Teach fireball mode to disable the fireball by paying attention to 'minutes=N' (default 30) and do not let fireball module crash
on input.
This commit is contained in:
parent
14f7c85ce7
commit
f897f19fc5
1 changed files with 27 additions and 25 deletions
|
@ -23,10 +23,11 @@ DOCUMENTATION = '''
|
|||
module: fireball
|
||||
short_description: Enable fireball mode on remote node
|
||||
description:
|
||||
- This modules launches an ephemeral I(fireball) daemon on the remote node which
|
||||
so that Ansible can use ZeroMQ as a message bus to communicate with nodes. The
|
||||
daemon listens on a configurable port for a configurable amount of time.
|
||||
- Ansible and the nodes exchange AES keys with which I(fireball) mode authenticates.
|
||||
- This modules launches an ephemeral I(fireball) ZeroMQ message bus daemon on the remote node which
|
||||
Ansible can to communicate with nodes at high speed.
|
||||
- The daemon listens on a configurable port for a configurable amount of time.
|
||||
- Starting a new fireball as a given user terminates any existing user fireballs.
|
||||
- Fireball mode is AES encrypted
|
||||
version_added: "0.9"
|
||||
options:
|
||||
port:
|
||||
|
@ -35,16 +36,10 @@ options:
|
|||
required: false
|
||||
default: 5099
|
||||
aliases: []
|
||||
password:
|
||||
description:
|
||||
- this is a serialized AesKey object that is transferred over SSH; it is never
|
||||
logged. Keys are periodically regenerated.
|
||||
required: true
|
||||
default: null
|
||||
minutes:
|
||||
description:
|
||||
- The I(fireball) listener daemon is started on nodes and will stay around for
|
||||
this number of minutes before dying off by itself.
|
||||
this number of minutes before turning itself off.
|
||||
required: false
|
||||
default: 30
|
||||
# WARNING: very careful when moving space around, below
|
||||
|
@ -60,12 +55,10 @@ examples:
|
|||
- hosts: devservers
|
||||
connection: fireball
|
||||
tasks:
|
||||
- action: template src=config.in dest=/etc/my.config mode=0600
|
||||
description: "This example playbook has two plays: the first launches I(fireball) mode on all hosts via SSH, and the second actually starts using I(fireball) node for subsequent configuration tasks"
|
||||
- action: command /usr/bin/anything
|
||||
description: "This example playbook has two plays: the first launches I(fireball) mode on all hosts via SSH, and the second actually starts using I(fireball) node for subsequent management over the fireball interface"
|
||||
notes:
|
||||
- This module is used together with the C(fireball) connection plugin and is useless
|
||||
on its own.
|
||||
- Also see the M(template) module.
|
||||
- See the advanced playbooks chapter for more about using fireball mode.
|
||||
requirements: [ "zmq", "keyczar" ]
|
||||
author: Michael DeHaan
|
||||
'''
|
||||
|
@ -77,7 +70,9 @@ import time
|
|||
import base64
|
||||
import syslog
|
||||
import signal
|
||||
import time
|
||||
import subprocess
|
||||
import signal
|
||||
|
||||
syslog.openlog('ansible-%s' % os.path.basename(__file__))
|
||||
PIDFILE = os.path.expanduser("~/.fireball.pid")
|
||||
|
@ -192,6 +187,7 @@ def put(data):
|
|||
|
||||
def serve(module, password, port, minutes):
|
||||
|
||||
|
||||
log("serving")
|
||||
context = zmq.Context()
|
||||
socket = context.socket(zmq.REP)
|
||||
|
@ -207,11 +203,14 @@ def serve(module, password, port, minutes):
|
|||
|
||||
while True:
|
||||
|
||||
log("DEBUG: waiting")
|
||||
data = socket.recv()
|
||||
data = key.Decrypt(data)
|
||||
|
||||
try:
|
||||
data = key.Decrypt(data)
|
||||
except:
|
||||
continue
|
||||
|
||||
data = json.loads(data)
|
||||
log("DEBUG: got data=%s" % data)
|
||||
|
||||
mode = data['mode']
|
||||
response = {}
|
||||
|
@ -223,18 +222,22 @@ def serve(module, password, port, minutes):
|
|||
elif mode == 'fetch':
|
||||
response = fetch(data)
|
||||
|
||||
# FIXME: send back a useful response here
|
||||
data2 = json.dumps(response)
|
||||
log("DEBUG: returning data=%s" % data2)
|
||||
data2 = key.Encrypt(data2)
|
||||
socket.send(data2)
|
||||
|
||||
def daemonize(module, password, port, minutes):
|
||||
|
||||
# FIXME: actually support the minutes killswitch here
|
||||
# FIXME: /actually/ daemonize here
|
||||
try:
|
||||
daemonize_self(module, password, port, minutes)
|
||||
|
||||
def catcher(signum, _):
|
||||
module.exit_json(msg='timer expired')
|
||||
|
||||
signal.signal(signal.SIGALRM, catcher)
|
||||
signal.setitimer(signal.ITIMER_REAL, 60 * minutes)
|
||||
|
||||
|
||||
serve(module, password, port, minutes)
|
||||
except Exception, e:
|
||||
log("exception caught, exiting fireball mode: %s" % e)
|
||||
|
@ -251,9 +254,8 @@ def main():
|
|||
)
|
||||
|
||||
password = base64.b64decode(module.params['password'])
|
||||
log("DEBUG pass=%s" % password)
|
||||
port = module.params['port']
|
||||
minutes = module.params['minutes']
|
||||
minutes = int(module.params['minutes'])
|
||||
|
||||
if not HAS_ZMQ:
|
||||
module.fail_json(msg="zmq is not installed")
|
||||
|
|
Loading…
Reference in a new issue