bosh_agent 1.5.0.pre.1113

data/bin/bosh_agent

@@ -0,0 +1,102 @@
+#!/usr/bin/env ruby
+#
+# Copyright (c) 2009-2012 VMware, Inc.
+
+require "bosh_agent"
+require "optparse"
+
+# Defaults
+options = {
+    "configure" => false,
+    "logging" => {"level" => "DEBUG"},
+    "mbus" => "nats://localhost:4222",
+    "agent_id" => "not_configured",
+    "blobstore_options" => {},
+    "blobstore_provider" => "simple",
+    "infrastructure_name" => "vsphere",
+    "platform_name" => "ubuntu",
+    "base_dir" => "/var/vcap",
+    "smtp_port" => 2825,
+    "process_alerts" => true,
+    "heartbeat_interval" => 60
+}
+
+opts = OptionParser.new do |opts|
+  opts.on("-c", "--configure", "Invoke") do |opt|
+    options["configure"] = true
+  end
+
+  opts.on("-a", "--agent_id String", "Agent ID") do |opt|
+    options["agent_id"] = opt
+  end
+
+  opts.on("-b", "--base_dir String", "Base directory") do |opt|
+    options["base_dir"] = opt
+  end
+
+  opts.on("-l", "--log_level String", "Log level") do |opt|
+    options["logging"] = {"level" => opt}
+  end
+
+  opts.on("-n", "--nats String", "Nats/mbus (nats://user:pass@host:port)") do |opt|
+    options["mbus"] = opt
+  end
+
+  opts.on("-p", "--provider String", "Blobstore provider") do |opt|
+    options["blobstore_provider"] = opt
+  end
+
+  opts.on("-I", "--infrastructure String", "Infrastructure") do |opt|
+    options["infrastructure_name"] = opt
+  end
+
+  opts.on("-P", "--platform String", "Platform") do |opt|
+    options["platform_name"] = opt
+  end
+
+  opts.on("-r", "--root_dir String", "Root directory") do |opt|
+    options["root_dir"] = opt
+  end
+
+  opts.on("-t", "--smtp-port Integer", "Built-in SMTP server port") do |opt|
+    options["smtp_port"] = opt
+  end
+
+  opts.on("--no-alerts", "Don't process alerts from Monit or sshd") do |opt|
+    options["process_alerts"] = false
+  end
+
+  opts.on("-h", "--heartbeat-interval Integer", "Heartbeat interval") do |opt|
+    options["heartbeat_interval"] = opt
+  end
+
+  opts.on("-s", "--blobstore String", "Blobstore options") do |opt|
+    uri = URI(opt)
+    bs_opts = options['blobstore_options']
+
+    if uri.user
+      bs_opts.merge!('user' => uri.user)
+      uri.user = nil
+    end
+
+    if uri.password
+      bs_opts.merge!('password' => uri.password)
+      uri.password = nil
+    end
+
+    # handle both 'file://foo/bar' and '/foo/bar'
+    if uri.scheme == 'file' || uri.scheme.nil?
+      bs_opts['blobstore_path'] = uri.path
+    else
+      bs_opts['endpoint'] = uri.to_s
+    end
+  end
+
+  opts.on("--help", "Help") do
+    puts opts
+    exit 0
+  end
+end
+opts.parse!(ARGV.dup)
+
+Bosh::Agent::Runner.run(options)

data/lib/bosh_agent/alert.rb

@@ -0,0 +1,191 @@
+# Copyright (c) 2009-2012 VMware, Inc.
+
+module Bosh::Agent
+  class Alert
+
+    ALERT_RETRIES    = 3
+    RETRY_PERIOD     = 1 # second
+    SEVERITY_CUTOFF  = 5
+    DEFAULT_SEVERITY = 2
+
+    # The main area of responsibility for this class is conversion
+    # of Monit alert format to BOSH Health Monitor alert format.
+
+    attr_reader :id, :service, :event, :description, :action, :date, :severity
+
+    def self.register(attrs)
+      new(attrs).register
+    end
+
+    def initialize(attrs)
+      unless attrs.is_a?(Hash)
+        raise ArgumentError, "#{self.class} expects an attributes Hash as a parameter"
+      end
+
+      @logger   = Config.logger
+      @nats     = Config.nats
+      @agent_id = Config.agent_id
+      @state    = Config.state
+
+      @id          = attrs[:id]
+      @service     = attrs[:service]
+      @event       = attrs[:event]
+      @action      = attrs[:action]
+      @date        = attrs[:date]
+      @description = attrs[:description]
+      @severity    = self.calculate_severity
+    end
+
+    # As we don't (currently) require ACKs for alerts we might need to
+    # send alerts several times in case HM temporarily goes down
+    def register
+      return if severity >= SEVERITY_CUTOFF || severity <= 0
+
+      ALERT_RETRIES.times do |i|
+        EM.add_timer(i * RETRY_PERIOD) do
+          send_via_mbus
+        end
+      end
+    end
+
+    def send_via_mbus
+      if @state.nil?
+        @logger.warn("Unable to send alert: unknown agent state")
+        return
+      end
+
+      if @state["job"].blank?
+        @logger.info("No job, ignoring alert")
+        return
+      end
+
+      @nats.publish("hm.agent.alert.#{@agent_id}", Yajl::Encoder.encode(converted_alert_data))
+    end
+
+    def converted_alert_data
+      # INPUT: id, service, event, action, date, description
+      # OUTPUT: id, severity, title, summary, created_at (unix timestamp)
+      {
+        "id"         => @id,
+        "severity"   => self.calculate_severity,
+        "title"      => self.title,
+        "summary"    => @description,
+        "created_at" => self.timestamp
+      }
+    end
+
+    def title
+      ips = @state.ips
+      service = ips.size > 0 ? "#{@service} (#{ips.sort.join(", ")})" : @service
+      "#{service} - #{@event} - #{@action}"
+    end
+
+    def timestamp
+      Time.rfc822(@date).utc.to_i
+    rescue ArgumentError => e
+      @logger.warn("Cannot parse monit alert date `#{@date}', using current time instead")
+      Time.now.utc.to_i
+    end
+
+    def calculate_severity
+      known_severity = SEVERITY_MAP[@event.to_s.downcase]
+      if known_severity.nil?
+        @logger.warn("Unknown monit event name `#{@event}', using default severity #{DEFAULT_SEVERITY}")
+        DEFAULT_SEVERITY
+      else
+        known_severity
+      end
+    end
+
+    # use same values as syslog
+    ALERT = 1
+    CRITICAL = 2
+    ERROR = 3
+    WARNING = 4
+    IGNORED = -1
+    
+    SEVERITY_MAP = {
+      "action done" => IGNORED,
+      "checksum failed" => CRITICAL,
+      "checksum changed" => WARNING,
+      "checksum succeeded" => IGNORED,
+      "checksum not changed" => IGNORED,
+      "connection failed" => ALERT,
+      "connection succeeded" => IGNORED,
+      "connection changed" => ERROR,
+      "connection not changed" => IGNORED,
+      "content failed" => ERROR,
+      "content succeeded" => IGNORED,
+      "content match" => IGNORED,
+      "content doesn't match" => ERROR,
+      "data access error" => ERROR,
+      "data access succeeded" => IGNORED,
+      "data access changed" => WARNING,
+      "data access not changed" => IGNORED,
+      "execution failed" => ALERT,
+      "execution succeeded" => IGNORED,
+      "execution changed" => WARNING,
+      "execution not changed" => IGNORED,
+      "filesystem flags failed" => ERROR,
+      "filesystem flags succeeded" => IGNORED,
+      "filesystem flags changed" => WARNING,
+      "filesystem flags not changed" => IGNORED,
+      "gid failed" => ERROR,
+      "gid succeeded" => IGNORED,
+      "gid changed" => WARNING,
+      "gid not changed" => IGNORED,
+      "heartbeat failed" => ERROR,
+      "heartbeat succeeded" => IGNORED,
+      "heartbeat changed" => WARNING,
+      "heartbeat not changed" => IGNORED,
+      "icmp failed" => CRITICAL,
+      "icmp succeeded" => IGNORED,
+      "icmp changed" => WARNING,
+      "icmp not changed" => IGNORED,
+      "monit instance failed" => ALERT,
+      "monit instance succeeded" => IGNORED,
+      "monit instance changed" => IGNORED,
+      "monit instance not changed" => IGNORED,
+      "invalid type" => ERROR,
+      "type succeeded" => IGNORED,
+      "type changed" => WARNING,
+      "type not changed" => IGNORED,
+      "does not exist" => ALERT,
+      "exists" => IGNORED,
+      "existence changed" => WARNING,
+      "existence not changed" => IGNORED,
+      "permission failed" => ERROR,
+      "permission succeeded" => IGNORED,
+      "permission changed" => WARNING,
+      "permission not changed" => IGNORED,
+      "pid failed" => CRITICAL,
+      "pid succeeded" => IGNORED,
+      "pid changed" => WARNING,
+      "pid not changed" => IGNORED,
+      "ppid failed" => CRITICAL,
+      "ppid succeeded" => IGNORED,
+      "ppid changed" => WARNING,
+      "ppid not changed" => IGNORED,
+      "resource limit matched" => ERROR,
+      "resource limit succeeded" => IGNORED,
+      "resource limit changed" => WARNING,
+      "resource limit not changed" => IGNORED,
+      "size failed" => ERROR,
+      "size succeeded" => IGNORED,
+      "size changed" => ERROR,
+      "size not changed" => IGNORED,
+      "timeout" => CRITICAL,
+      "timeout recovery" => IGNORED,
+      "timeout changed" => WARNING,
+      "timeout not changed" => IGNORED,
+      "timestamp failed" => ERROR,
+      "timestamp succeeded" => IGNORED,
+      "timestamp changed" => WARNING,
+      "timestamp not changed" => IGNORED,
+      "uid failed" => CRITICAL,
+      "uid succeeded" => IGNORED,
+      "uid changed" => WARNING,
+      "uid not changed" => IGNORED
+    }
+  end
+end

data/lib/bosh_agent/alert_processor.rb

@@ -0,0 +1,96 @@
+# Copyright (c) 2009-2012 VMware, Inc.
+
+module Bosh::Agent
+
+  # AlertProcessor is a simple SMTP server + callback for processing alerts.
+  # It is primarily meant to be used with Monit.
+
+  class AlertProcessor
+    class Error < StandardError; end
+
+    def self.start(host, port, user, password)
+      processor = new(host, port, user, password)
+      processor.start
+      processor
+    end
+
+    def initialize(host, port, smtp_user, smtp_password)
+      @host          = host
+      @port          = port
+      @smtp_user     = smtp_user
+      @smtp_password = smtp_password
+      @logger        = Config.logger
+    end
+
+    def start
+      unless EM.reactor_running?
+        raise Error, "Cannot start SMTP server as event loop is not running"
+      end
+
+      @server = EM.start_server(@host, @port, Bosh::Agent::SmtpServer, :user => @smtp_user, :password => @smtp_password, :processor => self)
+      @logger.info "Now accepting SMTP connections on address #{@host}, port #{@port}"
+    end
+
+    def stop
+      if @server
+        if EM.reactor_running?
+          EM.stop_server(@server)
+          @logger.info "Stopped alert processor"
+        end
+        @server = nil
+      end
+    end
+
+    # Processes raw alert received by email (i.e. from Monit).
+    #
+    # == Parameters:
+    # raw_email::
+    #   A String containg raw alert data. In Monit case it is essentially
+    #   a raw email text (incl. headers). We only accept the following
+    #   Monit alert format:
+    #   set mail-format {
+    #     from: monit@localhost
+    #     subject: Monit Alert
+    #     message: Service: $SERVICE
+    #   Event: $EVENT
+    #   Action: $ACTION
+    #   Date: $DATE
+    #   Description: $DESCRIPTION
+    #   }
+
+    # == Returns:
+    # true if succeeded to process the alert, false if failed
+    #
+    def process_email_alert(raw_email)
+      create_alert_from_email(raw_email).register
+    end
+
+    def create_alert_from_email(raw_email)
+      @logger.debug "Received email alert: #{raw_email}"
+
+      attrs = { }
+
+      raw_email.split(/\r?\n/).each do |line|
+        case line
+        when /^\s*Message-id:\s*<(.*)>$/i
+          attrs[:id] = $1.split("@")[0] # Remove host
+        when /^\s*Service:\s*(.*)$/i
+          attrs[:service] = $1
+        when /^\s*Event:\s*(.*)$/i
+          attrs[:event] = $1
+        when /^\s*Action:\s*(.*)$/i
+          attrs[:action] = $1
+        when /^\s*Date:\s*(.*)$/i
+          attrs[:date] = $1
+        when /^\s*Description:\s*(.*)$/i
+          attrs[:description] = $1
+        end
+      end
+
+      @logger.debug("Extracted email alert data: #{attrs}")
+      Alert.new(attrs)
+    end
+
+  end
+
+end

data/lib/bosh_agent/apply_plan/helpers.rb

@@ -0,0 +1,30 @@
+module Bosh::Agent
+  module ApplyPlan
+    module Helpers
+
+      private
+
+      def validate_spec(spec)
+        unless spec.is_a?(Hash)
+          raise ArgumentError, "Invalid #{self.class} spec: " +
+              "Hash expected, #{spec.class} given"
+        end
+
+        required_keys = %w(name version sha1 blobstore_id)
+        missing_keys = required_keys.select { |k| spec[k].nil? }
+        unless missing_keys.empty?
+          raise ArgumentError, "Invalid #{self.class} spec: " +
+              "#{missing_keys.join(', ')} missing"
+        end
+      end
+
+      def fetch_bits
+        FileUtils.mkdir_p(File.dirname(@install_path))
+        FileUtils.mkdir_p(File.dirname(@link_path))
+
+        Bosh::Agent::Util.unpack_blob(@blobstore_id, @checksum, @install_path)
+        Bosh::Agent::Util.create_symlink(@install_path, @link_path)
+      end
+    end
+  end
+end

data/lib/bosh_agent/apply_plan/job.rb

@@ -0,0 +1,235 @@
+# Copyright (c) 2009-2012 VMware, Inc.
+
+module Bosh::Agent
+  module ApplyPlan
+    class Job
+
+      class InstallationError < StandardError; end
+      class ConfigurationError < StandardError; end
+
+      include ApplyPlan::Helpers
+
+      attr_reader :install_path
+      attr_reader :link_path
+      attr_reader :template
+
+      # Initializes a job.
+      # @param [String] job_name The name of the job being set up, such as
+      #     "nats".
+      # @param [Hash] template_spec A hash that came from the apply spec
+      #     message.  This hash contains information about the template that is
+      #     to be setup in this job.  It has keys such as:
+      #     "name", "version", "sha1", "blobstore_id"
+      # @param [Bosh::Agent::Util::BindingHelper] config_binding A binding
+      #     helper instance.
+      def initialize(job_name, template_name, template_spec,
+          config_binding = nil)
+        validate_spec(template_spec)
+
+        @base_dir = Bosh::Agent::Config.base_dir
+        @name = "#{job_name}.#{template_name}"
+        @template = template_name
+        @version = template_spec['version']
+        @checksum = template_spec['sha1']
+        @blobstore_id = template_spec['blobstore_id']
+        @config_binding = config_binding
+
+        @install_path = File.join(@base_dir, 'data', 'jobs',
+                                  @template, @version)
+        @link_path = File.join(@base_dir, 'jobs', @template)
+      end
+
+      def install
+        fetch_bits
+        bind_configuration
+        harden_permissions
+      rescue SystemCallError => e
+        install_failed("system call error: #{e.message}")
+      end
+
+      def configure(job_index)
+        run_post_install_hook
+        configure_monit(job_index)
+      rescue SystemCallError => e
+        config_failed("system call error: #{e.message}")
+      end
+
+      private
+
+      def bind_configuration
+        if @config_binding.nil?
+          install_failed("unable to bind configuration, " +
+                         "no binding provided")
+        end
+
+        bin_dir = File.join(@install_path, "bin")
+        manifest_path = File.join(@install_path, "job.MF")
+
+        unless File.exists?(manifest_path)
+          install_failed("cannot find job manifest #{manifest_path}")
+        end
+
+        FileUtils.mkdir_p(bin_dir)
+
+        begin
+          manifest = Psych.load_file(manifest_path)
+        rescue Psych::SyntaxError
+          install_failed("malformed job manifest #{manifest_path}")
+        end
+
+        unless manifest.is_a?(Hash)
+          install_failed("invalid job manifest, " +
+                         "Hash expected, #{manifest.class} given")
+        end
+
+        templates = manifest["templates"] || {}
+
+        unless templates.kind_of?(Hash)
+          install_failed("invalid value for templates in job manifest, " +
+                         "Hash expected, #{templates.class} given")
+        end
+
+        templates.each_pair do |src, dst|
+          template_path = File.join(@install_path, "templates", src)
+          output_path = File.join(@install_path, dst)
+
+          unless File.exists?(template_path)
+            install_failed("template '#{src}' doesn't exist")
+          end
+
+          template = ERB.new(File.read(template_path))
+          template.filename = src
+          begin
+            result = template.result(@config_binding)
+          rescue Exception => e
+            # We are essentially running an arbitrary code,
+            # hence such a generic rescue clause
+            line_index = e.backtrace.index{ |l| l.include?(src) } || 0
+            line = e.backtrace[line_index].match(/:(\d+):/).captures.first
+            install_failed("failed to process configuration template " +
+                           "'#{src}': " +
+                           "line #{line}, error: #{e.message}")
+          end
+
+          FileUtils.mkdir_p(File.dirname(output_path))
+          File.open(output_path, "w") { |f| f.write(result) }
+
+          if File.basename(File.dirname(output_path)) == "bin"
+            FileUtils.chmod(0755, output_path)
+          end
+        end
+      end
+
+      def harden_permissions
+        return unless Bosh::Agent::Config.configure
+
+        FileUtils.chown_R("root", Bosh::Agent::BOSH_APP_USER, @install_path)
+        chmod_others = "chmod -R o-rwx #{@install_path} 2>&1"
+        chmod_group = "chmod g+rx #{@install_path} 2>&1"
+
+        out = %x(#{chmod_others})
+        unless $?.exitstatus == 0
+          install_failed("error executing '#{chmod_others}': #{out}")
+        end
+
+        out = %x(#{chmod_group})
+        unless $?.exitstatus == 0
+          install_failed("error executing '#{chmod_group}': #{out}")
+        end
+      end
+
+      def run_post_install_hook
+        Bosh::Agent::Util.run_hook("post_install", @template)
+      end
+
+      def configure_monit(job_index)
+        Dir.foreach(@install_path).each do |file|
+          full_path = File.expand_path(file, @install_path)
+
+          if file == "monit"
+            install_job_monitrc(full_path, @name, job_index)
+          elsif file =~ /(.*)\.monit$/
+            install_job_monitrc(full_path, "#{@name}_#{$1}", job_index)
+          end
+        end
+      end
+
+      def install_job_monitrc(template_path, label, job_index)
+        if @config_binding.nil?
+          config_failed("Unable to configure monit, " +
+                        "no binding provided")
+        end
+
+        template = ERB.new(File.read(template_path))
+        formatted_job_index = "%04d" % job_index
+        out_file = File.join(@install_path, "#{formatted_job_index}_#{label}.monitrc")
+
+        begin
+          result = template.result(@config_binding)
+        rescue Exception => e
+          line = e.backtrace.first.match(/:(\d+):/).captures.first
+          config_failed("failed to process monit template " +
+                        "'#{File.basename(template_path)}': " +
+                        "line #{line}, error: #{e.message}")
+        end
+
+        File.open(out_file, "w") do |f|
+          f.write(add_modes(result))
+        end
+
+        # Monit will load all {base_dir}/monit/job/*.monitrc files,
+        # so we need to blow away this directory when we clean up.
+        link_path = File.join(@base_dir, "monit", "job", "#{formatted_job_index}_#{label}.monitrc")
+
+        FileUtils.mkdir_p(File.dirname(link_path))
+        Bosh::Agent::Util.create_symlink(out_file, link_path)
+      end
+
+      # HACK
+      # Force manual mode on all services which don't have mode already set.
+      # FIXME: this parser is very simple and thus generates space-delimited
+      # output. Can be improved to respect indentation for mode. Also it doesn't
+      # skip quoted tokens.
+      def add_modes(job_monitrc)
+        state = :out
+        need_mode = true
+        result = ""
+
+        tokens = job_monitrc.split(/\s+/)
+
+        return "" if tokens.empty?
+
+        while (t = tokens.shift)
+          if t == "check"
+            if state == :in && need_mode
+              result << "mode manual "
+            end
+            state = :in
+            need_mode = true
+
+          elsif t == "mode" && %w(passive manual active).include?(tokens[0])
+            need_mode = false
+          end
+
+          result << t << " "
+        end
+
+        if need_mode
+          result << "mode manual "
+        end
+
+        result.strip
+      end
+
+      def install_failed(message)
+        raise InstallationError, "Failed to install job '#{@name}': #{message}"
+      end
+
+      def config_failed(message)
+        raise ConfigurationError, "Failed to configure job " +
+                                  "'#{@name}': #{message}"
+      end
+
+    end
+  end
+end