Merge pull request #128 from jcantrill/remove_index_patterns_for_admins

reduce index-patterns for cluster-admins

Author: jcantrill

src/main/java/io/fabric8/elasticsearch/plugin/ConfigurationSettings.java

@@ -77,7 +77,11 @@ public interface ConfigurationSettings extends KibanaIndexMode{
     static final String DEFAULT_USER_PROFILE_PREFIX = ".kibana";
     static final String[] DEFAULT_WHITELISTED_USERS = new String[] { "$logging.$infra.$fluentd",
         "$logging.$infra.$kibana", "$logging.$infra.$curator" };
-
+    
+    static final String [] DEFAULT_KIBANA_OPS_INDEX_PATTERNS = new String[] {
+        ".operations.*", ".orphaned.*", "project.*", ".all" 
+    };
+    
     /**
      * The configurations for enabling/disabling portions of this plugin
      * defaults to 'true' => enabled.
@@ -95,6 +99,11 @@ public interface ConfigurationSettings extends KibanaIndexMode{
     static final String DEFAULT_ACL_ROLE_STRATEGY = "user";
 
     static final String OPENSHIFT_KIBANA_REWRITE_ENABLED_FLAG = "openshift.kibana.rewrite.enabled";
+    
+    /**
+     * List of index patterns to create for operations users
+     */
+    static final String OPENSHIFT_KIBANA_OPS_INDEX_PATTERNS = "openshift.kibana.ops_index_patterns";
 
 
     static final boolean OPENSHIFT_DYNAMIC_ENABLED_DEFAULT = true;

src/main/java/io/fabric8/elasticsearch/plugin/OpenshiftRequestContextFactory.java

@@ -184,7 +184,7 @@ public static class OpenshiftRequestContext {
         private final String kibanaIndex;
         private final String kibanaIndexMode;
 
-        protected OpenshiftRequestContext(final String user, final String token, boolean isClusterAdmin, 
+        public OpenshiftRequestContext(final String user, final String token, boolean isClusterAdmin, 
                 Set<String> projects, String kibanaIndex, final String kibanaIndexMode) {
             this.user = user;
             this.token = token;

src/main/java/io/fabric8/elasticsearch/plugin/PluginClient.java

@@ -16,21 +16,32 @@
 
 package io.fabric8.elasticsearch.plugin;
 
+import java.io.IOException;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
+import java.util.concurrent.ExecutionException;
 
+import org.apache.commons.lang.StringUtils;
 import org.elasticsearch.action.ActionRequestBuilder;
 import org.elasticsearch.action.admin.indices.alias.IndicesAliasesRequestBuilder;
 import org.elasticsearch.action.admin.indices.alias.IndicesAliasesResponse;
 import org.elasticsearch.action.admin.indices.alias.get.GetAliasesRequestBuilder;
 import org.elasticsearch.action.admin.indices.alias.get.GetAliasesResponse;
+import org.elasticsearch.action.admin.indices.create.CreateIndexRequestBuilder;
+import org.elasticsearch.action.admin.indices.create.CreateIndexResponse;
 import org.elasticsearch.action.admin.indices.exists.indices.IndicesExistsRequestBuilder;
 import org.elasticsearch.action.admin.indices.exists.indices.IndicesExistsResponse;
+import org.elasticsearch.action.admin.indices.get.GetIndexRequestBuilder;
+import org.elasticsearch.action.admin.indices.get.GetIndexResponse;
+import org.elasticsearch.action.admin.indices.refresh.RefreshRequestBuilder;
+import org.elasticsearch.action.admin.indices.refresh.RefreshResponse;
 import org.elasticsearch.action.get.GetRequestBuilder;
 import org.elasticsearch.action.get.GetResponse;
 import org.elasticsearch.action.index.IndexRequestBuilder;
 import org.elasticsearch.action.index.IndexResponse;
+import org.elasticsearch.action.update.UpdateRequestBuilder;
+import org.elasticsearch.action.update.UpdateResponse;
 import org.elasticsearch.client.Client;
 import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.logging.ESLogger;
@@ -53,13 +64,56 @@ public PluginClient(Client client) {
         this.client = client;
     }
 
+    public UpdateResponse update(String index, String type, String id, String source) {
+
+        LOGGER.debug("UPDATE: '{}/{}/{}' source: '{}'", index, type, id, source);
+
+        UpdateRequestBuilder builder = client.prepareUpdate(index, type, id).setDoc(source).setDocAsUpsert(true);
+        addCommonHeaders(builder);
+        UpdateResponse response = builder.get();
+
+        LOGGER.debug("Created with update? '{}'", response.isCreated());
+        return response;
+    }
+
     public IndexResponse createDocument(String index, String type, String id, String source) {
         LOGGER.trace("create document: '{}/{}/{}' source: '{}'", index, type, id, source);
         IndexRequestBuilder builder = client.prepareIndex(index, type, id).setSource(source);
         addCommonHeaders(builder);
         IndexResponse response = builder.get();
         return response;
     }
+    
+    public GetIndexResponse getIndices(String... indices) throws InterruptedException, ExecutionException {
+        if (LOGGER.isTraceEnabled()) {
+            LOGGER.trace("Getting indices '{}'", StringUtils.join(indices, ", "));
+        }
+        GetIndexRequestBuilder builder = client.admin().indices().prepareGetIndex().setIndices(indices);
+        addCommonHeaders(builder);
+        return builder.get();
+    }
+    
+    public CreateIndexResponse copyIndex(final String source, final String target, String... types) throws InterruptedException, ExecutionException, IOException {
+        LOGGER.trace("Copying {} index to {} for types {}", source, target, types);
+        GetIndexResponse response = getIndices(source);
+        CreateIndexRequestBuilder builder = client.admin().indices()
+                .prepareCreate(target)
+                .setSettings(response.getSettings().get(source));
+        for (String type : types) {
+            builder.addMapping(type, response.mappings().get(source).get(type).getSourceAsMap());
+        }
+        addCommonHeaders(builder);
+        return builder.get();
+    }
+    
+    public RefreshResponse refreshIndices(String... indices) {
+        RefreshRequestBuilder builder = client.admin().indices().prepareRefresh(indices);
+        addCommonHeaders(builder);
+        RefreshResponse response = builder.get();
+        LOGGER.debug("Refreshed '{}' successfully on {} of {} shards", indices, response.getSuccessfulShards(),
+                response.getTotalShards());
+        return response;
+    }
 
     public boolean indexExists(final String index) {
         LOGGER.trace("Checking for existance of index '{}'", index);

src/main/java/io/fabric8/elasticsearch/plugin/PluginSettings.java

@@ -19,6 +19,10 @@
 import static io.fabric8.elasticsearch.plugin.acl.SearchGuardSyncStrategyFactory.PROJECT;
 import static io.fabric8.elasticsearch.plugin.acl.SearchGuardSyncStrategyFactory.USER;
 
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Set;
+
 import org.apache.commons.lang.ArrayUtils;
 import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.logging.ESLogger;
@@ -37,6 +41,7 @@ public class PluginSettings implements ConfigurationSettings {
     private final String kibanaVersion;
     private final String kbnVersionHeader;
     private final Boolean enabled;
+    private final Set<String> opsIndexPatterns;
 
     @Inject
     public PluginSettings(final Settings settings) {
@@ -57,6 +62,7 @@ public PluginSettings(final Settings settings) {
         this.kibanaVersion = settings.get(KIBANA_CONFIG_VERSION, DEFAULT_KIBANA_VERSION);
         this.kbnVersionHeader = settings.get(KIBANA_VERSION_HEADER, DEFAULT_KIBANA_VERSION_HEADER);
         this.enabled = settings.getAsBoolean(OPENSHIFT_DYNAMIC_ENABLED_FLAG, OPENSHIFT_DYNAMIC_ENABLED_DEFAULT);
+        this.opsIndexPatterns = new HashSet<String>(Arrays.asList(settings.getAsArray(OPENSHIFT_KIBANA_OPS_INDEX_PATTERNS, DEFAULT_KIBANA_OPS_INDEX_PATTERNS)));
 
         LOGGER.info("Using kibanaIndexMode: '{}'", this.kibanaIndexMode);
         LOGGER.debug("searchGuardIndex: {}", this.searchGuardIndex);
@@ -99,4 +105,8 @@ public Boolean isEnabled() {
     public void setKibanaIndexMode(String kibanaIndexMode) {
         this.kibanaIndexMode = kibanaIndexMode;
     }
+    
+    public Set<String> getKibanaOpsIndexPatterns() {
+        return opsIndexPatterns;
+    }
 }

src/main/java/io/fabric8/elasticsearch/plugin/kibana/KibanaSeed.java

@@ -26,22 +26,16 @@
 import java.util.concurrent.ExecutionException;
 
 import org.apache.commons.lang.StringUtils;
-import org.elasticsearch.action.admin.cluster.health.ClusterHealthRequest;
-import org.elasticsearch.action.admin.indices.create.CreateIndexRequest;
-import org.elasticsearch.action.admin.indices.get.GetIndexRequest;
-import org.elasticsearch.action.admin.indices.get.GetIndexResponse;
-import org.elasticsearch.action.admin.indices.refresh.RefreshRequest;
-import org.elasticsearch.action.admin.indices.refresh.RefreshResponse;
 import org.elasticsearch.action.delete.DeleteRequest;
 import org.elasticsearch.action.get.GetRequest;
 import org.elasticsearch.action.get.GetResponse;
 import org.elasticsearch.action.search.SearchRequest;
 import org.elasticsearch.action.search.SearchResponse;
-import org.elasticsearch.action.update.UpdateRequest;
 import org.elasticsearch.client.Client;
 import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.logging.ESLogger;
 import org.elasticsearch.common.logging.Loggers;
+import org.elasticsearch.common.xcontent.XContentFactory;
 import org.elasticsearch.index.IndexNotFoundException;
 import org.elasticsearch.search.SearchHit;
 import org.elasticsearch.transport.RemoteTransportException;
@@ -69,43 +63,78 @@ public class KibanaSeed implements ConfigurationSettings {
     private final IndexMappingLoader mappingLoader;
     private final PluginClient pluginClient;
     private final String defaultKibanaIndex;
+    private final PluginSettings settings;
 
     @Inject
     public KibanaSeed(final PluginSettings settings, final IndexMappingLoader loader, final PluginClient pluginClient)  {
         this.mappingLoader = loader;
         this.pluginClient = pluginClient;
         this.defaultKibanaIndex = settings.getDefaultKibanaIndex();
+        this.settings = settings;
     }
-
+    
     public void setDashboards(final OpenshiftRequestContext context, Client client, String kibanaVersion, final String projectPrefix) {
         if(!pluginClient.indexExists(defaultKibanaIndex)) {
             LOGGER.debug("Default Kibana index '{}' does not exist. Skipping Kibana seeding", defaultKibanaIndex);
             return;
         }
         LOGGER.debug("Begin setDashboards:  projectPrefix '{}' for user '{}' projects '{}' kibanaIndex '{}'",
                 projectPrefix, context.getUser(), context.getProjects(), context.getKibanaIndex());
-
+        
         // We want to seed the Kibana user index initially
         // since the logic from Kibana has changed to create before this plugin
         // starts...
         boolean changed = initialSeedKibanaIndex(context, client);
+        
+        if (context.isOperationsUser()) {
+            changed = seedOperationsIndexPatterns(context, client, kibanaVersion, projectPrefix);
+        } else {
+            changed = seedUsersIndexPatterns(context, client, kibanaVersion, projectPrefix);
+        }
+
+        if ( changed ) {
+            pluginClient.refreshIndices(context.getKibanaIndex());
+        }
+    }
 
+    private boolean seedOperationsIndexPatterns(final OpenshiftRequestContext context, final  Client client, String kibanaVersion, final String projectPrefix) {
+        boolean changed = false;
+        boolean defaultSet = false;
+        for (String pattern : settings.getKibanaOpsIndexPatterns()) {
+            if(!pluginClient.documentExists(context.getKibanaIndex(), INDICIES_TYPE, pattern)) {
+                LOGGER.trace("Creating index-pattern '{}'", pattern);
+                String source = StringUtils.replace(mappingLoader.getOperationsMappingsTemplate(), "$TITLE$", pattern);
+                pluginClient.createDocument(context.getKibanaIndex(), INDICIES_TYPE, pattern, source);
+                if (!defaultSet) {
+                    try {
+                        String update = XContentFactory.jsonBuilder()
+                                .startObject()
+                                    .field(KibanaSeed.DEFAULT_INDEX_FIELD, pattern)
+                                 .endObject().string();
+                        pluginClient.update(context.getKibanaIndex(), DEFAULT_INDEX_TYPE, kibanaVersion, update);
+                        defaultSet = true;
+                    } catch (IOException e) {
+                        LOGGER.error("Unable to set default index-pattern", e);
+                    }
+                }
+                changed = true;
+            }
+        }
+        return changed;
+    }
+    
+    private boolean seedUsersIndexPatterns(final OpenshiftRequestContext context, final  Client client,  final String kibanaVersion, final String projectPrefix) {
+        boolean changed = false;
         // GET .../.kibana/index-pattern/_search?pretty=true&fields=
         // compare results to projects; handle any deltas (create, delete?)
-
         Set<String> indexPatterns = getProjectNamesFromIndexes(context, client, projectPrefix);
         LOGGER.debug("Found '{}' Index patterns for user", indexPatterns.size());
 
         Set<String> projects = new HashSet<>(context.getProjects());
-        if(context.isOperationsUser()) {
-            projects.add(OPERATIONS_PROJECT);
-        }
         List<String> filteredProjects = new ArrayList<String>(filterProjectsWithIndices(projectPrefix, projects));
         LOGGER.debug("projects for '{}' that have existing indexes: '{}'", context.getUser(), filteredProjects);
 
-        if (context.isOperationsUser()) {
-            filteredProjects.add(ADMIN_ALIAS_NAME);
-        }else if (filteredProjects.isEmpty()) {
+        if (filteredProjects.isEmpty()) {
             filteredProjects.add(BLANK_PROJECT);
         }
 
@@ -156,12 +185,9 @@ public void setDashboards(final OpenshiftRequestContext context, Client client,
                 }
             }
         }
-
-        if ( changed ) {
-            refreshKibanaUser(context.getKibanaIndex(), client);
-        }
+        return changed;
     }
-    
+
     /*
      * Given a list of projects, filter out those which do not have any
      * index associated with it
@@ -177,16 +203,6 @@ private List<String> filterProjectsWithIndices(final String projectPrefix, Set<S
         return result;
     }
 
-    private void refreshKibanaUser(String kibanaIndex, Client esClient) {
-
-        RefreshRequest request = new RefreshRequest().indices(kibanaIndex);
-        request.putHeader(ConfigConstants.SG_CONF_REQUEST_HEADER, "true");
-        RefreshResponse response = esClient.admin().indices().refresh(request).actionGet();
-
-        LOGGER.debug("Refreshed '{}' successfully on {} of {} shards", kibanaIndex, response.getSuccessfulShards(),
-                response.getTotalShards());
-    }
-
     private boolean initialSeedKibanaIndex(final OpenshiftRequestContext context, Client esClient) {
 
         try {
@@ -197,29 +213,7 @@ private boolean initialSeedKibanaIndex(final OpenshiftRequestContext context, Cl
             // copy the defaults if the userindex is not the kibanaindex
             if (!kibanaIndexExists && !defaultKibanaIndex.equals(userIndex)) {
                 LOGGER.debug("Copying '{}' to '{}'", defaultKibanaIndex, userIndex);
-
-                GetIndexRequest getRequest = new GetIndexRequest().indices(defaultKibanaIndex);
-                getRequest.putHeader(ConfigConstants.SG_CONF_REQUEST_HEADER, "true");
-                GetIndexResponse getResponse = esClient.admin().indices().getIndex(getRequest).get();
-
-                CreateIndexRequest createRequest = new CreateIndexRequest().index(userIndex);
-                createRequest.putHeader(ConfigConstants.SG_CONF_REQUEST_HEADER, "true");
-
-                createRequest.settings(getResponse.settings().get(defaultKibanaIndex));
-
-                Map<String, Object> configMapping = getResponse.mappings().get(defaultKibanaIndex).get("config")
-                        .getSourceAsMap();
-
-                createRequest.mapping("config", configMapping);
-
-                esClient.admin().indices().create(createRequest).actionGet();
-
-                // Wait for health status of YELLOW
-                ClusterHealthRequest healthRequest = new ClusterHealthRequest().indices(new String[] { userIndex })
-                        .waitForYellowStatus();
-
-                esClient.admin().cluster().health(healthRequest).actionGet().getStatus();
-
+                pluginClient.copyIndex(defaultKibanaIndex, userIndex, DEFAULT_INDEX_TYPE);
                 return true;
             }
         } catch (ExecutionException | InterruptedException | IOException e) {
@@ -236,7 +230,7 @@ private void setDefaultIndex(String kibanaIndex, String project, Client esClient
         // .kibana.username
         String source = new DocumentBuilder().defaultIndex(getIndexPattern(project, projectPrefix)).build();
 
-        executeUpdate(kibanaIndex, DEFAULT_INDEX_TYPE, kibanaVersion, source, esClient);
+        pluginClient.update(kibanaIndex, DEFAULT_INDEX_TYPE, kibanaVersion, source);
     }
 
     private String getDefaultIndex(OpenshiftRequestContext context, Client esClient, String kibanaVersion, String projectPrefix) {
@@ -342,9 +336,7 @@ private void createIndexPattern(String kibanaIndex, String project, Client esCli
 
         final String indexPattern = getIndexPattern(project, projectPrefix);
         String source;
-        if (project.equalsIgnoreCase(OPERATIONS_PROJECT) || project.startsWith(ADMIN_ALIAS_NAME)) {
-            source = mappingLoader.getOperationsMappingsTemplate();
-        } else if (project.equalsIgnoreCase(BLANK_PROJECT)) {
+        if (project.equalsIgnoreCase(BLANK_PROJECT)) {
             source = mappingLoader.getEmptyProjectMappingsTemplate();
         } else {
             source = mappingLoader.getApplicationMappingsTemplate();
@@ -364,17 +356,6 @@ private void deleteIndex(String kibanaIndex, String project, Client esClient, St
         executeDelete(kibanaIndex, INDICIES_TYPE, getIndexPattern(project, projectPrefix), esClient);
     }
 
-    private void executeUpdate(String index, String type, String id, String source, Client esClient) {
-
-        LOGGER.debug("UPDATE: '{}/{}/{}' source: '{}'", index, type, id, source);
-
-        UpdateRequest request = esClient.prepareUpdate(index, type, id).setDoc(source).setDocAsUpsert(true).request();
-        request.putHeader(ConfigConstants.SG_CONF_REQUEST_HEADER, "true");
-
-
-        LOGGER.debug("Created with update? '{}'", esClient.update(request).actionGet().isCreated());
-    }
-
     private void executeDelete(String index, String type, String id, Client esClient) {
 
         LOGGER.debug("DELETE: '{}/{}/{}'", index, type, id);