DNS install: extract DNS installer into one module

This is required modification to be able move to new installers. DNS subsystem will be installed by functions in this module in each of ipa-server-install, ipa-dns-install, ipa-replica-install install scripts. https://fedorahosted.org/freeipa/ticket/4468 Reviewed-By: Jan Cholasta <jcholast@redhat.com>
author: Martin Basti <mbasti@redhat.com> 2015-05-13 18:49:25 +0200
committer: Jan Cholasta <jcholast@redhat.com> 2015-05-19 14:21:31 +0000
commit: ae9c3e2dce000ed185b28e2e6e85043ad8d001ed (patch)
tree: 118b9992fdf1bfa34fd96cdaeaaed65b4e73f8d3 /install/tools/ipa-replica-install
parent: 5a741b614f39a148d849877e743200de5a7302db (diff)
download: freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.tar.gz
freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.tar.xz
freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.zip
1 files changed, 13 insertions, 49 deletions
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index b09a5f16e..f68cc8cf4 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -41,6 +41,7 @@ from ipaserver.install.installutils import (
 from ipaserver.plugins.ldap2 import ldap2
 from ipaserver.install import cainstance
 from ipaserver.install import krainstance
+from ipaserver.install import dns as dns_installer
 from ipalib import api, create_api, errors, util, certstore, x509
 from ipalib.constants import CACERT
 from ipapython import version
@@ -150,6 +151,9 @@ def parse_options():
     elif options.reverse_zones and options.no_reverse:
         parser.error("You cannot specify a --reverse-zone option together with --no-reverse")
 
+    options.zonemgr = None
+    options.dnssec_master = False
+
     return safe_options, options, args[0]
 
 def get_dirman_password():
@@ -262,31 +266,6 @@ def install_http(config, auto_redirect):
 
     return http
 
-def install_bind(config, options):
-    api.Backend.ldap2.connect(bind_dn=DIRMAN_DN,
-                              bind_pw=config.dirman_password)
-    if options.forwarders:
-        forwarders = options.forwarders
-    else:
-        forwarders = ()
-    bind = bindinstance.BindInstance(dm_password=config.dirman_password)
-
-    bind.setup(config.host_name, config.ips, config.realm_name,
-               config.domain_name, forwarders, options.conf_ntp,
-               config.reverse_zones, ca_configured=options.setup_ca,
-               no_dnssec_validation=options.no_dnssec_validation)
-    bind.create_instance()
-    print ""
-    dnskeysyncd = dnskeysyncinstance.DNSKeySyncInstance(
-        dm_password=config.dirman_password)
-    dnskeysyncd.create_instance(api.env.host, api.env.realm)
-    dnskeysyncd.start_dnskeysyncd()
-    bind.start_named()
-    print ""
-    bind.check_global_configuration()
-    print ""
-
-
 def install_dns_records(config, options, remote_api):
 
     if not bindinstance.dns_container_exists(config.master_host_name,
@@ -451,17 +430,6 @@ def main():
     global fstore
     fstore = sysrestore.FileStore(paths.SYSRESTORE)
 
-    # check the bind is installed
-    if options.setup_dns:
-        check_bind()
-
-    # test DNSSEC forwarders
-    if options.forwarders:
-        if (not bindinstance.check_forwarders(options.forwarders, root_logger)
-                and not options.no_dnssec_validation):
-            options.no_dnssec_validation = True
-            print "WARNING: DNSSEC validation will be disabled"
-
     # Check to see if httpd is already configured to listen on 443
     if httpinstance.httpd_443_configured():
         sys.exit("Aborting installation")
@@ -514,6 +482,13 @@ def main():
 
     installutils.verify_fqdn(config.master_host_name, options.no_host_dns)
 
+    if options.setup_dns:
+        dns_installer.install_check(False, True, options, config.host_name)
+    else:
+        installutils.get_server_ip_address(config.host_name, fstore,
+                                           options.unattended, False,
+                                           options.ip_addresses)
+
     # check connection
     if not options.skip_conncheck:
         replica_conn_check(
@@ -521,18 +496,6 @@ def main():
             options.setup_ca, config.ca_ds_port, options.admin_password)
 
 
-    # check replica host IP resolution
-    config.ips = installutils.get_server_ip_address(config.host_name, fstore,
-        options.unattended, options.setup_dns, options.ip_addresses)
-
-    ip_addresses = [str(ip) for ip in config.ips]
-    config.reverse_zones = bindinstance.check_reverse_zones(ip_addresses,
-        options.reverse_zones, options, True)
-
-    if config.reverse_zones is not None:
-        print "Using reverse zone(s) %s" % ', '.join(config.reverse_zones)
-
-
     # Create the management framework config file
     # Note: We must do this before bootstraping and finalizing ipalib.api
     old_umask = os.umask(022)   # must be readable for httpd
@@ -713,7 +676,8 @@ def main():
         CA.restart(dogtag.configured_constants().PKI_INSTANCE_NAME)
 
     if options.setup_dns:
-        install_bind(config, options)
+        api.Backend.ldap2.connect(autobind=True)
+        dns_installer.install(False, True, options)
 
     # Restart httpd to pick up the new IPA configuration
     service.print_msg("Restarting the web server")
author	Martin Basti <mbasti@redhat.com>	2015-05-13 18:49:25 +0200
committer	Jan Cholasta <jcholast@redhat.com>	2015-05-19 14:21:31 +0000
commit	ae9c3e2dce000ed185b28e2e6e85043ad8d001ed (patch)
tree	118b9992fdf1bfa34fd96cdaeaaed65b4e73f8d3 /install/tools/ipa-replica-install
parent	5a741b614f39a148d849877e743200de5a7302db (diff)
download	freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.tar.gz freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.tar.xz freeipa-ae9c3e2dce000ed185b28e2e6e85043ad8d001ed.zip