OpenStack or Bust, Part 9: tink-stack-tenant.sh

#!/bin/bash

#####################################################################
###
### tink-stack-tenant.sh
### --------------------
###
### Script to run through a list of IPs and tinker.
### DESTRUCTIVE SCRIPT.... proceed cautiously
###
### The only argument required is an ip address, hostname, subnet, or
### any nmap target specification (e.g. 10.21.161.1-25, 10.21.161.1,3,5)
###
### Use option "-b" if you are logging into an Ubuntu system
###
#####################################################################

# Make sure your root user has a keystone creds file sourced in
# /root/.profile or this will fail.

######################################################################
### CUSTOMIZE: write_script
### -----------------------
###    The script that is run on the remote host; it should provide
###    simple output that the process_output function can easily use.
######################################################################
function write_script () {
    cat <<EOF > $1
#!/bin/bash

# See https://bugs.launchpad.net/python-novaclient/+bug/1020238
nova='nova --no-cache'

echo
echo "\$ keystone tenant-get \$(stack_id -t project_one)"
keystone tenant-get \$(stack_id -t project_one)
echo

echo "\$ keystone user-get \$(stack_id -u user_one)"
keystone user-get \$(stack_id -u user_one)
echo

echo "\$ quantum net-show \$(stack_id -n net_proj_one)"
quantum net-show \$(stack_id -n net_proj_one)
echo

echo "\$ quantum subnet-show \$(stack_id -b 50.50.1.0/24)"
quantum subnet-show \$(stack_id -b 50.50.1.0/24)
echo

echo "\$ quantum router-show \$(stack_id -o router_proj_one)"
quantum router-show \$(stack_id -o router_proj_one)
echo

echo "\$ quantum port-list -- --device_id \$(stack_id -o router_proj_one)"
quantum port-list -- --device_id \$(stack_id -o router_proj_one)
echo

echo "\$ quantum floatingip-list"
quantum floatingip-list
echo

echo "\$ \$nova list"
\$nova list
echo

rm -f \$0   # self-destruct
EOF
}


######################################################################
### CUSTOMIZE: process_output
### -------------------------
###    If the script produces output, here's where you can tinker with
###    the presentation
######################################################################
function process_output () {
    local ip=$1; local hn=$2; local out="$3"

    len=$( echo | awk '{print length( a b )}' a=$ip b=$hn )

    for (( x=$((len + 1)) ; x > 0 ; x-- )) ; do echo -n "-"; done ; echo
    echo $ip $hn
    for (( x=$((len + 1)) ; x > 0 ; x-- )) ; do echo -n "-"; done ; echo

    if [[ -n "$out" ]] ; then
        echo "$out"
    else
        echo "script-FAILED"
    fi

    echo ; echo
}


######################################################################
######################################################################
#---------------CHANGE BELOW AT YOUR OWN RISK-------------------------
######################################################################
######################################################################


me=$(basename $0)
USAGE=$( cat <<-EOF

    USAGE: $me [-b] [-u <username>] [-s]

        -b  login to Ubuntu system as user ubuntu; -s is implied
        -u  login as user <username>
        -s  run remote script with sudo
    EOF
)


######################################################################
### VARIABLES
######################################################################
user=root; sudo=

tscr="/tmp/tink-$$.sh"  # payload script, copied to host targets
tscr_x="/tmp/tink-$$_x.sh"  # script name on taregt hosts
ssh_x="ssh -o StrictHostKeyChecking=no -o BatchMode=yes -o PasswordAuthentication=no"
scp_x="scp -q -o StrictHostKeyChecking=no -o BatchMode=yes -o PasswordAuthentication=no"

while getopts "hbu:s" opt ; do
    case $opt in
        h) echo "$USAGE"; echo; exit 1;;
        b) user='ubuntu'; sudo='sudo -i';;
        u) user=$OPTARG ;;
        s) sudo='sudo -i' ;;
    esac
done
shift $((OPTIND - 1))

me=$(basename $0)
nmap_range="$@"

declare -a IPS  # Array of IP targets


######################################################################
### SANITY CHECK
######################################################################

function USAGE () {
    echo
    echo "USAGE: $me <ip|hostname|subnet|nmap-target>"
    echo
    echo "Edit script to customize write_script() and process_output() functions"
    echo
    exit 1
}

if [[ -z "$nmap_range" ]] ; then
    echo "[ERROR]: argument missing"
    USAGE;
elif [[ ! $nmap_range =~ "^[0-9]+\.[0-9]+\.[0-9,-]+\.[0-9,-]+" ]] ; then
    echo "[ERROR]: invalid argument \"$nmap_range\""
    USAGE;
fi


######################################################################
### HELPER FUNCTIONS
######################################################################

function run_nmap () {
    local targ="$@"
    nmap -sP -oG - ${targ} |
        awk '/^Host:/ {print $2}'
}

function check_ssh () {
    local host=$1
    echo | nc -w 3 $host 22 > /dev/null 2>&1
    return $?
}


######################################################################
### MAIN
######################################################################

IPS=( $( run_nmap $nmap_range ) )

echo
echo "${#IPS[@]} pingable IPs discovered"
echo

write_script $tscr

for IP in ${IPS[@]} ; do

    search_dom=".$(awk '$1 == "search"{print $2}' /etc/resolv.conf)."
    HN=$(dig +short -x $IP)
    HN=${HN%$search_dom}

    if check_ssh $IP; then

        if $scp_x $tscr ${user}@${IP}:${tscr_x} >/dev/null 2>&1 ; then
            ssh_out="$( $ssh_x $user@$IP $sudo bash $tscr_x 2>/dev/null )"
            process_output $IP $HN "$ssh_out"
        else
            echo "$HN ($IP): scp-FAILED"
        fi

    else

        echo "$HN ($IP): ssh-FAILED"

    fi

done

### Axe the temporary tink script
rm -f $tscr