search

ClusterHQ / unofficial-flocker-tools

A tool to make installing Flocker with container orchestration tools easier and more fun
https://clusterhq.com/
11 stars 9 forks source link

uft-flocker-config fails if cluster name has shell special characters #50

Open exarkun opened 8 years ago

exarkun commented 8 years ago

There's no quoting done when running flocker-ca (at least):

$ uft-flocker-config cluster.yml
Usage: flocker-ca <command> [options]
Options:
      --help      Display this help and exit.
      --journald  Log to journald.
      --version   Print the program's version and exit.
      --logfile=  Log to a file. Log is written to ``stdout`` by default. The
                  logfile         directory is created if it does not already
                  exist.
  -v, --verbose   Turn on verbose logging.

Run flocker-ca initialize --help for command usage and help.

flocker-ca is used to create TLS certificates.

The certificates are used to identify the control service, nodes and
API clients within a Flocker cluster.
ERROR: Wrong number of arguments.
main function encountered error
Traceback (most recent call last):
  File "/opt/flocker/bin/flocker-config", line 9, in <module>
    load_entry_point('UnofficialFlockerTools==0.5', 'console_scripts', 'flocker-config')()
  File "/opt/flocker/lib/python2.7/site-packages/unofficial_flocker_tools/config.py", line 147, in _main
    react(main, sys.argv[1:])
  File "/opt/flocker/lib/python2.7/site-packages/twisted/internet/task.py", line 875, in react
    finished = main(_reactor, *argv)
  File "/opt/flocker/lib/python2.7/site-packages/twisted/internet/defer.py", line 1253, in unwindGenerator
    return _inlineCallbacks(None, gen, Deferred())
--- <exception caught here> ---
  File "/opt/flocker/lib/python2.7/site-packages/twisted/internet/defer.py", line 1107, in _inlineCallbacks
    result = g.send(result)
  File "/opt/flocker/lib/python2.7/site-packages/unofficial_flocker_tools/config.py", line 21, in main
    c.run("flocker-ca initialize %s" % (c.config["cluster_name"],))
  File "/opt/flocker/lib/python2.7/site-packages/unofficial_flocker_tools/utils.py", line 208, in run
    result = subprocess.check_output(command, shell=True)
  File "/usr/lib/python2.7/subprocess.py", line 573, in check_output
    raise CalledProcessError(retcode, cmd, output=output)
subprocess.CalledProcessError: Command 'flocker-ca initialize jp coreos flocker testing' returned non-zero exit status 1
jean-paul@dilaton:/tmp/flocker-coreos$
wallnerryan commented 8 years ago

'flocker-ca initialize jp coreos flocker testing'

Its odd, did you manually enter multiple values? its off its trying to put multiple args to flocker-ca initialize, usually its just flocker-ca initialize mycluster

exarkun commented 8 years ago 
$ head -n 1 cluster.yml 
cluster_name: "jp coreos flocker testing"

There's no indication in the blog post (https://clusterhq.com/2015/09/01/flocker-runs-on-coreos/) that the cluster name has to be a single word without special characters.

wallnerryan commented 8 years ago

good point, maybe we can add to the docs. AFAIK it only takes one name, single word.

exarkun commented 8 years ago

More generally, this makes me question the safety of running these tools. If there's shell quoting missing here, where else is it missing? What do I open myself up to by running this software?

lukemarsden commented 8 years ago

I don't know why we even sub in the cluster name when running flocker-ca initialize. We could just stop doing that and use a constant cluster name.