Fai-updater: Difference between revisions

From FAIWiki
Jump to navigation Jump to search
No edit summary
 
(28 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== fai-updater - run and supervise softupdates on many machines at the same time ==
== fai-updater - run and supervise softupdates on many machines at the same time ==
=== Screenshots ===
Everybody likes screenshots, so here are two.
General logic is the following:
* clients are put into the "waiting" queue (the ''left'' column), by default in randomized order
* as soon as a slot in the "running" queue gets free (the second column), the first "waiting" client gets updated/put into the "running" status and stays there until the update task finished
* Depending on the outcome, the client is sorted in one of the last three columns:
** Unreachable: the host was unreachable or the fai softupdate could not be started there
** Error: the updater detected an error during the update (basically, it parses for the error string produced by a logcheck script such as hooks/savelog.LAST in the simple example)
** Success: the update finished and no error was detected
==== Fai-updater in its basic mode ====
https://user-images.githubusercontent.com/516503/241696679-6e4227d8-9069-408c-8063-0401c44a6bc0.png
==== Fai-updater with an open logfile viewer ====
https://github.com/glaweh/fai-updater/assets/516503/df17f8d1-ba7f-476f-8536-2d8f7eceb656
=== License ===
=== License ===
I put this code under the GPLv2
I put this code under the GPLv2
=== Download ===
You can download the FAI updater from here:
https://github.com/glaweh/fai-updater


=== Required packages ===
=== Required packages ===
Line 13: Line 34:


=== Install ===
=== Install ===
Just unpack the tarball.
Just run
 
git clone https://github.com/glaweh/fai-updater.git


=== Command line options ===
=== Command line options ===
  updater-curses [options] <netgroup|-H host1,host2,...>
<nowiki>
   --help           display this help message
Usage: ./bin/fai-updater-ncurses [options] <@netgroup|host [...]>
   --version         print version
 
   -o               ordered mode: don't randomize order of hosts
Help Options:
   -s <number>       number of updates running simultanously
   -h, --help                 display this help message
   -n               dryrun mode: use a dummy-script instead of really  
   --version                 print version information
                    contacting the clients
 
Application Options:
   -o, --ordered              ordered mode: don't randomize order of hosts
   -s, --simultaneous <NUM>   run updates on NUM hosts simultanously
                            (default: 4)
   -n, --dryrun              dryrun mode: use a dummy-script instead of
                            really contacting the clients
</nowiki>


=== Connecting to the clients ===
=== Connecting to the clients ===
A script using ssh is included, but of course you can edit it to match  
A script using ssh is included, but of course you can edit it to match  
your own needs.
your own needs.
To be able to connect to the clients using the provided libexec/faiupdate,  
To be able to connect to the clients using the provided libexec/faiupdate,  
you need to have some way to access them via ssh as root without entering
you need to have some way to access them via ssh as root without entering
a password.
a password.
A solution for this is to install a matching file as  
A solution for this is to install a matching file as  
/root/.ssh/authorized_keys, start ssh-agent and load the private key  
/root/.ssh/authorized_keys, start ssh-agent and load the private key  
into it _before_ starting fai-updater.
into it _before_ starting fai-updater.
Another, but from a security point of view dangerous, possibility is to
Another, but from a security point of view dangerous, possibility is to
use a passphrase-less ssh private key into the account under which you run  
use a passphrase-less ssh private key into the account under which you run  
Line 45: Line 78:
If you have any questions or suggestions, feel free to write me.
If you have any questions or suggestions, feel free to write me.


Henning Glawe <glaweh@debian.org>
Henning Glawe <glaweh (at) debian (dot) org>
 
 
[[Category:Howto]]

Latest revision as of 09:54, 29 May 2023

fai-updater - run and supervise softupdates on many machines at the same time

Screenshots

Everybody likes screenshots, so here are two.

General logic is the following:

  • clients are put into the "waiting" queue (the left column), by default in randomized order
  • as soon as a slot in the "running" queue gets free (the second column), the first "waiting" client gets updated/put into the "running" status and stays there until the update task finished
  • Depending on the outcome, the client is sorted in one of the last three columns:
    • Unreachable: the host was unreachable or the fai softupdate could not be started there
    • Error: the updater detected an error during the update (basically, it parses for the error string produced by a logcheck script such as hooks/savelog.LAST in the simple example)
    • Success: the update finished and no error was detected

Fai-updater in its basic mode

https://user-images.githubusercontent.com/516503/241696679-6e4227d8-9069-408c-8063-0401c44a6bc0.png

Fai-updater with an open logfile viewer

https://github.com/glaweh/fai-updater/assets/516503/df17f8d1-ba7f-476f-8536-2d8f7eceb656

License

I put this code under the GPLv2

Download

You can download the FAI updater from here:

https://github.com/glaweh/fai-updater

Required packages

for the frontend, you need the Curses::UI perl module, in Debian you get it via

apt-get install libcurses-ui-perl

On the client side, fai-client is needed and of course a FAI configuration which is update-safe.

Install

Just run

git clone https://github.com/glaweh/fai-updater.git

Command line options

Usage: ./bin/fai-updater-ncurses [options] <@netgroup|host [...]>

Help Options:
  -h, --help                 display this help message
  --version                  print version information

Application Options:
  -o, --ordered              ordered mode: don't randomize order of hosts
  -s, --simultaneous <NUM>   run updates on NUM hosts simultanously
                             (default: 4)
  -n, --dryrun               dryrun mode: use a dummy-script instead of
                             really contacting the clients
 

Connecting to the clients

A script using ssh is included, but of course you can edit it to match your own needs.

To be able to connect to the clients using the provided libexec/faiupdate, you need to have some way to access them via ssh as root without entering a password.

A solution for this is to install a matching file as /root/.ssh/authorized_keys, start ssh-agent and load the private key into it _before_ starting fai-updater.

Another, but from a security point of view dangerous, possibility is to use a passphrase-less ssh private key into the account under which you run fai-updater.

Some comments on the code

I know the code is quite rough, as though I tried programming cleanly, a lot of hacks have slipped in, and I don't have the time to clean up the code right now due to my diploma thesis' deadline ;)

If you have any questions or suggestions, feel free to write me.

Henning Glawe <glaweh (at) debian (dot) org>