topology: check topology in ipa-replica-manage del

ipa-replica-manage del now:
- checks the whole current topology(before deletion), reports issues
- simulates deletion of server and checks the topology again, reports issues

Asks admin if he wants to continue with the deletion if any errors are found.

https://fedorahosted.org/freeipa/ticket/4302

Reviewed-By: David Kupka <dkupka@redhat.com>

1 files changed, 42 insertions, 6 deletions

diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 57e30bc54..71eb992f9 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -35,6 +35,7 @@ from ipaserver.plugins import ldap2
 from ipapython import version, ipaldap
 from ipalib import api, errors, util
 from ipalib.constants import CACERT
+from ipalib.util import create_topology_graph, get_topology_connection_errors
 from ipapython.ipa_log_manager import *
 from ipapython.dn import DN
 from ipapython.config import IPAOptionParser
@@ -566,11 +567,46 @@ def check_last_link(delrepl, realm, dirman_passwd, force):
         return None
 
 def check_last_link_managed(api, masters, hostname, force):
-    # segments = api.Command.topologysegment_find(u'realm', sizelimit=0).get('result')
-    # replica_names = [m.single_value('cn') for m in masters]
-    # orphaned = []
-    # TODO add proper graph traversing algorithm here
-    return None
+    """
+    Check if 'hostname' is safe to delete.
+
+    :returns: list of errors after future deletion
+    """
+
+    segments = api.Command.topologysegment_find(u'realm', sizelimit=0).get('result')
+    graph = create_topology_graph(masters, segments)
+
+    # check topology before removal
+    orig_errors = get_topology_connection_errors(graph)
+    if orig_errors:
+        print "Current topology is disconnected:"
+        print "Changes are not replicated to all servers and data are probably inconsistent."
+        print "You need to add segments to reconnect the topology."
+        print_connect_errors(orig_errors)
+
+    # after removal
+    graph.remove_vertex(hostname)
+    new_errors = get_topology_connection_errors(graph)
+    if new_errors:
+        print "WARNING: Topology after removal of %s will be disconnected." % hostname
+        print "Changes will not be replicated to all servers and data will become inconsistent."
+        print "You need to add segments to prevent disconnection of the topology."
+        print "Errors in topology after removal:"
+        print_connect_errors(new_errors)
+
+    if orig_errors or new_errors:
+        if not force:
+            sys.exit("Aborted")
+        else:
+            print "Forcing removal of %s" % hostname
+
+    return new_errors
+
+def print_connect_errors(errors):
+    for error in errors:
+        print "Topology does not allow server %s to replicate with servers:" % error[0]
+        for srv in error[2]:
+            print "    %s" % srv
 
 def enforce_host_existence(host, message=None):
     if host is not None and not ipautil.host_exists(host):
@@ -680,7 +716,7 @@ def del_master_managed(realm, hostname, options):
     masters = api.Command.server_find('', sizelimit=0)['result']
 
     # 3. Check topology
-    orphans = check_last_link_managed(api, masters, hostname, options.force)
+    check_last_link_managed(api, masters, hostname, options.force)
 
     # 4. Check that we are not leaving the installation without CA and/or DNS
     #    And pick new CA master.