定時任務也就是由時間觸發的執行過程,屬於很常見的業務邏輯。Unix 在早期版本就提供了定時任務調度模塊 Cron,並在各種 Linux 系統上沿用至今。Cron 的配置文件 crontab 具備全面卻清晰的格式,可以解決大多數場景下的定時任務配置問題,企業級服務器能夠使用類 crontab 的格式靈活配置的各類定時任務邏輯,如下爲 crontab 的格式:html
# Example of job definition: # .---------------- minute (0 - 59) # | .------------- hour (0 - 23) # | | .---------- day of month (1 - 31) # | | | .------- month (1 - 12) OR jan,feb,mar,apr ... # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat # | | | | | # * * * * * user-name command to be executed
本章將基於上一章已完成的工程 host1-tech/nodejs-server-examples - 10-log 經過 node-schedule 以相似 crontab 的方式配置定時任務,檢測可能含有網絡攻擊的店鋪信息並經過 nodemailer 將可疑店鋪信息郵件發送給管理員。在工程根目錄執行 node-schedule 與 nodemailer 的安裝命令:node
$ yarn add node-schedule nodemailer # 本地安裝 node-schedule、nodemailer # ... info Direct dependencies ├─ node-schedule@1.3.2 └─ nodemailer@6.4.11 # ...
// src/services/shop.js const { Shop } = require('../models'); class ShopService { async init() {} - async find({ id, pageIndex = 0, pageSize = 10, logging }) { + async find({ id, pageIndex = 0, pageSize = 10, where, logging }) { if (id) { return [await Shop.findByPk(id, { logging })]; } return await Shop.findAll({ offset: pageIndex * pageSize, limit: pageSize, + where, logging, }); } // ... } // ...
// src/services/mail.js const { promisify } = require('util'); const nodemailer = require('nodemailer'); const { mailerOptions } = require('../config'); class MailService { mailer; async init() { this.mailer = nodemailer.createTransport(mailerOptions); await promisify(this.mailer.verify)(); } async sendMail(params) { return await this.mailer.sendMail({ from: mailerOptions.auth.user, ...params, }); } } let service; module.exports = async () => { if (!service) { service = new MailService(); await service.init(); } return service; };
// src/config/index.js const merge = require('lodash.merge'); const logger = require('../utils/logger'); const { logging } = logger; const config = { // 默認配置 default: { // ... + mailerOptions: { + host: 'smtp.126.com', + port: 465, + secure: true, + logger: logger.child({ type: 'mail' }), + auth: { + user: process.env.MAILER_USER, + pass: process.env.MAILER_PASS, + }, + }, }, // ... }; // ...
# .env.local GITHUB_CLIENT_ID='b8ada004c6d682426cfb' GITHUB_CLIENT_SECRET='0b13f2ab5651f33f879a535fc2b316c6c731a041' + +MAILER_USER='ht_nse@126.com' +MAILER_PASS='CAEJHSTBWNOKHRVL'
注意因爲應用節點可能不止 1 個,執行巡檢時將使用分佈式鎖限制執行節點數量以免重複報警,這裏藉助數據庫來實現分佈式鎖:github
$ # 生成定時任務鎖的 model 文件與 schema 遷移文件 $ yarn sequelize model:generate --name scheduleLock --attributes name:string,counter:integer $ # 將 src/models/schedulelock.js 命名爲 src/models/scheduleLock.js $ mv src/models/schedulelock.js src/models/scheduleLock.js $ tree src/models # 展現 src/models 目錄內容結構 src/models ├── config │ └── index.js ├── index.js ├── migrate │ ├── 20200725045100-create-shop.js │ ├── 20200727025727-create-session.js │ └── 20200801120113-create-schedule-lock.js ├── scheduleLock.js ├── seed │ └── 20200725050230-first-shop.js └── shop.js
調整 src/models/scheduleLock.js
與 src/models/migrate/20200801120113-create-schedule-lock.js
// src/models/scheduleLock.js const { Model } = require('sequelize'); module.exports = (sequelize, DataTypes) => { class scheduleLock extends Model { /** * Helper method for defining associations. * This method is not a part of Sequelize lifecycle. * The `models/index` file will call this method automatically. */ static associate(models) { // define association here } } scheduleLock.init( { name: DataTypes.STRING, counter: DataTypes.INTEGER, }, { sequelize, modelName: 'ScheduleLock', tableName: 'schedule_lock', } ); return scheduleLock; };
// src/models/migrate/20200801120113-create-schedule-lock.js module.exports = { up: async (queryInterface, Sequelize) => { await queryInterface.createTable('schedule_lock', { id: { allowNull: false, autoIncrement: true, primaryKey: true, type: Sequelize.INTEGER, }, name: { type: Sequelize.STRING, }, counter: { type: Sequelize.INTEGER, }, created_at: { allowNull: false, type: Sequelize.DATE, }, updated_at: { allowNull: false, type: Sequelize.DATE, }, }); }, down: async (queryInterface, Sequelize) => { await queryInterface.dropTable('schedule_lock'); }, };
$ mkdir src/schedules # 新建 src/schedules 存放定時任務 $ tree src -L 1 # 展現 src 目錄內容結構 src ├── config ├── controllers ├── middlewares ├── models ├── moulds ├── schedules ├── server.js ├── services └── utils
// src/schedules/inspectAttack.js const { basename } = require('path'); const schedule = require('node-schedule'); const { sequelize, ScheduleLock, Sequelize } = require('../models'); const mailService = require('../services/mail'); const shopService = require('../services/shop'); const escapeHtmlInObject = require('../utils/escape-html-in-object'); const logger = require('../utils/logger'); const { Op } = Sequelize; // 當前任務的鎖名稱 const LOCK_NAME = basename(__dirname); // 鎖的最長佔用時間 const LOCK_TIMEOUT = 15 * 60 * 1000; // 分佈式任務併發數 const CONCURRENCY = 1; // 報警郵件發送對象 const MAIL_RECEIVER = 'licg9999@126.com'; class InspectAttack { mailService; shopService; async init() { this.mailService = await mailService(); this.shopService = await shopService(); // 每到 15 分時巡檢一次 schedule.scheduleJob('*/15 * * * *', this.findAttackedShopInfoAndSendMail); } findAttackedShopInfoAndSendMail = async () => { // 上鎖 const lockUpT = await sequelize.transaction(); try { const [lock] = await ScheduleLock.findOrCreate({ where: { name: LOCK_NAME }, defaults: { name: LOCK_NAME, counter: 0 }, transaction: lockUpT, }); if (lock.counter >= CONCURRENCY) { if (Date.now() - lock.updatedAt.valueOf() > LOCK_TIMEOUT) { lock.counter--; await lock.save({ transaction: lockUpT }); } await lockUpT.commit(); return; } lock.counter++; await lock.save({ transaction: lockUpT }); await lockUpT.commit(); } catch (err) { logger.error(err); await lockUpT.rollback(); return; } try { // 尋找異常數據 const shops = await this.shopService.find({ pageSize: 100, where: { name: { [Op.or]: [{ [Op.like]: '<%' }, { [Op.like]: '%>' }] }, }, }); // 發送報警郵件 if (shops.length) { const subject = '安全警告,發現可疑店鋪信息!'; const html = ` <div>如下是服務器巡檢發現的疑似含有網絡攻擊的店鋪信息:</div> <pre> ${shops .map((shop) => JSON.stringify(escapeHtmlInObject(shop), null, 2)) .join('\n')} </pre>`; await this.mailService.sendMail({ to: MAIL_RECEIVER, subject, html }); } } catch {} // 解鎖 const lockDownT = await sequelize.transaction(); try { const lock = await ScheduleLock.findOne({ where: { name: LOCK_NAME }, transaction: lockDownT, }); if (lock.counter > 0) { lock.counter--; await lock.save({ transaction: lockDownT }); } await lockDownT.commit(); } catch { await lockDownT.rollback(); } }; } module.exports = async () => { const s = new InspectAttack(); await s.init(); };
// src/schedules/index.js const inspectAttackSchedule = require('./inspectAttack'); module.exports = async function initSchedules() { await inspectAttackSchedule(); };
// src/server.js const express = require('express'); const { resolve } = require('path'); const { promisify } = require('util'); const initMiddlewares = require('./middlewares'); const initControllers = require('./controllers'); +const initSchedules = require('./schedules'); const logger = require('./utils/logger'); const server = express(); const port = parseInt(process.env.PORT || '9000'); const publicDir = resolve('public'); const mouldsDir = resolve('src/moulds'); async function bootstrap() { server.use(await initMiddlewares()); server.use(express.static(publicDir)); server.use('/moulds', express.static(mouldsDir)); server.use(await initControllers()); server.use(errorHandler); + await initSchedules(); await promisify(server.listen.bind(server, port))(); logger.info(`> Started on port ${port}`); } // ...
在新增兩個含有網絡攻擊的店鋪信息以後,便可在分鐘數爲 15 的倍數時收到一則警告郵件:bootstrap
host1-tech/nodejs-server-examples - 11-schedulesegmentfault
從零搭建 Node.js 企業級 Web 服務器(零):靜態服務
從零搭建 Node.js 企業級 Web 服務器(一):接口與分層
從零搭建 Node.js 企業級 Web 服務器(二):校驗
從零搭建 Node.js 企業級 Web 服務器(三):中間件
從零搭建 Node.js 企業級 Web 服務器(四):異常處理
從零搭建 Node.js 企業級 Web 服務器(五):數據庫訪問
從零搭建 Node.js 企業級 Web 服務器(六):會話
從零搭建 Node.js 企業級 Web 服務器(七):認證登陸
從零搭建 Node.js 企業級 Web 服務器(八):網絡安全
從零搭建 Node.js 企業級 Web 服務器(九):配置項
從零搭建 Node.js 企業級 Web 服務器(十):日誌
從零搭建 Node.js 企業級 Web 服務器(十一):定時任務安全