def render(self, session, dns_environment, comments, **arguments):
validate_basic("DNS environment", dns_environment)
DnsEnvironment.get_unique(session, dns_environment, preclude=True)
db_dnsenv = DnsEnvironment(name=dns_environment, comments=comments)
session.add(db_dnsenv)
session.flush()
return
def render(self, session, network_environment, dns_environment, comments,
**arguments):
validate_basic("network environment", network_environment)
NetworkEnvironment.get_unique(session,
network_environment,
preclude=True)
dbdns_env = DnsEnvironment.get_unique(session,
dns_environment,
compel=True)
# Currently input.xml lists --building only, but that may change
location = get_location(session, **arguments)
dbnet_env = NetworkEnvironment(name=network_environment,
dns_environment=dbdns_env,
location=location,
comments=comments)
if dbdns_env.is_default != dbnet_env.is_default:
raise ArgumentError("Only the default network environment may be "
"associated with the default DNS environment.")
session.add(dbnet_env)
session.flush()
return
def render(self, session, dns_environment, **arguments):
db_dnsenv = DnsEnvironment.get_unique(session, dns_environment,
compel=True)
if db_dnsenv.is_default:
raise ArgumentError("{0} is the default DNS environment, "
"therefore it cannot be deleted."
.format(db_dnsenv))
q = session.query(Fqdn)
q = q.filter_by(dns_environment=db_dnsenv)
if q.first():
raise ArgumentError("{0} is still in use by DNS records, and "
"cannot be deleted.".format(db_dnsenv))
q = session.query(RouterAddress)
q = q.filter_by(dns_environment=db_dnsenv)
if q.first():
raise ArgumentError("{0} is still in use by routers, and "
"cannot be deleted.".format(db_dnsenv))
q = session.query(AddressAssignment)
q = q.filter_by(dns_environment=db_dnsenv)
if q.first():
raise ArgumentError("{0} is still in use by address assignments, "
"and cannot be deleted.".format(db_dnsenv))
session.delete(db_dnsenv)
session.flush()
return
def get_net_dns_env(session, network_environment=None, dns_environment=None):
dbnet_env = NetworkEnvironment.get_unique_or_default(
session, network_environment)
if dns_environment:
dbdns_env = DnsEnvironment.get_unique(session,
dns_environment,
compel=True)
else:
dbdns_env = dbnet_env.dns_environment
return (dbnet_env, dbdns_env)
def get_net_dns_env(session, network_environment=None,
dns_environment=None):
dbnet_env = NetworkEnvironment.get_unique_or_default(session,
network_environment)
if dns_environment:
dbdns_env = DnsEnvironment.get_unique(session, dns_environment,
compel=True)
else:
dbdns_env = dbnet_env.dns_environment
return (dbnet_env, dbdns_env)
def render(self, session, network_environment, dns_environment, comments,
**arguments):
validate_nlist_key("network environment", network_environment)
NetworkEnvironment.get_unique(session, network_environment,
preclude=True)
dbdns_env = DnsEnvironment.get_unique(session, dns_environment,
compel=True)
# Currently input.xml lists --building only, but that may change
location = get_location(session, **arguments)
dbnet_env = NetworkEnvironment(name=network_environment,
dns_environment=dbdns_env,
location=location, comments=comments)
if dbdns_env.is_default != dbnet_env.is_default:
raise ArgumentError("Only the default network environment may be "
"associated with the default DNS environment.")
session.add(dbnet_env)
session.flush()
return
def render(self, session, dns_environment, **arguments):
return DnsEnvironment.get_unique(session, dns_environment, compel=True, query_options=[undefer("comments")])
def render(self, session, logger, fqdn, ip, dns_environment, network_environment, **arguments):
if network_environment:
if not isinstance(network_environment, NetworkEnvironment):
network_environment = NetworkEnvironment.get_unique_or_default(session,
network_environment)
if not dns_environment:
dns_environment = network_environment.dns_environment
dbdns_env = DnsEnvironment.get_unique(session, dns_environment,
compel=True)
with DeleteKey("system", logger=logger):
# We can't use get_unique() here, since we always want to filter by
# DNS environment, even if no FQDN was given
q = session.query(ARecord)
if ip:
q = q.filter_by(ip=ip)
q = q.join(ARecord.fqdn)
q = q.options(contains_eager('fqdn'))
q = q.filter_by(dns_environment=dbdns_env)
if fqdn:
(name, dbdns_domain) = parse_fqdn(session, fqdn)
q = q.filter_by(name=name)
q = q.filter_by(dns_domain=dbdns_domain)
try:
dbaddress = q.one()
except NoResultFound:
parts = []
if fqdn:
parts.append(fqdn)
if ip:
parts.append("ip %s" % ip)
raise NotFoundException("DNS Record %s not found." %
", ".join(parts))
except MultipleResultsFound:
parts = []
if fqdn:
parts.append(fqdn)
if ip:
parts.append("ip %s" % ip)
raise NotFoundException("DNS Record %s is not unique." %
", ".join(parts))
if dbaddress.hardware_entity:
raise ArgumentError("DNS Record {0:a} is the primary name of "
"{1:l}, therefore it cannot be "
"deleted.".format(dbaddress,
dbaddress.hardware_entity))
if dbaddress.service_address:
# TODO: print the holder object
raise ArgumentError("DNS Record {0:a} is used as a service "
"address, therefore it cannot be deleted."
.format(dbaddress))
# Do not allow deleting the DNS record if the IP address is still in
# use - except if there are other DNS records having the same
# address
if dbaddress.assignments:
last_use = []
# FIXME: race condition here, we should use
# SELECT ... FOR UPDATE
for addr in dbaddress.assignments:
if len(addr.dns_records) == 1:
last_use.append(addr)
if last_use:
users = " ,".join([format(addr.interface, "l") for addr in
last_use])
raise ArgumentError("IP address %s is still in use by %s." %
(ip, users))
ip = dbaddress.ip
old_fqdn = str(dbaddress.fqdn)
old_comments = dbaddress.comments
delete_dns_record(dbaddress)
session.flush()
if dbdns_env.is_default:
dsdb_runner = DSDBRunner(logger=logger)
dsdb_runner.delete_host_details(old_fqdn, ip,
comments=old_comments)
dsdb_runner.commit_or_rollback()
return
def grab_address(session,
fqdn,
ip,
network_environment=None,
dns_environment=None,
comments=None,
allow_restricted_domain=False,
allow_multi=False,
allow_reserved=False,
relaxed=False,
preclude=False):
"""
Take ownership of an address.
This is a bit complicated because due to DNS propagation delays, we want to
allow users to pre-define a DNS address and then assign the address to a
host later.
Parameters:
session: SQLA session handle
fqdn: the name to allocate/take over
ip: the IP address to allocate/take over
network_environment: where the IP address lives
dns_enviromnent: where the FQDN lives
comments: any comments to attach to the DNS record if it is created as new
allow_restricted_domain: if True, adding entries to restricted DNS
domains is allowed, otherwise it is denied. Default is False.
allow_multi: if True, allow the same FQDN to be added multiple times with
different IP addresses. Deault is False.
allow_reserved: if True, allow creating a ReservedName instead of an
ARecord if no IP address was specified. Default is False.
preclude: if True, forbid taking over an existing DNS record, even if it
is not referenced by any AddressAssignment records. Default is
False.
"""
if not isinstance(network_environment, NetworkEnvironment):
network_environment = NetworkEnvironment.get_unique_or_default(
session, network_environment)
if not dns_environment:
dns_environment = network_environment.dns_environment
elif not isinstance(dns_environment, DnsEnvironment):
dns_environment = DnsEnvironment.get_unique(session,
dns_environment,
compel=True)
# Non-default DNS environments may contain anything, but we want to keep
# the internal environment clean
if dns_environment.is_default and not network_environment.is_default:
raise ArgumentError("Entering external IP addresses to the "
"internal DNS environment is not allowed.")
short, dbdns_domain = parse_fqdn(session, fqdn)
# Lock the domain to prevent adding/deleting records while we're checking
# FQDN etc. availability
dbdns_domain.lock_row()
if dbdns_domain.restricted and not allow_restricted_domain:
raise ArgumentError("{0} is restricted, adding extra addresses "
"is not allowed.".format(dbdns_domain))
dbfqdn = Fqdn.get_or_create(session,
dns_environment=dns_environment,
name=short,
dns_domain=dbdns_domain,
query_options=[joinedload('dns_records')])
existing_record = None
newly_created = False
if ip:
dbnetwork = get_net_id_from_ip(session, ip, network_environment)
check_ip_restrictions(dbnetwork, ip, relaxed=relaxed)
dbnetwork.lock_row()
# No filtering on DNS environment. If an address is dynamic in one
# environment, it should not be considered static in a different
# environment.
q = session.query(DynamicStub)
q = q.filter_by(network=dbnetwork)
q = q.filter_by(ip=ip)
dbdns_rec = q.first()
_forbid_dyndns(dbdns_rec)
# Verify that no other record uses the same IP address, this time taking
# the DNS environemt into consideration.
# While the DNS would allow different A records to point to the same IP
# address, the current user expectation is that creating a DNS entry
# also counts as a reservation, so we can not allow this use case. If we
# want to implement such a feature later, the best way would be to
# subclass Alias and let that subclass emit an A record instead of a
# CNAME when the dump_dns command is called.
q = session.query(ARecord)
q = q.filter_by(network=dbnetwork)
q = q.filter_by(ip=ip)
q = q.join(ARecord.fqdn)
q = q.filter_by(dns_environment=dns_environment)
dbrecords = q.all()
if dbrecords and len(dbrecords) > 1: # pragma: no cover
# We're just trying to make sure this never happens
raise AquilonError(
"IP address %s is referenced by multiple "
"DNS records: %s" %
(ip, ", ".join([format(rec, "a") for rec in dbrecords])))
if dbrecords and dbrecords[0].fqdn != dbfqdn:
raise ArgumentError(
"IP address {0} is already in use by {1:l}.".format(
ip, dbrecords[0]))
# Check if the name is used already
for dbdns_rec in dbfqdn.dns_records:
if isinstance(dbdns_rec, ARecord):
_forbid_dyndns(dbdns_rec)
_check_netenv_compat(dbdns_rec, network_environment)
if dbdns_rec.ip == ip and dbdns_rec.network == dbnetwork:
existing_record = dbdns_rec
elif not allow_multi:
raise ArgumentError(
"{0} points to a different IP address.".format(
dbdns_rec))
elif isinstance(dbdns_rec, ReservedName):
existing_record = convert_reserved_to_arecord(
session, dbdns_rec, dbnetwork, ip)
newly_created = True
else:
# Exclude aliases etc.
raise ArgumentError(
"{0} cannot be used for address assignment.".format(
dbdns_rec))
if not existing_record:
existing_record = ARecord(fqdn=dbfqdn,
ip=ip,
network=dbnetwork,
comments=comments)
session.add(existing_record)
newly_created = True
else:
if not dbfqdn.dns_records:
# There's no IP, and the name did not exist before. Create a
# reservation, but only if the caller allowed that use case.
if not allow_reserved:
raise ArgumentError("DNS Record %s does not exist." % dbfqdn)
existing_record = ReservedName(fqdn=dbfqdn, comments=comments)
newly_created = True
else:
# There's no IP, but the name is already in use. We need a single IP
# address.
if len(dbfqdn.dns_records) > 1:
raise ArgumentError(
"{0} does not resolve to a single IP address.".format(
dbfqdn))
existing_record = dbfqdn.dns_records[0]
_forbid_dyndns(existing_record)
if not isinstance(existing_record, ARecord):
# Exclude aliases etc.
raise ArgumentError(
"{0} cannot be used for address assignment.".format(
existing_record))
# Verify that the existing record is in the network environment the
# caller expects
_check_netenv_compat(existing_record, network_environment)
ip = existing_record.ip
dbnetwork = existing_record.network
dbnetwork.lock_row()
if existing_record.hardware_entity:
raise ArgumentError(
"{0} is already used as the primary name of {1:cl} "
"{1.label}.".format(existing_record,
existing_record.hardware_entity))
if preclude and not newly_created:
raise ArgumentError("{0} already exists.".format(existing_record))
if ip:
q = session.query(AddressAssignment)
q = q.filter_by(network=dbnetwork)
q = q.filter_by(ip=ip)
addr = q.first()
if addr:
raise ArgumentError("IP address {0} is already in use by "
"{1:l}.".format(ip, addr.interface))
return (existing_record, newly_created)
def setup():
dmn = DnsDomain.get_unique(sess, DNS_DOMAIN_NAME, compel=True)
assert isinstance(dmn, DnsDomain), 'No ms.com domain in %s' % func_name()
intrnl = DnsEnvironment.get_unique(sess, DNS_ENV, compel=True)
assert isinstance(dmn, DnsDomain), 'No internal env in %s' % func_name()
def render(self, session, dns_environment, **arguments):
return DnsEnvironment.get_unique(session,
dns_environment,
compel=True,
query_options=[undefer("comments")])
def grab_address(session, fqdn, ip, network_environment=None,
dns_environment=None, comments=None,
allow_restricted_domain=False, allow_multi=False,
allow_reserved=False, relaxed=False, preclude=False):
"""
Take ownership of an address.
This is a bit complicated because due to DNS propagation delays, we want to
allow users to pre-define a DNS address and then assign the address to a
host later.
Parameters:
session: SQLA session handle
fqdn: the name to allocate/take over
ip: the IP address to allocate/take over
network_environment: where the IP address lives
dns_enviromnent: where the FQDN lives
comments: any comments to attach to the DNS record if it is created as new
allow_restricted_domain: if True, adding entries to restricted DNS
domains is allowed, otherwise it is denied. Default is False.
allow_multi: if True, allow the same FQDN to be added multiple times with
different IP addresses. Deault is False.
allow_reserved: if True, allow creating a ReservedName instead of an
ARecord if no IP address was specified. Default is False.
preclude: if True, forbid taking over an existing DNS record, even if it
is not referenced by any AddressAssignment records. Default is
False.
"""
if not isinstance(network_environment, NetworkEnvironment):
network_environment = NetworkEnvironment.get_unique_or_default(session,
network_environment)
if not dns_environment:
dns_environment = network_environment.dns_environment
elif not isinstance(dns_environment, DnsEnvironment):
dns_environment = DnsEnvironment.get_unique(session, dns_environment,
compel=True)
# Non-default DNS environments may contain anything, but we want to keep
# the internal environment clean
if dns_environment.is_default and not network_environment.is_default:
raise ArgumentError("Entering external IP addresses to the "
"internal DNS environment is not allowed.")
short, dbdns_domain = parse_fqdn(session, fqdn)
# Lock the domain to prevent adding/deleting records while we're checking
# FQDN etc. availability
dbdns_domain.lock_row()
if dbdns_domain.restricted and not allow_restricted_domain:
raise ArgumentError("{0} is restricted, adding extra addresses "
"is not allowed.".format(dbdns_domain))
dbfqdn = Fqdn.get_or_create(session, dns_environment=dns_environment,
name=short, dns_domain=dbdns_domain,
query_options=[joinedload('dns_records')])
existing_record = None
newly_created = False
if ip:
dbnetwork = get_net_id_from_ip(session, ip, network_environment)
check_ip_restrictions(dbnetwork, ip, relaxed=relaxed)
dbnetwork.lock_row()
# No filtering on DNS environment. If an address is dynamic in one
# environment, it should not be considered static in a different
# environment.
q = session.query(DynamicStub)
q = q.filter_by(network=dbnetwork)
q = q.filter_by(ip=ip)
dbdns_rec = q.first()
_forbid_dyndns(dbdns_rec)
# Verify that no other record uses the same IP address, this time taking
# the DNS environemt into consideration.
# While the DNS would allow different A records to point to the same IP
# address, the current user expectation is that creating a DNS entry
# also counts as a reservation, so we can not allow this use case. If we
# want to implement such a feature later, the best way would be to
# subclass Alias and let that subclass emit an A record instead of a
# CNAME when the dump_dns command is called.
q = session.query(ARecord)
q = q.filter_by(network=dbnetwork)
q = q.filter_by(ip=ip)
q = q.join(ARecord.fqdn)
q = q.filter_by(dns_environment=dns_environment)
dbrecords = q.all()
if dbrecords and len(dbrecords) > 1: # pragma: no cover
# We're just trying to make sure this never happens
raise AquilonError("IP address %s is referenced by multiple "
"DNS records: %s" %
(ip, ", ".join([format(rec, "a")
for rec in dbrecords])))
if dbrecords and dbrecords[0].fqdn != dbfqdn:
raise ArgumentError("IP address {0} is already in use by {1:l}."
.format(ip, dbrecords[0]))
# Check if the name is used already
for dbdns_rec in dbfqdn.dns_records:
if isinstance(dbdns_rec, ARecord):
_forbid_dyndns(dbdns_rec)
_check_netenv_compat(dbdns_rec, network_environment)
if dbdns_rec.ip == ip and dbdns_rec.network == dbnetwork:
existing_record = dbdns_rec
elif not allow_multi:
raise ArgumentError("{0} points to a different IP address."
.format(dbdns_rec))
elif isinstance(dbdns_rec, ReservedName):
existing_record = convert_reserved_to_arecord(session,
dbdns_rec,
dbnetwork, ip)
newly_created = True
else:
# Exclude aliases etc.
raise ArgumentError("{0} cannot be used for address assignment."
.format(dbdns_rec))
if not existing_record:
existing_record = ARecord(fqdn=dbfqdn, ip=ip, network=dbnetwork,
comments=comments)
session.add(existing_record)
newly_created = True
else:
if not dbfqdn.dns_records:
# There's no IP, and the name did not exist before. Create a
# reservation, but only if the caller allowed that use case.
if not allow_reserved:
raise ArgumentError("DNS Record %s does not exist." % dbfqdn)
existing_record = ReservedName(fqdn=dbfqdn, comments=comments)
newly_created = True
else:
# There's no IP, but the name is already in use. We need a single IP
# address.
if len(dbfqdn.dns_records) > 1:
raise ArgumentError("{0} does not resolve to a single IP address."
.format(dbfqdn))
existing_record = dbfqdn.dns_records[0]
_forbid_dyndns(existing_record)
if not isinstance(existing_record, ARecord):
# Exclude aliases etc.
raise ArgumentError("{0} cannot be used for address assignment."
.format(existing_record))
# Verify that the existing record is in the network environment the
# caller expects
_check_netenv_compat(existing_record, network_environment)
ip = existing_record.ip
dbnetwork = existing_record.network
dbnetwork.lock_row()
if existing_record.hardware_entity:
raise ArgumentError("{0} is already used as the primary name of {1:cl} "
"{1.label}.".format(existing_record,
existing_record.hardware_entity))
if preclude and not newly_created:
raise ArgumentError("{0} already exists.".format(existing_record))
if ip:
q = session.query(AddressAssignment)
q = q.filter_by(network=dbnetwork)
q = q.filter_by(ip=ip)
addr = q.first()
if addr:
raise ArgumentError("IP address {0} is already in use by "
"{1:l}.".format(ip, addr.interface))
return (existing_record, newly_created)
def setup():
dmn = DnsDomain.get_unique(sess, DNS_DOMAIN_NAME, compel=True)
assert isinstance(dmn, DnsDomain), 'No ms.com domain in %s' % func_name()
intrnl = DnsEnvironment.get_unique(sess, DNS_ENV, compel=True)
assert isinstance(dmn, DnsDomain), 'No internal env in %s' % func_name()
