ohai 16.8.1 → 16.10.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +2 -2
- data/lib/ohai/mixin/ec2_metadata.rb +30 -5
- data/lib/ohai/plugins/ec2.rb +3 -0
- data/lib/ohai/plugins/linux/network.rb +27 -2
- data/lib/ohai/plugins/linux/platform.rb +1 -1
- data/lib/ohai/plugins/rackspace.rb +2 -2
- data/lib/ohai/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6d9954302145b0fd7ddc2729f4d875374092545c12684935b5e7f013818f8264
|
|
4
|
+
data.tar.gz: fcb81fa7a3e06dc990b8b00c090cd73bccc62514adeecf449557df096006ef98
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 48f3b8c8f3edd9a97c6e50df24c75f65fa6681d18f900825ace766fbc820e49e2adf2f3651feb65a7aec80ba2b38e279d4651021512ffe79224745549fb780ea
|
|
7
|
+
data.tar.gz: 4b2fd69df9d172c0874cde31fb8cca8fe834c3db4b24c09c4af6de916d8be1e9a731760581de79e4ea44881272bc62aa66f79ab76ab419853178a796458a07d6
|
data/Gemfile
CHANGED
|
@@ -4,8 +4,8 @@ source "https://rubygems.org"
|
|
|
4
4
|
gemspec
|
|
5
5
|
|
|
6
6
|
# pull these gems from master of chef/chef so that we're testing against what we will release
|
|
7
|
-
gem "chef-config", git: "https://github.com/chef/chef", glob: "chef-config/chef-config.gemspec"
|
|
8
|
-
gem "chef-utils", git: "https://github.com/chef/chef", glob: "chef-utils/chef-utils.gemspec"
|
|
7
|
+
gem "chef-config", git: "https://github.com/chef/chef", branch: "chef-16", glob: "chef-config/chef-config.gemspec"
|
|
8
|
+
gem "chef-utils", git: "https://github.com/chef/chef", branch: "chef-16", glob: "chef-utils/chef-utils.gemspec"
|
|
9
9
|
|
|
10
10
|
# NOTE: do not submit PRs to add pry as a dep, add to your Gemfile.local
|
|
11
11
|
group :development do
|
|
@@ -43,15 +43,23 @@ module Ohai
|
|
|
43
43
|
EC2_METADATA_ADDR ||= "169.254.169.254"
|
|
44
44
|
EC2_SUPPORTED_VERSIONS ||= %w{ 1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 2007-12-15
|
|
45
45
|
2008-02-01 2008-09-01 2009-04-04 2011-01-01 2011-05-01 2012-01-12
|
|
46
|
-
2014-02-25 2014-11-05 2015-10-20 2016-04-19 2016-06-30 2016-09-02
|
|
46
|
+
2014-02-25 2014-11-05 2015-10-20 2016-04-19 2016-06-30 2016-09-02
|
|
47
|
+
2016-11-30 2018-08-17 2018-11-29 2019-10-01 2020-08-24 2020-11-01 }.freeze
|
|
47
48
|
EC2_ARRAY_VALUES ||= %w{security-groups local_ipv4s}.freeze
|
|
48
49
|
EC2_ARRAY_DIR ||= %w{network/interfaces/macs}.freeze
|
|
49
50
|
EC2_JSON_DIR ||= %w{iam}.freeze
|
|
50
51
|
|
|
52
|
+
#
|
|
53
|
+
# The latest metadata version in EC2_SUPPORTED_VERSIONS that this instance supports
|
|
54
|
+
# in AWS supported metadata versions are determined at instance start so we need to be
|
|
55
|
+
# cautious here in case an instance has been running for a long time
|
|
56
|
+
#
|
|
57
|
+
# @return [String] the version
|
|
58
|
+
#
|
|
51
59
|
def best_api_version
|
|
52
60
|
@api_version ||= begin
|
|
53
61
|
logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}/ to determine the latest supported metadata release")
|
|
54
|
-
response = http_client.get("/")
|
|
62
|
+
response = http_client.get("/", { 'X-aws-ec2-metadata-token': v2_token })
|
|
55
63
|
if response.code == "404"
|
|
56
64
|
logger.trace("Mixin EC2: Received HTTP 404 from metadata server while determining API version, assuming 'latest'")
|
|
57
65
|
return "latest"
|
|
@@ -84,6 +92,23 @@ module Ohai
|
|
|
84
92
|
end
|
|
85
93
|
end
|
|
86
94
|
|
|
95
|
+
#
|
|
96
|
+
# Fetch an API token for use querying AWS IMDSv2 or return nil if no token if found
|
|
97
|
+
# AWS like systems (think OpenStack) will not respond with a token here
|
|
98
|
+
#
|
|
99
|
+
# @return [NilClass, String] API token or nil
|
|
100
|
+
#
|
|
101
|
+
def v2_token
|
|
102
|
+
@v2_token ||= begin
|
|
103
|
+
request = http_client.put("/latest/api/token", nil, { 'X-aws-ec2-metadata-token-ttl-seconds': "60" })
|
|
104
|
+
if request.code == "404" # not on AWS
|
|
105
|
+
nil
|
|
106
|
+
else
|
|
107
|
+
request.body
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
|
|
87
112
|
# Get metadata for a given path and API version
|
|
88
113
|
#
|
|
89
114
|
# Typically, a 200 response is expected for valid metadata.
|
|
@@ -93,7 +118,7 @@ module Ohai
|
|
|
93
118
|
def metadata_get(id, api_version)
|
|
94
119
|
path = "/#{api_version}/meta-data/#{id}"
|
|
95
120
|
logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}#{path}")
|
|
96
|
-
response = http_client.get(path)
|
|
121
|
+
response = http_client.get(path, { 'X-aws-ec2-metadata-token': v2_token })
|
|
97
122
|
case response.code
|
|
98
123
|
when "200"
|
|
99
124
|
response.body
|
|
@@ -174,13 +199,13 @@ module Ohai
|
|
|
174
199
|
|
|
175
200
|
def fetch_userdata
|
|
176
201
|
logger.trace("Mixin EC2: Fetching http://#{EC2_METADATA_ADDR}/#{best_api_version}/user-data/")
|
|
177
|
-
response = http_client.get("/#{best_api_version}/user-data/")
|
|
202
|
+
response = http_client.get("/#{best_api_version}/user-data/", { 'X-aws-ec2-metadata-token': v2_token })
|
|
178
203
|
response.code == "200" ? response.body : nil
|
|
179
204
|
end
|
|
180
205
|
|
|
181
206
|
def fetch_dynamic_data
|
|
182
207
|
@fetch_dynamic_data ||= begin
|
|
183
|
-
response = http_client.get("/#{best_api_version}/dynamic/instance-identity/document/")
|
|
208
|
+
response = http_client.get("/#{best_api_version}/dynamic/instance-identity/document/", { 'X-aws-ec2-metadata-token': v2_token })
|
|
184
209
|
|
|
185
210
|
if json?(response.body) && response.code == "200"
|
|
186
211
|
FFI_Yajl::Parser.parse(response.body)
|
data/lib/ohai/plugins/ec2.rb
CHANGED
|
@@ -121,6 +121,9 @@ Ohai.plugin(:EC2) do
|
|
|
121
121
|
logger.trace("Plugin EC2: looks_like_ec2? == true")
|
|
122
122
|
ec2 Mash.new
|
|
123
123
|
fetch_metadata.each do |k, v|
|
|
124
|
+
# this includes sensitive data we don't want to store on the node
|
|
125
|
+
next if k == "identity_credentials_ec2_security_credentials_ec2_instance"
|
|
126
|
+
|
|
124
127
|
# fetch_metadata returns IAM security credentials, including the IAM user's
|
|
125
128
|
# secret access key. We'd rather not have ohai send this information
|
|
126
129
|
# to the server. If the instance is associated with an IAM role we grab
|
|
@@ -273,6 +273,30 @@ Ohai.plugin(:Network) do
|
|
|
273
273
|
iface
|
|
274
274
|
end
|
|
275
275
|
|
|
276
|
+
# determine pause parameters for the interface using ethtool
|
|
277
|
+
def ethernet_pause_parameters(iface)
|
|
278
|
+
return iface unless ethtool_binary_path
|
|
279
|
+
|
|
280
|
+
iface.each_key do |tmp_int|
|
|
281
|
+
next unless iface[tmp_int][:encapsulation] == "Ethernet"
|
|
282
|
+
|
|
283
|
+
so = shell_out("#{ethtool_binary_path} -a #{tmp_int}")
|
|
284
|
+
logger.trace("Plugin Network: Parsing ethtool output: #{so.stdout}")
|
|
285
|
+
iface[tmp_int]["pause_params"] = {}
|
|
286
|
+
so.stdout.lines.each do |line|
|
|
287
|
+
next if line.start_with?("Pause parameters for")
|
|
288
|
+
next if line.strip.nil?
|
|
289
|
+
|
|
290
|
+
key, val = line.split(/:\s+/)
|
|
291
|
+
if val
|
|
292
|
+
pause_key = "#{key.downcase.tr(" ", "_")}"
|
|
293
|
+
iface[tmp_int]["pause_params"][pause_key] = val.strip.eql? "on"
|
|
294
|
+
end
|
|
295
|
+
end
|
|
296
|
+
end
|
|
297
|
+
iface
|
|
298
|
+
end
|
|
299
|
+
|
|
276
300
|
# determine driver info for the interface using ethtool
|
|
277
301
|
def ethernet_driver_info(iface)
|
|
278
302
|
return iface unless ethtool_binary_path
|
|
@@ -385,7 +409,7 @@ Ohai.plugin(:Network) do
|
|
|
385
409
|
if line =~ IPROUTE_INT_REGEX
|
|
386
410
|
cint = $2
|
|
387
411
|
iface[cint] = Mash.new
|
|
388
|
-
if cint =~ /^(\w
|
|
412
|
+
if cint =~ /^(\w+?)(\d+.*)/
|
|
389
413
|
iface[cint][:type] = $1
|
|
390
414
|
iface[cint][:number] = $2
|
|
391
415
|
end
|
|
@@ -696,7 +720,7 @@ Ohai.plugin(:Network) do
|
|
|
696
720
|
if line =~ /^([0-9a-zA-Z@\.\:\-_]+)\s+/
|
|
697
721
|
cint = $1
|
|
698
722
|
iface[cint] = Mash.new
|
|
699
|
-
if cint =~ /^(\w
|
|
723
|
+
if cint =~ /^(\w+?)(\d+.*)/
|
|
700
724
|
iface[cint][:type] = $1
|
|
701
725
|
iface[cint][:number] = $2
|
|
702
726
|
end
|
|
@@ -770,6 +794,7 @@ Ohai.plugin(:Network) do
|
|
|
770
794
|
iface = ethernet_channel_parameters(iface)
|
|
771
795
|
iface = ethernet_coalesce_parameters(iface)
|
|
772
796
|
iface = ethernet_driver_info(iface)
|
|
797
|
+
iface = ethernet_pause_parameters(iface)
|
|
773
798
|
counters[:network][:interfaces] = net_counters
|
|
774
799
|
network["interfaces"] = iface
|
|
775
800
|
end
|
|
@@ -136,7 +136,7 @@ Ohai.plugin(:Platform) do
|
|
|
136
136
|
when /debian/, /ubuntu/, /linuxmint/, /raspbian/, /cumulus/, /kali/, /pop/
|
|
137
137
|
# apt-get+dpkg almost certainly goes here
|
|
138
138
|
"debian"
|
|
139
|
-
when /oracle/, /centos/, /redhat/, /scientific/, /enterpriseenterprise/, /xcp/, /xenserver/, /cloudlinux/, /ibm_powerkvm/, /parallels/, /nexus_centos/, /clearos/, /bigip/ # Note that 'enterpriseenterprise' is oracle's LSB "distributor ID"
|
|
139
|
+
when /oracle/, /centos/, /redhat/, /almalinux/, /scientific/, /enterpriseenterprise/, /xcp/, /xenserver/, /cloudlinux/, /ibm_powerkvm/, /parallels/, /nexus_centos/, /clearos/, /bigip/ # Note that 'enterpriseenterprise' is oracle's LSB "distributor ID"
|
|
140
140
|
# NOTE: "rhel" should be reserved exclusively for recompiled rhel versions that are nearly perfectly compatible down to the platform_version.
|
|
141
141
|
# The operating systems that are "rhel" should all be as compatible as rhel7 = centos7 = oracle7 = scientific7 (98%-ish core RPM version compatibility
|
|
142
142
|
# and the version numbers MUST track the upstream). The appropriate EPEL version repo should work nearly perfectly. Some variation like the
|
|
@@ -162,8 +162,8 @@ Ohai.plugin(:Rackspace) do
|
|
|
162
162
|
unless rackspace[:public_ip].nil?
|
|
163
163
|
rackspace[:public_hostname] = begin
|
|
164
164
|
Resolv.getname(rackspace[:public_ip])
|
|
165
|
-
|
|
166
|
-
|
|
165
|
+
rescue Resolv::ResolvError, Resolv::ResolvTimeout
|
|
166
|
+
rackspace[:public_ip]
|
|
167
167
|
end
|
|
168
168
|
end
|
|
169
169
|
rackspace[:local_ipv4] = rackspace[:private_ip]
|
data/lib/ohai/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ohai
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 16.
|
|
4
|
+
version: 16.10.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Adam Jacob
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-02-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: chef-config
|
|
@@ -391,7 +391,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
391
391
|
- !ruby/object:Gem::Version
|
|
392
392
|
version: '0'
|
|
393
393
|
requirements: []
|
|
394
|
-
rubygems_version: 3.
|
|
394
|
+
rubygems_version: 3.1.4
|
|
395
395
|
signing_key:
|
|
396
396
|
specification_version: 4
|
|
397
397
|
summary: Ohai profiles your system and emits JSON
|