def run_ssh():
try:
crm_script.service('sshd', 'start')
rc, _, _ = crm_script.sudo_call(
["mkdir", "-m", "700", "-p", "/root/.ssh"])
if rc != 0:
crm_script.exit_fail("Failed to create /root/.ssh directory")
keypath = None
for key in ('id_rsa', 'id_dsa', 'id_ecdsa'):
if os.path.exists(os.path.join('/root/.ssh', key)):
keypath = os.path.join('/root/.ssh', key)
break
if not keypath:
keypath = os.path.join('/root/.ssh', 'id_rsa')
keygen = [
'ssh-keygen', '-q', '-f', keypath, '-C', 'Cluster Internal',
'-N', ''
]
rc, out, err = crm_script.sudo_call(keygen)
if rc != 0:
crm_script.exit_fail("Failed to generate SSH key")
_authorize_key(keypath)
crm_script.exit_ok(True)
except IOError, e:
crm_script.exit_fail(str(e))
def configure_firewall():
_SUSE_FW_TEMPLATE = """## Name: HAE cluster ports
## Description: opens ports for HAE cluster services
TCP="%(tcp)s"
UDP="%(udp)s"
"""
corosync_mcastport = crm_script.param('mcastport')
if not corosync_mcastport:
rc, out, err = crm_script.call(['crm', 'corosync', 'get', 'totem.interface.mcastport'])
if rc == 0:
corosync_mcastport = out.strip()
FW = '/etc/sysconfig/SuSEfirewall2'
FW_CLUSTER = '/etc/sysconfig/SuSEfirewall2.d/services/cluster'
tcp_ports = '30865 5560 7630 21064'
udp_ports = '%s %s' % (corosync_mcastport, int(corosync_mcastport) - 1)
if is_service_enabled('SuSEfirewall2'):
if os.path.isfile(FW_CLUSTER):
tmpl = open(FW_CLUSTER).read()
tmpl = re.sub(r'^TCP="(.*)"', 'TCP="%s"' % (tcp_ports), tmpl, flags=re.M)
tmpl = re.sub(r'^UDP="(.*)"', 'UDP="%s"' % (udp_ports), tmpl, flags=re.M)
with open(FW_CLUSTER, 'w') as f:
f.write(tmpl)
elif os.path.isdir(os.path.dirname(FW_CLUSTER)):
with open(FW_CLUSTER, 'w') as fwc:
fwc.write(_SUSE_FW_TEMPLATE % {'tcp': tcp_ports,
'udp': udp_ports})
else:
# neither the cluster file nor the services
# directory exists
crm_script.exit_fail("SUSE firewall is configured but %s does not exist" %
os.path.dirname(FW_CLUSTER))
# add cluster to FW_CONFIGURATIONS_EXT
if os.path.isfile(FW):
txt = open(FW).read()
m = re.search(r'^FW_CONFIGURATIONS_EXT="(.*)"', txt, re.M)
if m:
services = m.group(1).split()
if 'cluster' not in services:
services.append('cluster')
txt = re.sub(r'^FW_CONFIGURATIONS_EXT="(.*)"',
r'FW_CONFIGURATIONS_EXT="%s"' % (' '.join(services)),
txt,
flags=re.M)
else:
txt += '\nFW_CONFIGURATIONS_EXT="cluster"'
with open(FW, 'w') as fw:
fw.write(txt)
if is_service_active('SuSEfirewall2'):
crm_script.service('SuSEfirewall2', 'restart')
def configure_firewall():
_SUSE_FW_TEMPLATE = """## Name: HAE cluster ports
## Description: opens ports for HAE cluster services
TCP="%(tcp)s"
UDP="%(udp)s"
"""
corosync_mcastport = crm_script.param('mcastport')
if not corosync_mcastport:
rc, out, err = crm_script.call(['crm', 'corosync', 'get', 'totem.interface.mcastport'])
if rc == 0:
corosync_mcastport = out.strip()
FW = '/etc/sysconfig/SuSEfirewall2'
FW_CLUSTER = '/etc/sysconfig/SuSEfirewall2.d/services/cluster'
tcp_ports = '30865 5560 7630 21064'
udp_ports = '%s %s' % (corosync_mcastport, int(corosync_mcastport) - 1)
if is_service_enabled('SuSEfirewall2'):
if os.path.isfile(FW_CLUSTER):
tmpl = open(FW_CLUSTER).read()
tmpl = re.sub(r'^TCP="(.*)"', 'TCP="%s"' % (tcp_ports), tmpl, flags=re.M)
tmpl = re.sub(r'^UDP="(.*)"', 'UDP="%s"' % (udp_ports), tmpl, flags=re.M)
with open(FW_CLUSTER, 'w') as f:
f.write(tmpl)
elif os.path.isdir(os.path.dirname(FW_CLUSTER)):
with open(FW_CLUSTER, 'w') as fwc:
fwc.write(_SUSE_FW_TEMPLATE % {'tcp': tcp_ports,
'udp': udp_ports})
else:
# neither the cluster file nor the services
# directory exists
crm_script.exit_fail("SUSE firewall is configured but %s does not exist" %
os.path.dirname(FW_CLUSTER))
# add cluster to FW_CONFIGURATIONS_EXT
if os.path.isfile(FW):
txt = open(FW).read()
m = re.search(r'^FW_CONFIGURATIONS_EXT="(.*)"', txt, re.M)
if m:
services = m.group(1).split()
if 'cluster' not in services:
services.append('cluster')
txt = re.sub(r'^FW_CONFIGURATIONS_EXT="(.*)"',
r'FW_CONFIGURATIONS_EXT="%s"' % (' '.join(services)),
txt,
flags=re.M)
else:
txt += '\nFW_CONFIGURATIONS_EXT="cluster"'
with open(FW, 'w') as fw:
fw.write(txt)
if is_service_active('SuSEfirewall2'):
crm_script.service('SuSEfirewall2', 'restart')
def run_collect():
if host not in add_nodes:
crm_script.exit_ok(host)
rc, out, err = crm_script.service('pacemaker', 'is-active')
if rc == 0 and out.strip() == 'active':
crm_script.exit_fail("Pacemaker already running on %s" % (host))
crm_script.exit_ok(crm_init.info())
def run_collect():
if host not in add_nodes:
crm_script.exit_ok(host)
rc, out, err = crm_script.service('pacemaker', 'is-active')
if rc == 0 and out.strip() == 'active':
crm_script.exit_fail("Pacemaker already running on %s" % (host))
crm_script.exit_ok(crm_init.info())
def run_ssh():
try:
crm_script.service('sshd', 'start')
rc, _, _ = crm_script.sudo_call(["mkdir", "-m", "700", "-p", "/root/.ssh"])
if rc != 0:
crm_script.exit_fail("Failed to create /root/.ssh directory")
keypath = None
for key in ('id_rsa', 'id_dsa', 'id_ecdsa'):
if os.path.exists(os.path.join('/root/.ssh', key)):
keypath = os.path.join('/root/.ssh', key)
break
if not keypath:
keypath = os.path.join('/root/.ssh', 'id_rsa')
keygen = ['ssh-keygen', '-q', '-f', keypath,
'-C', 'Cluster Internal', '-N', '']
rc, out, err = crm_script.sudo_call(keygen)
if rc != 0:
crm_script.exit_fail("Failed to generate SSH key")
_authorize_key(keypath)
crm_script.exit_ok(True)
except IOError, e:
crm_script.exit_fail(str(e))
