diff options
author | Petr Vobornik <pvoborni@redhat.com> | 2015-06-17 13:33:24 +0200 |
---|---|---|
committer | Petr Vobornik <pvoborni@redhat.com> | 2015-06-29 17:11:08 +0200 |
commit | 659b88b8205ef403aa9162453472e4731d93d13b (patch) | |
tree | 0ce64c9147f4f29fcb6c641fdd6ec933dc67f759 /install | |
parent | dcb6916a3b0601e33b08e12aeb25357efed6812b (diff) | |
download | freeipa-659b88b8205ef403aa9162453472e4731d93d13b.tar.gz freeipa-659b88b8205ef403aa9162453472e4731d93d13b.tar.xz freeipa-659b88b8205ef403aa9162453472e4731d93d13b.zip |
topology: check topology in ipa-replica-manage del
ipa-replica-manage del now:
- checks the whole current topology(before deletion), reports issues
- simulates deletion of server and checks the topology again, reports issues
Asks admin if he wants to continue with the deletion if any errors are found.
https://fedorahosted.org/freeipa/ticket/4302
Reviewed-By: David Kupka <dkupka@redhat.com>
Diffstat (limited to 'install')
-rwxr-xr-x | install/tools/ipa-replica-manage | 48 |
1 files changed, 42 insertions, 6 deletions
diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage index 57e30bc54..71eb992f9 100755 --- a/install/tools/ipa-replica-manage +++ b/install/tools/ipa-replica-manage @@ -35,6 +35,7 @@ from ipaserver.plugins import ldap2 from ipapython import version, ipaldap from ipalib import api, errors, util from ipalib.constants import CACERT +from ipalib.util import create_topology_graph, get_topology_connection_errors from ipapython.ipa_log_manager import * from ipapython.dn import DN from ipapython.config import IPAOptionParser @@ -566,11 +567,46 @@ def check_last_link(delrepl, realm, dirman_passwd, force): return None def check_last_link_managed(api, masters, hostname, force): - # segments = api.Command.topologysegment_find(u'realm', sizelimit=0).get('result') - # replica_names = [m.single_value('cn') for m in masters] - # orphaned = [] - # TODO add proper graph traversing algorithm here - return None + """ + Check if 'hostname' is safe to delete. + + :returns: list of errors after future deletion + """ + + segments = api.Command.topologysegment_find(u'realm', sizelimit=0).get('result') + graph = create_topology_graph(masters, segments) + + # check topology before removal + orig_errors = get_topology_connection_errors(graph) + if orig_errors: + print "Current topology is disconnected:" + print "Changes are not replicated to all servers and data are probably inconsistent." + print "You need to add segments to reconnect the topology." + print_connect_errors(orig_errors) + + # after removal + graph.remove_vertex(hostname) + new_errors = get_topology_connection_errors(graph) + if new_errors: + print "WARNING: Topology after removal of %s will be disconnected." % hostname + print "Changes will not be replicated to all servers and data will become inconsistent." + print "You need to add segments to prevent disconnection of the topology." + print "Errors in topology after removal:" + print_connect_errors(new_errors) + + if orig_errors or new_errors: + if not force: + sys.exit("Aborted") + else: + print "Forcing removal of %s" % hostname + + return new_errors + +def print_connect_errors(errors): + for error in errors: + print "Topology does not allow server %s to replicate with servers:" % error[0] + for srv in error[2]: + print " %s" % srv def enforce_host_existence(host, message=None): if host is not None and not ipautil.host_exists(host): @@ -680,7 +716,7 @@ def del_master_managed(realm, hostname, options): masters = api.Command.server_find('', sizelimit=0)['result'] # 3. Check topology - orphans = check_last_link_managed(api, masters, hostname, options.force) + check_last_link_managed(api, masters, hostname, options.force) # 4. Check that we are not leaving the installation without CA and/or DNS # And pick new CA master. |