Hi, this patch implements the single command replica promotion&enrollment for #5310.
Tomas https://fedorahosted.org/freeipa/ticket/5310
From 8dbb1f420533793f20160b7927e4a1e4d2bd9611 Mon Sep 17 00:00:00 2001 From: Tomas Babej <tba...@redhat.com> Date: Mon, 23 Nov 2015 12:46:15 +0100 Subject: [PATCH] replicainstall: Add possiblity to install client in one command https://fedorahosted.org/freeipa/ticket/5310 --- ipaserver/install/server/replicainstall.py | 70 +++++++++++++++++++++++++++--- 1 file changed, 65 insertions(+), 5 deletions(-) diff --git a/ipaserver/install/server/replicainstall.py b/ipaserver/install/server/replicainstall.py index 5ce9eb7092b5349cc9db13b465b3d5b033538ab6..0ef8380b33ff0f58ecd2f0d2a37489ee8376614f 100644 --- a/ipaserver/install/server/replicainstall.py +++ b/ipaserver/install/server/replicainstall.py @@ -755,6 +755,50 @@ def install(installer): @common_cleanup +def ensure_enrolled(installer): + config = installer._config + + # Perform only if we have the necessary options + if not any([installer.principal and installer.admin_password, + installer.keytab]): + return + + # Call client install script + service.print_msg("Configuring client side components") + try: + args = [paths.IPA_CLIENT_INSTALL, "--unattended"] + if installer.domain_name: + args.extend(["--domain", installer.domain_name]) + if installer.server_name: + args.extend(["--server", installer.server_name]) + if installer.realm_name: + args.extend(["--realm", installer.realm_name]) + if installer.host_name: + args.extend(["--hostname", installer.host_name]) + + if installer.principal: + args.extend(["--principal", installer.principal]) + if installer.admin_password: + args.extend(["--password", installer.admin_password]) + if installer.keytab: + args.extend(["--keytab", installer.keytab]) + + if installer.no_dns_sshfp: + args.append("--no-dns-sshfp") + if installer.ssh_trust_dns: + args.append("--ssh-trust-dns") + if installer.no_ssh: + args.append("--no-ssh") + if installer.no_sshd: + args.append("--no-sshd") + if installer.mkhomedir: + args.append("--mkhomedir") + ipautil.run(args) + except Exception as e: + sys.exit("Configuration of client side components failed!\n" + "ipa-client-install returned: " + str(e)) + +@common_cleanup def promote_check(installer): options = installer @@ -1112,9 +1156,6 @@ class Replica(BaseServer): description="a file generated by ipa-replica-prepare", ) - realm_name = None - domain_name = None - setup_ca = Knob(BaseServer.setup_ca) setup_kra = Knob(BaseServer.setup_kra) setup_dns = Knob(BaseServer.setup_dns) @@ -1138,8 +1179,19 @@ class Replica(BaseServer): cli_short_name='w', ) + server_name = Knob( + str, None, + description="fully qualified name of IPA server to enrooll to", + cli_name='server', + ) + + host_name = Knob( + str, None, + description="fully qualified name of this host", + cli_name='hostname', + ) + mkhomedir = Knob(BaseServer.mkhomedir) - host_name = None no_host_dns = Knob(BaseServer.no_host_dns) no_ntp = Knob(BaseServer.no_ntp) no_pkinit = Knob(BaseServer.no_pkinit) @@ -1157,10 +1209,17 @@ class Replica(BaseServer): principal = Knob( str, None, sensitive=True, - description="User Principal allowed to promote replicas", + description="User Principal allowed to promote replicas " + "and join IPA realm", cli_short_name='P', ) + keytab = Knob( + str, None, + description="path to backed up keytab from previous enrollment", + cli_name='keytab', + ) + promote = False # ca @@ -1213,6 +1272,7 @@ class Replica(BaseServer): @step() def main(self): if self.promote: + ensure_enrolled(self) promote_check(self) yield promote(self) -- 2.5.0
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code