With the previous incarnation it wasn't possible to get a list of all replicas, only of the replicas directly connected to the one on which the command was run. This new version will return all known replicas (as per entries under cn=master,cn=ipa,cn=etc,$SUFFIX). If a server name is passed as an argument then the specific replica is queried to get the list of servers it is directly connected to. This is so that topology can be easily discovered from a single machine.
Simo. -- Simo Sorce * Red Hat, Inc * New York
>From da4f6517464979c8a1fa7a7b86406cd0aec042e3 Mon Sep 17 00:00:00 2001 From: Simo Sorce <sso...@redhat.com> Date: Wed, 15 Dec 2010 14:55:30 -0500 Subject: [PATCH 4/4] Make ipa-replica-manage list return all known masters if ipa-replica-manage list is given a master name as argument then the tool has the old behavior of listing that specific master replication agreements Fixes: https://fedorahosted.org/freeipa/ticket/625 --- install/tools/ipa-replica-manage | 67 +++++++++++++++++++++++++++----------- ipaserver/install/replication.py | 8 ++-- 2 files changed, 52 insertions(+), 23 deletions(-) diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage index f60f8a1498938ceb9bf09690856e0d2923cce287..cbb2cad1db4692e3f861bc0762798a8d3e372d5e 100755 --- a/install/tools/ipa-replica-manage +++ b/install/tools/ipa-replica-manage @@ -24,13 +24,15 @@ import traceback, logging from ipapython import ipautil from ipaserver.install import replication, dsinstance, installutils -from ipaserver.plugins.ldap2 import ldap2 +from ipaserver import ipaldap from ipapython import version from ipalib import errors, util +CACERT = "/etc/ipa/ca.crt" + # dict of command name and tuples of min/max num of args needed commands = { - "list":(0, 0, "", ""), + "list":(0, 1, "[master fqdn]", ""), "connect":(1, 2, "<master fqdn> [other master fqdn]", "must provide the name of the servers to connect"), "disconnect":(1, 2, "<master fqdn> [other master fqdn]", @@ -106,9 +108,8 @@ def get_realm_name(): return c.default_realm def get_suffix(): - l = ldap2(shared_instance=False, base_dn='') - suffix = l.normalize_dn(util.realm_to_suffix(get_realm_name())) - return suffix + suffix = util.realm_to_suffix(get_realm_name()) + return ipaldap.IPAdmin.normalizeDN(suffix) def test_connection(host): """ @@ -120,24 +121,49 @@ def test_connection(host): """ try: replman = replication.ReplicationManager(host, None) - dns = replman.find_replication_dns(replman.conn) + ents = replman.find_replication_agreements() del replman return True except ldap.LOCAL_ERROR: return False -def list_masters(replman, verbose): - dns = replman.find_replication_dns(replman.conn) - - for dn in dns: - entry = replman.conn.search_s(dn, ldap.SCOPE_SUBTREE)[0] - print entry.getValue('nsds5replicahost') - - if verbose: - print " last init status: %s" % entry.nsds5replicalastinitstatus - print " last init ended: %s" % str(ipautil.parse_generalized_time(entry.nsds5replicalastinitend)) - print " last update status: %s" % entry.nsds5replicalastupdatestatus - print " last update ended: %s" % str(ipautil.parse_generalized_time(entry.nsds5replicalastupdateend)) +def list_masters(host, replica, dirman_passwd, verbose): + + if replica: + try: + repl = replication.ReplicationManager(replica, dirman_passwd) + repl.suffix = get_suffix() + except Exception, e: + print "Failed to get data from '%s': %s" % (replica, str(e)) + return + + entries = repl.find_replication_agreements() + + for entry in entries: + print entry.nsds5replicahost + + if verbose: + print " last init status: %s" % entry.nsds5replicalastinitstatus + print " last init ended: %s" % str(ipautil.parse_generalized_time(entry.nsds5replicalastinitend)) + print " last update status: %s" % entry.nsds5replicalastupdatestatus + print " last update ended: %s" % str(ipautil.parse_generalized_time(entry.nsds5replicalastupdateend)) + else: + try: + conn = ipaldap.IPAdmin(host, 636, cacert=CACERT) + if dirman_passwd: + conn.do_simple_bind(bindpw=dirman_passwd) + else: + conn.sasl_interactive_bind_s('', ipaldap.sasl_auth) + + dn = 'cn=masters,cn=ipa,cn=etc,%s' % get_suffix() + entries = conn.search_s(dn, ldap.SCOPE_ONELEVEL) + + for ent in entries: + print ent.cn + + except Exception, e: + print "Failed to get data from '%s': %s" % (host, str(e)) + return def del_link(replica1, replica2, dirman_passwd, force=False): @@ -354,7 +380,10 @@ def main(): r.suffix = get_suffix() if args[0] == "list": - list_masters(r, options.verbose) + replica = None + if len(args) == 2: + replica = args[1] + list_masters(host, replica, dirman_passwd, options.verbose) elif args[0] == "del": del_master(r, args[1], options.force) elif args[0] == "init": diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py index 5d18c1c7a63776f80cf61f2fc374b67fcd0767c9..15a6f5a76f3617a13546ee261b8d15df38df52d9 100644 --- a/ipaserver/install/replication.py +++ b/ipaserver/install/replication.py @@ -103,7 +103,7 @@ class ReplicationManager: return retval - def find_replication_dns(self, conn): + def find_replication_agreements(self): """ The replication agreements are stored in cn="$SUFFIX",cn=mapping tree,cn=config @@ -116,10 +116,10 @@ class ReplicationManager: """ filt = "(|(objectclass=nsDSWindowsReplicationAgreement)(objectclass=nsds5ReplicationAgreement))" try: - ents = conn.search_s("cn=mapping tree,cn=config", ldap.SCOPE_SUBTREE, filt) + ents = self.conn.search_s("cn=mapping tree,cn=config", ldap.SCOPE_SUBTREE, filt) except ldap.NO_SUCH_OBJECT: - return [] - return [ent.dn for ent in ents] + ents = [] + return ents def find_ipa_replication_agreements(self): """ -- 1.7.3.3
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel