@ -23,10 +23,11 @@ DOCUMENTATION = '''
module: fireball
module: fireball
short_description: Enable fireball mode on remote node
short_description: Enable fireball mode on remote node
description:
description:
- This modules launches an ephemeral I(fireball) daemon on the remote node which
- This modules launches an ephemeral I(fireball) ZeroMQ message bus daemon on the remote node which
so that Ansible can use ZeroMQ as a message bus to communicate with nodes. The
Ansible can to communicate with nodes at high speed.
daemon listens on a configurable port for a configurable amount of time.
- The daemon listens on a configurable port for a configurable amount of time.
- Ansible and the nodes exchange AES keys with which I(fireball) mode authenticates.
- Starting a new fireball as a given user terminates any existing user fireballs.
- Fireball mode is AES encrypted
version_added: "0.9"
version_added: "0.9"
options:
options:
port:
port:
@ -35,16 +36,10 @@ options:
required: false
required: false
default: 5099
default: 5099
aliases: []
aliases: []
password:
description:
- this is a serialized AesKey object that is transferred over SSH; it is never
logged. Keys are periodically regenerated.
required: true
default: null
minutes:
minutes:
description:
description:
- The I(fireball) listener daemon is started on nodes and will stay around for
- The I(fireball) listener daemon is started on nodes and will stay around for
this number of minutes before dying off by itsel f.
this number of minutes before turning itself off.
required: false
required: false
default: 30
default: 30
# WARNING: very careful when moving space around, below
# WARNING: very careful when moving space around, below
@ -60,12 +55,10 @@ examples:
- hosts: devservers
- hosts: devservers
connection: fireball
connection: fireball
tasks:
tasks:
- action: template src=config.in dest=/etc/my.config mode=0600
- action: command /usr/bin/anything
description: "This example playbook has two plays: the first launches I(fireball) mode on all hosts via SSH, and the second actually starts using I(fireball) node for subsequent configuration tasks "
description: "This example playbook has two plays: the first launches I(fireball) mode on all hosts via SSH, and the second actually starts using I(fireball) node for subsequent management over the fireball interface "
notes:
notes:
- This module is used together with the C(fireball) connection plugin and is useless
- See the advanced playbooks chapter for more about using fireball mode.
on its own.
- Also see the M(template) module.
requirements: [ "zmq", "keyczar" ]
requirements: [ "zmq", "keyczar" ]
author: Michael DeHaan
author: Michael DeHaan
'''
'''
@ -77,7 +70,9 @@ import time
import base64
import base64
import syslog
import syslog
import signal
import signal
import time
import subprocess
import subprocess
import signal
syslog.openlog('ansible-%s' % os.path.basename(__file__))
syslog.openlog('ansible-%s' % os.path.basename(__file__))
PIDFILE = os.path.expanduser("~/.fireball.pid")
PIDFILE = os.path.expanduser("~/.fireball.pid")
@ -192,6 +187,7 @@ def put(data):
def serve(module, password, port, minutes):
def serve(module, password, port, minutes):
log("serving")
log("serving")
context = zmq.Context()
context = zmq.Context()
socket = context.socket(zmq.REP)
socket = context.socket(zmq.REP)
@ -207,11 +203,14 @@ def serve(module, password, port, minutes):
while True:
while True:
log("DEBUG: waiting")
data = socket.recv()
data = socket.recv()
try:
data = key.Decrypt(data)
data = key.Decrypt(data)
except:
continue
data = json.loads(data)
data = json.loads(data)
log("DEBUG: got data=%s" % data)
mode = data['mode']
mode = data['mode']
response = {}
response = {}
@ -223,18 +222,22 @@ def serve(module, password, port, minutes):
elif mode == 'fetch':
elif mode == 'fetch':
response = fetch(data)
response = fetch(data)
# FIXME: send back a useful response here
data2 = json.dumps(response)
data2 = json.dumps(response)
log("DEBUG: returning data=%s" % data2)
data2 = key.Encrypt(data2)
data2 = key.Encrypt(data2)
socket.send(data2)
socket.send(data2)
def daemonize(module, password, port, minutes):
def daemonize(module, password, port, minutes):
# FIXME: actually support the minutes killswitch here
# FIXME: /actually/ daemonize here
try:
try:
daemonize_self(module, password, port, minutes)
daemonize_self(module, password, port, minutes)
def catcher(signum, _):
module.exit_json(msg='timer expired')
signal.signal(signal.SIGALRM, catcher)
signal.setitimer(signal.ITIMER_REAL, 60 * minutes)
serve(module, password, port, minutes)
serve(module, password, port, minutes)
except Exception, e:
except Exception, e:
log("exception caught, exiting fireball mode: %s" % e)
log("exception caught, exiting fireball mode: %s" % e)
@ -251,9 +254,8 @@ def main():
)
)
password = base64.b64decode(module.params['password'])
password = base64.b64decode(module.params['password'])
log("DEBUG pass=%s" % password)
port = module.params['port']
port = module.params['port']
minutes = module.params['minutes']
minutes = int( module.params['minutes'])
if not HAS_ZMQ:
if not HAS_ZMQ:
module.fail_json(msg="zmq is not installed")
module.fail_json(msg="zmq is not installed")