Hi!

This is the very first ( to take it for a spin ) release of sparrowdo - a simple configuration management tool written on Perl6 and consuming sparrow plugins.

This is where Perl5, Perl6 could make a synergy. Consider a simple example of sparrowdo scenario:

$ cat sparrowfile

use v6;

use Sparrowdo;

task_run  %(
  task => 'install my packages',
  plugin => 'package-generic',
  parameters => %( list => 'git-core carton cpanminus' )
);

task_run  %(
  task => 'install psgi app',
  plugin => 'perl-app',
  parameters => %( 
    'app_source_url' => 'https://github.com/melezhik/web-app.git',
    'git_branch' => 'master',
    'http_port' => 3030
  )
);

All it does is:

• installing some packages required for further deployment ( git, cpanm, carton )
• installing perl5 psgi application by fetching source code from remote repository, installing dependencies with cpanfile/carton and running service using Ubic and Starman.

Here we go. On my vagrant Ubuntu 14.04 Trusty box I will have:

$ sparrowdo --ssh_user=vagrant  --ssh_port=2200 --host=127.0.0.1  --verbose 
running sparrow tasks on 127.0.0.1 ... 
running task <install my packages> plg <package-generic> 
parameters:
{list => git-core carton cpanminus}
ssh -q -tt -p 2200 vagrant@127.0.0.1 ' sudo bash -c "export LC_ALL=en_US.UTF-8 ; sparrow index update"'
get index updates from SparrowHub ... OK
ssh -q -tt -p 2200 vagrant@127.0.0.1 ' sudo bash -c "export LC_ALL=en_US.UTF-8 ; sparrow project remove sparrowdo"'
project sparrowdo successfully removed

ssh -q -tt -p 2200 vagrant@127.0.0.1 ' sudo bash -c "export LC_ALL=en_US.UTF-8 ; sparrow plg install package-generic"'
public@package-generic is uptodate (0.1.1)
ssh -q -tt -p 2200 vagrant@127.0.0.1 ' sudo bash -c "export LC_ALL=en_US.UTF-8 ; sparrow project create sparrowdo"'
project sparrowdo successfully created

ssh -q -tt -p 2200 vagrant@127.0.0.1 ' sudo bash -c "export LC_ALL=en_US.UTF-8 ; sparrow task add sparrowdo install_my_packages package-generic"'
task - set plugin to public@package-generic

task sparrowdo/install_my_packages successfully created

install_my_packages.json                                                                                                                              100%   41     0.0KB/s   00:00    
ssh -q -tt -p 2200 vagrant@127.0.0.1 ' sudo bash -c "export LC_ALL=en_US.UTF-8 ; sparrow task run sparrowdo install_my_packages --json /tmp/install_my_packages.json"'
# cd /home/vagrant/sparrow/plugins/public/package-generic 
# export PATH=$PATH:local/bin 
# export PERL5LIB=local/lib/perl5:$PERL5LIB 
# strun --root ./ --json /tmp/install_my_packages.json --json /tmp/install_my_packages.json

/tmp/.outthentic/31112/home/vagrant/sparrow/plugins/public/package-generic/story.t .. 
# [/home/vagrant/sparrow/plugins/public/package-generic/modules/apt-get]
# Package: git-core
# Version: 1:2.1.4-2.1
# Status: install ok installed
ok 1 - output match 'Status: install ok installed'
# [/home/vagrant/sparrow/plugins/public/package-generic/modules/apt-get]
# Package: carton
# Version: 1.0.12-1
# Status: install ok installed
ok 2 - output match 'Status: install ok installed'
# [/home/vagrant/sparrow/plugins/public/package-generic/modules/apt-get]
# Package: cpanminus
# Version: 1.7014-1
# Status: install ok installed
ok 3 - output match 'Status: install ok installed'
# [/home/vagrant/sparrow/plugins/public/package-generic]
# done
ok 4 - output match 'done'
1..4
ok
All tests successful.
Files=1, Tests=4,  1 wallclock secs ( 0.01 usr  0.01 sys +  1.28 cusr  0.07 csys =  1.37 CPU)
Result: PASS
running task <install-psgi-app> plg <perl-app> 
parameters:
{app_source_url => https://github.com/melezhik/web-app.git, git_branch => master, http_port => 3030}
ssh -q -tt -p 2200 vagrant@127.0.0.1 ' sudo bash -c "export LC_ALL=en_US.UTF-8 ; sparrow plg install perl-app"'
public@perl-app is uptodate (0.1.5)
ssh -q -tt -p 2200 vagrant@127.0.0.1 ' sudo bash -c "export LC_ALL=en_US.UTF-8 ; sparrow project create sparrowdo"'
project sparrowdo already exists - nothing to do here ... 

ssh -q -tt -p 2200 vagrant@127.0.0.1 ' sudo bash -c "export LC_ALL=en_US.UTF-8 ; sparrow task add sparrowdo install-psgi-app perl-app"'
task - set plugin to public@perl-app

task sparrowdo/install-psgi-app successfully created

install-psgi-app.json                                                                                                                                 100%  110     0.1KB/s   00:00    
ssh -q -tt -p 2200 vagrant@127.0.0.1 ' sudo bash -c "export LC_ALL=en_US.UTF-8 ; sparrow task run sparrowdo install-psgi-app --json /tmp/install-psgi-app.json"'
# cd /home/vagrant/sparrow/plugins/public/perl-app 
# export PATH=$PATH:local/bin 
# export PERL5LIB=local/lib/perl5:$PERL5LIB 
# strun --root ./ --json /tmp/install-psgi-app.json --json /tmp/install-psgi-app.json

/tmp/.outthentic/31292/home/vagrant/sparrow/plugins/public/perl-app/story.t .. 
# [/home/vagrant/sparrow/plugins/public/perl-app]
# useradd: user 'perl-app' already exists
# Ubic is up to date. (1.59)
# Ubic::Service::Plack is up to date. (1.18)
# Starman is up to date. (0.4014)
# Stopping perl-app... stopped
# Already on 'master'
# Your branch is up-to-date with 'origin/master'.
# Already up-to-date.
# Installing modules using /opt/perl-app/cpanfile (deployment mode)
# Complete! Modules were installed into /opt/perl-app/local
# Starting perl-app... started
# perl-app  running
# install-ok
ok 1 - output match 'Complete! Modules were installed into'
ok 2 - output match 'Starting perl-app... started'
ok 3 - output match 'install-ok'
1..3
ok
All tests successful.
Files=1, Tests=3,  3 wallclock secs ( 0.01 usr  0.02 sys +  0.74 cusr  0.15 csys =  0.92 CPU)
Result: PASS

Asciinema video

A visual example of the sparrowdo scenario could be found here -

Volunteers/Contributors needed!!!

Interested in Perl 6 automation for devops? Sparrowdo could be a good greenfield project to start with. Not involved in Perl 6 and use Perl 5 ? - that is fine, sparrowdo USES sparrow plugins which are to be written on Perl5|Bash|Ruby! So why not write a useful plugin to share with? Here is a short list of plugins now - use it as examples and create your own one! And finally sparrow itself is written on Perl5! Just contribute somehow into sparrow/sparrowhub/sparrowdo echo system! Merge requests are welcome!

-- Regards

Alexey

A simple nginx installer with #sparrow - nice asciinema video!

https://asciinema.org/a/06h3ezswbyidu0pdl993rl30v

#nginx #perl #devops #automation

And ... yeah I forgot to say cpanm Sparrow at the very beginning .... ))

HI ! https://sparrowhub.org/ site updated! A various changes of index page:

• welcome text distilled to make it sparrow usage more clear and understandable
• a look-and-feel screenshots added
• a links to tutorials, documentation pages and papers added
• a new motto proposed ))) - "Sparrow - Reusable automation scripts" !

Alexey

This is a paper written in Russian on building docker images with sparrow - https://habrahabr.ru/post/302278/

Docker is quite popular solution to rapidly spin up developers environments. I have been playing with it and it seems fun for me. The other fun thing I found that Sparrow could be a good solution to build up new docker images.

Here is short example of how it could be. A few lines in Dockerfile and you have a GitPrep server up and running as docker container. Whew!

Here is my Dockerfile:

FROM perl:5.20
RUN apt-get update
RUN apt-get install sudo
RUN apt-get install git-core
RUN cpanm Sparrow
RUN sparrow index update
RUN sparrow index summary
RUN sparrow plg install gitprep
RUN sparrow plg run gitprep
CMD sparrow plg run gitprep --param action=start --param start_mode=foreground

I base on official perl docker image and then let all the job to be done by sparrow gitprep plugin!

This is how one can use it:

$ git clone https://github.com/melezhik/docker-projects.git
$ cd docker-projects/gitprep

Build an image with target melezhik/gitprep or whatever you want. You probably will need to run this command more than once if meet "Installing the dependencies failed: Installed version (1.636) of DBI is not in range '== 1.634'" error.

$ sudo docker build -t melezhik/gitprep .

Run gitprep server

$ sudo docker run -p 10020:10020 -d -i melezhik/gitprep

Test it!

curl 127.0.0.1:10020

While playing with docker I created a simple sparrow plugin to install docker engine on Ubuntu Trusty 14.04 (LTS) - https://sparrowhub.org/info/docker-engine . Please let me know if other platform to support you need! ;))

Sparrow plugins development tutorial in Russian. https://habrahabr.ru/post/300876.

Hi!

It seems Sparrow project is getting stabilized with version 0.1.*, I don't think I am going to change API radically in the future ... The same for Outthentic which accordingly hit version 0.1.* as well.

So to sum things up:

• Outthentic - is multi purposes, multi languages scenarios framework. You choose between one of the three options when writing scenarios on Outthentic - Perl, Ruby or Bash.

• Who is supposed to use Outthentic? Anybody looking for process automation - developers, IT or devops.

• One of the intriguing of Outthentic feature is "embedded" testing system based on Outthentic::DSL resulting in scenarios report in TAP format. You write your scenario to solve your issues, you test your scenario using Outthentic::DSL - this is indivisible approach.

• Outthentic does not force you to use a "special" language to write your scenarios , you choose Perl, Ruby or Bash ( More languages in plans , Perl6 , huh ? ;). Instead Outthentic provides your some integration, testing facilities to make scenario development process more effective ...

• Sparrow is a kinda orchestration tool to make outthentic scenarios development and distribution process more simple and agile. Outthentic scenarios could be packaged, distributed, grouped and configured to make it easier scenarios usage in a industrial way.

• SparrowHub - is a central repository for reusable multi purposes scenarios. An only few plugins could be found here right now but this will be a good start point for other sparrow plugin developers on how to create a new plugins.

That is it.

Have a useful scenario? Excellent! Wrap it up into sparrow plugin and upload it into SparrowHub! That is so easy ...

--- Alexey Melezhik

Logdog is yet another sparrow plugin to analyze various log files.

One my use logdog for various tasks like finding errors in nginx/apache logs or inspecting suspicious entries in your sshd log file.

One killer feature of logdog is it parsing log lines for the given period of time. Like one can ask to find only entries for last hour or for last 2 days or even 15 minutes. It is very handy as often this is probably what you need - to identify what have happened recently and to not re-examine all the events happened a long time before.

Let's see how one can monitor BAD ssh logins using logdog. The rest part of this blog will look like a formal documentation, but I hope you won't be frustrated! :)

Installing logdog

First of all we need sparrow and a minimal prerequisites:

$ yum install curl
$ cpanm Sparrow
$ sparrow index update
$ sparrow plg install logdog

Now comes configuration part

Configure monitoring suite

 # let's create project - it just a container for sparrow monitoring suites
 $ sparrow project create system
 # sparrow checkpoint is a configurable sparrow plugin 
 $ sparrow check add system ssh-bad-logins
 # let's bind ssh-bad-logins checkpoint to logdog plugin
 $ sparrow check set system ssh-bad-logins logdog
 # and provide configuration:
 $ export EDITOR=nano
 $ sparrow check ini system ssh-bad-logins

Configuration parameters will be:

[logdog]
# this is where sshd keep logs
file = /var/log/auth.log

# we will be interested in only entries related to `bad logins' failures 
filter = Failed password

# as on my server timestamps are in format
# kinds Apr  8 11:35:23 
# this regexp pattern will be use to identify entries times:
time_pattern = (\S+)\s+(\d+)\s+(\S+)\s

# this is required to convert found times ( given by time_pattern )
# into Time Objects and make proper time calculation
time_format = %b %e %T

# This timezone is used on my server
# The list of acceptable timezone
# could be found here
# https://metacpan.org/pod/DateTime::TimeZone::Catalog
timezone = Europe/Moscow

# key_filed is pattern to group found entries 
# as on my server they looks like:
# Failed password for $LOGIN from $IP_ADDRESS port 18367 ssh2
# I want to group them by user login and IP address 
key_field = password for\s+(.*)\s+from\s+(\S+)

# density is additionally to key_field
# it sets number of entries in groups
# if you need to take into account only frequent events  
# you may increase density
# like density = 10 
# means >= 10 bad login attempts for given user from given IP_ADDRESS for 
# given period of time 
density = 1

# I only need a last 10 minutes activity 
history = 10 minutes 



# setting check_mode to zero
# means if more then zero entries are found
# it will be treated as check failure
# yeah, in other words probably someone tries to break your server 
# over ssh
check_mode = zero

Now let's give it a try. But before doing this we need to "generate" some unsuccessful logins:

$ ssh foo@127.0.0.1 
foo@127.0.0.1's password: 
Permission denied (publickey,password).

And so on ... Now let's see if our monitoring suite detect our activity:

$ sparrow check run system ssh-bad-logins  


# cd /root/sparrow/plugins/public/logdog && carton exec 'strun --root ./  --ini /root/sparrow/projects/system/checkpoints/ssh-bad-logins/suite.ini '

/tmp/.outthentic/29141/root/sparrow/plugins/public/logdog/story.t .. 
# history: 10 minutes
# filter: Failed password
# density: 1
# group invalid user foo 127.0.0.1 count: 9
# Apr 12 16:16:02 melezhik-pc sshd[29099]: Failed password for invalid user foo from 127.0.0.1 port 55267 ssh2
# Apr 12 16:16:05 melezhik-pc sshd[29099]: Failed password for invalid user foo from 127.0.0.1 port 55267 ssh2
# Apr 12 16:16:08 melezhik-pc sshd[29099]: Failed password for invalid user foo from 127.0.0.1 port 55267 ssh2
# Apr 12 16:16:12 melezhik-pc sshd[29103]: Failed password for invalid user foo from 127.0.0.1 port 55268 ssh2
# Apr 12 16:16:16 melezhik-pc sshd[29103]: Failed password for invalid user foo from 127.0.0.1 port 55268 ssh2
# Apr 12 16:16:19 melezhik-pc sshd[29103]: Failed password for invalid user foo from 127.0.0.1 port 55268 ssh2
# Apr 12 16:16:22 melezhik-pc sshd[29107]: Failed password for invalid user foo from 127.0.0.1 port 55270 ssh2
# Apr 12 16:16:26 melezhik-pc sshd[29107]: Failed password for invalid user foo from 127.0.0.1 port 55270 ssh2
# Apr 12 16:16:29 melezhik-pc sshd[29107]: Failed password for invalid user foo from 127.0.0.1 port 55270 ssh2
# group invalid user bar 127.0.0.1 count: 3
# Apr 12 16:16:38 melezhik-pc sshd[29111]: Failed password for invalid user bar from 127.0.0.1 port 55271 ssh2
# Apr 12 16:16:41 melezhik-pc sshd[29111]: Failed password for invalid user bar from 127.0.0.1 port 55271 ssh2
# Apr 12 16:16:44 melezhik-pc sshd[29111]: Failed password for invalid user bar from 127.0.0.1 port 55271 ssh2
ok 1 - output match /lines count: (\d+)/
ok 2 - output match /Failed password/
not ok 3 - zero groups found
1..3

#   Failed test 'zero groups found'
#   at /root/sparrow/plugins/public/logdog/local/lib/perl5/Outthentic.pm line 144.
# Looks like you failed 1 test of 3.
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/3 subtests 

Test Summary Report
-------------------
/tmp/.outthentic/29141/root/sparrow/plugins/public/logdog/story.t (Wstat: 256 Tests: 3 Failed: 1)
Failed test:  3
Non-zero exit status: 1
Files=1, Tests=3,  0 wallclock secs ( 0.02 usr  0.00 sys +  0.25 cusr  0.00 csys =  0.27 CPU)
Result: FAIL

Now, to get things completely automated let's define a cron job staring every 10 minutes:

$ crontab -l

*/10  * * * * sparrow check run  system ssh-bad-logins   --cron

Conclusion

That is it. As we could see logdog is quite flexible tool. As I already told it could be used for various task, probably eventually I have to say something about monitoring nginx errors or something like that :)

Sometimes for some reasons processes on your server work unexpectedly long or don't die on time, this might cause many issues basically because of your server resources start to exhaust.

Stale-proc-check is sparrow plugin to show you if any some "stale" processes exists on your server. It depends on ps utility , so will probably work on many linux/unix boxes ...

Below is short manual.

INSTALL

$ sparrow plg install stale-proc-check

USAGE

Once plugin is installed you need to define configuration for it by using sparrow checkpoint container, which just an abstraction for configurable sparrow plugin.

You need to provide 2 parameters:

• filter - perl regular expression to match a desired process

• history - a time period to determine that processes found are fresh enough

In others words if any processes older then $history parameter found it will be treated as bad situation and check will fail.

Ok, now we are ready to do configuration:

$ sparrow project create system

$ sparrow check add system stale-ssh-sessions

$ sparrow check set system stale-ssh-sessions stale-proc-check

$ export EDITOR=nano && sparrow check ini system stale-ssh-sessions

[stale-proc-check]
# lets find all knife ssh processes running more than halve an hour
filter = knife\s+ssh
history = 30  minutes

In the example here I will be looking all knife ssh processes running more then halve an hour, on our production system it typical when for some reasons knife ssh commands do not die even though a parent process is terminated. Well we also have a bugs :)

Now let's run a check:

$ sparrow check run system stale-ssh-sessions

# running cd /root/sparrow/plugins/public/stale-proc-check && carton
exec 'strun --root ./  --ini
/root/sparrow/projects/system/checkpoints/stale-ssh-sessions/suite.ini
' ...

/tmp/.outthentic/25883/root/sparrow/plugins/public/stale-proc-check/story.t ..
# filter: knife\s+ssh
# history: 30 minutes
# 0 stale processes found
ok 1 - output match /count: (\d+)/
ok 2 - zero stale processes found
1..2
ok
All tests successful.
Files=1, Tests=2,  0 wallclock secs ( 0.02 usr  0.00 sys +  0.09 cusr
0.00 csys =  0.11 CPU)
Result: PASS

Hurrah, no stale process here ... But at the end of this post let me show a negative case as well. Let's start a few sleep commands and checks if they are still running, indeed they should! :)

$ sleep 1000 &
$ sleep 1000 &
$ sleep 1000 &
$ sleep 1000 &


$ sparrow check add system sleepyheads

$ sparrow check set system sleepyheads stale-proc-check

$ export EDITOR=nano && sparrow check ini system sleepyheads

[stale-proc-check]
# I want to see "sleep commands" only
filter = sleep

# running more then
history = 5  minutes

Now let's see who overstates ( we should wait for about 5 minutes before runing our check ... ) :

 $ sparrow check run system sleepyheads 


# running cd /home/melezhik/sparrow/plugins/public/stale-proc-check && carton exec 'strun --root ./  --ini /home/melezhik/sparrow/projects/system/checkpoints/sleepyheads/suite.ini ' ...

/tmp/.outthentic/5584/home/melezhik/sparrow/plugins/public/stale-proc-check/story.t .. 
# filter: sleep
# history: 5  minutes
# 7 stale processes found
# pid: 3117 command: sleep 1000                        delta: minutes: 5 seconds: 16 
# pid: 3118 command: sleep 1000                        delta: minutes: 5 seconds: 16 
# pid: 3119 command: sleep 1000                        delta: minutes: 5 seconds: 15 
# pid: 3120 command: sleep 1000                        delta: minutes: 5 seconds: 15 
# pid: 3121 command: sleep 1000                        delta: minutes: 5 seconds: 14 
# pid: 3122 command: sleep 1000                        delta: minutes: 5 seconds: 14 
# pid: 3123 command: sleep 1000                        delta: minutes: 5 seconds: 13 
ok 1 - output match /count: (\d+)/
ok 2 - [b] output match 'start_proc_data'
ok 3 - [b] output match 'pid'
ok 4 - [b] output match 'command'
ok 5 - [b] output match 'time'
ok 6 - [b] output match 'delta'
ok 7 - [b] output match 'end_proc_data'
not ok 8 - zero stale processes found
1..8

#   Failed test 'zero stale processes found'
#   at /home/melezhik/sparrow/plugins/public/stale-proc-check/local/lib/perl5/Outthentic.pm line 130.
# Looks like you failed 1 test of 8.
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/8 subtests 

Test Summary Report
-------------------
/tmp/.outthentic/5584/home/melezhik/sparrow/plugins/public/stale-proc-check/story.t (Wstat: 256 Tests: 8 Failed: 1)
  Failed test:  8
  Non-zero exit status: 1
Files=1, Tests=8,  1 wallclock secs ( 0.01 usr  0.01 sys +  0.05 cusr  0.01 csys =  0.08 CPU)
Result: FAIL