incubator-deltacloud-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mohammed Morsi <mmo...@redhat.com>
Subject Re: [PATCH] execute arbitrary remote shell command against running instance
Date Thu, 29 Jul 2010 23:30:23 GMT
On 07/28/2010 06:51 PM, David Lutterkort wrote:
> On Wed, 2010-07-28 at 13:13 -0400, Mohammed Morsi wrote:
>    
>> Largly based on mfojtik's previous patches, this simply adds the
>> ability to ssh into a running instance and run a command against
>> it, reporting the results.
>>
>> Most likely will change to merge with Michal's keypair patch from
>> today and to include client support
>>      
> A few comments:
>    

Thanks for the patch, updated patches on list (one for ssh, one for scp)

>    
>> diff --git a/server/lib/deltacloud/helpers/application_helper.rb b/server/lib/deltacloud/helpers/application_helper.rb
>> index 94396d2..86b5c09 100644
>> --- a/server/lib/deltacloud/helpers/application_helper.rb
>> +++ b/server/lib/deltacloud/helpers/application_helper.rb
>> @@ -106,4 +106,24 @@ module ApplicationHelper
>>       end
>>     end
>>
>> +  def store_private_key(id, key)
>> +    path = File.join('tmp', 'keys')
>> +    FileUtils.mkdir_p(path) unless File.directory?(path)
>> +    filename = File.join(path, "instance_#{id}.key")
>> +    File.open(filename, 'w') do |f|
>> +      f.puts key
>> +    end
>> +    return filename
>> +  end
>> +
>> +  def remove_private_key(key)
>> +    File.delete(key) if File.exists?(key)
>> +  end
>>      
> It sucks that we have to store the private key in the FS, but at least
> it's only for as long as the run command is being executed.
>
> Please chmod the /tmp/keys directory to 0600 though.
>    
Done.

> This will also break in some deployment scenarios like heroku.
>    
Not too familiar with heroku, just curious as to why this wouldn't work 
there.


>    
>> diff --git a/server/server.rb b/server/server.rb
>> index 2516d3e..4271094 100644
>> --- a/server/server.rb
>> +++ b/server/server.rb
>> @@ -226,6 +232,29 @@ END
>>       param :id,           :string, :required
>>       control { instance_action(:destroy) }
>>     end
>> +
>> +  operation :run, :method =>  :post, :member =>  true do
>> +    description "Run command on instance"
>> +    param :id,           :string, :required
>> +    param :cmd,          :string, :required
>> +    param :private_key,  :string
>> +    param :username,     :string
>> +    control do
>> +      @instance = driver.instance(credentials, { :id =>  params[:id] })
>> +      private_key = store_private_key(params[:id], params[:private_key])
>> +      begin
>> +        @output=@instance.run_command(params[:cmd], params[:username], { :keys =>
 private_key })
>> +      rescue Exception =>  e
>> +        @failed = true
>> +        @output = "#{e.message}\n#{e.backtrace.join("\n")}"
>> +      ensure
>> +        remove_private_key(private_key)
>> +      end
>> +      respond_to do |format|
>> +        format.xml { haml :"instances/run" }
>> +      end
>> +    end
>> +  end
>>   end
>>      
> In keeping with tradition, we also need to advertise 'run' as one of the
> actions on the instance in the instance details.
>
>    

I added a instance feature for 'run' and marked the ec2 / mock drivers 
as providing that feature. Is this what you were referring to? (I 
apologize if not, still working my way around the core codebase)

> Which brings up the questions for which clouds this is really supported;
> in theory, any cloud, assuming the image is set up 'right'.
>
> And it brings up two more things:
>        * if we can ssh we can also scp (and should probably support that
>          as another instance action; the action should take a list of
>          files and their contents, not just one)
>    

Second patch in the set adds this.

>        * we need to support RackSpace-type file injection in
>          create_instance
>
> David
>
>    
Can you elaborate on what this RackSpace file injection feature is and 
what it entails. Thanks.

   -Mo


Mime
View raw message