42 lines
1.6 KiB
Markdown
42 lines
1.6 KiB
Markdown
|
# Ops, Marketplace, and Observability Implementation
|
||
|
|
|
||
|
|
## Ops Modules
|
||
|
|
|
||
|
|
### File Manager
|
||
|
|
- Command types: `FILE_LIST`, `FILE_READ`, `FILE_WRITE`, `FILE_UPLOAD_CHUNK`, `FILE_MOVE`, `FILE_DELETE`.
|
||
|
|
- Security: path sandbox, denylist for system paths, content size and MIME checks.
|
||
|
|
|
||
|
|
### Cron Manager
|
||
|
|
- Command types: `CRON_LIST`, `CRON_CREATE`, `CRON_UPDATE`, `CRON_DELETE`.
|
||
|
|
- Validation: cron expression parser, command allowlist/templating, dry-run syntax checks.
|
||
|
|
|
||
|
|
### Firewall + Security Tools
|
||
|
|
- Command types: `FIREWALL_RULE_ADD`, `FIREWALL_RULE_DELETE`, `SECURITY_SCAN_BASELINE`.
|
||
|
|
- Audit: every mutation recorded with actor, reason, and approval trace.
|
||
|
|
|
||
|
|
### Backup & Restore
|
||
|
|
- Command types: `BACKUP_RUN`, `BACKUP_RESTORE`, `BACKUP_VERIFY`.
|
||
|
|
- Flows: policy-driven schedules, retention lifecycle, encrypted object storage artifacts.
|
||
|
|
|
||
|
|
## Plugin Marketplace
|
||
|
|
- Catalog includes signed package metadata, compatibility matrix, and permission manifest.
|
||
|
|
- Install pipeline:
|
||
|
|
1. Resolve package and verify signature.
|
||
|
|
2. Validate required capabilities and tenant entitlement.
|
||
|
|
3. Execute install as job with rollback hooks.
|
||
|
|
4. Persist install status and event timeline.
|
||
|
|
|
||
|
|
## Real-time Monitoring Dashboard
|
||
|
|
- Live channels: CPU, RAM, disk I/O, network throughput, process health.
|
||
|
|
- Pipeline:
|
||
|
|
- agent collectors -> gateway ingest -> Redis stream -> metrics store.
|
||
|
|
- UI:
|
||
|
|
- server list health badges,
|
||
|
|
- per-server timeline charts,
|
||
|
|
- alert panels with acknowledgement workflow.
|
||
|
|
|
||
|
|
## Performance Targets
|
||
|
|
- P95 live metric latency: < 2 seconds.
|
||
|
|
- P95 command dispatch to agent ACK: < 1 second.
|
||
|
|
- P95 dashboard query time (last 1 hour): < 400 ms.
|