Class: Puppet::Application::Kick

Inherits:

Puppet::Application

• Object
• Puppet::Application
• Puppet::Application::Kick

Defined in:

lib/puppet/application/kick.rb

Constant Summary

Constants inherited from Puppet::Application

DOCPATTERN, SHOULD_PARSE_CONFIG_DEPRECATION_MSG

Constants included from Util

Util::AbsolutePathPosix, Util::AbsolutePathWindows, Util::DEFAULT_POSIX_MODE, Util::DEFAULT_WINDOWS_MODE

Constants included from Util::POSIX

Util::POSIX::LOCALE_ENV_VARS, Util::POSIX::USER_ENV_VARS

Constants included from Util::SymbolicFileMode

Util::SymbolicFileMode::SetGIDBit, Util::SymbolicFileMode::SetUIDBit, Util::SymbolicFileMode::StickyBit, Util::SymbolicFileMode::SymbolicMode, Util::SymbolicFileMode::SymbolicSpecialToBit

Instance Attribute Summary

• #classes ⇒ Object
• #hosts ⇒ Object
• #tags ⇒ Object

Attributes inherited from Puppet::Application

#command_line, #options

Instance Method Summary

• #help ⇒ Object
• #initialize(*args) ⇒ Kick constructor

  A new instance of Kick.

• #main ⇒ Object
• #preinit ⇒ Object
• #run_command ⇒ Object
• #run_for_host(host) ⇒ Object
• #setup ⇒ Object
• #test ⇒ Object

Methods inherited from Puppet::Application

[], #app_defaults, available_application_names, banner, clear!, clear?, clear_everything_for_tests, #configure_indirector_routes, controlled_run, exit, find, #handle_logdest_arg, #handlearg, #initialize_app_defaults, interrupted?, #log_runtime_environment, #name, option, option_parser_commands, #parse_options, restart!, restart_requested?, #run, run_mode, #set_log_level, #setup_logs, should_not_parse_config, should_parse_config, should_parse_config?, stop!, stop_requested?, try_load_class

Methods included from Util

absolute_path?, activerecord_version, benchmark, binread, chuser, classproxy, deterministic_rand, execfail, execpipe, execute, exit_on_fail, logmethods, memory, path_to_uri, pretty_backtrace, proxy, replace_file, safe_posix_fork, symbolizehash, thinmark, uri_to_path, which, withenv, withumask

Methods included from Util::POSIX

#get_posix_field, #gid, #idfield, #methodbyid, #methodbyname, #search_posix_field, #uid

Methods included from Util::SymbolicFileMode

#normalize_symbolic_mode, #symbolic_mode_to_int, #valid_symbolic_mode?

Constructor Details

#initialize(*args) ⇒ Kick

Returns a new instance of Kick.

# File 'lib/puppet/application/kick.rb', line 283

def initialize(*args)
  super
  @hosts = []
  @classes = []
  @tags = []
end

Instance Attribute Details

#classes ⇒ Object

# File 'lib/puppet/application/kick.rb', line 5

def classes
  @classes
end

#hosts ⇒ Object

# File 'lib/puppet/application/kick.rb', line 5

def hosts
  @hosts
end

#tags ⇒ Object

# File 'lib/puppet/application/kick.rb', line 5

def tags
  @tags
end

Instance Method Details

#help ⇒ Object

# File 'lib/puppet/application/kick.rb', line 39

def help
  "\npuppet-kick(8) -- Remotely control puppet agent\n========\n\nSYNOPSIS\n--------\nTrigger a puppet agent run on a set of hosts.\n\n\nUSAGE\n-----\npuppet kick [-a|--all] [-c|--class <class>] [-d|--debug] [-f|--foreground]\n[-h|--help] [--host <host>] [--no-fqdn] [--ignoreschedules]\n[-t|--tag <tag>] [--test] [-p|--ping] <host> [<host> [...]]\n\n\nDESCRIPTION\n-----------\nThis script can be used to connect to a set of machines running 'puppet\nagent' and trigger them to run their configurations. The most common\nusage would be to specify a class of hosts and a set of tags, and\n'puppet kick' would look up in LDAP all of the hosts matching that\nclass, then connect to each host and trigger a run of all of the objects\nwith the specified tags.\n\nIf you are not storing your host configurations in LDAP, you can specify\nhosts manually.\n\nYou will most likely have to run 'puppet kick' as root to get access to\nthe SSL certificates.\n\n'puppet kick' reads 'puppet master''s configuration file, so that it can\ncopy things like LDAP settings.\n\n\nUSAGE NOTES\n-----------\nPuppet kick needs the puppet agent on the target machine to be running as a\ndaemon, be configured to listen for incoming network connections, and have an\nappropriate security configuration.\n\nThe specific changes required are:\n\n* Set `listen = true` in the agent's `puppet.conf` file (or `--listen` on the\ncommand line)\n* Configure the node's firewall to allow incoming connections on port 8139\n* Insert the following stanza at the top of the node's `auth.conf` file:\n\n      # Allow puppet kick access\n      path    /run\n      method  save\n      auth    any\n      allow   workstation.example.com\n\nThis example would allow the machine `workstation.example.com` to trigger a\nPuppet run; adjust the \"allow\" directive to suit your site. You may also use\n`allow *` to allow anyone to trigger a Puppet run, but that makes it possible\nto interfere with your site by triggering excessive Puppet runs.\n\nSee `http://docs.puppetlabs.com/guides/rest_auth_conf.html` for more details\nabout security settings.\n\nOPTIONS\n-------\nNote that any setting that's valid in the configuration\nfile is also a valid long argument. For example, 'ssldir' is a valid\nsetting, so you can specify '--ssldir <directory>' as an\nargument.\n\nSee the configuration file documentation at\nhttp://docs.puppetlabs.com/references/latest/configuration.html for\nthe full list of acceptable parameters. A commented list of all\nconfiguration options can also be generated by running puppet master\nwith '--genconfig'.\n\n* --all:\nConnect to all available hosts. Requires LDAP support at this point.\n\n* --class:\nSpecify a class of machines to which to connect. This only works if\nyou have LDAP configured, at the moment.\n\n* --debug:\nEnable full debugging.\n\n* --foreground:\nRun each configuration in the foreground; that is, when connecting to\na host, do not return until the host has finished its run. The default\nis false.\n\n* --help:\nPrint this help message\n\n* --host:\nA specific host to which to connect. This flag can be specified more\nthan once.\n\n* --ignoreschedules:\nWhether the client should ignore schedules when running its\nconfiguration. This can be used to force the client to perform work it\nwould not normally perform so soon. The default is false.\n\n* --parallel:\nHow parallel to make the connections. Parallelization is provided by\nforking for each client to which to connect. The default is 1, meaning\nserial execution.\n\n* --puppetport:\nUse the specified TCP port to connect to agents. Defaults to 8139.\n\n* --tag:\nSpecify a tag for selecting the objects to apply. Does not work with\nthe --test option.\n\n* --test:\nPrint the hosts you would connect to but do not actually connect. This\noption requires LDAP support at this point.\n\n* --ping:\nDo an ICMP echo against the target host. Skip hosts that don't respond\nto ping.\n\n\nEXAMPLE\n-------\n  $ sudo puppet kick -p 10 -t remotefile -t webserver host1 host2\n\n\nAUTHOR\n------\nLuke Kanies\n\n\nCOPYRIGHT\n---------\nCopyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2.0 License\n\n  HELP\nend\n"

#main ⇒ Object

# File 'lib/puppet/application/kick.rb', line 191

def main
  Puppet.warning "Failed to load ruby LDAP library. LDAP functionality will not be available" unless Puppet.features.ldap?
  require 'puppet/util/ldap/connection'

  todo = @hosts.dup

  failures = []

  # Now do the actual work
  go = true
  while go
    # If we don't have enough children in process and we still have hosts left to
    # do, then do the next host.
    if @children.length < options[:parallel] and ! todo.empty?
      host = todo.shift
      pid = safe_posix_fork do
        run_for_host(host)
      end
      @children[pid] = host
    else
      # Else, see if we can reap a process.
      begin
        pid = Process.wait

        if host = @children[pid]
          # Remove our host from the list of children, so the parallelization
          # continues working.
          @children.delete(pid)
          failures << host if $CHILD_STATUS.exitstatus != 0
          print "#{host} finished with exit code #{$CHILD_STATUS.exitstatus}\n"
        else
          $stderr.puts "Could not find host for PID #{pid} with status #{$CHILD_STATUS.exitstatus}"
        end
      rescue Errno::ECHILD
        # There are no children left, so just exit unless there are still
        # children left to do.
        next unless todo.empty?

        if failures.empty?
          puts "Finished"
          exit(0)
        else
          puts "Failed: #{failures.join(", ")}"
          exit(3)
        end
      end
    end
  end
end

#preinit ⇒ Object

# File 'lib/puppet/application/kick.rb', line 290

def preinit
  [:INT, :TERM].each do |signal|
    Signal.trap(signal) do
      $stderr.puts "Cancelling"
      exit(1)
    end
  end
  options[:parallel] = 1
  options[:verbose] = true
  options[:fqdn] = true
  options[:ignoreschedules] = false
  options[:foreground] = false
end

#run_command ⇒ Object

# File 'lib/puppet/application/kick.rb', line 181

def run_command
  @hosts += command_line.args
  options[:test] ? test : main
end

#run_for_host(host) ⇒ Object

# File 'lib/puppet/application/kick.rb', line 241

def run_for_host(host)
  if options[:ping]
    %x{ping -c 1 #{host}}
    unless $CHILD_STATUS == 0
      $stderr.print "Could not contact #{host}\n"
      exit($CHILD_STATUS)
    end
  end

  require 'puppet/run'
  Puppet::Run.indirection.terminus_class = :rest
  port = Puppet[:puppetport]
  url = ["https://#{host}:#{port}", "production", "run", host].join('/')

  print "Triggering #{host}\n"
  begin
    run_options = {
      :tags => @tags,
      :background => ! options[:foreground],
      :ignoreschedules => options[:ignoreschedules]
    }
    run = Puppet::Run.indirection.save(Puppet::Run.new( run_options ), url)
    puts "Getting status"
    result = run.status
    puts "status is #{result}"
  rescue => detail
    Puppet.log_exception(detail, "Host #{host} failed: #{detail}\n")
    exit(2)
  end

  case result
  when "success";
    exit(0)
  when "running"
    $stderr.puts "Host #{host} is already running"
    exit(3)
  else
    $stderr.puts "Host #{host} returned unknown answer '#{result}'"
    exit(12)
  end
end

#setup ⇒ Object

Raises:

• (Puppet::Error)

# File 'lib/puppet/application/kick.rb', line 304

def setup
  super()
  raise Puppet::Error.new("Puppet kick is not supported on Microsoft Windows") if Puppet.features.microsoft_windows?
  Puppet.warning "Puppet kick is deprecated. See http://links.puppetlabs.com/puppet-kick-deprecation"

  if options[:debug]
    Puppet::Util::Log.level = :debug
  else
    Puppet::Util::Log.level = :info
  end

  if Puppet[:node_terminus] == :ldap and (options[:all] or @classes)
    if options[:all]
      @hosts = Puppet::Node.indirection.search("whatever", :fqdn => options[:fqdn]).collect { |node| node.name }
      puts "all: #{@hosts.join(", ")}"
    else
      @hosts = []
      @classes.each do |klass|
        list = Puppet::Node.indirection.search("whatever", :fqdn => options[:fqdn], :class => klass).collect { |node| node.name }
        puts "#{klass}: #{list.join(", ")}"

        @hosts += list
      end
    end
  elsif ! @classes.empty?
    $stderr.puts "You must be using LDAP to specify host classes"
    exit(24)
  end

  @children = {}

  # If we get a signal, then kill all of our children and get out.
  [:INT, :TERM].each do |signal|
    Signal.trap(signal) do
      Puppet.notice "Caught #{signal}; shutting down"
      @children.each do |pid, host|
        Process.kill("INT", pid)
      end

      waitall

      exit(1)
    end
  end

end

#test ⇒ Object

# File 'lib/puppet/application/kick.rb', line 186

def test
  puts "Skipping execution in test mode"
  exit(0)
end