def get_signed_certs(self, list_of_hosts):
"""
Returns a list of all signed certs on this minion
"""
list_of_hosts = self.__listify(list_of_hosts)
cm = certmaster.CertMaster()
return cm.get_signed_certs()
def map_minions(self, get_only_alive=False):
"""
Builds a recursive map of the minions currently assigned to this
overlord
"""
maphash = {}
current_minions = []
if get_only_alive:
ping_results = fc.Overlord("*").test.ping()
for minion in ping_results.keys():
if ping_results[minion] == 1: #if minion is alive
current_minions.append(minion) #add it to the list
else:
cm = certmaster.CertMaster()
if cm == None: # this is minion only setup
return maphash
current_minions = cm.get_signed_certs()
for current_minion in current_minions:
if current_minion in func_utils.get_hostname_by_route():
maphash[current_minion] = {} #prevent infinite recursion
else:
next_hop = fc.Overlord(current_minion)
mapresults = next_hop.overlord.map_minions()[current_minion]
if not cm_utils.is_error(mapresults):
maphash[current_minion] = mapresults
else:
maphash[current_minion] = {}
return maphash
def get_hosts_to_sign(self, list_of_hosts):
"""
...
"""
list_of_hosts = self.__listify(list_of_hosts)
cm = certmaster.CertMaster()
return cm.get_csrs_waiting()
def cleanup_hosts(self, list_of_hosts):
"""
...
"""
list_of_hosts = self.__listify(list_of_hosts)
cm = certmaster.CertMaster()
for x in list_of_hosts:
cm.remove_this_cert(x)
return True
def sign_hosts(self, list_of_hosts):
"""
...
"""
list_of_hosts = self.__listify(list_of_hosts)
cm = certmaster.CertMaster()
for x in list_of_hosts:
cm.sign_this_csr(x)
return True
def copy_peer_cert(self, peer, certblob):
"""
Install certblob as the certificate for peer
"""
import func.minion.modules.copyfile as copyfile
cm = certmaster.CertMaster()
certname = '%s.%s' % (peer, cm.cfg.cert_extension)
path = os.path.join(cm.cfg.peerroot, certname)
cf = copyfile.CopyFile()
return cf.copyfile(path, certblob)
def remove_peer_certs(self, peers):
"""
Remove the peer certificates for each host in 'peers'
"""
cm = certmaster.CertMaster()
for p in peers:
certname = "%s.%s" % (p, cm.cfg.cert_extension)
certname = os.path.join(cm.cfg.peerroot, certname)
try:
os.unlink(certname)
except OSError:
# cert doesn't exist
pass
return True
def map_minions(self,get_only_alive=False):
"""
Builds a recursive map of the minions currently assigned to this
overlord
"""
maphash = {}
current_minions = []
if get_only_alive:
ping_results = fc.Overlord("*").test.ping()
for minion in ping_results.keys():
if ping_results[minion] == 1: #if minion is alive
current_minions.append(minion) #add it to the list of current minions
else:
cm = certmaster.CertMaster()
current_minions = cm.get_signed_certs()
for current_minion in current_minions:
maphash[current_minion] = fc.Overlord(current_minion).overlord.map_minions()[current_minion]
return maphash
def known_peers(self):
"""
Return a list of (host, sha) tuples for each known peer
Re-uses copyfile module for checksum.
"""
import func.minion.modules.copyfile as copyfile
cm = certmaster.CertMaster()
files = cm.get_peer_certs()
cf = copyfile.CopyFile()
results = []
for f in files:
hostname = os.path.basename(f)
hostname = hostname.replace('.' + cm.cfg.cert_extension, "")
digest = cf.checksum(f)
results.append((hostname, digest))
return results
def peering_enabled(self):
"""
Return config value for "peering"
"""
return certmaster.CertMaster().cfg.peering
def get_signed_certs(self):
"""
Returns a list of all signed certs on this minion
"""
cm = certmaster.CertMaster()
return cm.get_signed_certs()
def get_hosts_to_sign(self):
"""
...
"""
cm = certmaster.CertMaster()
return cm.get_csrs_waiting()