right_link 5.9.0

data/lib/instance/audit_proxy.rb

@@ -0,0 +1,247 @@
+#
+# Copyright (c) 2009-2011 RightScale Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'thread'
+
+module RightScale
+
+  # Provides access to core agents audit operation through helper methods
+  # that take care of formatting the audits appropriately
+  # Audit requests to audit recipes output are buffered as follows:
+  #  * Start a timer after each call to audit output
+  #  * Reset the timer if a new call to audit output is made
+  #  * Actually send the output audit if the total size exceeds
+  #    MAX_AUDIT_SIZE or the timer reaches MAX_AUDIT_DELAY
+  #  * Audit of any other kind triggers a request and flushes the buffer
+  class AuditProxy
+
+    # Maximum size for accumulated output before sending audit request
+    # in characters
+    MAX_AUDIT_SIZE = 5 * 1024 # 5 KB
+
+    # Maximum amount of time to wait before sending audit request
+    # in seconds
+    MAX_AUDIT_DELAY = 2
+
+    # (Fixnum) Underlying audit id
+    attr_reader :audit_id
+
+    # Initialize audit from pre-existing id
+    #
+    # === Parameters
+    # audit_id(Fixnum):: Associated audit id
+    def initialize(audit_id)
+      @audit_id = audit_id
+      @size = 0
+      @buffer = ''
+      @mutex = Mutex.new
+    end
+
+    # Create a new audit and calls given block back asynchronously with it
+    #
+    # === Parameters
+    # agent_identity(AgentIdentity):: Agent identity used by core agent to retrieve corresponding account
+    # summary(String):: Summary to be used for newly created audit
+    #
+    # === Return
+    # true:: Always return true
+    def self.create(agent_identity, summary)
+      payload = {:agent_identity => agent_identity,
+                 :summary        => summary,
+                 :category       => RightScale::EventCategories::NONE}
+      Sender.instance.send_persistent_request("/auditor/create_entry", payload) do |r|
+        res = RightScale::OperationResult.from_results(r)
+        if res.success?
+          audit = new(res.content)
+          yield audit
+        else
+          Log.warning("Failed to create new audit entry with summary '#{summary}': #{res.content}, aborting...")
+        end
+        true
+      end
+    end
+
+    # Update audit summary
+    #
+    # === Parameters
+    # status(String):: New audit entry status
+    # options[:category](String):: Optional, must be one of RightScale::EventCategories::CATEGORIES
+    #
+    # === Return
+    # true:: Always return true
+    def update_status(status, options={})
+      send_audit(:kind => :status, :text => status, :category => options[:category])
+    end
+
+    # Start new audit section
+    #
+    # === Parameters
+    # title(String):: Title of new audit section, will replace audit status as well
+    # options[:category](String):: Optional, must be one of RightScale::EventCategories::CATEGORIES
+    #
+    # === Return
+    # true:: Always return true
+    def create_new_section(title, options={})
+      send_audit(:kind => :new_section, :text => title, :category => options[:category])
+    end
+
+    # Append info text to current audit section. A special marker will be prepended to each line of audit to
+    # indicate that text is not some output. Text will be line-wrapped.
+    #
+    # === Parameters
+    # text(String):: Informational text to append to audit entry
+    # options[:category](String):: Optional, must be one of RightScale::EventCategories::CATEGORIES
+    #
+    # === Return
+    # true:: Always return true
+    def append_info(text, options={})
+      send_audit(:kind => :info, :text => text, :category => options[:category])
+    end
+
+    # Append error message to current audit section. A special marker will be prepended to each line of audit to
+    # indicate that error message is not some output. Message will be line-wrapped.
+    #
+    # === Parameters
+    # text(String):: Error text to append to audit entry
+    # options[:category](String):: Optional, must be one of RightScale::EventCategories::CATEGORIES
+    #
+    # === Return
+    # true:: Always return true
+    def append_error(text, options={})
+      send_audit(:kind => :error, :text => text, :category => options[:category])
+    end
+
+    # Append output to current audit section
+    #
+    # === Parameters
+    # text(String):: Output to append to audit entry
+    #
+    # === Return
+    # true:: Always return true
+    #
+    # === Raise
+    # ApplicationError:: If audit id is missing from passed-in options
+    def append_output(text)
+      @mutex.synchronize do
+        @buffer << text
+      end
+
+      EM.next_tick do
+        buffer_size = nil
+        @mutex.synchronize do
+          buffer_size = @buffer.size
+        end
+
+        if buffer_size > MAX_AUDIT_SIZE
+          flush_buffer
+        else
+          reset_timer
+        end
+      end
+    end
+
+
+    protected
+
+    # Flush output buffer then send audits to core agent and log failures
+    #
+    # === Parameters
+    # options[:kind](Symbol):: One of :update_status, :new_section, :append_info, :append_error, :output
+    # options[:text](String):: Text to be audited
+    # options[:category](String):: Optional, must be one of RightScale::EventCategories::CATEGORIES
+    #
+    # === Return
+    # true:: Always return true
+    def send_audit(options)
+      flush_buffer
+      internal_send_audit(options)
+    end
+
+    # Actually send audits to core agent and log failures
+    #
+    # === Parameters
+    # options[:kind](Symbol):: One of :status, :new_section, :info, :error, :output
+    # options[:text](String):: Text to be audited
+    # options[:category](String):: Optional, must be one of RightScale::EventCategories::CATEGORIES
+    #
+    # === Return
+    # true:: Always return true
+    def internal_send_audit(options)
+      opts = { :audit_id => @audit_id, :category => options[:category], :offset => @size }
+      opts[:category] ||= EventCategories::CATEGORY_NOTIFICATION
+      unless EventCategories::CATEGORIES.include?(opts[:category])
+        Log.warning("Invalid category '#{opts[:category]}' for notification '#{options[:text]}', using generic category instead")
+        opts[:category] = EventCategories::CATEGORY_NOTIFICATION
+      end
+
+      log_method = options[:kind] == :error ? :error : :info
+      log_text = AuditFormatter.send(options[:kind], options[:text])[:detail]
+      log_text.chomp.split("\n").each { |l| Log.__send__(log_method, l) }
+      begin
+        audit = AuditFormatter.__send__(options[:kind], options[:text])
+        @size += audit[:detail].size
+        Sender.instance.send_persistent_push("/auditor/update_entry", opts.merge(audit))
+      rescue Exception => e
+        Log.warning("Failed to send audit", e, :trace)
+      end
+
+      true
+    end
+
+    # Send any buffered output to auditor
+    #
+    # === Return
+    # Always return true
+    def flush_buffer
+      # note we must discard cancelled timer or else we never create a new timer and stay cancelled.
+      if @timer
+        @timer.cancel
+        @timer = nil
+      end
+
+      to_send = nil
+      @mutex.synchronize do
+        unless @buffer.empty?
+          to_send = @buffer
+          @buffer = ''
+        end
+      end
+
+      if to_send
+        internal_send_audit(:kind => :output, :text => to_send, :category => EventCategories::NONE)
+      end
+    end
+
+    # Set or reset timer for buffer flush
+    #
+    # === Return
+    # true:: Always return true
+    def reset_timer
+      # note we are using a single PeriodicTimer because we were running out of
+      # one-shot timers with verbose script output. calling cancel on a one-shot
+      # timer sends a message but does not immediately remove the timer from EM
+      # which maxes out at 1000 one-shot timers.
+      @timer = EventMachine::PeriodicTimer.new(MAX_AUDIT_DELAY) { flush_buffer } unless @timer
+    end
+
+  end
+end

data/lib/instance/bundle_queue.rb

@@ -0,0 +1,104 @@
+#
+# Copyright (c) 2009-2011 RightScale Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+module RightScale
+
+  # Abstract base class for a Bundle Queue.
+  class BundleQueue
+
+    FINAL_BUNDLE = 'end'
+    SHUTDOWN_BUNDLE = 'shutdown'
+
+    # Set continuation block to be called after 'close' is called
+    #
+    # === Block
+    # continuation block
+    def initialize(&continuation)
+      @continuation = continuation
+    end
+
+    # Determines if queue is active
+    #
+    # === Return
+    # active(Boolean):: true if queue is active
+    def active?
+      raise NotImplementedError.new("must be overridden")
+    end
+
+    # Activate queue for execution, idempotent
+    # Any pending bundle will be run sequentially in order
+    #
+    # === Return
+    # true:: Always return true
+    def activate
+      raise NotImplementedError.new("must be overridden")
+    end
+
+    # Determines if queue is busy
+    #
+    # === Return
+    # active(Boolean):: true if queue is busy
+    def busy?
+      raise NotImplementedError.new("must be overridden")
+    end
+
+    # Push new context to bundle queue and run next bundle
+    #
+    # === Parameters
+    # context(Object):: any supported kind of context
+    #
+    # === Return
+    # true:: Always return true
+    def push(context)
+      raise NotImplementedError.new("must be overridden")
+    end
+
+    # Clear queue content
+    #
+    # === Return
+    # true:: Always return true
+    def clear
+      raise NotImplementedError.new("must be overridden")
+    end
+
+    # Close queue so that further call to 'push' will be ignored
+    #
+    # === Return
+    # true:: Always return true
+    def close
+      raise NotImplementedError.new("must be overridden")
+    end
+
+    protected
+
+    # Invokes continuation (off of the current thread which may be going away).
+    #
+    # === Return
+    # true:: Always return true
+    def run_continuation
+      EM.next_tick { @continuation.call } if @continuation
+      true
+    end
+
+  end
+
+end

data/lib/instance/cook/agent_connection.rb

@@ -0,0 +1,109 @@
+#
+# Copyright (c) 2011 RightScale Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'singleton'
+
+module RightScale
+
+  # Class managing connection to agent
+  module AgentConnection
+
+    # Wait up to 20 seconds before forcing disconnection to agent
+    STOP_TIMEOUT = 20
+
+    # Set command client cookie and initialize responses parser
+    def initialize(cookie, thread_name, callback=nil)
+      @cookie = cookie
+      @thread_name = thread_name
+      @pending = 0
+      @parser = CommandParser.new do |data|
+        if callback
+          callback.call(data)
+        else
+          Log.warning("[cook] Unexpected command protocol response '#{data}'") unless data == 'OK'
+        end
+        @pending -= 1
+        on_stopped if @stopped_callback && @pending == 0
+      end
+    end
+
+    # Send command to running agent
+    #
+    # === Parameters
+    # options(Hash):: Hash of options and command name
+    #   options[:name]:: Command name
+    #   options[:...]:: Other command specific options, passed through to agent
+    #
+    # === Return
+    # true:: Always return true
+    def send_command(options)
+      return if @stopped_callback
+      @pending += 1
+      command = options.dup
+      command[:cookie] = @cookie
+      command[:thread_name] = @thread_name
+      send_data(CommandSerializer.dump(command))
+      true
+    end
+
+    # Handle agent response
+    #
+    # === Return
+    # true:: Always return true
+    def receive_data(data)
+      @parser.parse_chunk(data)
+      true
+    end
+
+    # Stop command client, wait for all pending commands to finish prior
+    # to calling given callback
+    #
+    # === Return
+    # true:: Always return true
+    #
+    # === Block
+    # called once all pending commands have completed
+    def stop(&callback)
+      send_command(:name => :close_connection)
+      @stopped_callback = callback
+      Log.info("[cook] Disconnecting from agent (#{@pending} response#{@pending > 1 ? 's' : ''} pending)")
+      @stop_timeout = EM::Timer.new(STOP_TIMEOUT) do
+        Log.warning("[cook] Time out waiting for responses from agent, forcing disconnection")
+        @stop_timeout = nil
+        on_stopped
+      end
+      true
+    end
+
+    # Called after all pending responses have been received
+    #
+    # === Return
+    # true:: Always return true
+    def on_stopped
+      close_connection
+      @stop_timeout.cancel if @stop_timeout
+      @stopped_callback.call
+    end
+
+  end
+
+end

data/lib/instance/cook/audit_logger.rb

@@ -0,0 +1,165 @@
+#
+# Copyright (c) 2009-2011 RightScale Inc
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+require 'logger'
+
+module RightScale
+
+  # Audit logger formatter
+  class AuditLogFormatter < ::Logger::Formatter
+
+    # Generate log line from given input
+    def call(severity, time, progname, msg)
+      sprintf("%s: %s\n", time.strftime("%H:%M:%S"), msg2str(msg))
+    end
+
+  end
+
+  # Provides logger interface but forwards some logging to audit entry.
+  # Used in combination with Chef to audit recipe execution output.
+  class AuditLogger < ::Logger
+
+    # Underlying audit id
+    attr_reader :audit_id
+
+    # Initialize audit logger, override Logger initialize since there is no need to initialize @logdev
+    #
+    # === Parameters
+    # audit_id(Integer):: Audit id used to audit logs
+    def initialize
+      @progname = nil
+      @level = INFO
+      @default_formatter = AuditLogFormatter.new
+      @formatter = nil
+      @logdev = nil
+    end
+
+    # Return level as a symbol
+    #
+    # === Return
+    # level(Symbol):: One of :debug, :info, :warn, :error or :fatal
+    alias :level_orig :level
+    def level
+      level = { Logger::DEBUG => :debug,
+                Logger::INFO  => :info,
+                Logger::WARN  => :warn,
+                Logger::ERROR => :error,
+                Logger::FATAL => :fatal }[level_orig]
+    end
+
+    # Raw output
+    #
+    # === Parameters
+    # msg(String):: Raw string to be appended to audit
+    def <<(msg)
+      AuditStub.instance.append_output(msg)
+    end
+
+    # Override Logger::add to audit instead of writing to log file
+    #
+    # === Parameters
+    # severity(Constant):: One of Logger::DEBUG, Logger::INFO, Logger::WARN, Logger::ERROR or Logger::FATAL
+    # message(String):: Message to be audited
+    # progname(String):: Override default program name for that audit
+    #
+    # === Block
+    # Call given Block if any to build message if +message+ is nil
+    #
+    # === Return
+    # true:: Always return true
+    def add(severity, message=nil, progname=nil, &block)
+      severity ||= UNKNOWN
+      # We don't want to audit logs that are less than our level
+      return true if severity < @level
+      progname ||= @progname
+      if message.nil?
+        if block_given?
+          message = yield
+        else
+          message = progname
+          progname = @progname
+        end
+      end
+      return true if is_filtered?(severity, message)
+      msg = format_message(format_severity(severity), Time.now, progname, message)
+      case severity
+      when Logger::DEBUG
+        Log.debug(message)
+      when Logger::INFO, Logger::WARN, Logger::UNKNOWN
+        AuditStub.instance.append_output(msg)
+      when Logger::ERROR
+        AuditStub.instance.append_error(msg)
+      when Logger::FATAL
+        AuditStub.instance.append_error(msg, :category => RightScale::EventCategories::CATEGORY_ERROR)
+      end
+      true
+    end
+
+    # Start new audit section
+    # Note: This is a special 'log' method which allows us to create audit sections before
+    # running RightScripts
+    #
+    # === Parameters
+    # title(String):: Title of new audit section, will replace audit status as well
+    # options[:category](String):: Optional, must be one of RightScale::EventCategories::CATEGORIES
+    #
+    # === Return
+    # true:: Always return true
+    def create_new_section(title, options={})
+      AuditStub.instance.create_new_section(title, options)
+    end
+
+    protected
+
+    MESSAGE_FILTERS = {
+      Logger::ERROR => [
+        # Suppress the auditing of anything Chef logs with ERROR severity that
+        # concerns itself with the right_scripts_cookbook. This cookbook is
+        # dynamically generated by the instance and concerns itself with
+        # RightScripts, which have their own independent mechanism for auditing
+        # failures.
+        #
+        # There are two flavors of this suppression: one for Linux, one for Windows.
+        # This is because Windows-generated RightScript recipes have slightly different
+        # naming conventions than Linux-generated.
+        %r{\(right_scripts_cookbook::.+ line \d+\)},
+        %r{\(right_scripts_cookbook::.+\.ps1 line .+\.ps1\.rb\)}
+      ]
+    }
+
+    # Filters any message which should not appear in audits.
+    #
+    # === Parameters
+    # severity(Constant):: One of Logger::DEBUG, Logger::INFO, Logger::WARN, Logger::ERROR or Logger::FATAL
+    # message(String):: Message to be audited
+    def is_filtered?(severity, message)
+      if filters = MESSAGE_FILTERS[severity]
+        filters.each do |filter|
+          return true if filter =~ message
+        end
+      end
+      return false
+    end
+
+  end
+
+end