cheftacular 2.12.1 → 2.13.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: beb5fbd1287af65d3d6bb6cc57548ebfd4dfcdc6
4
- data.tar.gz: 49b01ae599af945412cfa5e192f10099fdc9b54c
3
+ metadata.gz: c17eeab4b20203f67317841f8f8bfbef7b0d63ae
4
+ data.tar.gz: b890661e40949e1b6588298e363899ad4b54445d
5
5
  SHA512:
6
- metadata.gz: c838c68b82fc04160920297b30ac80ccef096d18254c9eedb76f15014b9d789edeea667ecd42108e8064ff3d36ac5a08ee4c248be7a63490856cc141c4a3a232
7
- data.tar.gz: 57709f757fc71defb4224104a4b95940287a45ac292df54f3337ffbf6c83067d3f225d0eec3082bd6e320e10e838b6a8a62f6041f0482467ea9aa1124ff912ae
6
+ metadata.gz: 1c89fe7d7a292a2490e8c4f86a7d4d0485dcb37b3a7729e7bad0d35d67df6f5a14b6e98708304060e099d945a2e0d01fe5a203d944a3e406e6f4221752aad44c
7
+ data.tar.gz: a5e6ced3e2072ff71c093267bb665af25dfc20b3bd1a07d73ed57f589a11cab9469615af6021a2e2e581eb36391c37211647fb4d596da7db986d3eaacccaa03d
@@ -7,66 +7,6 @@
7
7
  3. [DevOps Commands](https://github.com/SocialCentivPublic/cheftacular/blob/master/lib/cheftacular/README.md#commands-that-can-only-be-run-in-the-devops-context)
8
8
 
9
9
 
10
- ## Arguments and flags for cheftacular
11
-
12
- ### Environment flags
13
-
14
- 1. `-d|--dev-remote` toggles on dev-remote mode. Commands passed to cft will hit the devremote server(s) instead of the default server(s)
15
-
16
- 2. `--env ENV` sets the environment commands hit to one you specify instead of the default one.
17
-
18
- 3. `-p|--prod` toggles on production mode. Commands passed to cft will hit the production server(s) instead of the default server(s)
19
-
20
- 4. `-Q|--qa` toggles on QA mode. Commands passed to cft will hit the QA server(s) instead of the default server(s)
21
-
22
- 5. `-s|--staging` toggles on staging mode. Commands passed to cft will hit the staging server(s) instead of the default server(s)
23
-
24
- 6. `--split-env SPLIT_ENV_NAME` sets the sub-environment to SPLIT_ENV_NAME. This only slightly affects certain commands.
25
-
26
- 7. `-t|--test` toggles on test mode. Commands passed to cft will hit the test server(s) instead of the default server(s)
27
-
28
- ### General Flags
29
-
30
- 1. `-a|--address ADDRESS` will force the command to only run against the specified address if it belongs to a node
31
-
32
- 2. `-D|--debug` toggles on extremely verbose logging. Chef-client runs will generate ~10 times the amounts of logs including any additional effects that the `-v` flag will activate
33
-
34
- 3. `--no-logs` will make the cft commands not generate log files, you must still specify `-v` if you want output of most verbose commands to your terminal.
35
-
36
- 4. `-n|--node-name NODE_NAME` will force the command to only run against the specified name if it belongs to a node
37
-
38
- 5. `-q|--quiet` will make the cft commands only output information that is a direct result of the command being run
39
-
40
- 6. `-r|--role-name ROLE_NAME` will force the command to only run against the specified role if it exists (this argument is generally not needed though it can be used to deploy a codebase for an application you're not currently cd'd into when running this as a gem)
41
-
42
- 7. `-R|--repository NAME` will make the command run against a specific repository or context (automatically set for application mode)
43
-
44
- 8. `-s|--search-node-name NODE_NAME` option will make this command return results that INCLUDE the NODE_NAME.
45
-
46
- 9. `-S|--search-role-name ROLE_NAME` option will make this command return results that INCLUDE the ROLE_NAME.
47
-
48
- 10. `-E|--search-env-name ENV_NAME` option will make this command return results that have this environment.
49
-
50
- 11. `-v|--verbose` toggles on verbose logging. All commands that write logs will also output to terminal AND write the logs.
51
-
52
- ### Help Related
53
-
54
- 1. `-h|--help` Displays the full readme and exits.
55
-
56
- ### Action Flags
57
-
58
- 1. `-e|--except-role ROLE_NAME` will *prevent* any server with this role from being *deployed to* for the deploy command. Other commands will ignore this argument.
59
-
60
- 2. `-z|--unset-github-deploy-args` will unset a custom revision specified in the arg below and make the codebase utilize the default.
61
-
62
- 3. `-Z|--revision REVISION` will force the role you're deploying to to utilize the revision specified here. This can be a specific commit, a branch name or even a tag.
63
-
64
- 1. Note: The system does not check if the revision exists, if you pass a non-existent revision no one will be able to deploy to that role until -Z with a correction revision or -z is passed.
65
-
66
- 4. The `-O ORGANIZATION` flag can be used with TheCheftacularCookbook to set an *organization* your app can try deploying from, your git user needs access to these forks / organization(s).
67
-
68
- 3. The `-z|--unset-github-deploy-args` option will clear your current `-Z` and `-O` flags.
69
-
70
10
  ## Arguments and flags for cheftacular
71
11
 
72
12
  ### Environment flags
@@ -168,17 +108,25 @@
168
108
 
169
109
  3. `sync` will sync your local cheftacular yaml keys ONTO the server's keys. Will send a slack notification if slack is configured (the slack notification contains the diffed keys). The sync only occurs if there are CHANGES to the file.
170
110
 
111
+ 4. This command is aliased to `cc`
112
+
171
113
  5. `cft cheftacular_yml_help KEY` this commandallows you to get help on the meaning of each key in your cheftacular.yml overall config.
172
114
 
173
115
  1. This command can also by run with `cft yaml_help`.
174
116
 
175
117
  2. To examine nested keys, you can use colons inbetween the keys like cloud_authentication:rackspace:email
176
118
 
177
- 6. `cft clear_caches` this command allows you to clear all of your local caches.
119
+ 6. `cft cleanup_logs [DIRECTORIES_TO_NOT_DELETE]` this command allows you to clear your local log files
120
+
121
+ 1. By default, this command will delete all the cheftacular directories in your log folder.
122
+
123
+ 2. This command supports a comma separated list of folders you don't want to delete.
124
+
125
+ 7. `cft clear_caches` this command allows you to clear all of your local caches.
178
126
 
179
127
  1. This command will force you to refetch all previously cached chef server data on the next `cft` run.
180
128
 
181
- 7. `cft client_list` Allows you check the basic information for all the servers setup via chef. Shows the server's short name, its public ip address and roles (run_list) by default.
129
+ 8. `cft client_list` Allows you check the basic information for all the servers setup via chef. Shows the server's short name, its public ip address and roles (run_list) by default.
182
130
 
183
131
  1. `-v` option will make this command display the server's domain name, whether its password is stored on the chef server and what that password is.
184
132
 
@@ -190,17 +138,21 @@
190
138
 
191
139
  5. `-E|--search-env-name ENV_NAME` option will make this command return results that have this environment.
192
140
 
193
- 8. `cft console` will create a console session on the first node found for a repository.
141
+ 6. This command is aliased to `cft clients` and `cft c`
142
+
143
+ 9. `cft console` will create a console session on the first node found for a repository.
194
144
 
195
145
  1. Attempts to setup a console for the unique stack, stacks currently supported for console is only Rails.
196
146
 
197
- 9. `cft db_console` will create a database console session on the first node found for a database stack in the current environment.
147
+ 2. If there is a node in the repository set that has the role `preferred_console`, this node will come before others.
148
+
149
+ 10. `cft db_console` will create a database console session on the first node found for a database stack in the current environment.
198
150
 
199
151
  1. This command is aliased to psql, typing `cft psql` will drop you into a rails stack database psql session.
200
152
 
201
153
  2. This command is also aliased to mongo, typing `cft mongo` will drop you into a mongodb mongo session.
202
154
 
203
- 10. `cft deploy` will do a simple chef-client run on the servers for a role. Logs of the run itself will be sent to the local log directory in the application (or chef-repo) where the run was conducted.
155
+ 11. `cft deploy` will do a simple chef-client run on the servers for a role. Logs of the run itself will be sent to the local log directory in the application (or chef-repo) where the run was conducted.
204
156
 
205
157
  1. The `-Z REVISION` flag can be used with TheCheftacularCookbook to set a revision your app will run.
206
158
 
@@ -212,9 +164,9 @@
212
164
 
213
165
  5. The `-v|--verbose` option will cause failed deploys to output to the terminal window and to their normal log file. Useful for debugging.
214
166
 
215
- 11. `cft disk_report` will fetch useful statistics from every server for every environment and output it into your log directory.
167
+ 12. `cft disk_report` will fetch useful statistics from every server for every environment and output it into your log directory.
216
168
 
217
- 12. `cft environment boot|boot_without_deploy|destroy|destroy_raw_servers [SERVER_NAMES]` will boot / destroy the current environment
169
+ 13. `cft environment boot|boot_without_deploy|destroy|destroy_raw_servers [SERVER_NAMES]` will boot / destroy the current environment
218
170
 
219
171
  1. `boot` will spin up servers and bring them to a stable state. This includes setting up their subdomains for the target environment.
220
172
 
@@ -228,7 +180,7 @@
228
180
 
229
181
  6. This command also accepts a *comma delimited list* of server names to boot / destroy instead of all the stored ones for an environment.
230
182
 
231
- 13. `cft file NODE_NAME LOCATION_ALIAS MODE FILE_NAME` interacts with a file on the remote server
183
+ 14. `cft file NODE_NAME LOCATION_ALIAS MODE FILE_NAME` interacts with a file on the remote server
232
184
 
233
185
  1. `LOCATION_ALIAS` will be parsed as a path if it has backslash characters. Otherwise it will be parsed from your location_aliases hash in your cheftacular.yml
234
186
 
@@ -244,7 +196,7 @@
244
196
 
245
197
  3. `edit:TEXT_EDITOR` will attempt to edit the file with the TEXT_EDITOR listed. NOTE! This editor must be installed on the node you're accessing. If the editor is not present via a `which` command, the cft file command will say so.
246
198
 
247
- 4. `fetch|scp` will attempt to fetch the FILE_NAME listed via SCP. This file is saved to /Users/mrlocus/Code/chef-repo/tmp (based on your directory structure) under the same FILE_NAME as the remote file.
199
+ 4. `fetch|scp` will attempt to fetch the FILE_NAME listed via SCP. This file is saved to /Users/louis/Code/chef-repo/tmp (based on your directory structure) under the same FILE_NAME as the remote file.
248
200
 
249
201
  1. The deploy must have access to said file without sudo!
250
202
 
@@ -258,25 +210,29 @@
258
210
 
259
211
  1. `--save-to-file FILE_PATH` can also be used in the `fetch` context to specify where exactly to save the file and what to name it as.
260
212
 
261
- 14. `cft fix_known_hosts [HOSTNAME]` this command will delete entries in your known_hosts file for all the servers that are in our system (ip addresses AND dns names)
213
+ 15. `cft fix_known_hosts [HOSTNAME]` this command will delete entries in your known_hosts file for all the servers that are in our system (ip addresses AND dns names)
262
214
 
263
215
  1. Passing in a hostname will make the command only remove entries with that hostname / ip specifically
264
216
 
265
- 15. `cft get_haproxy_log` this command will generate a haproxy html file for the load balancer(s) associated with a repository in the log directory. Opening this log file in the browser will show the status of that haproxy at the time of the log.
217
+ 16. `cft get_active_ssh_connections` will fetch the active ssh connections from every server and output it into your log directory.
218
+
219
+ 1. This command runs on all servers in an environment by default
220
+
221
+ 17. `cft get_haproxy_log` this command will generate a haproxy html file for the load balancer(s) associated with a repository in the log directory. Opening this log file in the browser will show the status of that haproxy at the time of the log.
266
222
 
267
223
  1. In devops mode, this command will not do anything without the -R repository passed.
268
224
 
269
- 16. `cft get_log_from_bag <NODE_NAME-COMMAND_TYPE>` this command grabs the latest command run log from the data bags and saves it to your log directory. There are different types of logs saved per server depending on command.
225
+ 18. `cft get_log_from_bag <NODE_NAME-COMMAND_TYPE>` this command grabs the latest command run log from the data bags and saves it to your log directory. There are different types of logs saved per server depending on command.
270
226
 
271
- 17. `cft get_pg_pass ['clip']` command will output the current environment's pg_password to your terminal. Optionally you can pass in clip like `cft get_pg_pass clip` to have it also copy the pass to your clipboard.
227
+ 19. `cft get_pg_pass ['clip']` command will output the current environment's pg_password to your terminal. Optionally you can pass in clip like `cft get_pg_pass clip` to have it also copy the pass to your clipboard.
272
228
 
273
- 18. `cft help COMMAND|MODE` this command returns the documentation for a specific command if COMMAND matches the name of a command. Alternatively, it can be passed `action|arguments|application|current|devops|stateless_action` to fetch the commands for a specific mode.Misspellings of commands will display near hits.
229
+ 20. `cft help COMMAND|MODE` this command returns the documentation for a specific command if COMMAND matches the name of a command. Alternatively, it can be passed `action|arguments|application|current|devops|stateless_action` to fetch the commands for a specific mode.Misspellings of commands will display near hits.
274
230
 
275
- 19. `cft list_toggleable_roles NODE_NAME` This command will allow you to see all toggleable roles for a node
231
+ 21. `cft list_toggleable_roles NODE_NAME` This command will allow you to see all toggleable roles for a node
276
232
 
277
- 20. `cft location_aliases` will list all location aliases listed in your cheftacular.yml. These aliases can be used in the `cft file` command.
233
+ 22. `cft location_aliases` will list all location aliases listed in your cheftacular.yml. These aliases can be used in the `cft file` command.
278
234
 
279
- 21. `cft log` this command will output the last 500 lines of logs from every server set for the repository (can be given additional args to specify) to the log directory
235
+ 23. `cft log` this command will output the last 500 lines of logs from every server set for the repository (can be given additional args to specify) to the log directory
280
236
 
281
237
  1. `--nginx` will fetch the nginx logs as well as the application logs
282
238
 
@@ -288,13 +244,13 @@
288
244
 
289
245
  4. `--fetch-backup` If doing a pg_data log, this will fetch the latest logs from the pg_data log directory for each database.
290
246
 
291
- 22. `cft migrate` this command will grab the first alphabetical node for a repository and run a migration that will hit the database primary server.
247
+ 24. `cft migrate` this command will grab the first alphabetical node for a repository and run a migration that will hit the database primary server.
292
248
 
293
249
  1. Currently only supports rails stacks.
294
250
 
295
- 23. `cft pass NODE_NAME` will drop the server's sudo password into your clipboard. Useful for when you need to ssh into the server itself and try advanced linux commands
251
+ 25. `cft pass NODE_NAME` will drop the server's sudo password into your clipboard. Useful for when you need to ssh into the server itself and try advanced linux commands
296
252
 
297
- 24. `cft role_toggle NODE_NAME ROLE_NAME activate|deactivate` This command will allow you to **toggle** roles on nodes without using `cft upload_nodes`
253
+ 26. `cft role_toggle NODE_NAME ROLE_NAME activate|deactivate` This command will allow you to **toggle** roles on nodes without using `cft upload_nodes`
298
254
 
299
255
  1. This command uses your *role_toggling:deactivated_role_suffix* attribute set in your cheftacular.yml to toggle the role, it checks to see if the toggled name exists then sets the node's run_list to include the toggled role
300
256
 
@@ -306,7 +262,7 @@
306
262
 
307
263
  1. Please run `cft list_toggleable_roles NODE_NAME` to get a list of your org's toggleable roles for a node.
308
264
 
309
- 25. `cft run COMMAND [--all]` will trigger the command on the first server in the role. Can be used to run rake commands or anything else.
265
+ 27. `cft run COMMAND [--all]` will trigger the command on the first server in the role. Can be used to run rake commands or anything else.
310
266
 
311
267
  1. `--all` will make the command run against all servers in a role rather than the first server it comes across. Don't do this if you're modifying the database with the command.
312
268
 
@@ -316,11 +272,11 @@
316
272
 
317
273
  4. IMPORTANT NOTE: You cannot run `cft run rake -T` as is, you have to enclose any command that uses command line dash arguments in quotes like `cft run "rake -T"`
318
274
 
319
- 26. `cft scale up|down [NUM_TO_SCALE]` will add (or remove) NUM_TO_SCALE servers from the server array. This command will not let you scale down below 1 server.
275
+ 28. `cft scale up|down [NUM_TO_SCALE]` will add (or remove) NUM_TO_SCALE servers from the server array. This command will not let you scale down below 1 server.
320
276
 
321
277
  1. In the case of server creation, this command takes a great deal of time to execute. It will output what stage it is currently on to the terminal but <b>you must not kill this command while it is executing</b>.A failed build may require the server to be destroyed / examined by a DevOps engineer.
322
278
 
323
- 27. `cft tail [PATTERN_TO_MATCH]` will tail the logs (return continuous output) of the first node if finds that has an application matching the repository running on it. Currently only supports rails stacks
279
+ 29. `cft tail [PATTERN_TO_MATCH]` will tail the logs (return continuous output) of the first node if finds that has an application matching the repository running on it. Currently only supports rails stacks
324
280
 
325
281
  1. pass `-n NODE_NAME` to grab the output of a node other than the first.
326
282
 
@@ -328,22 +284,20 @@
328
284
 
329
285
  3. if the `PATTERN_TO_MATCH` argument exists, the tail will only return entries that have that pattern rather than everything written to the file.
330
286
 
331
- 28. `cft update_cheftacular` this command attempts to update cheftacular to the latest version.
287
+ 30. `cft update_cheftacular` this command attempts to update cheftacular to the latest version.
332
288
 
333
- 29. `cft version` this command prints out the current version of cheftacular.
289
+ 31. `cft version` this command prints out the current version of cheftacular.
334
290
 
335
291
 
336
292
  ## Commands that can ONLY be run in the devops context
337
293
 
338
- 1. [NYI]`cft get_active_ssh_connections` will fetch the active ssh connections from every server and output it into your log directory.
294
+ 1. [NYI]`cft update_chef_client` attempts to update the chef-client of all nodes to the latest version. Should be done with caution and with the chef_server's version in mind.
339
295
 
340
- 2. [NYI]`cft update_chef_client` attempts to update the chef-client of all nodes to the latest version. Should be done with caution and with the chef_server's version in mind.
341
-
342
- 3. `cft add_ssh_key_to_bag "<NEW SSH PUB KEY>" [SPECIFIC_REPOSITORY]` this command will add the given ssh key to the default authentication data bag. After this your server recipes should read the contents of the 'default' 'authentication' bag for the authorized_keys array.
296
+ 2. `cft add_ssh_key_to_bag "<NEW SSH PUB KEY>" [SPECIFIC_REPOSITORY]` this command will add the given ssh key to the default authentication data bag. After this your server recipes should read the contents of the 'default' 'authentication' bag for the authorized_keys array.
343
297
 
344
298
  1. `SPECIFIC_REPOSITORY` is a special argument, if left blank the key will be placed in the authorized_keys array in the bag, otherwise it will be placed in the specific_authorized_keys hash under a key named for the repository that is passed. The script will error if SPECIFIC_REPOSITORY does not exist in the cheftacular.yml respositories hash. You can then use this data to give users selective ssh access to certain servers.
345
299
 
346
- 4. `cft backups [activate|deactivate|fetch|load|restore]` this command sets the fetch_backups and restore_backups flags in your config data bag for an environment. These can be used to give application developers a way to trigger / untrigger restores in an environment
300
+ 3. `cft backups [activate|deactivate|fetch|load|restore]` this command sets the fetch_backups and restore_backups flags in your config data bag for an environment. These can be used to give application developers a way to trigger / untrigger restores in an environment
347
301
 
348
302
  1. `activate` will turn on automated backup running (turns on the flag for the env in the config bag).
349
303
 
@@ -355,13 +309,13 @@
355
309
 
356
310
  5. `restore` will simply just run the _backup loading command_ to load the latest backup onto the server.
357
311
 
358
- 5. `cft check_cheftacular_yml_keys` allows you to check to see if your cheftacular yml keys are valid to the current version of cheftacular. It will also set your missing keys to their likely default and let you know to update the cheftacular.yml file.
312
+ 4. `cft check_cheftacular_yml_keys` allows you to check to see if your cheftacular yml keys are valid to the current version of cheftacular. It will also set your missing keys to their likely default and let you know to update the cheftacular.yml file.
359
313
 
360
- 6. `cft chef_bootstrap_from_queue` allows you to register a node in the chef system, remove any lingering data that may be associated with it and update the node's runlist if it has an entry in nodes_dir for its NODE_NAME.
314
+ 5. `cft chef_bootstrap_from_queue` allows you to register a node in the chef system, remove any lingering data that may be associated with it and update the node's runlist if it has an entry in nodes_dir for its NODE_NAME.
361
315
 
362
316
  1. This command is part of the `cft full_bootstrap` command and cannot be called directly
363
317
 
364
- 7. `cft chef_server [restart|processes|memory]` this command can be used to query the chef server for stats if the cheftacular.yml has the chef_server key filled out. Useful for low resource chef-servers.
318
+ 6. `cft chef_server [restart|processes|memory]` this command can be used to query the chef server for stats if the cheftacular.yml has the chef_server key filled out. Useful for low resource chef-servers.
365
319
 
366
320
  1. `restart` restarts all chef processes on the chef server which may alleviate slow cheftacular load times for some users. (NOTE) do not run this command while the chef-server is performing actions or instability may result! Not tested for high volume chef servers.
367
321
 
@@ -373,7 +327,7 @@
373
327
 
374
328
  5. NOTE 2! Cheftacular does not (and will not) support accessing your chef server over ssh with password auth. If you have done this, you should feel bad and immediately switch ssh access to key authentication...
375
329
 
376
- 8. `cft cheftacular_config [diff|display|sync|overwrite]` this command Allows you to interact with your complete cheftacular configuration, the union of all repository's cheftacular.ymls.
330
+ 7. `cft cheftacular_config [diff|display|sync|overwrite]` this command Allows you to interact with your complete cheftacular configuration, the union of all repository's cheftacular.ymls.
377
331
 
378
332
  1. `display` will show the current overall configuration for cheftacular.
379
333
 
@@ -381,18 +335,26 @@
381
335
 
382
336
  3. `sync` will sync your local cheftacular yaml keys ONTO the server's keys. Will send a slack notification if slack is configured (the slack notification contains the diffed keys). The sync only occurs if there are CHANGES to the file.
383
337
 
384
- 9. `cft cheftacular_yml_help KEY` this commandallows you to get help on the meaning of each key in your cheftacular.yml overall config.
338
+ 4. This command is aliased to `cc`
339
+
340
+ 8. `cft cheftacular_yml_help KEY` this commandallows you to get help on the meaning of each key in your cheftacular.yml overall config.
385
341
 
386
342
  1. This command can also by run with `cft yaml_help`.
387
343
 
388
344
  2. To examine nested keys, you can use colons inbetween the keys like cloud_authentication:rackspace:email
389
345
 
390
- 10. `cft clean_cookbooks [force] [remove_cookbooks]` allows you to update the internal chef-repo's cookbooks easily. By default this script will force you to decide what to do with each cookbook individually (shows version numbers and whether to overwrite it to cookbooks or not).
346
+ 9. `cft clean_cookbooks [force] [remove_cookbooks]` allows you to update the internal chef-repo's cookbooks easily. By default this script will force you to decide what to do with each cookbook individually (shows version numbers and whether to overwrite it to cookbooks or not).
391
347
 
392
348
  1. `force` argument will cause the downloaded cookbooks to *always* overwrite the chef-repo's cookbooks as long as the downloaded cookbook has a higher version number.
393
349
 
394
350
  2. If you would like to remove all the cookbooks on the chef server, run `knife cookbook bulk delete '.*' -p -c ~/.chef/knife.rb`
395
351
 
352
+ 10. `cft cleanup_logs [DIRECTORIES_TO_NOT_DELETE]` this command allows you to clear your local log files
353
+
354
+ 1. By default, this command will delete all the cheftacular directories in your log folder.
355
+
356
+ 2. This command supports a comma separated list of folders you don't want to delete.
357
+
396
358
  11. `cft clear_caches` this command allows you to clear all of your local caches.
397
359
 
398
360
  1. This command will force you to refetch all previously cached chef server data on the next `cft` run.
@@ -409,6 +371,8 @@
409
371
 
410
372
  5. `-E|--search-env-name ENV_NAME` option will make this command return results that have this environment.
411
373
 
374
+ 6. This command is aliased to `cft clients` and `cft c`
375
+
412
376
  13. `cft cloud <FIRST_LEVEL_ARG> [<SECOND_LEVEL_ARG>[:<SECOND_LEVEL_ARG_QUERY>]*] ` this command handles talking to various cloud APIs. If no args are passed nothing will happen.
413
377
 
414
378
  1. `domain` first level argument for interacting with cloud domains
@@ -563,7 +527,7 @@
563
527
 
564
528
  3. `edit:TEXT_EDITOR` will attempt to edit the file with the TEXT_EDITOR listed. NOTE! This editor must be installed on the node you're accessing. If the editor is not present via a `which` command, the cft file command will say so.
565
529
 
566
- 4. `fetch|scp` will attempt to fetch the FILE_NAME listed via SCP. This file is saved to /Users/mrlocus/Code/chef-repo/tmp (based on your directory structure) under the same FILE_NAME as the remote file.
530
+ 4. `fetch|scp` will attempt to fetch the FILE_NAME listed via SCP. This file is saved to /Users/louis/Code/chef-repo/tmp (based on your directory structure) under the same FILE_NAME as the remote file.
567
531
 
568
532
  1. The deploy must have access to said file without sudo!
569
533
 
@@ -585,21 +549,17 @@
585
549
 
586
550
  1. This command is run by `cft cloud_bootstrap` and should not be run on its own.
587
551
 
588
- 24. `cft get_haproxy_log` this command will generate a haproxy html file for the load balancer(s) associated with a repository in the log directory. Opening this log file in the browser will show the status of that haproxy at the time of the log.
552
+ 24. `cft get_active_ssh_connections` will fetch the active ssh connections from every server and output it into your log directory.
589
553
 
590
- 1. In devops mode, this command will not do anything without the -R repository passed.
554
+ 1. This command runs on all servers in an environment by default
591
555
 
592
- 25. `cft get_log_from_bag <NODE_NAME-COMMAND_TYPE>` this command grabs the latest command run log from the data bags and saves it to your log directory. There are different types of logs saved per server depending on command.
556
+ 25. `cft get_haproxy_log` this command will generate a haproxy html file for the load balancer(s) associated with a repository in the log directory. Opening this log file in the browser will show the status of that haproxy at the time of the log.
593
557
 
594
- 26. `cft get_pg_pass ['clip']` command will output the current environment's pg_password to your terminal. Optionally you can pass in clip like `cft get_pg_pass clip` to have it also copy the pass to your clipboard.
595
-
596
- 27. `cft get_shorewall_allowed_connections [PATH_TO_LOCAL_FILE] -n NODE_NAME` command will query a single server and return all of its ACCEPT connections from shorewall in it's syslog and return the results in a CSV format. Useful for tracking IP activity.
597
-
598
- 1. You must pass in a node name to query with `-n NODE_NAME`
558
+ 1. In devops mode, this command will not do anything without the -R repository passed.
599
559
 
600
- 2. This command will attempt to `dig` each ip address to give you the most likely culprit.
560
+ 26. `cft get_log_from_bag <NODE_NAME-COMMAND_TYPE>` this command grabs the latest command run log from the data bags and saves it to your log directory. There are different types of logs saved per server depending on command.
601
561
 
602
- 3. If `PATH_TO_LOCAL_FILE` is not blank, the command will use that file instead of building a file on the remote server
562
+ 27. `cft get_pg_pass ['clip']` command will output the current environment's pg_password to your terminal. Optionally you can pass in clip like `cft get_pg_pass clip` to have it also copy the pass to your clipboard.
603
563
 
604
564
  28. `cft help COMMAND|MODE` this command returns the documentation for a specific command if COMMAND matches the name of a command. Alternatively, it can be passed `action|arguments|application|current|devops|stateless_action` to fetch the commands for a specific mode.Misspellings of commands will display near hits.
605
565
 
@@ -615,6 +575,8 @@
615
575
 
616
576
  1. The force option will add the force option to knife upload.
617
577
 
578
+ 2. Utilize `knife cookbook upload -a -V --cookbook-path ./cookbooks` if this command gives you trouble
579
+
618
580
  32. `cft list_toggleable_roles NODE_NAME` This command will allow you to see all toggleable roles for a node
619
581
 
620
582
  33. `cft location_aliases` will list all location aliases listed in your cheftacular.yml. These aliases can be used in the `cft file` command.
@@ -705,7 +667,7 @@
705
667
 
706
668
  3. The argument `skip_update_tld` will stop the long process of checking and updating all the server domains _before_ cloudflare is updated. Only skip if you believe your domain info on your cloud is accurate.
707
669
 
708
- 49. `cft update_cookbook [COOKBOOK_NAME]` allows you to specifically update a single cookbook
670
+ 49. `cft update_cookbook [COOKBOOK_NAME] [INSTALL_VERSION]` allows you to specifically update a single cookbook
709
671
 
710
672
  1. This command passed with no arguments will update TheCheftacularCookbook
711
673
 
@@ -36,6 +36,8 @@ class Cheftacular
36
36
 
37
37
  deployment_args = { in: :groups, limit: 10, wait: 5 } if @options['env'] == 'production'
38
38
 
39
+ @config['pleasantries'].good_luck_fridays if @config['cheftacular']['pleasantries']
40
+
39
41
  #on is namespaced to SSHKit::Backend::Netssh.on
40
42
  on ( nodes.map { |n| @config['cheftacular']['deploy_user'] + "@" + n.public_ipaddress } ), deployment_args do |host|
41
43
  n = get_node_from_address(nodes, host.hostname)
@@ -52,13 +52,13 @@ class Cheftacular
52
52
  end
53
53
 
54
54
  def migrate_wordpress nodes=[]
55
- puts "Method #{ __method__ } is not yet implemented"
55
+ puts("Method #{ __method__ } is not yet implemented") if @options['verbose']
56
56
 
57
57
  return false
58
58
  end
59
59
 
60
60
  def migrate_nodejs nodes=[]
61
- puts "Method #{ __method__ } is not yet implemented"
61
+ puts("Method #{ __method__ } is not yet implemented") if @options['verbose']
62
62
 
63
63
  return false
64
64
  end
@@ -68,7 +68,7 @@ class Cheftacular
68
68
  end
69
69
 
70
70
  def migrate_ nodes=[]
71
- puts "Migrate method tried to migrate the role \"#{ @options['role'] }\" but it doesn't appear to have a repository set! Skipping..."
71
+ puts("Migrate method tried to migrate the role \"#{ @options['role'] }\" but it doesn't appear to have a repository set! Skipping...") if @options['verbose']
72
72
 
73
73
  return false
74
74
  end
@@ -23,6 +23,7 @@ class Cheftacular
23
23
  def audit_run_as_hash ret_hash={}, options_to_ignore=[]
24
24
  ret_hash['hostname'] = Socket.gethostname
25
25
  ret_hash['directory'] = @config['locs']['root']
26
+ ret_hash['version'] = Cheftacular::VERSION
26
27
  ret_hash['command'] = @options['command']
27
28
 
28
29
  options_to_ignore << :preferred_cloud if @options['preferred_cloud'] == @config['cheftacular']['preferred_cloud']
@@ -40,11 +41,12 @@ class Cheftacular
40
41
  ret_hash
41
42
  end
42
43
 
43
- def compile_audit_hash_entry_as_array audit_hash, entry_number=0, ret_array=[], directory_content=''
44
+ def compile_audit_hash_entry_as_array audit_hash, entry_number=0, ret_array=[], directory_content='', version_content=''
44
45
  directory_content = " (#{ audit_hash['directory'] })" if audit_hash.has_key?('directory')
46
+ version_content = " [#{ audit_hash['version'] }]" if audit_hash.has_key?('version')
45
47
 
46
48
  ret_array << "#{ (entry_number.to_s + '. ') unless entry_number == 0 }#{ audit_hash['command'] }"
47
- ret_array << " Hostname: #{ audit_hash['hostname'] }#{ directory_content }"
49
+ ret_array << " Hostname: #{ audit_hash['hostname'] }#{ directory_content }#{ version_content }"
48
50
  ret_array << " Arguments: #{ audit_hash['arguments'] }" if !audit_hash['arguments'].nil? && !audit_hash['arguments'].empty?
49
51
  ret_array << " Options: #{ audit_hash['options'].to_hash }" unless audit_hash['options'].empty?
50
52
 
@@ -23,6 +23,9 @@ class Cheftacular
23
23
  raise "CRITICAL! Unable to capture addresses for the server!" if ret_array[0].nil? || ret_array[1].nil?
24
24
 
25
25
  ret_array
26
+ rescue StandardError => e
27
+ puts "Encountered #{ e } for server hash:"
28
+ ap cloud_server_hash
26
29
  end
27
30
 
28
31
  def parse_server_root_password_from_server_create_hash server_hash, real_node_name
@@ -4,6 +4,10 @@ class Cheftacular
4
4
  @options, @config = options, config
5
5
  end
6
6
 
7
+ def log_directories
8
+ ['applog', 'deploy', 'failed-deploy', 'rolelog', 'rvm', 'server-setup', 'stashedlog']
9
+ end
10
+
7
11
  def write_version_file version
8
12
  File.open( current_version_file_path, "w") { |f| f.write(version) }
9
13
  end
@@ -214,6 +218,44 @@ class Cheftacular
214
218
  end
215
219
  end
216
220
 
221
+ def initialize_log_directories should_cleanup_file_caches=true
222
+ log_directories.each do |sub_log_directory|
223
+ FileUtils.mkdir_p File.join( @config['locs']['chef-log'], sub_log_directory )
224
+ end
225
+
226
+ FileUtils.mkdir_p File.join( @config['locs']['app-tmp'], @config['helper'].declassify)
227
+
228
+ FileUtils.mkdir_p @config['filesystem'].current_nodes_file_cache_path
229
+
230
+ cleanup_file_caches if should_cleanup_file_caches
231
+ end
232
+
233
+ def remove_log_directories directories_to_not_remove_array=[]
234
+ (log_directories - directories_to_not_remove_array).each do |log_directory|
235
+ FileUtils.rm_rf File.join( @config['locs']['chef-log'], log_directory.strip )
236
+ end
237
+ end
238
+
239
+ def generate_report_from_node_hash report_name, node_hash={}, out=[]
240
+ node_hash.each_pair do |serv_name, output|
241
+ out << "#{ serv_name }:"
242
+
243
+ output.join("\n").split("\n").each do |line|
244
+ out << " #{ line }"
245
+ end
246
+
247
+ out << "\n"
248
+ end
249
+
250
+ puts(out) if @options['no_logs'] || @options['verbose']
251
+
252
+ log_loc, timestamp = @config['helper'].set_log_loc_and_timestamp
253
+
254
+ puts("Generating log file for #{ report_name } at #{ log_loc }/#{ report_name.gsub(' ', '-') }-#{ timestamp }.txt") unless @options['quiet']
255
+
256
+ File.open("#{ log_loc }/#{ report_name.gsub(' ', '-') }-#{ timestamp }.txt", "w") { |f| f.write(out.join("\n").scrub_pretty_text) } unless @options['no_logs']
257
+ end
258
+
217
259
  private
218
260
  def current_file_path file_name, use_timestamp=true
219
261
  File.join( @config['locs']['app-root'], 'tmp', @config['helper'].declassify, ( use_timestamp ? "#{ Time.now.strftime("%Y%m%d") }-#{ file_name }" : file_name ))
@@ -325,7 +325,8 @@ class Cheftacular
325
325
  diff_hash = @config['initial_cheftacular_yml'].deep_diff(@config['default']['cheftacular_bag_hash'], true).except('mode', 'default_repository').compact
326
326
 
327
327
  recursive_hash_scrub(diff_hash)
328
- recursive_hash_scrub(diff_hash) #scrub out any leftover empty hashes
328
+
329
+ recursive_hash_scrub(diff_hash) unless diff_hash.empty? #scrub out any leftover empty hashes
329
330
 
330
331
  if diff_hash.empty?
331
332
  puts "No difference detected between your cheftacular.yml and the global environment."
@@ -489,6 +489,7 @@ class Cheftacular
489
489
  @config['action_documentation'] = Cheftacular::ActionDocumentation.new(@options, @config)
490
490
  @config['stateless_action_documentation'] = Cheftacular::StatelessActionDocumentation.new(@options, @config)
491
491
  @config['error'] = Cheftacular::Error.new(@options, @config)
492
+ @config['pleasantries'] = Cheftacular::Pleasantries.new(@options, @config)
492
493
  @config['dummy_sshkit'] = SSHKit::Backend::Netssh.new(SSHKit::Host.new('127.0.0.1'))
493
494
  @config['DNS'] = Cheftacular::DNS.new(@options, @config)
494
495
  @config['queue_master'] = Cheftacular::QueueMaster.new(@options, @config)
@@ -496,15 +497,7 @@ class Cheftacular
496
497
  end
497
498
 
498
499
  def initialize_directories
499
- ['applog', 'deploy', 'failed-deploy', 'rolelog', 'rvm', 'server-setup', 'stashedlog'].each do |sub_log_directory|
500
- FileUtils.mkdir_p File.join( @config['locs']['chef-log'], sub_log_directory )
501
- end
502
-
503
- FileUtils.mkdir_p File.join( @config['locs']['app-tmp'], @config['helper'].declassify)
504
-
505
- FileUtils.mkdir_p @config['filesystem'].current_nodes_file_cache_path
506
-
507
- @config['filesystem'].cleanup_file_caches
500
+ @config['filesystem'].initialize_log_directories
508
501
  end
509
502
 
510
503
  def initialize_cloud_checks exit_on_finish = false
@@ -0,0 +1,25 @@
1
+ class Cheftacular
2
+ class Pleasantries
3
+ def initialize options, config
4
+ @options, @config = options, config
5
+ end
6
+
7
+ def good_luck_fridays #https://gist.github.com/exAspArk/4f18795bc89b6e2666ee
8
+ friday_jumper = %{
9
+ ┓┏┓┏┓┃
10
+ ┛┗┛┗┛┃⟍ ○⟋
11
+ ┓┏┓┏┓┃ ∕ Friday
12
+ ┛┗┛┗┛┃ノ)
13
+ ┓┏┓┏┓┃ deploy,
14
+ ┛┗┛┗┛┃
15
+ ┓┏┓┏┓┃ good
16
+ ┛┗┛┗┛┃
17
+ ┓┏┓┏┓┃ luck!
18
+ ┃┃┃┃┃┃
19
+ ┻┻┻┻┻┻
20
+ }.strip!
21
+
22
+ puts(friday_jumper) if Time.now.friday? && @options['env'] == 'production'
23
+ end
24
+ end
25
+ end
@@ -62,7 +62,7 @@ class Cheftacular
62
62
  "deploying from, your git user needs access to these forks / organization(s).",
63
63
 
64
64
  " 3. The `-z|--unset-github-deploy-args` option will clear your current `-Z` and `-O` flags."
65
- ]
65
+ ] if @config['documentation']['arguments'].empty?
66
66
  end
67
67
 
68
68
  alias_method :flags, :arguments
@@ -175,7 +175,7 @@ class Cheftacular
175
175
 
176
176
  if execution_hash.has_key?(:retries)
177
177
  execution_hash[:retries] = execution_hash[:retries] -= 1
178
- puts "There are #{ execution_hash[:retries] } tries left to evaluate the command."
178
+ puts "#{ server_name_output(server_hash) }_@@@@@@@@@@@ There are #{ execution_hash[:retries] } tries left to evaluate the above command."
179
179
 
180
180
  sleep 60
181
181
 
@@ -15,6 +15,12 @@ class Cheftacular
15
15
  class StatelessAction
16
16
  def check_cheftacular_yml_keys out=[], exit_on_missing=false, warn_on_missing=false
17
17
  base_message = "Your cheftacular.yml is missing the key KEY, its default value is being set to DEFAULT for this run."
18
+
19
+ #############################2.13.0################################################
20
+
21
+ unless @config['cheftacular'].has_key?('pleasantries')
22
+ @config['cheftacular']['pleasantries'] = true
23
+ end
18
24
 
19
25
  #############################2.11.0################################################
20
26
 
@@ -13,7 +13,9 @@ class Cheftacular
13
13
  " 2. `diff` will show the difference between your current cheftacular.yml and the server's. Run automatically on a sync.",
14
14
 
15
15
  " 3. `sync` will sync your local cheftacular yaml keys ONTO the server's keys. Will send a slack notification " +
16
- "if slack is configured (the slack notification contains the diffed keys). The sync only occurs if there are CHANGES to the file."
16
+ "if slack is configured (the slack notification contains the diffed keys). The sync only occurs if there are CHANGES to the file.",
17
+
18
+ " 4. This command is aliased to `cc`"
17
19
  ]
18
20
  ]
19
21
 
@@ -32,6 +34,8 @@ class Cheftacular
32
34
  self.send("cheftacular_config_#{ command }")
33
35
  end
34
36
 
37
+ alias_method :cc, :cheftacular_config
38
+
35
39
  private
36
40
 
37
41
  def cheftacular_config_display
@@ -0,0 +1,38 @@
1
+
2
+ class Cheftacular
3
+ class StatelessActionDocumentation
4
+ def cleanup_logs
5
+ @config['documentation']['stateless_action'][__method__] ||= {}
6
+ @config['documentation']['stateless_action'][__method__]['long_description'] = [
7
+ "`cft cleanup_logs [DIRECTORIES_TO_NOT_DELETE]` this command allows you to clear your local log files",
8
+
9
+ [
10
+ " 1. By default, this command will delete all the cheftacular directories in your log folder.",
11
+
12
+ " 2. This command supports a comma separated list of folders you don't want to delete."
13
+ ]
14
+ ]
15
+
16
+ @config['documentation']['stateless_action'][__method__]['short_description'] = 'Clears cheftacular log directories'
17
+
18
+ @config['documentation']['application'][__method__] = @config['documentation']['stateless_action'][__method__]
19
+ end
20
+ end
21
+
22
+ class InitializationAction
23
+ def cleanup_logs
24
+
25
+ end
26
+ end
27
+
28
+ class StatelessAction
29
+ def cleanup_logs directories_to_not_delete=''
30
+ directories_to_not_delete = ARGV[1] if directories_to_not_delete.blank?
31
+ directories_to_not_delete ||= ''
32
+
33
+ @config['filesystem'].remove_log_directories(directories_to_not_delete.split(','))
34
+
35
+ @config['filesystem'].initialize_log_directories(false)
36
+ end
37
+ end
38
+ end
@@ -18,7 +18,9 @@ class Cheftacular
18
18
 
19
19
  " 4. `-S|--search-role-name ROLE_NAME` option will make this command return results that INCLUDE the ROLE_NAME.",
20
20
 
21
- " 5. `-E|--search-env-name ENV_NAME` option will make this command return results that have this environment."
21
+ " 5. `-E|--search-env-name ENV_NAME` option will make this command return results that have this environment.",
22
+
23
+ " 6. This command is aliased to `cft clients` and `cft c`"
22
24
  ]
23
25
  ]
24
26
 
@@ -96,5 +98,8 @@ class Cheftacular
96
98
  end
97
99
  end
98
100
  end
101
+
102
+ alias_method :clients, :client_list
103
+ alias_method :c, :client_list
99
104
  end
100
105
  end
@@ -35,27 +35,7 @@ class Cheftacular
35
35
  disk_hash[n.name] = start_disk_report( n.name, n.public_ipaddress, options, locs, passwords)
36
36
  end
37
37
 
38
- disk_hash.each_pair do |serv_name, output|
39
- out << "#{ serv_name }:"
40
-
41
- line_count = 1
42
-
43
- output.join("\n").split("\n").each do |line|
44
- out << line_count == 1 ? " #{ line }" : " #{ line }"
45
-
46
- line_count += 1
47
- end
48
-
49
- out << "\n"
50
- end
51
-
52
- puts(out) if @options['no_logs'] || @options['verbose']
53
-
54
- log_loc, timestamp = @config['helper'].set_log_loc_and_timestamp
55
-
56
- puts("Generating log file for disk report at #{ log_loc }/disk-report-#{ timestamp }.txt") unless @options['quiet']
57
-
58
- File.open("#{ log_loc }/disk-report-#{ timestamp }.txt", "w") { |f| f.write(out.join("\n").scrub_pretty_text) } unless @options['no_logs']
38
+ @config['filesystem'].generate_report_from_node_hash('disk report', disk_hash)
59
39
  end
60
40
  end
61
41
  end
@@ -3,17 +3,50 @@ class Cheftacular
3
3
  def get_active_ssh_connections
4
4
  @config['documentation']['stateless_action'][__method__] ||= {}
5
5
  @config['documentation']['stateless_action'][__method__]['long_description'] = [
6
- "[NYI]`cft get_active_ssh_connections` will fetch the active ssh connections from every server and output it into your log directory."
6
+ "`cft get_active_ssh_connections` will fetch the active ssh connections from every server and output it into your log directory.",
7
+
8
+ [
9
+ " 1. This command runs on all servers in an environment by default"
10
+ ]
7
11
  ]
8
12
 
9
- #@config['documentation']['application'][__method__] = @config['documentation']['stateless_action'][__method__]
13
+ @config['documentation']['stateless_action'][__method__]['short_description'] = 'Check servers for active ssh connections'
14
+ @config['documentation']['application'][__method__] = @config['documentation']['stateless_action'][__method__]
10
15
  end
11
16
  end
12
17
 
13
18
  class StatelessAction
14
- def get_active_ssh_connections
15
- # netstat -atn | grep ':22'
16
- raise "Not yet implemented"
19
+ def get_active_ssh_connections connections_hash={}, out=[]
20
+ nodes = @config['getter'].get_true_node_objects(true)
21
+
22
+ nodes = @config['parser'].exclude_nodes( nodes, [{ unless: { env: @options['env'] }}] )
23
+
24
+ options, locs, ridley, logs_bag_hash, pass_bag_hash, bundle_command, cheftacular, passwords = @config['helper'].set_local_instance_vars
25
+
26
+ on ( nodes.map { |n| @config['cheftacular']['deploy_user'] + "@" + n.public_ipaddress } ) do |host|
27
+ n = get_node_from_address(nodes, host.hostname)
28
+
29
+ puts "Beginning ssh connection check run for #{ n.name } (#{ n.public_ipaddress })"
30
+
31
+ connections_hash[n.name] = start_connection_report( n.name, n.public_ipaddress, options, locs, passwords)
32
+ end
33
+
34
+ @config['filesystem'].generate_report_from_node_hash('connections report', connections_hash)
35
+ end
36
+ end
37
+ end
38
+
39
+ module SSHKit
40
+ module Backend
41
+ class Netssh
42
+ def start_connection_report name, ip_address, options, locs, passwords, out=[]
43
+
44
+ out << capture( :netstat, '-atn', :|, :grep, ':22' )
45
+
46
+ puts(out.join("\n")) if options['output'] || options['verbose']
47
+
48
+ out
49
+ end
17
50
  end
18
51
  end
19
52
  end
@@ -1,5 +1,5 @@
1
1
  class Cheftacular
2
2
  #major_version.minor_version.bugfixes
3
- VERSION = "2.12.1"
3
+ VERSION = "2.13.0"
4
4
  RUBY_VERSION = "2.2.2"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cheftacular
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.12.1
4
+ version: 2.13.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Louis Alridge
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-01-05 00:00:00.000000000 Z
11
+ date: 2016-01-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: hashie
@@ -276,6 +276,7 @@ files:
276
276
  - lib/cheftacular/initialization_action.rb
277
277
  - lib/cheftacular/initializer.rb
278
278
  - lib/cheftacular/parser.rb
279
+ - lib/cheftacular/pleasantries.rb
279
280
  - lib/cheftacular/queue_master.rb
280
281
  - lib/cheftacular/stateless_action.rb
281
282
  - lib/cheftacular/stateless_actions/add_ssh_key_to_bag.rb
@@ -294,7 +295,7 @@ files:
294
295
  - lib/cheftacular/stateless_actions/cheftacular_yml_help.rb
295
296
  - lib/cheftacular/stateless_actions/clean_cookbooks.rb
296
297
  - lib/cheftacular/stateless_actions/clean_server_passwords.rb
297
- - lib/cheftacular/stateless_actions/cleanup_log_files.rb
298
+ - lib/cheftacular/stateless_actions/cleanup_logs.rb
298
299
  - lib/cheftacular/stateless_actions/clear_caches.rb
299
300
  - lib/cheftacular/stateless_actions/client_list.rb
300
301
  - lib/cheftacular/stateless_actions/cloud.rb
@@ -312,7 +313,6 @@ files:
312
313
  - lib/cheftacular/stateless_actions/get_haproxy_log.rb
313
314
  - lib/cheftacular/stateless_actions/get_log_from_bag.rb
314
315
  - lib/cheftacular/stateless_actions/get_pg_pass.rb
315
- - lib/cheftacular/stateless_actions/get_shorewall_allowed_connections.rb
316
316
  - lib/cheftacular/stateless_actions/help.rb
317
317
  - lib/cheftacular/stateless_actions/initialize_cheftacular_yml.rb
318
318
  - lib/cheftacular/stateless_actions/initialize_data_bag_contents.rb
@@ -1,15 +0,0 @@
1
-
2
- class Cheftacular
3
- class StatelessActionDocumentation
4
- def cleanup_log_files
5
-
6
- end
7
- end
8
-
9
- class StatelessAction
10
- def cleanup_log_files
11
- #TODO
12
- raise "This method is not yet implemented"
13
- end
14
- end
15
- end
@@ -1,130 +0,0 @@
1
- class Cheftacular
2
- class StatelessActionDocumentation
3
- def get_shorewall_allowed_connections
4
- @config['documentation']['stateless_action'][__method__] ||= {}
5
- @config['documentation']['stateless_action'][__method__]['long_description'] = [
6
- "`cft get_shorewall_allowed_connections [PATH_TO_LOCAL_FILE] -n NODE_NAME` command will query a single server and return all of its ACCEPT connections " +
7
- "from shorewall in it's syslog and return the results in a CSV format. Useful for tracking IP activity.",
8
-
9
- [
10
- " 1. You must pass in a node name to query with `-n NODE_NAME`",
11
-
12
- " 2. This command will attempt to `dig` each ip address to give you the most likely culprit.",
13
-
14
- " 3. If `PATH_TO_LOCAL_FILE` is not blank, the command will use that file instead of building a file on the remote server"
15
- ]
16
- ]
17
- end
18
- end
19
-
20
- class StatelessAction
21
- def get_shorewall_allowed_connections master_log_data=''
22
-
23
- if ARGV[1].nil?
24
- raise "Please pass a NODE_NAME with -n NODE_NAME" if @options['node_name'].nil? || @options['node_name'].empty?
25
-
26
- nodes = @config['getter'].get_true_node_objects true
27
-
28
- nodes = @config['parser'].exclude_nodes(nodes, [{ unless: { env: @options['env'] }}, { unless: { node: @options['node_name'] }}], true)
29
-
30
- #this must always precede on () calls so they have the instance variables they need
31
- options, locs, ridley, logs_bag_hash, pass_bag_hash, bundle_command, cheftacular, passwords = @config['helper'].set_local_instance_vars
32
-
33
- #on is namespaced to SSHKit::Backend::Netssh.on
34
- on ( nodes.map { |n| @config['cheftacular']['deploy_user'] + "@" + n.public_ipaddress } ) do |host|
35
- n = get_node_from_address(nodes, host.hostname)
36
-
37
- puts("Beginning shorewall log capture run for #{ n.name } (#{ n.public_ipaddress })") unless options['quiet']
38
-
39
- master_log_data = start_shorewall_log_capture( n.name, n.public_ipaddress, options, locs, cheftacular, passwords)
40
- end
41
- else
42
- master_log_file = ARGV[1]
43
-
44
- raise "File not found! Did you enter the path correctly?" unless File.exist?(master_log_file)
45
-
46
- master_log_data = File.read(File.expand_path(master_log_file))
47
- end
48
-
49
- puts("Parsing addresses from log data...") unless @options['quiet']
50
-
51
- addresses = {}
52
-
53
- master_log_data.scan(/^.*Shorewall:net2fw:ACCEPT.*SRC=([\d]+\.[\d]+\.[\d]+\.[\d]+) DST.*DPT=80.*$/).each do |ip_address|
54
- addresses[ip_address] ||= 0
55
- addresses[ip_address] += 1
56
- end
57
-
58
- final_addresses = {}
59
- check_count = 0
60
- addresses.each_pair do |address, count|
61
- next if count < 100
62
-
63
- domain = `dig +short -x #{ address[0] }`.chomp.split("\n").join('|')
64
- domain = domain[0..(domain.length-2)]
65
-
66
- domain = address[0] if domain.blank?
67
-
68
- final_addresses[domain] ||= {}
69
- final_addresses[domain]['addresses'] ||= []
70
- final_addresses[domain]['addresses'] << address[0] unless final_addresses[domain]['addresses'].include?(address[0])
71
- final_addresses[domain]['count'] = count unless final_addresses[domain].has_key?('count')
72
- final_addresses[domain]['count'] += count if final_addresses[domain].has_key?('count')
73
-
74
- check_count += 1
75
-
76
- puts("Processed #{ check_count } addresses (#{ address[0] }):#{ domain }:#{ count }") unless @options['quiet']
77
- end
78
-
79
- final_addresses = final_addresses.sort_by {|key, value_hash| value_hash['count']}.to_h
80
-
81
- final_addresses = Hash[final_addresses.to_a.reverse]
82
-
83
- ap(final_addresses) if @options['verbose']
84
-
85
- log_loc, timestamp = @config['helper'].set_log_loc_and_timestamp
86
-
87
- CSV.open(File.expand_path("#{ @config['locs']['chef-log'] }/shorewall-parse-#{ timestamp }.csv"), "wb") do |csv|
88
- final_addresses.each_pair do |dns, info_hash|
89
- csv << [dns, info_hash['addresses'].join('|'), info_hash['count']]
90
- end
91
- end
92
- end
93
- end
94
- end
95
-
96
- module SSHKit
97
- module Backend
98
- class Netssh
99
- def start_shorewall_log_capture name, ip_address, options, locs, cheftacular, passwords, out=[]
100
- log_loc, timestamp = set_log_loc_and_timestamp(locs)
101
-
102
- puts("Generating master log file for shorewall for #{ name } (#{ ip_address }) at #{ log_loc }/#{ name }-shorewall-#{ timestamp }.html") unless options['quiet']
103
-
104
- syslog_files = capture(:ls, '/var/log', :|, :grep, :syslog).split("\n")
105
-
106
- puts("Found #{ syslog_files.count } syslog files to parse (#{ syslog_files.join(', ') }).\nPreparing to parse...") unless options['quiet']
107
-
108
- syslog_files.each do |file|
109
- puts("Parsing #{ file } into master log file...") unless options['quiet']
110
-
111
- if file.include?('.gz')
112
- sudo_execute(passwords[ip_address], :gunzip, '-c', "/var/log/#{ file }", '>>', '/tmp/syslog_master.log' )
113
- else
114
- sudo_execute(passwords[ip_address], :cat, "/var/log/#{ file }", '>>', '/tmp/syslog_master.log' )
115
- end
116
- end
117
-
118
- puts("Writing master log...") unless options['quiet']
119
-
120
- out << sudo_capture( passwords[ip_address], :cat, "/tmp/syslog_master.log" )
121
-
122
- ::File.open("#{ log_loc }/#{ name }-shorewall-#{ timestamp }.html", "w") { |f| f.write(out.join("\n").scrub_pretty_text.gsub('[sudo] password for deploy: ', '')) } unless options['no_logs']
123
-
124
- sudo_execute(passwords[ip_address], :rm, '-f', '/tmp/syslog_master.log')
125
-
126
- out.join("\n")
127
- end
128
- end
129
- end
130
- end