def retire_proxy(name=None, ip=None, srv=None, reason='failed checkfallbacks', pipeline=None, offload=False):
name, ip, srv = nameipsrv(name, ip, srv)
region = region_by_name(name)
if redis_shell.sismember(region + ':fallbacks', srv):
print >> sys.stderr, "I'm *not retiring* %s (%s) because it is a fallback server for region '%s'." % (name, ip, region)
print >> sys.stderr, "Please remove it as a fallback first."
return
if redis_shell.sismember(region + ':honeypots', srv):
print >> sys.stderr, "I'm *not retiring* %s (%s) because it is a honeypot server for region '%s'." % (name, ip, region)
print >> sys.stderr, "Please remove it as a honeypot first."
return
p = pipeline or redis_shell.pipeline()
if offload:
qname = '%s:offloadq' % region_by_name(name)
else:
qname = '%s:retireq' % cm_by_name(name)
p.rpush(qname, '%s|%s' % (name, ip))
log2redis({'op': 'retire',
'name': name,
'ip': ip,
'srv': srv,
'reason': reason},
pipeline=p)
if not pipeline:
p.execute()
def launch_one_server(q, reqid, name, req_string):
req = json.loads(req_string)
d = vps_shell.create_vps(name, req)
ip = d['ip']
msg = {'reqid': reqid,
'name': name,
'ip': ip,
'srvq': req['srvq'],
'access_data': None}
if redis_shell.sismember(REGION + ':blocked_ips', ip):
msg['blocked'] = True
else:
access_data = vps_shell.init_vps(d)
#XXX: DRY
adip = access_data['addr'].split(':')[0]
if adip != ip:
print "IP mismatch! %s != %s" % (adip, ip)
send_to_slack("IP mismatch",
"Proxy which reported IP %s on creation has IP %s in access_data" % (ip, adip),
color="#ff00ff")
msg['ip'] = adip
if redis_shell.sismember(REGION + ":blocked_ips", adip):
print "Blocked IP %s sneaked in!" % adip
send_to_slack("Blocked IP sneaked in",
"Blocked IP %s was sneaking into %s's cloudmaster" % (adip, CM),
color="danger")
msg['blocked'] = True
else:
msg['blocked'] = False
msg['access_data'] = access_data
q.put(msg)
def retire_proxy(name=None,
ip=None,
srv=None,
reason='failed checkfallbacks',
pipeline=None,
offload=False):
name, ip, srv = nameipsrv(name, ip, srv)
region = region_by_name(name)
if redis_shell.sismember(region + ':fallbacks', srv):
print >> sys.stderr, "I'm *not retiring* %s (%s) because it is a fallback server for region '%s'." % (
name, ip, region)
print >> sys.stderr, "Please remove it as a fallback first."
return
if redis_shell.sismember(region + ':honeypots', srv):
print >> sys.stderr, "I'm *not retiring* %s (%s) because it is a honeypot server for region '%s'." % (
name, ip, region)
print >> sys.stderr, "Please remove it as a honeypot first."
return
p = pipeline or redis_shell.pipeline()
if offload:
qname = '%s:offloadq' % region_by_name(name)
else:
qname = '%s:retireq' % cm_by_name(name)
p.rpush(qname, '%s|%s' % (name, ip))
log2redis(
{
'op': 'retire',
'name': name,
'ip': ip,
'srv': srv,
'reason': reason
},
pipeline=p)
if not pipeline:
p.execute()
def run():
cm = vps_util.my_cm()
region = vps_util.my_region()
print "Starting retire server at cloudmaster %s, region %s." % (cm, region)
qname = cm + ":retireq"
destroy_qname = cm + ":destroyq"
q = redisq.Queue(qname, redis_shell, TIMEOUT)
while True:
task, remover = q.next_job()
if task:
name, ip = task.split('|')
is_baked_in = redis_shell.sismember(region + ":bakedin-names", name)
txn = redis_shell.pipeline()
if is_baked_in:
print "Not retiring baked-in server %s (%s)" % (name, ip)
else:
print "Retiring", name, ip
vps_util.actually_retire_proxy(name, ip, txn)
remover(txn)
if not is_baked_in:
# Introduce the job with the timestamp already filled in, so it will
# only be pulled when it 'expires'. This effectively adds a delay to
# give clients some time to move over to their new server before we
# actually destroy the old one.
txn.lpush(destroy_qname, "%s*%s" % (name, int(time.time())))
txn.execute()
else:
time.sleep(10)
def run():
cm = vps_util.my_cm()
region = vps_util.my_region()
print "Starting retire server at cloudmaster %s, region %s." % (cm, region)
qname = cm + ":retireq"
destroy_qname = cm + ":destroyq"
q = redisq.Queue(qname, redis_shell, TIMEOUT)
while True:
task, remover = q.next_job()
if task:
name, ip = task.split('|')
is_baked_in = redis_shell.sismember(region + ":bakedin-names",
name)
txn = redis_shell.pipeline()
if is_baked_in:
print "Not retiring baked-in server %s (%s)" % (name, ip)
else:
print "Retiring", name, ip
vps_util.actually_retire_proxy(name, ip, txn)
remover(txn)
if not is_baked_in:
# Introduce the job with the timestamp already filled in, so it will
# only be pulled when it 'expires'. This effectively adds a delay to
# give clients some time to move over to their new server before we
# actually destroy the old one.
txn.lpush(destroy_qname, "%s*%s" % (name, int(time.time())))
txn.execute()
else:
time.sleep(10)
def run():
qname = vps_util.my_cm() + ":destroyq"
region = vps_util.my_region()
q = redisq.Queue(qname, redis_shell, TIMEOUT)
print "Starting destroy service in cloudmaster %s, region %s." % (vps_util.my_cm(), region)
while True:
name, remover = q.next_job()
if name:
if redis_shell.sismember(region + ":bakedin-names", name):
print "Not retiring baked-in server", name
else:
print "Destroying", name
vps_util.destroy_vps(name)
remover()
else:
time.sleep(10)
def run():
qname = vps_util.my_cm() + ":destroyq"
region = vps_util.my_region()
q = redisq.Queue(qname, redis_shell, TIMEOUT)
print "Starting destroy service in cloudmaster %s, region %s." % (
vps_util.my_cm(), region)
while True:
name, remover = q.next_job()
if name:
if redis_shell.sismember(region + ":bakedin-names", name):
print "Not retiring baked-in server", name
else:
print "Destroying", name
vps_util.destroy_vps(name)
remover()
else:
time.sleep(10)
ret = {}
for name in names:
try:
args.remove('--' + name)
ret[name] = True
except ValueError:
ret[name] = False
return ret
if __name__ == '__main__':
args = sys.argv[:]
opts = extract_opts(args, 'json', 'print-name-and-ip')
region = None
if len(args) == 1:
region = rs.get('default-user-region')
elif len(args) == 2:
region = args[1]
if not rs.sismember('user-regions', region):
print "Usage: %s [--json] [--print-name-and-ip] [user-region]" % args[0]
print "Where region must be one of 'sea' for Southeast Asia (currently, only China) 'ir' for Iran, or 'etc' (default) for anywhere else."
print "Options (all default to false):"
print " --json: output a format that can be directly read by genconfig."
print " --print-name-and-ip: print name and ip of the new proxy, in addition to its config."
sys.exit(1)
ip, name, cfg = fetch(region)
if opts['json']:
cfg = tojson(cfg)
if opts['print-name-and-ip']:
print "\n%s (%s):\n" % (name, ip)
print cfg