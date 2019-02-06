What is sift? A lightweight and easy-to-use tool for accessing your clouds!
Sift simply does the following steps:
ssh
Sift supports the following (more expected to come):
Current cloud providers we support at the moment:
sift is written in
node.js. You can install it by using
npm like this:
npm install -g cloud-sift
If you need the latest features (could be unstable) you can build from source by running the following:
git clone git@github.com:Mojang/Sift.git
cd Sift
npm install
sudo npm link
.sift.json file is created in your home directory the first time you run
sift. You can then edit the file to add more options to it!
{
"credentials": [
{
"name": "Sessions",
"public_token": "XXXXXXXXXXXXXXXXXXX",
"token": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"type": "amazon"
},
{
"name": "Main",
"public_token": "XXXXXXXXXXXXXXXXXXX",
"token": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"regions": [
"us-east-1"
],
"type": "amazon"
},
{
"name": "Example",
"profile": "~/.aws/credentials profile name",
"type": "amazon"
},
{
"name": "Default credentials from ~/.aws/credentials",
"type": "amazon"
}
],
"ssh_config": [
{
"priority": 0,
"user": "ubuntu",
"port": 22,
"options": ["-o", "StrictHostKeyChecking no"]
}
]
}
So in the above config we have defined 2 accounts namely
Sessions and
Main and both of them are connected to
amazon cloud provider.
Sessions account does not have any
regions so
sift will consider all available regions from the cloud provider which is
amazon in this example.
Note: Names you give to different accounts have nothing to do with the real account name in the cloud providers.
If you run
sift without any argument then it will show a list of all instances in the configured accounts. If you run it with
-l it will list the current available accounts:
$ sift -l
Sessions amazon (us-east-1,us-west-2,eu-west-1,ap-northeast-1,ap-southeast-2)
Main amazon (us-east-1)
sift also comes with querying capability. For simple queries we have provided you with some arguments as following:
-n, --servername <name> Filter by name
-H, --hostname <hostname> Filter by hostname
-i, --ip <ip> Filter by ip
-I, --image <image> Filter by image id
--id <id> Filter by id
You can specify multiple values for the above filters by comma separating them.
If you need to express a complete query then see next section.
Use
-k option together with a plugin name to get the list of supported keys that can be used in your queries.
$ sift -k amazon
Keys for amazon: id, name, region, hostname, account, image, ip, private-ip, private-hostname, keypair, type, security-group, availability-zone, tag.*
In order to use
sift query feature you need to use
-q:
$ sift -q 'name contains session'
You can also have more than one statement, and combine them with
and /
or:
$ sift -q '(name contains session) or (id = i-ae7fcafc)'
As you see the statement consists of key-value pairs. Retrieving keys is mentioned in the previous section.
You can combine logical statement as much as you need. If you need to have whitespaces or use
sift keywords in your values you can escape them by using double qoutes like this:
$ sift -q "(name contains 'auth session') or (id = i-ae7fcafc)"
Supported logical operators for the query system:
and,
And,
AND,
&
or,
Or,
OR,
|
not,
Not,
NOT,
~,
!
Supported verbs you can use in your key-value statements:
contains,
CONTAINS,
Contains
<>,
!=
=,
==
You can run shell commands on one or many instances that matches your query:
$ sift -q 'name contains session' -c 'uptime'
This commands will only be executed on the instance you select but if you want to execute the command on all matching instances you can use
-A like this:
$ sift -q 'name contains session' -c 'uptime' -A
If you're running some queries every day you can define alias for them so you don't have to type them out every time you need them. You can use the key
alias in your config file to define a list of aliases:
{
"alias":{
"session":{
"accounts":[
"Sessions"
],
"query":"(tag.type = Auth) AND (tag.environment = PRODUCTION)"
},
"session log":{
"accounts":[
"Sessions"
],
"query":"(tag.type = Auth) AND (tag.environment = PRODUCTION)",
"command":"tail -1000f /opt/session-logs/session.log"
}
}
}
And you can use them like this:
$ sift session
$ sift session log
An alias can include the following parameters:
accounts A list of account that the alias matches
query A query to match certain hosts
regions Which regions to match
command A command to run on the matching hosts
user The user that will be used for connecting
port The port that will be used for connecting
keyfile Path to the keyfile that will be used for connecting
private_ip Use the private ip for connecting to the matching hosts
public_ip Use the public ip for connecting to the matching hosts
options List of extra ssh arguments, each item will be separated by a space
run_on_all Run command (if specified, by alias or command argument) on all resulting hosts
All alias variables are optional in themselves, but either accounts or query is required.
Most alias variables can be overriden by their command arguments such as -q for query.
user,
port,
keyfile,
private_ip,
public_ip & options` can also be set as an ssh config.
Setting it in an alias or using will override it.
You can define your aliases in a separate file and include them in your config file as the following:
{
"credentials": ...
"ssh_config": ...
"alias_includes": ["/Users/user/Documents/my_aliases.json"]
}
And
my_aliases.json looks like this:
{
"session":{
"accounts":[
"Sessions"
],
"query":"(tag.type = Auth) AND (tag.environment = PRODUCTION)"
},
"session log":{
"accounts":[
"Sessions"
],
"query":"(tag.type = Auth) AND (tag.environment = PRODUCTION)",
"command":"tail -1000f /opt/session-logs/session.log"
}
}
Sift has support for auto completion of aliases in bash/zsh. To install it you can simply run
$ sift --autocompletion
Or if you prefer installing it manually, you can run something like this:
For zsh
echo '. <(sift --completion)' >> .zshrc
For bash
sift --completion >> ~/sift.completion.sh
echo 'source ~/sift.completion.sh' >> .bash_profile
Sift supports the following command arguments to modify the behaviour when connecting to a host:
-u, --user <user> SSH user
-p, --port <port> SSH port
-K, --keyfile <keyfile> SSH keyfile
-c, --ssh_command <ssh_command> Command to run on host(s)
-P, --private_ip Use the private ip of the host when connecting
--public_ip Use the public ip of the host when connecting
SSH options are defined in the config as "ssh_config".
accounts A list of account that the ssh config matches
query A query to match certain hosts
priority (required) The priority of the ssh config, higher priority overrides a lower priority config. 0 means default and will match anything
user The user that will be used for connecting
port The port that will be used for connecting
keyfile Path to the keyfile that will be used for connecting
private_ip Use the private ip for connecting to the matching hosts
options List of extra ssh arguments, each item will be separated by a space
Unless stated otherwise, all options are optional.
Either
query or
accounts are required, unless the `
priority is 0, in which case it will match anything. Only one config can have priority 0. query
andaccounts` can be combined in order to only try matching the query, if the accounts match.
Priorities have no inheritance at this time.
Example:
"ssh_config": [{
"priority":0,
"user":"ubuntu",
"port":22,
"options":[
"-o",
"StrictHostKeyChecking no"
]
},
{
"priority":5,
"user":"root",
"query": "tag.type = CentOS"
}]
In the above example, by default the user is ubuntu, and has some extra options.
When the tag "type" matches CentOS, the user will be set to root, and no extra options will be applied.
If you want all accounts of the same type that has the specified region to be used, regardless of their configured regions, you can use the config option
force_regions, or use the command argument
-f along with the
-r argument.
If you want to run
sift against specific account you can use
-a argument like this:
$ sift -a Sessions -q 'name contains auth'
You can also filter based on type of accounts. For example if you want to run
sift for amazon accounts you do it like this:
$ sift -t amazon -q 'name = auth'
Using the icinga plugin, you can filter on hosts or services that are down in icinga.
In the config, you need to provide
icinga_host,
icinga_user, and
icinga_pass.
To enable the filter, can use the
-e <filter> commandline argument, or add "icinga" to the enabled_filters list in config.js
It is possible to run an ansible playbook on result set of a filtering. Sift support the following arguments to run ansible playbooks:
--ansible <ansible_playbook> Run an ansible playbook on target host(s)
--ansible_extra_args <ansible_extra_args> Pass extra arguments to ansible-playbook
If you have the following playbook saved in a file named
uptime-playbook.yml:
---
- hosts: all
gather_facts: no
tasks:
- shell: uptime
register: uptime
- debug: var=uptime.stdout_lines
You can use it with sift like this:
$ sift -q 'name contains session' --ansible uptime-playbook.yml -A
And if you need to pass in extra arguments to ansible:
$ sift -q 'name contains session' --ansible uptime-playbook.yml --ansible_extra_args 'some_var=some_value' -A
Sift also comes with a "local" provider that can load a list of servers from local json files. To use this, create an account with the type "local" and specify the file(s) to import as "local_files".
{
"name": "Local",
"type": "local",
"local_files": ["/Users/user/local_servers.json"]
}
The file containing the servers can look as follows:
[{
"id": "local",
"name": "Local machine",
"hostname": "127.0.0.1"
}]
You can specify any fields and use them in the queries, however,
id,
name and
hostname are required.
{
"credentials":[
{
"name":"Amazon",
"public_token":"XXXXXXXXXXXXXXXXXXXXXXXX",
"token":"XXXXXXXXXXXXXXXXXXXXXXXXXX",
"regions":[
"us-east-1",
"us-west-2",
"eu-west-1",
"ap-northeast-1",
"ap-southeast-2"
],
"type":"amazon"
},
],
"ssh_config":[
{
"priority":0,
"user":"ubuntu",
"port":22,
"options":[
"-o",
"StrictHostKeyChecking no"
]
}
],
"alias_includes":[
"/Users/user/Documents/my_aliases.json"
],
"plugins":[
"amazon",
"digitalocean",
"local"
],
"allowed_filters":[
],
"enabled_filters":[
],
"force_regions":false,
"alias":{
"session":{
"accounts":[
"Sessions"
],
"query":"(tag.type = Auth) AND (tag.environment = PRODUCTION)"
}
},
"auto_connect_on_one_result":true
}
Got any questions? You can email us at sift@mojang.com
Distributed under the MIT License