Andrew Bogott has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/360996 )
Change subject: wmf_sink: Forward some changes to mitaka
......................................................................
wmf_sink: Forward some changes to mitaka
Change-Id: I358c88a84f51b078056498190419a135eb8f5085
---
M modules/openstack/files/mitaka/designate/wmf_sink/base.py
M modules/openstack/files/mitaka/designate/wmf_sink/wmfsink.py
2 files changed, 54 insertions(+), 14 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/96/360996/1
diff --git a/modules/openstack/files/mitaka/designate/wmf_sink/base.py
b/modules/openstack/files/mitaka/designate/wmf_sink/base.py
index 31273f3..74bd577 100644
--- a/modules/openstack/files/mitaka/designate/wmf_sink/base.py
+++ b/modules/openstack/files/mitaka/designate/wmf_sink/base.py
@@ -51,26 +51,26 @@
event_data = data.copy()
+ fqdn = cfg.CONF[self.name].fqdn_format % event_data
+ fqdn = fqdn.rstrip('.').encode('utf8')
+
# Clean salt and puppet keys for deleted instance
- if (cfg.CONF[self.name].puppet_key_format and
- cfg.CONF[self.name].puppet_master_host):
- puppetkey = cfg.CONF[self.name].puppet_key_format % event_data
- puppetkey = puppetkey.rstrip('.').encode('utf8')
- LOG.debug('Cleaning puppet key %s' % puppetkey)
+ if cfg.CONF[self.name].puppet_master_host:
+ LOG.debug('Cleaning puppet key %s' % fqdn)
self._run_remote_command(cfg.CONF[self.name].puppet_master_host,
cfg.CONF[self.name].certmanager_user,
'sudo puppet cert clean %s' %
- pipes.quote(puppetkey))
+ pipes.quote(fqdn))
- if (cfg.CONF[self.name].salt_key_format and
- cfg.CONF[self.name].salt_master_host):
- saltkey = cfg.CONF[self.name].salt_key_format % event_data
- saltkey = saltkey.rstrip('.').encode('utf8')
- LOG.debug('Cleaning salt key %s' % saltkey)
+ if cfg.CONF[self.name].salt_master_host:
+ LOG.debug('Cleaning salt key %s' % fqdn)
self._run_remote_command(cfg.CONF[self.name].salt_master_host,
cfg.CONF[self.name].certmanager_user,
'sudo salt-key -y -d %s' %
- pipes.quote(saltkey))
+ pipes.quote(fqdn))
+
+ # Clean up the puppet config for this instance, if there is one
+ self._delete_puppet_config(data['tenant_id'], fqdn)
# Finally, delete any proxy records pointing to this instance.
#
@@ -115,6 +115,15 @@
return False
return True
+ def _delete_puppet_config(self, projectid, fqdn):
+ endpoint = cfg.CONF[self.name].puppet_config_backend
+ url = "%s/%s/prefix/%s" % (endpoint, projectid, fqdn)
+ try:
+ requests.delete(url, verify=False)
+ except requests.exceptions.ConnectionError:
+ # No prefix, no problem!
+ pass
+
def _delete_proxies_for_ip(self, project, ip):
project_proxies = self._get_proxy_list_for_project(project)
for proxy in project_proxies:
@@ -131,6 +140,37 @@
req = requests.delete(requrl + '/mapping/' + domain)
req.raise_for_status()
+ LOG.warning("We also need to delete the dns entry for %s" %
proxy)
+ self._delete_proxy_dns_record(proxy['domain'])
+
+ def _delete_proxy_dns_record(self, proxydomain):
+ if not proxydomain.endswith('.'):
+ proxydomain += '.'
+ context = DesignateContext().elevated()
+ context.all_tenants = True
+ context.edit_managed_records = True
+
+ parentdomain = '.'.join(proxydomain.split('.')[1:])
+ crit = {'name': parentdomain}
+
+ domainrecords = central_api.find_domains(context, crit)
+ if len(domainrecords) != 1:
+ LOG.warning("Unable to clean up this DNS proxy record. "
+ "Looked for domain %s and found %s" % (parentdomain,
+ domainrecords))
+ return
+
+ crit = {'domain_id': domainrecords[0].id, 'name': proxydomain}
+ recordsets = central_api.find_recordsets(context, crit)
+ if len(recordsets) != 1:
+ LOG.warning("Unable to clean up this DNS proxy record. "
+ "Looked for recordsets for %s and found %s"
(proxydomain,
+
recordsets))
+ return
+
+ LOG.warning("Deleting DNS entry for proxy: %s" % recordsets[0])
+ central_api.delete_recordset(context, domainrecords[0].id,
recordsets[0].id)
+
def _get_proxy_list_for_project(self, project):
endpoint = self._get_proxy_endpoint()
requrl = endpoint.replace("$(tenant_id)s", project)
diff --git a/modules/openstack/files/mitaka/designate/wmf_sink/wmfsink.py
b/modules/openstack/files/mitaka/designate/wmf_sink/wmfsink.py
index e64601c..d37c87e 100644
--- a/modules/openstack/files/mitaka/designate/wmf_sink/wmfsink.py
+++ b/modules/openstack/files/mitaka/designate/wmf_sink/wmfsink.py
@@ -38,10 +38,10 @@
cfg.ListOpt('puppetdefaultvars', default=[]),
cfg.StrOpt('certmanager_user', default='certmanager'),
- cfg.StrOpt('puppet_key_format', default=None),
- cfg.StrOpt('salt_key_format', default=None),
+ cfg.StrOpt('fqdn_format', default=None),
cfg.StrOpt('puppet_master_host', default=None),
cfg.StrOpt('salt_master_host', default=None),
+ cfg.StrOpt('puppet_config_backend', default=None),
], group='handler:wmf_sink')
cfg.CONF.register_group(cfg.OptGroup(
--
To view, visit https://gerrit.wikimedia.org/r/360996
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I358c88a84f51b078056498190419a135eb8f5085
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
