Developer Deep Dive
Technical Architecture
A detailed look at Sentinel's core components, autopilot algorithms, and internal API structure.
Core Components
Sentinel Drone (Agent)
The agent is built with Python and Flask, utilizing SQLAlchemy for state management. It runs as a systemd service (`sentinel.service`) and manages background tasks via APScheduler.
MySQLAnalyzer
A custom module that parses the MySQL slow query log, normalizes queries, and executes `EXPLAIN` plans to identify missing indexes, filesort issues, and full table scans.
Autopilot Algorithms
Index Suggestion Logic
Sentinel uses a weighted scoring system to prioritize index candidates:
score = (query_frequency * avg_latency) / rows_examined
if rows_examined > 10000 and 'Using filesort' in explain_plan:
suggest_index(columns, priority='HIGH')Security State Sync
The Security Autopilot periodically scans for active listening ports and ensures corresponding Fail2Ban jails are active:
active_services = get_listening_ports()
for service in active_services:
if not f2b_manager.has_jail(service):
f2b_manager.create_jail(service)
f2b_manager.reload()Internal API Reference
| Endpoint | Method | Description |
|---|---|---|
| /api/v1/status | GET | Returns global system health and counters. |
| /api/v1/optimizations | GET | Lists pending and applied index suggestions. |
| /api/v1/queen/sync | POST | Syncs anonymized reports with Queen backend. |
Deployment Guide
Sentinel is typically deployed via Gunicorn behind a Caddy reverse proxy. The installation script handles the creation of the `sentinel` user and the necessary systemd units.
sentinel.service
[Unit] Description=Sentinel AI Drone After=network.target mysql.service [Service] User=sentinel WorkingDirectory=/opt/sentinel ExecStart=/opt/sentinel/venv/bin/gunicorn -w 4 -b 127.0.0.1:5000 app:app