Running Commands
Categories:
In this guide, we’ll go over running Commands without Patterns.
Use Cases
Etcha can run Commands via Source’s commands
and etcha push
in an ad-hoc way. Some reasons you might want to use this include:
- Executing long running tasks
- Remote troubleshooting and debugging
- Statically defining Commands to run for event handlers
Static Source Commands
Static source Commands allow Etcha to run Commands for sources without having them pushed/pulled via Patterns. Instead, the Commands live within Etcha’s main configuration. The Commands are defined under a source
config block like this:
{
"sources": {
"100reboot": {
"commands": [
{
"id": "reboot",
"change": "shutdown -r now"
}
]
}
}
}
When using Source Commands:
- Etcha will run Source Commands at startup unless the source is set to
triggerOnly
. - Source Commands will be overwritten by any Patterns Etcha has cached from a previous pull/push before being ran at startup.
- Source Commands obey
checkOnly
. - Patterns can be pulled/pushed with Source Commands. These will overwrite the Source Commands and trigger Remove (unless
noRemove
) is set) - Source Commands will run periodically using
runFrequencySec
Push Commands
Using push-commands is similar to running ansible -a <command>
, expect it uses Etcha’s push functionality instead of SSH.
The sender and receiver need to have certain configurations before it will work:
Receiver
The receiver of Push Commands needs to have certain configuration values set:
verifyKeys
- Configure a
source
with the following options:
Sender
The sender of Push Commands needs to have a corresponding signingKey
configured. Optionally, pushTLSSkipVerify
can be set to true
, but it may impact security.
Pushing Commands
Here is an example push from the Sender:
$ etcha -x build_pushTLSSkipVerify=true push -h etcha.local mysource ls
etcha.local:
README.md
In this example:
build_pushTLSSKipVerify=true
skips TLS certificate checking (Etcha uses self signed certificates by default)etcha.local
is the address of the remote instancemysource
is the source on the remote instance we should push tols
is the command we want to run on the remote instanceREADME.md
is the output of thels
command on the remote instnace
Precautions
Using etcha push
can cause problems when used mixed with Sources that use Patterns. push
effectively pushes a new Pattern with the following format:
{
"run": [
{
"always": true,
"change": "ls",
"id": "etcha push"
}
]
}
This will replace the current Pattern. If you do not set noRemove
in the destination Source config, the replaced Pattern will be diff’d and the remove
Commands will be ran. Additionally, subsequent Pattern pushes will most likely trigger their change
values.
We recommend using dedicated sources
for push
and only using it for break-glass scenarios, but advanced users may be able to use it for PAM as well.