Take into consideration services when deleting replicas

When deleting a replica from IPA domain:
* Abort if the installation is about to be left without CA
* Warn if the installation is about to be left without DNS

Ticket: https://fedorahosted.org/freeipa/ticket/2879

1 files changed, 23 insertions, 0 deletions

diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 0dad14319..809103565 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -628,6 +628,29 @@ def del_master(realm, hostname, options):
                 print "Deleting this server will orphan '%s'. " % orphaned_server
                 print "You will need to reconfigure your replication topology to delete this server."
                 sys.exit(1)
+
+        # Check that we are not leaving the installation without CA and/or DNS
+        this_services = []
+        other_services = []
+
+        for master_cn in [m.getValue('cn') for m in masters]:
+            master_dn = DN(('cn', master_cn), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), ipautil.realm_to_suffix(realm))
+            services = delrepl.conn.getList(master_dn, ldap.SCOPE_ONELEVEL)
+            services_cns = [s.getValue('cn') for s in services]
+
+            if master_cn == hostname:
+                this_services = services_cns
+            else:
+                other_services.append(services_cns)
+
+        if 'CA' in this_services and not any(['CA' in o for o in other_services]):
+            print "Deleting this server is not allowed as it would leave your installation without a CA."
+            sys.exit(1)
+
+        if 'DNS' in this_services and not any(['DNS' in o for o in other_services]):
+            print "Deleting this server will leave your installation without a DNS."
+            if not options.force and not ipautil.user_input("Continue to delete?", False):
+                sys.exit("Deletion aborted")
     else:
         print "Skipping calculation to determine if one or more masters would be orphaned."