mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-08-04 21:24:24 -07:00
Teach fireball mode to disable the fireball by paying attention to 'minutes=N' (default 30) and do not let fireball module crash
on input.
This commit is contained in:
parent
14f7c85ce7
commit
f897f19fc5
1 changed files with 27 additions and 25 deletions
|
@ -23,10 +23,11 @@ DOCUMENTATION = '''
|
||||||
module: fireball
|
module: fireball
|
||||||
short_description: Enable fireball mode on remote node
|
short_description: Enable fireball mode on remote node
|
||||||
description:
|
description:
|
||||||
- This modules launches an ephemeral I(fireball) daemon on the remote node which
|
- This modules launches an ephemeral I(fireball) ZeroMQ message bus daemon on the remote node which
|
||||||
so that Ansible can use ZeroMQ as a message bus to communicate with nodes. The
|
Ansible can to communicate with nodes at high speed.
|
||||||
daemon listens on a configurable port for a configurable amount of time.
|
- The daemon listens on a configurable port for a configurable amount of time.
|
||||||
- Ansible and the nodes exchange AES keys with which I(fireball) mode authenticates.
|
- Starting a new fireball as a given user terminates any existing user fireballs.
|
||||||
|
- Fireball mode is AES encrypted
|
||||||
version_added: "0.9"
|
version_added: "0.9"
|
||||||
options:
|
options:
|
||||||
port:
|
port:
|
||||||
|
@ -35,16 +36,10 @@ options:
|
||||||
required: false
|
required: false
|
||||||
default: 5099
|
default: 5099
|
||||||
aliases: []
|
aliases: []
|
||||||
password:
|
|
||||||
description:
|
|
||||||
- this is a serialized AesKey object that is transferred over SSH; it is never
|
|
||||||
logged. Keys are periodically regenerated.
|
|
||||||
required: true
|
|
||||||
default: null
|
|
||||||
minutes:
|
minutes:
|
||||||
description:
|
description:
|
||||||
- The I(fireball) listener daemon is started on nodes and will stay around for
|
- The I(fireball) listener daemon is started on nodes and will stay around for
|
||||||
this number of minutes before dying off by itself.
|
this number of minutes before turning itself off.
|
||||||
required: false
|
required: false
|
||||||
default: 30
|
default: 30
|
||||||
# WARNING: very careful when moving space around, below
|
# WARNING: very careful when moving space around, below
|
||||||
|
@ -60,12 +55,10 @@ examples:
|
||||||
- hosts: devservers
|
- hosts: devservers
|
||||||
connection: fireball
|
connection: fireball
|
||||||
tasks:
|
tasks:
|
||||||
- action: template src=config.in dest=/etc/my.config mode=0600
|
- action: command /usr/bin/anything
|
||||||
description: "This example playbook has two plays: the first launches I(fireball) mode on all hosts via SSH, and the second actually starts using I(fireball) node for subsequent configuration tasks"
|
description: "This example playbook has two plays: the first launches I(fireball) mode on all hosts via SSH, and the second actually starts using I(fireball) node for subsequent management over the fireball interface"
|
||||||
notes:
|
notes:
|
||||||
- This module is used together with the C(fireball) connection plugin and is useless
|
- See the advanced playbooks chapter for more about using fireball mode.
|
||||||
on its own.
|
|
||||||
- Also see the M(template) module.
|
|
||||||
requirements: [ "zmq", "keyczar" ]
|
requirements: [ "zmq", "keyczar" ]
|
||||||
author: Michael DeHaan
|
author: Michael DeHaan
|
||||||
'''
|
'''
|
||||||
|
@ -77,7 +70,9 @@ import time
|
||||||
import base64
|
import base64
|
||||||
import syslog
|
import syslog
|
||||||
import signal
|
import signal
|
||||||
|
import time
|
||||||
import subprocess
|
import subprocess
|
||||||
|
import signal
|
||||||
|
|
||||||
syslog.openlog('ansible-%s' % os.path.basename(__file__))
|
syslog.openlog('ansible-%s' % os.path.basename(__file__))
|
||||||
PIDFILE = os.path.expanduser("~/.fireball.pid")
|
PIDFILE = os.path.expanduser("~/.fireball.pid")
|
||||||
|
@ -192,6 +187,7 @@ def put(data):
|
||||||
|
|
||||||
def serve(module, password, port, minutes):
|
def serve(module, password, port, minutes):
|
||||||
|
|
||||||
|
|
||||||
log("serving")
|
log("serving")
|
||||||
context = zmq.Context()
|
context = zmq.Context()
|
||||||
socket = context.socket(zmq.REP)
|
socket = context.socket(zmq.REP)
|
||||||
|
@ -207,11 +203,14 @@ def serve(module, password, port, minutes):
|
||||||
|
|
||||||
while True:
|
while True:
|
||||||
|
|
||||||
log("DEBUG: waiting")
|
|
||||||
data = socket.recv()
|
data = socket.recv()
|
||||||
data = key.Decrypt(data)
|
|
||||||
|
try:
|
||||||
|
data = key.Decrypt(data)
|
||||||
|
except:
|
||||||
|
continue
|
||||||
|
|
||||||
data = json.loads(data)
|
data = json.loads(data)
|
||||||
log("DEBUG: got data=%s" % data)
|
|
||||||
|
|
||||||
mode = data['mode']
|
mode = data['mode']
|
||||||
response = {}
|
response = {}
|
||||||
|
@ -223,18 +222,22 @@ def serve(module, password, port, minutes):
|
||||||
elif mode == 'fetch':
|
elif mode == 'fetch':
|
||||||
response = fetch(data)
|
response = fetch(data)
|
||||||
|
|
||||||
# FIXME: send back a useful response here
|
|
||||||
data2 = json.dumps(response)
|
data2 = json.dumps(response)
|
||||||
log("DEBUG: returning data=%s" % data2)
|
|
||||||
data2 = key.Encrypt(data2)
|
data2 = key.Encrypt(data2)
|
||||||
socket.send(data2)
|
socket.send(data2)
|
||||||
|
|
||||||
def daemonize(module, password, port, minutes):
|
def daemonize(module, password, port, minutes):
|
||||||
|
|
||||||
# FIXME: actually support the minutes killswitch here
|
|
||||||
# FIXME: /actually/ daemonize here
|
|
||||||
try:
|
try:
|
||||||
daemonize_self(module, password, port, minutes)
|
daemonize_self(module, password, port, minutes)
|
||||||
|
|
||||||
|
def catcher(signum, _):
|
||||||
|
module.exit_json(msg='timer expired')
|
||||||
|
|
||||||
|
signal.signal(signal.SIGALRM, catcher)
|
||||||
|
signal.setitimer(signal.ITIMER_REAL, 60 * minutes)
|
||||||
|
|
||||||
|
|
||||||
serve(module, password, port, minutes)
|
serve(module, password, port, minutes)
|
||||||
except Exception, e:
|
except Exception, e:
|
||||||
log("exception caught, exiting fireball mode: %s" % e)
|
log("exception caught, exiting fireball mode: %s" % e)
|
||||||
|
@ -251,9 +254,8 @@ def main():
|
||||||
)
|
)
|
||||||
|
|
||||||
password = base64.b64decode(module.params['password'])
|
password = base64.b64decode(module.params['password'])
|
||||||
log("DEBUG pass=%s" % password)
|
|
||||||
port = module.params['port']
|
port = module.params['port']
|
||||||
minutes = module.params['minutes']
|
minutes = int(module.params['minutes'])
|
||||||
|
|
||||||
if not HAS_ZMQ:
|
if not HAS_ZMQ:
|
||||||
module.fail_json(msg="zmq is not installed")
|
module.fail_json(msg="zmq is not installed")
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue