2014-08-27 23:49:12 +00:00
|
|
|
package agent
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"regexp"
|
|
|
|
|
2017-07-06 10:34:00 +00:00
|
|
|
"github.com/hashicorp/consul/agent/structs"
|
2016-01-29 19:42:34 +00:00
|
|
|
"github.com/hashicorp/go-uuid"
|
2014-08-27 23:49:12 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
// userEventMaxVersion is the maximum protocol version we understand
|
|
|
|
userEventMaxVersion = 1
|
2014-09-01 05:45:55 +00:00
|
|
|
|
|
|
|
// remoteExecName is the event name for a remote exec command
|
|
|
|
remoteExecName = "_rexec"
|
2014-08-27 23:49:12 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// UserEventParam is used to parameterize a user event
|
2014-08-28 17:56:30 +00:00
|
|
|
type UserEvent struct {
|
|
|
|
// ID of the user event. Automatically generated.
|
|
|
|
ID string
|
|
|
|
|
2014-08-27 23:49:12 +00:00
|
|
|
// Name of the event
|
2014-08-28 17:56:30 +00:00
|
|
|
Name string `codec:"n"`
|
2014-08-27 23:49:12 +00:00
|
|
|
|
|
|
|
// Optional payload
|
2014-08-28 17:56:30 +00:00
|
|
|
Payload []byte `codec:"p,omitempty"`
|
2014-08-27 23:49:12 +00:00
|
|
|
|
|
|
|
// NodeFilter is a regular expression to filter on nodes
|
2014-08-28 17:56:30 +00:00
|
|
|
NodeFilter string `codec:"nf,omitempty"`
|
2014-08-27 23:49:12 +00:00
|
|
|
|
|
|
|
// ServiceFilter is a regular expression to filter on services
|
2014-08-28 17:56:30 +00:00
|
|
|
ServiceFilter string `codec:"sf,omitempty"`
|
2014-08-27 23:49:12 +00:00
|
|
|
|
|
|
|
// TagFilter is a regular expression to filter on tags of a service,
|
|
|
|
// must be provided with ServiceFilter
|
2014-08-28 17:56:30 +00:00
|
|
|
TagFilter string `codec:"tf,omitempty"`
|
2014-08-27 23:49:12 +00:00
|
|
|
|
2014-08-28 17:56:30 +00:00
|
|
|
// Version of the user event. Automatically generated.
|
|
|
|
Version int `codec:"v"`
|
2014-08-28 18:15:55 +00:00
|
|
|
|
|
|
|
// LTime is the lamport time. Automatically generated.
|
|
|
|
LTime uint64 `codec:"-"`
|
2014-08-27 23:49:12 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// validateUserEventParams is used to sanity check the inputs
|
2014-08-28 17:56:30 +00:00
|
|
|
func validateUserEventParams(params *UserEvent) error {
|
2014-08-27 23:49:12 +00:00
|
|
|
// Validate the inputs
|
|
|
|
if params.Name == "" {
|
|
|
|
return fmt.Errorf("User event missing name")
|
|
|
|
}
|
|
|
|
if params.TagFilter != "" && params.ServiceFilter == "" {
|
|
|
|
return fmt.Errorf("Cannot provide tag filter without service filter")
|
|
|
|
}
|
|
|
|
if params.NodeFilter != "" {
|
|
|
|
if _, err := regexp.Compile(params.NodeFilter); err != nil {
|
|
|
|
return fmt.Errorf("Invalid node filter: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if params.ServiceFilter != "" {
|
|
|
|
if _, err := regexp.Compile(params.ServiceFilter); err != nil {
|
|
|
|
return fmt.Errorf("Invalid service filter: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if params.TagFilter != "" {
|
|
|
|
if _, err := regexp.Compile(params.TagFilter); err != nil {
|
|
|
|
return fmt.Errorf("Invalid tag filter: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// UserEvent is used to fire an event via the Serf layer on the LAN
|
2015-06-18 01:58:27 +00:00
|
|
|
func (a *Agent) UserEvent(dc, token string, params *UserEvent) error {
|
2014-08-27 23:49:12 +00:00
|
|
|
// Validate the params
|
|
|
|
if err := validateUserEventParams(params); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Format message
|
2016-01-29 19:42:34 +00:00
|
|
|
var err error
|
|
|
|
if params.ID, err = uuid.GenerateUUID(); err != nil {
|
|
|
|
return fmt.Errorf("UUID generation failed: %v", err)
|
|
|
|
}
|
2014-08-28 17:56:30 +00:00
|
|
|
params.Version = userEventMaxVersion
|
2014-08-29 18:24:41 +00:00
|
|
|
payload, err := encodeMsgPack(¶ms)
|
2014-08-27 23:49:12 +00:00
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("UserEvent encoding failed: %v", err)
|
|
|
|
}
|
2014-08-28 22:00:49 +00:00
|
|
|
|
2015-06-18 23:20:24 +00:00
|
|
|
// Service the event fire over RPC. This ensures that we authorize
|
|
|
|
// the request against the token first.
|
2015-06-18 01:58:27 +00:00
|
|
|
args := structs.EventFireRequest{
|
2015-06-18 23:20:24 +00:00
|
|
|
Datacenter: dc,
|
|
|
|
Name: params.Name,
|
|
|
|
Payload: payload,
|
|
|
|
QueryOptions: structs.QueryOptions{Token: token},
|
2014-08-27 23:49:12 +00:00
|
|
|
}
|
2015-06-18 01:58:27 +00:00
|
|
|
|
|
|
|
// Any server can process in the remote DC, since the
|
|
|
|
// gossip will take over anyways
|
|
|
|
args.AllowStale = true
|
|
|
|
var out structs.EventFireResponse
|
|
|
|
return a.RPC("Internal.EventFire", &args, &out)
|
2014-08-27 23:49:12 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// handleEvents is used to process incoming user events
|
|
|
|
func (a *Agent) handleEvents() {
|
|
|
|
for {
|
|
|
|
select {
|
|
|
|
case e := <-a.eventCh:
|
|
|
|
// Decode the event
|
2014-08-28 17:56:30 +00:00
|
|
|
msg := new(UserEvent)
|
2014-08-29 18:24:41 +00:00
|
|
|
if err := decodeMsgPack(e.Payload, msg); err != nil {
|
2014-08-27 23:49:12 +00:00
|
|
|
a.logger.Printf("[ERR] agent: Failed to decode event: %v", err)
|
|
|
|
continue
|
|
|
|
}
|
2014-08-28 18:15:55 +00:00
|
|
|
msg.LTime = uint64(e.LTime)
|
2014-08-27 23:49:12 +00:00
|
|
|
|
|
|
|
// Skip if we don't pass filtering
|
|
|
|
if !a.shouldProcessUserEvent(msg) {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
2014-08-28 00:01:10 +00:00
|
|
|
// Ingest the event
|
|
|
|
a.ingestUserEvent(msg)
|
2014-08-27 23:49:12 +00:00
|
|
|
|
|
|
|
case <-a.shutdownCh:
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// shouldProcessUserEvent checks if an event makes it through our filters
|
2014-08-28 17:56:30 +00:00
|
|
|
func (a *Agent) shouldProcessUserEvent(msg *UserEvent) bool {
|
2014-08-27 23:49:12 +00:00
|
|
|
// Check the version
|
|
|
|
if msg.Version > userEventMaxVersion {
|
|
|
|
a.logger.Printf("[WARN] agent: Event version %d may have unsupported features (%s)",
|
|
|
|
msg.Version, msg.Name)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Apply the filters
|
|
|
|
if msg.NodeFilter != "" {
|
|
|
|
re, err := regexp.Compile(msg.NodeFilter)
|
|
|
|
if err != nil {
|
|
|
|
a.logger.Printf("[ERR] agent: Failed to parse node filter '%s' for event '%s': %v",
|
|
|
|
msg.NodeFilter, msg.Name, err)
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
if !re.MatchString(a.config.NodeName) {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if msg.ServiceFilter != "" {
|
|
|
|
re, err := regexp.Compile(msg.ServiceFilter)
|
|
|
|
if err != nil {
|
|
|
|
a.logger.Printf("[ERR] agent: Failed to parse service filter '%s' for event '%s': %v",
|
|
|
|
msg.ServiceFilter, msg.Name, err)
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
var tagRe *regexp.Regexp
|
|
|
|
if msg.TagFilter != "" {
|
|
|
|
re, err := regexp.Compile(msg.TagFilter)
|
|
|
|
if err != nil {
|
|
|
|
a.logger.Printf("[ERR] agent: Failed to parse tag filter '%s' for event '%s': %v",
|
|
|
|
msg.TagFilter, msg.Name, err)
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
tagRe = re
|
|
|
|
}
|
|
|
|
|
|
|
|
// Scan for a match
|
|
|
|
services := a.state.Services()
|
|
|
|
found := false
|
|
|
|
OUTER:
|
|
|
|
for name, info := range services {
|
|
|
|
// Check the service name
|
|
|
|
if !re.MatchString(name) {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
if tagRe == nil {
|
|
|
|
found = true
|
|
|
|
break
|
|
|
|
}
|
|
|
|
|
|
|
|
// Look for a matching tag
|
|
|
|
for _, tag := range info.Tags {
|
|
|
|
if !tagRe.MatchString(tag) {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
found = true
|
|
|
|
break OUTER
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// No matching services
|
|
|
|
if !found {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
2014-08-28 00:01:10 +00:00
|
|
|
// ingestUserEvent is used to process an event that passes filtering
|
2014-08-28 17:56:30 +00:00
|
|
|
func (a *Agent) ingestUserEvent(msg *UserEvent) {
|
2014-09-01 05:45:55 +00:00
|
|
|
// Special handling for internal events
|
|
|
|
switch msg.Name {
|
|
|
|
case remoteExecName:
|
2017-03-30 16:25:12 +00:00
|
|
|
if *a.config.DisableRemoteExec {
|
2014-09-01 05:45:55 +00:00
|
|
|
a.logger.Printf("[INFO] agent: ignoring remote exec event (%s), disabled.", msg.ID)
|
|
|
|
} else {
|
|
|
|
go a.handleRemoteExec(msg)
|
|
|
|
}
|
|
|
|
return
|
|
|
|
default:
|
|
|
|
a.logger.Printf("[DEBUG] agent: new event: %s (%s)", msg.Name, msg.ID)
|
|
|
|
}
|
|
|
|
|
2014-08-28 00:01:10 +00:00
|
|
|
a.eventLock.Lock()
|
|
|
|
defer func() {
|
|
|
|
a.eventLock.Unlock()
|
|
|
|
a.eventNotify.Notify()
|
|
|
|
}()
|
|
|
|
|
|
|
|
idx := a.eventIndex
|
|
|
|
a.eventBuf[idx] = msg
|
|
|
|
a.eventIndex = (idx + 1) % len(a.eventBuf)
|
|
|
|
}
|
|
|
|
|
2014-08-28 18:15:55 +00:00
|
|
|
// UserEvents is used to return a slice of the most recent
|
|
|
|
// user events.
|
|
|
|
func (a *Agent) UserEvents() []*UserEvent {
|
|
|
|
n := len(a.eventBuf)
|
|
|
|
out := make([]*UserEvent, n)
|
|
|
|
a.eventLock.RLock()
|
|
|
|
defer a.eventLock.RUnlock()
|
|
|
|
|
|
|
|
// Check if the buffer is full
|
|
|
|
if a.eventBuf[a.eventIndex] != nil {
|
|
|
|
if a.eventIndex == 0 {
|
|
|
|
copy(out, a.eventBuf)
|
|
|
|
} else {
|
|
|
|
copy(out, a.eventBuf[a.eventIndex:])
|
|
|
|
copy(out[n-a.eventIndex:], a.eventBuf[:a.eventIndex])
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
// We haven't filled the buffer yet
|
|
|
|
copy(out, a.eventBuf[:a.eventIndex])
|
|
|
|
out = out[:a.eventIndex]
|
|
|
|
}
|
|
|
|
return out
|
|
|
|
}
|
|
|
|
|
|
|
|
// LastUserEvent is used to return the lastest user event.
|
|
|
|
// This will return nil if there is no recent event.
|
|
|
|
func (a *Agent) LastUserEvent() *UserEvent {
|
|
|
|
a.eventLock.RLock()
|
|
|
|
defer a.eventLock.RUnlock()
|
2014-08-28 19:42:24 +00:00
|
|
|
n := len(a.eventBuf)
|
|
|
|
idx := (((a.eventIndex - 1) % n) + n) % n
|
2014-08-28 18:15:55 +00:00
|
|
|
return a.eventBuf[idx]
|
|
|
|
}
|