Initial replication setup.

This add replication setup through two new commands: ipa-replica-prepare
and ipa-replica-install. The procedure is to run ipa-replica-prepare
on an existing master. This will collect information about the realm
and the current master and create a file storing all of the information.
After copying that file to the new replica, ipa-replica-install is
run (with -r to create a read-only replica).

This version of the patch also includes fixes for the sasl mappings
on the replicas.

Remaining features:
- ssl for replication.
- automatic configuration of mesh topology for
  master (or a simpler way to replicate multiple
  masters.
- tool for view / configuring current replication.

1 files changed, 142 insertions, 0 deletions

diff --git a/ipa-server/ipa-install/ipa-replica-install b/ipa-server/ipa-install/ipa-replica-install
new file mode 100644
index 000000000..706dc323d
--- /dev/null
+++ b/ipa-server/ipa-install/ipa-replica-install
@@ -0,0 +1,142 @@
+#! /usr/bin/python -E
+# Authors: Karl MacMillan <kmacmillan@mentalrootkit.com>
+#
+# Copyright (C) 2007  Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 or later
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import sys
+sys.path.append("/usr/share/ipa")
+
+import tempfile
+from ConfigParser import SafeConfigParser
+
+from ipa import ipautil
+
+from ipaserver import dsinstance, replication, installutils, krbinstance, service
+from ipaserver import httpinstance, webguiinstance, radiusinstance, ntpinstance
+
+class ReplicaConfig:
+    def __init__(self):
+        self.realm_name = ""
+        self.master_host_name = ""
+        self.dirman_password = ""
+        self.ds_user = ""
+        self.host_name = ""
+        self.repl_password = ""
+        self.dir = ""
+
+def parse_options():
+    from optparse import OptionParser
+    parser = OptionParser()
+    parser.add_option("-r", "--read-only", dest="master", action="store_false",
+                      default=True, help="create read-only replica - default is master")
+
+    options, args = parser.parse_args()
+
+    if len(args) != 1:
+        parser.error("you must provide a file generated by ipa-replica-prepare")
+
+    return options, args[0]
+
+def get_dirman_password():
+    return installutils.read_password("Directory Manager (existing master)")
+
+def expand_info(filename):
+    top_dir = tempfile.mkdtemp("ipa")
+    dir = top_dir + "/realm_info"
+    ipautil.run(["tar", "xfz", filename, "-C", top_dir])
+
+    return top_dir, dir
+
+def read_info(dir, rconfig):
+    filename = dir + "/realm_info"
+    fd = open(filename)
+    config = SafeConfigParser()
+    config.readfp(fd)
+
+    rconfig.realm_name = config.get("realm", "realm_name")
+    rconfig.master_host_name = config.get("realm", "master_host_name")
+    rconfig.ds_user = config.get("realm", "ds_user")
+
+def get_host_name():
+    hostname = installutils.get_fqdn()
+    try:
+        installutils.verify_fqdn(hostname)
+    except RuntimeError, e:
+        logging.error(str(e))
+        sys.exit(1)
+
+    return hostname
+
+def install_ds(config):
+    dsinstance.check_existing_installation()
+    dsinstance.check_ports()
+
+    ds = dsinstance.DsInstance()
+    ds.create_instance(config.ds_user, config.realm_name, config.host_name, config.dirman_password)
+
+def install_krb(config):
+    krb = krbinstance.KrbInstance()
+    ldappwd_filename = config.dir + "/ldappwd"
+    krb.create_replica(config.ds_user, config.realm_name, config.host_name,
+                       config.dirman_password, ldappwd_filename)
+
+def install_http(config):
+    http = httpinstance.HTTPInstance()
+    http.create_instance(config.realm_name, config.host_name)
+
+def main():
+    options, filename = parse_options()
+    top_dir, dir = expand_info(filename)
+    
+    config = ReplicaConfig()
+    read_info(dir, config)
+    config.host_name = get_host_name()
+    config.repl_password = "box"
+    config.dir = dir
+
+    # get the directory manager password
+    config.dirman_password = get_dirman_password()
+
+    install_ds(config)
+    
+    repl = replication.ReplicationManager(config.host_name, config.dirman_password)
+    repl.setup_replication(config.master_host_name, config.realm_name, options.master)
+
+    install_krb(config)
+    install_http(config)
+    
+    # Create a Web Gui instance
+    webgui = webguiinstance.WebGuiInstance()
+    webgui.create_instance()
+
+    # Create a radius instance
+    radius = radiusinstance.RadiusInstance()
+    # FIXME: ldap_server should be derived, not hardcoded to localhost, also should it be a URL?
+    radius.create_instance(config.realm_name, config.host_name, 'localhost')
+
+    # Configure ntpd
+    ntp = ntpinstance.NTPInstance()
+    ntp.create_instance()
+
+
+    service.restart("dirsrv")
+    service.restart("krb5kdc")
+    
+main()
+    
+