what is webjob
play

What is WebJob? (http://webjob.sourceforge.net/WebJob/index.shtml) - PowerPoint PPT Presentation

Oct 28, 2023 •339 likes •587 views

What is WebJob? (http://webjob.sourceforge.net/WebJob/index.shtml) By Andy Bair February 15, 2006 1 Person 10,000 WebJob clients WebJob Server Outline High-level View One Sentence Description The WebJob Client is . . . The WebJob Server

  1. What is WebJob? (http://webjob.sourceforge.net/WebJob/index.shtml) By Andy Bair February 15, 2006 1 Person 10,000 WebJob clients WebJob Server

  2. Outline High-level View One Sentence Description The WebJob Client is . . . The WebJob Server is . . . Benefits Details: Client–Server Interaction 1. Client Requests Program 2. Server Authenticates Client 3. Server Sends File to Client 4. Client Receives and Executes Program 5. Client Uploads Results to Server Advantages Disadvantages Execution Example Client-Side Server-Side (part 1) Server-Side (part 2) Server-Side (part 3) WebJob in Action

  3. High-level View One Sentence Description The WebJob Client is . . . The WebJob Server is . . . Benefits Details: Client–Server Interaction 1. Client Requests Program 2. Server Authenticates Client 3. Server Sends File to Client 4. Client Receives and Executes Program 5. Client Uploads Results to Server Advantages Disadvantages Execution Example Client-Side Server-Side (part 1) Server-Side (part 2) Server-Side (part 3) WebJob in Action

  4. One Sentence Description WebJob is a client-server system, where the client requests and downloads a program from a server, executes that program on the client, then uploads the results to the server. http://webjob.sourceforge.net/WebJob/index.shtml UNIX Windows Linux client client client 1 Request Program Solaris FreeBSD client client 2 WebJob WebJob Authenticate 4 Server Client Client Run Cygwin WebJob Mac OS X Program client Server client 3 Send Program NetBSD OpenBSD client client 5 Send Output AIX HP-UX Windows XP client client client High-Level View Detailed View

  5. The WebJob Client is . . . ◮ small C program ◮ approximately 1 megabyte when OpenSSL is statically compiled into the binary ◮ currently tested on these platforms/OS’s: AIX, Cygwin, FreeBSD, HP-UX, MacOS X, NetBSD, OpenBSD, Linux, Solaris, and Windows NT/2K

  6. The WebJob Server is . . . ◮ Apache configured to run the WebJob CGI (nph-webjob.cgi) ◮ nph-webjob.cgi is a Perl CGI program (˜52 kilobytes) ◮ Contains the following (abbreviated) structure to support clients webjob | + incoming | | | - <job-N>.out | - <job-N>.err | - <job-N>.env | - <job-N>.rdy | + profiles | + <client-N> | + commands | - <command-N>

  7. Benefits ◮ mechanism for running known good programs on damaged or potentially compromised systems ◮ ideal for remote diagnostics, incident response, and evidence collection ◮ provides a framework that is conducive to centralized management ◮ can support and help automate a large number of common administrative tasks and host-based monitoring scenarios such as periodic system checks, file updates, integrity monitoring, patch/package management, and so on.

  8. High-level View One Sentence Description The WebJob Client is . . . The WebJob Server is . . . Benefits Details: Client–Server Interaction 1. Client Requests Program 2. Server Authenticates Client 3. Server Sends File to Client 4. Client Receives and Executes Program 5. Client Uploads Results to Server Advantages Disadvantages Execution Example Client-Side Server-Side (part 1) Server-Side (part 2) Server-Side (part 3) WebJob in Action

  9. 1. Client Requests Program ◮ WebJob client requests program from WebJob 1 server Request Program ◮ Example requests the 2 testenv program WebJob WebJob Authenticate 4 Server Client Client Run ◮ --execute directs client to Program execute program 3 Send Program ◮ --file controls WebJob configuration via a 5 Send configuration file Output webjob --execute --file upload.cfg testenv

  10. 2. Server Authenticates Client ◮ WebJob server receives the request and authenticates the client’s credentials 1 ◮ WebJob server can be Request Program configured to authenticate clients with 2 WebJob WebJob Authenticate 4 Server username–password Client Client Run combinations (i.e., basic Program 3 auth) or SSL certificates Send Program certificates a . 5 ◮ WebJob server can also be Send Output configured where clients have no authentication a http://en.wikipedia.org/wiki/Public key certificate

  11. 3. Server Sends File to Client 1 Request Program ◮ If the client’s credentials are 2 WebJob WebJob Authenticate 4 Server Client authentic, the server sends Client Run Program the requested program to 3 Send the client. Program 5 Send Output

  12. 4. Client Receives and Executes Program ◮ client receives and executes 1 Request the program Program ◮ optionally, client can 2 WebJob WebJob Authenticate 4 Server validate (via GetHook) Client Client Run digitally signed binaries, Program 3 providing a much greater Send Program level of security a . 5 Send a http://en.wikipedia.org/wiki/Digital signature Output

  13. 5. Client Uploads Results to Server ◮ WebJob client uploads three files to the WebJob server 1 ◮ ”out” file – command Request standard output stream Program ◮ ”err” file – command 2 WebJob WebJob standard error stream Authenticate 4 Server Client Client ◮ ”env” file – timestamps, Run Program stream hashes, etc 3 Send ◮ Server produces a fourth Program ”ready” ( rdy ) file, which 5 Send serves as a trigger file Output indicating the four files are ready for processing

  14. Advantages There are many advantages to WebJob. These advantages are listed below – they are quoted from the WebJob website 1 ◮ Ported to many operating systems: UNIX’s, Mac, Windows ◮ Small client footprint: only 1 binary, ˜ 1 Mb ◮ Critical components centrally managed ◮ Secure; Client-Server data can be exchanged safely and securely using SSL encryption and certificate authentication. ◮ Aggregates data in one location – the WebJob server. ◮ Requires minimal networking: outbound TCP connection ◮ Does not diminish client security posture: client runs in security context of invoking user, client does not accept inbound requests, no inherent client SUID/SGID issues ◮ Jobs can be time limited: GET, RUN, and PUT timers ◮ Scales horizontally: 1 WebJob server can handle 1+ clients ◮ Scales vertically: WebJob servers can be configured as clients ◮ Does not limit what you can do 1 http://webjob.sourceforge.net/WebJob/index.shtml

  15. Disadvantages The disadvantages are listed below – they are quoted from the WebJob website 2 ◮ attacker could use client to infiltrate & execute malicious tools ◮ WebJob can’t be completely trusted on a compromised host even when statically compiled – think kernel patch. The best you can hope for is to detect a breach before such a patch is put into effect. This could potentially be done by running host integrity checks on a frequent basis. By the way, if you suspect a kernel patch, your only true recourse is to take the system down and inspect it from another vantage point. ◮ To support batch processing, WebJob stores authentication credentials on the client system. Therefore, one must take measures to prevent and/or detect spoofing and replays. ◮ WebJob can’t protect client-server exchanges when used without encryption and mutual authentication. 2 http://webjob.sourceforge.net/WebJob/index.shtml

  16. High-level View One Sentence Description The WebJob Client is . . . The WebJob Server is . . . Benefits Details: Client–Server Interaction 1. Client Requests Program 2. Server Authenticates Client 3. Server Sends File to Client 4. Client Receives and Executes Program 5. Client Uploads Results to Server Advantages Disadvantages Execution Example Client-Side Server-Side (part 1) Server-Side (part 2) Server-Side (part 3) WebJob in Action

  17. Client-Side $ cat client_1.cfg ClientId=client_1 URLGetURL=http://127.0.0.1/cgi-client/nph-webjob.cgi URLPutURL=http://127.0.0.1/cgi-client/nph-webjob.cgi URLUsername=client_1 URLPassword=password URLAuthType=basic OverwriteExecutable=Y UnlinkExecutable=Y UnlinkOutput=Y RunType=snapshot TempDirectory=/opt/tmp $ webjob -e -f /usr/local/etc/client_1.cfg testenv

  18. Server-Side (part 1) $ cat /var/webjob/profiles/client_1/commands/testenv #!/bin/sh echo "WEBJOB_CLIENTID=${WEBJOB_CLIENTID}" echo "WEBJOB_HOSTNAME=${WEBJOB_HOSTNAME}" $ ls /var/webjob/incoming/ client_1_20060215144325_01252_testenv.env client_1_20060215144325_01252_testenv.err client_1_20060215144325_01252_testenv.out client_1_20060215144325_01252_testenv.rdy $ cat client_1_20060215144325_01252_testenv.out WEBJOB_CLIENTID=client_1 WEBJOB_HOSTNAME=foo.bar.org $ cat client_1_20060215144325_01252_testenv.err

  19. Server-Side (part 2) $ cat client_1_20060215144325_01252_testenv.env Version=webjob 1.5.0 ssl 32 bit Hostname=foo.bar.org SystemOS=i386 FreeBSD 5.4-RELEASE ClientId=client_1 GetRequest=testenv Command=testenv CommandLine=testenv Jid=server_1_1140032605_01250 Pid=1249 KidPid=1251 KidStatus=0 KidSignal=0 KidReason=The kid exited cleanly. JobEpoch=2006-02-15 14:43:25 EST (1140032605.888789) GetEpoch=2006-02-15 14:43:25 EST (1140032605.889020) RunEpoch=2006-02-15 14:43:25 EST (1140032605.909310) PutEpoch=2006-02-15 14:43:25 EST (1140032605.910637) HashType=MD5 StdOutHash=5f1f3a64705eb49a46bf8047a555a812 StdErrHash=d41d8cd98f00b204e9800998ecf8427e GetError=NA RunError=NA

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

(COM OMPU PUTE TER R SCIENC IENCE) E) CATEGORIZING STORAGE DEVICES

(COM OMPU PUTE TER R SCIENC IENCE) E) CATEGORIZING STORAGE DEVICES

, (COM OMPU PUTE TER R SCIENC IENCE) E) CATEGORIZING STORAGE DEVICES

555 views • 17 slides
Bonner County Technology Transformation Some observations concerning what worked, what did not

Bonner County Technology Transformation Some observations concerning what worked, what did not

Bonner County Technology Transformation Some observations concerning what worked, what did not and where we need to go Lessons from the digital trenches of a small local government jurisdiction that has big needs, great expectations, small

417 views • 29 slides
PART A COST TO COMMUNICATE OVERVIEW OF THE PRESENTATION The presentation covers initiatives

PART A COST TO COMMUNICATE OVERVIEW OF THE PRESENTATION The presentation covers initiatives

Narrative for Presentation: Select Committee on Communications &amp; Public Enterprises Cost to Communicate and ECS / ECNS Licensees Compliance PART A COST TO COMMUNICATE OVERVIEW OF THE PRESENTATION The presentation covers initiatives

133 views • 11 slides
The Road Ahead for Telecom Landscape LTE in India Mobile Broadband is here to stay

The Road Ahead for Telecom Landscape LTE in India Mobile Broadband is here to stay

The Road Ahead for Telecom Landscape LTE in India Mobile Broadband is here to stay Broadband has become a must have for both businesses and consumers. Way in which consumers and businesses use communications services is

578 views • 16 slides
MySQL Security Domas Mituzas, Sun Microsystems Me MySQL Support Security Coordinator (role)

MySQL Security Domas Mituzas, Sun Microsystems Me MySQL Support Security Coordinator (role)

MySQL Security Domas Mituzas, Sun Microsystems Me MySQL Support Security Coordinator (role) Did lots of security consulting and systems design work before Would prefer not to work on protection. Productivity is so much more fun!

706 views • 44 slides
Cache Timing Side-Channel Vulnerability Checking with Computation Tree Logic Shuwen Deng , Wenjie

Cache Timing Side-Channel Vulnerability Checking with Computation Tree Logic Shuwen Deng , Wenjie

Cache Timing Side-Channel Vulnerability Checking with Computation Tree Logic Shuwen Deng , Wenjie Xiong and Jakub Szefer Yale University HASP June 2, 2018 Memory System Cache Memory CPU Typical set-associative cache sets ways cache

640 views • 25 slides
VULNERABILITY OVERVIEW $ ls -1

VULNERABILITY OVERVIEW $ ls -1

VULNERABILITY OVERVIEW $ ls -1 /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown /sys/devices/system/cpu/vulnerabilities/spectre_v 1

380 views • 13 slides
Sodium Reactor Experiment Fuel MeltdownJuly 1959 Thomas B. Cochran, Ph.D. Natural Resources

Sodium Reactor Experiment Fuel MeltdownJuly 1959 Thomas B. Cochran, Ph.D. Natural Resources

Sodium Reactor Experiment Fuel MeltdownJuly 1959 Thomas B. Cochran, Ph.D. Natural Resources Defense Council 29 August 2009 SRE Core Inventory, Curies Half- Inventory Inventory Inventory Isotope Li (Hart) (Daniel) (Sandia) fe

91 views • 7 slides
Scaling N26 Technology Through Hypergrowth @folgerfonseca QCon London 03.2020 Building the

Scaling N26 Technology Through Hypergrowth @folgerfonseca QCon London 03.2020 Building the

Scaling N26 Technology Through Hypergrowth @folgerfonseca QCon London 03.2020 Building the bank world loves to use A new approach to banking Best digital user A betuer price experience +5M +$1.66Bn Customers Monthly transaction volume

1.11k views • 64 slides
Shifting Sands: Sovereign Wealth Funds and The Global Economic Crisis Select Arab Sovereign

Shifting Sands: Sovereign Wealth Funds and The Global Economic Crisis Select Arab Sovereign

Shifting Sands: Sovereign Wealth Funds and The Global Economic Crisis Select Arab Sovereign Wealth Funds Country Name Created Est. size (billions) Kuwait

309 views • 10 slides
High Temperature Ramifications Good/Bad/Ugly by Mike Riley IPM Associates, Inc. 2400

High Temperature Ramifications Good/Bad/Ugly by Mike Riley IPM Associates, Inc. 2400

High Temperature Ramifications Good/Bad/Ugly by Mike Riley IPM Associates, Inc. 2400 Chamberlain Drive Plano, Texas 75023 w w w .ipmassociates.com High Temperature Ramifications Forget the Good High Temperature Ramifications The

395 views • 28 slides
Major crises: historical comparisons to the Great Depression and the classical Gold Standard

Major crises: historical comparisons to the Great Depression and the classical Gold Standard

EUROPEAN COMMISSION DIRECTORATE GENERAL ECONOMIC AND FINANCIAL AFFAIRS Major crises: historical comparisons to the Great Depression and the classical Gold Standard Ronald Albers* and Lars Jonung** *European Commission, DG ECFIN ** Lund

443 views • 30 slides
RESTORING AMERICAS LEADERSHIP NUCLEAR ENERGY An Industry in Crisis, Taking Action to rebuild an

RESTORING AMERICAS LEADERSHIP NUCLEAR ENERGY An Industry in Crisis, Taking Action to rebuild an

The Leading U.S. Producer of Uranium &amp; Vanadium RESTORING AMERICAS LEADERSHIP NUCLEAR ENERGY An Industry in Crisis, Taking Action to rebuild an industry critical for National Security Energy Fuels Inc. UUUU NYSE American EFR TSX July 29,

201 views • 17 slides
1 2020 Reviewed Interim Results FOR THE PERIOD ENDED 31 MARCH 2020 26 May 2020 Anton Pillay, CEO

1 2020 Reviewed Interim Results FOR THE PERIOD ENDED 31 MARCH 2020 26 May 2020 Anton Pillay, CEO

1 2020 Reviewed Interim Results FOR THE PERIOD ENDED 31 MARCH 2020 26 May 2020 Anton Pillay, CEO Mary-Anne Musekiwa, CFO 2 Agenda Economic environment Highlights AUM and financial results Business update Good corporate citizenship

351 views • 31 slides
Productive Struggle: helping our kids persevere and succeed Susan Billmire Jenny Bonack

Productive Struggle: helping our kids persevere and succeed Susan Billmire Jenny Bonack

Productive Struggle: helping our kids persevere and succeed Susan Billmire Jenny Bonack Padlet.com https://bit.ly/2OoQLXb What did you What things hear on the do you hear at video that is home from 2 different your child from what

300 views • 13 slides
Discomfort vs. Disorder Making Sense of Adolescent Behavior Dr. Brad Sachs www.drbradsachs.com

Discomfort vs. Disorder Making Sense of Adolescent Behavior Dr. Brad Sachs www.drbradsachs.com

Discomfort vs. Disorder Making Sense of Adolescent Behavior Dr. Brad Sachs www.drbradsachs.com drsachs@drbradsachs.com Jewish Education Project March 16, 2017 Wisdom begins with knowing what you dont know Socrates The Lens of the

1.51k views • 118 slides
Value Creation Through Constructive Activism Q1 2020 Shareholder Update Call May 6, 2020 1 Safe

Value Creation Through Constructive Activism Q1 2020 Shareholder Update Call May 6, 2020 1 Safe

Value Creation Through Constructive Activism Q1 2020 Shareholder Update Call May 6, 2020 1 Safe Harbor Statement This presentation may contain statements of a forward-looking nature relating to future events. Statements contained in this

436 views • 24 slides
A Today How did we get here? Who should take some responsibility? Where do we go now?

A Today How did we get here? Who should take some responsibility? Where do we go now?

Observations &amp; lessons from the 2008 meltdown Who, why, what was responsible? What will happen next? Michael Chamberlain www.aventine.co.nz February 2009 A Today How did we get here? Who should take some responsibility? Where

239 views • 12 slides
as a Necessary Infrastructure for Sustainable Development of Nuclear Energy Leon CIZELJ, Iztok

as a Necessary Infrastructure for Sustainable Development of Nuclear Energy Leon CIZELJ, Iztok

Research Based Education as a Necessary Infrastructure for Sustainable Development of Nuclear Energy Leon CIZELJ, Iztok TISELJ, Ivo KLJENAK Reactor Engineering Division Jozef Stefan Institute Ljubljana, Slovenia NESTet 2016, Berlin, Germany,

641 views • 15 slides
Did You Know?.. YOU CAN USE DACDB(DISTRICT AND CLUB DATABASE) AS A NETWORKING TOOL Why Use

Did You Know?.. YOU CAN USE DACDB(DISTRICT AND CLUB DATABASE) AS A NETWORKING TOOL Why Use

Did You Know?.. YOU CAN USE DACDB(DISTRICT AND CLUB DATABASE) AS A NETWORKING TOOL Why Use DACdb? Find Rotary members (Active/ pending/ Terminated/ Within your district) View/ print member directory (multiple formats) View

508 views • 21 slides
NASPA: Student Affairs Leaders Mission Guiding Principles Integrity To the be principal

NASPA: Student Affairs Leaders Mission Guiding Principles Integrity To the be principal

NASPA: Student Affairs Leaders Mission Guiding Principles Integrity To the be principal source of leadership, scholarship, Innovation professional development and Inclusion advocacy for student affairs. Inquiry Vision NASPA is

272 views • 6 slides
and Membership Take a fresh look October 2012 Issue 04 The engineer plays a crucial role in

and Membership Take a fresh look October 2012 Issue 04 The engineer plays a crucial role in

Information and Membership Take a fresh look October 2012 Issue 04 The engineer plays a crucial role in society by creating wealth and improving our quality of life. This is particularly true of those engineers who work with reciprocating

706 views • 36 slides
Inner Workings of the Association of American Railroads (AAR) Associate Member Program and

Inner Workings of the Association of American Railroads (AAR) Associate Member Program and

Inner Workings of the Association of American Railroads (AAR) Associate Member Program and Associate Advisory Board (AAB) Brian Hawkins Amsted AAB Member Fred R. Sasser Chicago Freight Car Leasing Co. AAB Member Freight Rail Works.

495 views • 21 slides
Solving Problems Leveraging Organizations Leveraging Organizations Eric P. Loewen, Ph.D.

Solving Problems Leveraging Organizations Leveraging Organizations Eric P. Loewen, Ph.D.

Solving Problems Leveraging Organizations Leveraging Organizations Eric P. Loewen, Ph.D. Eric P. Loewen, Ph.D. Vice President / President Elect O B h lf f th Di On Behalf of the Diversity of the it f th American Nuclear Society U.S.

293 views • 10 slides

More recommend