[rudder-dev] Relay API
Benoit Peccatte
benoit.peccatte at normation.com
Fri Nov 4 17:38:14 CET 2016
Hello,
One of Rudder 4.1 new features will be relay APIs. This is the first
attempt to describe it.
There are currently 2 API entries we want to add: remote-run and
share-files.
They will both be under /rudder/relay-api itself under
https://<server>:<port>/ like the current api is.
/rudder is the common root for all rudder service
/relay-api is different from existing api to avoid conflicts with them
when it will be installed on the server
1. Remote-run:
The goal is to make a given relay call "rudder remote run" on one of its
attached node
The API will be under /rudder/relay-api/remote-run
GET remote-run/node/<node-uuid>
GET remote-run/all
GET remote-run/nodes
Parameters:
- output = keep / discard : to keep the output of the remote-run call or
discard its content
- async = yes / no : yes to ignore the return code of the call and
return immediately, no to wait until the end of the call and get the
return code
- classes = XXX : list of cfengine classes to set during the remote call
- nodes = uuid,... : list of uuid to call in the "/nodes" case
Behavior:
- Loop on all nodes
- Find its hostname from its uuid in a matching file created by promise
generation on the server
- The call is descending, so we don't care about host that do not exist
- The call is descending, so we will only accept calls from the policy
server
- Call rudder remote
- prefix the remote output lines with <uuid>: to make sure the caller
can parse output during async call on multiple nodes
- surround the output with json format lines and include return code,
duration and stderr (-> we should escape the output for use within a
json string)
2. Share Files
The goal is to share files between an agent and another one via their
policy server.
The API will be under /rudder/relay-api/shared-files
POST shared-files/node/<target_uuid>/<file_id> (share a file content
with the target uuid using a given file id)
HEAD shared-files/node/<target_uuid>/<file_id> (ask if a file with the
given file id is already shared with the given target id)
Parameters:
- source-uuid: the uuid of the node sharing a file with the target uuid
- signature: the file's signature in case of a POST, to authenticate the
source node
- hash: the file's hash in case of a HEAD to know is the version already
present matches
POST Behavior:
- if the target is known by the local relay
-> validate the signature
-> store the file in
/var/rudder/shared-files-nodes/[..<relay-uuid>..]/<target_uuid>/<source_uuid>/<file_id>
-> store the metadata (including, date, hash and signature) in <the
same path>.medata
- if the target in not known and we are not the root server
-> store the file in a temporary directory
-> try to send the file to the relay server
-> do nt remove the file and try again as long as there is a fatal
error (code >= 500, network error)
- if the target in not known and we are the root server
-> ignore the file and return 404
HEAD behavior:
- If the file exists in /var/rudder/shared-files-nodes... with the same
hash, return 200
- If it doesn't, return 404
3. Using this API from ncf
We will create 2 new generic methods in ncf:
- sharedfile_to_node(target_uuid, file_id, file_path, ttl) where ttl
is infinite by default
- sharedfile_from_node(source_uuid, file_id, file_path)
The first one will call HEAD on the shared-files API and if is gets a
404, call POST to send the content.
The second one will just download the file using regular cfengine protocol.
That's all folks !
Any comment ?
--
------------------------------------------------------------------------
*Logo Normation Benoît Peccatte*
/Architecte/
Normation <http://www.normation.com>
------------------------------------------------------------------------
*87, Rue de Turbigo, 75003 Paris, France*
Phone: +33 (0)1 85 08 48 96
------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.rudder-project.org/pipermail/rudder-dev/attachments/20161104/acda3128/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logo-square3.gif
Type: image/gif
Size: 1036 bytes
Desc: not available
URL: <http://www.rudder-project.org/pipermail/rudder-dev/attachments/20161104/acda3128/attachment.gif>
More information about the rudder-dev
mailing list