Dzahn has uploaded a new change for review. https://gerrit.wikimedia.org/r/319383
Change subject: mgmt: script to extract mgmt IPs from DNS ...................................................................... mgmt: script to extract mgmt IPs from DNS This extracts all the usable mgmt IPs from DNS templates and removes the non-resolvable ones and duplicates, then writes the remaining ones to a list. That list can then be fed into the changepw command to change passwords. Bug: T147074 Change-Id: I2d512946c606d993def1cbe5ea6e9ea8b63fb78b --- A modules/mgmt/files/getmgmtips M modules/mgmt/manifests/init.pp 2 files changed, 73 insertions(+), 0 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/83/319383/1 diff --git a/modules/mgmt/files/getmgmtips b/modules/mgmt/files/getmgmtips new file mode 100644 index 0000000..f8660fe --- /dev/null +++ b/modules/mgmt/files/getmgmtips @@ -0,0 +1,62 @@ +#!/bin/bash +# detect all IP addresses in the mgmt network +# that actually have working DNS names and minus duplicates + +tempdir="/tmp/mgmtips" +dnsrepo="https://gerrit.wikimedia.org/r/p/operations/dns.git" +resultfile="${tempdir}/ip_list.txt" +rejectsfile="${tempdir}/rejects.txt" + +count_hosts=0 +count_ips=0 +count_all_ips=0 +count_rejects=0 + +echo "getting all mgmt hostnames from DNS templates.." + +if [ ! -d "$tempdir" ]; then + echo "$tempdir does not exist yet, creating it and git cloning DNS repo.." + mkdir -p $tempdir + git clone $dnsrepo +fi + +cd ${tempdir}/dns/templates + +if [ -f $resultfile ] || [ -f $resultfile.tmp ] || [ -f $rejectsfile ] || [ -f $rejectsfile.tmp ]; then + echo "deleting old result files" + rm $resultfile* $rejectsfile* +fi + +echo -e "extracting mgmt hostnames from 10.in-addr.arpa..\n" +mgmt_hosts=$(grep -oh "\w*.mgmt.\w*.\w*.\w*" 10.in-addr.arpa | head -n 30) + +touch $resulfile.tmp +touch $rejectfile.tmp + +for mgmt_host in $mgmt_hosts; do + echo "checking $mgmt_host.." + count_hosts=$((count_hosts+1)) + if host $mgmt_host >/dev/null; then + mgmt_ip=$(host $mgmt_host | cut -d " " -f4) + echo -e "$mgmt_host has $mgmt_ip - adding to list\n" + echo "$mgmt_ip" >> ${resultfile}.tmp + else + echo -e "$mgmt_host not found - skipping\n" + echo "$mgmt_host" >> ${rejectsfile}.tmp + fi +done + +echo "removing duplicates from list.." +sort ${resultfile}.tmp | uniq > $resultfile +sort ${rejectsfile}.tmp | uniq > $rejectsfile + +count_all_ips=$(wc -l ${resultfile}.tmp | cut -d " " -f1) +count_ips=$(wc -l $resultfile | cut -d " " -f1) +count_rejects=$(wc -l $rejectsfile | cut -d " " -f1) +let duplicates=$count_all_ips-$count_ips + +echo -e "\ndetected: host names: ${count_hosts} not resolved: ${count_rejects} all IPs: ${count_all_ips} usable IPs: ${count_ips} (${duplicates} duplicates skipped)\n" + +echo -e "resulting file you can use with 'changepw' is in ${resultfile}\n" +echo -e "host names that could not be resolved are in ${rejectsfile}\n" + diff --git a/modules/mgmt/manifests/init.pp b/modules/mgmt/manifests/init.pp index 8347955..e882007 100644 --- a/modules/mgmt/manifests/init.pp +++ b/modules/mgmt/manifests/init.pp @@ -6,6 +6,8 @@ package { 'sshpass': ensure => present, } + + # script to change passwords on a list of IPs file { '/usr/local/bin/changepw': mode => '0555', owner => 'root', @@ -13,4 +15,13 @@ source => 'puppet:///modules/mgmt/changepw', } + + # script to get a list of all the (usable) mgmt IPs + file { '/usr/local/bin/getmgmtips': + mode => '0555', + owner => 'root', + group => 'root', + source => 'puppet:///modules/mgmt/getmgmtips', + + } } -- To view, visit https://gerrit.wikimedia.org/r/319383 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I2d512946c606d993def1cbe5ea6e9ea8b63fb78b Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Dzahn <dz...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits