[MediaWiki-commits] [Gerrit] Add makedomain tool, for creation of domains in designate. - change (operations/puppet)
Andrew Bogott has submitted this change and it was merged.
Change subject: Add makedomain tool, for creation of domains in designate.
..
Add makedomain tool, for creation of domains in designate.
Change-Id: I5c039b3ca369f60e1cd4e7d77c0388c51c8acaa2
---
A modules/openstack/files/liberty/virtscripts/makedomain
M modules/openstack/manifests/horizon/service.pp
2 files changed, 114 insertions(+), 0 deletions(-)
Approvals:
Andrew Bogott: Looks good to me, approved
jenkins-bot: Verified
diff --git a/modules/openstack/files/liberty/virtscripts/makedomain
b/modules/openstack/files/liberty/virtscripts/makedomain
new file mode 100755
index 000..11c055b
--- /dev/null
+++ b/modules/openstack/files/liberty/virtscripts/makedomain
@@ -0,0 +1,106 @@
+#!/usr/bin/python
+#
+# THIS FILE IS MANAGED BY PUPPET
+# puppet:///modules/openstack/liberty/virtscripts/makedomain
+#
+"""
+makedomain is a tool for creating subdomains of existing designate domains.
+
+Designate forbids creation of a subdomain when the superdomain already exists
+as part of a different project. It does, however, support cross-project
+transfers of such domains.
+
+So, this is a helper script which creates domains in the wmflabsdotorg project,
+waits for them to become ACTIVE and then transfers them.
+
+Note that this only works with the keystone v2.0 API.
+
+"""
+
+import argparse
+import ldap
+import socket
+import subprocess
+import time
+import yaml
+
+from keystoneclient.auth.identity import generic
+from keystoneclient import session as keystone_session
+from designateclient.v2 import client
+
+def createdomain(url, user, password, project, domain, ttl=120):
+args = argparser.parse_args()
+
+auth = generic.Password(
+auth_url=url,
+username=user,
+password=password,
+tenant_name='wmflabsdotorg')
+
+createSession = keystone_session.Session(auth=auth)
+createClient = client.Client(session=createSession)
+
+auth = generic.Password(
+auth_url=url,
+username=user,
+password=password,
+tenant_name=args.project)
+
+targetSession = keystone_session.Session(auth=auth)
+targetClient = client.Client(session=targetSession)
+
+# Create the zone in the initial wmflabsdotorg project. This
+# is needed since wmflabs.org lives in that project and
+# designate prevents subdomain creation elsewhere.
+zone = createClient.zones.create(domain, email='r...@wmflabs.org', ttl=ttl)
+newzoneid = zone['id']
+status='PENDING'
+# Wait for the domain to actually exist before we transfer it
+while status == 'PENDING':
+zone = createClient.zones.get(domain)
+status = zone['status']
+time.sleep(2)
+
+transferRequest = createClient.zone_transfers.create_request(domain,
project)
+transferId = transferRequest['id']
+transferKey = transferRequest['key']
+
+transferConfirm = targetClient.zone_transfers.accept_request(transferId,
transferKey)
+
+if __name__ == "__main__":
+argparser = argparse.ArgumentParser('makesubdomain',
+description='''Create a subdomain of wmflabs.org in a project''')
+
+argparser.add_argument(
+'--designate-user',
+help='username for nova auth',
+default=os.environ.get('OS_USERNAME', None)
+)
+argparser.add_argument(
+'--designate-pass',
+help='password for nova auth',
+default=os.environ.get('OS_PASSWORD', None)
+)
+argparser.add_argument(
+'--keystone-url',
+help='url for keystone auth and catalog',
+default=os.environ.get('OS_AUTH_URL', None)
+)
+argparser.add_argument(
+'--project',
+help='project for domain creation',
+required=True,
+)
+argparser.add_argument(
+'--domain',
+help='project for domain creation',
+required=True,
+)
+
+args = argparser.parse_args()
+
+createdomain(args.keystone_url,
+args.designate_user,
+args.designate_pass,
+args.project,
+args.domain)
diff --git a/modules/openstack/manifests/horizon/service.pp
b/modules/openstack/manifests/horizon/service.pp
index dd8b6ca..159ac99 100644
--- a/modules/openstack/manifests/horizon/service.pp
+++ b/modules/openstack/manifests/horizon/service.pp
@@ -183,6 +183,14 @@
mode=> '0644',
}
+# Arbitrary handy script that needs to be on the horizon host because it
only works with Liberty
+file { '/root/makedomain':
+source =>
"puppet:///modules/openstack/${openstack_version}/virtscripts/makedomain",
+owner => 'root',
+group => 'root',
+mode=> '0644',
+}
+
apache::site { $webserver_hostname:
content =>
[MediaWiki-commits] [Gerrit] Add makedomain tool, for creation of domains in designate. - change (operations/puppet)
Andrew Bogott has uploaded a new change for review.
https://gerrit.wikimedia.org/r/277456
Change subject: Add makedomain tool, for creation of domains in designate.
..
Add makedomain tool, for creation of domains in designate.
Change-Id: I5c039b3ca369f60e1cd4e7d77c0388c51c8acaa2
---
A modules/openstack/files/liberty/virtscripts/makedomain
1 file changed, 103 insertions(+), 0 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/56/277456/1
diff --git a/modules/openstack/files/liberty/virtscripts/makedomain
b/modules/openstack/files/liberty/virtscripts/makedomain
new file mode 100755
index 000..0450c5f
--- /dev/null
+++ b/modules/openstack/files/liberty/virtscripts/makedomain
@@ -0,0 +1,103 @@
+#!/usr/bin/python
+#
+# THIS FILE IS MANAGED BY PUPPET
+# puppet:///modules/openstack/liverty/virtscripts/makedomain
+#
+"""
+makedomain is a tool for creating subdomains of existing designate domains.
+
+Designate forbids creation of a subdomain when the superdomain already exists
+as part of a different project. It does, however, support cross-project
+transfers of such domains.
+
+So, this is a helper script which creates domains in the wmflabsdotorg project,
+waits for them to become ACTIVE and then transfers them.
+
+"""
+
+import argparse
+import ldap
+import socket
+import subprocess
+import time
+import yaml
+
+from keystoneclient.auth.identity import generic
+from keystoneclient import session as keystone_session
+from designateclient.v2 import client
+
+def migrate(url, user, password, project, domain, ttl=120):
+args = argparser.parse_args()
+
+auth = generic.Password(
+auth_url=url,
+username=user,
+password=password,
+tenant_name='wmflabsdotorg')
+
+createSession = keystone_session.Session(auth=auth)
+createClient = client.Client(session=createSession)
+
+auth = generic.Password(
+auth_url=url,
+username=user,
+password=password,
+tenant_name=args.project)
+
+targetSession = keystone_session.Session(auth=auth)
+targetClient = client.Client(session=targetSession)
+
+# Create the zone in the initial wmflabsdotorg project. This
+# is needed since wmflabs.org lives in that project and
+# designate prevents subdomain creation elsewhere.
+zone = createClient.zones.create(domain, email='r...@wmflabs.org', ttl=ttl)
+newzoneid = zone['id']
+status='PENDING'
+# Wait for the domain to actually exist before we transfer it
+while status == 'PENDING':
+zone = createClient.zones.get(domain)
+status = zone['status']
+time.sleep(2)
+
+transferRequest = createClient.zone_transfers.create_request(domain,
project)
+transferId = transferRequest['id']
+transferKey = transferRequest['key']
+
+transferConfirm = targetClient.zone_transfers.accept_request(transferId,
transferKey)
+
+if __name__ == "__main__":
+argparser = argparse.ArgumentParser('makesubdomain',
+description='''Create a subdomain of wmflabs.org in a project''')
+argparser.add_argument(
+'--designate-user',
+help='username for nova auth',
+default='novaadmin'
+)
+argparser.add_argument(
+'--designate-pass',
+help='password for nova auth',
+required=True,
+)
+argparser.add_argument(
+'--keystone-url',
+help='url for keystone auth and catalog',
+default='http://labcontrol1001.wikimedia.org:35357/v2.0'
+)
+argparser.add_argument(
+'--project',
+help='project for domain creation',
+required=True,
+)
+argparser.add_argument(
+'--domain',
+help='project for domain creation',
+required=True,
+)
+
+args = argparser.parse_args()
+
+migrate(args.keystone_url,
+args.designate_user,
+args.designate_pass,
+args.project,
+args.domain)
--
To view, visit https://gerrit.wikimedia.org/r/277456
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I5c039b3ca369f60e1cd4e7d77c0388c51c8acaa2
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott
___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
