From 3c5becbd958f2f34e6b2bd2d5d9b5b920246bf82 Mon Sep 17 00:00:00 2001
From: Chiradeep Vittal <chiradeep@cloud.com>
Date: Tue, 30 Aug 2011 23:28:30 -0700
Subject: [PATCH] Enable monitoring over JMX

---
 .../cloud/network/security/RuleUpdateLog.java | 30 ++++++++
 .../security/SecurityGroupManagerImpl2.java   | 37 +++++++---
 .../security/SecurityGroupManagerMBean.java   | 35 +++++++++
 .../security/SecurityManagerMBeanImpl.java    | 71 +++++++++++++++++++
 4 files changed, 162 insertions(+), 11 deletions(-)
 create mode 100644 server/src/com/cloud/network/security/RuleUpdateLog.java
 create mode 100644 server/src/com/cloud/network/security/SecurityGroupManagerMBean.java
 create mode 100644 server/src/com/cloud/network/security/SecurityManagerMBeanImpl.java

diff --git a/server/src/com/cloud/network/security/RuleUpdateLog.java b/server/src/com/cloud/network/security/RuleUpdateLog.java
new file mode 100644
index 00000000000..24bcd332c8d
--- /dev/null
+++ b/server/src/com/cloud/network/security/RuleUpdateLog.java
@@ -0,0 +1,30 @@
+/**
+ *  Copyright (C) 2011 Citrix Systems, Inc.  All rights reserved.
+ * 
+ * This software is licensed under the GNU General Public License v3 or later.
+ * 
+ * It is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ * 
+ */
+package com.cloud.network.security;
+
+import java.util.Set;
+
+/**
+ * Keeps track of scheduling and update events for monitoring purposes.
+ *
+ */
+public interface RuleUpdateLog {
+     void logScheduledDetails(Set<Long> vmIds);
+     void logUpdateDetails(Long vmId, Long seqno);
+
+}
diff --git a/server/src/com/cloud/network/security/SecurityGroupManagerImpl2.java b/server/src/com/cloud/network/security/SecurityGroupManagerImpl2.java
index cab68b25cc5..52fd67468d4 100644
--- a/server/src/com/cloud/network/security/SecurityGroupManagerImpl2.java
+++ b/server/src/com/cloud/network/security/SecurityGroupManagerImpl2.java
@@ -24,6 +24,7 @@ import java.util.TreeMap;
 import java.util.TreeSet;
 
 import javax.ejb.Local;
+import javax.naming.ConfigurationException;
 
 import com.cloud.agent.api.SecurityIngressRulesCmd;
 import com.cloud.agent.manager.Commands;
@@ -32,6 +33,7 @@ import com.cloud.network.security.SecurityGroupWork.Step;
 import com.cloud.uservm.UserVm;
 import com.cloud.utils.Profiler;
 import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.utils.mgmt.JmxUtil;
 import com.cloud.vm.VirtualMachine.State;
 
 /**
@@ -39,18 +41,9 @@ import com.cloud.vm.VirtualMachine.State;
  *
  */
 @Local(value={ SecurityGroupManager.class, SecurityGroupService.class })
-public class SecurityGroupManagerImpl2 extends SecurityGroupManagerImpl {
-    /*private final String GET_ALLOWED_IPS_QUERY = 
-        "select CONCAT(nics.ip4_address, '/32') from nics  INNER JOIN " +
-    		"(select vm_map_2.instance_id from " +
-    		      "(select security_ingress_rule.* from security_ingress_rule INNER JOIN " +
-    		      " security_group_vm_map  ON security_ingress_rule.security_group_id=security_group_vm_map.security_group_id " +
-    		      " where security_group_vm_map.instance_id=?) AS ingress_rule_for_vm INNER JOIN " +
-    		      " security_group_vm_map AS vm_map_2 ON vm_map_2.security_group_id = ingress_rule_for_vm.allowed_network_id) AS instance " +
-    		 " ON nics.instance_id=instance.instance_id where nics.default_nic=1;";*/
-    
+public class SecurityGroupManagerImpl2 extends SecurityGroupManagerImpl{
     SecurityGroupWorkQueue _workQueue = new LocalSecurityGroupWorkQueue();
-    
+    SecurityManagerMBeanImpl _mBean;
     
     WorkerThread[] _workers;
 
@@ -104,6 +97,7 @@ public class SecurityGroupManagerImpl2 extends SecurityGroupManagerImpl {
             }
         }
         int newJobs = _workQueue.submitWorkForVms(workItems);
+        _mBean.logScheduledDetails(workItems);
         p.stop();
         if (s_logger.isTraceEnabled()){
             s_logger.trace("Security Group Mgr v2: done scheduling ruleset updates for " + workItems.size() + " vms: num new jobs=" + 
@@ -111,6 +105,8 @@ public class SecurityGroupManagerImpl2 extends SecurityGroupManagerImpl {
         }
     }
 
+   
+    
 
     @Override
     public boolean start() {
@@ -139,6 +135,7 @@ public class SecurityGroupManagerImpl2 extends SecurityGroupManagerImpl {
                     }
                     work.setLogsequenceNumber(rulesetLog.getLogsequence());
                     sendRulesetUpdates(work);
+                    _mBean.logUpdateDetails(work.getInstanceId(), work.getLogsequenceNumber());
                 }catch (Exception e) {
                     s_logger.error("Problem during SG work " + work, e);
                     work.setStep(Step.Error);
@@ -235,4 +232,22 @@ public class SecurityGroupManagerImpl2 extends SecurityGroupManagerImpl {
         return allowed;
     }
 
+ 
+    public int getQueueSize() {
+        return _workQueue.size();
+    }
+
+   
+
+    @Override
+    public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+        _mBean = new SecurityManagerMBeanImpl(this);
+        try {
+            JmxUtil.registerMBean("SecurityGroupManager", "SecurityGroupManagerImpl2", _mBean);
+        } catch (Exception e){
+            s_logger.error("Failed to register MBean", e);
+        }
+        return super.configure(name, params);
+    }
+
 }
diff --git a/server/src/com/cloud/network/security/SecurityGroupManagerMBean.java b/server/src/com/cloud/network/security/SecurityGroupManagerMBean.java
new file mode 100644
index 00000000000..92b302bd1af
--- /dev/null
+++ b/server/src/com/cloud/network/security/SecurityGroupManagerMBean.java
@@ -0,0 +1,35 @@
+/**
+ *  Copyright (C) 2011 Citrix Systems, Inc.  All rights reserved.
+ * 
+ * This software is licensed under the GNU General Public License v3 or later.
+ * 
+ * It is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or any later version.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ * 
+ */
+package com.cloud.network.security;
+
+import java.util.Map;
+import java.util.Date;
+import com.cloud.utils.Ternary;
+
+/**
+ * Allows JMX access
+ *
+ */
+public interface SecurityGroupManagerMBean {
+    void enableUpdateMonitor(boolean enable);
+    
+    Map<Long, Ternary<Date, Date, Long>> getVmUpdateDetails();
+    
+    int getQueueSize();
+    
+}
diff --git a/server/src/com/cloud/network/security/SecurityManagerMBeanImpl.java b/server/src/com/cloud/network/security/SecurityManagerMBeanImpl.java
new file mode 100644
index 00000000000..0622c30c117
--- /dev/null
+++ b/server/src/com/cloud/network/security/SecurityManagerMBeanImpl.java
@@ -0,0 +1,71 @@
+package com.cloud.network.security;
+
+import java.util.Date;
+import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
+
+import javax.management.StandardMBean;
+
+import com.cloud.utils.Ternary;
+
+public class SecurityManagerMBeanImpl extends StandardMBean implements SecurityGroupManagerMBean, RuleUpdateLog {
+    SecurityGroupManagerImpl2 _sgMgr;
+    boolean _monitoringEnabled = false;
+    //keep track of last scheduled, last update sent and last seqno sent per vm. Make it available over JMX
+    Map<Long, Ternary<Date, Date, Long>> _updateDetails = new ConcurrentHashMap<Long, Ternary<Date,Date,Long>>(4000, 100, 64);
+    
+    
+    protected SecurityManagerMBeanImpl(SecurityGroupManagerImpl2 securityGroupManager) {
+        super(SecurityGroupManagerMBean.class, false);
+        this._sgMgr = securityGroupManager;
+    }
+
+
+    @Override
+    public Map<Long, Ternary<Date, Date, Long>> getVmUpdateDetails() {
+        return _updateDetails;
+    }
+
+    @Override
+    public int getQueueSize() {
+       return this._sgMgr.getQueueSize();
+    }
+    
+    @Override
+    public void logUpdateDetails(Long vmId, Long seqno) {
+        if (_monitoringEnabled) {
+            Ternary<Date, Date, Long> detail = _updateDetails.get(vmId);
+            if (detail == null) {
+                detail = new Ternary<Date, Date, Long>(new Date(), new Date(), seqno);
+            }
+            detail.second(new Date());
+            detail.third(seqno);
+            _updateDetails.put(vmId, detail);
+        }
+       
+    }
+    
+    @Override
+    public void logScheduledDetails(Set<Long> vmIds) {
+        if (_monitoringEnabled) {
+            for (Long vmId : vmIds) {
+                Ternary<Date, Date, Long> detail = _updateDetails.get(vmId);
+                if (detail == null) {
+                    detail = new Ternary<Date, Date, Long>(new Date(), null, 0L);
+                }
+                detail.first(new Date());
+                _updateDetails.put(vmId, detail);
+            }
+        }
+    }
+    
+    @Override
+    public void enableUpdateMonitor(boolean enable) {
+        _monitoringEnabled = enable;
+        if (!enable) {
+            _updateDetails.clear();
+        }
+    }
+
+}