introduction

ctrl is a Command & Control (C2) backend system for Servers, IOT and Edge platforms. Simply put, control anything.

Example use cases:

  • Send shell commands or scripts to control one or many end nodes that will instruct to change config, restart services and control those systems.
  • Gather data from both secure and not secure devices and systems, and transfer them encrypted in a secure way over the internet to your central system for handling those data.
  • Collect metrics or monitor end nodes, then send and store the result to some ctrl instance, or pass those data's on to another ctrl instance for further handling of metrics or monitoring data.
  • Distribute certificates.
  • Run as a sidecar in Kubernetes for direct access to the pod.

As long as you can do something as an operator in a shell on a system you can do the same with ctrl in a secure and encrypted way to one or all end nodes (servers) in one go with one single message/command.

Ctrl is a system control tool that uses NATS as its messaging architecture. It allows you to send commands using request methods which are then executed on servers. If a receiving node is down, messages are retried based on the criteria set in their body. The results of these methods are delivered back to the sender.

Ctrl is designed for concurrent processing and can handle multiple messages independently, even if some processes are slow or fail. It's compatible with various host OSs and systems including cloud containers, Raspberry Pi, and others with an installed operating system. Ctrl supports most major architectures such as x86, amd64, arm64, ppc64, and can run on operating systems like Linux, OSX, Windows.

Install with docker

Start up a local nats message broker

docker run -p 4444:4444 nats -p 4444

Create a ctrl docker image.

git clone git@github.com:postmannen/ctrl.git
cd ctrl
docker build -t ctrl:test1 .

Create a folder which will be the working directory for the node. This is where we keep the .env file, and can mount local host folders to folders within the container.

mkdir -p testrun/readfolder
cd testrun

create a .env file

cat << EOF > .env
NODE_NAME="node1"
BROKER_ADDRESS="127.0.0,1:4444"
ENABLE_DEBUG=1
START_PUB_REQ_HELLO=60
IS_CENTRAL_ERROR_LOGGER=0
EOF

Start the ctrl container. To be able to send messages into ctrl we mount the readfolder to a local directory. When we later got a messages to send we just copy it into the read folder and ctrl will pick it up and handle it. Messages can be in either YAML or JSON format.

docker run --env-file=".env" --rm -ti -v $(PWD)/readfolder:/app/readfolder ctrl:test1

Prepare and send a message.

cat << EOF > msg.yaml
---
- toNodes:
    - node1
  method: REQCliCommand
  methodArgs:
    - "bash"
    - "-c"
    - |
      echo "some config line" > /etc/my-service-config.1
      echo "some config line" > /etc/my-service-config.2
      echo "some config line" > /etc/my-service-config.3
      systemctl restart my-service

  replyMethod: REQNone
  ACKTimeout: 0
EOF

cp msg.yaml readfolder

With the above message we send to ourselves since we only got 1 node running. To start up more nodes repeat the above steps, replace the node name under toNodes with new names for new nodes. NB: If more nodes share the same name the requests will be loadbalanced between them round robin.

Install on a host

Start up a local nats message broker if you don't already have one.

docker run -p 4444:4444 nats -p 4444

Build the ctrl binary from the source code.

git clone git@github.com:postmannen/ctrl.git
cd cmd/ctrl
go run build

Copy the binary to /usr/local.

mkdir -p /usr/local/ctrl
cp ./ctrl /usr/local/ctrl

For testing we create a folder for the node to store it's data.

```bash
cd /usr/local/ctrl
mkdir node1
cd node1

ctrl will create all the folders needed like etc, var and more in the current directory where it was started if they don't already exist. This behaviour can be changed with flags or env variables.

Create a .env file for the startup options. Flags can also be used.

cat << EOF > .env
NODE_NAME="node1"
BROKER_ADDRESS="127.0.0,1:4444"
ENABLE_DEBUG=1
START_PUB_REQ_HELLO=60
IS_CENTRAL_ERROR_LOGGER=0
EOF

Start up ctrl. ctrl will automatically used the local .env file we created.

../usr/local/ctrl/ctrl

If you open another window, and go to the /usr/local/ctrl/node1 you should see that ctrl have created the directory structure for you with ./etc, ./var, ./directoryfolder and so on.

Prepare and send a message. We send messages by copying them into the ./readfolder where ctrl automatically will pick it up, and process it.

cat << EOF > msg.yaml
---
- toNodes:
    - node1
  method: REQCliCommand
  methodArgs:
    - "bash"
    - "-c"
    - |
      echo "some config line" > /etc/my-service-config.1
      echo "some config line" > /etc/my-service-config.2
      echo "some config line" > /etc/my-service-config.3
      systemctl restart my-service

  replyMethod: REQNone
  ACKTimeout: 0
EOF

cp msg.yaml readfolder

With the above message we send to ourselves since we only got 1 node running. To start up more nodes repeat the above steps, replace.

Run as service

Create a systemctl unit file to run ctrl as a service on the host

progName="ctrl"
systemctlFile=/etc/systemd/system/$progName.service

cat >$systemctlFile <<EOF
[Unit]
Description=http->${progName} service
Documentation=https://github.com/postmannen/ctrl
After=network-online.target nss-lookup.target
Requires=network-online.target nss-lookup.target

[Service]
ExecStart=env CONFIG_FOLDER=/usr/local/${progName}/etc /usr/local/${progName}/${progName}

[Install]
WantedBy=multi-user.target
EOF

systemctl enable $progName.service &&
systemctl start $progName.service

Messaging

The handling of all messages is done by spawning up a process for handling the message in it's own thread. This allows us to keep the state of each individual message level both in regards to ACK's, error handling, send retries, and reruns of methods for a message if the first run was not successful.

All messages processed by a publisher will be written to a log file after they are processed, with all the information needed to recreate the same message if needed, or it can be used for auditing.

All handling down to the process and message level are handled concurrently. So if there are problems handling one message sent to a node on a subject it will not affect the messages being sent to other nodes, or other messages sent on other subjects to the same host.

Message types of both ACK and NACK, so we can decide if we want or don't want an Acknowledge if a message was delivered succesfully. Example: We probably want an ACK when sending some REQCLICommand to be executed, but we don't care for an acknowledge NACK when we send an REQHello event. If a message are ACK or NACK type are defined by the value of the ACKTimeout for each individual message:

  • ACKTimeout set to 0 will make the message become a NACK message.
  • ACKTimeout set to >=1 will make the message become an ACK message.

If ACK is expected, and not received, then the message will be retried the amount of time defined in the retries field of a message. If numer of retries are reached, and still no ACK received, the message will be discared, and a log message will be sent to the log server.

To make things easier, all timeouts used for messages can be set with env variables or flags at startup of ctrl. Locally specified timeout directly in a message will override the startup values, and can be used for more granularity when needed.

Example of message flow:

Message fields

toNode : "some-node"

The node to send the message to.

toNodes : node1,node2

ToNodes to specify several hosts to send message to in the form of an slice/array. When used, the message will be split up into one message for each node specified, so the sending to each node will be handled individually.

data : data here in byte format

The actual data in the message. This is the field where we put the returned data in a reply message. The data field are of type []byte.

method : REQCliCommand

What request method type to use, like REQCliCommand, REQHttpGet..

  methodArgs :
  - "bash"
  - "-c"
  - |
      echo "this is a test"
      echo "and some other test"

Additional arguments that might be needed when executing the method. Can be f.ex. an ip address if it is a tcp sender, or the actual shell command to execute in a cli.

replyMethod : REQToFile

ReplyMethod, is the method to use for the reply message. By default the reply method will be set to log to file, but you can override it setting your own here.

  methodArgs :
  - "bash"
  - "-c"
  - |
      echo "this is a test"

Additional arguments that might be needed when executing the reply method. Can be f.ex. an ip address if it is a tcp sender, or the shell command to execute in a cli session. replyMethodArgs :

fromNode Node : "node2"

From what node the message originated. This field is automatically filled by ctrl when left blanc, so that when a message are sent from a node the user don't have to worry about getting eventual repply messages back. Setting a

ACKTimeout: 10 

ACKTimeout for waiting for an Ack message in seconds.

If the ACKTimeout value is set to 0 the message will become an No Ack message. With No Ack messages we will not wait for an Ack, nor will the receiver send an Ack, and we will never try to resend a message.

retryWait : 60

RetryWait specifies the time in seconds to wait between retries. This value is added to the ACKTimeout and to make the total time before retrying to sending a message. A usecase can be when you want a low ACKTimeout, but you want to add more time between the retries to avoid spamming the receiving node.

retries : 3

How many times we should try to resend the message if no ACK was received.

replyACKTimeout int `json:"replyACKTimeout" yaml:"replyACKTimeout"`

The ACK timeout used with reply messages. If not specified the value of ACKTimeout will be used.

replyRetries int `json:"replyRetries" yaml:"replyRetries"`

The number of retries for trying to resend a message for reply messages.

methodTimeout : 10

Timeout for how long a method should be allowed to run before it is timed out.

replyMethodTimeout : 10

Timeout for how long a method should be allowed to run before it is timed out, but for the reply message.

directory string `json:"directory" yaml:"directory"`

Specify the directory structure to use when saving the result data for a repply message.

  • When the values are comma separated like "syslog","metrics" a syslog folder with a subfolder metrics will be created in the directory specified with startup env variable SUBSCRIBER_DATA_FOLDER.
  • Absolute paths can also be used if you want to save the result somewhere else on the system, like "/etc/myservice".
fileName : myfile.conf

The fileName field are used together with the directory field mentioned earlier to create a full path for where to write the resulting data of a repply message.

schedule : [2,5]

Schedule are used for scheduling the method of messages to be executed several times. The schedule is defined as an array of two values, where the first value defines how often the schedule should trigger a run in seconds, and the second value is for how long the schedule are allowed to run in seconds total. [2,5] will trigger the method to be executed again every 2 seconds, but when a total time of 5 seconds have passed it will stop scheduling.