관리-도구
편집 파일: openshift.py
# This file is part of the sos project: https://github.com/sosreport/sos # # This copyrighted material is made available to anyone wishing to use, # modify, copy, or redistribute it subject to the terms and conditions of # version 2 of the GNU General Public License. # # See the LICENSE file in the source distribution for further information. from sos.plugins import Plugin, RedHatPlugin import os.path # This plugin handles OpenShift Enterprise versions up to 2.x # which are based in the upstream code of OpenShift Origin M4 # located here: https://github.com/openshift/origin-server # # For later of OpenShift Origin based on: https://github.com/openshift/origin # like OpenShift Enterprise 3.x see the origin.py plugin class Openshift(Plugin, RedHatPlugin): """Openshift 2.x node and broker""" plugin_name = "openshift" profiles = ('virt', 'openshift') # The 'broker' and 'node' options are obsolete but are maintained # here for compatibility with external programs that call sosreport # with these names. option_list = [("broker", "Gathers broker specific files", "slow", False), ("node", "Gathers node specific files", "slow", False)] ruby = "ruby193" vendor = "rh" mco_config_dir = "/opt/%s/%s/root/etc/mcollective" % (vendor, ruby) gear_base_dir = "/var/lib/openshift" node_settings_dir = os.path.join(gear_base_dir, ".settings") node_proxy_dir = os.path.join(gear_base_dir, ".httpd.d") httpd_config_dir = "/etc/httpd/conf.d" def is_broker(self): return os.path.exists("/etc/openshift/broker.conf") def is_node(self): return os.path.exists("/etc/openshift/node.conf") def setup(self): self.add_copy_spec([ "/etc/openshift-enterprise-release", "/var/log/openshift", "/etc/openshift/*.conf", "/etc/openshift/upgrade", ]) self.add_cmd_output("oo-diagnostics -v") if self.is_broker(): self.add_copy_spec([ "/etc/openshift/quickstarts.json", "/etc/openshift/plugins.d/*.conf", os.path.join(self.mco_config_dir, "client.cfg"), "/var/www/openshift/broker/httpd/httpd.conf", "/var/www/openshift/broker/httpd/conf.d/*.conf", "/var/www/openshift/console/httpd/httpd.conf", "/var/www/openshift/console/httpd/conf.d/*.conf", ]) self.add_cmd_output([ "oo-accept-broker -v", "oo-admin-chk -v", "oo-mco ping", ]) if self.is_node(): self.add_copy_spec([ "/etc/openshift/node-plugins.d/*.conf", "/etc/openshift/cart.conf.d", "/etc/openshift/iptables.*.rules", "/etc/openshift/env", os.path.join(self.httpd_config_dir, "openshift-vhost-logconf.include"), os.path.join(self.httpd_config_dir, "openshift-http-vhost.include"), os.path.join(self.httpd_config_dir, "openshift_restorer.include"), os.path.join(self.mco_config_dir, "server.cfg"), os.path.join(self.mco_config_dir, "facts.yaml"), os.path.join(self.node_settings_dir, "district.info"), os.path.join(self.node_proxy_dir, "*.conf"), os.path.join(self.node_proxy_dir, "aliases.txt"), os.path.join(self.node_proxy_dir, "nodes.txt"), os.path.join(self.node_proxy_dir, "idler.txt"), os.path.join(self.node_proxy_dir, "sts.txt"), os.path.join(self.node_proxy_dir, "routes.json"), os.path.join(self.node_proxy_dir, "geardb.json"), os.path.join(self.node_proxy_dir, "sniproxy.json"), "/var/log/httpd/openshift_log", "/var/log/mcollective.log", "/var/log/node-web-proxy/access.log", "/var/log/node-web-proxy/error.log", "/var/log/node-web-proxy/websockets.log", "/var/log/node-web-proxy/supervisor.log", ]) self.add_cmd_output([ "oo-accept-node -v", "oo-admin-ctl-gears list", "ls -laZ %s" % self.gear_base_dir, "ls -la %s" % self.node_proxy_dir ]) def postproc(self): # Redact broker's MongoDB credentials: # MONGO_PASSWORD="PasswordForOpenshiftUser" self.do_file_sub('/etc/openshift/broker.conf', r"(MONGO_PASSWORD\s*=\s*)(.*)", r"\1*******") # Redact session SHA keys: # SESSION_SECRET=0c31...a7c8 self.do_file_sub('/etc/openshift/broker.conf', r"(SESSION_SECRET\s*=\s*)(.*)", r"\1*******") self.do_file_sub('/etc/openshift/console.conf', r"(SESSION_SECRET\s*=\s*)(.*)", r"\1*******") # Redact passwords of the form: # plugin.activemq.pool.1.password = Pa$sW0Rd self.do_file_sub(os.path.join(self.mco_config_dir, "server.cfg"), r"(.*password\s*=\s*)\S+", r"\1********") self.do_file_sub(os.path.join(self.mco_config_dir, "client.cfg"), r"(.*password\s*=\s*)\S+", r"\1********") # Redact DNS plugin credentials # Dynect DNS: DYNECT_PASSWORD=s0ME-p4$_w0RD._ plugin_dir = '/etc/openshift/plugins.d/' self.do_file_sub(plugin_dir + 'openshift-origin-dns-dynect.conf', r"(DYNECT_PASSWORD\s*=\s*)(.*)", r"\1********") # Fog cloud: FOG_RACKSPACE_API_KEY="apikey" self.do_file_sub(plugin_dir + 'openshift-origin-dns-fog.conf', r"(FOG_RACKSPACE_API_KEY\s*=\s*)(.*)", r"\1********") # ISC bind: BIND_KEYVALUE="rndc key" self.do_file_sub(plugin_dir + 'openshift-origin-dns-nsupdate.conf', r"(BIND_KEYVALUE\s*=\s*)(.*)", r"\1********") # LDAP authentication: AuthLDAPBindPassword "IShouldNotBeHere" ldap_paths = '/var/www/openshift/(broker|console)/httpd/conf.d/.*' self.do_path_regex_sub(ldap_paths, r"(AuthLDAPBindPassword)\s*(.*)", r"\1********") # vim: set et ts=4 sw=4 :