hardening script running

This commit is contained in:
Adrian Cole 2011-10-16 03:05:53 -07:00
parent ac676bacd1
commit bebddbf6ff
6 changed files with 94 additions and 31 deletions

View File

@ -72,15 +72,14 @@ public class BlockUntilInitScriptStatusIsZeroThenReturnOutput extends AbstractFu
final ScriptStatusReturnsZero stateRunning, @Assisted final SudoAwareInitManager commandRunner) { final ScriptStatusReturnsZero stateRunning, @Assisted final SudoAwareInitManager commandRunner) {
this.commandRunner = checkNotNull(commandRunner, "commandRunner"); this.commandRunner = checkNotNull(commandRunner, "commandRunner");
this.userThreads = checkNotNull(userThreads, "userThreads"); this.userThreads = checkNotNull(userThreads, "userThreads");
// arbitrarily high value, but Long.MAX_VALUE doesn't work!
this.notRunningAnymore = new RetryablePredicate<String>(new Predicate<String>() { this.notRunningAnymore = new RetryablePredicate<String>(new Predicate<String>() {
@Override @Override
public boolean apply(String arg0) { public boolean apply(String arg0) {
return commandRunner.runAction(arg0).getOutput().trim().equals(""); return commandRunner.runAction(arg0).getOutput().trim().equals("");
} }
// arbitrarily high value, but Long.MAX_VALUE doesn't work!
}, TimeUnit.DAYS.toMillis(1)) { }, TimeUnit.DAYS.toMillis(365)) {
/** /**
* make sure we stop the retry loop if someone cancelled the future, this keeps threads * make sure we stop the retry loop if someone cancelled the future, this keeps threads
* from being consumed on dead tasks * from being consumed on dead tasks
@ -128,7 +127,7 @@ public class BlockUntilInitScriptStatusIsZeroThenReturnOutput extends AbstractFu
@Override @Override
protected void interruptTask() { protected void interruptTask() {
logger.debug("<< cancelled(%s)", commandRunner.getStatement().getInstanceName()); logger.debug("<< cancelled(%s)", commandRunner.getStatement().getInstanceName());
commandRunner.runAction("stop"); commandRunner.refreshAndRunAction("stop");
shouldCancel = true; shouldCancel = true;
super.interruptTask(); super.interruptTask();
} }
@ -190,7 +189,7 @@ public class BlockUntilInitScriptStatusIsZeroThenReturnOutput extends AbstractFu
try { try {
return super.get(timeout, unit); return super.get(timeout, unit);
} catch (TimeoutException e) { } catch (TimeoutException e) {
throw new ScriptStillRunningException(e.getMessage(), this); throw new ScriptStillRunningException(timeout, unit, this);
} }
} }

View File

@ -110,7 +110,7 @@ public class RunScriptOnNodeAsInitScriptUsingSsh extends SudoAwareInitManager im
return new InitBuilder(name, path, path, Collections.<String, String> emptyMap(), Collections.singleton(script)); return new InitBuilder(name, path, path, Collections.<String, String> emptyMap(), Collections.singleton(script));
} }
public void refreshSshIfNewAdminCredentialsConfigured(AdminAccess input) { protected void refreshSshIfNewAdminCredentialsConfigured(AdminAccess input) {
if (input.getAdminCredentials() != null && input.shouldGrantSudoToAdminUser()) { if (input.getAdminCredentials() != null && input.shouldGrantSudoToAdminUser()) {
ssh.disconnect(); ssh.disconnect();
logger.debug(">> reconnecting as %s@%s", input.getAdminCredentials().identity, ssh.getHostAddress()); logger.debug(">> reconnecting as %s@%s", input.getAdminCredentials().identity, ssh.getHostAddress());
@ -121,9 +121,6 @@ public class RunScriptOnNodeAsInitScriptUsingSsh extends SudoAwareInitManager im
} }
} }
/**
* ssh client is initialized through this call.
*/
protected ExecResponse doCall() { protected ExecResponse doCall() {
try { try {
ssh.put(initFile, init.render(OsFamily.UNIX)); ssh.put(initFile, init.render(OsFamily.UNIX));

View File

@ -19,6 +19,7 @@
package org.jclouds.compute.callables; package org.jclouds.compute.callables;
import static com.google.common.base.Preconditions.checkNotNull; import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.base.Preconditions.checkState;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
@ -65,8 +66,8 @@ public class RunScriptOnNodeAsInitScriptUsingSshAndBlockUntilComplete extends Ru
public BlockUntilInitScriptStatusIsZeroThenReturnOutput future() { public BlockUntilInitScriptStatusIsZeroThenReturnOutput future() {
ExecResponse returnVal = super.doCall(); ExecResponse returnVal = super.doCall();
if (returnVal.getExitCode() != 0) checkState(returnVal.getExitCode() == 0, String.format("task: %s had non-zero exit status: %s", init
logger.warn("task: %s had non-zero exit status: %s", init.getInstanceName(), returnVal); .getInstanceName(), returnVal));
return statusFactory.create(this).init(); return statusFactory.create(this).init();
} }

View File

@ -19,30 +19,40 @@
package org.jclouds.compute.callables; package org.jclouds.compute.callables;
import static com.google.common.base.Preconditions.checkNotNull; import static com.google.common.base.Preconditions.checkNotNull;
import static java.lang.String.format;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException; import java.util.concurrent.TimeoutException;
import org.jclouds.compute.domain.ExecResponse;
import com.google.common.base.Supplier; import com.google.common.base.Supplier;
import com.google.common.util.concurrent.ListenableFuture;
/** /**
* *
* @author Adrian Cole * @author Adrian Cole
*/ */
public class ScriptStillRunningException extends TimeoutException implements public class ScriptStillRunningException extends TimeoutException implements Supplier<ListenableFuture<ExecResponse>> {
Supplier<BlockUntilInitScriptStatusIsZeroThenReturnOutput> {
/** The serialVersionUID */ /** The serialVersionUID */
private static final long serialVersionUID = -7265376839848564663L; private static final long serialVersionUID = -7265376839848564663L;
private final BlockUntilInitScriptStatusIsZeroThenReturnOutput delegate; private final ListenableFuture<ExecResponse> delegate;
public ScriptStillRunningException(String message, BlockUntilInitScriptStatusIsZeroThenReturnOutput delegate) { public ScriptStillRunningException(long timeout, TimeUnit unit, ListenableFuture<ExecResponse> delegate) {
this(format("time up waiting %ds for %s to complete."
+ " call get() on this exception to get access to the task in progress", TimeUnit.SECONDS.convert(
timeout, unit), delegate), delegate);
}
public ScriptStillRunningException(String message, ListenableFuture<ExecResponse> delegate) {
super(checkNotNull(message, "message")); super(checkNotNull(message, "message"));
this.delegate = checkNotNull(delegate, "delegate"); this.delegate = checkNotNull(delegate, "delegate");
} }
@Override @Override
public BlockUntilInitScriptStatusIsZeroThenReturnOutput get() { public ListenableFuture<ExecResponse> get() {
return delegate; return delegate;
} }

View File

@ -19,6 +19,7 @@
package org.jclouds.compute.callables; package org.jclouds.compute.callables;
import static com.google.common.base.Preconditions.checkNotNull; import static com.google.common.base.Preconditions.checkNotNull;
import static com.google.common.base.Preconditions.checkState;
import javax.annotation.PostConstruct; import javax.annotation.PostConstruct;
import javax.annotation.Resource; import javax.annotation.Resource;
@ -26,16 +27,16 @@ import javax.inject.Named;
import org.jclouds.compute.domain.ExecResponse; import org.jclouds.compute.domain.ExecResponse;
import org.jclouds.compute.domain.NodeMetadata; import org.jclouds.compute.domain.NodeMetadata;
import org.jclouds.compute.domain.NodeMetadataBuilder;
import org.jclouds.compute.reference.ComputeServiceConstants; import org.jclouds.compute.reference.ComputeServiceConstants;
import org.jclouds.logging.Logger; import org.jclouds.logging.Logger;
import org.jclouds.scriptbuilder.InitBuilder; import org.jclouds.scriptbuilder.InitBuilder;
import org.jclouds.scriptbuilder.statements.login.AdminAccess;
import org.jclouds.ssh.SshClient; import org.jclouds.ssh.SshClient;
import com.google.common.annotations.VisibleForTesting; import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Function; import com.google.common.base.Function;
import com.google.common.base.Objects; import com.google.common.base.Objects;
import com.google.common.base.Predicates;
import com.google.common.collect.ImmutableSet;
/** /**
* *
@ -45,6 +46,7 @@ public class SudoAwareInitManager {
@Resource @Resource
@Named(ComputeServiceConstants.COMPUTE_LOGGER) @Named(ComputeServiceConstants.COMPUTE_LOGGER)
protected Logger computeLogger = Logger.NULL; protected Logger computeLogger = Logger.NULL;
protected Logger logger = Logger.NULL;
protected NodeMetadata node; protected NodeMetadata node;
protected final InitBuilder init; protected final InitBuilder init;
protected final boolean runAsRoot; protected final boolean runAsRoot;
@ -65,42 +67,44 @@ public class SudoAwareInitManager {
return this; return this;
} }
public void refreshSshIfNewAdminCredentialsConfigured(AdminAccess input) { public ExecResponse refreshAndRunAction(String action) {
if (input.getAdminCredentials() != null && input.shouldGrantSudoToAdminUser()) { checkState(ssh != null, "please call init() before invoking call");
ssh.disconnect(); try {
computeLogger.debug(">> reconnecting as %s@%s", input.getAdminCredentials().identity, ssh.getHostAddress());
ssh = sshFactory.apply(node = NodeMetadataBuilder.fromNodeMetadata(node).adminPassword(null).credentials(
input.getAdminCredentials()).build());
ssh.connect(); ssh.connect();
return runAction(action);
} finally {
if (ssh != null)
ssh.disconnect();
} }
} }
public ExecResponse runAction(String action) { public ExecResponse runAction(String action) {
ExecResponse returnVal; ExecResponse returnVal;
String command = (runAsRoot) ? execScriptAsRoot(action) : execScriptAsDefaultUser(action); String command = (runAsRoot && Predicates.in(ImmutableSet.of("start", "stop", "run")).apply(action)) ? execScriptAsRoot(action)
: execScriptAsDefaultUser(action);
returnVal = runCommand(command); returnVal = runCommand(command);
if (computeLogger.isTraceEnabled()) if ("status".equals(action))
logger.trace("<< %s(%d)", action, returnVal.getExitCode());
else if (computeLogger.isTraceEnabled())
computeLogger.trace("<< %s[%s]", action, returnVal); computeLogger.trace("<< %s[%s]", action, returnVal);
else if ("status".equals(action))
computeLogger.trace("<< %s(%d)", action, returnVal.getExitCode());
else else
computeLogger.debug("<< %s(%d)", action, returnVal.getExitCode()); computeLogger.debug("<< %s(%d)", action, returnVal.getExitCode());
return returnVal; return returnVal;
} }
public ExecResponse runCommand(String command) { ExecResponse runCommand(String command) {
String statement = String.format(">> running [%s] as %s@%s", command.replace( String statement = String.format(">> running [%s] as %s@%s", command.replace(
node.getAdminPassword() != null ? node.getAdminPassword() : "XXXXX", "XXXXX"), ssh.getUsername(), ssh node.getAdminPassword() != null ? node.getAdminPassword() : "XXXXX", "XXXXX"), ssh.getUsername(), ssh
.getHostAddress()); .getHostAddress());
if (command.endsWith("status")) if (command.endsWith("status"))
computeLogger.trace(statement); logger.trace(statement);
else else
computeLogger.debug(statement); computeLogger.debug(statement);
return ssh.exec(command); return ssh.exec(command);
} }
@VisibleForTesting @VisibleForTesting
public String execScriptAsRoot(String action) { String execScriptAsRoot(String action) {
String command; String command;
if (node.getCredentials().identity.equals("root")) { if (node.getCredentials().identity.equals("root")) {
command = "./" + init.getInstanceName() + " " + action; command = "./" + init.getInstanceName() + " " + action;

View File

@ -0,0 +1,52 @@
/**
* Licensed to jclouds, Inc. (jclouds) under one or more
* contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. jclouds licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.jclouds.compute.callable;
import static org.testng.Assert.assertEquals;
import java.util.concurrent.TimeUnit;
import org.jclouds.compute.callables.ScriptStillRunningException;
import org.jclouds.compute.domain.ExecResponse;
import org.testng.annotations.Test;
import com.google.common.util.concurrent.AbstractFuture;
import com.google.common.util.concurrent.ListenableFuture;
/**
* @author Adam Lowe
*/
@Test(groups = "unit", singleThreaded = true, testName = "ScriptStillRunningExceptionTest")
public class ScriptStillRunningExceptionTest {
public void simpleMessage() {
ListenableFuture<ExecResponse> future = new AbstractFuture<ExecResponse>() {
@Override
public String toString() {
return "task for foo";
}
};
ScriptStillRunningException testMe = new ScriptStillRunningException(1000, TimeUnit.MILLISECONDS, future);
assertEquals(testMe.getMessage(),
"time up waiting 1s for task for foo to complete. call get() on this exception to get access to the task in progress");
}
}