Speedrun helps you control your compute fleet with minimal effort.
Example, stop nginx across 3k machines:
speedrun service stop nginx --target "Labels.role == 'nginx'"Features:
- stateless
- serverless
- idempotent
- no complex configuration required
- service discovery via native cloud integration (currently Google Cloud only, AWS, Azure and Consul coming up!)
- extensible (plugin system is in the works)
This project satisfies a simple need: to be able to perform certain type of operations, such as a service restart, occasionally and on a large number of machines. It should allow you, the SRE/DevOps person, to act on a large scale infrastructure in case of immediate need. The solution attempts to be simple to use, require little maintenance and be easy to configure. It's inspired by Saltstack's execution modules.
Download the precompiled binaries from here: Releases
On a server:
sudo ./portal --insecureOn your machine:
export GOOGLE_APPLICATION_CREDENTIALS=/path/to/serviceaccount.json
speedrun init
speedrun run whoami --insecure
Speedrun is the client. Speedrun is the CLI tool you run on your computer to send commands to your VMs.
Portal is the agent running on each server you want to send commands to. It will receive commands sent from Speedrun and respond with the outcome details accordingly.
There is no server component in Speedrun's architecture. Service discovery is performed against native facilities of each supported provider such as GCP, AWS or Consul.
This eliminates the need to deploy,maintain and operate a server and all problems that would come with it as a consequence, such as: scalability, failure tolerance, redundancy, agent lifecycle management etc.
Communication between Speedrun and Portals is performed via dRPC, a lightweight, drop-in replacement for gRPC. All dRPC interactions travel on top of TLS1.3 and can be mutually authenticated (mTLS).
Speedrun supports a flexible yet simple expression language to filter Service Discovery results (--target), it's based on antonmedv/expr. Full language definition can be found here.
Plugins will allow you to add custom commands without altering the source code. This is not implemented yet.
Stop Nginx on VMs that have a label role with value nginx and a label named project with value someproject
speedrun service stop nginx --target "Labels.role == 'nginx' and Labels.project == 'someproject'"Run arbitrary shell command on the target machines. Ignore Portal's certificate and connect via private IP address.
speedrun run "ls -la" --target "Labels.env != 'prod'" --insecure --use-private-ipUse a different config file
speedrun run whoami -c /path/to/config.tomlInstead of supplying certain flags repeatedly you can persist their behavior in the config file. Default config file is located at ~/.speedrun/config.toml and default settings can be fetched via speedrun init --print.
Find a sample unit here
In the scripts folder you can find scripts that will help you generate:
- a CA cert/key
- Speedrun cert/key
- Portal cert/key
Run them:
scripts/generate_fake_ca.sh
scripts/generate_portal_cert.sh
scripts/generate_speedrun_cert.shThis will generate the required key/cert pairs:
ca.crt
ca.key
portal.crt
portal.key
speedrun.crt
speedrun.key
Set the path in the [tls] config block:
Portal:
[tls]
ca = "ca.crt"
cert = "portal.crt"
insecure = false
key = "portal.key"Speedrun:
[tls]
ca = "ca.crt"
cert = "speedrun.crt"
insecure = false
key = "speedrun.key"- run: run arbitrary shell commands
- service: control systemd services
- file: perform file operations such as read or tail
- disk: perform storage operations such as listing partitions and available disk space
- ps: fetch process information
- top: fetch or stream high level system stats
- pkg: manage packages via default package manager
- system: host control operations such as reboot, shutdown etc. ...
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
This project is in a very early stage so expect a lot of breaking changes in the nearest future
Join the Speedrun Slack and ask questions 😃