sonic-screwdriver 1.3.0 → 1.3.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/CONTRIBUTING.md +56 -0
- data/README.md +19 -13
- data/docs/_config.yml +3 -2
- data/docs/_docs/install-bastion.md +13 -2
- data/docs/_docs/install.md +18 -16
- data/docs/_docs/next-steps.md +2 -1
- data/docs/_docs/tutorial-ssh.md +34 -14
- data/docs/_docs/why-ec2-run-command.md +1 -1
- data/docs/_includes/css/sonic.css +6 -3
- data/docs/_includes/google_analytics.html +10 -0
- data/docs/_includes/header.html +1 -1
- data/docs/_includes/js.html +4 -0
- data/docs/_includes/nav.html +1 -1
- data/docs/bin/web +4 -0
- data/docs/docs.md +1 -1
- data/docs/img/sonic-logo.png +0 -0
- data/docs/quick-start.md +1 -1
- data/lib/sonic/cli.rb +2 -0
- data/lib/sonic/cli/help.rb +14 -0
- data/lib/sonic/execute.rb +5 -6
- data/lib/sonic/settings.rb +3 -2
- data/lib/sonic/ssh.rb +22 -1
- data/lib/sonic/ssh/cli_options.rb +9 -0
- data/lib/sonic/version.rb +1 -1
- metadata +7 -4
- data/docs/img/sonic-screwdriver.jpg +0 -0
- data/docs/img/ufo.jpg +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2d34eb785d89e9c4a826928df596cecb363fb646
|
4
|
+
data.tar.gz: 547ef19add839f6edb57e524733be8bd94436b02
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 01d05f3716d252a66370cd62e18a13d02761dd5a5620b1b18b011577d7251bbeb870d1ec022d64986c22f3871cc5ad35fcff9e80ea7c3bdbbdf8bdc2c030f53e
|
7
|
+
data.tar.gz: e453e4568efd83dbb6a6f8c649711c035767b001a45cda04de34fe6e69d2f60baeff587d7025923c7d66e34f38354924f74faf96a70d76e827a6bb195b0f599e
|
data/CHANGELOG.md
CHANGED
@@ -3,6 +3,13 @@
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
4
4
|
This project *tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
|
5
5
|
|
6
|
+
## [1.3.1]
|
7
|
+
- Add sonic ssh -i option so users can specify custom private keys.
|
8
|
+
- Add sonic ssh -r retry option so you don't have to keep pressing up enter.
|
9
|
+
|
10
|
+
## [1.3.1]
|
11
|
+
- remove byebug debugging
|
12
|
+
|
6
13
|
## [1.3.0]
|
7
14
|
- support for different bastion cluster host mapping in settings
|
8
15
|
|
data/CONTRIBUTING.md
ADDED
@@ -0,0 +1,56 @@
|
|
1
|
+
# Contributing to Sonic Screwdriver
|
2
|
+
|
3
|
+
Contributing is welcomed and encouraged. We love pull requests!
|
4
|
+
|
5
|
+
Here are some ways *you* can contribute:
|
6
|
+
|
7
|
+
* by reporting bugs
|
8
|
+
* by suggesting new features
|
9
|
+
* by writing or editing documentation
|
10
|
+
* by writing specs
|
11
|
+
* by writing code ( **no patch is too small** : fix typos, add comments, clean up inconsistent whitespace )
|
12
|
+
* by refactoring code
|
13
|
+
* by closing [issues][]
|
14
|
+
* by reviewing patches
|
15
|
+
|
16
|
+
[issues]: https://github.com/tongueroo/lono/issues
|
17
|
+
|
18
|
+
## Submitting an Issue
|
19
|
+
|
20
|
+
* We use the [GitHub issue tracker][issues] to track bugs and features.
|
21
|
+
* Before submitting a bug report or feature request, check to make sure it hasn't
|
22
|
+
already been submitted.
|
23
|
+
* When submitting a bug report, please include a [Gist][] that includes a stack
|
24
|
+
trace and any details that may be necessary to reproduce the bug, including
|
25
|
+
your gem version, Ruby version, and operating system. Ideally, a bug report
|
26
|
+
should include a pull request with failing specs.
|
27
|
+
|
28
|
+
[gist]: https://gist.github.com/
|
29
|
+
|
30
|
+
## Cleaning up issues
|
31
|
+
|
32
|
+
* Issues that have no response from the submitter will be closed after 30 days.
|
33
|
+
* Issues will be closed once they're assumed to be fixed or answered. If the
|
34
|
+
maintainer is wrong, it can be opened again.
|
35
|
+
* If your issue is closed by mistake, please understand and explain the issue.
|
36
|
+
We will happily reopen the issue.
|
37
|
+
|
38
|
+
## Submitting a Pull Request
|
39
|
+
1. [Fork][fork] the [official repository][repo].
|
40
|
+
2. [Create a topic branch.][branch]
|
41
|
+
3. Implement your feature or bug fix.
|
42
|
+
4. Add, commit, and push your changes.
|
43
|
+
5. [Submit a pull request.][pr]
|
44
|
+
|
45
|
+
## Notes
|
46
|
+
* Please add tests if you changed code. Contributions without tests won't be accepted.
|
47
|
+
* If you don't know how to add tests, please put in a PR and leave a comment
|
48
|
+
asking for help. We love helping!
|
49
|
+
* Please don't update the Gem version.
|
50
|
+
|
51
|
+
[repo]: https://github.com/tongueroo/lono/tree/master
|
52
|
+
[fork]: https://help.github.com/articles/fork-a-repo/
|
53
|
+
[branch]: https://help.github.com/articles/creating-and-deleting-branches-within-your-repository/
|
54
|
+
[pr]: https://help.github.com/articles/using-pull-requests/
|
55
|
+
|
56
|
+
Inspired by https://github.com/middleman/middleman-heroku/blob/master/CONTRIBUTING.md
|
data/README.md
CHANGED
@@ -1,21 +1,23 @@
|
|
1
1
|
# Sonic Screwdriver
|
2
2
|
|
3
3
|
[![CircleCI](https://circleci.com/gh/boltopslabs/sonic.svg?style=svg)](https://circleci.com/gh/boltopslabs/sonic)
|
4
|
+
[![Gitter](https://badges.gitter.im/boltopslabs/sonic.svg)](https://gitter.im/boltopslabs/sonic?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
|
5
|
+
[![Support](https://img.shields.io/badge/get-support-blue.svg)](https://boltops.com?utm_source=badge&utm_medium=badge&utm_campaign=sonic)
|
4
6
|
|
5
|
-
Sonic is a multi-functional tool that helps you manage AWS resources. Sonic contains
|
7
|
+
Sonic is a multi-functional tool that helps you manage AWS resources. Sonic contains a group of commands that help debug EC2 instances and ECS containers quickly.
|
6
8
|
|
7
9
|
See [sonic-screwdriver.cloud](http://sonic-screwdriver.cloud) for full documentation.
|
8
10
|
|
9
11
|
## Why Sonic Was Created
|
10
12
|
|
11
|
-
After I exhaust debugging an ECS service with CloudWatch Logs I usually take it to the next step: ssh into the instance. I jump into an instance with a running task or docker container and poke around to figure out the root issue.
|
13
|
+
After I exhaust debugging an ECS service with CloudWatch Logs, I usually take it to the next step: ssh into the instance. I jump into an instance with a running task or docker container and poke around to figure out the root issue.
|
12
14
|
|
13
|
-
|
15
|
+
To find the instance with the service's docker container I click around on the ECS console website until I locate the container instance's DNS name and then paste it into the terminal. While this process is not complicated, it is tedious. For example, the typical process is:
|
14
16
|
|
15
17
|
1. Click on the cluster
|
16
18
|
2. Click on the service
|
17
19
|
3. Click on the tasks tab
|
18
|
-
4. Click on
|
20
|
+
4. Click on one of the tasks
|
19
21
|
5. Click on the container instance
|
20
22
|
6. Highlight and copy the DNS name
|
21
23
|
7. Paste the DNS name into the terminal to build up the ssh ec2-user@[dnsname] command
|
@@ -24,23 +26,23 @@ In order to find the instance with the service's docker container I click around
|
|
24
26
|
10. Run docker exec -ti [container_id] bash
|
25
27
|
11. Finally, debug the actual problem
|
26
28
|
|
27
|
-
By the time I get into the container, I need to remind my brain
|
29
|
+
By the time I get into the container, I need to remind my brain of what the original issue was. This tool automates the process, so you do not waste your precious mental energy clicking on links and use it to focus on better things like fixing the **actual** issue.
|
28
30
|
|
29
31
|
## Install
|
30
32
|
|
31
|
-
|
33
|
+
You can install sonic with RubyGems
|
32
34
|
|
33
35
|
```sh
|
34
|
-
|
36
|
+
gem install sonic
|
35
37
|
```
|
36
38
|
|
37
|
-
|
39
|
+
If you want to quickly install sonic without having to worry about sonic's dependencies you can also install the Bolts Toolbelt which has sonic included.
|
38
40
|
|
39
41
|
```sh
|
40
|
-
|
42
|
+
brew cask install boltopslabs/software/bolts
|
41
43
|
```
|
42
44
|
|
43
|
-
Full installation instructions are at [Install Sonic Screwdriver](http://
|
45
|
+
Full installation instructions are at [Install Sonic Screwdriver](http://sonic-screwdriver.cloud/docs/install/). There are some server side dependencies for some of the sonic commands, so it is important to read through the full installation guide.
|
44
46
|
|
45
47
|
## Quick Start
|
46
48
|
|
@@ -49,12 +51,16 @@ Here is a quick overview of sonic abilities:
|
|
49
51
|
```sh
|
50
52
|
# ssh into an instance
|
51
53
|
sonic ssh i-0f7f833131a51ce35
|
52
|
-
sonic ssh hi-web-stag
|
54
|
+
sonic ssh hi-web-stag # ec2 tag
|
55
|
+
sonic ssh hi-web-stag --cluster stag # ecs service name
|
56
|
+
sonic ssh hi-web-stag --cluster stag # ecs service name
|
57
|
+
sonic ssh 7fbc8c75-4675-4d39-a5a4-0395ff8cd474 --cluster stag # ECS container id
|
58
|
+
sonic ssh 1ed12abd-645c-4a05-9acf-739b9d790170 --cluster stag # ECS task id
|
53
59
|
|
54
60
|
# docker exec to a running ECS docker container
|
55
61
|
sonic ecs-exec hi-web-stag
|
56
62
|
|
57
|
-
# docker run with same environment as the ECS docker running containers
|
63
|
+
# docker run with the same environment as the ECS docker running containers
|
58
64
|
sonic ecs-run hi-web-stag
|
59
65
|
|
60
66
|
# run command on 1 instance
|
@@ -69,7 +75,7 @@ sonic list hi-web-stag
|
|
69
75
|
|
70
76
|
## Contributing
|
71
77
|
|
72
|
-
Everyone can contribute to
|
78
|
+
Everyone can contribute to making sonic-screwdriver better. Please fork the project and open a pull request! We love your pull requests. Contributions are encouraged and welcomed!
|
73
79
|
|
74
80
|
1. Fork it
|
75
81
|
2. Create your feature branch (`git checkout -b my-new-feature`)
|
data/docs/_config.yml
CHANGED
@@ -9,6 +9,7 @@ meta_author: Tung Nguyen
|
|
9
9
|
|
10
10
|
# Google webmaster tools
|
11
11
|
google_verify:
|
12
|
+
google_analytics: UA-98684555-2
|
12
13
|
|
13
14
|
# https://ssl.bing.com/webmaster/configure/verify/ownership Option 2 content= goes here
|
14
15
|
bing_verify:
|
@@ -25,11 +26,11 @@ disqus_shortname:
|
|
25
26
|
|
26
27
|
# Color settings (hex-codes without the leading hash-tag)
|
27
28
|
color:
|
28
|
-
primary:
|
29
|
+
primary: 47a970
|
29
30
|
primary-rgb: "24,288,156" #"128,179,255"
|
30
31
|
secondary: 2c3e50 #FD6E8A
|
31
32
|
secondary-dark: 233140 #A2122F
|
32
|
-
links:
|
33
|
+
links: 3fda78
|
33
34
|
|
34
35
|
# Footer settings
|
35
36
|
footer:
|
@@ -7,10 +7,21 @@ It is common to secure your network setup by restricting access to your servers
|
|
7
7
|
You can configure the [settings.yml]({% link _docs/settings.md %}) file to use a bastion host. Here's an example:
|
8
8
|
|
9
9
|
```yaml
|
10
|
-
bastion:
|
10
|
+
bastion: # cluster_host mapping
|
11
|
+
default: ec2-user@bastion.mydomain.com
|
12
|
+
prod: ec2-user@bastion.mydomain.com
|
13
|
+
stag: ubuntu@bastion-stag.mydomain.com
|
11
14
|
```
|
12
15
|
|
13
|
-
|
16
|
+
The configuration specifies a bastion for the specific clusters. If the cluster is not in the configuration it defaults to the default bastion host setting.
|
17
|
+
|
18
|
+
```sh
|
19
|
+
sonic ssh --cluster prod [IDENTIFER] # ec2-user@bastion.mydomain.com used as the bastion host
|
20
|
+
sonic ssh --cluster stag [IDENTIFER] # ubuntu@bastion-stag.mydomain.com used as the bastion host
|
21
|
+
sonic ssh --cluster whatever [IDENTIFER] # ec2-user@bastion.mydomain.com used as the bastion host
|
22
|
+
```
|
23
|
+
|
24
|
+
The settting directs the `sonic ssh` to jump through the bastion host. This works completely transparently. The sonic commands are exactly the same as if there is no bastion host. Examples:
|
14
25
|
|
15
26
|
```
|
16
27
|
sonic ssh i-0f7f833131a51ce35
|
data/docs/_docs/install.md
CHANGED
@@ -2,35 +2,37 @@
|
|
2
2
|
title: Installation
|
3
3
|
---
|
4
4
|
|
5
|
-
### Install with Bolts Toolbelt
|
6
|
-
|
7
|
-
If you want to quickly install sonic without having to worry about sonic's dependency you can simply install the Bolts Toolbelt which has sonic included.
|
8
|
-
|
9
|
-
```sh
|
10
|
-
brew cask install boltopslabs/software/bolts
|
11
|
-
```
|
12
|
-
|
13
|
-
For more information about the Bolts Toolbelt or to get an installer for another operating system visit: [https://boltops.com/toolbelt](https://boltops.com/toolbelt)
|
14
|
-
|
15
5
|
### Install with RubyGems
|
16
6
|
|
17
|
-
If
|
7
|
+
If can install sonic via RubyGems:
|
18
8
|
|
19
9
|
```sh
|
20
10
|
gem install sonic-screwdriver
|
21
11
|
```
|
22
12
|
|
23
|
-
|
13
|
+
You can also add sonic to your Gemfile in your project if you are working with a ruby project. It is not required for your project to be a ruby project to use sonic.
|
24
14
|
|
25
15
|
```ruby
|
26
16
|
gem "sonic-screwdriver"
|
27
17
|
```
|
28
18
|
|
19
|
+
### Install with Bolts Toolbelt
|
20
|
+
|
21
|
+
If you want to install sonic without having to worry about sonic's ruby dependency you can simply install the Bolts Toolbelt which has sonic included.
|
22
|
+
|
23
|
+
```sh
|
24
|
+
brew cask install boltopslabs/software/bolts
|
25
|
+
```
|
26
|
+
|
27
|
+
For more information about the Bolts Toolbelt or to get an installer for another operating system visit: [https://boltops.com/toolbelt](https://boltops.com/toolbelt)
|
28
|
+
|
29
29
|
### Server Side Dependencies
|
30
30
|
|
31
|
+
For a small set of the commands there are server side dependencies.
|
32
|
+
|
31
33
|
#### sonic ecs-* dependencies
|
32
34
|
|
33
|
-
|
35
|
+
For the `sonic ecs-*` commands to work `jq` is required on the server side. This is covered in the [How It Works]({% link _docs/how-it-works.md %}) section.
|
34
36
|
|
35
37
|
One way to install `jq` quickly is by using the `sonic execute` command. For example:
|
36
38
|
|
@@ -46,15 +48,15 @@ The `sonic execute` works alongside [Amazon EC2 Run Command](https://aws.amazon.
|
|
46
48
|
|
47
49
|
#### Amazon EC2 Run Manager Installation
|
48
50
|
|
49
|
-
Installing the EC2 Run Manager agent on your
|
51
|
+
Installing the EC2 Run Manager agent on your Linux servers is super simple and is only one command.
|
50
52
|
|
51
53
|
```sh
|
52
54
|
sudo yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
|
53
55
|
```
|
54
56
|
|
55
|
-
The full recommended instructions are on the
|
57
|
+
The full recommended instructions are on the official Amazon EC2 Systems Manager [Install SSM Agent](http://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent.html) documentation.
|
56
58
|
|
57
|
-
The
|
59
|
+
The trickiest part of installing is likely making sure that the agent on the server has successfully checked into the SSM service. Verify it by tailing `/var/log/amazon/ssm/errors/errors.log`.
|
58
60
|
|
59
61
|
If you are having issues, it is most likely IAM issues. Amazon also provides [Configuring Security Roles](http://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-access.html) docs to fix any IAM issues.
|
60
62
|
|
data/docs/_docs/next-steps.md
CHANGED
@@ -6,8 +6,9 @@ This concludes the tutorial guide for sonic. Hopefully you are now more comforta
|
|
6
6
|
|
7
7
|
From here, there are a few resources that can help you continue along:
|
8
8
|
|
9
|
+
* Jump in the Chat Channel [![Gitter](https://badges.gitter.im/boltopslabs/sonic.svg)](https://gitter.im/boltopslabs/sonic)
|
9
10
|
* Check out the [sonic](https://github.com/boltopslabs/sonic) repo on GitHub
|
10
|
-
* Submit an issue
|
11
|
+
* Submit an [issue](https://github.com/boltopslabs/sonic/issues)
|
11
12
|
* Write a blog post describing how you are using sonic, or an interesting problem sonic has allowed you to solve
|
12
13
|
|
13
14
|
Everyone can contribute to make sonic better, including the documentation. These docs are of the same sonic repo in the [docs folder](https://github.com/boltopslabs/sonic/tree/master/docs). Please fork the project and open a pull request! We love your pull requests. Contributions are encouraged and welcomed!
|
data/docs/_docs/tutorial-ssh.md
CHANGED
@@ -4,19 +4,19 @@ title: SSH
|
|
4
4
|
|
5
5
|
### SSH
|
6
6
|
|
7
|
-
Sonic allows you to
|
7
|
+
Sonic allows you to ssh into an instance quickly.
|
8
8
|
|
9
|
-
Often
|
9
|
+
Often when working with AWS EC2 it is helpful to ssh into an instance to debug. To ssh into an instance, the first thing you do is go to the EC2 Console and grab the public IP address.
|
10
10
|
|
11
11
|
<img src="/img/tutorials/ec2-console-public-ip.png" class="doc-photo" />
|
12
12
|
|
13
|
-
You use that
|
13
|
+
You use that IP address to build up an ssh command for accessing the instance. Here's an example of the built-up ssh command.
|
14
14
|
|
15
15
|
```sh
|
16
16
|
ssh ec2-user@52.24.216.170
|
17
17
|
```
|
18
18
|
|
19
|
-
You often have to go through this manual process of identifying the public
|
19
|
+
You often have to go through this manual process of identifying the public IP address and building up the ssh command repeatedly.
|
20
20
|
|
21
21
|
### Usage
|
22
22
|
|
@@ -26,19 +26,19 @@ Sonic automatically builds up the ssh command for you. Here's an example of the
|
|
26
26
|
sonic ssh i-027363802c6ff314f
|
27
27
|
```
|
28
28
|
|
29
|
-
The above command effectively
|
29
|
+
The above command effectively translates to:
|
30
30
|
|
31
31
|
```sh
|
32
32
|
ssh ec2-user@52.24.216.170
|
33
33
|
```
|
34
34
|
|
35
|
-
By default the user that sonic uses to
|
35
|
+
By default the user that sonic uses to log in to the server is `ec2-user`. You can override the user easily like so:
|
36
36
|
|
37
37
|
```sh
|
38
38
|
sonic ssh ubuntu@i-0f7f833131a51ce35
|
39
39
|
```
|
40
40
|
|
41
|
-
The default user can also be
|
41
|
+
The default user can also be configured with a `~/.sonic/settings.yml` or the project's `.sonic/settings.yml` file like so:
|
42
42
|
|
43
43
|
```yaml
|
44
44
|
user: ec2-user
|
@@ -48,9 +48,9 @@ More information about sonic settings in available in the docs: [Settings]({% li
|
|
48
48
|
|
49
49
|
### Polymorphic Identifiers
|
50
50
|
|
51
|
-
The `sonic ssh` command can auto-detect the proper
|
51
|
+
The `sonic ssh` command can auto-detect the proper IP address with a variety of different identifiers. The identifier is not just limited to the instance id. The identifier can also be an EC2 tag-value filter, ECS service name, ECS container id or ECS task id.
|
52
52
|
|
53
|
-
|
53
|
+
Polymorphic identifiers are convenient in case you happen to be on a dashboard with another identifier close by and handy. Here are examples of identifiers that `sonic ssh` understands.
|
54
54
|
|
55
55
|
```
|
56
56
|
sonic ssh EC2_TAG_FILTER
|
@@ -74,7 +74,7 @@ service_cluster:
|
|
74
74
|
hi-worker-stag: stag
|
75
75
|
```
|
76
76
|
|
77
|
-
With these settings in place, the ECS identifier commands get
|
77
|
+
With these settings in place, the ECS identifier commands get shortened to become:
|
78
78
|
|
79
79
|
```sh
|
80
80
|
sonic ssh ECS_CONTAINER_ID
|
@@ -82,7 +82,7 @@ sonic ssh ECS_SERVICE
|
|
82
82
|
sonic ssh ECS_TASK_ID
|
83
83
|
```
|
84
84
|
|
85
|
-
It then becomes
|
85
|
+
It then becomes effortless to ssh into an EC2 Container Instance with the ECS service name. For example, if the ECS service name is `hi-web-stag` then the command becomes.
|
86
86
|
|
87
87
|
```sh
|
88
88
|
$ sonic ssh hi-web-stag
|
@@ -91,7 +91,7 @@ $ docker ps
|
|
91
91
|
$ curl -s http://localhost:51678/v1/meta | jq .
|
92
92
|
```
|
93
93
|
|
94
|
-
The `hi-web-stag` can
|
94
|
+
The `hi-web-stag` can be running on multiple container instances. The `sonic ssh` command chooses the first container instance that it finds. If you need to ssh into a specific container instance, then use the `sonic ssh` command with an instance id instead.
|
95
95
|
|
96
96
|
You can also use the ECS container instance arn or task id to ssh into the machine. Examples:
|
97
97
|
|
@@ -102,10 +102,30 @@ $ sonic ssh 1ed12abd-645c-4a05-9acf-739b9d790170 # ECS task id
|
|
102
102
|
|
103
103
|
### Bastion Host
|
104
104
|
|
105
|
-
Thus far we have assumed that the instances we are hopping into are publicly available on a public subnet and have
|
105
|
+
Thus far we have assumed that the instances we are hopping into are publicly available on a public subnet and have a public IP address associated with it. A typical AWS setup is to have your servers on internal subnets without public addresses. In this case, we must first ssh into the bastion host, and from there we can "jump" into the actual server. This why the bastion host is also called a jump host.
|
106
106
|
|
107
|
-
If you have
|
107
|
+
If you have a bastion host server which provides access to your internal servers, then it is, even more, work to build up the ssh command. The good news is that the `sonic ssh` command supports bastion hosts and automates this process! The [Bastion Setup]({% link _docs/install-bastion.md %}) doc covers how to set this up.
|
108
108
|
|
109
|
+
### Automatic Retry
|
110
|
+
|
111
|
+
On a freshly launched EC2 instance, the instance and ssh daemon take a little time before it's ready. Typically, you repeatedly press up and enter until you can access the server. Sonic ssh has a `-r` option which automates this process. Example:
|
112
|
+
|
113
|
+
```
|
114
|
+
$ sonic ssh -r i-0b21da68fff89937b
|
115
|
+
Can't ssh into the server yet. Retrying until success.
|
116
|
+
....
|
117
|
+
=> ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -At ec2-user@34.214.143.125
|
118
|
+
[ec2-user@ip-10-11-35-76 ~]$
|
119
|
+
```
|
120
|
+
|
121
|
+
### Specifying Custom Pem or Private Keys
|
122
|
+
|
123
|
+
It is recommended that you use ssh-agent to specify a custom private key, covered here [3 SSH tips: Ssh-agent, Tunnel, and Escaping from the Dead](https://blog.boltops.com/2017/09/21/3-ssh-tips-ssh-agent-tunnel-and-escaping-from-the-dead). You can specify the private key if you prefer with the `-i` option though. Example:
|
124
|
+
|
125
|
+
```sh
|
126
|
+
$ sonic ssh -i ~/.ssh/id_rsa-custom i-0b21da68fff89937b
|
127
|
+
[ec2-user@ip-10-11-35-76 ~]$
|
128
|
+
```
|
109
129
|
|
110
130
|
<a id="prev" class="btn btn-basic" href="{% link _docs/tutorial.md %}">Back</a>
|
111
131
|
<a id="next" class="btn btn-primary" href="{% link _docs/tutorial-ecs-exec.md %}">Next Step</a>
|
@@ -6,7 +6,7 @@ Why use Amazon EC2 Run Command vs just using a multi-ssh session?
|
|
6
6
|
|
7
7
|
* Some times it is not possible to use ssh across several servers. For example, really secured networks might have [MFA setup](TODO) so you need to authorized the requests via your phone before the command actually gets ran. In this case, you would get annoying confirmation notifications on your phone over and over as you approve each request for each of your servers.
|
8
8
|
* EC2 Run Command provides auditability. Any command that runs the EC2 Run Command gets logged and is tracked.
|
9
|
-
* The EC2 Run Manager has the ability to run the command in "blue/green" fashion with concurrency controls. Say you have 100 servers, you can tell EC2 Run Manager to run the command on one server first and the expodentially roll it out to the rest of the servers until the command has successfully ran on all servers. If it the command errors then it
|
9
|
+
* The EC2 Run Manager has the ability to run the command in "blue/green" fashion with concurrency controls. Say you have 100 servers, you can tell EC2 Run Manager to run the command on one server first and the expodentially roll it out to the rest of the servers until the command has successfully ran on all servers. If it the command errors on one server then it halts execution and does not run on the rest of the servers.
|
10
10
|
* This is all provided for free by using EC2 Run Manager.
|
11
11
|
|
12
12
|
The iniitial ertia of setting up EC2 Run Manager is actually very little. The [installation instructions]({% link _docs/install.md %}) demonstrate that installing EC2 Run Manager is literally one command.
|
@@ -19,6 +19,11 @@ section#main img {
|
|
19
19
|
margin: 0 auto 20px;
|
20
20
|
}
|
21
21
|
|
22
|
+
section#main li img {
|
23
|
+
display: inline;
|
24
|
+
margin: 0;
|
25
|
+
}
|
26
|
+
|
22
27
|
section#main .intro-text .name {
|
23
28
|
display: block;
|
24
29
|
text-transform: uppercase;
|
@@ -78,7 +83,7 @@ section#main .intro-text .skills {
|
|
78
83
|
}
|
79
84
|
|
80
85
|
.content-nav a {
|
81
|
-
color: #
|
86
|
+
color: #54ff9c;
|
82
87
|
}
|
83
88
|
|
84
89
|
.content-nav a.active {
|
@@ -112,8 +117,6 @@ ul.tools li {
|
|
112
117
|
font-size: 1.3em;
|
113
118
|
}
|
114
119
|
|
115
|
-
|
116
|
-
|
117
120
|
.btn-xl {
|
118
121
|
padding: 20px 40px;
|
119
122
|
border-color: #{{ site.data.template.color.primary }};
|
@@ -0,0 +1,10 @@
|
|
1
|
+
<!-- Google analytics -->
|
2
|
+
<script>
|
3
|
+
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
|
4
|
+
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
|
5
|
+
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
|
6
|
+
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
|
7
|
+
|
8
|
+
ga('create', '{{ site.google_analytics }}', 'auto');
|
9
|
+
ga('send', 'pageview');
|
10
|
+
</script>
|
data/docs/_includes/header.html
CHANGED
@@ -3,7 +3,7 @@
|
|
3
3
|
<div class="container">
|
4
4
|
<div class="row">
|
5
5
|
<div class="col-lg-12">
|
6
|
-
<img class="img-responsive" src="/img/sonic-
|
6
|
+
<img class="img-responsive" src="/img/sonic-logo.png" alt="">
|
7
7
|
<div class="intro-text">
|
8
8
|
<span class="name">{{ site.title }}</span>
|
9
9
|
<hr class="star-light">
|
data/docs/_includes/js.html
CHANGED
data/docs/_includes/nav.html
CHANGED
@@ -9,7 +9,7 @@
|
|
9
9
|
<span class="icon-bar"></span>
|
10
10
|
<span class="icon-bar"></span>
|
11
11
|
</button>
|
12
|
-
<a class="navbar-brand" href="/#page-top"><img class="navbar-logo" src="/img/
|
12
|
+
<a class="navbar-brand" href="/#page-top"><img class="navbar-logo" src="/img/sonic-logo.png" />{{ site.title }}</a>
|
13
13
|
</div>
|
14
14
|
|
15
15
|
<!-- Collect the nav links, forms, and other content for toggling -->
|
data/docs/bin/web
ADDED
data/docs/docs.md
CHANGED
@@ -4,7 +4,7 @@ title: Docs
|
|
4
4
|
|
5
5
|
### Overview
|
6
6
|
|
7
|
-
Sonic Screwdriver is a multi-functional tool to manage AWS infrastructure. It contains a variety of commands to make your job easier. It's main focus is to automate mundane repetitive tasks into simple one line commmands. With it you are to able debug environments and issues
|
7
|
+
Sonic Screwdriver is a multi-functional tool to manage AWS infrastructure. It contains a variety of commands to make your job easier. It's main focus is to automate mundane repetitive tasks into simple one line commmands. With it you are to able debug environments and issues quickly.
|
8
8
|
|
9
9
|
The actually command that Sonic Screwdriver provides is called `sonic`. Here's a list of things that `sonic` can do:
|
10
10
|
|
Binary file
|
data/docs/quick-start.md
CHANGED
@@ -37,7 +37,7 @@ sonic execute hi-web-stag,hi-worker-stag uptime
|
|
37
37
|
sonic list hi-web-stag
|
38
38
|
```
|
39
39
|
|
40
|
-
Congratulations! You now know the
|
40
|
+
Congratulations! You now know the basic sonic screwdriver commands now.
|
41
41
|
|
42
42
|
Learn more in the next sections.
|
43
43
|
|
data/lib/sonic/cli.rb
CHANGED
@@ -11,6 +11,8 @@ module Sonic
|
|
11
11
|
|
12
12
|
desc "ssh [IDENTIFER]", "ssh into a instance using identifier. identifer can be several things: instance id, ec2 tag, ECS service name, etc"
|
13
13
|
long_desc Help.ssh
|
14
|
+
method_option :keys, :aliases => '-i', :desc => "comma separated list of ssh private key paths"
|
15
|
+
method_option :retry, :aliases => '-r', :type => :boolean, :desc => "keep retrying the server login until successful. Useful when on newly launched instances."
|
14
16
|
def ssh(identifier, *command)
|
15
17
|
Ssh.new(identifier, options.merge(command: command)).run
|
16
18
|
end
|
data/lib/sonic/cli/help.rb
CHANGED
@@ -48,6 +48,20 @@ $ sonic ssh i-027363802c6ff314f uptime
|
|
48
48
|
=> ssh ec2-user@ec2-52-24-216-170.us-west-2.compute.amazonaws.com uptime
|
49
49
|
15:57:02 up 18:21, 0 users, load average: 0.00, 0.01, 0.00
|
50
50
|
|
51
|
+
Specifying pem keys:
|
52
|
+
|
53
|
+
The recommended way to specify custom private keys is to use ssh-agent as covered here: https://blog.boltops.com/2017/09/21/3-ssh-tips-ssh-agent-tunnel-and-escaping-from-the-dead
|
54
|
+
|
55
|
+
But you can also specify the pem key to use with the -i option. Example:
|
56
|
+
|
57
|
+
$ sonic ssh -i ~/.ssh/id_rsa-custom ec2-user@ec2-52-24-216-170.us-west-2.compute.amazonaws.com
|
58
|
+
|
59
|
+
Retry option:
|
60
|
+
|
61
|
+
For newly launched instances, the instance's ssh access might not be quite ready. Typically, you must press up enter repeatedly until the instance is ready. Sonic ssh has a retry option that automates this. Example:
|
62
|
+
|
63
|
+
$ sonic ssh -r i-027363802c6ff314f
|
64
|
+
|
51
65
|
Bastion Host Support
|
52
66
|
|
53
67
|
Sonic ssh also supports a bastion host.
|
data/lib/sonic/execute.rb
CHANGED
@@ -1,4 +1,3 @@
|
|
1
|
-
require "byebug"
|
2
1
|
module Sonic
|
3
2
|
class Execute
|
4
3
|
include AwsServices
|
@@ -150,11 +149,11 @@ You can use the following command to check registered instances to SSM.
|
|
150
149
|
# it right through
|
151
150
|
instances = List.new(@options).instances
|
152
151
|
if instances.count == 0
|
153
|
-
message =
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
152
|
+
message = <<-EOL
|
153
|
+
Unable to find any instances with filter #{@filter.join(',')}.
|
154
|
+
Are you sure you specify the filter with either a EC2 tag or list instance ids?
|
155
|
+
If you are using ECS identifiers, they are not supported with this command.
|
156
|
+
EOL
|
158
157
|
UI.warn(message)
|
159
158
|
end
|
160
159
|
instances.count
|
data/lib/sonic/settings.rb
CHANGED
@@ -96,9 +96,10 @@ module Sonic
|
|
96
96
|
data
|
97
97
|
end
|
98
98
|
|
99
|
+
# By default bypass strict host key checking for convenience.
|
100
|
+
# But user can overrride this.
|
99
101
|
def host_key_check_options
|
100
|
-
if data["host_key_check"]
|
101
|
-
# no options by default enables strict host key checking
|
102
|
+
if data["host_key_check"] == true
|
102
103
|
[]
|
103
104
|
else
|
104
105
|
# disables host key checking
|
data/lib/sonic/ssh.rb
CHANGED
@@ -3,8 +3,10 @@ require 'colorize'
|
|
3
3
|
module Sonic
|
4
4
|
class Ssh
|
5
5
|
autoload :IdentifierDetector, 'sonic/ssh/identifier_detector'
|
6
|
+
autoload :CliOptions, 'sonic/ssh/cli_options'
|
6
7
|
|
7
8
|
include AwsServices
|
9
|
+
include CliOptions
|
8
10
|
|
9
11
|
def initialize(identifier, options)
|
10
12
|
@options = options
|
@@ -21,6 +23,7 @@ module Sonic
|
|
21
23
|
|
22
24
|
def run
|
23
25
|
ssh = build_ssh_command
|
26
|
+
retry_until_success(*ssh) if @options[:retry]
|
24
27
|
kernel_exec(*ssh) # must splat the Array here
|
25
28
|
end
|
26
29
|
|
@@ -84,8 +87,11 @@ private
|
|
84
87
|
end
|
85
88
|
|
86
89
|
# Returns Array of flags.
|
90
|
+
# Example:
|
91
|
+
# ["-o", "StrictHostKeyChecking=no", "-o", "UserKnownHostsFile=/dev/null"]
|
87
92
|
def ssh_options
|
88
|
-
settings.host_key_check_options
|
93
|
+
host_key_check_options = settings.host_key_check_options
|
94
|
+
keys_option + host_key_check_options
|
89
95
|
end
|
90
96
|
|
91
97
|
# Will prepend the bastion host if required
|
@@ -134,5 +140,20 @@ private
|
|
134
140
|
[nil, identifier]
|
135
141
|
end
|
136
142
|
end
|
143
|
+
|
144
|
+
def retry_until_success(*command)
|
145
|
+
retries = 0
|
146
|
+
uptime = command + ['uptime', '2>&1']
|
147
|
+
uptime = uptime.join(' ')
|
148
|
+
out = `#{uptime}`
|
149
|
+
while out !~ /load average/ do
|
150
|
+
puts "Can't ssh into the server yet. Retrying until success." if retries == 0
|
151
|
+
print '.'
|
152
|
+
retries += 1
|
153
|
+
sleep 1
|
154
|
+
out = `#{uptime}`
|
155
|
+
end
|
156
|
+
puts "" if @options[:retry] && retries > 0
|
157
|
+
end
|
137
158
|
end
|
138
159
|
end
|
data/lib/sonic/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sonic-screwdriver
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.3.
|
4
|
+
version: 1.3.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tung Nguyen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-09-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -161,6 +161,7 @@ files:
|
|
161
161
|
- ".gitignore"
|
162
162
|
- ".rspec"
|
163
163
|
- CHANGELOG.md
|
164
|
+
- CONTRIBUTING.md
|
164
165
|
- Gemfile
|
165
166
|
- Gemfile.lock
|
166
167
|
- Guardfile
|
@@ -204,6 +205,7 @@ files:
|
|
204
205
|
- docs/_includes/edit-on-github.html
|
205
206
|
- docs/_includes/example.html
|
206
207
|
- docs/_includes/footer.html
|
208
|
+
- docs/_includes/google_analytics.html
|
207
209
|
- docs/_includes/head.html
|
208
210
|
- docs/_includes/header.html
|
209
211
|
- docs/_includes/js.html
|
@@ -217,6 +219,7 @@ files:
|
|
217
219
|
- docs/_layouts/default.html
|
218
220
|
- docs/_layouts/style.css
|
219
221
|
- docs/articles.md
|
222
|
+
- docs/bin/web
|
220
223
|
- docs/css/font-awesome/css/font-awesome.css
|
221
224
|
- docs/css/font-awesome/css/font-awesome.min.css
|
222
225
|
- docs/css/font-awesome/fonts/FontAwesome.otf
|
@@ -227,10 +230,9 @@ files:
|
|
227
230
|
- docs/docs.md
|
228
231
|
- docs/img/logos/boltops-logo-full.png
|
229
232
|
- docs/img/logos/boltops-logo.png
|
230
|
-
- docs/img/sonic-
|
233
|
+
- docs/img/sonic-logo.png
|
231
234
|
- docs/img/tutorials/ec2-console-public-ip.png
|
232
235
|
- docs/img/tutorials/ec2-console-run-command.png
|
233
|
-
- docs/img/ufo.jpg
|
234
236
|
- docs/index.html
|
235
237
|
- docs/js/bootstrap.js
|
236
238
|
- docs/js/bootstrap.min.js
|
@@ -260,6 +262,7 @@ files:
|
|
260
262
|
- lib/sonic/list.rb
|
261
263
|
- lib/sonic/settings.rb
|
262
264
|
- lib/sonic/ssh.rb
|
265
|
+
- lib/sonic/ssh/cli_options.rb
|
263
266
|
- lib/sonic/ssh/ec2_tag.rb
|
264
267
|
- lib/sonic/ssh/identifier_detector.rb
|
265
268
|
- lib/sonic/ui.rb
|
Binary file
|
data/docs/img/ufo.jpg
DELETED
Binary file
|