diff options
Diffstat (limited to 'ipaserver/install/dogtaginstance.py')
-rw-r--r-- | ipaserver/install/dogtaginstance.py | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/ipaserver/install/dogtaginstance.py b/ipaserver/install/dogtaginstance.py index 66a76c75d..89e4ad4e6 100644 --- a/ipaserver/install/dogtaginstance.py +++ b/ipaserver/install/dogtaginstance.py @@ -23,6 +23,9 @@ import shutil import tempfile import traceback +from pki.client import PKIConnection +import pki.system + from ipapython import certmonger from ipapython import dogtag from ipapython import ipaldap @@ -58,6 +61,32 @@ def check_inst(subsystem): return True +def get_security_domain(): + """ + Get the security domain from the REST interface on the local Dogtag CA + This function will succeed if the local dogtag CA is up. + """ + connection = PKIConnection() + domain_client = pki.system.SecurityDomainClient(connection) + info = domain_client.get_security_domain_info() + return info + + +def is_installing_replica(sys_type): + """ + We expect only one of each type of Dogtag subsystem in an IPA deployment. + That means that if a subsystem of the specified type has already been deployed - + and therefore appears in the security domain - then we must be installing + a replica. + """ + info = get_security_domain() + try: + sys_list = info.systems[sys_type] + return len(sys_list) > 0 + except KeyError: + return False + + class DogtagInstance(service.Service): """ This is the base class for a Dogtag 10+ instance, which uses a |