diff options
Diffstat (limited to 'func/overlord')
-rwxr-xr-x | func/overlord/client.py | 7 | ||||
-rw-r--r-- | func/overlord/cmd_modules/check.py | 143 | ||||
-rw-r--r-- | func/overlord/cmd_modules/listminions.py | 16 | ||||
-rw-r--r-- | func/overlord/cmd_modules/ping.py | 6 | ||||
-rw-r--r-- | func/overlord/func_command.py | 10 | ||||
-rw-r--r-- | func/overlord/groups.py | 1 |
6 files changed, 170 insertions, 13 deletions
diff --git a/func/overlord/client.py b/func/overlord/client.py index f07e526..fdcf875 100755 --- a/func/overlord/client.py +++ b/func/overlord/client.py @@ -105,6 +105,7 @@ class Minions(object): def _get_new_hosts(self): self.new_hosts = self.group_class.get_hosts_by_groupgoo(self.spec) + return self.new_hosts def _get_all_hosts(self): seperate_gloobs = self.spec.split(";") @@ -116,6 +117,12 @@ class Minions(object): self.all_certs.append(cert) host = cert.replace(self.config.certroot,"")[1:-5] self.all_hosts.append(host) + return self.all_hosts + + def get_all_hosts(self): + self._get_new_hosts() + self._get_all_hosts() + return self.all_hosts def get_urls(self): self._get_new_hosts() diff --git a/func/overlord/cmd_modules/check.py b/func/overlord/cmd_modules/check.py new file mode 100644 index 0000000..cf1badb --- /dev/null +++ b/func/overlord/cmd_modules/check.py @@ -0,0 +1,143 @@ +""" +check checks to see how happy func is. +it provides sanity checks for basic user setup. + +Copyright 2008, Red Hat, Inc +Michael DeHaan <mdehaan@redhat.com> + +This software may be freely redistributed under the terms of the GNU +general public license. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +""" + + +import optparse +import os +import urllib2 + +from func.overlord import command +from func.overlord import client +from func import utils +from func.minion import sub_process +from func.config import read_config +from func.commonconfig import FuncdConfig + +# FIXME: don't hardcode this here +DEFAULT_PORT = 51234 + +class CheckAction(client.command.Command): + name = "check" + usage = "check func for possible setup problems" + + def addOptions(self): + self.parser.add_option("-c", "--certmaster", action="store_true", help="check the certmaster configuration on this box") + self.parser.add_option("-m", "--minion", action="store_true", help="check the minion configuration on this box") + + + def handleOptions(self, options): + # FIXME: all through the code we have this constant in each + # file, need to make this common. + self.port = DEFAULT_PORT + self.check_certmaster = options.certmaster + self.check_minion = options.minion + + def do(self, args): + + if not self.check_certmaster and not self.check_minion: + print "* specify --certmaster, --minion, or both" + return + else: + print "SCAN RESULTS:" + + hostname = utils.get_hostname() + print "* FQDN is detected as %s, verify that is correct" % hostname + self.check_iptables() + + if not os.getuid() == 0: + print "* root is required to run these setup tests" + return + + if self.check_minion: + + # check that funcd is running + self.check_service("funcd") + + # check that the configured certmaster is reachable + self.check_talk_to_certmaster() + + if self.check_certmaster: + + # check that certmasterd is running + self.check_service("certmasterd") + + # see if we have any waiting CSRs + # FIXME: TODO + + # see if we have signed any certs + # FIXME: TODO + + # construct a client handle and see if any hosts are reachable + self.server_spec = self.parentCommand.server_spec + + client_obj = client.Client( + self.server_spec, + port=self.port, + interactive=False, + verbose=False, + config=self.config + ) + results = client_obj.test.add(1,2) + hosts = results.keys() + if len(hosts) == 0: + print "* no systems have signed certs" + else: + failed = 0 + for x in hosts: + if results[x] != 3: + failed = failed+1 + if failed != 0: + print "* unable to connect to %s registered minions from overlord" % failed + print "* run func '*' ping to check status" + + # see if any of our certs have expired + + # warn about iptables if running + print "End of Report." + + def check_service(self, which): + if os.path.exists("/etc/rc.d/init.d/%s" % which): + rc = sub_process.call("/sbin/service %s status >/dev/null 2>/dev/null" % which, shell=True) + if rc != 0: + print "* service %s is not running" % which + + def check_iptables(self): + if os.path.exists("/etc/rc.d/init.d/iptables"): + rc = sub_process.call("/sbin/service iptables status >/dev/null 2>/dev/null", shell=True) + + if rc == 0: + # FIXME: don't hardcode port + print "* iptables may be running, ensure 51234 is unblocked" + + def check_talk_to_certmaster(self): + config_file = '/etc/func/minion.conf' + config = read_config(config_file, FuncdConfig) + cert_dir = config.cert_dir + # FIXME: don't hardcode port + master_uri = "http://%s:51235/" % config.certmaster + print "* this minion is configured in /etc/func/minion.conf to talk to host '%s' for certs, verify that is correct" % config.certmaster + # this will be a 501, unsupported GET, but we should be + # able to tell if we can make contact + connect_ok = True + try: + fd = urllib2.urlopen(master_uri) + data = fd.read() + fd.close() + except urllib2.HTTPError: + pass + except: + connect_ok = False + if not connect_ok: + print "cannot connect to certmaster at %s" % (master_uri) diff --git a/func/overlord/cmd_modules/listminions.py b/func/overlord/cmd_modules/listminions.py index 50c7e24..9421b8d 100644 --- a/func/overlord/cmd_modules/listminions.py +++ b/func/overlord/cmd_modules/listminions.py @@ -1,5 +1,6 @@ """ -copyfile command line +list minions provides a command line way to see what certs are +registered. Copyright 2007, Red Hat, Inc see AUTHORS @@ -42,10 +43,13 @@ class ListMinions(client.command.Command): verbose=self.options.verbose, config=self.config) - servers = client_obj.servers - print servers + results = client_obj.test.add(1,2) + servers = results.keys() + servers.sort() + + # print servers for server in servers: # just cause I hate regex'es -akl - host = server.split(':')[-2] - host = host.split('/')[-1] - print host + # host = server.split(':')[-2] + # host = host.split('/')[-1] + print server diff --git a/func/overlord/cmd_modules/ping.py b/func/overlord/cmd_modules/ping.py index f756fd9..438e2a9 100644 --- a/func/overlord/cmd_modules/ping.py +++ b/func/overlord/cmd_modules/ping.py @@ -1,5 +1,5 @@ """ -copyfile command line +ping minions to see whether they are up. Copyright 2007, Red Hat, Inc Michael DeHaan <mdehaan@redhat.com> @@ -52,8 +52,8 @@ class Ping(client.command.Command): # because this is mainly an interactive command, expand the server list and make seperate connections. # to make things look more speedy. - servers = client.expand_servers(self.server_spec, port=self.options.port, noglobs=None, - verbose=self.options.verbose, just_fqdns=True) + minion_set = client.Minions(self.server_spec, port=self.options.port) + servers = minion_set.get_all_hosts() for server in servers: diff --git a/func/overlord/func_command.py b/func/overlord/func_command.py index 8bc6b7c..bd718bb 100644 --- a/func/overlord/func_command.py +++ b/func/overlord/func_command.py @@ -23,15 +23,19 @@ from cmd_modules import show from cmd_modules import copyfile from cmd_modules import listminions from cmd_modules import ping +from cmd_modules import check from func.overlord import client class FuncCommandLine(command.Command): + name = "func" - usage = "func is the commandline interface to a func minion" + usage = "func is the command line interface for controlling func minions" - subCommandClasses = [call.Call, show.Show, - copyfile.CopyFile, listminions.ListMinions, ping.Ping] + subCommandClasses = [ + call.Call, show.Show, copyfile.CopyFile, + listminions.ListMinions, ping.Ping, check.CheckAction + ] def __init__(self): diff --git a/func/overlord/groups.py b/func/overlord/groups.py index a0a9d78..7097366 100644 --- a/func/overlord/groups.py +++ b/func/overlord/groups.py @@ -24,7 +24,6 @@ import ConfigParser -import os class Groups(object): |