rightscale-nanite 0.4.1 → 0.4.1.1

data/lib/nanite/mapper_proxy.rb

@@ -0,0 +1,56 @@
+module Nanite
+
+  # This class allows sending requests to nanite agents without having
+  # to run a local mapper.
+  # It is used by Actor.request which can be used by actors than need
+  # to send requests to remote agents.
+  # All requests go through the mapper for security purposes.
+  class MapperProxy
+        
+    $:.push File.dirname(__FILE__)
+    require 'amqp'
+  
+    include AMQPHelper
+    
+    attr_accessor :pending_requests, :identity, :options, :amqp, :serializer
+
+    # Accessor for actor
+    def self.instance
+      @@instance
+    end
+
+    def initialize(id, opts)
+      @options = opts || {}
+      @identity = id
+      @pending_requests = {}
+      @amqp = start_amqp(options)
+      @serializer = Serializer.new(options[:format])
+      @@instance = self
+    end
+
+    # Send request to given agent through the mapper
+    def request(type, payload = '', opts = {}, &blk)
+      raise "Mapper proxy not initialized" unless identity && options
+      request = Request.new(type, payload, opts)
+      request.from = identity
+      request.token = Identity.generate
+      request.persistent = opts.key?(:persistent) ? opts[:persistent] : options[:persistent]
+      pending_requests[request.token] = 
+        { :intermediate_handler => opts[:intermediate_handler], :result_handler => blk }
+      amqp.fanout('request', :no_declare => options[:secure]).publish(serializer.dump(request))
+    end    
+    
+    # Handle intermediary result
+    def handle_intermediate_result(res)
+      handlers = pending_requests[res.token]
+      handlers[:intermediate_handler].call(res) if handlers && handlers[:intermediate_handler]
+    end
+    
+    # Handle final result
+    def handle_result(res)
+      handlers = pending_requests.delete(res.token)
+      handlers[:result_handler].call(res) if handlers && handlers[:result_handler]
+    end
+
+  end
+end

data/lib/nanite/packets.rb

@@ -0,0 +1,231 @@
+module Nanite
+  # Base class for all Nanite packets,
+  # knows how to dump itself to JSON
+  class Packet
+    def initialize
+      raise NotImplementedError.new("#{self.class.name} is an abstract class.")
+    end
+    def to_json(*a)
+      {
+        'json_class'   => self.class.name,
+        'data'         => instance_variables.inject({}) {|m,ivar| m[ivar.sub(/@/,'')] = instance_variable_get(ivar); m }
+      }.to_json(*a)
+    end
+  end
+
+  # packet that means start of a file transfer
+  # operation
+  class FileStart < Packet
+    attr_accessor :filename, :token, :dest
+    def initialize(filename, dest, token)
+      @filename = filename
+      @dest = dest
+      @token = token
+    end
+
+    def self.json_create(o)
+      i = o['data']
+      new(i['filename'], i['dest'], i['token'])
+    end
+  end
+
+  # packet that means end of a file transfer
+  # operation
+  class FileEnd < Packet
+    attr_accessor :token, :meta
+    def initialize(token, meta)
+      @token = token
+      @meta  = meta
+    end
+
+    def self.json_create(o)
+      i = o['data']
+      new(i['token'], i['meta'])
+    end
+  end
+
+  # packet that carries data chunks during a file transfer
+  class FileChunk < Packet
+    attr_accessor :chunk, :token
+    def initialize(token, chunk=nil)
+      @chunk = chunk
+      @token = token
+    end
+    def self.json_create(o)
+      i = o['data']
+      new(i['token'], i['chunk'])
+    end
+  end
+
+  # packet that means a work request from mapper
+  # to actor node
+  #
+  # type     is a service name
+  # payload  is arbitrary data that is transferred from mapper to actor
+  #
+  # Options:
+  # from     is sender identity
+  # token    is a generated request id that mapper uses to identify replies
+  # reply_to is identity of the node actor replies to, usually a mapper itself
+  # selector is the selector used to route the request
+  # target   is the target nanite for the request
+  # persistent signifies if this request should be saved to persistent storage by the AMQP broker
+  class Request < Packet
+    attr_accessor :from, :payload, :type, :token, :reply_to, :selector, :target, :persistent, :tags
+    DEFAULT_OPTIONS = {:selector => :least_loaded}
+    def initialize(type, payload, opts={})
+      opts = DEFAULT_OPTIONS.merge(opts)
+      @type             = type
+      @payload          = payload
+      @from             = opts[:from]
+      @token            = opts[:token]
+      @reply_to         = opts[:reply_to]
+      @selector         = opts[:selector]
+      @target           = opts[:target]
+      @persistent       = opts[:persistent]
+      @tags             = opts[:tags] || []
+    end
+    def self.json_create(o)
+      i = o['data']
+      new(i['type'], i['payload'], {:from => i['from'], :token => i['token'], :reply_to => i['reply_to'], :selector => i['selector'],
+      :target => i['target'], :persistent => i['persistent'], :tags => i['tags']})
+    end
+  end
+
+  # packet that means a work push from mapper
+  # to actor node
+  #
+  # type     is a service name
+  # payload  is arbitrary data that is transferred from mapper to actor
+  #
+  # Options:
+  # from     is sender identity
+  # token    is a generated request id that mapper uses to identify replies
+  # selector is the selector used to route the request
+  # target   is the target nanite for the request
+  # persistent signifies if this request should be saved to persistent storage by the AMQP broker
+  class Push < Packet
+    attr_accessor :from, :payload, :type, :token, :selector, :target, :persistent, :tags
+    DEFAULT_OPTIONS = {:selector => :least_loaded}
+    def initialize(type, payload, opts={})
+      opts = DEFAULT_OPTIONS.merge(opts)
+      @type             = type
+      @payload          = payload
+      @from             = opts[:from]
+      @token            = opts[:token]
+      @selector         = opts[:selector]
+      @target           = opts[:target]
+      @persistent       = opts[:persistent]
+      @tags             = opts[:tags] || []
+    end
+    def self.json_create(o)
+      i = o['data']
+      new(i['type'], i['payload'], {:from => i['from'], :token => i['token'], :selector => i['selector'],
+      :target => i['target'], :persistent => i['persistent'], :tags => i['tags']})
+    end
+  end
+
+  # packet that means a work result notification sent from actor to mapper
+  #
+  # from     is sender identity
+  # results  is arbitrary data that is transferred from actor, a result of actor's work
+  # token    is a generated request id that mapper uses to identify replies
+  # to       is identity of the node result should be delivered to
+  class Result < Packet
+    attr_accessor :token, :results, :to, :from
+    def initialize(token, to, results, from)
+      @token = token
+      @to = to
+      @from = from
+      @results = results
+    end
+    def self.json_create(o)
+      i = o['data']
+      new(i['token'], i['to'], i['results'], i['from'])
+    end
+  end
+
+  # packet that means an intermediate status notification sent from actor to mapper. is appended to a list of messages matching messagekey.
+  #
+  # from     is sender identity
+  # messagekey is a string that can become part of a redis key, which identifies the name under which the message is stored
+  # message  is arbitrary data that is transferred from actor, an intermediate result of actor's work
+  # token    is a generated request id that mapper uses to identify replies
+  # to       is identity of the node result should be delivered to
+  class IntermediateMessage < Packet
+    attr_accessor :token, :messagekey, :message, :to, :from
+    def initialize(token, to, from, messagekey, message)
+      @token = token
+      @to = to
+      @from = from
+      @messagekey = messagekey
+      @message = message
+    end
+    def self.json_create(o)
+      i = o['data']
+      new(i['token'], i['to'], i['from'], i['messagekey'], i['message'])
+    end
+  end
+
+  # packet that means an availability notification sent from actor to mapper
+  #
+  # from     is sender identity
+  # services is a list of services provided by the node
+  # status   is a load of the node by default, but may be any criteria
+  #          agent may use to report it's availability, load, etc
+  class Register < Packet
+    attr_accessor :identity, :services, :status, :tags
+    def initialize(identity, services, status, tags)
+      @status = status
+      @tags = tags
+      @identity = identity
+      @services = services
+    end
+    def self.json_create(o)
+      i = o['data']
+      new(i['identity'], i['services'], i['status'], i['tags'])
+    end
+  end
+
+  # packet that means deregister an agent from the mappers
+  #
+  # from     is sender identity
+  class UnRegister < Packet
+    attr_accessor :identity
+    def initialize(identity)
+      @identity = identity
+    end
+    def self.json_create(o)
+      i = o['data']
+      new(i['identity'])
+    end
+  end
+
+  # heartbeat packet
+  #
+  # identity is sender's identity
+  # status   is sender's status (see Register packet documentation)
+  class Ping < Packet
+    attr_accessor :identity, :status
+    def initialize(identity, status)
+      @status = status
+      @identity = identity
+    end
+    def self.json_create(o)
+      i = o['data']
+      new(i['identity'], i['status'])
+    end
+  end
+
+  # packet that is sent by workers to the mapper
+  # when worker initially comes online to advertise
+  # it's services
+  class Advertise < Packet
+    def initialize
+    end
+    def self.json_create(o)
+      new
+    end
+  end
+end
+

data/lib/nanite/pid_file.rb

@@ -0,0 +1,52 @@
+module Nanite
+  class PidFile
+    def initialize(identity, options)
+      @pid_dir = File.expand_path(options[:pid_dir] || options[:root] || Dir.pwd)
+      @pid_file = File.join(@pid_dir, "nanite.#{identity}.pid")
+    end
+    
+    def check
+      if pid = read_pid
+        if process_running? pid
+          raise "#{@pid_file} already exists (pid: #{pid})"
+        else
+          Log.info "removing stale pid file: #{@pid_file}"
+          remove
+        end
+      end
+    end
+    
+    def ensure_dir
+      FileUtils.mkdir_p @pid_dir
+    end
+    
+    def write
+      ensure_dir
+      open(@pid_file,'w') {|f| f.write(Process.pid) }
+      File.chmod(0644, @pid_file)
+    end
+    
+    def remove
+      File.delete(@pid_file) if exists?
+    end
+    
+    def read_pid
+      open(@pid_file,'r') {|f| f.read.to_i } if exists?
+    end
+    
+    def exists?
+      File.exists? @pid_file
+    end
+
+    def to_s
+      @pid_file
+    end
+    
+    private
+      def process_running?(pid)
+        Process.getpgid(pid) != -1
+      rescue Errno::ESRCH
+        false
+      end
+  end
+end

data/lib/nanite/reaper.rb

@@ -0,0 +1,38 @@
+module Nanite
+  class Reaper
+
+    def initialize(frequency=2)
+      @timeouts = {}
+      EM.add_periodic_timer(frequency) { EM.next_tick { reap } }
+    end
+
+    def timeout(token, seconds, &blk)
+      @timeouts[token] = {:timestamp => Time.now + seconds, :seconds => seconds, :callback => blk}
+    end
+
+    def reset_with_autoregister_hack(token,seconds,&blk)
+      unless @timeouts[token]
+        timeout(token, seconds, &blk)
+      end
+      reset(token)
+    end
+
+    def reset(token)
+      @timeouts[token][:timestamp] = Time.now + @timeouts[token][:seconds]
+    end
+
+    private
+
+    def reap
+      time = Time.now
+      @timeouts.reject! do |token, data|
+        if time > data[:timestamp]
+          data[:callback].call
+          true
+        else
+          false
+        end
+      end
+    end
+  end
+end

data/lib/nanite/security/cached_certificate_store_proxy.rb

@@ -0,0 +1,24 @@
+module Nanite
+
+  # Proxy to actual certificate store which caches results in an LRU
+  # cache.
+  class CachedCertificateStoreProxy
+    
+    # Initialize cache proxy with given certificate store.
+    def initialize(store)
+      @signer_cache = CertificateCache.new
+      @store = store
+    end
+    
+    # Results from 'get_recipients' are not cached
+    def get_recipients(obj)
+      @store.get_recipients(obj)
+    end
+
+    # Check cache for signer certificate
+    def get_signer(id)
+      @signer_cache.get(id) { @store.get_signer(id) }
+    end
+
+  end  
+end

data/lib/nanite/security/certificate.rb

@@ -0,0 +1,55 @@
+module Nanite
+
+  # X.509 Certificate management
+  class Certificate
+    
+    # Underlying OpenSSL cert
+    attr_accessor :raw_cert
+  
+    # Generate a signed X.509 certificate
+    #
+    # Arguments:
+    #  - key: RsaKeyPair, key pair used to sign certificate
+    #  - issuer: DistinguishedName, certificate issuer
+    #  - subject: DistinguishedName, certificate subject
+    #  - valid_for: Time in seconds before certificate expires (10 years by default)
+    def initialize(key, issuer, subject, valid_for = 3600*24*365*10)
+      @raw_cert = OpenSSL::X509::Certificate.new
+      @raw_cert.version = 2
+      @raw_cert.serial = 1
+      @raw_cert.subject = subject.to_x509
+      @raw_cert.issuer = issuer.to_x509
+      @raw_cert.public_key = key.to_public.raw_key
+      @raw_cert.not_before = Time.now
+      @raw_cert.not_after = Time.now + valid_for
+      @raw_cert.sign(key.raw_key, OpenSSL::Digest::SHA1.new)
+    end
+    
+    # Load certificate from file
+    def self.load(file)
+      from_data(File.new(file))
+    end
+    
+    # Initialize with raw certificate
+    def self.from_data(data)
+      cert = OpenSSL::X509::Certificate.new(data)
+      res = Certificate.allocate
+      res.instance_variable_set(:@raw_cert, cert)
+      res
+    end
+    
+    # Save certificate to file in PEM format
+    def save(file)
+      File.open(file, "w") do |f|
+        f.write(@raw_cert.to_pem)
+      end
+    end
+    
+    # Certificate data in PEM format
+    def data
+      @raw_cert.to_pem
+    end
+    alias :to_s :data
+
+  end
+end