kintyre / shinnecock-agent Goto Github PK

Using Travisci. Borrow from ksconf.

Publish python package manually.

Should be bundled as a Mac "Application", and distributed as a zip or DMG image (preferable.)

• Enable Travis CI integration for basic build testing.
• Add building badge to the README.md file (increase visibility)

Notes:

• There's no unit tests at this point, so simply run the script (it will send in some metrics) and if exit code is 0, assume it "passes"

If an invalid interface name is provided (like --interface 0), than an ugly exception message is provided instead of a human readable error. The user should be given better feedback.

Version:

python kintyre_speedtest.py --version
0.3.9

Example output:

# python kintyre_speedtest.py --interface 0

interface:  ['0']
mode=random    interface:  ['0']
DEBUG:  Payload --> https://X.XX.XX.XX:8443/services/collector/event  :  {"action": "ping", "hostname": "BLAH", "agent": {"name": "Lowell's Laptop", "org": "kintyre.co"}}
   Status code = 200
DEBUG:  iterfaces for testing: InterfaceInfo(ip=None, dev=None, meta={'_error': 'No non-blacklisted interfaces found.'})
DEBUG:  get_macosx_hardware() returns: {0: {'hardware_port': 'LPSS Serial Adapter (1)'}, 1: {'hardware_port': 'LPSS Serial Adapter (2)'}, 'en9': {'device': 'en9', 'hardware_port': 'AX88179 USB 3.0 to Gigabit Ethernet', 'ethernet_address': 'XXXXX'}, 'en0': {'device': 'en0', 'hardware_port': 'Wi-Fi', 'ethernet_address': XXXXX'}, 'en6': {'device': 'en6', 'hardware_port': 'Bluetooth PAN', 'ethernet_address': '8c:85:XXXXX'}, 'en1': {'device': 'en1', 'hardware_port': '..... REMOVE INFO .... }
Missing netsh
DEBUG:  get_windows_netsh() returns: None
Missing iwconfig
DEBUG:  get_linux_iwconfig() returns: None
Missing lshw
DEBUG:  get_linux_lshw() returns: None
Traceback (most recent call last):
  File "kintyre_speedtest.py", line 843, in <module>
    cli()
  File "kintyre_speedtest.py", line 839, in cli
    main(interfaces, out)
  File "kintyre_speedtest.py", line 381, in main
    info = if_.meta
AttributeError: 'NoneType' object has no attribute 'meta'

Also iterfaces should be interfaces.

Need to make sure everything works properly under Python 3. We want to target Python 2.7 (which is included/embedded in Splunk) and Python 3.4 and higher. I believe that PyInstaller requires python 3.

We should also make sure Travis is validating our scripts against different version of Python.

Confirm the following names:

• Repo name
• Executable script is called kinytre_speedtest (defined in setup.py)
• Name of python package KintyreSpeedTestStandalone. (We don't want to change this after publishing it to pypi; also defined in setup.py)

Lowell's thoughts:

• I think repo name is probably good enough. GitHub handles redirect nicely.
• I think the python package name should change. I'm thinking something like kintyre-speedtest-agent would be better. (Our other package is named kintyre-splunk-conf, just for comparison purposes)

On newer linux distro releases where the old style network config commands such as ifconfig, netstat and route have been abandoned in favor of the ip command, the ifcfg.interfaces() call will fail to identify available interfaces.

One workaround is to require the net-tools package to be installed.

Capture and persist various pieces of registration information.

Capture attributes:

• Registration:
  • Organizational name (optional) [Account id]
  • Owner / device name
  • Hostname (pre-populate)
• Endpoint settings:
  • HTTP(S) endpoint URL
  • HTTP Event Collector Token
  • Security & Certs
  • Proxy settings (For reporting test results)
• Network Interfaces
  • All / Wired / Wireless / Specific interface name(s) / First-Random (default); Eventually a drop-down will be very helpful here.
  • Proxy settings
• Information to collect (long-term)
  • Error reporting
  • Network card info (NIC drivers and versions)
  • Basic OS info
  • Geo location (Captured live fro GPS device; different than statically derived from IP, which is automatic.)
• Scheduling
  • Period/Frequency: Default to daily
  • Variation: default to 10 mins
  • Back-off mode
• Wifi-blacklist: Don't run speedtests on metered-WiFi networks.

The first version, this can simply be editing a configuration file (as long as the user is provided with a template and some instructions; eventually there should be a CLI edit mode and UI options as well.)
It's very likely that not all of these options are needed initially. The above list is from a brainstorm, and needs more thought.

Eventually to include scheduling preferences. And the GUID should be generated at this same time, although it may be stored in a different config file.

Setup AppVeyor to:

1. Do build testing
2. Build a windows executable (64 and 32 bit)
3. Upload the windows executable as a release artifact to GitHub.

Note that this will be an executable. It probably won't have an installer (msi), just the executable.

C:>python -V
Python 2.7.15

C:\>kintyre-speedtest
interface:  None
mode=default    interface:  None
Traceback (most recent call last):
  File "c:\python27\lib\runpy.py", line 174, in _run_module_as_main
    "__main__", fname, loader, pkg_name)
  File "c:\python27\lib\runpy.py", line 72, in _run_code
    exec code in run_globals
  File "C:\Python27\Scripts\kintyre-speedtest.exe\__main__.py", line 9, in <module>
  File "c:\python27\lib\site-packages\kintyre_speedtest.py", line 808, in cli
    interfaces = find_matching_interfaces(args.interface_select, args.interface, r"^(u|v|)tun$")
  File "c:\python27\lib\site-packages\kintyre_speedtest.py", line 325, in find_matching_interfaces
    dflt = ifcfg.default_interface()
  File "c:\python27\lib\site-packages\ifcfg\__init__.py", line 77, in default_interface
    return Parser(ifconfig=ifconfig)._default_interface(route_output=route_output)
AttributeError: 'WindowsParser' object has no attribute '_default_interface'

C:\>kintyre-speedtest --help
usage: kintyre-speedtest [-h] [--version] [--config CONFIG] [--no-prompt]
                         [--register] [--url URL] [--token TOKEN]
                         [--interface INTERFACE [INTERFACE ...]]
                         [--randomize SECS] [--speedtest-debug]
                         [--random | --all | --default] [--fake-it]

Kintyre speedtest agent

optional arguments:
  -h, --help            show this help message and exit
  --version, -V         show program's version number and exit
  --config CONFIG, -c CONFIG
                        Location of the config file. Defaults to
                        ~\.kintyre_speedtest.ini
  --no-prompt           Disable interactive prompting.
  --register            Enable registration mode. No speedtest is run in this
                        mode.
  --interface INTERFACE [INTERFACE ...], -i INTERFACE [INTERFACE ...]
                        Name of interface(s) to speedtest. No other interfaces
                        will be considered. When used with --random then one
                        of the provided interfaces will be selected randomly.
  --randomize SECS      Add a random delay before running the speedtest. This
                        can avoid kicking off multiple test at the same
                        moment.
  --speedtest-debug     Enable speedtest internal debugging features. Very
                        much noise.
  --random              Randomly pick and test a single interface to test on
  --all                 Test against all usable interfaces.
  --default             Run speedtest on the interface with a default gateway.
                        (This is the default behavior, unless the --interface
                        option is provided)
  --fake-it             Disable speedtest functionality and return a bogus
                        payload instead. ONLY useful for testing.

Endpoint Settings:
  --url URL             URL of the Splunk HEC (HTTP Event Collector)
  --token TOKEN         Authentication token for Splunk HEC.

C:\>

For now; sync up the version number between the JSON_FORMAT_VER, and the python package.

Allow sending data to a HEC that's using a self-signed cert. While not a good idea for production, it is quite helpful for a testing or proof-of-concept deployment.

Document how to setup task scheduler to run the speed test silently. Pythonw

Create and store a unique GUID per agent:

• Create as needed. (Eventually this will be part of a "registration" process, and handle during installation)
• Persist in an .ini style file somewhere predictable. (Preferably globally.)
• Allow the GUID to be passed in via API. (So that the Splunk TA version can simply pass in Splunk's instance GUID; as a persistence path is not easily available.)

MacOS install via brew install kintyre-speedtest-agent. I can't be that hard to do, right?

Package windows executable bundle as an .msi file.

Setup TravisCI to:

• Build for the Mac (uses Linux by default)
• Continue to do build testing
• Build a macOS standalone executable
• Upload the executable as a release artifact to GitHub.

I'm assuming this will be an executable, not an Application, or a dmg image. One step at a time. (The end goal is a DMG image.)

Right now --interface requires the device name (which is missing on say Windows and therefore falls back to the unfriendly MAC) and doesn't allow for a wider range of matching possibilities.

It should be possible to select the interface based on any of the following:

• Device name (when provided by the OS)
• Device description (Windows only?)
• IP address (primary or secondary)
• MAC address

Allow the user to interactively request a test on demand. Ideally this would then block any scheduled tests from overlapping or running to quickly back-to-back.

The event should have a flag indicating if manual vs scheduled.

Send a simple message to HEC to test delivery before incurring the cost of running a full speedtest. Rationale: If the speedtest results can't be published, then there's no reason to incur the overhead of the speedtest in the first place.

This is especially true with the current server setup where inbound access is restricted to an IP whitelist.

It seems that a speedtest is run on all interfaces that have an IP address, except lo. For example, a workstation that has an active VPN connection will have a utunX interface. Should try and be more careful about picking the right interface and only run the speedtest there.