search

cloudigrade / houndigrade

Tool for inspecting mounted volumes for presence of Red Hat software
GNU General Public License v3.0
1 stars 2 forks source link

#1 Identify Distro #3

Closed ghost closed 6 years ago

ghost commented 6 years ago

How does this work?

Houndigrade is a CLI script that lives in a container, the primary use case is running it on container host that has N amount of volumes attached. Houndigrade will mount the volumes and run some static checks to see what OS and (soon™) software is used on said volume. Houndigrade can inspect multiple volumes at the same time simply by passing extra ones in via the -t flag. Once the inspection is complete results are written to a queue for consumption by a different service.

How do I run it?

For Dev/Locally

Currently there is an included docker compose file that helps you run it locally. The file combined with an entrypoint script will start a queue container (accessible at localhost:15672 with default credentials guest/guest) and the houndigrade container. Inside the houndigrade container the entrypoint script mounts two block devices using losetup and then runs a scan against those volumes. Each one has a single partition with either RHEL or CentOS fingerprints. Once the run is done a message will be placed on the queue.

In AWS

High level overview of launching this in AWS is as follows:

  1. Have host in ECS cluster.
  2. Attach volumes to inspect to that host.
  3. Create a task definition with environmental variables defining queue information and script options as the container command. (Script itself is already the entrypoint)
  4. Launch a task on that host and await the results.

Sample Output

Here is sample output of a message that you'd find on a queue from a real™ scan run in AWS that was called with command parameters -c aws -t ami-test1 /dev/xvdba -t ami-test2 /dev/xvdbb -t ami-test3 /dev/xvdbc

{
    "cloud": "aws",
    "inspection_targets": [
        [
            "ami-test1",
            "/dev/xvdba"
        ],
        [
            "ami-test2",
            "/dev/xvdbb"
        ],
        [
            "ami-test3",
            "/dev/xvdbc"
        ]
    ],
    "facts": {
        "/dev/xvdba": {
            "image_id": "ami-test1",
            "/dev/xvdba3": [
                {
                    "rhel_found": true,
                    "release_file": "/mnt/inspect/etc/os-release",
                    "release_file_contents": "NAME=\"Red Hat Enterprise Linux Server\"\nVERSION=\"7.4 (Maipo)\"\nID=\"rhel\"\nID_LIKE=\"fedora\"\nVARIANT=\"Server\"\nVARIANT_ID=\"server\"\nVERSION_ID=\"7.4\"\nPRETTY_NAME=\"Red Hat Enterprise Linux Server 7.4 (Maipo)\"\nANSI_COLOR=\"0;31\"\nCPE_NAME=\"cpe:/o:redhat:enterprise_linux:7.4:GA:server\"\nHOME_URL=\"https://www.redhat.com/\"\nBUG_REPORT_URL=\"https://bugzilla.redhat.com/\"\n\nREDHAT_BUGZILLA_PRODUCT=\"Red Hat Enterprise Linux 7\"\nREDHAT_BUGZILLA_PRODUCT_VERSION=7.4\nREDHAT_SUPPORT_PRODUCT=\"Red Hat Enterprise Linux\"\nREDHAT_SUPPORT_PRODUCT_VERSION=\"7.4\"\n"
                },
                {
                    "rhel_found": true,
                    "release_file": "/mnt/inspect/etc/redhat-release",
                    "release_file_contents": "Red Hat Enterprise Linux Server release 7.4 (Maipo)\n"
                },
                {
                    "rhel_found": true,
                    "release_file": "/mnt/inspect/etc/system-release",
                    "release_file_contents": "Red Hat Enterprise Linux Server release 7.4 (Maipo)\n"
                }
            ],
            "/dev/xvdba2": [
                {
                    "error": "mount: unknown filesystem type 'swap'\n"
                }
            ],
            "/dev/xvdba1": [
                {
                    "rhel_found": false,
                    "status": "No release files found on /dev/xvdba1"
                }
            ]
        },
        "/dev/xvdbb": {
            "image_id": "ami-test2",
            "/dev/xvdbb3": [
                {
                    "rhel_found": false,
                    "release_file": "/mnt/inspect/etc/centos-release",
                    "release_file_contents": "CentOS Linux release 7.4.1708 (Core) \n"
                },
                {
                    "rhel_found": false,
                    "release_file": "/mnt/inspect/etc/os-release",
                    "release_file_contents": "NAME=\"CentOS Linux\"\nVERSION=\"7 (Core)\"\nID=\"centos\"\nID_LIKE=\"rhel fedora\"\nVERSION_ID=\"7\"\nPRETTY_NAME=\"CentOS Linux 7 (Core)\"\nANSI_COLOR=\"0;31\"\nCPE_NAME=\"cpe:/o:centos:centos:7\"\nHOME_URL=\"https://www.centos.org/\"\nBUG_REPORT_URL=\"https://bugs.centos.org/\"\n\nCENTOS_MANTISBT_PROJECT=\"CentOS-7\"\nCENTOS_MANTISBT_PROJECT_VERSION=\"7\"\nREDHAT_SUPPORT_PRODUCT=\"centos\"\nREDHAT_SUPPORT_PRODUCT_VERSION=\"7\"\n\n"
                },
                {
                    "rhel_found": false,
                    "release_file": "/mnt/inspect/etc/redhat-release",
                    "release_file_contents": "CentOS Linux release 7.4.1708 (Core) \n"
                },
                {
                    "rhel_found": false,
                    "release_file": "/mnt/inspect/etc/system-release",
                    "release_file_contents": "CentOS Linux release 7.4.1708 (Core) \n"
                }
            ],
            "/dev/xvdbb2": [
                {
                    "error": "mount: unknown filesystem type 'swap'\n"
                }
            ],
            "/dev/xvdbb1": [
                {
                    "rhel_found": false,
                    "status": "No release files found on /dev/xvdbb1"
                }
            ]
        },
        "/dev/xvdbc": {
            "image_id": "ami-test3",
            "/dev/xvdbc2": [
                {
                    "error": "mount: unknown filesystem type 'LVM2_member'\n"
                }
            ],
            "/dev/xvdbc1": [
                {
                    "rhel_found": false,
                    "status": "No release files found on /dev/xvdbc1"
                }
            ]
        }
    }
}

Demo

https://asciinema.org/a/QEqfQSH6MAzIJ67TTWuYKhxtb

codecov[bot] commented 6 years ago

Codecov Report

:exclamation: No coverage uploaded for pull request base (master@1e72bd2). Click here to learn what that means. The diff coverage is 100%.

Impacted file tree graph

@@           Coverage Diff           @@
##             master     #3   +/-   ##
=======================================
  Coverage          ?   100%           
=======================================
  Files             ?      2           
  Lines             ?    193           
  Branches          ?     10           
=======================================
  Hits              ?    193           
  Misses            ?      0           
  Partials          ?      0
Impacted Files Coverage Δ
houndigrade/test_cli.py 100% <100%> (ø)
houndigrade/cli.py 100% <100%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 1e72bd2...485a05c. Read the comment docs.