bosh_agent 1.5.0.pre.1113

data/lib/bosh_agent/apply_plan/package.rb

@@ -0,0 +1,58 @@
+# Copyright (c) 2009-2012 VMware, Inc.
+
+module Bosh::Agent
+  module ApplyPlan
+    class Package
+
+      class InstallationError < StandardError; end
+
+      include ApplyPlan::Helpers
+
+      attr_reader :install_path
+      attr_reader :link_path
+
+      def initialize(spec)
+        validate_spec(spec)
+
+        @base_dir = Bosh::Agent::Config.base_dir
+        @name = spec['name']
+        @version = spec['version']
+        @checksum = spec['sha1']
+        @blobstore_id = spec['blobstore_id']
+
+        @install_path = File.join(@base_dir, 'data', 'packages',
+                                  @name, @version)
+        @link_path = File.join(@base_dir, 'packages', @name)
+      end
+
+      def install_for_job(job)
+        unless @installed_for_sys
+          fetch_bits
+          @installed_for_sys = true
+        end
+        create_symlink_in_job(job) if job
+      rescue SystemCallError => e
+        install_failed("System call error: #{e.message}")
+      end
+
+      private
+
+      def create_symlink_in_job(job)
+        symlink_path = symlink_path_in_job(job)
+        FileUtils.mkdir_p(File.dirname(symlink_path))
+
+        Bosh::Agent::Util.create_symlink(@install_path, symlink_path)
+      end
+
+      def symlink_path_in_job(job)
+        File.join(job.install_path, 'packages', @name)
+      end
+
+      def install_failed(message)
+        raise InstallationError, 'Failed to install package ' +
+                                 "'#{@name}': #{message}"
+      end
+
+    end
+  end
+end

data/lib/bosh_agent/apply_plan/plan.rb

@@ -0,0 +1,96 @@
+# Copyright (c) 2009-2012 VMware, Inc.
+
+module Bosh::Agent
+  module ApplyPlan
+    class Plan
+
+      attr_reader :deployment
+      attr_reader :jobs
+      attr_reader :packages
+
+      def initialize(spec)
+        unless spec.is_a?(Hash)
+          raise ArgumentError, "Invalid spec format, Hash expected, " +
+                               "#{spec.class} given"
+        end
+
+        @spec = spec
+        @deployment = spec["deployment"]
+        @jobs = []
+        @packages = []
+        @config_binding = Bosh::Agent::Util.config_binding(spec)
+
+        job_spec = spec["job"]
+        package_specs = spec["packages"]
+
+        # By default stemcell VM has '' as job
+        # in state.yml, handling this very special case
+        if job_spec && job_spec != ""
+          job_name = job_spec["name"]
+          if is_legacy_spec?(job_spec)
+            @jobs << Job.new(job_name, job_spec["template"], job_spec,
+                @config_binding)
+          else
+            job_spec["templates"].each do |template_spec|
+              @jobs << Job.new(job_name, template_spec["name"], template_spec,
+                  @config_binding)
+            end
+          end
+        end
+
+        if package_specs
+          unless package_specs.is_a?(Hash)
+            raise ArgumentError, "Invalid package specs format " +
+                                 "in apply spec, Hash expected " +
+                                 "#{package_specs.class} given"
+          end
+
+          package_specs.each_pair do |package_name, package_spec|
+            @packages << Package.new(package_spec)
+          end
+        end
+      end
+
+      def is_legacy_spec?(job_spec)
+        return job_spec["template"] && !job_spec["templates"]
+      end
+
+      def has_jobs?
+        !@jobs.empty?
+      end
+
+      def has_packages?
+        !@packages.empty?
+      end
+
+      def configured?
+        @spec.key?("configuration_hash")
+      end
+
+      def install_jobs
+        @jobs.each do |job|
+          job.install
+        end
+      end
+
+      def install_packages
+        @jobs.each do |job|
+          @packages.each do |package|
+            package.install_for_job(job)
+          end
+        end
+      end
+
+      # Configure the 1+ job templates (job colocation)
+      # They are reversed for the purposes of ensuring monit
+      # starts them in the order that they are specified
+      # in the original deployment manifest
+      def configure_jobs
+        @jobs.reverse.each_with_index do |job, job_index|
+          job.configure(job_index)
+        end
+      end
+
+    end
+  end
+end

data/lib/bosh_agent/bootstrap.rb

@@ -0,0 +1,341 @@
+# Copyright (c) 2009-2012 VMware, Inc.
+
+require 'rexml/document'
+require 'netaddr'
+require 'erb'
+require 'tempfile'
+require 'fileutils'
+require 'pathname'
+require 'openssl'
+
+module Bosh::Agent
+  class Bootstrap
+    include Bosh::Exec
+
+    def initialize
+      FileUtils.mkdir_p(File.join(base_dir, 'bosh'))
+      @platform = Bosh::Agent::Config.platform
+    end
+
+    def logger
+      Bosh::Agent::Config.logger
+    end
+
+    def base_dir
+      Bosh::Agent::Config.base_dir
+    end
+
+    def store_path
+      File.join(base_dir, 'store')
+    end
+
+    def configure
+      logger.info("Configuring instance")
+
+      load_settings
+      logger.info("Loaded settings: #{@settings.inspect}")
+
+      if @settings
+        update_iptables
+        update_passwords
+        update_agent_id
+        update_credentials
+        update_hostname
+        update_mbus
+        update_blobstore
+        setup_networking
+        update_time
+        setup_data_disk
+        setup_tmp
+
+        Bosh::Agent::Monit.setup_monit_user
+        Bosh::Agent::Monit.setup_alerts
+
+        mount_persistent_disk
+        harden_permissions
+      end
+      { "settings" => @settings }
+    end
+
+    def load_settings
+      @settings = Bosh::Agent::Settings.load
+      Bosh::Agent::Config.settings = @settings
+    end
+
+    def iptables(cmd)
+      output = %x{iptables #{cmd} 2> /dev/null}
+      if $?.exitstatus != 0
+        raise Bosh::Agent::Error, "`iptables #{cmd}` failed"
+      end
+      output
+    end
+
+    def update_iptables
+      return unless rules = @settings['iptables']
+
+      if rules["drop_output"]
+        chain = "agent-filter"
+        append_chain = "-A OUTPUT -j #{chain}"
+
+        begin
+          iptables("-N #{chain}")
+        rescue
+          iptables("-F #{chain}")
+        end
+
+        unless iptables("-S").include?(append_chain)
+          iptables(append_chain)
+        end
+
+        rules["drop_output"].each do |dest|
+          rule = "-A #{chain} -d #{dest} -m owner ! --uid-owner root -j DROP"
+          iptables(rule)
+        end
+      end
+    end
+
+    def update_passwords
+      @platform.update_passwords(@settings) unless @settings["env"].nil?
+    end
+
+    def update_agent_id
+      Bosh::Agent::Config.agent_id = @settings["agent_id"]
+    end
+
+    def update_credentials
+      env = @settings["env"]
+      if env && bosh_env = env["bosh"]
+        if bosh_env["credentials"]
+          Bosh::Agent::Config.credentials = bosh_env["credentials"]
+        end
+      end
+    end
+
+    def update_hostname
+      agent_id = @settings['agent_id']
+
+      template = ERB.new(ETC_HOST_TEMPLATE, 0, '%<>-')
+      result = template.result(binding)
+      File.open('/etc/hosts', 'w') { |f| f.puts(result) }
+
+      `hostname #{agent_id}`
+      File.open('/etc/hostname', 'w') { |f| f.puts(agent_id) }
+    end
+
+    def update_mbus
+      Bosh::Agent::Config.mbus = @settings['mbus']
+    end
+
+    def update_blobstore
+      blobstore_settings = @settings["blobstore"]
+
+      blobstore_provider =  blobstore_settings["provider"]
+      blobstore_options =  blobstore_settings["options"]
+
+      Bosh::Agent::Config.blobstore_provider = blobstore_provider
+      Bosh::Agent::Config.blobstore_options.merge!(blobstore_options)
+    end
+
+    def setup_networking
+      Bosh::Agent::Config.platform.setup_networking
+    end
+
+    def update_time
+      ntp_servers = @settings['ntp'].join(" ")
+      unless ntp_servers.empty?
+        logger.info("Configure ntp-servers: #{ntp_servers}")
+        Bosh::Agent::Util.update_file(ntp_servers, '/var/vcap/bosh/etc/ntpserver')
+        output = `ntpdate #{ntp_servers}`
+        logger.info(output)
+      else
+        logger.warn("no ntp-servers configured")
+      end
+    end
+
+    def setup_data_disk
+      data_mount = File.join(base_dir, "data")
+      FileUtils.mkdir_p(data_mount)
+
+      data_disk = Bosh::Agent::Config.platform.get_data_disk_device_name
+      if data_disk
+        unless File.blockdev?(data_disk)
+          logger.warn("Data disk is not a block device: #{data_disk}")
+          return
+        end
+
+        swap_partition = "#{data_disk}1"
+        data_partition = "#{data_disk}2"
+
+        swap_turned_on = sh("cat /proc/swaps | grep #{swap_partition}", :on_error => :return).success?
+        data_partition_mounted = sh("mount | grep #{data_partition}", :on_error => :return).success?
+
+        if Dir.glob("#{data_disk}[1-2]").empty?
+          logger.info("Found unformatted drive")
+          logger.info("Partition #{data_disk}")
+          Bosh::Agent::Util.partition_disk(data_disk, data_sfdisk_input)
+
+          logger.info("Create swap and data partitions")
+          sh "mkswap #{swap_partition}"
+
+          mke2fs_options = ["-t ext4", "-j"]
+          mke2fs_options << "-E lazy_itable_init=1" if Bosh::Agent::Util.lazy_itable_init_enabled?
+          sh "/sbin/mke2fs #{mke2fs_options.join(" ")} #{data_partition}"
+        end
+
+        unless swap_turned_on
+          logger.info("Swapon partition #{swap_partition}")
+          sh "swapon #{swap_partition}"
+        end
+
+        unless data_partition_mounted
+          unless Pathname.new(data_mount).mountpoint?
+            logger.info("Mount data partition #{data_partition} to #{data_mount}")
+            sh "mount #{data_partition} #{data_mount}"
+          end
+        end
+      end
+
+      setup_data_sys
+    end
+
+    def data_sfdisk_input
+      ",#{swap_size},S\n,,L\n"
+    end
+
+    def swap_size
+      data_disk = Bosh::Agent::Config.platform.get_data_disk_device_name
+      disk_size = Util.block_device_size(data_disk)
+      if mem_total > disk_size/2
+        return (disk_size/2)/1024
+      else
+        return mem_total/1024
+      end
+    end
+
+    def mem_total
+      # MemTotal:        3952180 kB
+      File.readlines('/proc/meminfo').first.split(/\s+/)[1].to_i
+    end
+
+    def setup_data_sys
+      %w{log run}.each do |dir|
+        path = "#{base_dir}/data/sys/#{dir}"
+        %x[mkdir -p #{path}]
+        %x[chown root:vcap #{path}]
+        %x[chmod 0750 #{path}]
+      end
+      %x[ln -nsf #{base_dir}/data/sys #{base_dir}/sys]
+    end
+
+    def setup_tmp
+      # use a custom TMPDIR for agent itself
+      agent_tmp_dir = File.join(base_dir, 'data', 'tmp')
+      FileUtils.mkdir_p(agent_tmp_dir)
+      ENV["TMPDIR"] = agent_tmp_dir
+
+      # first time: for /tmp on the root fs
+      tmp_permissions
+
+      unless Pathname.new('/tmp').mountpoint?
+        tmp_size = 128
+        root_tmp = File.join(base_dir, 'data', 'root_tmp')
+
+        # If it's not mounted on /tmp - we don't care - blow it away
+        %x[/usr/bin/truncate -s #{tmp_size}M #{root_tmp}]
+        %x[chmod 0700 #{root_tmp}]
+        %x[mke2fs -t ext4 -m 1 -F #{root_tmp}]
+
+        %x[mount -t ext4 -o loop #{root_tmp} /tmp]
+
+        # 2nd time for the new /tmp mount
+        tmp_permissions
+      end
+    end
+
+    def tmp_permissions
+      %x[chown root:#{BOSH_APP_USER} /tmp]
+      %x[chmod 0770 /tmp]
+      %x[chmod 0700 /var/tmp]
+    end
+
+    def mount_persistent_disk
+      if @settings['disks']['persistent'].keys.size > 1
+        # hell on earth
+        raise Bosh::Agent::FatalError, "Fatal: more than one persistent disk on boot"
+      else
+        cid = @settings['disks']['persistent'].keys.first
+        if cid
+          Bosh::Agent::Config.platform.mount_persistent_disk(cid)
+        end
+      end
+    end
+
+    def harden_permissions
+      setup_cron_at_allow
+
+      # use this instead of removing vcap from the cdrom group, as there
+      # is no way to easily do that from the command line
+      root_only_rw = %w{
+        /dev/sr0
+      }
+      root_only_rw.each do |path|
+        %x[chmod 0660 #{path}]
+        %x[chown root:root #{path}]
+      end
+
+      root_app_user_rw = %w{
+        /dev/log
+      }
+      root_app_user_rw.each do |path|
+        %x[chmod 0660 #{path}]
+        %x[chown root:#{BOSH_APP_USER} #{path}]
+      end
+
+      root_app_user_rwx = %w{
+        /dev/shm
+        /var/lock
+      }
+      root_app_user_rwx.each do |path|
+        %x[chmod 0770 #{path}]
+        %x[chown root:#{BOSH_APP_USER} #{path}]
+      end
+
+      root_rw_app_user_read = %w{
+        /etc/cron.allow
+        /etc/at.allow
+      }
+      root_rw_app_user_read.each do |path|
+        %x[chmod 0640 #{path}]
+        %x[chown root:#{BOSH_APP_USER} #{path}]
+      end
+
+      no_other_read = %w{
+        /data/vcap/data
+        /data/vcap/store
+      }
+      no_other_read.each do |path|
+        %[chmod o-r #{path}]
+      end
+
+    end
+
+    def setup_cron_at_allow
+      %w{/etc/cron.allow /etc/at.allow}.each do |file|
+        File.open(file, 'w') { |fh| fh.puts(BOSH_APP_USER) }
+      end
+    end
+
+    ETC_HOST_TEMPLATE = <<TEMPLATE
+127.0.0.1 localhost <%= agent_id %>
+
+# The following lines are desirable for IPv6 capable hosts
+::1 localhost ip6-localhost ip6-loopback <%= agent_id %>
+fe00::0 ip6-localnet
+ff00::0 ip6-mcastprefix
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
+ff02::3 ip6-allhosts
+TEMPLATE
+
+  end
+end

data/lib/bosh_agent/config.rb

@@ -0,0 +1,5 @@
+require 'bosh_agent/configuration'
+
+module Bosh::Agent
+  Config = Configuration.new
+end

data/lib/bosh_agent/configuration.rb

@@ -0,0 +1,102 @@
+module Bosh::Agent
+  class Configuration
+    DEFAULT_BASE_DIR = '/var/vcap'
+    CONFIG_OPTIONS = [
+      :base_dir,
+      :logger,
+      :mbus,
+      :agent_id,
+      :configure,
+      :blobstore,
+      :blobstore_provider,
+      :blobstore_options,
+      :system_root,
+      :infrastructure_name,
+      :platform_name,
+      :nats,
+      :process_alerts,
+      :smtp_port,
+      :smtp_user,
+      :smtp_password,
+      :heartbeat_interval,
+      :settings_file,
+      :settings,
+      :state,
+      :credentials
+    ]
+
+    CONFIG_OPTIONS.each do |option|
+      attr_accessor option
+    end
+
+    def clear
+      CONFIG_OPTIONS.each do |option|
+        send("#{option}=", nil)
+      end
+    end
+
+    def setup(config)
+      @configure = config['configure']
+
+      # it is the responsibillity of the caller to make sure the dir exist
+      logging_config = config.fetch('logging', {})
+      @logger = Logger.new(logging_config.fetch('file', STDOUT))
+      @logger.level = Logger.const_get(logging_config.fetch('level', 'info').upcase)
+
+      @base_dir = config['base_dir'] || DEFAULT_BASE_DIR
+      @agent_id = config['agent_id']
+
+      @mbus = config['mbus']
+
+      @blobstore_options = config['blobstore_options']
+      @blobstore_provider = config['blobstore_provider']
+
+      @infrastructure_name = config['infrastructure_name']
+      @platform_name = config['platform_name']
+
+      @system_root = config['root_dir'] || '/'
+
+      @process_alerts = config['process_alerts']
+      @smtp_port = config['smtp_port']
+      @smtp_user = 'vcap'
+      @smtp_password = random_password(8)
+
+      @heartbeat_interval = config['heartbeat_interval']
+
+      unless @configure
+        @logger.info("Configuring Agent with: #{config.inspect}")
+      end
+
+      @settings_file = File.join(@base_dir, 'bosh', 'settings.json')
+
+      @credentials = config['credentials']
+
+      @settings = {}
+
+      @state = State.new(File.join(@base_dir, 'bosh', 'state.yml'))
+    end
+
+    def infrastructure
+      @infrastructure ||= Bosh::Agent::Infrastructure.new(@infrastructure_name).infrastructure
+    end
+
+    def platform
+      @platform ||= Bosh::Agent::Platform.platform(@platform_name)
+    end
+
+    def random_password(len)
+      OpenSSL::Random.random_bytes(len).unpack('H*')[0]
+    end
+
+    def default_ip
+      ip = nil
+      @state['networks'].each do |k, v|
+        ip = v['ip'] if ip.nil?
+        if v.key?('default')
+          ip = v['ip']
+        end
+      end
+      ip
+    end
+  end
+end

data/lib/bosh_agent/disk_util.rb

@@ -0,0 +1,103 @@
+module Bosh::Agent
+  class DiskUtil
+    class << self
+      def logger
+        Bosh::Agent::Config.logger
+      end
+
+      def base_dir
+        Bosh::Agent::Config.base_dir
+      end
+
+      def mount_entry(partition)
+        File.read('/proc/mounts').lines.select { |l| l.match(/#{partition}/) }.first
+      end
+
+      GUARD_RETRIES = 600
+      GUARD_SLEEP = 1
+
+      def umount_guard(mountpoint)
+        umount_attempts = GUARD_RETRIES
+
+        loop do
+          umount_output = `umount #{mountpoint} 2>&1`
+
+          if $?.exitstatus == 0
+            break
+          elsif umount_attempts != 0 && umount_output =~ /device is busy/
+            #when umount2 syscall fails and errno == EBUSY, umount.c outputs:
+            # "umount: %s: device is busy.\n"
+            sleep GUARD_SLEEP
+            umount_attempts -= 1
+          else
+            raise Bosh::Agent::MessageHandlerError,
+                  "Failed to umount #{mountpoint}: #{umount_output}"
+          end
+        end
+
+        attempts = GUARD_RETRIES - umount_attempts
+        logger.info("umount_guard #{mountpoint} succeeded (#{attempts})")
+      end
+
+      # Pay a penalty on this check the first time a persistent disk is added to a system
+      def ensure_no_partition?(disk, partition)
+        check_count = 2
+        check_count.times do
+          if sfdisk_lookup_partition(disk, partition).empty?
+            # keep on trying
+          else
+            if File.blockdev?(partition)
+              return false # break early if partition is there
+            end
+          end
+          sleep 1
+        end
+
+        # Double check that the /dev entry is there
+        if File.blockdev?(partition)
+          return false
+        else
+          return true
+        end
+      end
+
+      def sfdisk_lookup_partition(disk, partition)
+        `sfdisk -Llq #{disk}`.lines.select { |l| l.match(%q{/\A#{partition}.*83.*Linux}) }
+      end
+
+      def get_usage
+        usage = {
+          system: fs_usage_safe('/')
+        }
+        ephemeral_percent = fs_usage_safe(File.join(base_dir, 'data'))
+        usage[:ephemeral] = ephemeral_percent if ephemeral_percent
+        persistent_percent = fs_usage_safe(File.join(base_dir, 'store'))
+        usage[:persistent] = persistent_percent if persistent_percent
+
+        usage
+      end
+
+      private
+      # Calculate file_system_usage
+      def fs_usage_safe(path)
+        sigar = SigarBox.create_sigar
+        fs_list = sigar.file_system_list
+
+        fs = fs_list.find {|fs| fs.dir_name == path}
+        return unless fs
+
+        usage = sigar.file_system_usage(path)
+        space_usage_percent = (usage.use_percent * 100)
+
+        # inode pct calculation taken from 'df' src
+        # http://lingrok.org/xref/coreutils/src/df.c
+        inode_total = usage.files
+        inode_used_100 = (inode_total - usage.free_files) * 100
+        inode_usage_percent = inode_used_100 / inode_total + (inode_used_100 % inode_total != 0 ? 1 : 0)
+
+        { percent: space_usage_percent.to_i.to_s, inode_percent: inode_usage_percent.to_i.to_s }
+      end
+
+    end
+  end
+end