Class: Bosh::Agent::Bootstrap
- Includes:
- Exec
- Defined in:
- lib/bosh_agent/bootstrap.rb
Constant Summary collapse
- ETC_HOST_TEMPLATE =
<<TEMPLATE 127.0.0.1 localhost <%= agent_id %> # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback <%= agent_id %> fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts TEMPLATE
Instance Method Summary collapse
- #base_dir ⇒ Object
- #configure ⇒ Object
- #data_sfdisk_input ⇒ Object
- #harden_permissions ⇒ Object
-
#initialize ⇒ Bootstrap
constructor
A new instance of Bootstrap.
- #iptables(cmd) ⇒ Object
- #load_settings ⇒ Object
- #logger ⇒ Object
- #mem_total ⇒ Object
- #mount_persistent_disk ⇒ Object
- #setup_cron_at_allow ⇒ Object
- #setup_data_disk ⇒ Object
- #setup_data_sys ⇒ Object
- #setup_networking ⇒ Object
- #setup_tmp ⇒ Object
- #store_path ⇒ Object
- #swap_size ⇒ Object
- #tmp_permissions ⇒ Object
- #update_agent_id ⇒ Object
- #update_blobstore ⇒ Object
- #update_credentials ⇒ Object
- #update_hostname ⇒ Object
- #update_iptables ⇒ Object
- #update_mbus ⇒ Object
- #update_passwords ⇒ Object
- #update_time ⇒ Object
Constructor Details
Instance Method Details
#base_dir ⇒ Object
24 25 26 |
# File 'lib/bosh_agent/bootstrap.rb', line 24 def base_dir Bosh::Agent::Config.base_dir end |
#configure ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 |
# File 'lib/bosh_agent/bootstrap.rb', line 32 def configure logger.info("Configuring instance") load_settings logger.info("Loaded settings: #{@settings.inspect}") if @settings if Config.configure update_iptables update_passwords update_agent_id update_credentials update_hostname update_mbus update_blobstore setup_networking update_time setup_data_disk setup_data_sys setup_tmp Bosh::Agent::Monit.setup_monit_user Bosh::Agent::Monit.setup_alerts mount_persistent_disk else update_agent_id update_credentials update_mbus update_blobstore end end { "settings" => @settings } end |
#data_sfdisk_input ⇒ Object
207 208 209 |
# File 'lib/bosh_agent/bootstrap.rb', line 207 def data_sfdisk_input ",#{swap_size},S\n,,L\n" end |
#harden_permissions ⇒ Object
283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 |
# File 'lib/bosh_agent/bootstrap.rb', line 283 def setup_cron_at_allow # use this instead of removing vcap from the cdrom group, as there # is no way to easily do that from the command line root_only_rw = %w{ /dev/sr0 } root_only_rw.each do |path| %x[chmod 0660 #{path}] %x[chown root:root #{path}] end root_app_user_rw = %w{ /dev/log } root_app_user_rw.each do |path| %x[chmod 0660 #{path}] %x[chown root:#{BOSH_APP_USER} #{path}] end root_app_user_rwx = %w{ /dev/shm /var/lock } root_app_user_rwx.each do |path| %x[chmod 0770 #{path}] %x[chown root:#{BOSH_APP_USER} #{path}] end root_rw_app_user_read = %w{ /etc/cron.allow /etc/at.allow } root_rw_app_user_read.each do |path| %x[chmod 0640 #{path}] %x[chown root:#{BOSH_APP_USER} #{path}] end no_other_read = %w{ /data/vcap/data /data/vcap/store } no_other_read.each do |path| %[chmod o-r #{path}] end end |
#iptables(cmd) ⇒ Object
73 74 75 76 77 78 79 |
# File 'lib/bosh_agent/bootstrap.rb', line 73 def iptables(cmd) output = %x{iptables #{cmd} 2> /dev/null} if $?.exitstatus != 0 raise Bosh::Agent::Error, "`iptables #{cmd}` failed" end output end |
#load_settings ⇒ Object
68 69 70 71 |
# File 'lib/bosh_agent/bootstrap.rb', line 68 def load_settings @settings = Bosh::Agent::Settings.load Bosh::Agent::Config.settings = @settings end |
#logger ⇒ Object
20 21 22 |
# File 'lib/bosh_agent/bootstrap.rb', line 20 def logger Bosh::Agent::Config.logger end |
#mem_total ⇒ Object
221 222 223 224 |
# File 'lib/bosh_agent/bootstrap.rb', line 221 def mem_total # MemTotal: 3952180 kB File.readlines('/proc/meminfo').first.split(/\s+/)[1].to_i end |
#mount_persistent_disk ⇒ Object
271 272 273 274 275 276 277 278 279 280 281 |
# File 'lib/bosh_agent/bootstrap.rb', line 271 def mount_persistent_disk if @settings['disks']['persistent'].keys.size > 1 # hell on earth raise Bosh::Agent::FatalError, "Fatal: more than one persistent disk on boot" else cid = @settings['disks']['persistent'].keys.first if cid Bosh::Agent::Config.platform.mount_persistent_disk(cid) end end end |
#setup_cron_at_allow ⇒ Object
332 333 334 335 336 |
# File 'lib/bosh_agent/bootstrap.rb', line 332 def setup_cron_at_allow %w{/etc/cron.allow /etc/at.allow}.each do |file| File.open(file, 'w') { |fh| fh.puts(BOSH_APP_USER) } end end |
#setup_data_disk ⇒ Object
163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 |
# File 'lib/bosh_agent/bootstrap.rb', line 163 def setup_data_disk data_mount = File.join(base_dir, "data") FileUtils.mkdir_p(data_mount) data_disk = Bosh::Agent::Config.platform.get_data_disk_device_name if data_disk unless File.blockdev?(data_disk) logger.warn("Data disk is not a block device: #{data_disk}") return end swap_partition = "#{data_disk}1" data_partition = "#{data_disk}2" swap_turned_on = sh("cat /proc/swaps | grep #{swap_partition}", :on_error => :return).success? data_partition_mounted = sh("mount | grep #{data_partition}", :on_error => :return).success? if Dir.glob("#{data_disk}[1-2]").empty? logger.info("Found unformatted drive") logger.info("Partition #{data_disk}") Bosh::Agent::Util.partition_disk(data_disk, data_sfdisk_input) logger.info("Create swap and data partitions") sh "mkswap #{swap_partition}" = ["-t ext4", "-j"] << "-E lazy_itable_init=1" if Bosh::Agent::Util.lazy_itable_init_enabled? sh "/sbin/mke2fs #{.join(" ")} #{data_partition}" end unless swap_turned_on logger.info("Swapon partition #{swap_partition}") sh "swapon #{swap_partition}" end unless data_partition_mounted unless Pathname.new(data_mount).mountpoint? logger.info("Mount data partition #{data_partition} to #{data_mount}") sh "mount #{data_partition} #{data_mount}" end end end end |
#setup_data_sys ⇒ Object
226 227 228 229 230 231 232 233 234 235 236 237 238 |
# File 'lib/bosh_agent/bootstrap.rb', line 226 def setup_data_sys data_sys_dir = File.join(base_dir, 'data', 'sys') sys_dir = File.join(base_dir, 'sys') %w{log run}.each do |dir| path = File.join(data_sys_dir, dir) FileUtils.mkdir_p(path) FileUtils.chown('root', 'vcap', path) FileUtils.chmod(0750, path) end Bosh::Agent::Util.create_symlink(data_sys_dir, sys_dir) end |
#setup_networking ⇒ Object
147 148 149 |
# File 'lib/bosh_agent/bootstrap.rb', line 147 def setup_networking Bosh::Agent::Config.platform.setup_networking end |
#setup_tmp ⇒ Object
240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 |
# File 'lib/bosh_agent/bootstrap.rb', line 240 def setup_tmp # use a custom TMPDIR for agent itself agent_tmp_dir = File.join(base_dir, 'data', 'tmp') FileUtils.mkdir_p(agent_tmp_dir) ENV["TMPDIR"] = agent_tmp_dir # first time: for /tmp on the root fs unless Pathname.new('/tmp').mountpoint? tmp_size = 128 root_tmp = File.join(base_dir, 'data', 'root_tmp') # If it's not mounted on /tmp - we don't care - blow it away %x[/usr/bin/truncate -s #{tmp_size}M #{root_tmp}] %x[chmod 0700 #{root_tmp}] %x[mke2fs -t ext4 -m 1 -F #{root_tmp}] %x[mount -t ext4 -o loop #{root_tmp} /tmp] # 2nd time for the new /tmp mount end end |
#store_path ⇒ Object
28 29 30 |
# File 'lib/bosh_agent/bootstrap.rb', line 28 def store_path File.join(base_dir, 'store') end |
#swap_size ⇒ Object
211 212 213 214 215 216 217 218 219 |
# File 'lib/bosh_agent/bootstrap.rb', line 211 def swap_size data_disk = Bosh::Agent::Config.platform.get_data_disk_device_name disk_size = Util.block_device_size(data_disk) if mem_total > disk_size/2 return (disk_size/2)/1024 else return mem_total/1024 end end |
#tmp_permissions ⇒ Object
265 266 267 268 269 |
# File 'lib/bosh_agent/bootstrap.rb', line 265 def %x[chown root:#{BOSH_APP_USER} /tmp] %x[chmod 0770 /tmp] %x[chmod 0700 /var/tmp] end |
#update_agent_id ⇒ Object
109 110 111 |
# File 'lib/bosh_agent/bootstrap.rb', line 109 def update_agent_id Bosh::Agent::Config.agent_id = @settings["agent_id"] end |
#update_blobstore ⇒ Object
137 138 139 140 141 142 143 144 145 |
# File 'lib/bosh_agent/bootstrap.rb', line 137 def update_blobstore blobstore_settings = @settings["blobstore"] blobstore_provider = blobstore_settings["provider"] = blobstore_settings["options"] Bosh::Agent::Config.blobstore_provider = blobstore_provider Bosh::Agent::Config..merge!() end |
#update_credentials ⇒ Object
113 114 115 116 117 118 119 120 |
# File 'lib/bosh_agent/bootstrap.rb', line 113 def update_credentials env = @settings["env"] if env && bosh_env = env["bosh"] if bosh_env["credentials"] Bosh::Agent::Config.credentials = bosh_env["credentials"] end end end |
#update_hostname ⇒ Object
122 123 124 125 126 127 128 129 130 131 |
# File 'lib/bosh_agent/bootstrap.rb', line 122 def update_hostname agent_id = @settings['agent_id'] template = ERB.new(ETC_HOST_TEMPLATE, 0, '%<>-') result = template.result(binding) File.open('/etc/hosts', 'w') { |f| f.puts(result) } `hostname #{agent_id}` File.open('/etc/hostname', 'w') { |f| f.puts(agent_id) } end |
#update_iptables ⇒ Object
81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 |
# File 'lib/bosh_agent/bootstrap.rb', line 81 def update_iptables return unless rules = @settings['iptables'] if rules["drop_output"] chain = "agent-filter" append_chain = "-A OUTPUT -j #{chain}" begin iptables("-N #{chain}") rescue iptables("-F #{chain}") end unless iptables("-S").include?(append_chain) iptables(append_chain) end rules["drop_output"].each do |dest| rule = "-A #{chain} -d #{dest} -m owner ! --uid-owner root -j DROP" iptables(rule) end end end |
#update_mbus ⇒ Object
133 134 135 |
# File 'lib/bosh_agent/bootstrap.rb', line 133 def update_mbus Bosh::Agent::Config.mbus = @settings['mbus'] end |
#update_passwords ⇒ Object
105 106 107 |
# File 'lib/bosh_agent/bootstrap.rb', line 105 def update_passwords @platform.update_passwords(@settings) unless @settings["env"].nil? end |
#update_time ⇒ Object
151 152 153 154 155 156 157 158 159 160 161 |
# File 'lib/bosh_agent/bootstrap.rb', line 151 def update_time ntp_servers = @settings['ntp'].join(" ") unless ntp_servers.empty? logger.info("Configure ntp-servers: #{ntp_servers}") Bosh::Agent::Util.update_file(ntp_servers, '/var/vcap/bosh/etc/ntpserver') output = `ntpdate #{ntp_servers}` logger.info(output) else logger.warn("no ntp-servers configured") end end |