Class: Chef::Knife::ClusterProxy

Inherits:

ClusterChef::Script

• Object
• Chef::Knife
• ClusterChef::Script
• Chef::Knife::ClusterProxy

Defined in:

lib/chef/knife/cluster_proxy.rb

Overview

Runs the ssh command to open a SOCKS proxy to the given host, and writes a PAC (automatic proxy config) file to /tmp/cluster_chef_proxy-YOURNAME.pac. Only the first host is used, even if multiple match.

Why not use Net::Ssh directly? The SOCKS proxy support was pretty bad. Though ugly, exec’ing the command works.

Constant Summary

EC2_PROXY_PATTERNS =

[ "*ec2*.amazonaws.com", "*ec2.internal*", "*compute-*.amazonaws.com", "*compute-*.internal*", "*domu*.internal*", "10.*",]

Instance Method Summary

• #command_for_target(svr) ⇒ Object
• #dump_proxy_pac ⇒ Object

  Write a .pac (automatic proxy configuration) file to /etc/cluster_chef_proxy-YOURNAME.pac.

• #perform_execution(target) ⇒ Object
• #proxy_pac_contents ⇒ Object
• #relevant?(server) ⇒ Boolean

Methods inherited from ClusterChef::Script

#run

Methods included from ClusterChef::KnifeCommon

#bootstrapper, #configure_dry_run, #confirm_execution, #confirm_or_exit, #die, #display, #get_relevant_slice, #get_slice, included, #load_cluster_chef, load_deps, #predicate_str, #progressbar_for_threads, #run_bootstrap, #section, #sub_command

Instance Method Details

#command_for_target(svr) ⇒ Object

# File 'lib/chef/knife/cluster_proxy.rb', line 63

def command_for_target(svr)
   config[:attribute]       ||= Chef::Config[:knife][:ssh_address_attribute] || "fqdn"
   config[:ssh_user]        ||= Chef::Config[:knife][:ssh_user]
   config[:identity_file]   ||= svr.cloud.ssh_identity_file
   config[:host_key_verify] ||= Chef::Config[:knife][:host_key_verify] || (not config[:no_host_key_verify]) # pre-vs-post 0.10.4

   if (svr.cloud.public_ip)             then address = svr.cloud.public_ip ; end
   if (not address) && (svr.chef_node)  then address = format_for_display( svr.chef_node )[config[:attribute]] ; end
   if (not address) && (svr.fog_server) then address = svr.fog_server.public_ip_address ; end

   cmd  = [ 'ssh', '-N' ]
   cmd += [ '-D', config[:socks_port].to_s ]
   cmd += [ '-p', config[:port].to_s       ]  if  config[:port].present?
   cmd << '-f'                                if  config[:background]
   cmd << "-#{'v' * config[:verbosity].to_i}" if (config[:verbosity].to_i > 0)
   cmd += %w[ -o StrictHostKeyChecking=no  ]  if  config[:host_key_verify]
   cmd += %w[ -o ConnectTimeout=10 -o ServerAliveInterval=60 -o ControlPath=none ]
   cmd += [ '-i', File.expand_path(config[:identity_file]) ] if  config[:identity_file].present?
   cmd << (config[:ssh_user] ? "#{config[:ssh_user]}@#{address}" : address)

   Chef::Log.debug("Cluster proxy config:  #{config.inspect}")
   Chef::Log.debug("Cluster proxy command: #{cmd.inspect}")
   ui.info(["SOCKS Proxy on",
       "local port", ui.color(config[:socks_port], :cyan),
       "for",        ui.color(svr.name,            :cyan),
       "(#{address})"
     ].join(" "))

   cmd
end

#dump_proxy_pac ⇒ Object

Write a .pac (automatic proxy configuration) file to /etc/cluster_chef_proxy-YOURNAME.pac

# File 'lib/chef/knife/cluster_proxy.rb', line 98

def dump_proxy_pac
  pac_filename = File.expand_path(File.join('/tmp', "cluster_chef_proxy-#{ENV['USER']}.pac"))
  ui.info("point your browser at PAC (automatic proxy config file) file://#{pac_filename}")
  File.open(pac_filename, 'w') do |f|
    f.print proxy_pac_contents
  end
end

#perform_execution(target) ⇒ Object

# File 'lib/chef/knife/cluster_proxy.rb', line 55

def perform_execution(target)
  svr = target.first
  cmd = command_for_target(svr)

  dump_proxy_pac
  exec(*cmd)
end

#proxy_pac_contents ⇒ Object

# File 'lib/chef/knife/cluster_proxy.rb', line 108

def proxy_pac_contents
  proxy_patterns  = EC2_PROXY_PATTERNS
  proxy_patterns += Array(Chef::Config[:cluster_proxy_patterns])
  rules = proxy_patterns.compact.map{|str| "(shExpMatch(host, %-28s))" % %Q{"#{str}"} }
  %Q{function FindProxyForURL(url, host) {
  if (#{rules.join(" ||\n      ")}
) {
    return "SOCKS5 localhost:#{config[:socks_port]}";
  }
  return "DIRECT";
}\n}
end

#relevant?(server) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/chef/knife/cluster_proxy.rb', line 51

def relevant?(server)
  server.sshable?
end