Teach fireball mode to disable the fireball by paying attention to 'minutes=N' (default 30) and do not let fireball module crash

on input.
reviewable/pr18780/r1
Michael DeHaan 12 years ago
parent 413a03f723
commit ef7811e4d4

@ -23,10 +23,11 @@ DOCUMENTATION = '''
module: fireball module: fireball
short_description: Enable fireball mode on remote node short_description: Enable fireball mode on remote node
description: description:
- This modules launches an ephemeral I(fireball) daemon on the remote node which - This modules launches an ephemeral I(fireball) ZeroMQ message bus daemon on the remote node which
so that Ansible can use ZeroMQ as a message bus to communicate with nodes. The Ansible can to communicate with nodes at high speed.
daemon listens on a configurable port for a configurable amount of time. - The daemon listens on a configurable port for a configurable amount of time.
- Ansible and the nodes exchange AES keys with which I(fireball) mode authenticates. - Starting a new fireball as a given user terminates any existing user fireballs.
- Fireball mode is AES encrypted
version_added: "0.9" version_added: "0.9"
options: options:
port: port:
@ -35,16 +36,10 @@ options:
required: false required: false
default: 5099 default: 5099
aliases: [] aliases: []
password:
description:
- this is a serialized AesKey object that is transferred over SSH; it is never
logged. Keys are periodically regenerated.
required: true
default: null
minutes: minutes:
description: description:
- The I(fireball) listener daemon is started on nodes and will stay around for - The I(fireball) listener daemon is started on nodes and will stay around for
this number of minutes before dying off by itself. this number of minutes before turning itself off.
required: false required: false
default: 30 default: 30
# WARNING: very careful when moving space around, below # WARNING: very careful when moving space around, below
@ -60,12 +55,10 @@ examples:
- hosts: devservers - hosts: devservers
connection: fireball connection: fireball
tasks: tasks:
- action: template src=config.in dest=/etc/my.config mode=0600 - action: command /usr/bin/anything
description: "This example playbook has two plays: the first launches I(fireball) mode on all hosts via SSH, and the second actually starts using I(fireball) node for subsequent configuration tasks" description: "This example playbook has two plays: the first launches I(fireball) mode on all hosts via SSH, and the second actually starts using I(fireball) node for subsequent management over the fireball interface"
notes: notes:
- This module is used together with the C(fireball) connection plugin and is useless - See the advanced playbooks chapter for more about using fireball mode.
on its own.
- Also see the M(template) module.
requirements: [ "zmq", "keyczar" ] requirements: [ "zmq", "keyczar" ]
author: Michael DeHaan author: Michael DeHaan
''' '''
@ -77,7 +70,9 @@ import time
import base64 import base64
import syslog import syslog
import signal import signal
import time
import subprocess import subprocess
import signal
syslog.openlog('ansible-%s' % os.path.basename(__file__)) syslog.openlog('ansible-%s' % os.path.basename(__file__))
PIDFILE = os.path.expanduser("~/.fireball.pid") PIDFILE = os.path.expanduser("~/.fireball.pid")
@ -192,6 +187,7 @@ def put(data):
def serve(module, password, port, minutes): def serve(module, password, port, minutes):
log("serving") log("serving")
context = zmq.Context() context = zmq.Context()
socket = context.socket(zmq.REP) socket = context.socket(zmq.REP)
@ -207,11 +203,14 @@ def serve(module, password, port, minutes):
while True: while True:
log("DEBUG: waiting")
data = socket.recv() data = socket.recv()
data = key.Decrypt(data)
try:
data = key.Decrypt(data)
except:
continue
data = json.loads(data) data = json.loads(data)
log("DEBUG: got data=%s" % data)
mode = data['mode'] mode = data['mode']
response = {} response = {}
@ -223,18 +222,22 @@ def serve(module, password, port, minutes):
elif mode == 'fetch': elif mode == 'fetch':
response = fetch(data) response = fetch(data)
# FIXME: send back a useful response here
data2 = json.dumps(response) data2 = json.dumps(response)
log("DEBUG: returning data=%s" % data2)
data2 = key.Encrypt(data2) data2 = key.Encrypt(data2)
socket.send(data2) socket.send(data2)
def daemonize(module, password, port, minutes): def daemonize(module, password, port, minutes):
# FIXME: actually support the minutes killswitch here
# FIXME: /actually/ daemonize here
try: try:
daemonize_self(module, password, port, minutes) daemonize_self(module, password, port, minutes)
def catcher(signum, _):
module.exit_json(msg='timer expired')
signal.signal(signal.SIGALRM, catcher)
signal.setitimer(signal.ITIMER_REAL, 60 * minutes)
serve(module, password, port, minutes) serve(module, password, port, minutes)
except Exception, e: except Exception, e:
log("exception caught, exiting fireball mode: %s" % e) log("exception caught, exiting fireball mode: %s" % e)
@ -251,9 +254,8 @@ def main():
) )
password = base64.b64decode(module.params['password']) password = base64.b64decode(module.params['password'])
log("DEBUG pass=%s" % password)
port = module.params['port'] port = module.params['port']
minutes = module.params['minutes'] minutes = int(module.params['minutes'])
if not HAS_ZMQ: if not HAS_ZMQ:
module.fail_json(msg="zmq is not installed") module.fail_json(msg="zmq is not installed")

Loading…
Cancel
Save