tl_ops_constant_waf_param.lua | 5 +-
constant/tl_ops_constant_waf_scope.lua | 8 -
doc/change.md | 16 ++
doc/feature.md | 4 +-
gitbook/api/README_STATE.md | 2 +-
gitbook/code/balance/README.md | 24 +-
gitbook/code/balancecount/README.md | 22 +-
gitbook/code/fuselimit/README_BALANCE.md | 4 +-
gitbook/code/fuselimit/README_FUSE.md | 8 +-
gitbook/code/waf/README_NAME.md | 2 +-
gitbook/code/waf/README_WAF.md | 4 +-
gitbook/code/wafcount/README.md | 4 +-
limit/fuse/tl_ops_limit_fuse_check.lua | 8 +-
limit/tl_ops_limit.lua | 39 +++-
plugins/tl_ops_auth/login_router.lua | 16 ++
plugins/tl_ops_auth/logout_router.lua | 71 ++++++
plugins/tl_ops_auth/tl_ops_plugin_api.lua | 3 +
.../tl_ops_auth/tl_ops_plugin_constant.lua | 1 +
plugins/tl_ops_grpc/export_get_router.lua | 29 +++
plugins/tl_ops_grpc/export_set_router.lua | 32 +++
plugins/tl_ops_grpc/sync.lua | 88 ++++++++
plugins/tl_ops_grpc/tl_ops_plugin_api.lua | 20 ++
.../tl_ops_grpc/tl_ops_plugin_constant.lua | 39 ++++
plugins/tl_ops_grpc/tl_ops_plugin_core.lua | 135 +++++++++++
plugins/tl_ops_grpc/tl_ops_plugin_open.lua | 28 +++
tl_ops_manage_env.lua | 9 +-
utils/tl_ops_utils_func.lua | 22 +-
waf/count/tl_ops_waf_count.lua | 17 --
waf/count/tl_ops_waf_count_api.lua | 115 ++++++++++
waf/count/tl_ops_waf_count_cc.lua | 113 ++++++++++
waf/count/tl_ops_waf_count_cookie.lua | 113 ++++++++++
waf/count/tl_ops_waf_count_core.lua | 174 +++------------
waf/count/tl_ops_waf_count_header.lua | 112 ++++++++++
waf/count/tl_ops_waf_count_ip.lua | 112 ++++++++++
waf/count/tl_ops_waf_count_param.lua | 113 ++++++++++
waf/tl_ops_waf.lua | 1 -
waf/tl_ops_waf_core.lua | 28 +--
waf/tl_ops_waf_core_api.lua | 10 +-
waf/tl_ops_waf_core_cc.lua | 10 +-
waf/tl_ops_waf_core_cookie.lua | 9 +-
waf/tl_ops_waf_core_header.lua | 11 +-
waf/tl_ops_waf_core_ip.lua | 14 +-
waf/tl_ops_waf_core_param.lua | 10 +-
web/console/tl_ops_web_console.html | 2 +-
web/console/tl_ops_web_console.js | 13 +-
.../tl_ops_web_console_balance_count.html | 192 ++++++++++++++++
.../tl_ops_web_console_balance_count.js | 150 +++++++++++++
web/console/tl_ops_web_console_waf_count.html | 209 ++++++++++++++++++
web/console/tl_ops_web_console_waf_count.js | 166 ++++++++++++++
web/tl_ops_web_index.html | 43 +++-
99 files changed, 4101 insertions(+), 489 deletions(-)
create mode 100644 api/router/tl_ops_api_get_balance_count_api.lua
create mode 100644 api/router/tl_ops_api_get_balance_count_body.lua
create mode 100644 api/router/tl_ops_api_get_balance_count_cookie.lua
create mode 100644 api/router/tl_ops_api_get_balance_count_header.lua
create mode 100644 api/router/tl_ops_api_get_balance_count_param.lua
create mode 100644 api/router/tl_ops_api_get_waf_count_api.lua
create mode 100644 api/router/tl_ops_api_get_waf_count_cc.lua
create mode 100644 api/router/tl_ops_api_get_waf_count_cookie.lua
create mode 100644 api/router/tl_ops_api_get_waf_count_header.lua
create mode 100644 api/router/tl_ops_api_get_waf_count_ip.lua
create mode 100644 api/router/tl_ops_api_get_waf_count_param.lua
create mode 100644 balance/count/tl_ops_balance_count_api.lua
create mode 100644 balance/count/tl_ops_balance_count_body.lua
create mode 100644 balance/count/tl_ops_balance_count_cookie.lua
create mode 100644 balance/count/tl_ops_balance_count_header.lua
create mode 100644 balance/count/tl_ops_balance_count_node.lua
create mode 100644 balance/count/tl_ops_balance_count_param.lua
mode change 100644 => 100755 bin/install_centeros.sh
mode change 100644 => 100755 bin/install_ubuntu.sh
create mode 100644 constant/tl_ops_constant_balance_count.lua
create mode 100644 constant/tl_ops_constant_waf_count.lua
delete mode 100644 constant/tl_ops_constant_waf_scope.lua
create mode 100644 plugins/tl_ops_auth/logout_router.lua
create mode 100644 plugins/tl_ops_grpc/export_get_router.lua
create mode 100644 plugins/tl_ops_grpc/export_set_router.lua
create mode 100644 plugins/tl_ops_grpc/sync.lua
create mode 100644 plugins/tl_ops_grpc/tl_ops_plugin_api.lua
create mode 100644 plugins/tl_ops_grpc/tl_ops_plugin_constant.lua
create mode 100644 plugins/tl_ops_grpc/tl_ops_plugin_core.lua
create mode 100644 plugins/tl_ops_grpc/tl_ops_plugin_open.lua
create mode 100644 waf/count/tl_ops_waf_count_api.lua
create mode 100644 waf/count/tl_ops_waf_count_cc.lua
create mode 100644 waf/count/tl_ops_waf_count_cookie.lua
create mode 100644 waf/count/tl_ops_waf_count_header.lua
create mode 100644 waf/count/tl_ops_waf_count_ip.lua
create mode 100644 waf/count/tl_ops_waf_count_param.lua
create mode 100644 web/console/tl_ops_web_console_balance_count.html
create mode 100644 web/console/tl_ops_web_console_balance_count.js
create mode 100644 web/console/tl_ops_web_console_waf_count.html
create mode 100644 web/console/tl_ops_web_console_waf_count.js
diff --git a/api/router/tl_ops_api_get_balance_count_api.lua b/api/router/tl_ops_api_get_balance_count_api.lua
new file mode 100644
index 0000000..374d25b
--- /dev/null
+++ b/api/router/tl_ops_api_get_balance_count_api.lua
@@ -0,0 +1,96 @@
+-- tl_ops_api
+-- en : get balance api count data list
+-- zn : 获取路由负载详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local cache_balance_api = require("cache.tl_ops_cache_core"):new("tl-ops-balance-api")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_balance_api = require("constant.tl_ops_constant_balance_api")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local rule, _ = cache_balance_api:get(tl_ops_constant_balance_api.cache_key.rule);
+ if not rule or rule == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err1", _);
+ return;
+ end
+
+ local list_str, _ = cache_balance_api:get(tl_ops_constant_balance_api.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err2", _);
+ return;
+ end
+
+ local list = cjson.decode(list_str);
+ if not list or list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err3", _);
+ return;
+ end
+
+ local api_rule_list = list[rule];
+ if not api_rule_list or api_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err4", _);
+ return;
+ end
+
+ local res_data = {}
+
+ for _, api in ipairs(api_rule_list) do
+ repeat
+ local id = api.id;
+ local service_name = api.service;
+ local node_id = api.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if rule == tl_ops_constant_balance_api.rule.point then
+ if node_id == nil or node_id == '' then
+ break
+ end
+ end
+
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local api_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.api_counting_list, service_name, node_id, id)
+ )
+ if not api_counting_list then
+ api_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = api.url,
+ count_list = cjson.decode(api_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/router/tl_ops_api_get_balance_count_body.lua b/api/router/tl_ops_api_get_balance_count_body.lua
new file mode 100644
index 0000000..a97c0fd
--- /dev/null
+++ b/api/router/tl_ops_api_get_balance_count_body.lua
@@ -0,0 +1,97 @@
+-- tl_ops_api
+-- en : get balance body count data list
+-- zn : 获取路由负载详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local cache_balance_body = require("cache.tl_ops_cache_core"):new("tl-ops-balance-body")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_balance_body = require("constant.tl_ops_constant_balance_body")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local rule, _ = cache_balance_body:get(tl_ops_constant_balance_body.cache_key.rule);
+ if not rule or rule == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err1", _);
+ return;
+ end
+
+ local list_str, _ = cache_balance_body:get(tl_ops_constant_balance_body.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err2", _);
+ return;
+ end
+
+ local list = cjson.decode(list_str);
+ if not list or list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err3", _);
+ return;
+ end
+
+ local body_rule_list = list[rule];
+ if not body_rule_list or body_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err4", _);
+ return;
+ end
+
+ local res_data = {}
+
+ for _, body in ipairs(body_rule_list) do
+ repeat
+ local id = body.id;
+ local service_name = body.service;
+ local node_id = body.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if rule == tl_ops_constant_balance_body.rule.point then
+ if node_id == nil or node_id == '' then
+ break
+ end
+ end
+
+ -- 支持只获取某个服务节点的路由规则统计
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local body_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.body_counting_list, service_name, node_id, id)
+ )
+ if not body_counting_list then
+ body_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = body.body,
+ count_list = cjson.decode(body_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/router/tl_ops_api_get_balance_count_cookie.lua b/api/router/tl_ops_api_get_balance_count_cookie.lua
new file mode 100644
index 0000000..a0d0aaf
--- /dev/null
+++ b/api/router/tl_ops_api_get_balance_count_cookie.lua
@@ -0,0 +1,100 @@
+-- tl_ops_api
+-- en : get balance cookie count data list
+-- zn : 获取路由负载详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local cache_balance_cookie = require("cache.tl_ops_cache_core"):new("tl-ops-balance-cookie")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_balance_cookie = require("constant.tl_ops_constant_balance_cookie")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local rule, _ = cache_balance_cookie:get(tl_ops_constant_balance_cookie.cache_key.rule);
+ if not rule or rule == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err1", _);
+ return;
+ end
+
+ local list_str, _ = cache_balance_cookie:get(tl_ops_constant_balance_cookie.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err2", _);
+ return;
+ end
+
+ local list = cjson.decode(list_str);
+ if not list or list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err3", _);
+ return;
+ end
+
+ local cookie_rule_list = list[rule];
+ if not cookie_rule_list or cookie_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err4", _);
+ return;
+ end
+
+ local res_data = {}
+
+ for _, cookie in ipairs(cookie_rule_list) do
+ repeat
+ local id = cookie.id;
+ local service_name = cookie.service;
+ local node_id = cookie.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if rule == tl_ops_constant_balance_cookie.rule.point then
+ if node_id == nil or node_id == '' then
+ break
+ end
+ end
+
+ -- 支持只获取某个服务节点的路由规则统计
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local cookie_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.cookie_counting_list, service_name, node_id, id)
+ )
+ if not cookie_counting_list then
+ cookie_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = cjson.encode({
+ key = cookie.key,
+ value = cookie.value,
+ }),
+ count_list = cjson.decode(cookie_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/router/tl_ops_api_get_balance_count_header.lua b/api/router/tl_ops_api_get_balance_count_header.lua
new file mode 100644
index 0000000..c3af56b
--- /dev/null
+++ b/api/router/tl_ops_api_get_balance_count_header.lua
@@ -0,0 +1,100 @@
+-- tl_ops_api
+-- en : get balance header count data list
+-- zn : 获取路由负载详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local cache_balance_header = require("cache.tl_ops_cache_core"):new("tl-ops-balance-header")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_balance_header = require("constant.tl_ops_constant_balance_header")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local rule, _ = cache_balance_header:get(tl_ops_constant_balance_header.cache_key.rule);
+ if not rule or rule == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err1", _);
+ return;
+ end
+
+ local list_str, _ = cache_balance_header:get(tl_ops_constant_balance_header.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err2", _);
+ return;
+ end
+
+ local list = cjson.decode(list_str);
+ if not list or list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err3", _);
+ return;
+ end
+
+ local header_rule_list = list[rule];
+ if not header_rule_list or header_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err4", _);
+ return;
+ end
+
+ local res_data = {}
+
+ for _, header in ipairs(header_rule_list) do
+ repeat
+ local id = header.id;
+ local service_name = header.service;
+ local node_id = header.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if rule == tl_ops_constant_balance_header.rule.point then
+ if node_id == nil or node_id == '' then
+ break
+ end
+ end
+
+ -- 支持只获取某个服务节点的路由规则统计
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local header_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.header_counting_list, service_name, node_id, id)
+ )
+ if not header_counting_list then
+ header_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = cjson.encode({
+ key = header.key,
+ value = header.value,
+ }),
+ count_list = cjson.decode(header_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/router/tl_ops_api_get_balance_count_param.lua b/api/router/tl_ops_api_get_balance_count_param.lua
new file mode 100644
index 0000000..4085334
--- /dev/null
+++ b/api/router/tl_ops_api_get_balance_count_param.lua
@@ -0,0 +1,100 @@
+-- tl_ops_api
+-- en : get balance param count data list
+-- zn : 获取路由负载详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local cache_balance_param = require("cache.tl_ops_cache_core"):new("tl-ops-balance-param")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_balance_param = require("constant.tl_ops_constant_balance_param")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local rule, _ = cache_balance_param:get(tl_ops_constant_balance_param.cache_key.rule);
+ if not rule or rule == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err1", _);
+ return;
+ end
+
+ local list_str, _ = cache_balance_param:get(tl_ops_constant_balance_param.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err2", _);
+ return;
+ end
+
+ local list = cjson.decode(list_str);
+ if not list or list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err3", _);
+ return;
+ end
+
+ local param_rule_list = list[rule];
+ if not param_rule_list or param_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bc args err4", _);
+ return;
+ end
+
+ local res_data = {}
+
+ for _, param in ipairs(param_rule_list) do
+ repeat
+ local id = param.id;
+ local service_name = param.service;
+ local node_id = param.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if rule == tl_ops_constant_balance_param.rule.point then
+ if node_id == nil or node_id == '' then
+ break
+ end
+ end
+
+ -- 支持只获取某个服务节点的路由规则统计
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local param_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.param_counting_list, service_name, node_id, id)
+ )
+ if not param_counting_list then
+ param_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = cjson.encode({
+ key = param.key,
+ value = param.value,
+ }),
+ count_list = cjson.decode(param_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/router/tl_ops_api_get_state.lua b/api/router/tl_ops_api_get_state.lua
index 37608e6..2c4a88d 100644
--- a/api/router/tl_ops_api_get_state.lua
+++ b/api/router/tl_ops_api_get_state.lua
@@ -4,19 +4,22 @@
-- @author iamtsm
-- @email 1905333456@qq.com
-local tl_ops_constant_waf = require("constant.tl_ops_constant_waf");
-local tl_ops_constant_balance = require("constant.tl_ops_constant_balance");
-local tl_ops_constant_service = require("constant.tl_ops_constant_service");
-local tl_ops_constant_health = require("constant.tl_ops_constant_health")
-local tl_ops_constant_limit = require("constant.tl_ops_constant_limit");
-local tl_ops_limit = require("limit.tl_ops_limit");
-local cache_service = require("cache.tl_ops_cache_core"):new("tl-ops-service");
-local cache_limit = require("cache.tl_ops_cache_core"):new("tl-ops-limit");
-local cache_health = require("cache.tl_ops_cache_core"):new("tl-ops-health");
-local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
-local tl_ops_utils_func = require("utils.tl_ops_utils_func");
-local shared = ngx.shared.tlopsbalance
-local cjson = require("cjson.safe");
+local tl_ops_constant_waf = require("constant.tl_ops_constant_waf");
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count");
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count");
+local tl_ops_constant_service = require("constant.tl_ops_constant_service");
+local tl_ops_constant_health = require("constant.tl_ops_constant_health")
+local tl_ops_constant_limit = require("constant.tl_ops_constant_limit");
+local tl_ops_limit = require("limit.tl_ops_limit");
+local cache_service = require("cache.tl_ops_cache_core"):new("tl-ops-service");
+local cache_limit = require("cache.tl_ops_cache_core"):new("tl-ops-limit");
+local cache_health = require("cache.tl_ops_cache_core"):new("tl-ops-health");
+local cache_waf_count = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count");
+local cache_balance_count = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local shared = ngx.shared.tlopsbalance
+local cjson = require("cjson.safe");
cjson.encode_empty_table_as_object(false)
local Router = function()
@@ -59,21 +62,12 @@ local Router = function()
limit_version_cache = 0 --"version cache nil"
end
- -- waf统计
- local waf_count_name_service = "tl-ops-waf-count-" .. tl_ops_constant_waf.count.interval;
- local waf_cache_count_service = require("cache.tl_ops_cache_core"):new(waf_count_name_service);
- local waf_success_cache_service = waf_cache_count_service:get001(tl_ops_utils_func:gen_node_key(tl_ops_constant_waf.cache_key.waf_interval_success, service_name, nil))
- if not waf_success_cache_service then
- waf_success_cache_service = "{}"
- end
-
cache_state.service[service_name] = {
health_lock = health_lock_cache,
health_version = health_version_cache,
health_uncheck = health_uncheck_cache,
limit_state = limit_state_cache,
limit_version = limit_version_cache,
- waf_success = cjson.decode(waf_success_cache_service)
}
cache_state.service[service_name].nodes = { }
@@ -104,17 +98,17 @@ local Router = function()
limit_node_state_cache = 0 --"state cache nil"
end
- local limit_node_success_cache = shared:get(tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_succ, node.service, node_id))
+ local limit_node_success_cache = shared:get(tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_succ, node.service, node_id))
if not limit_node_success_cache then
limit_node_success_cache = 0 --"success cache nil"
end
- local limit_node_failed_cache = shared:get(tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_fail, node.service, node_id))
+ local limit_node_failed_cache = shared:get(tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_fail, node.service, node_id))
if not limit_node_failed_cache then
limit_node_failed_cache = 0 --"failed cache nil"
end
- local limit_depend = tl_ops_limit.tl_ops_limit_get_limiter(node.service, node_id)
+ local limit_depend = tl_ops_limit:tl_ops_limit_get_limiter(node.service, node_id)
local limit_capacity
local limit_rate
local limit_pre_time
@@ -166,11 +160,14 @@ local Router = function()
end
end
- local balance_count_name = "tl-ops-balance-count-" .. tl_ops_constant_balance.count.interval;
- local balance_cache_count = require("cache.tl_ops_cache_core"):new(balance_count_name);
- local balance_success_cache = balance_cache_count:get001(tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.balance_interval_success, node.service, node_id))
- if not balance_success_cache then
- balance_success_cache = "{}"
+ -- 路由统计
+ local balance_count_node_list = cache_balance_count:get001(
+ tl_ops_utils_func:gen_node_key(
+ tl_ops_constant_balance_count.cache_key.node_counting_list, node.service, node_id
+ )
+ )
+ if not balance_count_node_list then
+ balance_count_node_list = "{}"
end
cache_state.service[service_name].nodes[node.name] = {
@@ -186,7 +183,7 @@ local Router = function()
limit_block = limit_block,
limit_pre_time = limit_pre_time,
limit_bucket = limit_bucket,
- balance_success = cjson.decode(balance_success_cache),
+ balance_node_count = cjson.decode(balance_count_node_list),
}
end
end
@@ -226,24 +223,13 @@ local Router = function()
-- 路由相关
- cache_state.balance['count_interval'] = tl_ops_constant_balance.count.interval
-
+ cache_state.balance['count_interval'] = tl_ops_constant_balance_count.interval
-- waf相关
- local waf_count_name_global = "tl-ops-waf-count-" .. tl_ops_constant_waf.count.interval;
- local waf_cache_count_global = require("cache.tl_ops_cache_core"):new(waf_count_name_global);
- local waf_success_cache_global = waf_cache_count_global:get001(tl_ops_constant_waf.cache_key.waf_interval_success)
- if not waf_success_cache_global then
- waf_success_cache_global = "{}"
- end
- cache_state.waf['waf_success'] = cjson.decode(waf_success_cache_global)
- cache_state.waf['count_interval'] = tl_ops_constant_waf.count.interval
-
-- 其他
-- cache_state.other['dict_keys'] = shared:get_keys(1024)
-
tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", cache_state);
end
diff --git a/api/router/tl_ops_api_get_waf_count_api.lua b/api/router/tl_ops_api_get_waf_count_api.lua
new file mode 100644
index 0000000..84bd7fe
--- /dev/null
+++ b/api/router/tl_ops_api_get_waf_count_api.lua
@@ -0,0 +1,97 @@
+-- tl_ops_api
+-- en : get waf api count data list
+-- zn : 获取WAF拦截详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count");
+local cache_waf_api = require("cache.tl_ops_cache_core"):new("tl-ops-waf-api")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_waf_api = require("constant.tl_ops_constant_waf_api")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local list_str, _ = cache_waf_api:get(tl_ops_constant_waf_api.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err1", _);
+ return;
+ end
+
+ local api_rule_list = cjson.decode(list_str);
+ if not api_rule_list or api_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err2", _);
+ return;
+ end
+
+ local res_data = {}
+
+ local global_api_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.api_counting_list)
+ )
+ if not global_api_counting_list then
+ global_api_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = "-",
+ service_name = "global",
+ node_id = "global",
+ content = "-",
+ count_list = cjson.decode(global_api_counting_list)
+ })
+
+ for _, api in ipairs(api_rule_list) do
+ repeat
+ local id = api.id;
+ local service_name = api.service;
+ local node_id = api.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if node_id == nil or node_id == '' then
+ break
+ end
+
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local api_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.api_counting_list, service_name, node_id, id)
+ )
+ if not api_counting_list then
+ api_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = api.value,
+ count_list = cjson.decode(api_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/router/tl_ops_api_get_waf_count_cc.lua b/api/router/tl_ops_api_get_waf_count_cc.lua
new file mode 100644
index 0000000..4872bb6
--- /dev/null
+++ b/api/router/tl_ops_api_get_waf_count_cc.lua
@@ -0,0 +1,100 @@
+-- tl_ops_api
+-- en : get waf cc count data list
+-- zn : 获取WAF拦截详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count");
+local cache_waf_cc = require("cache.tl_ops_cache_core"):new("tl-ops-waf-cc")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_waf_cc = require("constant.tl_ops_constant_waf_cc")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local list_str, _ = cache_waf_cc:get(tl_ops_constant_waf_cc.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err1", _);
+ return;
+ end
+
+ local cc_rule_list = cjson.decode(list_str);
+ if not cc_rule_list or cc_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err2", _);
+ return;
+ end
+
+ local res_data = {}
+
+ local global_cc_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.cc_counting_list)
+ )
+ if not global_cc_counting_list then
+ global_cc_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = "-",
+ service_name = "global",
+ node_id = "global",
+ content = "-",
+ count_list = cjson.decode(global_cc_counting_list)
+ })
+
+ for _, cc in ipairs(cc_rule_list) do
+ repeat
+ local id = cc.id;
+ local service_name = cc.service;
+ local node_id = cc.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if node_id == nil or node_id == '' then
+ break
+ end
+
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local cc_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.cc_counting_list, service_name, node_id, id)
+ )
+ if not cc_counting_list then
+ cc_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = cjson.encode({
+ time = cc.time,
+ count = cc.count
+ }),
+ count_list = cjson.decode(cc_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/router/tl_ops_api_get_waf_count_cookie.lua b/api/router/tl_ops_api_get_waf_count_cookie.lua
new file mode 100644
index 0000000..1ca19a3
--- /dev/null
+++ b/api/router/tl_ops_api_get_waf_count_cookie.lua
@@ -0,0 +1,97 @@
+-- tl_ops_api
+-- en : get waf cookie count data list
+-- zn : 获取WAF拦截详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count");
+local cache_waf_cookie = require("cache.tl_ops_cache_core"):new("tl-ops-waf-cookie")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_waf_cookie = require("constant.tl_ops_constant_waf_cookie")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local list_str, _ = cache_waf_cookie:get(tl_ops_constant_waf_cookie.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err1", _);
+ return;
+ end
+
+ local cookie_rule_list = cjson.decode(list_str);
+ if not cookie_rule_list or cookie_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err2", _);
+ return;
+ end
+
+ local res_data = {}
+
+ local global_cookie_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.cookie_counting_list)
+ )
+ if not global_cookie_counting_list then
+ global_cookie_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = "-",
+ service_name = "global",
+ node_id = "global",
+ content = "-",
+ count_list = cjson.decode(global_cookie_counting_list)
+ })
+
+ for _, cookie in ipairs(cookie_rule_list) do
+ repeat
+ local id = cookie.id;
+ local service_name = cookie.service;
+ local node_id = cookie.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if node_id == nil or node_id == '' then
+ break
+ end
+
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local cookie_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.cookie_counting_list, service_name, node_id, id)
+ )
+ if not cookie_counting_list then
+ cookie_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = cookie.value,
+ count_list = cjson.decode(cookie_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/router/tl_ops_api_get_waf_count_header.lua b/api/router/tl_ops_api_get_waf_count_header.lua
new file mode 100644
index 0000000..999d529
--- /dev/null
+++ b/api/router/tl_ops_api_get_waf_count_header.lua
@@ -0,0 +1,100 @@
+-- tl_ops_api
+-- en : get waf header count data list
+-- zn : 获取WAF拦截详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count");
+local cache_waf_header = require("cache.tl_ops_cache_core"):new("tl-ops-waf-header")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_waf_header = require("constant.tl_ops_constant_waf_header")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local list_str, _ = cache_waf_header:get(tl_ops_constant_waf_header.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err1", _);
+ return;
+ end
+
+ local header_rule_list = cjson.decode(list_str);
+ if not header_rule_list or header_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err2", _);
+ return;
+ end
+
+ local res_data = {}
+
+ local global_header_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.header_counting_list)
+ )
+ if not global_header_counting_list then
+ global_header_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = "-",
+ service_name = "global",
+ node_id = "global",
+ content = "-",
+ count_list = cjson.decode(global_header_counting_list)
+ })
+
+ for _, header in ipairs(header_rule_list) do
+ repeat
+ local id = header.id;
+ local service_name = header.service;
+ local node_id = header.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if node_id == nil or node_id == '' then
+ break
+ end
+
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local header_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.header_counting_list, service_name, node_id, id)
+ )
+ if not header_counting_list then
+ header_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = cjson.encode({
+ keys = header.keys,
+ value = header.value
+ }),
+ count_list = cjson.decode(header_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/router/tl_ops_api_get_waf_count_ip.lua b/api/router/tl_ops_api_get_waf_count_ip.lua
new file mode 100644
index 0000000..4eb580e
--- /dev/null
+++ b/api/router/tl_ops_api_get_waf_count_ip.lua
@@ -0,0 +1,97 @@
+-- tl_ops_api
+-- en : get waf ip count data list
+-- zn : 获取WAF拦截详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count");
+local cache_waf_ip = require("cache.tl_ops_cache_core"):new("tl-ops-waf-ip")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_waf_ip = require("constant.tl_ops_constant_waf_ip")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local list_str, _ = cache_waf_ip:get(tl_ops_constant_waf_ip.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err1", _);
+ return;
+ end
+
+ local ip_rule_list = cjson.decode(list_str);
+ if not ip_rule_list or ip_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err2", _);
+ return;
+ end
+
+ local res_data = {}
+
+ local global_ip_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.ip_counting_list)
+ )
+ if not global_ip_counting_list then
+ global_ip_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = "-",
+ service_name = "global",
+ node_id = "global",
+ content = "-",
+ count_list = cjson.decode(global_ip_counting_list)
+ })
+
+ for _, ip in ipairs(ip_rule_list) do
+ repeat
+ local id = ip.id;
+ local service_name = ip.service;
+ local node_id = ip.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if node_id == nil or node_id == '' then
+ break
+ end
+
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local ip_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.ip_counting_list, service_name, node_id, id)
+ )
+ if not ip_counting_list then
+ ip_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = ip.value,
+ count_list = cjson.decode(ip_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/router/tl_ops_api_get_waf_count_param.lua b/api/router/tl_ops_api_get_waf_count_param.lua
new file mode 100644
index 0000000..faec24e
--- /dev/null
+++ b/api/router/tl_ops_api_get_waf_count_param.lua
@@ -0,0 +1,97 @@
+-- tl_ops_api
+-- en : get waf param count data list
+-- zn : 获取WAF拦截详情列表
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count");
+local cache_waf_param = require("cache.tl_ops_cache_core"):new("tl-ops-waf-param")
+local tl_ops_rt = require("constant.tl_ops_constant_comm").tl_ops_rt;
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local tl_ops_constant_waf_param = require("constant.tl_ops_constant_waf_param")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ -- 支持只获取某个服务节点的路由规则统计
+ local args = ngx.req.get_uri_args()
+ local args_service = args['service']
+ local args_node = args['node']
+ args_node = tonumber(args_node)
+
+ local list_str, _ = cache_waf_param:get(tl_ops_constant_waf_param.cache_key.list);
+ if not list_str or list_str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err1", _);
+ return;
+ end
+
+ local param_rule_list = cjson.decode(list_str);
+ if not param_rule_list or param_rule_list == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.args_error ,"bca args err2", _);
+ return;
+ end
+
+ local res_data = {}
+
+ local global_param_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.param_counting_list)
+ )
+ if not global_param_counting_list then
+ global_param_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = "-",
+ service_name = "global",
+ node_id = "global",
+ content = "-",
+ count_list = cjson.decode(global_param_counting_list)
+ })
+
+ for _, param in ipairs(param_rule_list) do
+ repeat
+ local id = param.id;
+ local service_name = param.service;
+ local node_id = param.node;
+
+ if not id then
+ break
+ end
+ if not service_name then
+ break
+ end
+ if node_id == nil or node_id == '' then
+ break
+ end
+
+ if args_service and args_service ~= service_name then
+ break
+ end
+ if args_node ~= nil and args_node ~= "" and node_id ~= args_node then
+ break
+ end
+
+ local param_counting_list = cache:get001(
+ tl_ops_utils_func:gen_node_key( tl_ops_constant_waf_count.cache_key.param_counting_list, service_name, node_id, id)
+ )
+ if not param_counting_list then
+ param_counting_list = "{}"
+ end
+
+ table.insert(res_data, {
+ id = id,
+ service_name = service_name,
+ node_id = node_id,
+ content = param.value,
+ count_list = cjson.decode(param_counting_list)
+ })
+ break
+ until true
+ end
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/api/tl_ops_api_core.lua b/api/tl_ops_api_core.lua
index e112335..8a5ed17 100644
--- a/api/tl_ops_api_core.lua
+++ b/api/tl_ops_api_core.lua
@@ -30,6 +30,21 @@ tl_ops_api_core["/tlops/waf/ip/set"] = require("api.router.tl_ops_api_set_waf_ip
tl_ops_api_core["/tlops/waf/cc/list"] = require("api.router.tl_ops_api_get_waf_cc")
tl_ops_api_core["/tlops/waf/cc/set"] = require("api.router.tl_ops_api_set_waf_cc")
+-- balance count
+tl_ops_api_core["/tlops/balance/count/api/list"] = require("api.router.tl_ops_api_get_balance_count_api")
+tl_ops_api_core["/tlops/balance/count/cookie/list"] = require("api.router.tl_ops_api_get_balance_count_cookie")
+tl_ops_api_core["/tlops/balance/count/body/list"] = require("api.router.tl_ops_api_get_balance_count_body")
+tl_ops_api_core["/tlops/balance/count/header/list"] = require("api.router.tl_ops_api_get_balance_count_header")
+tl_ops_api_core["/tlops/balance/count/param/list"] = require("api.router.tl_ops_api_get_balance_count_param")
+
+-- waf count
+tl_ops_api_core["/tlops/waf/count/api/list"] = require("api.router.tl_ops_api_get_waf_count_api")
+tl_ops_api_core["/tlops/waf/count/cc/list"] = require("api.router.tl_ops_api_get_waf_count_cc")
+tl_ops_api_core["/tlops/waf/count/ip/list"] = require("api.router.tl_ops_api_get_waf_count_ip")
+tl_ops_api_core["/tlops/waf/count/cookie/list"] = require("api.router.tl_ops_api_get_waf_count_cookie")
+tl_ops_api_core["/tlops/waf/count/header/list"] = require("api.router.tl_ops_api_get_waf_count_header")
+tl_ops_api_core["/tlops/waf/count/param/list"] = require("api.router.tl_ops_api_get_waf_count_param")
+
-- service
tl_ops_api_core["/tlops/service/list"] = require("api.router.tl_ops_api_get_service")
tl_ops_api_core["/tlops/service/set"] = require("api.router.tl_ops_api_set_service")
diff --git a/balance/count/tl_ops_balance_count.lua b/balance/count/tl_ops_balance_count.lua
index 181222c..aa47591 100644
--- a/balance/count/tl_ops_balance_count.lua
+++ b/balance/count/tl_ops_balance_count.lua
@@ -4,10 +4,10 @@
-- @author iamtsm
-- @email 1905333456@qq.com
-local tl_ops_balance_count_core = require("balance.count.tl_ops_balance_count_core");
-local tl_ops_constant_balance = require("constant.tl_ops_constant_balance");
-local tl_ops_utils_func = require("utils.tl_ops_utils_func");
-local shared = ngx.shared.tlopsbalance;
+local tl_ops_balance_count_core = require("balance.count.tl_ops_balance_count_core");
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count");
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local shared = ngx.shared.tlopsbalance;
local _M = {}
@@ -18,27 +18,4 @@ function _M:init( )
balance_count:tl_ops_balance_count_timer_start()
end
-
--- incr balance failed count
-function _M:tl_ops_balance_count_incr_fail(service_name, node_id)
- local faild_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.req_fail, service_name, node_id)
- local failed_count = shared:get(faild_key)
- if not failed_count then
- shared:set(faild_key, 0);
- end
- shared:incr(faild_key, 1)
-end
-
-
--- incr balance succ count
-function _M:tl_ops_balance_count_incr_succ(service_name, node_id)
- local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.req_succ,service_name, node_id)
- local success_count = shared:get(succ_key)
- if not success_count then
- shared:set(succ_key, 0);
- end
- shared:incr(succ_key, 1)
-end
-
-
return _M
diff --git a/balance/count/tl_ops_balance_count_api.lua b/balance/count/tl_ops_balance_count_api.lua
new file mode 100644
index 0000000..c1aef2d
--- /dev/null
+++ b/balance/count/tl_ops_balance_count_api.lua
@@ -0,0 +1,119 @@
+
+-- tl_ops_balance_count_api
+-- en : balance count state with api
+-- zn : api路由次数统计器
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local cache_balance_api = require("cache.tl_ops_cache_core"):new("tl-ops-balance-api")
+local cache_balance_count = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_balance_count")
+local tl_ops_constant_balance_api = require("constant.tl_ops_constant_balance_api")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local shared = ngx.shared.tlopsbalance
+
+-- 以api为粒度统计
+local tl_ops_balance_count_api = function( )
+
+ local rule, _ = cache_balance_api:get(tl_ops_constant_balance_api.cache_key.rule);
+ if not rule or rule == nil then
+ tlog:err("balance api count rule nil, break")
+ return;
+ end
+
+ local list_str, _ = cache_balance_api:get(tl_ops_constant_balance_api.cache_key.list);
+ if not list_str or list_str == nil then
+ tlog:err("balance api count list nil, break")
+ return;
+ end
+
+ local list = cjson.decode(list_str);
+ if not list or list == nil then
+ tlog:err("balance api count list decode nil, break")
+ return;
+ end
+
+ local api_rule_list = list[rule];
+ if not api_rule_list or api_rule_list == nil then
+ tlog:err("balance api count api_rule_list nil, break")
+ return;
+ end
+
+ for _, api in ipairs(api_rule_list) do
+ repeat
+ local id = api.id;
+ local service_name = api.service;
+ local node_id = api.node;
+
+ if not id then
+ tlog:err("balance api count api id nil, api=",api);
+ break
+ end
+ if not service_name then
+ tlog:err("balance api count api service_name nil, api=", api);
+ break
+ end
+ if rule == tl_ops_constant_balance_api.rule.point then
+ if node_id == nil or node_id == '' then
+ tlog:err("balance api count api node_id nil, api=", api);
+ break
+ end
+ end
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.api_req_succ, service_name, node_id, id)
+ local cur_succ_count = shared:get(cur_count_key)
+ if not cur_succ_count then
+ cur_succ_count = 0
+ end
+
+ if cur_succ_count == 0 then
+ tlog:dbg("balance api count not need sync , succ=",cur_succ_count,",rule=",rule,",id=",id);
+ else
+ -- push to list
+ local counting_list_key = tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.api_counting_list, service_name, node_id, id)
+ local counting_list = cache_balance_count:get001(counting_list_key)
+ if not counting_list then
+ counting_list = {}
+ else
+ counting_list = cjson.decode(counting_list)
+ end
+
+ counting_list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_succ_count
+
+ local ok, _ = cache_balance_count:set001(counting_list_key, cjson.encode(counting_list))
+ if not ok then
+ tlog:err("balance api success count async err ,counting_list_key=",counting_list_key,",cur_succ_count=",cur_succ_count,",err=",_)
+ end
+
+ -- rest cur_succ_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("balance api success count reset err ,cur_count_key=",cur_count_key,",cur_succ_count=",cur_succ_count,",err=",_)
+ end
+
+ tlog:dbg("balance api count async ok ,counting_list_key=",counting_list_key,",counting_list=",counting_list)
+ end
+
+ break
+ until true
+ end
+end
+
+
+-- api路由成功次数增加
+local tl_ops_balance_count_incr_api_succ = function( service_name, node_id, api_rule_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance_count.cache_key.api_req_succ, service_name, node_id, api_rule_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+
+return {
+ tl_ops_balance_count_api = tl_ops_balance_count_api,
+ tl_ops_balance_count_incr_api_succ = tl_ops_balance_count_incr_api_succ
+}
\ No newline at end of file
diff --git a/balance/count/tl_ops_balance_count_body.lua b/balance/count/tl_ops_balance_count_body.lua
new file mode 100644
index 0000000..2933cfb
--- /dev/null
+++ b/balance/count/tl_ops_balance_count_body.lua
@@ -0,0 +1,115 @@
+-- tl_ops_balance_count_body
+-- en : balance count state with body
+-- zn : body路由次数统计器
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local cache_balance_body = require("cache.tl_ops_cache_core"):new("tl-ops-balance-body")
+local cache_balance_count = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_balance_count")
+local tl_ops_constant_balance_body = require("constant.tl_ops_constant_balance_body")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local shared = ngx.shared.tlopsbalance
+
+-- 以body为粒度统计
+local tl_ops_balance_count_body = function()
+ local rule, _ = cache_balance_body:get(tl_ops_constant_balance_body.cache_key.rule);
+ if not rule or rule == nil then
+ tlog:err("balance body count rule nil, break")
+ return;
+ end
+
+ local list_str, _ = cache_balance_body:get(tl_ops_constant_balance_body.cache_key.list);
+ if not list_str or list_str == nil then
+ tlog:err("balance body count list nil, break")
+ return;
+ end
+
+ local list = cjson.decode(list_str);
+ if not list or list == nil then
+ tlog:err("balance body count list decode nil, break")
+ return;
+ end
+
+ local body_rule_list = list[rule];
+ if not body_rule_list or body_rule_list == nil then
+ tlog:err("balance body count body_rule_list nil, break")
+ return;
+ end
+
+ for _, body in ipairs(body_rule_list) do
+ repeat
+ local id = body.id;
+ local service_name = body.service;
+ local node_id = body.node;
+
+ if not id then
+ tlog:err("balance body count body id nil, body=", body);
+ break
+ end
+ if not service_name then
+ tlog:err("balance body count body service_name nil, body=", body);
+ break
+ end
+ if rule == tl_ops_constant_balance_body.rule.point then
+ if node_id == nil or node_id == '' then
+ tlog:err("balance body count body node_id nil, body=", body);
+ break
+ end
+ end
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.body_req_succ, service_name, node_id, id )
+ local cur_succ_count = shared:get(cur_count_key)
+ if not cur_succ_count then
+ cur_succ_count = 0
+ end
+
+ if cur_succ_count == 0 then
+ tlog:dbg("balance body count not need sync , succ=", cur_succ_count, ",rule=", rule, ",id=", id);
+ else
+ -- push to list
+ local counting_list_key = tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.body_counting_list, service_name, node_id, id)
+ local counting_list = cache_balance_count:get001(counting_list_key)
+ if not counting_list then
+ counting_list = {}
+ else
+ counting_list = cjson.decode(counting_list)
+ end
+
+ counting_list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_succ_count
+
+ local ok, _ = cache_balance_count:set001(counting_list_key, cjson.encode(counting_list))
+ if not ok then
+ tlog:err("balance body success count async err ,counting_list_key=", counting_list_key, ",cur_succ_count=", cur_succ_count, ",err=", _)
+ end
+
+ -- rest cur_succ_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("balance body success count reset err ,cur_count_key=", cur_count_key, ",cur_succ_count=", cur_succ_count, ",err=", _)
+ end
+
+ tlog:dbg("balance body count async ok ,counting_list_key=", counting_list_key, ",counting_list=", counting_list)
+ end
+
+ break
+ until true
+ end
+end
+
+-- body路由成功次数增加
+local tl_ops_balance_count_incr_body_succ = function( service_name, node_id, api_rule_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance_count.cache_key.body_req_succ, service_name, node_id, api_rule_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+return {
+ tl_ops_balance_count_body = tl_ops_balance_count_body,
+ tl_ops_balance_count_incr_body_succ = tl_ops_balance_count_incr_body_succ
+}
diff --git a/balance/count/tl_ops_balance_count_cookie.lua b/balance/count/tl_ops_balance_count_cookie.lua
new file mode 100644
index 0000000..ceb6f23
--- /dev/null
+++ b/balance/count/tl_ops_balance_count_cookie.lua
@@ -0,0 +1,115 @@
+-- tl_ops_balance_count_cookie
+-- en : balance count state with cookie
+-- zn : cookie路由次数统计器
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local cache_balance_cookie = require("cache.tl_ops_cache_core"):new("tl-ops-balance-cookie")
+local cache_balance_count = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_balance_count")
+local tl_ops_constant_balance_cookie = require("constant.tl_ops_constant_balance_cookie")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local shared = ngx.shared.tlopsbalance
+
+-- 以cookie为粒度统计
+local tl_ops_balance_count_cookie = function()
+ local rule, _ = cache_balance_cookie:get(tl_ops_constant_balance_cookie.cache_key.rule);
+ if not rule or rule == nil then
+ tlog:err("balance cookie count rule nil, break")
+ return;
+ end
+
+ local list_str, _ = cache_balance_cookie:get(tl_ops_constant_balance_cookie.cache_key.list);
+ if not list_str or list_str == nil then
+ tlog:err("balance cookie count list nil, break")
+ return;
+ end
+
+ local list = cjson.decode(list_str);
+ if not list or list == nil then
+ tlog:err("balance cookie count list decode nil, break")
+ return;
+ end
+
+ local cookie_rule_list = list[rule];
+ if not cookie_rule_list or cookie_rule_list == nil then
+ tlog:err("balance cookie count cookie_rule_list nil, break")
+ return;
+ end
+
+ for _, cookie in ipairs(cookie_rule_list) do
+ repeat
+ local id = cookie.id;
+ local service_name = cookie.service;
+ local node_id = cookie.node;
+
+ if not id then
+ tlog:err("balance cookie count cookie id nil, cookie=", cookie);
+ break
+ end
+ if not service_name then
+ tlog:err("balance cookie count cookie service_name nil, cookie=", cookie);
+ break
+ end
+ if rule == tl_ops_constant_balance_cookie.rule.point then
+ if node_id == nil or node_id == '' then
+ tlog:err("balance cookie count cookie node_id nil, cookie=", cookie);
+ break
+ end
+ end
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.cookie_req_succ, service_name, node_id, id)
+ local cur_succ_count = shared:get(cur_count_key)
+ if not cur_succ_count then
+ cur_succ_count = 0
+ end
+
+ if cur_succ_count == 0 then
+ tlog:dbg("balance cookie count not need sync , succ=", cur_succ_count, ",rule=", rule, ",id=", id);
+ else
+ -- push to list
+ local counting_list_key = tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.cookie_counting_list, service_name, node_id, id )
+ local counting_list = cache_balance_count:get001(counting_list_key)
+ if not counting_list then
+ counting_list = {}
+ else
+ counting_list = cjson.decode(counting_list)
+ end
+
+ counting_list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_succ_count
+
+ local ok, _ = cache_balance_count:set001(counting_list_key, cjson.encode(counting_list))
+ if not ok then
+ tlog:err("balance cookie success count async err ,counting_list_key=", counting_list_key, ",cur_succ_count=", cur_succ_count, ",err=", _)
+ end
+
+ -- rest cur_succ_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("balance cookie success count reset err ,cur_count_key=", cur_count_key, ",cur_succ_count=", cur_succ_count, ",err=", _)
+ end
+
+ tlog:dbg("balance cookie count async ok ,counting_list_key=", counting_list_key, ",counting_list=", counting_list)
+ end
+
+ break
+ until true
+ end
+end
+
+-- cookie路由成功次数增加
+local tl_ops_balance_count_incr_cookie_succ = function( service_name, node_id, api_rule_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance_count.cache_key.cookie_req_succ, service_name, node_id, api_rule_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+return {
+ tl_ops_balance_count_cookie = tl_ops_balance_count_cookie,
+ tl_ops_balance_count_incr_cookie_succ = tl_ops_balance_count_incr_cookie_succ
+}
diff --git a/balance/count/tl_ops_balance_count_core.lua b/balance/count/tl_ops_balance_count_core.lua
index 293d38d..b6bbefa 100644
--- a/balance/count/tl_ops_balance_count_core.lua
+++ b/balance/count/tl_ops_balance_count_core.lua
@@ -1,17 +1,19 @@
-- tl_ops_balance_count
-- en : balance count state
--- zn : 路由次数统计器
+-- zn : 路由次数统计器实现
-- @author iamtsm
-- @email 1905333456@qq.com
-local cjson = require("cjson.safe")
-local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_balance_count")
-local tl_ops_utils_func = require("utils.tl_ops_utils_func")
-local tl_ops_constant_balance = require("constant.tl_ops_constant_balance")
-local tl_ops_constant_service = require("constant.tl_ops_constant_service")
-local cache_service = require("cache.tl_ops_cache_core"):new("tl-ops-service")
-local tl_ops_manage_env = require("tl_ops_manage_env")
-local shared = ngx.shared.tlopsbalance
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_balance_count")
+local tl_ops_manage_env = require("tl_ops_manage_env")
+local count_node = require("balance.count.tl_ops_balance_count_node")
+local count_api = require("balance.count.tl_ops_balance_count_api")
+local count_body = require("balance.count.tl_ops_balance_count_body")
+local count_cookie = require("balance.count.tl_ops_balance_count_cookie")
+local count_header = require("balance.count.tl_ops_balance_count_header")
+local count_param = require("balance.count.tl_ops_balance_count_param")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count");
local _M = {
@@ -26,81 +28,30 @@ local tl_ops_balance_count_timer
-- 统计器 : 持久化数据
local tl_ops_balance_count = function()
- local lock_key = tl_ops_constant_balance.cache_key.lock
- local lock_time = tl_ops_constant_balance.count.interval - 0.01
+ local lock_key = tl_ops_constant_balance_count.cache_key.lock
+ local lock_time = tl_ops_constant_balance_count.interval - 0.01
if not tl_ops_utils_func:tl_ops_worker_lock(lock_key, lock_time) then
return
end
- local service_list = nil
- local service_list_str, _ = cache_service:get(tl_ops_constant_service.cache_key.service_list);
- if not service_list_str then
- -- use default
- service_list = tl_ops_constant_service.list
- else
- service_list = cjson.decode(service_list_str);
- end
-
-
- -- 控制细度 ,以周期为分割,仅用store持久
- local count_name = "tl-ops-balance-count-" .. tl_ops_constant_balance.count.interval;
- local cache_balance_count = require("cache.tl_ops_cache_core"):new(count_name);
-
- for service_name, nodes in pairs(service_list) do
- if nodes == nil then
- tlog:err("nodes nil")
- return
- end
-
- for i = 1, #nodes do
- local node_id = i-1
- local cur_succ_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.req_succ, service_name, node_id)
- local cur_succ_count = shared:get(cur_succ_count_key)
- if not cur_succ_count then
- cur_succ_count = 0
- end
-
- local cur_fail_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.req_fail, service_name, node_id)
- local cur_fail_count = shared:get(cur_fail_count_key)
- if not cur_fail_count then
- cur_fail_count = 0
- end
-
- local cur_count = cur_succ_count + cur_fail_count
- if cur_count == 0 then
- tlog:dbg("balance count not need sync , succ=",cur_succ_count,",fail=",cur_fail_count,",service_name=",service_name,",node_id=",node_id)
- else
- -- push to list
- local success_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.balance_interval_success, service_name, node_id)
- local balance_interval_success = cache_balance_count:get001(success_key)
- if not balance_interval_success then
- balance_interval_success = {}
- else
- balance_interval_success = cjson.decode(balance_interval_success)
- end
-
- balance_interval_success[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
- local ok, _ = cache_balance_count:set001(success_key, cjson.encode(balance_interval_success))
- if not ok then
- tlog:err("balance success count async err ,success_key=",success_key,",cur_count=",cur_count,",err=",_)
- end
-
- -- rest cur_count
- local ok, _ = shared:set(cur_succ_count_key, 0)
- if not ok then
- tlog:err("balance succ count reset err ,success_key=",success_key,",cur_count=",cur_count)
- end
- ok, _ = shared:set(cur_fail_count_key, 0)
- if not ok then
- tlog:err("balance fail count reset err ,success_key=",success_key,",cur_count=",cur_count)
- end
-
- tlog:dbg("balance count async ok ,success_key=",success_key,",balance_interval_success=",balance_interval_success)
- end
- end
- end
-end
+ -- 处理命中节点的统计
+ count_node.tl_ops_balance_count_node();
+
+ -- 处理命中api的统计
+ count_api.tl_ops_balance_count_api();
+ -- 处理命中param的统计
+ count_param.tl_ops_balance_count_param();
+
+ -- 处理命中body的统计
+ count_body.tl_ops_balance_count_body();
+
+ -- 处理命中header的统计
+ count_header.tl_ops_balance_count_header();
+
+ -- 处理命中cookie的统计
+ count_cookie.tl_ops_balance_count_cookie();
+end
-- 统计balance次数周期默认为5min,可调整配置
@@ -114,7 +65,7 @@ tl_ops_balance_count_timer = function(premature, args)
tlog:err("failed to pcall : " , _)
end
- local ok, _ = ngx.timer.at(tl_ops_constant_balance.count.interval, tl_ops_balance_count_timer, args)
+ local ok, _ = ngx.timer.at(tl_ops_constant_balance_count.interval, tl_ops_balance_count_timer, args)
if not ok then
tlog:err("failed to create timer: " , _)
end
diff --git a/balance/count/tl_ops_balance_count_header.lua b/balance/count/tl_ops_balance_count_header.lua
new file mode 100644
index 0000000..9667b35
--- /dev/null
+++ b/balance/count/tl_ops_balance_count_header.lua
@@ -0,0 +1,119 @@
+
+-- tl_ops_balance_count_header
+-- en : balance count state with header
+-- zn : header路由次数统计器
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local cache_balance_header = require("cache.tl_ops_cache_core"):new("tl-ops-balance-header")
+local cache_balance_count = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_balance_count")
+local tl_ops_constant_balance_header = require("constant.tl_ops_constant_balance_header")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local shared = ngx.shared.tlopsbalance
+
+-- 以header为粒度统计
+local tl_ops_balance_count_header = function( )
+
+ local rule, _ = cache_balance_header:get(tl_ops_constant_balance_header.cache_key.rule);
+ if not rule or rule == nil then
+ tlog:err("balance header count rule nil, break")
+ return;
+ end
+
+ local list_str, _ = cache_balance_header:get(tl_ops_constant_balance_header.cache_key.list);
+ if not list_str or list_str == nil then
+ tlog:err("balance header count list nil, break")
+ return;
+ end
+
+ local list = cjson.decode(list_str);
+ if not list or list == nil then
+ tlog:err("balance header count list decode nil, break")
+ return;
+ end
+
+ local header_rule_list = list[rule];
+ if not header_rule_list or header_rule_list == nil then
+ tlog:err("balance header count header_rule_list nil, break")
+ return;
+ end
+
+ for _, header in ipairs(header_rule_list) do
+ repeat
+ local id = header.id;
+ local service_name = header.service;
+ local node_id = header.node;
+
+ if not id then
+ tlog:err("balance header count header id nil, header=",header);
+ break
+ end
+ if not service_name then
+ tlog:err("balance header count header service_name nil, header=", header);
+ break
+ end
+ if rule == tl_ops_constant_balance_header.rule.point then
+ if node_id == nil or node_id == '' then
+ tlog:err("balance header count header node_id nil, header=", header);
+ break
+ end
+ end
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.header_req_succ, service_name, node_id, id)
+ local cur_succ_count = shared:get(cur_count_key)
+ if not cur_succ_count then
+ cur_succ_count = 0
+ end
+
+ if cur_succ_count == 0 then
+ tlog:dbg("balance header count not need sync , succ=",cur_succ_count,",rule=",rule,",id=",id);
+ else
+ -- push to list
+ local counting_list_key = tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.header_counting_list, service_name, node_id, id )
+ local counting_list = cache_balance_count:get001(counting_list_key)
+ if not counting_list then
+ counting_list = {}
+ else
+ counting_list = cjson.decode(counting_list)
+ end
+
+ counting_list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_succ_count
+
+ local ok, _ = cache_balance_count:set001(counting_list_key, cjson.encode(counting_list))
+ if not ok then
+ tlog:err("balance header success count async err ,counting_list_key=",counting_list_key,",cur_succ_count=",cur_succ_count,",err=",_)
+ end
+
+ -- rest cur_succ_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("balance header success count reset err ,cur_count_key=",cur_count_key,",cur_succ_count=",cur_succ_count,",err=",_)
+ end
+
+ tlog:dbg("balance header count async ok ,counting_list_key=",counting_list_key,",counting_list=",counting_list)
+ end
+
+ break
+ until true
+ end
+end
+
+
+-- header路由成功次数增加
+local tl_ops_balance_count_incr_header_succ = function ( service_name, node_id, api_rule_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance_count.cache_key.header_req_succ, service_name, node_id, api_rule_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+
+return {
+ tl_ops_balance_count_header = tl_ops_balance_count_header,
+ tl_ops_balance_count_incr_header_succ = tl_ops_balance_count_incr_header_succ
+}
\ No newline at end of file
diff --git a/balance/count/tl_ops_balance_count_node.lua b/balance/count/tl_ops_balance_count_node.lua
new file mode 100644
index 0000000..de1b98f
--- /dev/null
+++ b/balance/count/tl_ops_balance_count_node.lua
@@ -0,0 +1,115 @@
+-- tl_ops_balance_count_node
+-- en : balance count state with node
+-- zn : 节点路由次数统计器
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_balance_count")
+local cache_service = require("cache.tl_ops_cache_core"):new("tl-ops-service")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local cache_balance_count = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local tl_ops_constant_service = require("constant.tl_ops_constant_service")
+local shared = ngx.shared.tlopsbalance
+
+-- 以节点为粒度统计
+local tl_ops_balance_count_node = function ( )
+
+ local service_list = nil
+ local service_list_str, _ = cache_service:get(tl_ops_constant_service.cache_key.service_list);
+ if not service_list_str then
+ -- use default
+ service_list = tl_ops_constant_service.list
+ else
+ service_list = cjson.decode(service_list_str);
+ end
+
+ for service_name, nodes in pairs(service_list) do
+ repeat
+ if nodes == nil then
+ tlog:err("balance node count nodes nil, break service_name=",service_name)
+ break
+ end
+
+ for i = 1, #nodes do
+ local node_id = i-1
+ local cur_succ_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance_count.cache_key.node_req_succ, service_name, node_id)
+ local cur_succ_count = shared:get(cur_succ_count_key)
+ if not cur_succ_count then
+ cur_succ_count = 0
+ end
+
+ local cur_fail_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance_count.cache_key.node_req_fail, service_name, node_id)
+ local cur_fail_count = shared:get(cur_fail_count_key)
+ if not cur_fail_count then
+ cur_fail_count = 0
+ end
+
+ local cur_count = cur_succ_count + cur_fail_count
+ if cur_count == 0 then
+ tlog:dbg("balance node count not need sync , succ=",cur_succ_count,",fail=",cur_fail_count,",service_name=",service_name,",node_id=",node_id)
+ else
+ -- push to list
+ local list_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance_count.cache_key.node_counting_list, service_name, node_id)
+ local list = cache_balance_count:get001(list_key)
+ if not list then
+ list = {}
+ else
+ list = cjson.decode(list)
+ end
+
+ list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
+
+ local ok, _ = cache_balance_count:set001(list_key, cjson.encode(list))
+ if not ok then
+ tlog:err("balance node success count async err ,list_key=",list_key,",cur_count=",cur_count,",err=",_)
+ end
+
+ -- rest cur_count
+ ok, _ = shared:set(cur_succ_count_key, 0)
+ if not ok then
+ tlog:err("balance node succ count reset err ,cur_succ_count_key=",cur_succ_count_key,",cur_succ_count=",cur_succ_count)
+ end
+ ok, _ = shared:set(cur_fail_count_key, 0)
+ if not ok then
+ tlog:err("balance node fail count reset err ,cur_fail_count_key=",cur_fail_count_key,",cur_fail_count=",cur_fail_count)
+ end
+
+ tlog:dbg("balance node count async ok ,list_key=",list_key,",list=",list)
+ end
+ end
+
+ break
+ until true
+ end
+end
+
+
+-- node路由失败次数增加
+ local tl_ops_balance_count_incr_node_fail = function( service_name, node_id )
+ local faild_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance_count.cache_key.node_req_fail, service_name, node_id)
+ local failed_count = shared:get(faild_key)
+ if not failed_count then
+ shared:set(faild_key, 0);
+ end
+ shared:incr(faild_key, 1)
+end
+
+
+-- node路由成功次数增加
+local tl_ops_balance_count_incr_node_succ = function( service_name, node_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance_count.cache_key.node_req_succ,service_name, node_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+
+return {
+ tl_ops_balance_count_node = tl_ops_balance_count_node,
+ tl_ops_balance_count_incr_node_fail = tl_ops_balance_count_incr_node_fail,
+ tl_ops_balance_count_incr_node_succ = tl_ops_balance_count_incr_node_succ
+}
\ No newline at end of file
diff --git a/balance/count/tl_ops_balance_count_param.lua b/balance/count/tl_ops_balance_count_param.lua
new file mode 100644
index 0000000..8d97deb
--- /dev/null
+++ b/balance/count/tl_ops_balance_count_param.lua
@@ -0,0 +1,118 @@
+
+-- tl_ops_balance_count_param
+-- en : balance count state with param
+-- zn : param路由次数统计器
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local cache_balance_param = require("cache.tl_ops_cache_core"):new("tl-ops-balance-param")
+local cache_balance_count = require("cache.tl_ops_cache_core"):new("tl-ops-balance-count");
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_balance_count")
+local tl_ops_constant_balance_param = require("constant.tl_ops_constant_balance_param")
+local tl_ops_constant_balance_count = require("constant.tl_ops_constant_balance_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local shared = ngx.shared.tlopsbalance
+
+-- 以param为粒度统计
+local tl_ops_balance_count_param = function( )
+
+ local rule, _ = cache_balance_param:get(tl_ops_constant_balance_param.cache_key.rule);
+ if not rule or rule == nil then
+ tlog:err("balance param count rule nil, break")
+ return;
+ end
+
+ local list_str, _ = cache_balance_param:get(tl_ops_constant_balance_param.cache_key.list);
+ if not list_str or list_str == nil then
+ tlog:err("balance param count list nil, break")
+ return;
+ end
+
+ local list = cjson.decode(list_str);
+ if not list or list == nil then
+ tlog:err("balance param count list decode nil, break")
+ return;
+ end
+
+ local param_rule_list = list[rule];
+ if not param_rule_list or param_rule_list == nil then
+ tlog:err("balance param count param_rule_list nil, break")
+ return;
+ end
+
+ for _, param in ipairs(param_rule_list) do
+ repeat
+ local id = param.id;
+ local service_name = param.service;
+ local node_id = param.node;
+
+ if not id then
+ tlog:err("balance param count param id nil, param=",param);
+ break
+ end
+ if not service_name then
+ tlog:err("balance param count param service_name nil, param=", param);
+ break
+ end
+ if rule == tl_ops_constant_balance_param.rule.point then
+ if node_id == nil or node_id == '' then
+ tlog:err("balance param count param node_id nil, param=", param);
+ break
+ end
+ end
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.param_req_succ, service_name, node_id, id)
+ local cur_succ_count = shared:get(cur_count_key)
+ if not cur_succ_count then
+ cur_succ_count = 0
+ end
+
+ if cur_succ_count == 0 then
+ tlog:dbg("balance param count not need sync , succ=",cur_succ_count,",rule=",rule,",id=",id);
+ else
+ -- push to list
+ local counting_list_key = tl_ops_utils_func:gen_node_key( tl_ops_constant_balance_count.cache_key.param_counting_list, service_name, node_id, id)
+ local counting_list = cache_balance_count:get001(counting_list_key)
+ if not counting_list then
+ counting_list = {}
+ else
+ counting_list = cjson.decode(counting_list)
+ end
+
+ counting_list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_succ_count
+
+ local ok, _ = cache_balance_count:set001(counting_list_key, cjson.encode(counting_list))
+ if not ok then
+ tlog:err("balance param success count async err ,counting_list_key=",counting_list_key,",cur_succ_count=",cur_succ_count,",err=",_)
+ end
+
+ -- rest cur_succ_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("balance param success count reset err ,cur_count_key=",cur_count_key,",cur_succ_count=",cur_succ_count,",err=",_)
+ end
+
+ tlog:dbg("balance param count async ok ,counting_list_key=",counting_list_key,",counting_list=",counting_list)
+ end
+
+ break
+ until true
+ end
+end
+
+-- param路由成功次数增加
+local tl_ops_balance_count_incr_param_succ = function ( service_name, node_id, api_rule_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance_count.cache_key.param_req_succ, service_name, node_id, api_rule_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+
+return {
+ tl_ops_balance_count_param = tl_ops_balance_count_param,
+ tl_ops_balance_count_incr_param_succ = tl_ops_balance_count_incr_param_succ
+}
\ No newline at end of file
diff --git a/balance/tl_ops_balance_core.lua b/balance/tl_ops_balance_core.lua
index 488873a..c502ef4 100644
--- a/balance/tl_ops_balance_core.lua
+++ b/balance/tl_ops_balance_core.lua
@@ -15,13 +15,12 @@ local tl_ops_balance_core_cookie = require("balance.tl_ops_balance_core_c
local tl_ops_balance_core_header = require("balance.tl_ops_balance_core_header");
local tl_ops_balance_core_param = require("balance.tl_ops_balance_core_param");
local cache_service = require("cache.tl_ops_cache_core"):new("tl-ops-service");
-local balance_count = require("balance.count.tl_ops_balance_count");
+local balance_count_node = require("balance.count.tl_ops_balance_count_node")
local waf = require("waf.tl_ops_waf")
local tl_ops_limit_fuse_token_bucket = require("limit.fuse.tl_ops_limit_fuse_token_bucket");
local tl_ops_limit_fuse_leak_bucket = require("limit.fuse.tl_ops_limit_fuse_leak_bucket");
local tl_ops_limit = require("limit.tl_ops_limit");
local cjson = require("cjson.safe");
-local tl_ops_utils_func = require("utils.tl_ops_utils_func");
local tl_ops_manage_env = require("tl_ops_manage_env")
local ngx_balancer = require ("ngx.balancer")
local tl_ops_err_content = require("err.tl_ops_err_content")
@@ -99,13 +98,13 @@ function _M:tl_ops_balance_core_filter(ctx)
-- 流控介入
if tl_ops_manage_env.balance.limiter then
- local depend = tl_ops_limit.tl_ops_limit_get_limiter(node.service, node_id)
+ local depend = tl_ops_limit:tl_ops_limit_get_limiter(node.service, node_id)
if depend then
-- 令牌桶流控
if depend == tl_ops_constant_limit.depend.token then
local token_result = tl_ops_limit_fuse_token_bucket.tl_ops_limit_token( node.service, node_id)
if not token_result or token_result == false then
- balance_count:tl_ops_balance_count_incr_fail(node.service, node_id)
+ balance_count_node.tl_ops_balance_count_incr_node_fail(node.service, node_id)
tl_ops_err_content:err_content_rewrite_to_balance("", "t-limit", balance_mode, tl_ops_constant_balance.cache_key.token_limit, "")
return
end
@@ -115,7 +114,7 @@ function _M:tl_ops_balance_core_filter(ctx)
if depend == tl_ops_constant_limit.depend.leak then
local leak_result = tl_ops_limit_fuse_leak_bucket.tl_ops_limit_leak( node.service, node_id)
if not leak_result or leak_result == false then
- balance_count:tl_ops_balance_count_incr_fail(node.service, node_id)
+ balance_count_node.tl_ops_balance_count_incr_node_fail(node.service, node_id)
tl_ops_err_content:err_content_rewrite_to_balance("", "l-limit", balance_mode, tl_ops_constant_balance.cache_key.leak_limit, "")
return
end
@@ -128,14 +127,10 @@ function _M:tl_ops_balance_core_filter(ctx)
-- 节点下线
if not node_state or node_state == false then
- balance_count:tl_ops_balance_count_incr_fail(node.service, node_id)
-
- local limit_req_fail_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_fail, node.service, node_id)
- local failed_count = shared:get(limit_req_fail_count_key)
- if not failed_count then
- shared:set(limit_req_fail_count_key, 0);
- end
- shared:incr(limit_req_fail_count_key, 1)
+ -- 负载失败 -- 负载统计器
+ balance_count_node.tl_ops_balance_count_incr_node_fail(node.service, node_id)
+ -- 负载失败 -- 限流统计器
+ tl_ops_limit:tl_ops_limit_fuse_incr_fail(node.service, node_id);
tl_ops_err_content:err_content_rewrite_to_balance(node.service .. ":" .. node.name, "offline", balance_mode, tl_ops_constant_balance.cache_key.offline, "")
return
@@ -161,15 +156,11 @@ function _M:tl_ops_balance_core_balance(ctx)
return
end
- -- 负载成功
- balance_count:tl_ops_balance_count_incr_succ(tlops_ups_node.service, tlops_ups_node_id)
+ -- 负载成功 - 负载统计器
+ balance_count_node.tl_ops_balance_count_incr_node_succ(tlops_ups_node.service, tlops_ups_node_id)
- local limit_req_succ_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_succ, tlops_ups_node.service, tlops_ups_node_id)
- local success_count = shared:get(limit_req_succ_count_key)
- if not success_count then
- shared:set(limit_req_succ_count_key, 0);
- end
- shared:incr(limit_req_succ_count_key, 1)
+ -- 负载成功 -- 限流统计器
+ tl_ops_limit:tl_ops_limit_fuse_incr_succ(tlops_ups_node.service, tlops_ups_node_id);
ngx.header[tl_ops_constant_balance.proxy_server] = tlops_ups_node.service .. ":" .. tlops_ups_node.name;
ngx.header[tl_ops_constant_balance.proxy_state] = "online"
diff --git a/balance/tl_ops_balance_core_api.lua b/balance/tl_ops_balance_core_api.lua
index d5acd06..9ded784 100644
--- a/balance/tl_ops_balance_core_api.lua
+++ b/balance/tl_ops_balance_core_api.lua
@@ -10,6 +10,7 @@ local tl_ops_utils_func = require("utils.tl_ops_utils_func");
local tl_ops_constant_balance_api = require("constant.tl_ops_constant_balance_api");
local tl_ops_constant_comm = require("constant.tl_ops_constant_comm");
local tl_ops_constant_health = require("constant.tl_ops_constant_health");
+local balance_count_api = require("balance.count.tl_ops_balance_count_api")
local tl_ops_match_mode = tl_ops_constant_comm.tl_ops_match_mode;
local tl_ops_api_type = tl_ops_constant_comm.tl_ops_api_type;
local shared = ngx.shared.tlopsbalance;
@@ -154,6 +155,8 @@ local tl_ops_balance_api_service_matcher = function(service_list_table)
local key = tl_ops_utils_func:gen_node_key(tl_ops_constant_health.cache_key.state, matcher.service, node_id)
local node_state , _ = shared:get(key)
+ -- 命中统计
+ balance_count_api.tl_ops_balance_count_incr_api_succ(matcher.service, node_id, matcher.id);
-- 静态页面代理路径
local api_type = matcher.api_type
diff --git a/balance/tl_ops_balance_core_body.lua b/balance/tl_ops_balance_core_body.lua
index 0f4f757..e027cc4 100644
--- a/balance/tl_ops_balance_core_body.lua
+++ b/balance/tl_ops_balance_core_body.lua
@@ -10,6 +10,7 @@ local tl_ops_utils_func = require("utils.tl_ops_utils_func");
local tl_ops_constant_balance_body = require("constant.tl_ops_constant_balance_body");
local tl_ops_match_mode = require("constant.tl_ops_constant_comm").tl_ops_match_mode;
local tl_ops_constant_health = require("constant.tl_ops_constant_health")
+local balance_count_body = require("balance.count.tl_ops_balance_count_body")
local shared = ngx.shared.tlopsbalance
local find = ngx.re.find
@@ -148,6 +149,9 @@ local tl_ops_balance_body_service_matcher = function(service_list_table)
node = service_list[node_id]
end
+ -- 命中统计
+ balance_count_body.tl_ops_balance_count_incr_body_succ(matcher.service,node_id, matcher.id);
+
-- 获取当前节点健康状态
local key = tl_ops_utils_func:gen_node_key(tl_ops_constant_health.cache_key.state, matcher.service, node_id)
local node_state , _ = shared:get(key)
diff --git a/balance/tl_ops_balance_core_cookie.lua b/balance/tl_ops_balance_core_cookie.lua
index df33982..9642d40 100644
--- a/balance/tl_ops_balance_core_cookie.lua
+++ b/balance/tl_ops_balance_core_cookie.lua
@@ -9,6 +9,7 @@ local cache_cookie = require("cache.tl_ops_cache_core"):new
local tl_ops_utils_func = require("utils.tl_ops_utils_func");
local tl_ops_constant_balance_cookie = require("constant.tl_ops_constant_balance_cookie");
local tl_ops_constant_health = require("constant.tl_ops_constant_health")
+local balance_count_cookie = require("balance.count.tl_ops_balance_count_cookie")
local shared = ngx.shared.tlopsbalance
@@ -123,6 +124,9 @@ local tl_ops_balance_cookie_service_matcher = function(service_list_table)
node = service_list[node_id]
end
+ -- 命中统计
+ balance_count_cookie.tl_ops_balance_count_incr_cookie_succ(matcher.service,node_id, matcher.id);
+
-- 获取当前节点健康状态
local key = tl_ops_utils_func:gen_node_key(tl_ops_constant_health.cache_key.state, matcher.service, node_id)
local node_state , _ = shared:get(key)
diff --git a/balance/tl_ops_balance_core_header.lua b/balance/tl_ops_balance_core_header.lua
index 5567dc6..0e61189 100644
--- a/balance/tl_ops_balance_core_header.lua
+++ b/balance/tl_ops_balance_core_header.lua
@@ -9,6 +9,7 @@ local cache_header = require("cache.tl_ops_cache_core"):new
local tl_ops_utils_func = require("utils.tl_ops_utils_func");
local tl_ops_constant_balance_header = require("constant.tl_ops_constant_balance_header");
local tl_ops_constant_health = require("constant.tl_ops_constant_health")
+local balance_count_header = require("balance.count.tl_ops_balance_count_header")
local shared = ngx.shared.tlopsbalance
@@ -127,6 +128,9 @@ local tl_ops_balance_header_service_matcher = function(service_list_table)
node = service_list[node_id]
end
+ -- 命中统计
+ balance_count_header.tl_ops_balance_count_incr_header_succ(matcher.service,node_id, matcher.id);
+
-- 获取当前节点健康状态
local key = tl_ops_utils_func:gen_node_key(tl_ops_constant_health.cache_key.state, matcher.service, node_id)
local node_state , _ = shared:get(key)
diff --git a/balance/tl_ops_balance_core_param.lua b/balance/tl_ops_balance_core_param.lua
index bf27e01..eb3e6cd 100644
--- a/balance/tl_ops_balance_core_param.lua
+++ b/balance/tl_ops_balance_core_param.lua
@@ -9,6 +9,7 @@ local cache_param = require("cache.tl_ops_cache_core"):new("tl
local tl_ops_utils_func = require("utils.tl_ops_utils_func");
local tl_ops_constant_balance_param = require("constant.tl_ops_constant_balance_param");
local tl_ops_constant_health = require("constant.tl_ops_constant_health")
+local balance_count_param = require("balance.count.tl_ops_balance_count_param")
local shared = ngx.shared.tlopsbalance
@@ -128,6 +129,9 @@ local tl_ops_balance_param_service_matcher = function(service_list_table)
node = service_list[node_id]
end
+ -- 命中统计
+ balance_count_param.tl_ops_balance_count_incr_param_succ(matcher.service,node_id, matcher.id);
+
-- 获取当前节点健康状态
local key = tl_ops_utils_func:gen_node_key(tl_ops_constant_health.cache_key.state, matcher.service, node_id)
local node_state , _ = shared:get(key)
diff --git a/bin/install_centeros.sh b/bin/install_centeros.sh
old mode 100644
new mode 100755
index 51b84e2..2f29175
--- a/bin/install_centeros.sh
+++ b/bin/install_centeros.sh
@@ -6,7 +6,7 @@ TL_OPS_PATH="/usr/local/tl-ops-manage/"
TL_OPS_CONF_PATH="/usr/local/tl-ops-manage/conf/tl_ops_manage.conf"
TL_OPS_LUA_PATH="/usr/local/openresty/lualib/?.lua;;/usr/local/tl-ops-manage/?.lua;;"
TL_OPS_LUAC_PATH="/usr/local/openresty/lualib/?.so;;"
-TL_OPS_VER="v3.3.0"
+TL_OPS_VER="v3.4.0"
echo_msg(){
cur_time=$(date "+%Y-%m-%d %H:%M:%S")
diff --git a/bin/install_ubuntu.sh b/bin/install_ubuntu.sh
old mode 100644
new mode 100755
index a48ec23..46aeb54
--- a/bin/install_ubuntu.sh
+++ b/bin/install_ubuntu.sh
@@ -6,7 +6,7 @@ TL_OPS_PATH="/usr/local/tl-ops-manage/"
TL_OPS_CONF_PATH="/usr/local/tl-ops-manage/conf/tl_ops_manage.conf"
TL_OPS_LUA_PATH="/usr/local/openresty/lualib/?.lua;;/usr/local/tl-ops-manage/?.lua;;"
TL_OPS_LUAC_PATH="/usr/local/openresty/lualib/?.so;;"
-TL_OPS_VER="v3.3.0"
+TL_OPS_VER="v3.4.0"
echo_msg(){
cur_time=$(date "+%Y-%m-%d %H:%M:%S")
diff --git a/constant/tl_ops_constant.lua b/constant/tl_ops_constant.lua
index 39f8760..eddb00f 100644
--- a/constant/tl_ops_constant.lua
+++ b/constant/tl_ops_constant.lua
@@ -5,13 +5,13 @@ local service = require("constant.tl_ops_constant_service");
local health = require("constant.tl_ops_constant_health")
local limit = require("constant.tl_ops_constant_limit");
local balance = require("constant.tl_ops_constant_balance");
+local balance_count = require("constant.tl_ops_constant_balance_count");
local balance_api = require("constant.tl_ops_constant_balance_api");
local balance_body = require("constant.tl_ops_constant_balance_body");
local balance_param = require("constant.tl_ops_constant_balance_param");
local balance_header = require("constant.tl_ops_constant_balance_header");
local balance_cookie = require("constant.tl_ops_constant_balance_cookie");
local waf = require("constant.tl_ops_constant_waf");
-local waf_scope = require("constant.tl_ops_constant_waf_scope");
local waf_ip = require("constant.tl_ops_constant_waf_ip");
local waf_api = require("constant.tl_ops_constant_waf_api");
local waf_cc = require("constant.tl_ops_constant_waf_cc");
@@ -32,8 +32,8 @@ return {
balance_param = balance_param,
balance_header = balance_header,
balance_cookie = balance_cookie,
+ balance_count = balance_count,
waf = waf,
- waf_scope = waf_scope,
waf_ip = waf_ip,
waf_api = waf_api,
waf_cc = waf_cc,
diff --git a/constant/tl_ops_constant_balance.lua b/constant/tl_ops_constant_balance.lua
index 4f37e0f..f1d8647 100644
--- a/constant/tl_ops_constant_balance.lua
+++ b/constant/tl_ops_constant_balance.lua
@@ -10,7 +10,7 @@ local tl_ops_constant_balance_param = require("constant.tl_ops_constant_bala
local tl_ops_constant_balance = {
cache_key = {
- lock = "tl_ops_balance_lock",
+ -- 持久化字段
service_empty = "tl_ops_balance_service_empty_err",
mode_empty = "tl_ops_balance_mode_empty_err",
host_empty = "tl_ops_balance_host_empty_err",
@@ -18,9 +18,6 @@ local tl_ops_constant_balance = {
token_limit = "tl_ops_balance_token_limit_err",
leak_limit = "tl_ops_balance_leak_limit_err",
offline = "tl_ops_balance_offline_err",
- req_succ = "tl_ops_balance_req_succ", -- 以服务节点为单位路由请求成功次数 int
- req_fail = "tl_ops_balance_req_fail", -- 以服务节点为单位路由请求失败次数 int
- balance_interval_success = "tl_ops_balance_interval_success", -- 以服务节点为单位,周期内成功次数集合 list
},
proxy_server = "Tl-Proxy-Server", -- 请求头标记
proxy_state = "Tl-Proxy-State",
@@ -66,9 +63,6 @@ local tl_ops_constant_balance = {
rule = tl_ops_constant_balance_param.rule.point,
rule_match_mode = tl_ops_constant_balance_param.mode.host
},
- count = {
- interval = 10 -- 统计周期 单位/s, 默认:5min
- },
service_empty = {
},
diff --git a/constant/tl_ops_constant_balance_api.lua b/constant/tl_ops_constant_balance_api.lua
index dc744ee..a18cc72 100644
--- a/constant/tl_ops_constant_balance_api.lua
+++ b/constant/tl_ops_constant_balance_api.lua
@@ -4,6 +4,7 @@ local api_type = require("constant.tl_ops_constant_comm").tl_ops_api_type;
-- api 默认列表
local tl_ops_constant_balance_api = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_balance_api_list",
rule = "tl_ops_balance_api_rule",
rule_match_mode = "tl_ops_balance_api_rule_match_mode"
diff --git a/constant/tl_ops_constant_balance_body.lua b/constant/tl_ops_constant_balance_body.lua
index 4ddbe3d..117b41c 100644
--- a/constant/tl_ops_constant_balance_body.lua
+++ b/constant/tl_ops_constant_balance_body.lua
@@ -3,6 +3,7 @@ local match_mode = require("constant.tl_ops_constant_comm").tl_ops_match_mode;
-- body 默认列表
local tl_ops_constant_balance_body = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_balance_body_list",
rule = "tl_ops_balance_body_rule",
rule_match_mode = "tl_ops_balance_body_rule_match_mode"
diff --git a/constant/tl_ops_constant_balance_cookie.lua b/constant/tl_ops_constant_balance_cookie.lua
index bd1aa7f..7b5b64c 100644
--- a/constant/tl_ops_constant_balance_cookie.lua
+++ b/constant/tl_ops_constant_balance_cookie.lua
@@ -1,6 +1,7 @@
-- cookie 默认列表
local tl_ops_constant_balance_cookie = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_balance_cookie_list",
rule = "tl_ops_balance_cookie_rule",
rule_match_mode = "tl_ops_balance_cookie_rule_match_mode"
diff --git a/constant/tl_ops_constant_balance_count.lua b/constant/tl_ops_constant_balance_count.lua
new file mode 100644
index 0000000..93a1631
--- /dev/null
+++ b/constant/tl_ops_constant_balance_count.lua
@@ -0,0 +1,25 @@
+local tl_ops_constant_balance_count = {
+ cache_key = {
+ -- 临时字段
+ lock = "tl_ops_balance_count_lock",
+ node_req_succ = "tl_ops_balance_node_req_succ", -- 以服务节点为单位路由请求成功次数 int
+ node_req_fail = "tl_ops_balance_node_req_fail", -- 以服务节点为单位路由请求失败次数 int
+ api_req_succ = "tl_ops_balance_api_req_succ", -- 以api规则命中次数次数 int
+ body_req_succ = "tl_ops_balance_body_req_succ", -- 以body规则命中次数次数 int
+ cookie_req_succ = "tl_ops_balance_cookie_req_succ", -- 以bookie规则命中次数次数 int
+ header_req_succ = "tl_ops_balance_header_req_succ", -- 以header规则命中次数次数 int
+ param_req_succ = "tl_ops_balance_param_req_succ", -- 以param规则命中次数次数 int
+
+ -- 持久化字段
+ node_counting_list = "tl_ops_balance_node_counting_list", -- 以服务节点为单位,周期内统计次数集合 list
+ api_counting_list = "tl_ops_balance_api_counting_list", -- 以服务节点的api为单位,周期内统计次数集合 list
+ body_counting_list = "tl_ops_balance_body_counting_list", -- 以服务节点的body为单位,周期内统计次数集合 list
+ cookie_counting_list = "tl_ops_balance_cookie_counting_list", -- 以服务节点的cookie为单位,周期内统计次数集合 list
+ header_counting_list = "tl_ops_balance_header_counting_list", -- 以服务节点的header为单位,周期内统计次数集合 list
+ param_counting_list = "tl_ops_balance_param_counting_list", -- 以服务节点的param为单位,周期内统计次数集合 list
+
+ },
+ interval = 10, -- 统计周期 单位/s, 默认:10s
+}
+
+return tl_ops_constant_balance_count
\ No newline at end of file
diff --git a/constant/tl_ops_constant_balance_header.lua b/constant/tl_ops_constant_balance_header.lua
index 4bbd70a..7edd07d 100644
--- a/constant/tl_ops_constant_balance_header.lua
+++ b/constant/tl_ops_constant_balance_header.lua
@@ -1,6 +1,7 @@
-- header 默认列表
local tl_ops_constant_balance_header = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_balance_header_list",
rule = "tl_ops_balance_header_rule",
rule_match_mode = "tl_ops_balance_header_rule_match_mode"
diff --git a/constant/tl_ops_constant_balance_param.lua b/constant/tl_ops_constant_balance_param.lua
index fbc5b7c..06cfc29 100644
--- a/constant/tl_ops_constant_balance_param.lua
+++ b/constant/tl_ops_constant_balance_param.lua
@@ -1,6 +1,7 @@
-- param 默认列表
local tl_ops_constant_balance_param = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_balance_param_list",
rule = "tl_ops_balance_param_rule",
rule_match_mode = "tl_ops_balance_param_rule_match_mode"
diff --git a/constant/tl_ops_constant_comm.lua b/constant/tl_ops_constant_comm.lua
index 2593b60..bbd31cf 100644
--- a/constant/tl_ops_constant_comm.lua
+++ b/constant/tl_ops_constant_comm.lua
@@ -34,6 +34,12 @@ local tl_ops_constant_comm = {
api = "api",
-- 文件资源
page = "page"
+ },
+ tl_ops_waf_scope = { -- waf模式
+ -- 全局waf
+ global = "global",
+ -- 服务级别waf
+ service = "service"
}
};
diff --git a/constant/tl_ops_constant_health.lua b/constant/tl_ops_constant_health.lua
index 235113a..3f2ccc2 100644
--- a/constant/tl_ops_constant_health.lua
+++ b/constant/tl_ops_constant_health.lua
@@ -3,15 +3,18 @@ local tl_ops_constant_service = require("constant.tl_ops_constant_service");
-- 基础检测配置功能定义
local tl_ops_constant_health_check = {
cache_key = {
+ -- 临时字段
lock = "tl_ops_health_check_lock", -- boolean
state = "tl_ops_health_check_donw_state", -- boolean 健康状态标记
failed = "tl_ops_health_check_failed_count", -- int 自检失败标记
success = "tl_ops_health_check_success_count", -- int 自检成功标记
- options_list = "tl_ops_health_options_list", -- list 健康配置缓存
service_version = "tl_ops_health_service_version", -- int 服务配置变动
service_options_version = "tl_ops_health_service_options_version", -- boolean 服务新增变动
timers = "tl_ops_health_timers", -- list 当前开启自检的服务
uncheck = "tl_ops_health_check_uncheck", -- boolean 服务/节点是否关闭自检
+
+ -- 持久化字段
+ options_list = "tl_ops_health_options_list", -- list 健康配置缓存
history_state = "tl_ops_health_history_state", -- list TODO 未实现
},
options = {
diff --git a/constant/tl_ops_constant_limit.lua b/constant/tl_ops_constant_limit.lua
index 1c7e663..e5f5813 100644
--- a/constant/tl_ops_constant_limit.lua
+++ b/constant/tl_ops_constant_limit.lua
@@ -4,7 +4,7 @@ local tl_ops_utils_func = require("utils.tl_ops_utils_func");
-- 令牌桶配置
local token = { --服务令牌桶配置
cache_key = {
- options_list = "tl_ops_limit_token_options_list",
+ -- 临时字段
capacity = "tl_ops_limit_token_capacity_service",
block = "tl_ops_limit_token_block_service",
rate = "tl_ops_limit_token_rate_service",
@@ -13,7 +13,10 @@ local token = { --服务令牌桶配置
pre_time = "tl_ops_limit_token_pre_time_service",
token_bucket = "tl_ops_limit_token_bucket_service",
warm = "tl_ops_limit_token_warm_service",
- lock = "tl_ops_limit_token_lock_service"
+ lock = "tl_ops_limit_token_lock_service",
+
+ -- 持久化字段
+ options_list = "tl_ops_limit_token_options_list",
},
options = {
@@ -32,7 +35,7 @@ local token = { --服务令牌桶配置
-- 漏桶配置
local leak = { --服务漏桶配置
cache_key = {
- options_list = "tl_ops_limit_leak_options_list",
+ -- 临时字段
capacity = "tl_ops_limit_leak_capacity_service",
block = "tl_ops_limit_leak_block_service",
rate = "tl_ops_limit_leak_rate_service",
@@ -40,7 +43,10 @@ local leak = { --服务漏桶配置
shrink = "tl_ops_limit_leak_shrink_service",
pre_time = "tl_ops_limit_leak_pre_time_service",
leak_bucket = "tl_ops_limit_leak_bucket_service",
- lock = "tl_ops_limit_leak_lock_service"
+ lock = "tl_ops_limit_leak_lock_service",
+
+ -- 持久化字段
+ options_list = "tl_ops_limit_leak_options_list",
},
options = {
@@ -58,7 +64,7 @@ local leak = { --服务漏桶配置
-- 滑动窗口配置
local sliding = { --服务滑动窗口配置
cache_key = {
- options_list = "tl_ops_limit_sliding_options_list",
+ -- 临时字段
window = "tl_ops_limit_sliding_window_service",
block = "tl_ops_limit_sliding_block_service",
cycle = "tl_ops_limit_sliding_cycle_service",
@@ -68,7 +74,10 @@ local sliding = { --服务滑动窗口配置
shrink = "tl_ops_limit_sliding_shrink_service",
count = "tl_ops_limit_sliding_count_service",
pre_time = "tl_ops_limit_sliding_pre_time_service",
- lock = "tl_ops_limit_sliding_lock_service"
+ lock = "tl_ops_limit_sliding_lock_service",
+
+ -- 持久化字段
+ options_list = "tl_ops_limit_sliding_options_list",
},
options = {
@@ -107,14 +116,17 @@ local mode = {
-- 熔断配置
local fuse = {
cache_key = {
+ -- 临时字段
lock = "tl_ops_limit_fuse_lock", -- boolean 熔断定时任务锁
- req_succ = "tl_ops_limit_fuse_req_succ", -- int 周期内路由成功次数
- req_fail = "tl_ops_limit_fuse_req_fail", -- int 周期内路由失败次数
- options_list = "tl_ops_limit_fuse_options_list", -- list 配置缓存
+ node_req_succ = "tl_ops_limit_fuse_node_req_succ", -- int 周期内路由成功次数
+ node_req_fail = "tl_ops_limit_fuse_node_req_fail", -- int 周期内路由失败次数
service_state = "tl_ops_limit_fuse_service_state", -- int 服务熔断状态
service_version = "tl_ops_limit_fuse_service_version", -- int 服务配置变动
service_options_version = "tl_ops_limit_fuse_service_options_version", -- boolean 服务新增变动
timers = "tl_ops_limit_fuse_timers", -- list 当前开启自检的服务
+
+ -- 持久化字段
+ options_list = "tl_ops_limit_fuse_options_list", -- list 配置缓存
},
options = {
diff --git a/constant/tl_ops_constant_plugins_manage.lua b/constant/tl_ops_constant_plugins_manage.lua
index 5b8449f..cf6bedf 100644
--- a/constant/tl_ops_constant_plugins_manage.lua
+++ b/constant/tl_ops_constant_plugins_manage.lua
@@ -1,6 +1,7 @@
-- 插件列表
local tl_ops_constant_plugins_manage = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_plugins_list"
},
list = {
diff --git a/constant/tl_ops_constant_service.lua b/constant/tl_ops_constant_service.lua
index 941ee5e..1aa650a 100644
--- a/constant/tl_ops_constant_service.lua
+++ b/constant/tl_ops_constant_service.lua
@@ -3,6 +3,7 @@ local snowflake = require("lib.snowflake");
-- service 默认列表
local tl_ops_constant_service = {
cache_key = {
+ -- 持久化字段
service_list = "tl_ops_service_list",
service_rule = "tl_ops_service_rule",
},
diff --git a/constant/tl_ops_constant_waf.lua b/constant/tl_ops_constant_waf.lua
index f72f41b..1fcd617 100644
--- a/constant/tl_ops_constant_waf.lua
+++ b/constant/tl_ops_constant_waf.lua
@@ -4,27 +4,18 @@ local tl_ops_constant_waf_cookie = require("constant.tl_ops_constant_waf_cook
local tl_ops_constant_waf_header = require("constant.tl_ops_constant_waf_header");
local tl_ops_constant_waf_param = require("constant.tl_ops_constant_waf_param");
local tl_ops_constant_waf_cc = require("constant.tl_ops_constant_waf_cc");
-local tl_ops_constant_service = require("constant.tl_ops_constant_service");
-- waf规则配置
local tl_ops_constant_waf = {
cache_key = {
- lock = "tl_ops_waf_lock",
+ -- 持久化字段
waf_ip = "tl_ops_waf_ip_err",
waf_api = "tl_ops_waf_api_err",
waf_cc = "tl_ops_waf_cc_err",
waf_header = "tl_ops_waf_header_err",
waf_cookie = "tl_ops_waf_cookie_err",
waf_param = "tl_ops_waf_param_err",
-
- req_ip = "tl_ops_waf_req_ip", -- waf统计, waf-ip命中次数
- req_api = "tl_ops_waf_req_api",
- req_cc = "tl_ops_waf_req_cc",
- req_header = "tl_ops_waf_req_header",
- req_cookie = "tl_ops_waf_req_cookie",
- req_param = "tl_ops_waf_req_param",
- waf_interval_success = "tl_ops_waf_interval_success", -- 以服务节点为单位,周期内拦截成功次数集合 list
},
waf_mode = "Tl-Waf-Mode",
ip = {
diff --git a/constant/tl_ops_constant_waf_api.lua b/constant/tl_ops_constant_waf_api.lua
index a66e084..e3843ec 100644
--- a/constant/tl_ops_constant_waf_api.lua
+++ b/constant/tl_ops_constant_waf_api.lua
@@ -1,9 +1,10 @@
local snowflake = require("lib.snowflake");
-local scope = require("constant.tl_ops_constant_waf_scope");
+local scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
-- api waf默认列表
local tl_ops_constant_waf_api = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_waf_api_list",
open = "tl_ops_waf_api_open",
scope = "tl_ops_waf_api_scope"
diff --git a/constant/tl_ops_constant_waf_cc.lua b/constant/tl_ops_constant_waf_cc.lua
index 8e96fc6..dda066b 100644
--- a/constant/tl_ops_constant_waf_cc.lua
+++ b/constant/tl_ops_constant_waf_cc.lua
@@ -1,13 +1,16 @@
local snowflake = require("lib.snowflake");
-local scope = require("constant.tl_ops_constant_waf_scope");
+local scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
-- cc waf默认列表
local tl_ops_constant_waf_cc = {
cache_key = {
+ -- 临时字段
+ prefix = "tl_ops_waf_cc_prefix",
+
+ -- 持久化字段
list = "tl_ops_waf_cc_list",
open = "tl_ops_waf_cc_open",
scope = "tl_ops_waf_cc_scope",
- prefix = "tl_ops_waf_cc_prefix",
},
list = {
diff --git a/constant/tl_ops_constant_waf_cookie.lua b/constant/tl_ops_constant_waf_cookie.lua
index f16b321..2bcff78 100644
--- a/constant/tl_ops_constant_waf_cookie.lua
+++ b/constant/tl_ops_constant_waf_cookie.lua
@@ -1,9 +1,10 @@
local snowflake = require("lib.snowflake");
-local scope = require("constant.tl_ops_constant_waf_scope");
+local scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
-- cookie waf默认列表
local tl_ops_constant_waf_cookie = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_waf_cookie_list",
open = "tl_ops_waf_cookie_open",
scope = "tl_ops_waf_cookie_scope"
diff --git a/constant/tl_ops_constant_waf_count.lua b/constant/tl_ops_constant_waf_count.lua
new file mode 100644
index 0000000..b563aed
--- /dev/null
+++ b/constant/tl_ops_constant_waf_count.lua
@@ -0,0 +1,26 @@
+-- waf统计
+local tl_ops_constant_waf_count = {
+ cache_key = {
+ -- 临时字段
+ lock = "tl_ops_waf_count_lock",
+ node_req_succ = "tl_ops_waf_node_req_succ", -- 以节点单位命中次数次数 int
+ ip_req_succ = "tl_ops_waf_ip_req_succ", -- 以ip规则命中次数次数 int
+ api_req_succ = "tl_ops_waf_api_req_succ", -- 以api规则命中次数次数 int
+ cc_req_succ = "tl_ops_waf_cc_req_succ", -- 以cc规则命中次数次数 int
+ cookie_req_succ = "tl_ops_waf_cookie_req_succ", -- 以cookie规则命中次数次数 int
+ header_req_succ = "tl_ops_waf_header_req_succ", -- 以header规则命中次数次数 int
+ param_req_succ = "tl_ops_waf_param_req_succ", -- 以param规则命中次数次数 int
+
+ -- 持久化字段
+ node_counting_list = "tl_ops_waf_node_counting_list", -- 以ip规则单位,周期内统计次数集合 list
+ ip_counting_list = "tl_ops_waf_ip_counting_list", -- 以ip规则单位,周期内统计次数集合 list
+ api_counting_list = "tl_ops_waf_api_counting_list", -- 以api规则单位,周期内统计次数集合 list
+ cc_counting_list = "tl_ops_waf_cc_counting_list", -- 以cc规则为单位,周期内统计次数集合 list
+ cookie_counting_list = "tl_ops_waf_cookie_counting_list", -- 以cookie规则为单位,周期内统计次数集合 list
+ header_counting_list = "tl_ops_waf_header_counting_list", -- 以header规则为单位,周期内统计次数集合 list
+ param_counting_list = "tl_ops_waf_param_counting_list", -- 以param规则为单位,周期内统计次数集合 list
+ },
+ interval = 10, -- 统计周期 单位/s
+}
+
+return tl_ops_constant_waf_count
\ No newline at end of file
diff --git a/constant/tl_ops_constant_waf_header.lua b/constant/tl_ops_constant_waf_header.lua
index 7594b69..eb533ce 100644
--- a/constant/tl_ops_constant_waf_header.lua
+++ b/constant/tl_ops_constant_waf_header.lua
@@ -1,9 +1,10 @@
local snowflake = require("lib.snowflake");
-local scope = require("constant.tl_ops_constant_waf_scope");
+local scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
-- header waf默认列表
local tl_ops_constant_waf_header = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_waf_header_list",
open = "tl_ops_waf_header_open",
scope = "tl_ops_waf_header_scope"
diff --git a/constant/tl_ops_constant_waf_ip.lua b/constant/tl_ops_constant_waf_ip.lua
index 83f92a0..e2bf29b 100644
--- a/constant/tl_ops_constant_waf_ip.lua
+++ b/constant/tl_ops_constant_waf_ip.lua
@@ -1,9 +1,10 @@
-local snowflake = require("lib.snowflake");
-local scope = require("constant.tl_ops_constant_waf_scope");
+local snowflake = require("lib.snowflake");
+local scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
-- ip waf默认列表
local tl_ops_constant_waf_ip = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_waf_ip_list",
open = "tl_ops_waf_ip_open",
scope = "tl_ops_waf_ip_scope"
diff --git a/constant/tl_ops_constant_waf_param.lua b/constant/tl_ops_constant_waf_param.lua
index 0189926..c2a03f9 100644
--- a/constant/tl_ops_constant_waf_param.lua
+++ b/constant/tl_ops_constant_waf_param.lua
@@ -1,9 +1,10 @@
-local snowflake = require("lib.snowflake");
-local scope = require("constant.tl_ops_constant_waf_scope");
+local snowflake = require("lib.snowflake");
+local scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
-- param waf默认列表
local tl_ops_constant_waf_param = {
cache_key = {
+ -- 持久化字段
list = "tl_ops_waf_param_list",
open = "tl_ops_waf_param_open",
scope = "tl_ops_waf_param_scope"
diff --git a/constant/tl_ops_constant_waf_scope.lua b/constant/tl_ops_constant_waf_scope.lua
deleted file mode 100644
index e042cf8..0000000
--- a/constant/tl_ops_constant_waf_scope.lua
+++ /dev/null
@@ -1,8 +0,0 @@
--- waf作用域
-
-local scope = {
- global = "global", -- 全局waf
- service = "service", -- 服务级别waf
-}
-
-return scope
\ No newline at end of file
diff --git a/doc/change.md b/doc/change.md
index 5f93c17..87ae19a 100644
--- a/doc/change.md
+++ b/doc/change.md
@@ -1,6 +1,22 @@
## 事务更新日程
+
+2023-03-12
+
+ 1. 支持负载详情多维度统计和展示
+
+ 2. 支持waf详情多维度统计和展示
+
+ 3. 支持管理后台退出登陆
+
+ 4. 优化代码注释
+
+ 5. 即将支持grpc代理插件
+
+ 6. 事务日程调整
+
+
2023-03-05
1. 支持静态资源路由配置
diff --git a/doc/feature.md b/doc/feature.md
index 5b5d4fd..09f9d75 100644
--- a/doc/feature.md
+++ b/doc/feature.md
@@ -20,11 +20,13 @@
- [x] 支持规则匹配模式自定义
+- [x] 支持静态资源路由规则
+
- [x] 支持自定义优先匹配模式
- [x] 支持定制路由错误内容
-- [ ] 支持路由详情统计查看
+- [x] 支持路由详情统计查看
- [x] 支持服务健康检查
diff --git a/gitbook/api/README_STATE.md b/gitbook/api/README_STATE.md
index 4141f87..f416023 100644
--- a/gitbook/api/README_STATE.md
+++ b/gitbook/api/README_STATE.md
@@ -33,7 +33,7 @@
"nodes": { // 节点列表
"test-node-1": { // 节点名称
"health_state": false, // 节点健康状态
- "balance_success": { // 负载统计列表
+ "balance_node_count": { // 负载统计列表
"2022-08-16 11:20:26": 3,
},
"limit_depend": "token", // 节点限流熔断依赖算法
diff --git a/gitbook/code/balance/README.md b/gitbook/code/balance/README.md
index 4520eda..f14d3a7 100644
--- a/gitbook/code/balance/README.md
+++ b/gitbook/code/balance/README.md
@@ -175,7 +175,7 @@ function _M:tl_ops_balance_core_filter(ctx)
if depend == tl_ops_constant_limit.depend.token then
local token_result = tl_ops_limit_fuse_token_bucket.tl_ops_limit_token( node.service, node_id)
if not token_result or token_result == false then
- balance_count:tl_ops_balance_count_incr_fail(node.service, node_id)
+ balance_count:tl_ops_balance_count_incr_node_fail(node.service, node_id)
tl_ops_err_content:err_content_rewrite_to_balance("", "t-limit", balance_mode, tl_ops_constant_balance.cache_key.token_limit)
return
end
@@ -185,7 +185,7 @@ function _M:tl_ops_balance_core_filter(ctx)
if depend == tl_ops_constant_limit.depend.leak then
local leak_result = tl_ops_limit_fuse_leak_bucket.tl_ops_limit_leak( node.service, node_id)
if not leak_result or leak_result == false then
- balance_count:tl_ops_balance_count_incr_fail(node.service, node_id)
+ balance_count:tl_ops_balance_count_incr_node_fail(node.service, node_id)
tl_ops_err_content:err_content_rewrite_to_balance("", "l-limit", balance_mode, tl_ops_constant_balance.cache_key.leak_limit)
return
end
@@ -198,14 +198,14 @@ function _M:tl_ops_balance_core_filter(ctx)
-- 节点下线
if not node_state or node_state == false then
- balance_count:tl_ops_balance_count_incr_fail(node.service, node_id)
+ balance_count:tl_ops_balance_count_incr_node_fail(node.service, node_id)
- local limit_req_fail_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_fail, node.service, node_id)
- local failed_count = shared:get(limit_req_fail_count_key)
+ local limit_node_req_fail_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_fail, node.service, node_id)
+ local failed_count = shared:get(limit_node_req_fail_count_key)
if not failed_count then
- shared:set(limit_req_fail_count_key, 0);
+ shared:set(limit_node_req_fail_count_key, 0);
end
- shared:incr(limit_req_fail_count_key, 1)
+ shared:incr(limit_node_req_fail_count_key, 1)
tl_ops_err_content:err_content_rewrite_to_balance(node.service .. ":" .. node.name, "offline", balance_mode, tl_ops_constant_balance.cache_key.offline)
return
@@ -229,14 +229,14 @@ function _M:tl_ops_balance_core_balance(ctx)
end
-- 负载成功
- balance_count:tl_ops_balance_count_incr_succ(tlops_ups_node.service, tlops_ups_node_id)
+ balance_count:tl_ops_balance_count_incr_node_succ(tlops_ups_node.service, tlops_ups_node_id)
- local limit_req_succ_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_succ, tlops_ups_node.service, tlops_ups_node_id)
- local success_count = shared:get(limit_req_succ_count_key)
+ local limit_node_req_succ_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_succ, tlops_ups_node.service, tlops_ups_node_id)
+ local success_count = shared:get(limit_node_req_succ_count_key)
if not success_count then
- shared:set(limit_req_succ_count_key, 0);
+ shared:set(limit_node_req_succ_count_key, 0);
end
- shared:incr(limit_req_succ_count_key, 1)
+ shared:incr(limit_node_req_succ_count_key, 1)
ngx.header[tl_ops_constant_balance.proxy_server] = tlops_ups_node.service .. ":" .. tlops_ups_node.name;
ngx.header[tl_ops_constant_balance.proxy_state] = "online"
diff --git a/gitbook/code/balancecount/README.md b/gitbook/code/balancecount/README.md
index 6390600..0ae4a4f 100644
--- a/gitbook/code/balancecount/README.md
+++ b/gitbook/code/balancecount/README.md
@@ -52,7 +52,7 @@ local tl_ops_balance_count = function()
-- 控制细度 ,以周期为分割,仅用store持久
- local count_name = "tl-ops-balance-count-" .. tl_ops_constant_balance.count.interval;
+ local count_name = "tl-ops-balance-count-" .. tl_ops_constant_balance_count.interval;
local cache_balance_count = require("cache.tl_ops_cache_core"):new(count_name);
for service_name, nodes in pairs(service_list) do
@@ -63,13 +63,13 @@ local tl_ops_balance_count = function()
for i = 1, #nodes do
local node_id = i-1
- local cur_succ_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.req_succ, service_name, node_id)
+ local cur_succ_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.node_req_succ, service_name, node_id)
local cur_succ_count = shared:get(cur_succ_count_key)
if not cur_succ_count then
cur_succ_count = 0
end
- local cur_fail_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.req_fail, service_name, node_id)
+ local cur_fail_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.node_req_fail, service_name, node_id)
local cur_fail_count = shared:get(cur_fail_count_key)
if not cur_fail_count then
cur_fail_count = 0
@@ -80,16 +80,16 @@ local tl_ops_balance_count = function()
tlog:err("balance count async err , succ=",cur_succ_count,",fail=",cur_fail_count,",service_name=",service_name,",node_id=",node_id)
else
-- push to list
- local success_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.balance_interval_success, service_name, node_id)
- local balance_interval_success = cache_balance_count:get001(success_key)
- if not balance_interval_success then
- balance_interval_success = {}
+ local success_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_balance.cache_key.node_counting_list, service_name, node_id)
+ local node_counting_list = cache_balance_count:get001(success_key)
+ if not node_counting_list then
+ node_counting_list = {}
else
- balance_interval_success = cjson.decode(balance_interval_success)
+ node_counting_list = cjson.decode(node_counting_list)
end
- balance_interval_success[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
- local ok, _ = cache_balance_count:set001(success_key, cjson.encode(balance_interval_success))
+ node_counting_list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
+ local ok, _ = cache_balance_count:set001(success_key, cjson.encode(node_counting_list))
if not ok then
tlog:err("balance success count async err ,success_key=",success_key,",cur_count=",cur_count,",err=",_)
end
@@ -104,7 +104,7 @@ local tl_ops_balance_count = function()
tlog:err("balance fail count reset err ,success_key=",success_key,",cur_count=",cur_count)
end
- tlog:dbg("balance count async ok ,success_key=",success_key,",balance_interval_success=",balance_interval_success)
+ tlog:dbg("balance count async ok ,success_key=",success_key,",node_counting_list=",node_counting_list)
end
end
end
diff --git a/gitbook/code/fuselimit/README_BALANCE.md b/gitbook/code/fuselimit/README_BALANCE.md
index 6b00dcb..c4c8c0a 100644
--- a/gitbook/code/fuselimit/README_BALANCE.md
+++ b/gitbook/code/fuselimit/README_BALANCE.md
@@ -17,7 +17,7 @@ if tl_ops_manage_env.balance.limiter then
if depend == tl_ops_constant_limit.depend.token then
local token_result = tl_ops_limit_fuse_token_bucket.tl_ops_limit_token( node.service, node_id)
if not token_result or token_result == false then
- balance_count:tl_ops_balance_count_incr_fail(node.service, node_id)
+ balance_count:tl_ops_balance_count_incr_node_fail(node.service, node_id)
tl_ops_err_content:err_content_rewrite_to_balance("", "t-limit", balance_mode, tl_ops_constant_balance.cache_key.token_limit)
return
end
@@ -27,7 +27,7 @@ if tl_ops_manage_env.balance.limiter then
if depend == tl_ops_constant_limit.depend.leak then
local leak_result = tl_ops_limit_fuse_leak_bucket.tl_ops_limit_leak( node.service, node_id)
if not leak_result or leak_result == false then
- balance_count:tl_ops_balance_count_incr_fail(node.service, node_id)
+ balance_count:tl_ops_balance_count_incr_node_fail(node.service, node_id)
tl_ops_err_content:err_content_rewrite_to_balance("", "l-limit", balance_mode, tl_ops_constant_balance.cache_key.leak_limit)
return
end
diff --git a/gitbook/code/fuselimit/README_FUSE.md b/gitbook/code/fuselimit/README_FUSE.md
index 1b6168f..f4f94e4 100644
--- a/gitbook/code/fuselimit/README_FUSE.md
+++ b/gitbook/code/fuselimit/README_FUSE.md
@@ -109,13 +109,13 @@ tl_ops_limit_fuse_check_nodes = function ( conf )
-- 路由失败率策略
if mode == tl_ops_constant_limit.mode.balance_fail then
- local success_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_succ, service_name, node_id)
+ local success_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_succ, service_name, node_id)
local success_count = shared:get(success_count_key)
if not success_count then
success_count = 0
end
- local failed_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_fail, service_name, node_id)
+ local failed_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_fail, service_name, node_id)
local failed_count = shared:get(failed_count_key)
if not failed_count then
failed_count = 0
@@ -222,10 +222,10 @@ tl_ops_limit_fuse_auto_recover = function( conf )
-- 路由失败率熔断模式下 : 单个周期内请求次数统计,周期结束清除全熔断的统计值
if mode == tl_ops_constant_limit.mode.balance_fail then
- local success_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_succ, service_name, node_id)
+ local success_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_succ, service_name, node_id)
shared:set(success_count_key, 0)
- local failed_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_fail, service_name, node_id)
+ local failed_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_fail, service_name, node_id)
shared:set(failed_count_key, 0)
tlog:dbg("tl_ops_limit_fuse_auto_recover reset count done service_name=",service_name,",node_id=",node_id)
diff --git a/gitbook/code/waf/README_NAME.md b/gitbook/code/waf/README_NAME.md
index 587971a..32b8e1a 100644
--- a/gitbook/code/waf/README_NAME.md
+++ b/gitbook/code/waf/README_NAME.md
@@ -29,7 +29,7 @@ local tl_ops_waf_core_api_filter_global_pass = function()
end
-- 根据作用域进行waf拦截
- if api_scope ~= tl_ops_constant_waf_scope.global then
+ if api_scope ~= waf_scope.global then
return true
end
diff --git a/gitbook/code/waf/README_WAF.md b/gitbook/code/waf/README_WAF.md
index d707753..f836d17 100644
--- a/gitbook/code/waf/README_WAF.md
+++ b/gitbook/code/waf/README_WAF.md
@@ -35,7 +35,7 @@ local tl_ops_waf_core_cc_filter_global_pass = function()
end
-- 根据作用域进行waf拦截
- if cc_scope ~= tl_ops_constant_waf_scope.global then
+ if cc_scope ~= waf_scope.global then
return true
end
@@ -123,7 +123,7 @@ local tl_ops_waf_core_api_filter_global_pass = function()
end
-- 根据作用域进行waf拦截
- if api_scope ~= tl_ops_constant_waf_scope.global then
+ if api_scope ~= waf_scope.global then
return true
end
diff --git a/gitbook/code/wafcount/README.md b/gitbook/code/wafcount/README.md
index 5149d47..d439f4d 100644
--- a/gitbook/code/wafcount/README.md
+++ b/gitbook/code/wafcount/README.md
@@ -83,7 +83,7 @@ end
-- 统计器 : 持久化数据
local tl_ops_waf_count = function()
local lock_key = tl_ops_constant_waf.cache_key.lock
- local lock_time = tl_ops_constant_waf.count.interval - 0.01
+ local lock_time = tl_ops_constant_waf_count.interval - 0.01
if not tl_ops_utils_func:tl_ops_worker_lock(lock_key, lock_time) then
return
end
@@ -98,7 +98,7 @@ local tl_ops_waf_count = function()
end
-- 控制细度 ,以周期为分割,仅用store持久
- local count_name = "tl-ops-waf-count-" .. tl_ops_constant_waf.count.interval;
+ local count_name = "tl-ops-waf-count-" .. tl_ops_constant_waf_count.interval;
local cache_waf_count = require("cache.tl_ops_cache_core"):new(count_name);
for service_name, nodes in pairs(service_list) do
diff --git a/limit/fuse/tl_ops_limit_fuse_check.lua b/limit/fuse/tl_ops_limit_fuse_check.lua
index 1a70518..4e4032d 100644
--- a/limit/fuse/tl_ops_limit_fuse_check.lua
+++ b/limit/fuse/tl_ops_limit_fuse_check.lua
@@ -261,13 +261,13 @@ tl_ops_limit_fuse_check_nodes = function ( conf )
-- 路由失败率策略
if mode == tl_ops_constant_limit.mode.balance_fail then
- local success_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_succ, service_name, node_id)
+ local success_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_succ, service_name, node_id)
local success_count = shared:get(success_count_key)
if not success_count then
success_count = 0
end
- local failed_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_fail, service_name, node_id)
+ local failed_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_fail, service_name, node_id)
local failed_count = shared:get(failed_count_key)
if not failed_count then
failed_count = 0
@@ -612,10 +612,10 @@ tl_ops_limit_fuse_auto_recover = function( conf )
-- 路由失败率熔断模式下 : 单个周期内请求次数统计,周期结束清除全熔断的统计值
if mode == tl_ops_constant_limit.mode.balance_fail then
- local success_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_succ, service_name, node_id)
+ local success_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_succ, service_name, node_id)
shared:set(success_count_key, 0)
- local failed_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.req_fail, service_name, node_id)
+ local failed_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_fail, service_name, node_id)
shared:set(failed_count_key, 0)
tlog:dbg("tl_ops_limit_fuse_auto_recover reset count done service_name=",service_name,",node_id=",node_id)
diff --git a/limit/tl_ops_limit.lua b/limit/tl_ops_limit.lua
index 070ad14..1f6a358 100644
--- a/limit/tl_ops_limit.lua
+++ b/limit/tl_ops_limit.lua
@@ -5,12 +5,16 @@
-- @email 1905333456@qq.com
-local cache_limit = require("cache.tl_ops_cache_core"):new("tl-ops-limit");
-local tl_ops_constant_limit = require("constant.tl_ops_constant_limit")
-local cjson = require("cjson.safe");
+local cache_limit = require("cache.tl_ops_cache_core"):new("tl-ops-limit");
+local tl_ops_constant_limit = require("constant.tl_ops_constant_limit")
+local cjson = require("cjson.safe");
+local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local shared = ngx.shared.tlopsbalance;
+
+local _M = {}
-- 获取限流器
-local tl_ops_limit_get_limiter = function( service_name, node_id )
+function _M:tl_ops_limit_get_limiter( service_name, node_id )
-- 服务熔断配置列表
local limit_list_str, _ = cache_limit:get(tl_ops_constant_limit.fuse.cache_key.options_list);
if not limit_list_str then
@@ -33,7 +37,28 @@ local tl_ops_limit_get_limiter = function( service_name, node_id )
end
+-- incr limit failed count
+-- 路由失败次数增加 , 限流用
+function _M:tl_ops_limit_fuse_incr_fail( service_name, node_id )
+ local failed_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_fail,service_name, node_id)
+ local failed_count = shared:get(failed_key)
+ if not failed_count then
+ shared:set(failed_key, 0);
+ end
+ shared:incr(failed_key, 1)
+end
+
+
+-- incr limit succ count
+-- 路由成功次数增加 , 限流用
+function _M:tl_ops_limit_fuse_incr_succ( service_name, node_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_limit.fuse.cache_key.node_req_succ, service_name, node_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
-return {
- tl_ops_limit_get_limiter = tl_ops_limit_get_limiter
-}
\ No newline at end of file
+return _M
\ No newline at end of file
diff --git a/plugins/tl_ops_auth/login_router.lua b/plugins/tl_ops_auth/login_router.lua
index 2e1b93b..59b2bb9 100644
--- a/plugins/tl_ops_auth/login_router.lua
+++ b/plugins/tl_ops_auth/login_router.lua
@@ -67,6 +67,22 @@ local Router = function()
max_age = login.auth_time,
})
+ cookie_utils:set({
+ key = "_u_name",
+ value = user.username,
+ path = "/",
+ domain = ngx.var.host,
+ max_age = login.auth_time,
+ })
+
+ cookie_utils:set({
+ key = "_u_key",
+ value = login.auth_cid,
+ path = "/",
+ domain = ngx.var.host,
+ max_age = login.auth_time,
+ })
+
-- add session
auth:auth_add_session(auth_cid, user);
diff --git a/plugins/tl_ops_auth/logout_router.lua b/plugins/tl_ops_auth/logout_router.lua
new file mode 100644
index 0000000..ab3babf
--- /dev/null
+++ b/plugins/tl_ops_auth/logout_router.lua
@@ -0,0 +1,71 @@
+-- tl_ops_auth
+-- en : login
+-- zn : 登录
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-auth");
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_plugin_auth")
+local constant = require("plugins.tl_ops_auth.tl_ops_plugin_constant")
+local auth = require("plugins.tl_ops_auth.auth")
+local uuid = require("lib.jit-uuid")
+local utils = tlops.utils
+local shared = tlops.plugin_shared
+local tl_ops_rt = tlops.constant.comm.tl_ops_rt
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+local Router = function()
+
+ local login_str, _ = cache:get(constant.cache_key.login)
+ if not login_str then
+ utils:set_ngx_req_return_ok(tl_ops_rt.args_error ,"auth logout_str err1", _);
+ return
+ end
+
+ local login, _ = cjson.decode(login_str)
+ if not login then
+ utils:set_ngx_req_return_ok(tl_ops_rt.args_error ,"auth logout err2", _);
+ return
+ end
+
+ local cookie_utils = require("lib.cookie"):new();
+ local auth_cid = cookie_utils:get(login.auth_cid)
+ if not auth_cid then
+ utils:set_ngx_req_return_ok(tl_ops_rt.args_error ,"auth cid err3", _);
+ return
+ end
+
+ -- del cookie
+ cookie_utils:set({
+ key = login.auth_cid,
+ value = "",
+ path = "/",
+ domain = ngx.var.host,
+ httponly = true,
+ max_age = login.auth_time,
+ })
+
+ cookie_utils:set({
+ key = "_u_name",
+ value = "",
+ path = "/",
+ domain = ngx.var.host,
+ max_age = login.auth_time,
+ })
+
+ cookie_utils:set({
+ key = "_u_key",
+ value = login.auth_cid,
+ path = "/",
+ domain = ngx.var.host,
+ max_age = login.auth_time,
+ })
+
+ -- del session
+ auth:auth_del_session(auth_cid);
+
+ utils:set_ngx_req_return_ok(tl_ops_rt.ok, "success", nil);
+end
+
+return Router
\ No newline at end of file
diff --git a/plugins/tl_ops_auth/tl_ops_plugin_api.lua b/plugins/tl_ops_auth/tl_ops_plugin_api.lua
index 042dfa1..39d3df2 100644
--- a/plugins/tl_ops_auth/tl_ops_plugin_api.lua
+++ b/plugins/tl_ops_auth/tl_ops_plugin_api.lua
@@ -8,6 +8,7 @@ local constant = require("plugins.tl_ops_auth.tl_ops_plugin_con
local export_get_router = require("plugins.tl_ops_auth.export_get_router")
local export_set_router = require("plugins.tl_ops_auth.export_set_router")
local login_router = require("plugins.tl_ops_auth.login_router")
+local logout_router = require("plugins.tl_ops_auth.logout_router")
local get_router = require("plugins.tl_ops_auth.get_router")
local set_router = require("plugins.tl_ops_auth.set_router")
@@ -18,6 +19,8 @@ return function(ctx)
-- 对外管理接口
ctx.tlops_api[constant.tlops_api.login] = login_router
+ ctx.tlops_api[constant.tlops_api.logout] = logout_router
+
ctx.tlops_api[constant.tlops_api.get] = get_router
ctx.tlops_api[constant.tlops_api.set] = set_router
diff --git a/plugins/tl_ops_auth/tl_ops_plugin_constant.lua b/plugins/tl_ops_auth/tl_ops_plugin_constant.lua
index 2626af7..2fa7a4d 100644
--- a/plugins/tl_ops_auth/tl_ops_plugin_constant.lua
+++ b/plugins/tl_ops_auth/tl_ops_plugin_constant.lua
@@ -76,6 +76,7 @@ local tl_ops_plugin_constant_auth = {
},
tlops_api = { -- 对外提供的API
login = "/tlops/auth/login",
+ logout = "/tlops/auth/logout",
get = "/tlops/auth/get",
set = "/tlops/auth/set",
},
diff --git a/plugins/tl_ops_grpc/export_get_router.lua b/plugins/tl_ops_grpc/export_get_router.lua
new file mode 100644
index 0000000..f95a251
--- /dev/null
+++ b/plugins/tl_ops_grpc/export_get_router.lua
@@ -0,0 +1,29 @@
+-- tl_ops_grpc_get_export
+-- en : get export grpc config
+-- zn : 获取grpc插件配置
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-grpc");
+local constant = require("plugins.tl_ops_grpc.tl_ops_plugin_constant");
+local tl_ops_rt = tlops.constant.comm.tl_ops_rt;
+local tl_ops_utils_func = tlops.utils
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+
+local Router = function()
+
+ local str, _ = cache:get(constant.export.cache_key.grpc);
+ if not str or str == nil then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.not_found, "not found grpc", _);
+ return;
+ end
+
+ local res_data = {}
+ res_data[constant.export.cache_key.grpc] = cjson.decode(str)
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data);
+end
+
+return Router
\ No newline at end of file
diff --git a/plugins/tl_ops_grpc/export_set_router.lua b/plugins/tl_ops_grpc/export_set_router.lua
new file mode 100644
index 0000000..6b5164b
--- /dev/null
+++ b/plugins/tl_ops_grpc/export_set_router.lua
@@ -0,0 +1,32 @@
+-- tl_ops_set_grpc_export
+-- en : set export grpc config
+-- zn : 更新grpc插件配置管理
+-- @author iamtsm
+-- @email 1905333456@qq.com`
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-grpc");
+local constant = require("plugins.tl_ops_grpc.tl_ops_plugin_constant");
+local tl_ops_rt = tlops.constant.comm.tl_ops_rt;
+local tl_ops_utils_func = tlops.utils
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+
+local Router = function()
+
+ local grpc, _ = tl_ops_utils_func:get_req_post_args_by_name(constant.export.cache_key.grpc, 1);
+ if grpc then
+ local res, _ = cache:set(constant.export.cache_key.grpc, cjson.encode(grpc));
+ if not res then
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.error, "set grpc err ", _)
+ return;
+ end
+ end
+
+ local res_data = {}
+ res_data[constant.export.cache_key.grpc] = grpc
+
+ tl_ops_utils_func:set_ngx_req_return_ok(tl_ops_rt.ok, "success", res_data)
+ end
+
+return Router
diff --git a/plugins/tl_ops_grpc/sync.lua b/plugins/tl_ops_grpc/sync.lua
new file mode 100644
index 0000000..d9010df
--- /dev/null
+++ b/plugins/tl_ops_grpc/sync.lua
@@ -0,0 +1,88 @@
+-- tl_ops_grpc_sync
+-- en : sync grpc config
+-- zn : 同步、预热插件模板相关数据
+-- @corsor iamtsm
+-- @email 1905333456@qq.com
+
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_plugin_grpc")
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-grpc")
+local constant = require("plugins.tl_ops_grpc.tl_ops_plugin_constant")
+local tl_ops_rt = tlops.constant.comm.tl_ops_rt
+local cjson = require("cjson.safe")
+cjson.encode_empty_table_as_object(false)
+
+
+-- 同步静态数据
+local sync_data = function()
+
+ return tl_ops_rt.ok
+end
+
+
+-- 同步插件对外数据
+local sync_fields_export = function ()
+ local cache_key = constant.export.cache_key.grpc
+ local constant_data = constant.export.grpc
+ local demo = constant.export.demo
+
+ local data_str, _ = cache:get(cache_key);
+ if not data_str then
+ local res, _ = cache:set(cache_key, cjson.encode(constant_data))
+ if not res then
+ tlog:err("grpc sync_fields_export new store err, cache_key=",cache_key,",res=",res)
+ return tl_ops_rt.error
+ end
+
+ data_str, _ = cache:get(cache_key);
+
+ tlog:dbg("grpc sync_fields_export new store, cache_key=",cache_key,",res=",res)
+ end
+
+ local data = cjson.decode(data_str);
+ if not data and type(data) ~= 'table' then
+ tlog:err("grpc sync_fields_export err, cache_key=",cache_key,",old=",data)
+ return tl_ops_rt.error
+ end
+
+ tlog:dbg("grpc sync_fields_export start, cache_key=",cache_key,",old=",data)
+
+ local add_keys = {}
+
+ -- demo fileds check
+ for key , _ in pairs(demo) do
+ -- data fileds check
+ -- add keys
+ if data[key] == nil then
+ data[key] = demo[key]
+ table.insert(add_keys , key)
+ end
+ end
+
+ local res = cache:set(cache_key, cjson.encode(data))
+ if not res then
+ tlog:err("grpc sync_fields_export err, cache_key=",cache_key,",res=",res,",new=",data)
+ return tl_ops_rt.error
+ end
+
+ tlog:dbg("grpc sync_fields_export done, cache_key=",cache_key,",new=",data,",add_keys=",add_keys)
+
+ return tl_ops_rt.ok
+end
+
+
+
+-- 字段数据同步
+local sync_fields = function ()
+
+ -- 对外配置 数据
+ sync_fields_export()
+
+ return tl_ops_rt.ok
+end
+
+
+
+return {
+ sync_data = sync_data,
+ sync_fields = sync_fields
+}
\ No newline at end of file
diff --git a/plugins/tl_ops_grpc/tl_ops_plugin_api.lua b/plugins/tl_ops_grpc/tl_ops_plugin_api.lua
new file mode 100644
index 0000000..aa060d0
--- /dev/null
+++ b/plugins/tl_ops_grpc/tl_ops_plugin_api.lua
@@ -0,0 +1,20 @@
+-- tl_ops_plugin_grpc_api
+-- en : grpc api
+-- zn : 插件api接口
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local constant = require("plugins.tl_ops_grpc.tl_ops_plugin_constant")
+local export_get_router = require("plugins.tl_ops_grpc.export_get_router")
+local export_set_router = require("plugins.tl_ops_grpc.export_set_router")
+
+
+-- 插件管理对外管理接口
+return function(ctx)
+
+ -- 插件管理对外管理接口
+ ctx.tlops_api[constant.export.tlops_api.get] = export_get_router
+
+ ctx.tlops_api[constant.export.tlops_api.set] = export_set_router
+
+end
diff --git a/plugins/tl_ops_grpc/tl_ops_plugin_constant.lua b/plugins/tl_ops_grpc/tl_ops_plugin_constant.lua
new file mode 100644
index 0000000..a4ba5dc
--- /dev/null
+++ b/plugins/tl_ops_grpc/tl_ops_plugin_constant.lua
@@ -0,0 +1,39 @@
+local tl_ops_plugin_constant_grpc = {
+ cache_key = {
+
+ },
+ export = {
+ cache_key = {
+ grpc = "tl_ops_plugins_export_grpc",
+ },
+ tlops_api = {
+ get = "/tlops/grpc/manage/get", -- 获取插件配置数据的接口
+ set = "/tlops/grpc/manage/set", -- 修改插件配置数据的接口
+ },
+ grpc ={
+ zname = '插件默认模板',
+ page = "",
+ name = 'grpc',
+ open = false,
+ scope = [[
+ tl_ops_process_before_init_worker,tl_ops_process_after_init_worker,
+ tl_ops_process_before_init_ssl,tl_ops_process_after_init_ssl,
+ tl_ops_process_before_init_rewrite, tl_ops_process_after_init_rewrite,
+ tl_ops_process_before_init_access, tl_ops_process_after_init_access,
+ tl_ops_process_before_init_balancer,tl_ops_process_after_init_balancer,
+ tl_ops_process_before_init_header, tl_ops_process_after_init_header,
+ tl_ops_process_before_init_body, tl_ops_process_after_init_body,
+ tl_ops_process_before_init_log, tl_ops_process_after_init_log
+ ]],
+ },
+ demo = {
+ zname = '', -- 插件中文名称
+ page = "", -- 插件配置页面
+ name = '', -- 插件名称
+ open = true, -- 插件是否开启
+ scope = "", -- 插件生命周期阶段
+ }
+ }
+}
+
+return tl_ops_plugin_constant_grpc;
\ No newline at end of file
diff --git a/plugins/tl_ops_grpc/tl_ops_plugin_core.lua b/plugins/tl_ops_grpc/tl_ops_plugin_core.lua
new file mode 100644
index 0000000..3f732bf
--- /dev/null
+++ b/plugins/tl_ops_grpc/tl_ops_plugin_core.lua
@@ -0,0 +1,135 @@
+-- tl_ops_plugin_grpc
+-- en : grpc
+-- zn : 插件示例
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_plugin_grpc");
+local uitls = tlops.utils
+local sync = require("plugins.tl_ops_grpc.sync");
+
+
+local _M = {
+ _VERSION = '0.01'
+}
+
+local mt = { __index = _M }
+
+
+function _M:new(options)
+ if not options then
+ options = {}
+ end
+ return setmetatable(options, mt)
+end
+
+
+function _M:tl_ops_process_before_init_worker()
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_after_init_worker()
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_before_init_ssl()
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_after_init_ssl()
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_before_init_rewrite(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_after_init_rewrite(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_before_init_access(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_after_init_access(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_before_init_balancer(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_after_init_balancer(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_before_init_header(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_after_init_header(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_before_init_body(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_after_init_body(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_before_init_log(ctx)
+
+
+ return true, "ok"
+end
+
+function _M:tl_ops_process_after_init_log(ctx)
+
+
+ return true, "ok"
+end
+
+-- 插件数据同步
+function _M:sync_data()
+ return sync.sync_data()
+end
+
+
+-- 插件数据字段同步
+function _M:sync_fields()
+ return sync.sync_fields()
+end
+
+
+return _M
diff --git a/plugins/tl_ops_grpc/tl_ops_plugin_open.lua b/plugins/tl_ops_grpc/tl_ops_plugin_open.lua
new file mode 100644
index 0000000..0aeb23a
--- /dev/null
+++ b/plugins/tl_ops_grpc/tl_ops_plugin_open.lua
@@ -0,0 +1,28 @@
+-- tl_ops_grpc_open
+-- en : get export grpc open config
+-- zn : 获取插件是否开启
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cache = require("cache.tl_ops_cache_core"):new("tl-ops-grpc");
+local constant = require("plugins.tl_ops_grpc.tl_ops_plugin_constant");
+local cjson = require("cjson.safe");
+cjson.encode_empty_table_as_object(false)
+
+
+local Func = function()
+
+ local str, _ = cache:get101(constant.export.cache_key.grpc);
+ if not str or str == nil then
+ return false;
+ end
+
+ local data = cjson.decode(str);
+ if not data then
+ return false
+ end
+
+ return data.open
+end
+
+return Func
\ No newline at end of file
diff --git a/tl_ops_manage_env.lua b/tl_ops_manage_env.lua
index 6028a40..95388ad 100644
--- a/tl_ops_manage_env.lua
+++ b/tl_ops_manage_env.lua
@@ -59,11 +59,11 @@ return {
--[[
en :load counter, after this option is enabled, every time nginx is started,
a timer will be enabled to count the load requests within a certain period of time
- The time interval is configured in 'constant.tl_ops_constant_balance.count.interval'
+ The time interval is configured in 'constant.tl_ops_constant_balance_count.interval'
Notice: Do not set the statistical time interval too short, which may affect performance.
zn :负载统计器,开启此选项后,将在每次启动nginx时,将开启定时器统计一定时间段内的负载请求情况
- 时间间隔在‘constant.tl_ops_constant_balance.count.interval’进行配置
+ 时间间隔在‘constant.tl_ops_constant_balance_count.interval’进行配置
注意:统计时间间隔不要设置过短,可能会影响性能。
]]
counting = true,
@@ -87,14 +87,13 @@ return {
--[[
en :waf filter statistic, after this option is enabled, every time nginx is started,
a timer will be enabled to count the waf filter requests within a certain period of time
- The time interval is configured in 'constant.tl_ops_constant_waf.count.interval'
+ The time interval is configured in 'constant.tl_ops_constant_waf_count.interval'
Notice: Do not set the statistical time interval too short, which may affect performance.
zn :waf过滤统计器,开启此选项后,将在每次启动nginx时,将开启定时器统计一定时间段内的waf过滤请求情况
- 时间间隔在‘constant.tl_ops_constant_waf.count.interval’进行配置
+ 时间间隔在‘constant.tl_ops_constant_waf_count.interval’进行配置
注意:统计时间间隔不要设置过短,可能会影响性能。
]]
counting = true,
-
}
}
diff --git a/utils/tl_ops_utils_func.lua b/utils/tl_ops_utils_func.lua
index b70404c..9156671 100644
--- a/utils/tl_ops_utils_func.lua
+++ b/utils/tl_ops_utils_func.lua
@@ -384,13 +384,23 @@ end
--- 生成 '服务-节点' , '服务' key
-function _M:gen_node_key(prefix, node, node_id)
- if not node_id then
- return prefix .. "_" .. node;
- else
- return prefix .. "_" .. node .. "_" .. node_id;
+-- 生成 '服务-节点' key
+function _M:gen_node_key(prefix, node, node_id, id)
+ local key = prefix;
+
+ if node then
+ key = key .. "_" .. node
+
+ if node_id then
+ key = key .. "_" .. node_id
+ end
+
+ if id then
+ key = key .. "_" .. id
+ end
end
+
+ return key
end
-- 替换func
diff --git a/waf/count/tl_ops_waf_count.lua b/waf/count/tl_ops_waf_count.lua
index 0944a4d..e1640b8 100644
--- a/waf/count/tl_ops_waf_count.lua
+++ b/waf/count/tl_ops_waf_count.lua
@@ -6,7 +6,6 @@
local tl_ops_waf_count_core = require("waf.count.tl_ops_waf_count_core");
-local tl_ops_constant_waf = require("constant.tl_ops_constant_waf");
local tl_ops_utils_func = require("utils.tl_ops_utils_func");
local shared = ngx.shared.tlopswaf;
@@ -20,20 +19,4 @@ function _M:init( )
end
--- incr waf count
-function _M:tl_ops_waf_count_incr_key(cache_key, service_name, node_id)
- local key = cache_key
- if service_name ~= nil or node_id ~= nil then
- key = tl_ops_utils_func:gen_node_key(cache_key, service_name, node_id)
- end
-
- local count = shared:get(key)
- if not count then
- shared:set(key, 0);
- end
- shared:incr(key, 1)
-end
-
-
-
return _M
\ No newline at end of file
diff --git a/waf/count/tl_ops_waf_count_api.lua b/waf/count/tl_ops_waf_count_api.lua
new file mode 100644
index 0000000..f2748cd
--- /dev/null
+++ b/waf/count/tl_ops_waf_count_api.lua
@@ -0,0 +1,115 @@
+-- tl_ops_waf_count_api
+-- en : waf count api impl
+-- zn : waf-api级别统计实现
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local tl_ops_constant_waf_api = require("constant.tl_ops_constant_waf_api")
+local cache_waf_api = require("cache.tl_ops_cache_core"):new("tl-ops-waf-api")
+local cache_waf_count = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count")
+local shared = ngx.shared.tlopswaf
+
+
+local tl_ops_waf_count_api_core = function( service_name, node_id, id )
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.api_req_succ, service_name, node_id, id)
+ local cur_count = shared:get(cur_count_key)
+ if not cur_count then
+ cur_count = 0
+ end
+
+ if cur_count == 0 then
+ tlog:dbg("waf api count dont need async , cur_count=",cur_count,",service_name=",service_name,",node_id=",node_id,",cur_count_key=",cur_count_key)
+ else
+ local list_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.api_counting_list, service_name, node_id, id)
+ local list = cache_waf_count:get001(list_key)
+ if not list then
+ list = {}
+ else
+ list = cjson.decode(list)
+ end
+
+ list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
+
+ local ok, _ = cache_waf_count:set001(list_key, cjson.encode(list))
+ if not ok then
+ tlog:err("waf api success count async err ,list_key=",list_key,",cur_count=",cur_count,",err=",_)
+ end
+
+ -- rest cur_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("waf api succ count reset err ,cur_count_key=",cur_count_key,",cur_count=",cur_count)
+ end
+
+ tlog:dbg("waf api count async ok ,list_key=",list_key,",list=",list)
+ end
+end
+
+
+local tl_ops_waf_count_api = function( )
+
+ -- 统计全局拦截
+ tl_ops_waf_count_api_core();
+
+ -- 统计规则下拦截
+ local waf_list_str, _ = cache_waf_api:get(tl_ops_constant_waf_api.cache_key.list);
+ if not waf_list_str or waf_list_str == nil then
+ tlog:err("waf api count list nil, break")
+ return;
+ end
+
+ local waf_list = cjson.decode(waf_list_str);
+ if not waf_list or waf_list == nil then
+ tlog:err("waf api count list decode nil, break")
+ return;
+ end
+
+ for _, api in ipairs(waf_list) do
+ repeat
+ local id = api.id;
+ local service_name = api.service;
+ -- 由于暂时只支持到服务级别的waf,node_id给默认值0即可
+ local node_id = 0;
+
+ if not id then
+ tlog:err("waf api count api id nil, api=",api);
+ break
+ end
+ if not service_name then
+ tlog:err("waf api count api service_name nil, api=", api);
+ break
+ end
+ if node_id== nil or node_id == '' then
+ tlog:err("waf api count api node_id nil, api=", api);
+ break
+ end
+
+ tl_ops_waf_count_api_core(service_name, node_id, id)
+ break
+ until true
+ end
+end
+
+
+-- api拦截成功次数增加
+local tl_ops_waf_count_incr_api_succ = function( service_name, node_id, api_rule_id )
+
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.api_req_succ, service_name, node_id, api_rule_id)
+
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+
+return {
+ tl_ops_waf_count_api = tl_ops_waf_count_api,
+ tl_ops_waf_count_incr_api_succ = tl_ops_waf_count_incr_api_succ
+}
\ No newline at end of file
diff --git a/waf/count/tl_ops_waf_count_cc.lua b/waf/count/tl_ops_waf_count_cc.lua
new file mode 100644
index 0000000..697de9d
--- /dev/null
+++ b/waf/count/tl_ops_waf_count_cc.lua
@@ -0,0 +1,113 @@
+-- tl_ops_waf_count_cc
+-- en : waf count cc impl
+-- zn : waf-cc级别统计实现
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local tl_ops_constant_waf_cc = require("constant.tl_ops_constant_waf_cc")
+local cache_waf_cc = require("cache.tl_ops_cache_core"):new("tl-ops-waf-cc")
+local cache_waf_count = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count")
+local shared = ngx.shared.tlopswaf
+
+
+local tl_ops_waf_count_cc_core = function( service_name, node_id, id )
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.cc_req_succ, service_name, node_id, id)
+ local cur_count = shared:get(cur_count_key)
+ if not cur_count then
+ cur_count = 0
+ end
+
+ if cur_count == 0 then
+ tlog:dbg("waf cc count dont need async , cur_count=",cur_count,",service_name=",service_name,",node_id=",node_id)
+ else
+ local list_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.cc_counting_list, service_name, node_id, id)
+ local list = cache_waf_count:get001(list_key)
+ if not list then
+ list = {}
+ else
+ list = cjson.decode(list)
+ end
+
+ list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
+
+ local ok, _ = cache_waf_count:set001(list_key, cjson.encode(list))
+ if not ok then
+ tlog:err("waf cc success count async err ,list_key=",list_key,",cur_count=",cur_count,",err=",_)
+ end
+
+ -- rest cur_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("waf cc succ count reset err ,cur_count_key=",cur_count_key,",cur_count=",cur_count)
+ end
+
+ tlog:dbg("waf cc count async ok ,list_key=",list_key,",list=",list)
+ end
+end
+
+
+local tl_ops_waf_count_cc = function( )
+
+ -- 统计全局拦截
+ tl_ops_waf_count_cc_core();
+
+ -- 统计规则下拦截
+ local waf_list_str, _ = cache_waf_cc:get(tl_ops_constant_waf_cc.cache_key.list);
+ if not waf_list_str or waf_list_str == nil then
+ tlog:err("waf cc count list nil, break")
+ return;
+ end
+
+ local waf_list = cjson.decode(waf_list_str);
+ if not waf_list or waf_list == nil then
+ tlog:err("waf cc count list decode nil, break")
+ return;
+ end
+
+ for _, cc in ipairs(waf_list) do
+ repeat
+ local id = cc.id;
+ local service_name = cc.service;
+ -- 由于暂时只支持到服务级别的waf,node_id给默认值0即可
+ local node_id = 0;
+
+ if not id then
+ tlog:err("waf cc count cc id nil, cc=",cc);
+ break
+ end
+ if not service_name then
+ tlog:err("waf cc count cc service_name nil, cc=", cc);
+ break
+ end
+ if node_id== nil or node_id == '' then
+ tlog:err("waf cc count cc node_id nil, cc=", cc);
+ break
+ end
+
+ tl_ops_waf_count_cc_core(service_name, node_id, id)
+ break
+ until true
+ end
+end
+
+
+-- cc拦截成功次数增加
+local tl_ops_waf_count_incr_cc_succ = function( service_name, node_id, api_rule_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.cc_req_succ, service_name, node_id, api_rule_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+
+return {
+ tl_ops_waf_count_cc = tl_ops_waf_count_cc,
+ tl_ops_waf_count_incr_cc_succ = tl_ops_waf_count_incr_cc_succ
+}
\ No newline at end of file
diff --git a/waf/count/tl_ops_waf_count_cookie.lua b/waf/count/tl_ops_waf_count_cookie.lua
new file mode 100644
index 0000000..553ffee
--- /dev/null
+++ b/waf/count/tl_ops_waf_count_cookie.lua
@@ -0,0 +1,113 @@
+-- tl_ops_waf_count_cookie
+-- en : waf count cookie impl
+-- zn : waf-cookie级别统计实现
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local tl_ops_constant_waf_cookie = require("constant.tl_ops_constant_waf_cookie")
+local cache_waf_cookie = require("cache.tl_ops_cache_core"):new("tl-ops-waf-cookie")
+local cache_waf_count = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count")
+local shared = ngx.shared.tlopswaf
+
+
+local tl_ops_waf_count_cookie_core = function( service_name, node_id, id )
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.cookie_req_succ, service_name, node_id, id)
+ local cur_count = shared:get(cur_count_key)
+ if not cur_count then
+ cur_count = 0
+ end
+
+ if cur_count == 0 then
+ tlog:dbg("waf cookie count dont need async , cur_count=",cur_count,",service_name=",service_name,",node_id=",node_id)
+ else
+ local list_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.cookie_counting_list, service_name, node_id, id)
+ local list = cache_waf_count:get001(list_key)
+ if not list then
+ list = {}
+ else
+ list = cjson.decode(list)
+ end
+
+ list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
+
+ local ok, _ = cache_waf_count:set001(list_key, cjson.encode(list))
+ if not ok then
+ tlog:err("waf cookie success count async err ,list_key=",list_key,",cur_count=",cur_count,",err=",_)
+ end
+
+ -- rest cur_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("waf cookie succ count reset err ,cur_count_key=",cur_count_key,",cur_count=",cur_count)
+ end
+
+ tlog:dbg("waf cookie count async ok ,list_key=",list_key,",list=",list)
+ end
+end
+
+
+local tl_ops_waf_count_cookie = function( )
+
+ -- 统计全局拦截
+ tl_ops_waf_count_cookie_core();
+
+ -- 统计规则下拦截
+ local waf_list_str, _ = cache_waf_cookie:get(tl_ops_constant_waf_cookie.cache_key.list);
+ if not waf_list_str or waf_list_str == nil then
+ tlog:err("waf cookie count list nil, break")
+ return;
+ end
+
+ local waf_list = cjson.decode(waf_list_str);
+ if not waf_list or waf_list == nil then
+ tlog:err("waf cookie count list decode nil, break")
+ return;
+ end
+
+ for _, cookie in ipairs(waf_list) do
+ repeat
+ local id = cookie.id;
+ local service_name = cookie.service;
+ -- 由于暂时只支持到服务级别的waf,node_id给默认值0即可
+ local node_id = 0;
+
+ if not id then
+ tlog:err("waf cookie count cookie id nil, cookie=",cookie);
+ break
+ end
+ if not service_name then
+ tlog:err("waf cookie count cookie service_name nil, cookie=", cookie);
+ break
+ end
+ if node_id== nil or node_id == '' then
+ tlog:err("waf cookie count cookie node_id nil, cookie=", cookie);
+ break
+ end
+
+ tl_ops_waf_count_cookie_core(service_name, node_id, id);
+ break
+ until true
+ end
+end
+
+
+-- cookie拦截成功次数增加
+local tl_ops_waf_count_incr_cookie_succ = function( service_name, node_id, api_rule_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.cookie_req_succ, service_name, node_id, api_rule_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+
+return {
+ tl_ops_waf_count_cookie = tl_ops_waf_count_cookie,
+ tl_ops_waf_count_incr_cookie_succ = tl_ops_waf_count_incr_cookie_succ
+}
\ No newline at end of file
diff --git a/waf/count/tl_ops_waf_count_core.lua b/waf/count/tl_ops_waf_count_core.lua
index 64e227a..ee12f77 100644
--- a/waf/count/tl_ops_waf_count_core.lua
+++ b/waf/count/tl_ops_waf_count_core.lua
@@ -5,14 +5,17 @@
-- @email 1905333456@qq.com
-local cjson = require("cjson.safe")
-local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_count")
-local tl_ops_utils_func = require("utils.tl_ops_utils_func")
-local tl_ops_constant_waf = require("constant.tl_ops_constant_waf")
-local tl_ops_constant_service = require("constant.tl_ops_constant_service")
-local cache_service = require("cache.tl_ops_cache_core"):new("tl-ops-service")
-local tl_ops_manage_env = require("tl_ops_manage_env")
-local shared = ngx.shared.tlopswaf
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local tl_ops_constant_waf = require("constant.tl_ops_constant_waf")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local tl_ops_manage_env = require("tl_ops_manage_env")
+local waf_count_ip = require("waf.count.tl_ops_waf_count_ip")
+local waf_count_cc = require("waf.count.tl_ops_waf_count_cc")
+local waf_count_api = require("waf.count.tl_ops_waf_count_api")
+local waf_count_cookie = require("waf.count.tl_ops_waf_count_cookie")
+local waf_count_header = require("waf.count.tl_ops_waf_count_header")
+local waf_count_param = require("waf.count.tl_ops_waf_count_param")
local _M = {
@@ -25,149 +28,32 @@ local mt = { __index = _M }
local tl_ops_waf_count_timer
-
-local tl_ops_waf_count_keys = function(cache_waf_count, waf_interval_success_key, service_name, node_id)
-
- local req_ip_key = tl_ops_constant_waf.cache_key.req_ip
- if service_name ~= nil or node_id ~= nil then
- req_ip_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf.cache_key.req_ip, service_name, node_id)
- end
- local req_ip_count = shared:get(req_ip_key)
- if not req_ip_count then
- req_ip_count = 0
- end
-
- local req_api_key = tl_ops_constant_waf.cache_key.req_api
- if service_name ~= nil or node_id ~= nil then
- req_api_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf.cache_key.req_api, service_name, node_id)
- end
- local req_api_count = shared:get(req_api_key)
- if not req_api_count then
- req_api_count = 0
- end
-
- local req_cc_key = tl_ops_constant_waf.cache_key.req_cc
- if service_name ~= nil or node_id ~= nil then
- req_cc_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf.cache_key.req_cc, service_name, node_id)
- end
- local req_cc_count = shared:get(req_cc_key)
- if not req_cc_count then
- req_cc_count = 0
- end
-
- local req_cookie_key = tl_ops_constant_waf.cache_key.req_cookie
- if service_name ~= nil or node_id ~= nil then
- req_cookie_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf.cache_key.req_cookie, service_name, node_id)
- end
- local req_cookie_count = shared:get(req_cookie_key)
- if not req_cookie_count then
- req_cookie_count = 0
+-- 统计器 : 持久化数据
+local tl_ops_waf_count_core = function()
+ local lock_key = tl_ops_constant_waf_count.cache_key.lock
+ local lock_time = tl_ops_constant_waf_count.interval - 0.01
+ if not tl_ops_utils_func:tl_ops_worker_lock(lock_key, lock_time) then
+ return
end
- local req_header_key = tl_ops_constant_waf.cache_key.req_header
- if service_name ~= nil or node_id ~= nil then
- req_header_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf.cache_key.req_header, service_name, node_id)
- end
- local req_header_count = shared:get(req_header_key)
- if not req_header_count then
- req_header_count = 0
- end
+ -- api规则统计
+ waf_count_api.tl_ops_waf_count_api();
- local req_param_key = tl_ops_constant_waf.cache_key.req_param
- if service_name ~= nil or node_id ~= nil then
- req_param_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf.cache_key.req_param, service_name, node_id)
- end
- local req_param_count = shared:get(req_param_key)
- if not req_param_count then
- req_param_count = 0
- end
+ -- ip规则统计
+ waf_count_ip.tl_ops_waf_count_ip();
- local cur_count = req_ip_count + req_api_count + req_cc_count + req_cookie_count + req_header_count + req_param_count
- if cur_count == 0 then
- tlog:dbg("waf count dont need async , cur_count=",cur_count,",service_name=",service_name,",node_id=",node_id)
- else
- -- push to list
- local key = waf_interval_success_key
- if service_name ~= nil or node_id ~= nil then
- key = tl_ops_utils_func:gen_node_key(waf_interval_success_key, service_name, node_id)
- end
- local waf_interval_success = cache_waf_count:get001(key)
- if not waf_interval_success then
- waf_interval_success = {}
- else
- waf_interval_success = cjson.decode(waf_interval_success)
- end
-
- waf_interval_success[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
- local ok, _ = cache_waf_count:set001(key, cjson.encode(waf_interval_success))
- if not ok then
- tlog:err("waf success count async err ,key=",key,",cur_count=",cur_count,",err=",_)
- end
-
- -- rest cur_count
- local ok, _ = shared:set(req_ip_key, 0)
- if not ok then
- tlog:err("waf req_ip_key count reset err ,req_ip_key=",req_ip_key,",cur_count=",cur_count)
- end
- ok, _ = shared:set(req_api_key, 0)
- if not ok then
- tlog:err("waf req_api_key count reset err ,req_api_key=",req_api_key,",cur_count=",cur_count)
- end
- ok, _ = shared:set(req_cc_key, 0)
- if not ok then
- tlog:err("waf req_cc_key count reset err ,req_cc_key=",req_cc_key,",cur_count=",cur_count)
- end
- ok, _ = shared:set(req_cookie_key, 0)
- if not ok then
- tlog:err("waf req_cookie_key count reset err ,req_cookie_key=",req_cookie_key,",cur_count=",cur_count)
- end
- ok, _ = shared:set(req_header_key, 0)
- if not ok then
- tlog:err("waf req_header_key count reset err ,req_header_key=",req_header_key,",cur_count=",cur_count)
- end
- ok, _ = shared:set(req_param_key, 0)
- if not ok then
- tlog:err("waf req_param_key count reset err ,req_param_key=",req_param_key,",cur_count=",cur_count)
- end
-
- tlog:dbg("waf count async ok ,key=",key,",waf_interval_success=",waf_interval_success)
- end
+ -- cc规则统计
+ waf_count_cc.tl_ops_waf_count_cc();
-end
+ -- cookie规则统计
+ waf_count_cookie.tl_ops_waf_count_cookie();
+ -- header规则统计
+ waf_count_header.tl_ops_waf_count_header();
--- 统计器 : 持久化数据
-local tl_ops_waf_count = function()
- local lock_key = tl_ops_constant_waf.cache_key.lock
- local lock_time = tl_ops_constant_waf.count.interval - 0.01
- if not tl_ops_utils_func:tl_ops_worker_lock(lock_key, lock_time) then
- return
- end
+ -- param规则统计
+ waf_count_param.tl_ops_waf_count_param();
- local service_list = nil
- local service_list_str, _ = cache_service:get(tl_ops_constant_service.cache_key.service_list);
- if not service_list_str then
- -- use default
- service_list = tl_ops_constant_service.list
- else
- service_list = cjson.decode(service_list_str);
- end
-
-
- -- 控制细度 ,以周期为分割,仅用store持久
- local count_name = "tl-ops-waf-count-" .. tl_ops_constant_waf.count.interval;
- local cache_waf_count = require("cache.tl_ops_cache_core"):new(count_name);
-
- for service_name, nodes in pairs(service_list) do
- if nodes == nil then
- tlog:err("nodes nil")
- return
- end
- -- 服务级别waf
- tl_ops_waf_count_keys(cache_waf_count, tl_ops_constant_waf.cache_key.waf_interval_success, service_name, nil)
- end
- -- 全局级别waf
- tl_ops_waf_count_keys(cache_waf_count, tl_ops_constant_waf.cache_key.waf_interval_success, nil, nil)
end
@@ -178,7 +64,7 @@ tl_ops_waf_count_timer = function(premature, args)
return
end
- local ok, _ = pcall(tl_ops_waf_count)
+ local ok, _ = pcall(tl_ops_waf_count_core)
if not ok then
tlog:err("failed to pcall : " , _)
end
diff --git a/waf/count/tl_ops_waf_count_header.lua b/waf/count/tl_ops_waf_count_header.lua
new file mode 100644
index 0000000..145a30a
--- /dev/null
+++ b/waf/count/tl_ops_waf_count_header.lua
@@ -0,0 +1,112 @@
+-- tl_ops_waf_count_header
+-- en : waf count header impl
+-- zn : waf-header级别统计实现
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local tl_ops_constant_waf_header = require("constant.tl_ops_constant_waf_header")
+local cache_waf_header = require("cache.tl_ops_cache_core"):new("tl-ops-waf-header")
+local cache_waf_count = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count")
+local shared = ngx.shared.tlopswaf
+
+
+local tl_ops_waf_count_header_core = function( service_name, node_id, id )
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.header_req_succ, service_name, node_id, id)
+ local cur_count = shared:get(cur_count_key)
+ if not cur_count then
+ cur_count = 0
+ end
+
+ if cur_count == 0 then
+ tlog:dbg("waf header count dont need async , cur_count=",cur_count,",service_name=",service_name,",node_id=",node_id)
+ else
+ local list_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.header_counting_list, service_name, node_id, id)
+ local list = cache_waf_count:get001(list_key)
+ if not list then
+ list = {}
+ else
+ list = cjson.decode(list)
+ end
+
+ list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
+
+ local ok, _ = cache_waf_count:set001(list_key, cjson.encode(list))
+ if not ok then
+ tlog:err("waf header success count async err ,list_key=",list_key,",cur_count=",cur_count,",err=",_)
+ end
+
+ -- rest cur_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("waf header succ count reset err ,cur_count_key=",cur_count_key,",cur_count=",cur_count)
+ end
+
+ tlog:dbg("waf header count async ok ,list_key=",list_key,",list=",list)
+ end
+end
+
+local tl_ops_waf_count_header = function( )
+
+ -- 统计全局拦截
+ tl_ops_waf_count_header_core();
+
+ -- 统计规则下拦截
+ local waf_list_str, _ = cache_waf_header:get(tl_ops_constant_waf_header.cache_key.list);
+ if not waf_list_str or waf_list_str == nil then
+ tlog:err("waf header count list nil, break")
+ return;
+ end
+
+ local waf_list = cjson.decode(waf_list_str);
+ if not waf_list or waf_list == nil then
+ tlog:err("waf header count list decode nil, break")
+ return;
+ end
+
+ for _, header in ipairs(waf_list) do
+ repeat
+ local id = header.id;
+ local service_name = header.service;
+ -- 由于暂时只支持到服务级别的waf,node_id给默认值0即可
+ local node_id = 0;
+
+ if not id then
+ tlog:err("waf header count header id nil, header=",header);
+ break
+ end
+ if not service_name then
+ tlog:err("waf header count header service_name nil, header=", header);
+ break
+ end
+ if node_id== nil or node_id == '' then
+ tlog:err("waf header count header node_id nil, header=", header);
+ break
+ end
+
+ tl_ops_waf_count_header_core(service_name, node_id, id)
+ break
+ until true
+ end
+end
+
+
+-- header拦截成功次数增加
+local tl_ops_waf_count_incr_header_succ = function( service_name, node_id, api_rule_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.header_req_succ, service_name, node_id, api_rule_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+
+return {
+ tl_ops_waf_count_header = tl_ops_waf_count_header,
+ tl_ops_waf_count_incr_header_succ = tl_ops_waf_count_incr_header_succ
+}
\ No newline at end of file
diff --git a/waf/count/tl_ops_waf_count_ip.lua b/waf/count/tl_ops_waf_count_ip.lua
new file mode 100644
index 0000000..11f154c
--- /dev/null
+++ b/waf/count/tl_ops_waf_count_ip.lua
@@ -0,0 +1,112 @@
+-- tl_ops_waf_count_ip
+-- en : waf count ip impl
+-- zn : waf-ip级别统计实现
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local tl_ops_constant_waf_ip = require("constant.tl_ops_constant_waf_ip")
+local cache_waf_ip = require("cache.tl_ops_cache_core"):new("tl-ops-waf-ip")
+local cache_waf_count = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count")
+local shared = ngx.shared.tlopswaf
+
+
+local tl_ops_waf_count_ip_core = function( service_name, node_id, id )
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.ip_req_succ, service_name, node_id, id)
+ local cur_count = shared:get(cur_count_key)
+ if not cur_count then
+ cur_count = 0
+ end
+
+ if cur_count == 0 then
+ tlog:dbg("waf ip count dont need async , cur_count=",cur_count,",service_name=",service_name,",node_id=",node_id)
+ else
+ local list_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.ip_counting_list, service_name, node_id)
+ local list = cache_waf_count:get001(list_key)
+ if not list then
+ list = {}
+ else
+ list = cjson.decode(list)
+ end
+
+ list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
+
+ local ok, _ = cache_waf_count:set001(list_key, cjson.encode(list))
+ if not ok then
+ tlog:err("waf ip success count async err ,list_key=",list_key,",cur_count=",cur_count,",err=",_)
+ end
+
+ -- rest cur_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("waf ip succ count reset err ,cur_count_key=",cur_count_key,",cur_count=",cur_count)
+ end
+
+ tlog:dbg("waf ip count async ok ,list_key=",list_key,",list=",list)
+ end
+end
+
+local tl_ops_waf_count_ip = function( )
+
+ -- 统计全局拦截
+ tl_ops_waf_count_ip_core();
+
+ -- 统计规则下拦截
+ local waf_list_str, _ = cache_waf_ip:get(tl_ops_constant_waf_ip.cache_key.list);
+ if not waf_list_str or waf_list_str == nil then
+ tlog:err("waf ip count list nil, break")
+ return;
+ end
+
+ local waf_list = cjson.decode(waf_list_str);
+ if not waf_list or waf_list == nil then
+ tlog:err("waf ip count list decode nil, break")
+ return;
+ end
+
+ for _, ip in ipairs(waf_list) do
+ repeat
+ local id = ip.id;
+ local service_name = ip.service;
+ -- 由于暂时只支持到服务级别的waf,node_id给默认值0即可
+ local node_id = 0;
+
+ if not id then
+ tlog:err("waf ip count ip id nil, ip=",ip);
+ break
+ end
+ if not service_name then
+ tlog:err("waf ip count ip service_name nil, ip=", ip);
+ break
+ end
+ if node_id== nil or node_id == '' then
+ tlog:err("waf ip count ip node_id nil, ip=", ip);
+ break
+ end
+
+ tl_ops_waf_count_ip_core(service_name, node_id, id)
+ break
+ until true
+ end
+end
+
+
+-- ip拦截成功次数增加
+local tl_ops_waf_count_incr_ip_succ = function( service_name, node_id, api_rule_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.ip_req_succ, service_name, node_id, api_rule_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+
+return {
+ tl_ops_waf_count_ip = tl_ops_waf_count_ip,
+ tl_ops_waf_count_incr_ip_succ = tl_ops_waf_count_incr_ip_succ
+}
\ No newline at end of file
diff --git a/waf/count/tl_ops_waf_count_param.lua b/waf/count/tl_ops_waf_count_param.lua
new file mode 100644
index 0000000..60454ed
--- /dev/null
+++ b/waf/count/tl_ops_waf_count_param.lua
@@ -0,0 +1,113 @@
+-- tl_ops_waf_count_param
+-- en : waf count param impl
+-- zn : waf-param级别统计实现
+-- @author iamtsm
+-- @email 1905333456@qq.com
+
+local cjson = require("cjson.safe")
+local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_count")
+local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local tl_ops_constant_waf_count = require("constant.tl_ops_constant_waf_count")
+local tl_ops_constant_waf_param = require("constant.tl_ops_constant_waf_param")
+local cache_waf_param = require("cache.tl_ops_cache_core"):new("tl-ops-waf-param")
+local cache_waf_count = require("cache.tl_ops_cache_core"):new("tl-ops-waf-count")
+local shared = ngx.shared.tlopswaf
+
+
+local tl_ops_waf_count_param_core = function( service_name, node_id, id )
+
+ local cur_count_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.param_req_succ, service_name, node_id, id)
+ local cur_count = shared:get(cur_count_key)
+ if not cur_count then
+ cur_count = 0
+ end
+
+ if cur_count == 0 then
+ tlog:dbg("waf param count dont need async , cur_count=",cur_count,",service_name=",service_name,",node_id=",node_id)
+ else
+ local list_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.param_counting_list, service_name, node_id, id)
+ local list = cache_waf_count:get001(list_key)
+ if not list then
+ list = {}
+ else
+ list = cjson.decode(list)
+ end
+
+ list[os.date("%Y-%m-%d %H:%M:%S", ngx.now())] = cur_count
+
+ local ok, _ = cache_waf_count:set001(list_key, cjson.encode(list))
+ if not ok then
+ tlog:err("waf param success count async err ,list_key=",list_key,",cur_count=",cur_count,",err=",_)
+ end
+
+ -- rest cur_count
+ ok, _ = shared:set(cur_count_key, 0)
+ if not ok then
+ tlog:err("waf param succ count reset err ,cur_count_key=",cur_count_key,",cur_count=",cur_count)
+ end
+
+ tlog:dbg("waf param count async ok ,list_key=",list_key,",list=",list)
+ end
+end
+
+
+local tl_ops_waf_count_param = function( )
+
+ -- 统计全局拦截
+ tl_ops_waf_count_param_core()
+
+ -- 统计规则下拦截
+ local waf_list_str, _ = cache_waf_param:get(tl_ops_constant_waf_param.cache_key.list);
+ if not waf_list_str or waf_list_str == nil then
+ tlog:err("waf param count list nil, break")
+ return;
+ end
+
+ local waf_list = cjson.decode(waf_list_str);
+ if not waf_list or waf_list == nil then
+ tlog:err("waf param count list decode nil, break")
+ return;
+ end
+
+ for _, param in ipairs(waf_list) do
+ repeat
+ local id = param.id;
+ local service_name = param.service;
+ -- 由于暂时只支持到服务级别的waf,node_id给默认值0即可
+ local node_id = 0;
+
+ if not id then
+ tlog:err("waf param count param id nil, param=",param);
+ break
+ end
+ if not service_name then
+ tlog:err("waf param count param service_name nil, param=", param);
+ break
+ end
+ if node_id== nil or node_id == '' then
+ tlog:err("waf param count param node_id nil, param=", param);
+ break
+ end
+
+ tl_ops_waf_count_param_core(service_name, node_id, id)
+ break
+ until true
+ end
+end
+
+
+-- node拦截成功次数增加
+local tl_ops_waf_count_incr_param_succ = function( service_name, node_id, api_rule_id )
+ local succ_key = tl_ops_utils_func:gen_node_key(tl_ops_constant_waf_count.cache_key.param_req_succ, service_name, node_id, api_rule_id)
+ local success_count = shared:get(succ_key)
+ if not success_count then
+ shared:set(succ_key, 0);
+ end
+ shared:incr(succ_key, 1)
+end
+
+
+return {
+ tl_ops_waf_count_param = tl_ops_waf_count_param,
+ tl_ops_waf_count_incr_param_succ = tl_ops_waf_count_incr_param_succ
+}
\ No newline at end of file
diff --git a/waf/tl_ops_waf.lua b/waf/tl_ops_waf.lua
index eea1a33..66aebd6 100644
--- a/waf/tl_ops_waf.lua
+++ b/waf/tl_ops_waf.lua
@@ -5,7 +5,6 @@
-- @email 1905333456@qq.com
local tl_ops_waf_core = require("waf.tl_ops_waf_core"):new();
-local tl_ops_constant_waf_scope = require("constant.tl_ops_constant_waf_scope")
local _M = {}
diff --git a/waf/tl_ops_waf_core.lua b/waf/tl_ops_waf_core.lua
index 4f8cdda..27d71f6 100644
--- a/waf/tl_ops_waf_core.lua
+++ b/waf/tl_ops_waf_core.lua
@@ -10,7 +10,6 @@ local tl_ops_waf_core_cc = require("waf.tl_ops_waf_core_cc");
local tl_ops_waf_core_header = require("waf.tl_ops_waf_core_header");
local tl_ops_waf_core_cookie = require("waf.tl_ops_waf_core_cookie");
local tl_ops_waf_core_param = require("waf.tl_ops_waf_core_param");
-local tl_ops_waf_count = require("waf.count.tl_ops_waf_count");
local tl_ops_constant_waf = require("constant.tl_ops_constant_waf");
local cache_waf = require("cache.tl_ops_cache_core"):new("tl-ops-waf");
local cjson = require("cjson.safe");
@@ -36,42 +35,36 @@ function _M:tl_ops_waf_global_core()
local waf = tl_ops_waf_core_ip.tl_ops_waf_core_ip_filter_global_pass()
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_ip)
tl_ops_err_content:err_content_rewrite_to_waf("g-ip", tl_ops_constant_waf.cache_key.waf_ip)
return
end
waf = tl_ops_waf_core_api.tl_ops_waf_core_api_filter_global_pass()
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_api)
tl_ops_err_content:err_content_rewrite_to_waf("g-api", tl_ops_constant_waf.cache_key.waf_api)
return
end
waf = tl_ops_waf_core_cc.tl_ops_waf_core_cc_filter_global_pass()
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_cc)
tl_ops_err_content:err_content_rewrite_to_waf("g-cc", tl_ops_constant_waf.cache_key.waf_cc)
return
end
waf = tl_ops_waf_core_header.tl_ops_waf_core_header_filter_global_pass()
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_header)
tl_ops_err_content:err_content_rewrite_to_waf("g-header", tl_ops_constant_waf.cache_key.waf_header)
return
end
waf = tl_ops_waf_core_cookie.tl_ops_waf_core_cookie_filter_global_pass()
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_cookie)
tl_ops_err_content:err_content_rewrite_to_waf("g-cookie", tl_ops_constant_waf.cache_key.waf_cookie)
return
end
waf = tl_ops_waf_core_param.tl_ops_waf_core_param_filter_global_pass()
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_param)
tl_ops_err_content:err_content_rewrite_to_waf("g-param", tl_ops_constant_waf.cache_key.waf_param)
return
end
@@ -86,45 +79,42 @@ function _M:tl_ops_waf_service_core(service_name)
if not tl_ops_manage_env.waf.open then
return true
end
+
+ -- 由于暂时只支持到服务级别的waf,node_id给默认值0即可
+ local node_id = 0;
- local waf = tl_ops_waf_core_ip.tl_ops_waf_core_ip_filter_service_pass(service_name)
+ local waf = tl_ops_waf_core_ip.tl_ops_waf_core_ip_filter_service_pass(service_name, node_id)
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_ip, service_name)
tl_ops_err_content:err_content_rewrite_to_waf("s-ip", tl_ops_constant_waf.cache_key.waf_ip)
return
end
- waf = tl_ops_waf_core_api.tl_ops_waf_core_api_filter_service_pass(service_name)
+ waf = tl_ops_waf_core_api.tl_ops_waf_core_api_filter_service_pass(service_name, node_id)
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_api, service_name)
tl_ops_err_content:err_content_rewrite_to_waf("s-api", tl_ops_constant_waf.cache_key.waf_api)
return
end
- waf = tl_ops_waf_core_cc.tl_ops_waf_core_cc_filter_service_pass(service_name)
+ waf = tl_ops_waf_core_cc.tl_ops_waf_core_cc_filter_service_pass(service_name, node_id)
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_cc, service_name)
tl_ops_err_content:err_content_rewrite_to_waf("s-cc", tl_ops_constant_waf.cache_key.waf_cc)
return
end
- waf = tl_ops_waf_core_header.tl_ops_waf_core_header_filter_service_pass(service_name)
+ waf = tl_ops_waf_core_header.tl_ops_waf_core_header_filter_service_pass(service_name, node_id)
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_header, service_name)
tl_ops_err_content:err_content_rewrite_to_waf("s-header", tl_ops_constant_waf.cache_key.waf_header)
return
end
- waf = tl_ops_waf_core_cookie.tl_ops_waf_core_cookie_filter_service_pass(service_name)
+ waf = tl_ops_waf_core_cookie.tl_ops_waf_core_cookie_filter_service_pass(service_name, node_id)
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_cookie, service_name)
tl_ops_err_content:err_content_rewrite_to_waf("s-cookie", tl_ops_constant_waf.cache_key.waf_cookie)
return
end
- waf = tl_ops_waf_core_param.tl_ops_waf_core_param_filter_service_pass(service_name)
+ waf = tl_ops_waf_core_param.tl_ops_waf_core_param_filter_service_pass(service_name, node_id)
if not waf then
- tl_ops_waf_count:tl_ops_waf_count_incr_key(tl_ops_constant_waf.cache_key.req_param, service_name)
tl_ops_err_content:err_content_rewrite_to_waf("s-param", tl_ops_constant_waf.cache_key.waf_param)
return
end
diff --git a/waf/tl_ops_waf_core_api.lua b/waf/tl_ops_waf_core_api.lua
index 7a5a306..1068dcc 100644
--- a/waf/tl_ops_waf_core_api.lua
+++ b/waf/tl_ops_waf_core_api.lua
@@ -4,8 +4,9 @@
-- @author iamtsm
-- @email 1905333456@qq.com
+local waf_count_api = require("waf.count.tl_ops_waf_count_api")
local tl_ops_constant_waf_api = require("constant.tl_ops_constant_waf_api");
-local tl_ops_constant_waf_scope = require("constant.tl_ops_constant_waf_scope");
+local waf_scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
local tl_ops_utils_func = require("utils.tl_ops_utils_func");
local cache_api = require("cache.tl_ops_cache_core"):new("tl-ops-waf-api");
local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_api");
@@ -13,7 +14,6 @@ local find = ngx.re.find
local cjson = require("cjson.safe");
-
-- 全局拦截
-- true : 通过, false : 拦截
local tl_ops_waf_core_api_filter_global_pass = function()
@@ -24,7 +24,7 @@ local tl_ops_waf_core_api_filter_global_pass = function()
end
-- 根据作用域进行waf拦截
- if api_scope ~= tl_ops_constant_waf_scope.global then
+ if api_scope ~= waf_scope.global then
return true
end
@@ -110,6 +110,7 @@ local tl_ops_waf_core_api_filter_global_pass = function()
break
end
-- 命中规则的api
+ waf_count_api.tl_ops_waf_count_incr_api_succ()
return false
until true
end
@@ -134,7 +135,7 @@ local tl_ops_waf_core_api_filter_service_pass = function(service_name)
end
-- 根据作用域进行waf拦截
- if api_scope ~= tl_ops_constant_waf_scope.service then
+ if api_scope ~= waf_scope.service then
return true
end
@@ -237,6 +238,7 @@ local tl_ops_waf_core_api_filter_service_pass = function(service_name)
break
end
-- 命中规则的api
+ waf_count_api.tl_ops_waf_count_incr_api_succ(service_name, 0, api.id)
return false
until true
end
diff --git a/waf/tl_ops_waf_core_cc.lua b/waf/tl_ops_waf_core_cc.lua
index 6513278..a75a945 100644
--- a/waf/tl_ops_waf_core_cc.lua
+++ b/waf/tl_ops_waf_core_cc.lua
@@ -4,14 +4,14 @@
-- @author iamtsm
-- @email 1905333456@qq.com
+local waf_count_cc = require("waf.count.tl_ops_waf_count_cc")
local tl_ops_constant_waf_cc = require("constant.tl_ops_constant_waf_cc");
-local tl_ops_constant_waf_scope = require("constant.tl_ops_constant_waf_scope");
+local waf_scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
local tl_ops_utils_func = require("utils.tl_ops_utils_func");
local cache_cc = require("cache.tl_ops_cache_core"):new("tl-ops-waf-cc");
local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_cc");
local find = ngx.re.find
local cjson = require("cjson.safe");
-local shared_balance = ngx.shared.tlopsbalance
local shared_waf = ngx.shared.tlopswaf
local MAX_URL_LEN = 50
@@ -25,7 +25,7 @@ local tl_ops_waf_core_cc_filter_global_pass = function()
end
-- 根据作用域进行waf拦截
- if cc_scope ~= tl_ops_constant_waf_scope.global then
+ if cc_scope ~= waf_scope.global then
return true
end
@@ -85,6 +85,7 @@ local tl_ops_waf_core_cc_filter_global_pass = function()
break
end
-- 触发cc
+ waf_count_cc.tl_ops_waf_count_incr_cc_succ()
return false
until true
end
@@ -109,7 +110,7 @@ local tl_ops_waf_core_cc_filter_service_pass = function(service_name)
end
-- 根据作用域进行waf拦截
- if cc_scope ~= tl_ops_constant_waf_scope.service then
+ if cc_scope ~= waf_scope.service then
return true
end
@@ -178,6 +179,7 @@ local tl_ops_waf_core_cc_filter_service_pass = function(service_name)
break
end
-- 触发cc
+ waf_count_cc.tl_ops_waf_count_incr_cc_succ(service_name, 0, cc.id)
return false
until true
end
diff --git a/waf/tl_ops_waf_core_cookie.lua b/waf/tl_ops_waf_core_cookie.lua
index 911e556..7ca65e3 100644
--- a/waf/tl_ops_waf_core_cookie.lua
+++ b/waf/tl_ops_waf_core_cookie.lua
@@ -4,8 +4,9 @@
-- @author iamtsm
-- @email 1905333456@qq.com
+local waf_count_cookie = require("waf.count.tl_ops_waf_count_cookie")
local tl_ops_constant_waf_cookie = require("constant.tl_ops_constant_waf_cookie");
-local tl_ops_constant_waf_scope = require("constant.tl_ops_constant_waf_scope");
+local waf_scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
local cache_cookie = require("cache.tl_ops_cache_core"):new("tl-ops-waf-cookie");
local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_cookie");
local find = ngx.re.find
@@ -22,7 +23,7 @@ local tl_ops_waf_core_cookie_filter_global_pass = function()
end
-- 根据作用域进行waf拦截
- if cookie_scope ~= tl_ops_constant_waf_scope.global then
+ if cookie_scope ~= waf_scope.global then
return true
end
@@ -107,6 +108,7 @@ local tl_ops_waf_core_cookie_filter_global_pass = function()
break
end
-- 命中规则的cookie
+ waf_count_cookie.tl_ops_waf_count_incr_cookie_succ()
return false
until true
end
@@ -131,7 +133,7 @@ local tl_ops_waf_core_cookie_filter_service_pass = function(service_name)
end
-- 根据作用域进行waf拦截
- if cookie_scope ~= tl_ops_constant_waf_scope.service then
+ if cookie_scope ~= waf_scope.service then
return true
end
@@ -234,6 +236,7 @@ local tl_ops_waf_core_cookie_filter_service_pass = function(service_name)
break
end
-- 命中规则的cookie
+ waf_count_cookie.tl_ops_waf_count_incr_cookie_succ(service_name, 0, cookie.id)
return false
until true
end
diff --git a/waf/tl_ops_waf_core_header.lua b/waf/tl_ops_waf_core_header.lua
index ad3f8cc..cdaf168 100644
--- a/waf/tl_ops_waf_core_header.lua
+++ b/waf/tl_ops_waf_core_header.lua
@@ -4,9 +4,10 @@
-- @author iamtsm
-- @email 1905333456@qq.com
+
+local waf_count_header = require("waf.count.tl_ops_waf_count_header")
local tl_ops_constant_waf_header = require("constant.tl_ops_constant_waf_header")
-local tl_ops_constant_waf_scope = require("constant.tl_ops_constant_waf_scope")
-local tl_ops_utils_func = require("utils.tl_ops_utils_func")
+local waf_scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
local cache_header = require("cache.tl_ops_cache_core"):new("tl-ops-waf-header")
local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_header")
local find = ngx.re.find
@@ -23,7 +24,7 @@ local tl_ops_waf_core_header_filter_global_pass = function()
end
-- 根据作用域进行waf拦截
- if header_scope ~= tl_ops_constant_waf_scope.global then
+ if header_scope ~= waf_scope.global then
return true
end
@@ -135,6 +136,7 @@ local tl_ops_waf_core_header_filter_global_pass = function()
break
end
-- 命中规则的header
+ waf_count_header.tl_ops_waf_count_incr_header_succ()
return false
until true
end
@@ -162,7 +164,7 @@ local tl_ops_waf_core_header_filter_service_pass = function(service_name)
end
-- 根据作用域进行waf拦截
- if header_scope ~= tl_ops_constant_waf_scope.service then
+ if header_scope ~= waf_scope.service then
return true
end
@@ -293,6 +295,7 @@ local tl_ops_waf_core_header_filter_service_pass = function(service_name)
break
end
-- 命中规则的header
+ waf_count_header.tl_ops_waf_count_incr_header_succ(service_name, 0, header.id)
return false
until true
end
diff --git a/waf/tl_ops_waf_core_ip.lua b/waf/tl_ops_waf_core_ip.lua
index 6f49bee..c3b2fae 100644
--- a/waf/tl_ops_waf_core_ip.lua
+++ b/waf/tl_ops_waf_core_ip.lua
@@ -4,10 +4,10 @@
-- @author iamtsm
-- @email 1905333456@qq.com
-
local tl_ops_constant_waf_ip = require("constant.tl_ops_constant_waf_ip");
-local tl_ops_constant_waf_scope = require("constant.tl_ops_constant_waf_scope")
+local waf_scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
local tl_ops_utils_func = require("utils.tl_ops_utils_func");
+local waf_count_ip = require("waf.count.tl_ops_waf_count_ip")
local cache_ip = require("cache.tl_ops_cache_core"):new("tl-ops-waf-ip");
local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_ip");
local find = ngx.re.find
@@ -23,7 +23,7 @@ local tl_ops_waf_core_ip_filter_global_pass = function()
end
-- 根据作用域进行waf拦截
- if ip_scope ~= tl_ops_constant_waf_scope.global then
+ if ip_scope ~= waf_scope.global then
return true
end
@@ -108,6 +108,7 @@ local tl_ops_waf_core_ip_filter_global_pass = function()
break
end
-- 命中规则的ip
+ waf_count_ip.tl_ops_waf_count_incr_ip_succ()
return false
until true
end
@@ -120,8 +121,8 @@ end
-- 匹配到服务层拦截
-- true : 通过, false : 拦截
-local tl_ops_waf_core_ip_filter_service_pass = function(service_name)
- if not service_name then
+local tl_ops_waf_core_ip_filter_service_pass = function(service_name, node_id)
+ if not service_name or node_id == nil then
return true
end
@@ -132,7 +133,7 @@ local tl_ops_waf_core_ip_filter_service_pass = function(service_name)
end
-- 根据作用域进行waf拦截
- if ip_scope ~= tl_ops_constant_waf_scope.service then
+ if ip_scope ~= waf_scope.service then
return true
end
@@ -236,6 +237,7 @@ local tl_ops_waf_core_ip_filter_service_pass = function(service_name)
break
end
-- 命中规则的ip
+ waf_count_ip.tl_ops_waf_count_incr_ip_succ(service_name, 0, ip.id)
return false
until true
end
diff --git a/waf/tl_ops_waf_core_param.lua b/waf/tl_ops_waf_core_param.lua
index 8987700..ba46c0b 100644
--- a/waf/tl_ops_waf_core_param.lua
+++ b/waf/tl_ops_waf_core_param.lua
@@ -4,8 +4,10 @@
-- @author iamtsm
-- @email 1905333456@qq.com
+
+local waf_count_param = require("waf.count.tl_ops_waf_count_param")
local tl_ops_constant_waf_param = require("constant.tl_ops_constant_waf_param");
-local tl_ops_constant_waf_scope = require("constant.tl_ops_constant_waf_scope")
+local waf_scope = require("constant.tl_ops_constant_comm").tl_ops_waf_scope;
local tl_ops_utils_func = require("utils.tl_ops_utils_func");
local cache_param = require("cache.tl_ops_cache_core"):new("tl-ops-waf-param");
local tlog = require("utils.tl_ops_utils_log"):new("tl_ops_waf_param");
@@ -24,7 +26,7 @@ local tl_ops_waf_core_param_filter_global_pass = function()
end
-- 根据作用域进行waf拦截
- if param_scope ~= tl_ops_constant_waf_scope.global then
+ if param_scope ~= waf_scope.global then
return true
end
@@ -125,6 +127,7 @@ local tl_ops_waf_core_param_filter_global_pass = function()
break
end
-- 命中规则的param
+ waf_count_param.tl_ops_waf_count_incr_param_succ()
return false
until true
end
@@ -152,7 +155,7 @@ local tl_ops_waf_core_param_filter_service_pass = function(service_name)
end
-- 根据作用域进行waf拦截
- if param_scope ~= tl_ops_constant_waf_scope.service then
+ if param_scope ~= waf_scope.service then
return true
end
@@ -263,6 +266,7 @@ local tl_ops_waf_core_param_filter_service_pass = function(service_name)
break
end
-- 命中规则的param
+ waf_count_param.tl_ops_waf_count_incr_param_succ(service_name, 0, param.id)
return false
until true
end
diff --git a/web/console/tl_ops_web_console.html b/web/console/tl_ops_web_console.html
index 9dd9451..34d283a 100644
--- a/web/console/tl_ops_web_console.html
+++ b/web/console/tl_ops_web_console.html
@@ -231,7 +231,7 @@
diff --git a/web/console/tl_ops_web_console.js b/web/console/tl_ops_web_console.js
index ba1160f..7b70319 100644
--- a/web/console/tl_ops_web_console.js
+++ b/web/console/tl_ops_web_console.js
@@ -12,10 +12,12 @@ const tl_ops_web_console_main = function () {
window.form = layui.form;
window.table = layui.table;
window.laytpl = layui.laytpl;
+ window.layer = layui.layer;
window.consoleEchartsList = [];
window.syncDataInterId = 0;
+ let index = layer.load()
form.on('switch()', function(data){
if(data.elem.checked){ //实时刷数据
@@ -45,6 +47,7 @@ const tl_ops_web_console_main = function () {
tl_ops_web_console_service_state_render(service_data)
}
+ layer.close(index)
}).then((res) => {
window.onresize = function () {
consoleEchartsList.forEach((item) => {
@@ -340,16 +343,16 @@ const tl_ops_web_console_balance_time_list_caculate_days = function (data) {
let seriesBalanceList = [];
let nodes = data[key].nodes;
for (let skey in nodes) {
- let balanceSuccessList = nodes[skey].balance_success;
+ let balanceNodeList = nodes[skey].balance_node_count;
- for (let time in balanceSuccessList) {
- let count = balanceSuccessList[time];
+ for (let time in balanceNodeList) {
+ let count = balanceNodeList[time];
balance_count += count;
}
let dayTimeCountList = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] //节点总量统计
- for (let timeItem in balanceSuccessList) {
- let count = balanceSuccessList[timeItem];
+ for (let timeItem in balanceNodeList) {
+ let count = balanceNodeList[timeItem];
let day = timeItem.toString().split(" ")[0]
let time = timeItem.toString().split(" ")[1]
let hours = parseInt(time.split(":")[0])
diff --git a/web/console/tl_ops_web_console_balance_count.html b/web/console/tl_ops_web_console_balance_count.html
new file mode 100644
index 0000000..ffc1067
--- /dev/null
+++ b/web/console/tl_ops_web_console_balance_count.html
@@ -0,0 +1,192 @@
+
+
+
+