2013-02-04 21:49:03 +00:00
|
|
|
require 'logger'
|
2013-02-05 05:06:28 +00:00
|
|
|
require 'pathname'
|
2013-02-04 21:49:03 +00:00
|
|
|
require 'stringio'
|
2012-01-06 08:56:09 +00:00
|
|
|
require 'timeout'
|
|
|
|
|
|
|
|
require 'log4r'
|
|
|
|
require 'net/ssh'
|
2013-04-03 20:54:21 +00:00
|
|
|
require 'net/ssh/proxy/command'
|
2012-01-06 08:56:09 +00:00
|
|
|
require 'net/scp'
|
|
|
|
|
2012-01-24 03:29:07 +00:00
|
|
|
require 'vagrant/util/ansi_escape_code_remover'
|
2012-01-06 08:56:09 +00:00
|
|
|
require 'vagrant/util/file_mode'
|
|
|
|
require 'vagrant/util/platform'
|
|
|
|
require 'vagrant/util/retryable'
|
2012-08-09 04:48:51 +00:00
|
|
|
require 'vagrant/util/ssh'
|
2012-01-06 08:56:09 +00:00
|
|
|
|
2012-08-09 04:48:51 +00:00
|
|
|
module VagrantPlugins
|
|
|
|
module CommunicatorSSH
|
|
|
|
# This class provides communication with the VM via SSH.
|
2012-11-07 05:14:10 +00:00
|
|
|
class Communicator < Vagrant.plugin("2", :communicator)
|
2012-08-09 04:56:22 +00:00
|
|
|
include Vagrant::Util::ANSIEscapeCodeRemover
|
|
|
|
include Vagrant::Util::Retryable
|
2012-01-06 08:56:09 +00:00
|
|
|
|
2012-08-09 04:48:51 +00:00
|
|
|
def self.match?(machine)
|
|
|
|
# All machines are currently expected to have SSH.
|
|
|
|
true
|
|
|
|
end
|
|
|
|
|
|
|
|
def initialize(machine)
|
|
|
|
@machine = machine
|
|
|
|
@logger = Log4r::Logger.new("vagrant::communication::ssh")
|
2012-01-07 19:57:46 +00:00
|
|
|
@connection = nil
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
def ready?
|
|
|
|
@logger.debug("Checking whether SSH is ready...")
|
|
|
|
|
2012-03-29 05:30:01 +00:00
|
|
|
# Attempt to connect. This will raise an exception if it fails.
|
|
|
|
connect
|
2012-01-06 08:56:09 +00:00
|
|
|
|
|
|
|
# If we reached this point then we successfully connected
|
|
|
|
@logger.info("SSH is ready!")
|
|
|
|
true
|
2012-08-09 04:48:51 +00:00
|
|
|
rescue Vagrant::Errors::VagrantError => e
|
2012-03-29 05:30:01 +00:00
|
|
|
# We catch a `VagrantError` which would signal that something went
|
|
|
|
# wrong expectedly in the `connect`, which means we didn't connect.
|
2012-01-06 08:56:09 +00:00
|
|
|
@logger.info("SSH not up: #{e.inspect}")
|
|
|
|
return false
|
|
|
|
end
|
|
|
|
|
2012-01-07 04:03:56 +00:00
|
|
|
def execute(command, opts=nil, &block)
|
|
|
|
opts = {
|
|
|
|
:error_check => true,
|
2012-08-09 04:48:51 +00:00
|
|
|
:error_class => Vagrant::Errors::VagrantError,
|
2012-01-07 04:03:56 +00:00
|
|
|
:error_key => :ssh_bad_exit_status,
|
|
|
|
:command => command,
|
|
|
|
:sudo => false
|
|
|
|
}.merge(opts || {})
|
|
|
|
|
2012-01-06 08:56:09 +00:00
|
|
|
# Connect via SSH and execute the command in the shell.
|
2013-07-18 03:39:42 +00:00
|
|
|
stdout = ""
|
|
|
|
stderr = ""
|
2012-01-07 04:03:56 +00:00
|
|
|
exit_status = connect do |connection|
|
2013-07-18 03:39:42 +00:00
|
|
|
shell_execute(connection, command, opts[:sudo]) do |type, data|
|
|
|
|
if type == :stdout
|
|
|
|
stdout += data
|
|
|
|
elsif type == :stderr
|
|
|
|
stderr += data
|
|
|
|
end
|
|
|
|
|
|
|
|
block.call(type, data) if block
|
|
|
|
end
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
|
|
|
|
2012-01-07 04:03:56 +00:00
|
|
|
# Check for any errors
|
|
|
|
if opts[:error_check] && exit_status != 0
|
|
|
|
# The error classes expect the translation key to be _key,
|
|
|
|
# but that makes for an ugly configuration parameter, so we
|
|
|
|
# set it here from `error_key`
|
2013-07-18 03:39:42 +00:00
|
|
|
error_opts = opts.merge(
|
|
|
|
:_key => opts[:error_key],
|
|
|
|
:stdout => stdout,
|
|
|
|
:stderr => stderr
|
|
|
|
)
|
2012-01-07 04:03:56 +00:00
|
|
|
raise opts[:error_class], error_opts
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
2012-01-07 04:03:56 +00:00
|
|
|
|
|
|
|
# Return the exit status
|
|
|
|
exit_status
|
|
|
|
end
|
|
|
|
|
|
|
|
def sudo(command, opts=nil, &block)
|
|
|
|
# Run `execute` but with the `sudo` option.
|
|
|
|
opts = { :sudo => true }.merge(opts || {})
|
|
|
|
execute(command, opts, &block)
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
|
|
|
|
2012-05-06 02:52:10 +00:00
|
|
|
def download(from, to=nil)
|
|
|
|
@logger.debug("Downloading: #{from} to #{to}")
|
|
|
|
|
|
|
|
scp_connect do |scp|
|
|
|
|
scp.download!(from, to)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2012-08-13 01:54:52 +00:00
|
|
|
def test(command, opts=nil)
|
|
|
|
opts = { :error_check => false }.merge(opts || {})
|
|
|
|
execute(command, opts) == 0
|
|
|
|
end
|
|
|
|
|
2012-01-06 08:56:09 +00:00
|
|
|
def upload(from, to)
|
2012-01-20 01:02:18 +00:00
|
|
|
@logger.debug("Uploading: #{from} to #{to}")
|
|
|
|
|
2012-05-06 02:52:10 +00:00
|
|
|
scp_connect do |scp|
|
2013-02-06 06:20:19 +00:00
|
|
|
if File.directory?(from)
|
|
|
|
# Recurisvely upload directories
|
|
|
|
scp.upload!(from, to, :recursive => true)
|
|
|
|
else
|
|
|
|
# Open file read only to fix issue [GH-1036]
|
|
|
|
scp.upload!(File.open(from, "r"), to)
|
|
|
|
end
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
2012-06-23 04:04:21 +00:00
|
|
|
rescue RuntimeError => e
|
|
|
|
# Net::SCP raises a runtime error for this so the only way we have
|
|
|
|
# to really catch this exception is to check the message to see if
|
|
|
|
# it is something we care about. If it isn't, we re-raise.
|
|
|
|
raise if e.message !~ /Permission denied/
|
|
|
|
|
|
|
|
# Otherwise, it is a permission denied, so let's raise a proper
|
|
|
|
# exception
|
2012-08-09 04:48:51 +00:00
|
|
|
raise Vagrant::Errors::SCPPermissionDenied, :path => from.to_s
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
# Opens an SSH connection and yields it to a block.
|
|
|
|
def connect
|
2012-01-07 19:37:08 +00:00
|
|
|
if @connection && !@connection.closed?
|
|
|
|
# There is a chance that the socket is closed despite us checking
|
|
|
|
# 'closed?' above. To test this we need to send data through the
|
|
|
|
# socket.
|
|
|
|
begin
|
|
|
|
@connection.exec!("")
|
2013-03-28 22:48:36 +00:00
|
|
|
rescue Exception => e
|
|
|
|
@logger.info("Connection errored, not re-using. Will reconnect.")
|
|
|
|
@logger.debug(e.inspect)
|
2013-04-03 15:31:10 +00:00
|
|
|
@connection = nil
|
2012-01-07 19:37:08 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
# If the @connection is still around, then it is valid,
|
|
|
|
# and we use it.
|
|
|
|
if @connection
|
2012-01-20 01:02:18 +00:00
|
|
|
@logger.debug("Re-using SSH connection.")
|
2012-01-07 19:37:08 +00:00
|
|
|
return yield @connection if block_given?
|
|
|
|
return
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2013-03-06 22:27:40 +00:00
|
|
|
# Get the SSH info for the machine, raise an exception if the
|
|
|
|
# provider is saying that SSH is not ready.
|
2012-08-09 04:48:51 +00:00
|
|
|
ssh_info = @machine.ssh_info
|
2013-03-06 22:27:40 +00:00
|
|
|
raise Vagrant::Errors::SSHNotReady if ssh_info.nil?
|
2012-01-06 08:56:09 +00:00
|
|
|
|
|
|
|
# Build the options we'll use to initiate the connection via Net::SSH
|
|
|
|
opts = {
|
2013-02-04 21:37:59 +00:00
|
|
|
:auth_methods => ["none", "publickey", "hostbased", "password"],
|
|
|
|
:config => false,
|
|
|
|
:forward_agent => ssh_info[:forward_agent],
|
2012-01-06 08:56:09 +00:00
|
|
|
:keys => [ssh_info[:private_key_path]],
|
|
|
|
:keys_only => true,
|
|
|
|
:paranoid => false,
|
2013-02-04 21:37:59 +00:00
|
|
|
:port => ssh_info[:port],
|
|
|
|
:user_known_hosts_file => []
|
2012-01-06 08:56:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
# Check that the private key permissions are valid
|
2013-02-05 05:06:28 +00:00
|
|
|
Vagrant::Util::SSH.check_key_permissions(Pathname.new(ssh_info[:private_key_path]))
|
2012-01-06 08:56:09 +00:00
|
|
|
|
|
|
|
# Connect to SSH, giving it a few tries
|
2012-03-13 21:27:16 +00:00
|
|
|
connection = nil
|
|
|
|
begin
|
2012-08-29 20:39:03 +00:00
|
|
|
# These are the exceptions that we retry because they represent
|
|
|
|
# errors that are generally fixed from a retry and don't
|
|
|
|
# necessarily represent immediate failure cases.
|
|
|
|
exceptions = [
|
2013-04-01 03:27:08 +00:00
|
|
|
Errno::EACCES,
|
2013-02-19 00:43:33 +00:00
|
|
|
Errno::EADDRINUSE,
|
2012-08-29 20:39:03 +00:00
|
|
|
Errno::ECONNREFUSED,
|
2013-02-01 04:04:57 +00:00
|
|
|
Errno::ECONNRESET,
|
2013-07-20 04:27:25 +00:00
|
|
|
Errno::ENETUNREACH,
|
2012-08-29 20:39:03 +00:00
|
|
|
Errno::EHOSTUNREACH,
|
|
|
|
Net::SSH::Disconnect,
|
|
|
|
Timeout::Error
|
|
|
|
]
|
|
|
|
|
2013-09-02 16:11:39 +00:00
|
|
|
retries = 5
|
2013-09-16 00:37:40 +00:00
|
|
|
timeout = 60
|
2013-02-04 19:44:56 +00:00
|
|
|
|
2013-09-02 16:11:39 +00:00
|
|
|
@logger.info("Attempting SSH connnection...")
|
2013-02-04 19:44:56 +00:00
|
|
|
connection = retryable(:tries => retries, :on => exceptions) do
|
|
|
|
Timeout.timeout(timeout) do
|
2013-02-04 21:46:59 +00:00
|
|
|
begin
|
|
|
|
# This logger will get the Net-SSH log data for us.
|
|
|
|
ssh_logger_io = StringIO.new
|
|
|
|
ssh_logger = Logger.new(ssh_logger_io)
|
|
|
|
|
|
|
|
# Setup logging for connections
|
|
|
|
connect_opts = opts.merge({
|
|
|
|
:logger => ssh_logger,
|
|
|
|
:verbose => :debug
|
|
|
|
})
|
2013-09-05 00:23:43 +00:00
|
|
|
|
|
|
|
if ssh_info[:proxy_command]
|
|
|
|
connect_opts[:proxy] = Net::SSH::Proxy::Command.new(ssh_info[:proxy_command])
|
|
|
|
end
|
2013-02-04 21:46:59 +00:00
|
|
|
|
2013-04-19 16:14:45 +00:00
|
|
|
@logger.info("Attempting to connect to SSH...")
|
|
|
|
@logger.info(" - Host: #{ssh_info[:host]}")
|
|
|
|
@logger.info(" - Port: #{ssh_info[:port]}")
|
|
|
|
@logger.info(" - Username: #{ssh_info[:username]}")
|
|
|
|
@logger.info(" - Key Path: #{ssh_info[:private_key_path]}")
|
|
|
|
|
2013-02-04 21:46:59 +00:00
|
|
|
Net::SSH.start(ssh_info[:host], ssh_info[:username], connect_opts)
|
|
|
|
ensure
|
|
|
|
# Make sure we output the connection log
|
|
|
|
@logger.debug("== Net-SSH connection debug-level log START ==")
|
|
|
|
@logger.debug(ssh_logger_io.string)
|
|
|
|
@logger.debug("== Net-SSH connection debug-level log END ==")
|
|
|
|
end
|
2012-03-29 05:30:01 +00:00
|
|
|
end
|
2012-03-13 21:27:16 +00:00
|
|
|
end
|
2013-04-01 03:27:08 +00:00
|
|
|
rescue Errno::EACCES
|
|
|
|
# This happens on connect() for unknown reasons yet...
|
|
|
|
raise Vagrant::Errors::SSHConnectEACCES
|
2013-01-17 00:42:00 +00:00
|
|
|
rescue Errno::ETIMEDOUT, Timeout::Error
|
2012-03-29 05:30:01 +00:00
|
|
|
# This happens if we continued to timeout when attempting to connect.
|
2012-08-09 04:48:51 +00:00
|
|
|
raise Vagrant::Errors::SSHConnectionTimeout
|
2012-03-13 21:27:16 +00:00
|
|
|
rescue Net::SSH::AuthenticationFailed
|
|
|
|
# This happens if authentication failed. We wrap the error in our
|
|
|
|
# own exception.
|
2012-08-09 04:48:51 +00:00
|
|
|
raise Vagrant::Errors::SSHAuthenticationFailed
|
2012-07-04 18:26:09 +00:00
|
|
|
rescue Net::SSH::Disconnect
|
|
|
|
# This happens if the remote server unexpectedly closes the
|
|
|
|
# connection. This is usually raised when SSH is running on the
|
|
|
|
# other side but can't properly setup a connection. This is
|
|
|
|
# usually a server-side issue.
|
2012-08-09 04:48:51 +00:00
|
|
|
raise Vagrant::Errors::SSHDisconnected
|
2012-03-13 21:27:16 +00:00
|
|
|
rescue Errno::ECONNREFUSED
|
|
|
|
# This is raised if we failed to connect the max amount of times
|
2012-08-09 04:48:51 +00:00
|
|
|
raise Vagrant::Errors::SSHConnectionRefused
|
2013-02-07 02:08:55 +00:00
|
|
|
rescue Errno::ECONNRESET
|
|
|
|
# This is raised if we failed to connect the max number of times
|
|
|
|
# due to an ECONNRESET.
|
|
|
|
raise Vagrant::Errors::SSHConnectionReset
|
2013-01-12 20:47:49 +00:00
|
|
|
rescue Errno::EHOSTDOWN
|
|
|
|
# This is raised if we get an ICMP DestinationUnknown error.
|
|
|
|
raise Vagrant::Errors::SSHHostDown
|
2013-07-09 12:35:07 +00:00
|
|
|
rescue Errno::EHOSTUNREACH
|
|
|
|
# This is raised if we can't work out how to route traffic.
|
|
|
|
raise Vagrant::Errors::SSHNoRoute
|
2012-03-13 21:27:16 +00:00
|
|
|
rescue NotImplementedError
|
|
|
|
# This is raised if a private key type that Net-SSH doesn't support
|
|
|
|
# is used. Show a nicer error.
|
2012-08-09 04:48:51 +00:00
|
|
|
raise Vagrant::Errors::SSHKeyTypeNotSupported
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
|
|
|
|
2012-01-07 19:37:08 +00:00
|
|
|
@connection = connection
|
|
|
|
|
2012-01-06 08:56:09 +00:00
|
|
|
# Yield the connection that is ready to be used and
|
|
|
|
# return the value of the block
|
|
|
|
return yield connection if block_given?
|
2012-08-09 04:48:51 +00:00
|
|
|
end
|
2012-01-06 08:56:09 +00:00
|
|
|
|
|
|
|
# Executes the command on an SSH connection within a login shell.
|
|
|
|
def shell_execute(connection, command, sudo=false)
|
2012-01-20 01:02:18 +00:00
|
|
|
@logger.info("Execute: #{command} (sudo=#{sudo.inspect})")
|
2012-01-06 08:56:09 +00:00
|
|
|
exit_status = nil
|
|
|
|
|
|
|
|
# Determine the shell to execute. If we are using `sudo` then we
|
|
|
|
# need to wrap the shell in a `sudo` call.
|
2012-08-09 04:48:51 +00:00
|
|
|
shell = @machine.config.ssh.shell
|
2012-06-01 21:17:31 +00:00
|
|
|
shell = "sudo -H #{shell}" if sudo
|
2012-01-06 08:56:09 +00:00
|
|
|
|
|
|
|
# Open the channel so we can execute or command
|
|
|
|
channel = connection.open_channel do |ch|
|
|
|
|
ch.exec(shell) do |ch2, _|
|
|
|
|
# Setup the channel callbacks so we can get data and exit status
|
|
|
|
ch2.on_data do |ch3, data|
|
2013-02-01 18:56:00 +00:00
|
|
|
# Filter out the clear screen command
|
|
|
|
data = remove_ansi_escape_codes(data)
|
|
|
|
@logger.debug("stdout: #{data}")
|
|
|
|
yield :stdout, data if block_given?
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
ch2.on_extended_data do |ch3, type, data|
|
2013-02-01 18:56:00 +00:00
|
|
|
# Filter out the clear screen command
|
|
|
|
data = remove_ansi_escape_codes(data)
|
|
|
|
@logger.debug("stderr: #{data}")
|
|
|
|
yield :stderr, data if block_given?
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
ch2.on_request("exit-status") do |ch3, data|
|
|
|
|
exit_status = data.read_long
|
2012-01-20 01:02:18 +00:00
|
|
|
@logger.debug("Exit status: #{exit_status}")
|
2013-07-11 21:40:03 +00:00
|
|
|
|
|
|
|
# Close the channel, since after the exit status we're
|
|
|
|
# probably done. This fixes up issues with hanging.
|
|
|
|
channel.close
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
# Set the terminal
|
|
|
|
ch2.send_data "export TERM=vt100\n"
|
|
|
|
|
2013-07-23 20:07:57 +00:00
|
|
|
# Set SSH_AUTH_SOCK if we are in sudo and forwarding agent.
|
|
|
|
# This is to work around often misconfigured boxes where
|
|
|
|
# the SSH_AUTH_SOCK env var is not preserved.
|
|
|
|
if @machine.ssh_info[:forward_agent] && sudo
|
|
|
|
auth_socket = ""
|
|
|
|
execute("echo; printf $SSH_AUTH_SOCK") do |type, data|
|
|
|
|
if type == :stdout
|
|
|
|
auth_socket += data
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
if auth_socket != ""
|
|
|
|
# Make sure we only read the last line which should be
|
|
|
|
# the $SSH_AUTH_SOCK env var we printed.
|
|
|
|
auth_socket = auth_socket.split("\n").last.chomp
|
|
|
|
end
|
|
|
|
|
|
|
|
if auth_socket == ""
|
|
|
|
@logger.warn("No SSH_AUTH_SOCK found despite forward_agent being set.")
|
|
|
|
else
|
|
|
|
@logger.info("Setting SSH_AUTH_SOCK remotely: #{auth_socket}")
|
|
|
|
ch2.send_data "export SSH_AUTH_SOCK=#{auth_socket}\n"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2012-01-06 08:56:09 +00:00
|
|
|
# Output the command
|
|
|
|
ch2.send_data "#{command}\n"
|
|
|
|
|
|
|
|
# Remember to exit or this channel will hang open
|
|
|
|
ch2.send_data "exit\n"
|
2012-06-08 12:13:13 +00:00
|
|
|
|
|
|
|
# Send eof to let server know we're done
|
|
|
|
ch2.eof!
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2013-04-08 04:51:14 +00:00
|
|
|
begin
|
|
|
|
keep_alive = nil
|
|
|
|
|
|
|
|
if @machine.config.ssh.keep_alive
|
|
|
|
# Begin sending keep-alive packets while we wait for the script
|
|
|
|
# to complete. This avoids connections closing on long-running
|
|
|
|
# scripts.
|
|
|
|
keep_alive = Thread.new do
|
|
|
|
loop do
|
|
|
|
sleep 5
|
|
|
|
@logger.debug("Sending SSH keep-alive...")
|
|
|
|
connection.send_global_request("keep-alive@openssh.com")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Wait for the channel to complete
|
2013-08-29 17:35:56 +00:00
|
|
|
begin
|
|
|
|
channel.wait
|
|
|
|
rescue IOError
|
|
|
|
@logger.info("SSH connection unexpected closed. Assuming reboot or something.")
|
|
|
|
exit_status = 0
|
|
|
|
end
|
2013-04-08 04:51:14 +00:00
|
|
|
ensure
|
|
|
|
# Kill the keep-alive thread
|
|
|
|
keep_alive.kill if keep_alive
|
|
|
|
end
|
2012-01-06 08:56:09 +00:00
|
|
|
|
|
|
|
# Return the final exit status
|
|
|
|
return exit_status
|
|
|
|
end
|
2012-05-06 02:52:10 +00:00
|
|
|
|
|
|
|
# Opens an SCP connection and yields it so that you can download
|
|
|
|
# and upload files.
|
|
|
|
def scp_connect
|
|
|
|
# Connect to SCP and yield the SCP object
|
|
|
|
connect do |connection|
|
|
|
|
scp = Net::SCP.new(connection)
|
|
|
|
return yield scp
|
|
|
|
end
|
|
|
|
rescue Net::SCP::Error => e
|
|
|
|
# If we get the exit code of 127, then this means SCP is unavailable.
|
2012-08-09 04:48:51 +00:00
|
|
|
raise Vagrant::Errors::SCPUnavailable if e.message =~ /\(127\)/
|
2012-05-06 02:52:10 +00:00
|
|
|
|
|
|
|
# Otherwise, just raise the error up
|
|
|
|
raise
|
|
|
|
end
|
2012-01-06 08:56:09 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|