dtk-node-agent 0.5.10 → 0.5.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/README.md +6 -0
- data/dtk-node-agent.gemspec +2 -1
- data/lib/dtk-node-agent/version.rb +1 -1
- data/mcollective_additions/plugins/v2.2/agent/dev_manager.ddl +1 -1
- data/mcollective_additions/plugins/v2.2/agent/dev_manager.rb +3 -4
- data/mcollective_additions/plugins/v2.2/agent/execute_tests.rb +104 -64
- data/mcollective_additions/plugins/v2.2/agent/ssh_agent.ddl +13 -0
- data/mcollective_additions/plugins/v2.2/agent/ssh_agent.rb +93 -0
- data/mcollective_additions/plugins/v2.2/agent/sync_agent_code.rb +1 -1
- data/mcollective_additions/plugins/v2.2/util/puppetrunner.rb +31 -0
- metadata +24 -7
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
NGUwMWQxZTY3ZDA1MWUyOGNkNDI3YWUxZWYxNjhkYzUwY2JlZTBkMA==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
ODc0NTA0ZDRkMzQxZmI1ODkyNTIyNDliOWRiZGM3OTRjMjcwM2Q0Yw==
|
7
7
|
SHA512:
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
MDIxZWIzNmEzYzNmNTk1N2U5ZjcyNDkyNDhjMDExNTYwMmFhNzhiODk0YmVm
|
10
|
+
YTkzZGRjZDJiZDg5MmVhOWE1NGU2MGQ4YjMwMGY4YjQ0YzIzMDNiMTA3MWJh
|
11
|
+
Yzc3NGIwYjdiMzU4M2Q4NDNjNzI5YTg4YzM0YWI2NGY0N2VlODE=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
OGViMTNmMTc3ODkzYmQ0YzA5YzYwODNhMjYzOTViMDA2YmRkNzZjYmI4YzZk
|
14
|
+
YTkxMzJjODYxNTRhYmQwYzZhMGEwNjAxMzk0NTI0NzQyYjRkODFiMTQ5NGJi
|
15
|
+
MzAwNjFkMTFiYjgyZjc5M2QyNTgxMmRmYzdhOGU5Njg3NDA4ODY=
|
data/README.md
CHANGED
@@ -35,6 +35,12 @@ ruby create_agent_ami.rb --region us-east-1 --ami-id ami-da0000aa --key-pair tes
|
|
35
35
|
--ssh-username root --image-name dtk-agent-ubuntu-precise
|
36
36
|
```
|
37
37
|
|
38
|
+
#### Build all supported AMI images with [packer](http://www.packer.io/)
|
39
|
+
```
|
40
|
+
packer build template.json
|
41
|
+
```
|
42
|
+
This will also copy images to all AWS regions.
|
43
|
+
|
38
44
|
License
|
39
45
|
----------------------
|
40
46
|
DTK Node Agent is released under the GPLv3 license. Please see LICENSE for more details.
|
data/dtk-node-agent.gemspec
CHANGED
@@ -33,6 +33,7 @@ Gem::Specification.new do |gem|
|
|
33
33
|
gem.add_dependency 'grit', '~> 2.5.0'
|
34
34
|
gem.add_dependency 'stomp', '~> 1.3.1'
|
35
35
|
gem.add_dependency 'sshkeyauth', '~> 0.0.11'
|
36
|
-
gem.add_dependency 'serverspec'
|
36
|
+
gem.add_dependency 'serverspec', '~> 1.1.0'
|
37
|
+
gem.add_dependency 'specinfra', '~> 1.0.4'
|
37
38
|
|
38
39
|
end
|
@@ -4,9 +4,8 @@ module MCollective
|
|
4
4
|
module Agent
|
5
5
|
class Dev_manager < RPC::Agent
|
6
6
|
|
7
|
-
AGENT_MCOLLECTIVE_LOCATION = "#{::MCollective::Config.instance.libdir}/mcollective/agent/"
|
8
|
-
|
9
|
-
|
7
|
+
AGENT_MCOLLECTIVE_LOCATION = "#{::MCollective::Config.instance.libdir.join}/mcollective/agent/"
|
8
|
+
|
10
9
|
action "inject_agent" do
|
11
10
|
begin
|
12
11
|
|
@@ -31,7 +30,7 @@ module MCollective
|
|
31
30
|
return ret
|
32
31
|
|
33
32
|
rescue Exception => e
|
34
|
-
|
33
|
+
Log.instance.error e
|
35
34
|
ret.set_status_failed!()
|
36
35
|
error_info = { :error => { :message => "Error syncing agents: #{e}" } }
|
37
36
|
ret.merge!(error_info)
|
@@ -1,64 +1,104 @@
|
|
1
|
-
module MCollective
|
2
|
-
module Agent
|
3
|
-
class Execute_tests < RPC::Agent
|
4
|
-
def initialize()
|
5
|
-
super()
|
6
|
-
@log = Log.instance
|
7
|
-
end
|
8
|
-
|
9
|
-
|
10
|
-
#
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
end
|
56
|
-
end
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
1
|
+
module MCollective
|
2
|
+
module Agent
|
3
|
+
class Execute_tests < RPC::Agent
|
4
|
+
def initialize()
|
5
|
+
super()
|
6
|
+
@log = Log.instance
|
7
|
+
end
|
8
|
+
|
9
|
+
def pull_modules(module_version_context, git_server)
|
10
|
+
ENV['GIT_SHELL'] = nil #This is put in because if vcsrepo Puppet module used it sets this
|
11
|
+
begin
|
12
|
+
repo_dir = "#{ModulePath}/#{module_version_context[:implementation]}"
|
13
|
+
remote_repo = "#{git_server}:#{module_version_context[:repo]}"
|
14
|
+
opts = Hash.new
|
15
|
+
begin
|
16
|
+
if File.exists?(repo_dir)
|
17
|
+
@log.info("Branch already exists. Checkout to branch and pull latest changes...")
|
18
|
+
git_repo = ::DTK::NodeAgent::GitClient.new(repo_dir)
|
19
|
+
git_repo.pull_and_checkout_branch?(module_version_context[:branch],opts)
|
20
|
+
else
|
21
|
+
@log.info("Branch does not exist. Cloning branch...")
|
22
|
+
git_repo = ::DTK::NodeAgent::GitClient.new(repo_dir,:create=>true)
|
23
|
+
git_repo.clone_branch(remote_repo,module_version_context[:branch],opts)
|
24
|
+
end
|
25
|
+
rescue Exception => e
|
26
|
+
log_error(e)
|
27
|
+
#to achieve idempotent behavior; fully remove directory if any problems
|
28
|
+
FileUtils.rm_rf repo_dir
|
29
|
+
raise e
|
30
|
+
end
|
31
|
+
rescue Exception => e
|
32
|
+
log_error(e)
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
def log_error(e)
|
37
|
+
log_error = ([e.inspect]+backtrace_subset(e)).join("\n")
|
38
|
+
@log.info("\n----------------error-----\n#{log_error}\n----------------error-----")
|
39
|
+
end
|
40
|
+
|
41
|
+
action "execute_tests" do
|
42
|
+
#Get list of component modules that have spec tests
|
43
|
+
list_output=`ls /etc/puppet/modules/*/dtk/serverspec/spec/localhost/*/*_spec.rb`
|
44
|
+
regex_pattern=/modules\/(.+)\/dtk\/serverspec\/spec\/localhost\/(.+)\//
|
45
|
+
ModuleInfo = Struct.new(:module_name, :component_name, :full_component_name)
|
46
|
+
modules_info = []
|
47
|
+
|
48
|
+
components = []
|
49
|
+
#Strip away node part (/)...leave only part which represent full component name
|
50
|
+
request[:components].each do |c|
|
51
|
+
if c.include? "/"
|
52
|
+
components << c.split("/").last
|
53
|
+
else
|
54
|
+
components << c
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
list_output.each do |line|
|
59
|
+
match = line.match(regex_pattern)
|
60
|
+
components.each do |c|
|
61
|
+
if c.include? "::"
|
62
|
+
stripped_c = c.split("::").last
|
63
|
+
modules_info << ModuleInfo.new(match[1],match[2],c) if stripped_c.eql? match[2]
|
64
|
+
elsif c.eql? match[2]
|
65
|
+
modules_info << ModuleInfo.new(match[1],match[2],c)
|
66
|
+
end
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
all_spec_results = []
|
71
|
+
#filter out redundant module info if any
|
72
|
+
modules_info = modules_info.uniq
|
73
|
+
#Pull latest changes for modules if any
|
74
|
+
git_server = Facts["git-server"]
|
75
|
+
|
76
|
+
modules_info.each do |module_info|
|
77
|
+
component_module = module_info[:module_name]
|
78
|
+
component_name = module_info[:component_name]
|
79
|
+
full_component_name = module_info[:full_component_name]
|
80
|
+
#Filter out version context for modules that don't exist on node
|
81
|
+
filtered_version_context = request[:version_context].select { |x| x[:implementation] == module_info[:module_name] }.first
|
82
|
+
pull_modules(filtered_version_context,git_server)
|
83
|
+
|
84
|
+
spec_results=`/opt/puppet-omnibus/embedded/bin/rspec /etc/puppet/modules/#{component_module}/dtk/serverspec/spec/localhost/#{component_name}/*_spec.rb --format j`
|
85
|
+
@log.info("Executing serverspec test: /etc/puppet/modules/#{component_module}/dtk/serverspec/spec/localhost/#{component_name}/*_spec.rb")
|
86
|
+
|
87
|
+
spec_results_json = JSON.parse(spec_results)
|
88
|
+
spec_results_json['examples'].each do |spec|
|
89
|
+
spec_result = {}
|
90
|
+
spec_result.store(:module_name, component_module)
|
91
|
+
spec_result.store(:component_name, full_component_name)
|
92
|
+
spec_result.store(:test_result, spec['full_description'])
|
93
|
+
spec_result.store(:status, spec['status'])
|
94
|
+
all_spec_results << spec_result
|
95
|
+
end
|
96
|
+
end
|
97
|
+
|
98
|
+
reply[:data] = all_spec_results
|
99
|
+
reply[:pbuilderid] = Facts["pbuilderid"]
|
100
|
+
reply[:status] = :ok
|
101
|
+
end
|
102
|
+
end
|
103
|
+
end
|
104
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
metadata :name => "ssh agent",
|
2
|
+
:description => "SSH Agent allows adding of public keys, removing them and listing",
|
3
|
+
:author => "Reactor8",
|
4
|
+
:license => "",
|
5
|
+
:version => "",
|
6
|
+
:url => "",
|
7
|
+
:timeout => 2
|
8
|
+
action "grant_access", :description => "Add SSH access to host instance" do
|
9
|
+
end
|
10
|
+
action "revoke_access", :description => "Remove SSH access from host instance" do
|
11
|
+
end
|
12
|
+
action "list_access", :description => "List current SSH access for host instance" do
|
13
|
+
end
|
@@ -0,0 +1,93 @@
|
|
1
|
+
require 'base64'
|
2
|
+
|
3
|
+
module MCollective
|
4
|
+
module Agent
|
5
|
+
class Ssh_agent < RPC::Agent
|
6
|
+
|
7
|
+
AGENT_MCOLLECTIVE_LOCATION = "#{::MCollective::Config.instance.libdir.join}/mcollective/agent/"
|
8
|
+
SSH_AUTH_KEYS_FILE_NAME = "authorized_keys"
|
9
|
+
|
10
|
+
action "grant_access" do
|
11
|
+
validate :rsa_pub_key, String
|
12
|
+
validate :rsa_pub_name, String
|
13
|
+
validate :system_user, String
|
14
|
+
|
15
|
+
if does_user_exist?(request[:system_user])
|
16
|
+
begin
|
17
|
+
puppet_params = {
|
18
|
+
:name => request[:rsa_pub_name],
|
19
|
+
:ensure => 'present',
|
20
|
+
:key =>normalize_rsa_pub_key(request[:rsa_pub_key]),
|
21
|
+
:type => 'ssh-rsa',
|
22
|
+
:user => request[:system_user]
|
23
|
+
}
|
24
|
+
|
25
|
+
::MCollective::Util.loadclass("MCollective::Util::PuppetRunner")
|
26
|
+
::MCollective::Util::PuppetRunner.apply(:ssh_authorized_key, puppet_params)
|
27
|
+
|
28
|
+
# There is a bug where we are expiriencing issues with above changes not taking effect for no apperent reason
|
29
|
+
# if detected we repeat puppet apply
|
30
|
+
|
31
|
+
unless key_added?(puppet_params[:user], puppet_params[:key])
|
32
|
+
Log.info("Fallback, repeating SSH access grant")
|
33
|
+
::MCollective::Util::PuppetRunner.apply(:ssh_authorized_key, puppet_params)
|
34
|
+
end
|
35
|
+
|
36
|
+
raise "We were not able to add SSH access for given node (PuppetError)" unless key_added?(puppet_params[:user], puppet_params[:key])
|
37
|
+
|
38
|
+
reply[:data] = { :message => "Access to system user '#{request[:system_user]}' has been granted for '#{request[:rsa_pub_name]}'"}
|
39
|
+
rescue Exception => e
|
40
|
+
reply[:data] = { :error => "Puppet error not able to process request, reason: '#{e.message}'" }
|
41
|
+
end
|
42
|
+
else
|
43
|
+
reply[:data] = { :error => "System user '#{request[:system_user]}' not found on given node" }
|
44
|
+
end
|
45
|
+
reply[:pbuilderid] = Facts["pbuilderid"]
|
46
|
+
reply[:status] = :ok
|
47
|
+
end
|
48
|
+
|
49
|
+
action "revoke_access" do
|
50
|
+
validate :rsa_pub_name, String
|
51
|
+
validate :system_user, String
|
52
|
+
|
53
|
+
if does_user_exist?(request[:system_user])
|
54
|
+
begin
|
55
|
+
::MCollective::Util.loadclass("MCollective::Util::PuppetRunner")
|
56
|
+
::MCollective::Util::PuppetRunner.apply(
|
57
|
+
:ssh_authorized_key,
|
58
|
+
{
|
59
|
+
:name => request[:rsa_pub_name],
|
60
|
+
:ensure => 'absent',
|
61
|
+
:type => 'ssh-rsa',
|
62
|
+
:user => request[:system_user]
|
63
|
+
}
|
64
|
+
)
|
65
|
+
reply[:data] = { :message => "Access for system user '#{request[:system_user]}' has been revoked" }
|
66
|
+
rescue Exception => e
|
67
|
+
reply[:data] = { :error => "Puppet error not able to process request, reason: '#{e.message}'" }
|
68
|
+
end
|
69
|
+
else
|
70
|
+
reply[:data] = { :error => "System user '#{request[:system_user]}' not found on given node" }
|
71
|
+
end
|
72
|
+
|
73
|
+
reply[:pbuilderid] = Facts["pbuilderid"]
|
74
|
+
reply[:status] = :ok
|
75
|
+
end
|
76
|
+
|
77
|
+
def does_user_exist?(system_user)
|
78
|
+
!File.open('/etc/passwd').grep(/home\/#{system_user}:/).empty?
|
79
|
+
end
|
80
|
+
|
81
|
+
def key_added?(system_user, pub_key)
|
82
|
+
results = `more /home/#{system_user}/.ssh/#{SSH_AUTH_KEYS_FILE_NAME} | grep #{pub_key}`
|
83
|
+
!results.empty?
|
84
|
+
end
|
85
|
+
|
86
|
+
def normalize_rsa_pub_key(rsa_pub_key)
|
87
|
+
rsa_pub_key.strip!()
|
88
|
+
rsa_pub_key.gsub!(/.* (.*) .*/,'\1')
|
89
|
+
rsa_pub_key
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
@@ -4,7 +4,7 @@ require 'grit'
|
|
4
4
|
require 'tempfile'
|
5
5
|
require 'fileutils'
|
6
6
|
|
7
|
-
AGENT_MCOLLECTIVE_LOCATION = "#{::MCollective::Config.instance.libdir}/mcollective/agent/"
|
7
|
+
AGENT_MCOLLECTIVE_LOCATION = "#{::MCollective::Config.instance.libdir.join}/mcollective/agent/"
|
8
8
|
|
9
9
|
module MCollective
|
10
10
|
module Agent
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require 'puppet'
|
2
|
+
|
3
|
+
module MCollective
|
4
|
+
module Util
|
5
|
+
class PuppetRunner
|
6
|
+
|
7
|
+
def self.apply(puppet_definition, resource_hash)
|
8
|
+
Puppet.settings.initialize_global_settings
|
9
|
+
Puppet.settings.initialize_app_defaults(Puppet::Settings.app_defaults_for_run_mode(Puppet.run_mode))
|
10
|
+
|
11
|
+
Log.info("Puppet Runner, INPUT :")
|
12
|
+
Log.info(puppet_definition)
|
13
|
+
Log.info(resource_hash.inspect)
|
14
|
+
Log.info("########################################################################")
|
15
|
+
|
16
|
+
pup = Puppet::Type.type(puppet_definition).new(resource_hash)
|
17
|
+
catalog = Puppet::Resource::Catalog.new
|
18
|
+
catalog.add_resource pup
|
19
|
+
catalog.apply()
|
20
|
+
|
21
|
+
Log.info("Puppet Runner, OUTPUT: ")
|
22
|
+
Log.info(Thread.current[:report_status])
|
23
|
+
Log.info(Thread.current[:report_info])
|
24
|
+
Log.info("########################################################################")
|
25
|
+
true
|
26
|
+
end
|
27
|
+
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dtk-node-agent
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.12
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rich PELAVIN
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-
|
11
|
+
date: 2014-04-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: puppet
|
@@ -84,16 +84,30 @@ dependencies:
|
|
84
84
|
name: serverspec
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
86
86
|
requirements:
|
87
|
-
- -
|
87
|
+
- - ~>
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version:
|
89
|
+
version: 1.1.0
|
90
90
|
type: :runtime
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
|
-
- -
|
94
|
+
- - ~>
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: 1.1.0
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: specinfra
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - ~>
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: 1.0.4
|
104
|
+
type: :runtime
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - ~>
|
95
109
|
- !ruby/object:Gem::Version
|
96
|
-
version:
|
110
|
+
version: 1.0.4
|
97
111
|
description: DTK node agent is tool used to install and configure DTK agents.
|
98
112
|
email:
|
99
113
|
- rich@reactor8.com
|
@@ -148,6 +162,8 @@ files:
|
|
148
162
|
- mcollective_additions/plugins/v2.2/agent/puppet_cancel.rb
|
149
163
|
- mcollective_additions/plugins/v2.2/agent/rpcutil.ddl
|
150
164
|
- mcollective_additions/plugins/v2.2/agent/rpcutil.rb
|
165
|
+
- mcollective_additions/plugins/v2.2/agent/ssh_agent.ddl
|
166
|
+
- mcollective_additions/plugins/v2.2/agent/ssh_agent.rb
|
151
167
|
- mcollective_additions/plugins/v2.2/agent/sync_agent_code.ddl
|
152
168
|
- mcollective_additions/plugins/v2.2/agent/sync_agent_code.rb
|
153
169
|
- mcollective_additions/plugins/v2.2/agent/tail.ddl
|
@@ -158,6 +174,7 @@ files:
|
|
158
174
|
- mcollective_additions/plugins/v2.2/facts/pbuilder_facts.rb
|
159
175
|
- mcollective_additions/plugins/v2.2/security/sshkey.ddl
|
160
176
|
- mcollective_additions/plugins/v2.2/security/sshkey.rb
|
177
|
+
- mcollective_additions/plugins/v2.2/util/puppetrunner.rb
|
161
178
|
- mcollective_additions/server.cfg
|
162
179
|
- src/etc/init.d/ec2-run-user-data
|
163
180
|
- src/etc/logrotate.d/mcollective
|
@@ -182,7 +199,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
182
199
|
version: '0'
|
183
200
|
requirements: []
|
184
201
|
rubyforge_project:
|
185
|
-
rubygems_version: 2.1.
|
202
|
+
rubygems_version: 2.1.9
|
186
203
|
signing_key:
|
187
204
|
specification_version: 4
|
188
205
|
summary: DTK ndoe agent tool.
|