Manage a large group of hosts using http requests

Suppose we have 100-150 client machines (for example, information terminals) and we need to periodically send commands to execute them (update, cleanup, reboot, etc.), we can use l2tp tunnels, we can use ssh, but we will easier! We will use regular get requests to our server.


In this article, we will consider the simplest example of implementation, but it is easily completed and remade for personal needs.


And so, on the server we need Apache + php + MySQL. On clients we have enough bash'a and wget'a.

I'll start with a description of the client side.
Each client will have its own unique ID, it will be needed to communicate with the database. The ID can be either statically registered for each client, or generated from system parameters such as the serial number of the processor or MAC, or the serial number of the hard drive and the like, well, or you can take md5 the sum from everything at once. Here is one implementation option. And here is the command collection script from the north, it will be launched by cron'om at the intervals we need. For example, once a minute.

#!/bin/bash
scpu=`lshw -C cpu|grep serial|awk '{print $2}'`
macu=`ifconfig eth0|grep HWaddr|awk '{print $5}'`
mbs=`lshw|grep "configuration: uuid"|awk '{print $2}'`
echo $scpu $macu $mbs>/tmp/idu.key
md5sum /tmp/idu.key|awk '{print $1}'



#!/bin/bash
idu=`/scripts/idu.sh
wget --no-check-certificate -q -O /tmp/task.md 192.168.3.92/id_task.php$
echo "TASK `cat /tmp/task.md`"
task=`cat /tmp/task.md`
task1="11"
if [[ "$task1" < "$task" ]]
then
touch /opt/apps/tasks/`echo $task`
fi

Its meaning is that it gives a request to the database, and it passes the value of the supplied task, after which the script creates the file of the same name, which will subsequently be processed by the following script. This system is designed so that the query and execution script can work independently. In our case, this was done so that the tasks could be set not only by the server, but also by the terminal GUI and some other system scripts.
Actually, an example of a script of a processing task. As you can see, everything is implemented very simply. Now let's talk about the server side. Firstly, we have a table with information on customers, it wakes up to look something like this.

#!/bin/bash
taskfile="/opt/apps/tasks/open_l2tp.tsk"
if [ -f $taskfile ]
then
echo "Open L2PT"
rm $taskfile
/etc/init.d/xl2tpd start
fi
#И далее по списку






NAME OP ID
term1 (Морская 41) 7d6f4f92f10a9b3bb3
term2 (Беляева 32) 2b0fa075e3ca1b4ee9

In our example, this table is not useful to us, but in practice it is very useful. The first column is the name of the client machine (hostname), the second is the description, the third is its ID, through which the server recognizes it.
Secondly, the base in which we will set tasks for customers. It looks like this. In it, we will also have 3 columns. The first is the ID, the second is the delivered task, the third is the execution status. We add an entry to the table with the status “wait”, the client picks up the task and changes the status to “is done”. After that, the record can be sent or deleted, or simply left in this table. And we will handle requests to this database with a simple php script.

ID TASK STAT
2b0fa075e3ca1b4ee9 open_l2tp.tsk is_done
7d6f4f92f10a9b3bb3 open_l2tp.tsk wait




$ID = $_GET['ID'];
$dbcnx=@mysql_connect(localhost,base,*********);
mysql_select_db(TERM, $dbcnx);
$ath=mysql_query("select * from term_task where ID='$ID' and STATUS='wait';");
$term=mysql_fetch_array($ath);
$TASK=$term['TASK'];
$ath=mysql_query("UPDATE term_task SET STATUS='is done', DATA_S='$DATE' WHERE ID='$ID' and STATUS='wait';");
echo $TASK;
?>

If the information is transmitted important and secret, then you can use https, and if the information is completely secret, the transmitted data can be encrypted with AES-256 and the like. For example, using mcrypt.

Well, that's all. I hope someone comes in handy.