port-authority 0.3.1

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    OGQyMDZkOGNmMTM1ZTEyYTI4ZDA5YWYxZDc2M2ZhYjY5NDIwZGJmOA==
+  data.tar.gz: !binary |-
+    ZjMwNDUxNWY0MzllNTc2ZjZhNWEyZWQyYWNlYWY2NTQ4ZjhhM2NhOQ==
+SHA512:
+  metadata.gz: !binary |-
+    MDcxNWMxYTVhODE1MjMwM2U1ODk0OGUxOWQ0MDAyYWIzZTMwYTE4NGU3YWU4
+    OGViYzJmODc4NmM4NjMwZmM3MTVkYTg1YWQ4Y2Y4NDdiMTFmODc3NDE1NzRm
+    M2IzYWM2NDFhY2I1MTQzMjUwMmExNTFhMmRlMDhlOGY2Y2E3NWI=
+  data.tar.gz: !binary |-
+    YjM3ZDEzOGNmZmM4MDU2ZGY2ZDc0NDc1ZjE1OWZlYTI3NzkxN2E2MGE3MGZj
+    NWI3MmQ4ZjBmNWRjMzBhYzQxZDc5Mjk0M2M3ZThhYWVkYjA3MjE0NGExYjE3
+    ZjI2ZjhhZGRhMjc3MTdkYzI2YWNmNzdjMTJkOGI5ODQ2ZWJkZDk=

data/bin/pa-master-watchdog

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+require 'port-authority/watchdog/master'
+PortAuthority::Watchdog::Master.new.run

data/lib/port-authority/util/config.rb

@@ -0,0 +1,62 @@
+require 'yaml'
+require 'etcd-tools'
+
+module PortAuthority
+  module Util
+    module Config
+      private
+
+      def default_config
+        { debug: false,
+          syslog: false,
+          etcd: {
+            endpoint: 'http://localhost:4001',
+            interval: 1,
+            timeout: 2
+          },
+          docker: {
+            socket: 'tcp://localhost:4243'
+          },
+          icmp: {
+            count: 2,
+            interval: 1
+          },
+          arping: {
+            count: 1,
+            wait: 1
+          },
+          vip: {
+            interval: 1,
+            ip: '172.17.1.5',
+            mask: '255.255.255.0',
+            interface: 'eth0'
+          },
+          lb: {
+            image: 'docker-registry.prz/stackdocks/haproxy:latest',
+            name: 'lb',
+            network: 'overlay'
+          },
+          commands: {
+            arping: `which arping`.chomp,
+            arp: `which arp`.chomp,
+            iproute: `which ip`.chomp
+          }
+        }
+      end
+
+      def config
+        cfg = default_config
+        if File.exist? '/etc/port-authority.yaml'
+          cfg = cfg.deep_merge YAML.load_file('/etc/port-authority.yaml')
+          puts 'loaded config from /etc/port-authority.yaml'
+        elsif File.exist? './port-authority.yaml'
+          cfg = cfg.deep_merge YAML.load_file('./port-authority.yaml')
+          puts 'loaded config from ./port-authority.yaml'
+        else
+          puts 'no config file loaded, using defaults'
+        end
+        cfg
+      end
+    end
+  end
+end

data/lib/port-authority/util/etcd.rb

@@ -0,0 +1,37 @@
+require 'etcd'
+
+module PortAuthority
+  module Util
+    module Etcd
+      # connect to ETCD
+      def etcd_connect!
+        (host, port) = @config[:etcd][:endpoint].gsub(/^https?:\/\//, '').gsub(/\/$/, '').split(':')
+        etcd = ::Etcd.client(host: host, port: port)
+        begin
+          versions = JSON.parse(etcd.version)
+          info "conncted to ETCD at #{@config[:etcd][:endpoint]}"
+          info "server version: #{versions['etcdserver']}"
+          info "cluster version: #{versions['etcdcluster']}"
+          info "healthy: #{etcd.healthy?}"
+          return etcd
+        rescue Exception => e
+          err "couldn't connect to etcd at #{host}:#{port}"
+          err "#{e.message}"
+          @exit = true
+          return nil
+        end
+      end
+
+      def swarm_leader(etcd)
+        etcd.get('/_pa/docker/swarm/leader')
+      end
+
+      def am_i_leader?(etcd)
+        Socket.ip_address_list.map(){|a| a.ip_address }.member?(swarm_leader(etcd).split(':').first)
+      rescue Exception => e
+        false
+      end
+
+    end
+  end
+end

data/lib/port-authority/util/helpers.rb

@@ -0,0 +1,27 @@
+require 'socket'
+
+module PortAuthority
+  module Util
+    module Helpers
+      def hostname
+        @hostname ||= Socket.gethostname
+      end
+
+      def my_ip
+        @my_ip ||= Socket.ip_address_list.detect { |i| i.ipv4_private? }.ip_address
+      end
+
+      def arping
+        @config[:commands][:arping]
+      end
+
+      def iproute
+        @config[:commands][:iproute]
+      end
+
+      def arp
+        @config[:commands][:arp]
+      end
+    end
+  end
+end

data/lib/port-authority/util/loadbalancer.rb

@@ -0,0 +1,52 @@
+require 'docker-api'
+
+module PortAuthority
+  module Util
+    module LoadBalancer
+      # connect to ETCD
+      def lb_docker_setup!
+        Docker.url = @config[:lb][:docker_endpoint]
+        Docker.version
+        true
+      rescue
+        false
+      end
+
+      def lb_create
+        img = Docker::Image.create('fromImage' => @config[:lb][:image])
+
+        # setup port bindings hash
+        port_bindings = Hash.new
+        img.json['ContainerConfig']['ExposedPorts'].keys.each do |port|
+          port_bindings[port] = [ { 'HostPort' => "#{port.split('/').first}" } ]
+        end
+
+        # create container with
+        @lb_container = Docker::Container.create(
+          'Image' => i.json['Id'],
+          'name' => @config[:lb][:name],
+          'Hostname' => @config[:lb][:name],
+          'Env' => [ "ETCDCTL_ENDPOINT=#{@config[:etcd][:endpoint]}" ],
+          'RestartPolicy' => { 'Name' => 'never' },
+          'HostConfig' => {
+            'PortBindings' => port_bindings,
+            'NetworkMode' => @config[:lb][:network]
+          }
+        )
+      end
+
+      def lb_up?
+        @lb_container.info['Status'] =~ /^[Uu]p/
+      end
+
+      def lb_start!
+        @lb_container.start
+      end
+
+      def lb_stop!
+        @lb_container.stop
+      end
+
+    end
+  end
+end

data/lib/port-authority/util/logger.rb

@@ -0,0 +1,42 @@
+require 'logger'
+
+module PortAuthority
+  module Util
+    module Logger
+      def info(message)
+        if @config[:debug]
+          @semaphore[:log].synchronize do
+            $stdout.puts(Time.now.to_s + ' INFO  (TID:' + Thread.current.object_id.to_s + ') ' + message.to_s)
+            $stdout.flush
+          end
+        else
+          @semaphore[:log].synchronize do
+            $stdout.puts(Time.now.to_s + ' INFO  ' + message.to_s)
+            $stdout.flush
+          end
+        end
+      end
+
+      def err(message)
+        if @config[:debug]
+          @semaphore[:log].synchronize do
+            $stdout.puts(Time.now.to_s + ' ERROR (TID:' + Thread.current.object_id.to_s + ') ' + message.to_s)
+            $stdout.flush
+          end
+        else
+          @semaphore[:log].synchronize do
+            $stdout.puts(Time.now.to_s + ' ERROR ' + message.to_s)
+            $stdout.flush
+          end
+        end
+      end
+
+      def debug(message)
+        @semaphore[:log].synchronize do
+          $stdout.puts(Time.now.to_s + ' DEBUG (TID:' + Thread.current.object_id.to_s + ') ' + message.to_s)
+          $stdout.flush
+        end if @config[:debug]
+      end
+    end
+  end
+end

data/lib/port-authority/util/vip.rb

@@ -0,0 +1,72 @@
+module PortAuthority
+  module Util
+    module Vip
+      # add or remove VIP on interface
+      # <IMPLEMENTED>
+      def vip_handle!(leader)
+        ip = IPAddr.new(@config[:vip][:ip])
+        mask = @config[:vip][:mask]
+        cmd = [ iproute,
+                'address',
+                '',
+                "#{ip}/#{mask}",
+                'dev',
+                @config[:vip][:interface],
+                'label',
+                @config[:vip][:interface] + '-vip',
+                '>/dev/null 2>&1'
+              ]
+        leader ? cmd[2] = 'add' : cmd[2] = 'delete'
+        debug "#{cmd.join(' ')}"
+        if system(cmd.join(' '))
+          return true
+        else
+          return false
+        end
+      end
+
+      # send gratuitous ARP to the network
+      def vip_update_arp!
+        cmd = [ arping, '-U', '-q',
+                '-c', @config[:arping][:count],
+                '-I', @config[:vip][:interface],
+                @config[:vip][:ip] ]
+        debug "#{cmd.join(' ')}"
+        if system(cmd.join(' '))
+          return true
+        else
+          return false
+        end
+      end
+
+      # check whether VIP is assigned to me
+      def got_vip?
+        Socket.ip_address_list.map(){|a| a.ip_address }.member?(@config[:vip][:ip])
+      end
+
+      # check reachability of VIP by ICMP echo
+      def vip_alive?(icmp)
+        (1..@config[:icmp][:count]).each { return true if icmp.ping }
+        return false
+      end
+
+      # check whether the IP is registered anywhere
+      def vip_dup?
+        cmd_arp = [ arp, '-d', @config[:vip][:ip], '>/dev/null 2>&1' ]
+        cmd_arping = [  arping, '-D', '-q',
+                        '-c', @config[:arping][:count],
+                        '-w', @config[:arping][:wait],
+                        '-I', @config[:vip][:interface],
+                        @config[:vip][:ip] ]
+        debug "#{cmd_arp.join(' ')}"
+        system(cmd_arp.join(' '))
+        debug "#{cmd_arping.join(' ')}"
+        if system(cmd_arping.join(' '))
+          return false
+        else
+          return true
+        end
+      end
+    end
+  end
+end

data/lib/port-authority/watchdog/init.rb

@@ -0,0 +1,38 @@
+require 'timeout'
+require 'json'
+require 'etcd-tools'
+require 'port-authority/util/config'
+require 'port-authority/util/logger'
+require 'port-authority/util/helpers'
+
+module PortAuthority
+  module Watchdog
+    class Init
+
+      include PortAuthority::Util::Config
+      include PortAuthority::Util::Logger
+      include PortAuthority::Util::Helpers
+
+      def initialize
+        @config = { debug: false }
+        @config = config
+        @exit = false
+        @exit_sigs = ['INT', 'TERM']
+        @exit_sigs.each { |sig| Signal.trap(sig) { @exit = true } }
+        Signal.trap('USR1') { @config[:debug] = false }
+        Signal.trap('USR2') { @config[:debug] = true }
+        Signal.trap('HUP')  { @config = config }
+      end
+
+      def setup(proc_name, nice = -20)
+        if RUBY_VERSION >= '2.1'
+          Process.setproctitle(proc_name)
+        else
+          $0 = proc_name
+        end
+        Process.setpriority(Process::PRIO_PROCESS, 0, nice)
+        # FIXME: Process.daemon ...
+      end
+    end
+  end
+end

data/lib/port-authority/watchdog/master.rb

@@ -0,0 +1,145 @@
+require 'ipaddr'
+require 'port-authority/util/vip'
+require 'port-authority/util/etcd'
+require 'port-authority/util/loadbalancer'
+require 'port-authority/watchdog/init'
+require 'port-authority/watchdog/threads/icmp'
+require 'port-authority/watchdog/threads/swarm'
+
+module PortAuthority
+  module Watchdog
+    class Manager < PortAuthority::Watchdog::Init
+
+      include PortAuthority::Util::Etcd
+      include PortAuthority::Util::Vip
+      include PortAuthority::Util::LoadBalancer
+      include PortAuthority::Watchdog::Threads
+
+      def run
+        # exit if not root
+        if Process.euid != 0
+          $stderr.puts 'Must run under root user!'
+          exit! 1
+        end
+
+        # set process name and nice level (default: -20)
+        setup 'pa-master-watchdog'
+
+        # prepare semaphores
+        @semaphore = {
+          log: Mutex.new,
+          swarm: Mutex.new,
+          icmp: Mutex.new
+        }
+
+        # prepare threads
+        @thread = {
+          icmp: thread_icmp,
+          etcd: thread_swarm,
+        }
+
+        # prepare status vars
+        @status_swarm = false
+        @status_icmp = false
+
+        # start threads
+        @thread.each_value(&:run)
+
+        # wait for threads to make sure they gather something
+        debug 'waiting for threads to gather something...'
+        sleep @config[:vip][:interval]
+        first_cycle = true
+
+        # main loop
+        while !@exit do
+          # initialize local state vars on first iteration
+          status_swarm = status_icmp = false if first_cycle
+
+          # iteration interval
+          sleep @config[:vip][:interval]
+
+          # sync state to local variables
+          @semaphore[:icmp].synchronize { status_icmp = @status_icmp }
+          @semaphore[:swarm].synchronize { status_swarm = @status_swarm }
+
+          # the logic (should be self-explanatory ;))
+          if am_i_leader?
+            if got_vip?
+              debug 'i am the leader with VIP, that is OK'
+            else
+              info 'i am the leader without VIP, checking whether it is free'
+              if status_icmp
+                info 'VIP is still up! (ICMP)'
+                # FIXME: notify by sensu client socket
+              else
+                info 'VIP is unreachable by ICMP, checking for duplicates on L2'
+                if vip_dup?
+                  info 'VIP is still assigned! (ARP)'
+                  # FIXME: notify by sensu client socket
+                else
+                  info 'VIP is free :) assigning'
+                  vip_handle! status_swarm
+                  info 'updating other hosts about change'
+                  vip_update_arp!
+                end
+              end
+            end
+            if lb_up?
+              debug 'i am the leader and load-balancer is up, that is OK'
+            else
+              info 'i am the leader and load-balancer is down, starting'
+              lb_start!
+            end
+          else
+            if got_vip?
+              info 'i got VIP and should not, removing'
+              vip_handle! status_swarm
+              info 'updating other hosts about change'
+              vip_update_arp!
+            else
+              debug 'i am not the leader and i do not have the VIP, that is OK'
+            end
+            if lb_up?
+              info 'i am not the leader and load-balancer is up, stopping'
+              lb_stop!
+            else
+              debug 'i am not the leader and load-balancer is down, that is OK'
+            end
+          end
+
+          # short report on first cycle
+          if first_cycle
+            info "i #{status_swarm ? 'AM' : 'am NOT'} the leader"
+            info "i #{got_vip? ? 'DO' : 'do NOT'} have the VIP"
+            info "i #{status_icmp ? 'CAN' : 'CANNOT'} see the VIP"
+            info "i #{status_haproxy ? 'CAN' : 'CANNOT'} see the VIP"
+            first_cycle = false
+          end
+        end
+
+        # this is triggerred on exit
+        info 'SIGTERM received'
+        info 'waiting for threads to finish...'
+        @thread.each_value(&:join)
+
+        # remove VIP on shutdown
+        if got_vip?
+          info 'removing VIP'
+          vip_handle! false
+          vip_update_arp!
+        end
+
+        # stop LB on shutdown
+        if lb_up?
+          info 'stopping load-balancer'
+          lb_stop!
+        end
+
+        info 'exiting...'
+        exit 0
+      end
+
+
+    end
+  end
+end

data/lib/port-authority/watchdog/threads/icmp.rb

@@ -0,0 +1,22 @@
+require 'net/ping'
+
+module PortAuthority
+  module Watchdog
+    module Threads
+      def thread_icmp
+        Thread.new do
+          debug 'starting ICMP thread...'
+          icmp = Net::Ping::ICMP.new(@config[:vip][:ip])
+          while !@exit do
+            debug 'checking state by ICMP echo'
+            status = vip_alive? icmp
+            @semaphore[:icmp].synchronize { @status_icmp = status }
+            debug "VIP is #{status ? 'alive' : 'down' } according to ICMP"
+            sleep @config[:icmp][:interval]
+          end
+          info 'ending ICMP thread...'
+        end
+      end
+    end
+  end
+end

data/lib/port-authority/watchdog/threads/swarm.rb

@@ -0,0 +1,20 @@
+module PortAuthority
+  module Watchdog
+    module Threads
+      def thread_swarm
+        Thread.new do
+          debug '<swarm> starting thread...'
+          etcd = etcd_connect!
+          while !@exit do
+            debug '<swarm> checking etcd state'
+            status = am_i_leader? etcd
+            @semaphore[:swarm].synchronize { @status_swarm = status }
+            debug "<swarm> i am #{status ? 'the leader' : 'not the leader' }"
+            sleep @config[:etcd][:interval]
+          end
+          info '<swarm> ending thread...'
+        end
+      end
+    end
+  end
+end

data/lib/port-authority.rb

@@ -0,0 +1,7 @@
+module PortAuthority
+  module Watchdog
+  end
+
+  module Util
+  end
+end

metadata

@@ -0,0 +1,136 @@
+--- !ruby/object:Gem::Specification
+name: port-authority
+version: !ruby/object:Gem::Version
+  version: 0.3.1
+platform: ruby
+authors:
+- Radek 'blufor' Slavicinsky
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2016-01-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: etcd
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.3'
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.3'
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+- !ruby/object:Gem::Dependency
+  name: etcd-tools
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.2'
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.2.9
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.2'
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.2.9
+- !ruby/object:Gem::Dependency
+  name: net-ping
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.7.8
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.7'
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.7.8
+- !ruby/object:Gem::Dependency
+  name: docker-api
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.25.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.25.0
+description: Tools for PortAuthority
+email: radek.slavicinsky@gmail.com
+executables:
+- pa-master-watchdog
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/pa-master-watchdog
+- lib/port-authority.rb
+- lib/port-authority/util/config.rb
+- lib/port-authority/util/etcd.rb
+- lib/port-authority/util/helpers.rb
+- lib/port-authority/util/loadbalancer.rb
+- lib/port-authority/util/logger.rb
+- lib/port-authority/util/vip.rb
+- lib/port-authority/watchdog/init.rb
+- lib/port-authority/watchdog/master.rb
+- lib/port-authority/watchdog/threads/icmp.rb
+- lib/port-authority/watchdog/threads/swarm.rb
+homepage: https://github.com/blufor/etcd-tools
+licenses:
+- GPLv2
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: 1.9.3
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.4.3
+signing_key: 
+specification_version: 4
+summary: Port Authority
+test_files: []