def run_ssh(): try: crm_script.service('sshd', 'start') rc, _, _ = crm_script.sudo_call( ["mkdir", "-m", "700", "-p", "/root/.ssh"]) if rc != 0: crm_script.exit_fail("Failed to create /root/.ssh directory") keypath = None for key in ('id_rsa', 'id_dsa', 'id_ecdsa'): if os.path.exists(os.path.join('/root/.ssh', key)): keypath = os.path.join('/root/.ssh', key) break if not keypath: keypath = os.path.join('/root/.ssh', 'id_rsa') keygen = [ 'ssh-keygen', '-q', '-f', keypath, '-C', 'Cluster Internal', '-N', '' ] rc, out, err = crm_script.sudo_call(keygen) if rc != 0: crm_script.exit_fail("Failed to generate SSH key") _authorize_key(keypath) crm_script.exit_ok(True) except IOError, e: crm_script.exit_fail(str(e))
def configure_firewall(): _SUSE_FW_TEMPLATE = """## Name: HAE cluster ports ## Description: opens ports for HAE cluster services TCP="%(tcp)s" UDP="%(udp)s" """ corosync_mcastport = crm_script.param('mcastport') if not corosync_mcastport: rc, out, err = crm_script.call(['crm', 'corosync', 'get', 'totem.interface.mcastport']) if rc == 0: corosync_mcastport = out.strip() FW = '/etc/sysconfig/SuSEfirewall2' FW_CLUSTER = '/etc/sysconfig/SuSEfirewall2.d/services/cluster' tcp_ports = '30865 5560 7630 21064' udp_ports = '%s %s' % (corosync_mcastport, int(corosync_mcastport) - 1) if is_service_enabled('SuSEfirewall2'): if os.path.isfile(FW_CLUSTER): tmpl = open(FW_CLUSTER).read() tmpl = re.sub(r'^TCP="(.*)"', 'TCP="%s"' % (tcp_ports), tmpl, flags=re.M) tmpl = re.sub(r'^UDP="(.*)"', 'UDP="%s"' % (udp_ports), tmpl, flags=re.M) with open(FW_CLUSTER, 'w') as f: f.write(tmpl) elif os.path.isdir(os.path.dirname(FW_CLUSTER)): with open(FW_CLUSTER, 'w') as fwc: fwc.write(_SUSE_FW_TEMPLATE % {'tcp': tcp_ports, 'udp': udp_ports}) else: # neither the cluster file nor the services # directory exists crm_script.exit_fail("SUSE firewall is configured but %s does not exist" % os.path.dirname(FW_CLUSTER)) # add cluster to FW_CONFIGURATIONS_EXT if os.path.isfile(FW): txt = open(FW).read() m = re.search(r'^FW_CONFIGURATIONS_EXT="(.*)"', txt, re.M) if m: services = m.group(1).split() if 'cluster' not in services: services.append('cluster') txt = re.sub(r'^FW_CONFIGURATIONS_EXT="(.*)"', r'FW_CONFIGURATIONS_EXT="%s"' % (' '.join(services)), txt, flags=re.M) else: txt += '\nFW_CONFIGURATIONS_EXT="cluster"' with open(FW, 'w') as fw: fw.write(txt) if is_service_active('SuSEfirewall2'): crm_script.service('SuSEfirewall2', 'restart')
def run_collect(): if host not in add_nodes: crm_script.exit_ok(host) rc, out, err = crm_script.service('pacemaker', 'is-active') if rc == 0 and out.strip() == 'active': crm_script.exit_fail("Pacemaker already running on %s" % (host)) crm_script.exit_ok(crm_init.info())
def run_ssh(): try: crm_script.service('sshd', 'start') rc, _, _ = crm_script.sudo_call(["mkdir", "-m", "700", "-p", "/root/.ssh"]) if rc != 0: crm_script.exit_fail("Failed to create /root/.ssh directory") keypath = None for key in ('id_rsa', 'id_dsa', 'id_ecdsa'): if os.path.exists(os.path.join('/root/.ssh', key)): keypath = os.path.join('/root/.ssh', key) break if not keypath: keypath = os.path.join('/root/.ssh', 'id_rsa') keygen = ['ssh-keygen', '-q', '-f', keypath, '-C', 'Cluster Internal', '-N', ''] rc, out, err = crm_script.sudo_call(keygen) if rc != 0: crm_script.exit_fail("Failed to generate SSH key") _authorize_key(keypath) crm_script.exit_ok(True) except IOError, e: crm_script.exit_fail(str(e))