icinga2/tools/icinga2-discover-agent.cmake

200 lines
5.8 KiB
CMake
Raw Normal View History

#!/usr/bin/env python
# Copyright (c) 2014 Yusuke Shinyama
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
from __future__ import print_function
## NetstringParser
##
class NetstringParser(object):
"""
Decodes a netstring to a list of Python strings.
>>> parser = NetstringParser()
>>> parser.feed('3:456,')
>>> parser.results
['456']
>>> NetstringParser.parse('3:abc,4:defg,')
['abc', 'defg']
"""
def __init__(self):
self.results = []
self.reset()
return
def reset(self):
self._data = ''
self._length = 0
self._parse = self._parse_len
return
def feed(self, s):
i = 0
while i < len(s):
i = self._parse(s, i)
return
def _parse_len(self, s, i):
while i < len(s):
c = s[i]
if c < '0' or '9' < c:
self._parse = self._parse_sep
break
self._length *= 10
self._length += ord(c)-48
i += 1
return i
def _parse_sep(self, s, i):
if s[i] != ':': raise SyntaxError(i)
self._parse = self._parse_data
return i+1
def _parse_data(self, s, i):
n = min(self._length, len(s)-i)
self._data += s[i:i+n]
self._length -= n
if self._length == 0:
self._parse = self._parse_end
return i+n
def _parse_end(self, s, i):
if s[i] != ',': raise SyntaxError(i)
self.add_data(self._data)
self.reset()
return i+1
def add_data(self, data):
self.results.append(data)
return
@classmethod
def parse(klass, s):
self = klass()
self.feed(s)
return self.results
# Icinga 2
# Copyright (C) 2012-2014 Icinga Development Team (http://www.icinga.org)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software Foundation
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
import socket, ssl, sys, json, os, hashlib, time
def warning(*objs):
print(*objs, file=sys.stderr)
if len(sys.argv) < 2:
warning("Syntax: %s <host> [<port>]" % (sys.argv[0]))
sys.exit(1)
host = sys.argv[1]
if len(sys.argv) > 2:
port = int(sys.argv[2])
else:
port = 8483
agentpki = "@CMAKE_INSTALL_FULL_SYSCONFDIR@/icinga2/pki/agent"
keyfile = agentpki + "/agent.key"
certfile = agentpki + "/agent.crt"
cafile = agentpki + "/ca.crt"
if not os.path.isfile(certfile):
warning("Certificate file (" + certfile + ") not found.")
warning("Make sure the agent certificates are set up properly.")
sys.exit(1)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# require a certificate from the server
ssl_sock = ssl.wrap_socket(s,
keyfile=keyfile,
certfile=certfile,
ca_certs=cafile,
cert_reqs=ssl.CERT_REQUIRED)
ssl_sock.connect((host, port))
cn = None
subject = ssl_sock.getpeercert()["subject"]
for prdn in subject:
rdn = prdn[0]
if rdn[0] == "commonName":
cn = rdn[1]
if cn == None:
warning("Agent certificate does not have a commonName:", repr(subject))
sys.exit(1)
ssl_sock.write('20:{"method":"get_crs"},')
nsp = NetstringParser()
while True:
data = ssl_sock.read()
if not data:
break
nsp.feed(data)
ssl_sock.close()
if len(nsp.results) != 1:
warning("Agent returned invalid response: ", repr(nsp.results))
sys.exit(1)
response = json.loads(nsp.results[0])
method = response['method']
if method != "push_crs":
warning("Agent did not return any check results. Make sure you're using the master certificate.")
sys.exit(1)
params = response["params"]
params["seen"] = time.time()
inventory_file = "@CMAKE_INSTALL_FULL_LOCALSTATEDIR@/lib/icinga2/agent/inventory/" + hashlib.sha256(cn).hexdigest()
fp = open(inventory_file, "w")
inventory_info = { "identity": cn, "params": params }
json.dump(inventory_info, fp)
fp.close()
peer_file = "@CMAKE_INSTALL_FULL_LOCALSTATEDIR@/lib/icinga2/agent/inventory/" + hashlib.sha256(cn).hexdigest() + ".peer"
fp = open(peer_file, "w")
peer_info = { "agent_host": host, "agent_port": port }
json.dump(peer_info, fp)
fp.close()
print("Inventory information has been updated for agent '%s'." % (cn))
sys.exit(0)