-
Notifications
You must be signed in to change notification settings - Fork 35
/
main.go
361 lines (307 loc) · 11.3 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
package main
import (
"fmt"
"io/ioutil"
"math/rand"
"os"
"path/filepath"
"time"
"github.com/pkg/errors"
"github.com/prometheus/client_golang/prometheus"
uuid "github.com/satori/go.uuid"
"github.com/sirupsen/logrus"
"github.com/spf13/pflag"
"github.com/spf13/viper"
)
var (
appName = "ansible-puller"
hostname = ""
ansibleDisabled = false
ansibleRunning = false
ansibleLastRunSuccess = true
Version string
// Prometheus Metrics
promAnsibleIsRunning = prometheus.NewGauge(prometheus.GaugeOpts{
Name: "ansible_puller_running",
Help: "Whether or not Ansible-Pull is currently running",
})
promAnsibleRuns = prometheus.NewCounter(prometheus.CounterOpts{
Name: "ansible_puller_runs",
Help: "Number of Ansible-Pull runs",
})
promAnsibleRunTime = prometheus.NewGauge(prometheus.GaugeOpts{
Name: "ansible_puller_run_time_seconds",
Help: "Time it took ansible to run",
})
promAnsibleIsDisabled = prometheus.NewGauge(prometheus.GaugeOpts{
Name: "ansible_puller_disabled",
Help: "Whether or not Ansible-Pull is currently locked/disabled",
})
promAnsibleLastSuccess = prometheus.NewGauge(prometheus.GaugeOpts{
Name: "ansible_puller_last_success",
Help: "UTC Epoch timestamp of last Successful Ansible run",
})
promAnsibleSummary = prometheus.NewGaugeVec(prometheus.GaugeOpts{
Name: "ansible_puller_play_summary",
Help: "Play status for Ansible run",
},
[]string{"status"},
)
promVersion = prometheus.NewGaugeVec(prometheus.GaugeOpts{
Name: "ansible_puller_version",
Help: "Current running version of Ansible Puller",
},
[]string{"version"},
)
promDebug = prometheus.NewGauge(prometheus.GaugeOpts{
Name: "ansible_puller_debug",
Help: "Whether or not Ansible Puller is running in debug mode",
})
promAnsibleLastExitCode = prometheus.NewGauge(prometheus.GaugeOpts{
Name: "ansible_puller_last_exit_code",
Help: "Return code from the last ansible execution",
})
)
func init() {
prometheus.MustRegister(promAnsibleIsRunning)
prometheus.MustRegister(promAnsibleIsDisabled)
prometheus.MustRegister(promAnsibleRuns)
prometheus.MustRegister(promAnsibleRunTime)
prometheus.MustRegister(promAnsibleLastSuccess)
prometheus.MustRegister(promAnsibleLastExitCode)
prometheus.MustRegister(promAnsibleSummary)
prometheus.MustRegister(promVersion)
prometheus.MustRegister(promDebug)
viper.SetConfigName(appName)
viper.AddConfigPath(fmt.Sprintf("/etc/%s/", appName))
viper.AddConfigPath(fmt.Sprintf("$HOME/.%s", appName))
viper.AddConfigPath(".")
pflag.String("http-listen-string", "0.0.0.0:31836", "IP:Port combination the server should listen on")
pflag.String("http-proto", "https", "Set to 'http' if necessary")
pflag.String("http-user", "", "HTTP username for pulling the remote file")
pflag.String("http-pass", "", "HTTP password for pulling the remote file")
pflag.String("http-url", "", "Remote endpoint to retrieve the file from")
pflag.String("http-checksum-url", "", "Remote endpoint to retrieve the checksum from")
pflag.String("s3-arn", "", "Remote object ARN in S3 to retrieve")
pflag.String("s3-conn-region", "", "AWS service endpoint region for S3")
pflag.String("log-dir", "/var/log/"+appName, "Logging directory")
pflag.StringSlice("ansible-inventory", []string{}, "List of ansible inventories to look in, comma-separated, relative to ansible-dir")
pflag.String("ansible-playbook", "site.yml", "Path in the pulled tarball to the playbook to run, relative to ansible-dir")
pflag.String("ansible-dir", "", "Path in the pulled tarball to cd into before ansible commands - usually dir where ansible.cfg is")
pflag.String("venv-python", "/usr/bin/python3", "Path to the Python executable to be used for building the virtual environment")
pflag.String("venv-path", "/root/.virtualenvs/ansible_puller", "Path to house the virtual environment")
pflag.String("venv-requirements-file", "requirements.txt", "Relative path in the pulled tarball of the requirements file to populate the virtual environment")
pflag.Int("sleep", 30, "Number of minutes to sleep between runs")
pflag.Int("sleep-jitter", 0, "Number of maxium minutes to jitter between runs. When set, the actual sleep time between each run will be uniformly distributed between [sleep-jitter, sleep+jitter)")
pflag.Bool("start-disabled", false, "Whether or not to start the server disabled")
pflag.Bool("debug", false, "Start the server in debug mode")
pflag.Bool("once", false, "Run Ansible Puller just once, then exit")
pflag.Bool("version", false, "Print the build version, then exit")
err := viper.ReadInConfig()
if err != nil {
logrus.Fatalf("fatal error in config file: %s", err)
}
err = viper.BindPFlags(pflag.CommandLine)
if err != nil {
logrus.Fatal("unable to bind configuration")
}
pflag.Parse()
logrus.SetOutput(os.Stdout)
if viper.GetBool("debug") {
logrus.SetLevel(logrus.DebugLevel)
promDebug.Set(1)
} else {
logrus.SetFormatter(&logrus.JSONFormatter{})
}
if viper.GetBool("start-disabled") {
ansibleDisable()
}
hostname, err = os.Hostname()
if err != nil {
logrus.Fatal("Unable to detect hostname")
}
}
func ansibleDisable() {
ansibleDisabled = true
promAnsibleIsDisabled.Set(1)
logrus.Infoln("Disabled Ansible-Puller")
}
func ansibleEnable() {
ansibleDisabled = false
promAnsibleIsDisabled.Set(0)
logrus.Infoln("Enabled Ansible-Puller")
}
func getAnsibleRepository(runDir string) error {
httpURL := viper.GetString("http-url")
checksumURL := viper.GetString("http-checksum-url")
s3Obj := viper.GetString("s3-arn")
s3ConnectionRegion := viper.GetString("s3-conn-region")
localCacheFile := fmt.Sprintf("/tmp/%s.tgz", appName)
var err error
// Exactly one variable is defined
if (httpURL == "") == (s3Obj == "") {
return errors.New("exactly one remote resource must be specified. Choose one 'http-url' or 's3-arn'")
} else if httpURL != "" {
remoteHttpURL := fmt.Sprintf("%s://%s", viper.GetString("http-proto"), httpURL)
downloader := httpDownloader{
username: viper.GetString("http-user"),
password: viper.GetString("http-pass"),
}
err = idempotentFileDownload(downloader, remoteHttpURL, checksumURL, localCacheFile)
} else if s3Obj != "" {
downloader, createError := createS3Downloader(s3ConnectionRegion)
if createError != nil {
return errors.Wrap(err, "unable to pull Ansible repo")
}
err = idempotentFileDownload(downloader, s3Obj, checksumURL, localCacheFile)
}
if err != nil {
return errors.Wrap(err, "unable to pull Ansible repo")
}
err = extractTgz(localCacheFile, runDir)
if err != nil {
return errors.Wrap(err, "unable to extract tgz")
}
return nil
}
// Core run logic
func ansibleRun() error {
if ansibleDisabled {
logrus.Infoln("Tried to run Ansible, but currently disabled. Skipping.")
return nil
}
ansibleRunning = true
promAnsibleIsRunning.Set(1)
defer func() {
ansibleRunning = false
promAnsibleIsRunning.Set(0)
promAnsibleRuns.Inc()
}()
runID := uuid.NewV4().String()
runLogger := logrus.WithFields(logrus.Fields{"run_id": runID})
runLogger.Infoln("Creating tmpdir for execution")
runDir, err := ioutil.TempDir("", appName)
if err != nil {
logrus.Fatal(err)
}
if !viper.GetBool("debug") {
defer os.RemoveAll(runDir)
}
runLogger.Infoln("Pulling remote repository")
if err = getAnsibleRepository(runDir); err != nil {
runLogger.Errorln("Unable to pull ansible repository: ", err)
return err
}
vCfg := VenvConfig{
Path: viper.GetString("venv-path"),
Python: viper.GetString("venv-python"),
}
runLogger.Infoln("Ensuring virtualenv exists")
if err = vCfg.Ensure(); err != nil {
return err
}
runLogger.Infoln("Updating virtualenv")
if err = vCfg.Update(filepath.Join(runDir, viper.GetString("venv-requirements-file"))); err != nil {
return err
}
aCfg := AnsibleConfig{
VenvConfig: vCfg,
Cwd: filepath.Join(runDir, viper.GetString("ansible-dir")),
InventoryList: viper.GetStringSlice("ansible-inventory"),
}
runLogger.Infoln("Finding inventory for the current host")
inventory, target, err := aCfg.FindInventoryForHost()
if err != nil {
// Using exit code 6 (ENXIO: No such device or address) to inform that host was not found in the inventory
promAnsibleLastExitCode.Set(6)
return err
}
ansibleRunner := AnsiblePlaybookRunner{
AnsibleConfig: aCfg,
PlaybookPath: viper.GetString("ansible-playbook"),
InventoryPath: inventory,
LimitExpr: target,
LocalConnection: true,
}
runLogger.Infoln("Starting Ansible run")
runOutput, ansibleRunErr := ansibleRunner.Run()
if ansibleRunErr == nil {
promAnsibleLastSuccess.Set(float64(time.Now().Unix()))
}
promAnsibleLastExitCode.Set(float64(runOutput.CommandOutput.Exitcode))
promAnsibleSummary.WithLabelValues("ok").Set(float64(runOutput.Stats[target].Ok))
promAnsibleSummary.WithLabelValues("skipped").Set(float64(runOutput.Stats[target].Skipped))
promAnsibleSummary.WithLabelValues("changed").Set(float64(runOutput.Stats[target].Changed))
promAnsibleSummary.WithLabelValues("failures").Set(float64(runOutput.Stats[target].Failures))
promAnsibleSummary.WithLabelValues("unreachable").Set(float64(runOutput.Stats[target].Unreachable))
runLogger.Infoln("Writing ansible output to logfile")
err = ioutil.WriteFile(viper.GetString("log-dir")+"/ansible-run-output.log", []byte(runOutput.CommandOutput.Stdout), 0600)
if err != nil {
runLogger.Errorln("Unable to write Ansible output to log file: ", err)
}
err = ioutil.WriteFile(viper.GetString("log-dir")+"/ansible-run-error.log", []byte(runOutput.CommandOutput.Stderr), 0600)
if err != nil {
runLogger.Errorln("Unable to write Ansible output to log file: ", err)
}
runLogger.Infoln("All done, going to sleep")
return ansibleRunErr
}
func main() {
if viper.GetBool("version") {
fmt.Println(Version)
return
}
if viper.GetBool("once") {
if err := ansibleRun(); err != nil {
logrus.Fatalln("Ansible run failed due to: " + err.Error())
}
return
}
promVersion.WithLabelValues(Version).Set(1)
period := time.Duration(viper.GetInt("sleep")) * time.Minute
jitter := time.Duration(viper.GetInt("sleep-jitter")) * time.Minute
if jitter >= period {
logrus.Fatalf("sleep-jitter is too large, it must be less than the 'sleep' period %d", viper.GetInt("sleep"))
}
runChan := make(chan bool)
runOnce := func() {
// Non-blocking send to the run channel. If it's already running, this will be a no-op.
select {
case runChan <- true:
default:
}
}
go func() {
runChan <- true // block until the first run is triggered
if jitter == 0 {
for range time.Tick(period) {
runOnce()
}
return
}
rng := rand.New(rand.NewSource(time.Now().Unix()))
for {
// Sleep for a random duration in [period - jitter, period + jitter).
time.Sleep(period - jitter + time.Duration(rng.Int63n(2*int64(jitter))))
runOnce()
}
}()
go func() {
logrus.Infoln(fmt.Sprintf("Launching Ansible Runner. Runs %d minutes (with %d mintues jitter) apart.", viper.GetInt("sleep"), viper.GetInt("sleep-jitter")))
for range runChan {
start := time.Now()
err := ansibleRun()
elapsed := time.Since(start)
promAnsibleRunTime.Set(elapsed.Seconds())
if err != nil {
logrus.Errorln("Ansible run failed due to: " + err.Error())
ansibleLastRunSuccess = false
} else {
ansibleLastRunSuccess = true
}
}
}()
srv := NewServer(runOnce)
logrus.Infoln("Starting server on " + viper.GetString("http-listen-string"))
logrus.Fatal(srv.ListenAndServe())
}