Code Monkey home page Code Monkey logo

rollout's People

Contributors

alienresidents avatar dparrish avatar ppayne avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar

rollout's Issues

Repeated package installation attempts with non-standard architecture (CentOS)

150-packages
  Installing packages: httpd.x86_64 php.x86_64
  CMD: yum install -y httpd.x86_64 php.x86_64
  CMD: Loaded plugins: fastestmirror, protectbase, rhnplugin
  CMD: Loading mirror speeds from cached hostfile
  CMD: 597 packages excluded due to repository protections
  CMD: Setting up Install Process
  CMD: Package httpd-2.2.3-43.el5.centos.3.x86_64 already installed and latest version
  CMD: Package php-5.1.6-27.el5.x86_64 already installed and latest version
  CMD: Nothing to do

How can we give access to user in rollout

I am using rollout as a configuration manager.

I am using nginx as webserver and want to give read only access to nginx directory to a user.

How can I do that?

Please help me with this.

Thanks

Mutual Authentication

Add in support for the mutual verification - server authenticates the client, and client authenticates the server.

Client Authentication:
This will probably require server mode to be used, not CGI. I'd like to see SSL certificates used here, perhaps with an ID and a fingerprint in the machine configuration.

Server Authentication:
The client should grab the server's certificate on first connection, and cache it locally, with a prompt for the SA to verify that it's correct. After that it can silently accept that certificate, and give a BIG warning when the cert changes.

Client Web Interface

An interface that runs on the client, on some tcp port that prints out the rollout -s output, but in a perttier way. Allows managers to see things, and also for those that want to scrape a status of a serer without going through ssh, or some other mechanism of authentication.

chkconfig service rolloutd not working...

The chkconfig service stuff for rolloutd (based on the example config for the server) on centos fails.

I've created a local cp of rolloutd called: /usr/local/rollout/rolloutd.init.centos, and linked to it. The relevant bits for chkconfig are:

#!/bin/sh
# Init file for Rolloutd server daemon
#
# chkconfig: 12345 70 20
# description: Rolloutd Server
#
# processname: rolloutd
# pidfile: /var/run/rolloutd.pid

RUN_ON_STARTUP=0
...

Due to the way different distros handle their services, maybe we should keep a rollout.init. ?

Validation Feature

A validation tool would be nice.

from the server, eg:
rollout --validate
Error in fragment $rollout_fragment_base/internal on line 34
dir_check use incorrect.
34: dir_check(...) // prints out wrong line
dir_check() Usage: dir_check (...) // prints out syntax of dir_check

rollout.init only makes Kscripts, not Sscripts (/etc/rc?.d/ etc..) on centos5(.5)

The current rollout.init file doesn't allow for automatic creation of start scripts from running chkconfig --add rolloutd.

[root@au-lx-syd022 init.d]# cd /etc/init.d
[root@au-lx-syd022 init.d]# ln -s /usr/local/rollout/rollout.init rolloutd
[root@au-lx-syd022 init.d]# cd ../
[root@au-lx-syd022 etc]# ls -l rc?.d/*rollo*
ls: rc?.d/*rollo*: No such file or directory
[root@au-lx-syd022 etc]# chkconfig --add rolloutd
[root@au-lx-syd022 etc]# ls -l rc?.d/*rollo*
lrwxrwxrwx 1 root root 18 Aug 31 13:46 rc0.d/K35rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 13:46 rc1.d/K35rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 13:46 rc2.d/K35rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 13:46 rc3.d/K35rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 13:46 rc4.d/K35rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 13:46 rc5.d/K35rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 13:46 rc6.d/K35rolloutd -> ../init.d/rolloutd

I suggest changing the chkconfig line to read:

[root@au-lx-syd022 etc]# ls -l rc?.d/*rollo*
ls: rc?.d/*rollo*: No such file or directory
[root@au-lx-syd022 etc]# chkconfig --add rolloutd
[root@au-lx-syd022 etc]# ls -l rc?.d/*rollo*
lrwxrwxrwx 1 root root 18 Aug 31 15:10 rc0.d/K35rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 15:10 rc1.d/S91rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 15:10 rc2.d/S91rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 15:10 rc3.d/S91rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 15:10 rc4.d/S91rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 15:10 rc5.d/S91rolloutd -> ../init.d/rolloutd
lrwxrwxrwx 1 root root 18 Aug 31 15:10 rc6.d/K35rolloutd -> ../init.d/rolloutd
[root@au-lx-syd022 etc]# chkconfig --list rolloutd
rolloutd        0:off   1:on    2:on    3:on    4:on    5:on    6:off
[root@au-lx-syd022 etc]# grep chkconfig init.d/rolloutd
# chkconfig: 12345 91 35
[root@au-lx-syd022 etc]#

or put instructions in the install file to nominate which run levels to start on.

rolloutd is not logging...

I've run rolloutd with --logfile /var/log/rolloutd.log and it doesn't log to that file. I'll try to get some output from the daemon with strace. but for now, it doesn't log...

add functionality to file_extract

Hiya,

I need zip file functionality for file_extract, so that I can take zip files from something like Jenkins, and apply those zip files without going through the process of transferring files to tarballs.

I need a verify function for part of file_extract. The purpose is to download a tarball / zip etc, and then verify each individual file for perms, and content (diff), and replace only the modified files.

Chris-

startup / kill script fails to stop process, or get status

[root@au-lx-syd022 Development]# /etc/init.d/rollout stop
Stopping Rollout (process 210)
/etc/init.d/rollout: line 46: kill: (210) - No such process
[root@server]# ps -ef|grep -i rollout
root 14692 13935 0 14:13 pts/1 00:00:00 tail -f /var/log/rolloutd.log
nobody 14802 1 0 14:15 ? 00:00:00 /usr/bin/perl -w /usr/local/sbin/rolloutd --daemon --pidfile /var/run/rolloutd.pid --base /usr/local/rollout --allow 1.2.3.0/24 --listen 0.0.0.0:8000 --ssl --user nobody --group daemon --logfile /var/log/rolloutd.log
root 15195 5215 0 14:25 pts/0 00:00:00 grep -i rollout
[root@server]#

Also, I suggest using something like:
kill $PID && rm $pidfile

instead of just:
kill $PID
rm $pidfile

Steps like iptables error if they are run without also running packages

----- FATAL ERROR ------
  Can't locate object method "throw" via package "Undefined subroutine &main::package_check called at (eval 47) line 74.
  " (perhaps you forgot to load "Undefined subroutine &main::package_check called at (eval 47) line 74.
  "?) at /usr/local/sbin/rollout line 817.

Redhat package updates

Could redhat package management potentially be integrated into the packages step. We initially had developed the following code (attached), but upgraded to the latest version to take advantage of the speediness and keep up with the cool kids!

#!/usr/bin/perl -w
# Install all required packages

my $packages_command ||= i_isa_fetchall("packages_command")->[0];

if (-d "/etc/apt" && -f "/usr/bin/apt-get") {
    my $apt;
    i_isa_fetchall("apt_base");
    foreach my $base (i_isa_fetchall("apt_base")) {
        $base = [ $base ] unless ref $base eq 'ARRAY';
        $apt .= "$_\n" foreach @$base;
    }
    command("rm", "/etc/apt/sources.list.d/kickstart.list") if -f "/etc/apt/sources.list.d/kickstart.list";
    command("cp", "/dev/null /etc/apt/sources.list") if -f "/etc/apt/sources.list.d/kickstart.list";
    text_install("/etc/apt/sources.list", $apt) if $apt;

    # Comment out any cdrom lines in the original sources list
    file_comment("/etc/apt/sources.list", undef, qr/^ ?deb.*cdrom/) if -f "/etc/apt/sources.list";

    # To get available selections:
    # cat /var/cache/debconf/config.dat | perl -00ne 'print if /^Owners: <package>/m'

    if (i_has("deb_options") && -f "/usr/bin/debconf-set-selections") {
        my $text;
        foreach (i_isa_fetchall("deb_options")) {
            foreach my $line (@$_) {
                $text .= "$line\n";
            }
        }
        if ($text && open(DEBCONF, "|debconf-set-selections")) {
            print DEBCONF $text;
            close(DEBCONF);
        }
    }

    my @install;
    foreach (i_isa_fetchall("packages")) {
        s/\.32bit$// foreach @$_;
        push @install, @$_;
    }
    package_check(@install);

    foreach (i_isa_fetchall("packages_remove")) {
        s/\.32bit$// foreach @$_;
        package_uncheck(@$_);
    }
} elsif (-f "/etc/redhat-release") {
    my $default_command="up2date";
    if (!defined($packages_command) || $packages_command eq "") {
        $packages_command=$default_command;
    }
    my @add;
    my @add_i386;
    my @add_x86_64;
    my $count = 0;
    my $i386_count = 0;
    my $x86_64_count = 0;
  foreach (i_isa_fetchall("packages")) {
    foreach my $this_package (@$_) {
        if (package_status($this_package) != 0) {
                # Check whether to install architecture
                if ($this_package =~ m/\.i386$/) {
                    $this_package =~ s/\.i386$//;
                    push @add_i386, $this_package;
                    $i386_count++;
                } elsif ($this_package =~ m/\.x86_64$/) {
                    $this_package =~ s/\.x86_64$//;
                    push @add_x86_64, $this_package;
                    $x86_64_count++;
                } else {
                    push @add, $this_package;
                    $count++;
                }
        }
        }
  }
    if ($packages_command eq "up2date") {
        unshift @add, '--install';
        unshift @add_i386, '--install';
        unshift @add_x86_64, '--install';
    } elsif ($packages_command) {
        unshift @add, 'install';
        unshift @add_i386, 'install';
        unshift @add_x86_64, 'install';
    }
    if ($count > 0) {
        l "Installing @add with $packages_command";
        command("$packages_command", @add);
    }
    if ($i386_count > 0) {
        l "Installing @add_i386 with $packages_command for arch i386";
        command("$packages_command", "--arch=i386", @add_i386);
    }
    if ($x86_64_count > 0) {
        l "Installing @add_x86_64 with $packages_command for arch x86_64";
        command("$packages_command", "--arch=x86_64", @add_x86_64);
    }
}

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.