/** * Returns the iptables rules. * * @return Returns the command that list all the iptables rules. */ public static String listIptablesRule() { return sudo("/sbin/iptables -L -v -n"); }
/** * Uses the curl-able install.sh script provided at {@code get.docker.com}. * This will install the latest version, which may be incompatible with the * jclouds driver. */ private String installDockerFallback() { return "curl -s https://get.docker.com/ | " + sudo("sh"); }
/** * Returns the command that cleans up iptables rules. * * @return Returns the command that cleans up iptables rules. */ public static String cleanUpIptablesRules() { return sudo("/sbin/iptables -F"); }
public static String appendToEtcHosts(String ip, String... hostnames) { // Using sed rather than `echo ... >> /etc/hosts` because when embedded inside sudo, // the redirect doesn't get executed by sudo. String tempFileId = "bak"+Identifiers.makeRandomId(4); return sudo(String.format("sed -i."+tempFileId+" -e '$a\\\n%s %s' /etc/hosts", ip, Joiner.on(" ").join(hostnames))); }
private String setupAptRepo(SshMachineLocation sshMachineLocation) { final String osDetailsVersion = getOsVersion(sshMachineLocation); String repoUrl; if (osDetailsVersion.startsWith("14")) { repoUrl = UBUNTU_14_AMBARI_REPO_LOCATION; } else { repoUrl = UBUNTU_12_AMBARI_REPO_LOCATION; } return ifExecutableElse1("apt-get", chainGroup(sudo(commandToDownloadUrlAs(String.format(repoUrl, repoBaseUrl, getMajorVersion(), version), UBUNTU_REPO_LIST_LOCATION)), sudo("apt-key adv --recv-keys --keyserver keyserver.ubuntu.com B9733A7A07513CAD"), sudo("apt-get update"))); }
private void addIptablesRule(Integer hostPort, HostAndPort container) { LOG.debug("Using iptables to add access for TCP/{} to {}", hostPort, host); List<String> commands = ImmutableList.of( BashCommands.sudo(String.format("iptables -t nat -A PREROUTING -p tcp --dport %d -j DNAT --to-destination %s", hostPort, container.toString())), BashCommands.sudo(String.format("iptables -A FORWARD -p tcp -d %s --dport %d -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT", container.getHostText(), container.getPort()))); int result = host.execCommands(MutableMap.of(SshTool.PROP_ALLOCATE_PTY.getName(), true), String.format("Open iptables TCP/%d", hostPort), commands); if (result != 0) { String msg = String.format("Error running iptables update for TCP/%d on %s", hostPort, host); LOG.error(msg); throw new RuntimeException(msg); } }
@Beta // implementation not portable across distros public static String iptablesService(String cmd) { return sudo(alternatives( BashCommands.ifExecutableElse1("service", "service iptables " + cmd), "/sbin/service iptables " + cmd)); }
@Override public void stop() { newScript(MutableMap.of(USE_PID_FILE, false), STOPPING) .body.append(BashCommands.sudo(getWeaveCommand() + " stop")) .execute(); }
@Override public void stop() { newScript(MutableMap.of(USE_PID_FILE, false), STOPPING) .body.append(sudo(getCalicoCommand() + " node stop --force")) .execute(); }
@Override public void openFirewallPort(Entity entity, int port, Protocol protocol, Cidr accessingCidr) { LOG.debug("Open iptables rule for {}, {}, {}, {}", new Object[] { this, entity, port, protocol, accessingCidr }); if (cluster.config().get(MesosCluster.SDN_ENABLE)) { HostAndPort target = portmap.get(HostAndPort.fromParts(marathonHostname, port)); addIptablesRule(port, target); String profile = entity.getApplicationId(); // TODO allow other Calico profiles String command = BashCommands.sudo(String.format("calicoctl profile %s rule add inbound allow tcp to ports %d", profile, target.getPort())); CalicoModule calico = (CalicoModule) cluster.sensors().get(MesosCluster.SDN_PROVIDER); calico.execCalicoCommand(slave, command); } }
@Override public boolean isRunning() { return newScript(MutableMap.of(USE_PID_FILE, false), CHECK_RUNNING) .body.append(sudo(String.format("%s status", getCalicoCommand()))) .execute() == 0; }
@Override public void launch() { newScript(LAUNCHING) .body.append(sudo("ambari-server start")) .failOnNonZeroResultCode() .execute(); }
@Test(groups="Live") public void testJcloudsCreateWithNoSudoGranted() throws Exception { log.info("TEST testJcloudsCreateWithNoSudoGranted"); JcloudsSshMachineLocation m = obtainMachine(MutableMap.of( "grantUserSudo", false, "waitForSshable", 30*1000)); int exitCode = execWithExitCode(m, ImmutableList.of(BashCommands.sudo("echo yes"))); Assert.assertFalse(exitCode == 0, "exit code for sudo command should not have been 0"); }
@Override public void customize() { String tmpConfigFileLoc = "/tmp/ambari-agent.ini"; String destinationConfigFile = "/etc/ambari-agent/conf/ambari-agent.ini"; copyTemplate(getTemplateConfigurationUrl(), tmpConfigFileLoc); newScript(CUSTOMIZING) .body.append(sudo(format("mv %s %s", tmpConfigFileLoc, destinationConfigFile))) .failOnNonZeroResultCode() .execute(); }
@Override public Task<Integer> sshTaskApply(AmbariServer ambariServer) { return SshEffectorTasks .ssh( installPackageOr(ImmutableMap.of(), "mysql-connector-java", installPackageOrFail(ImmutableMap.of(), "libmysql-java")), sudo("ambari-server setup --jdbc-db=mysql --jdbc-driver=/usr/share/java/mysql-connector-java.jar")) .summary("Initialise Ranger requirements on " + ambariServer.getId()) .machine(EffectorTasks.getSshMachine(ambariServer)) .newTask() .asTask(); } }
@Override public void stop() { newScript(STOPPING) .body.append(sudo("service docker stop")) .failOnNonZeroResultCode() .uniqueSshConnection() .execute(); }
@Override public boolean isRunning() { // Spawns a container for duration of command, so take the host lock getEntity().sensors().get(SdnAgent.DOCKER_HOST).getDynamicLocation().getLock().lock(); try { return newScript(MutableMap.of(USE_PID_FILE, false), CHECK_RUNNING) .body.append(BashCommands.sudo(getWeaveCommand() + " status")) .execute() == 0; } finally { getEntity().sensors().get(SdnAgent.DOCKER_HOST).getDynamicLocation().getLock().unlock(); } }
@Override public void createSubnet(String subnetId, Cidr subnetCidr) { boolean ipip = entity.config().get(CalicoNetwork.USE_IPIP); boolean nat = entity.config().get(CalicoNetwork.USE_NAT); newScript("createSubnet") .body.append( sudo(String.format("%s pool add %s %s %s", getCalicoCommand(), subnetCidr, ipip ? "--ipip" : "", nat ? "--nat-outgoing" : ""))) .execute(); super.createSubnet(subnetId, subnetCidr); }