Andrew Bogott has uploaded a new change for review.
https://gerrit.wikimedia.org/r/84546
Change subject: Modify ldap schema for hosts.
......................................................................
Modify ldap schema for hosts.
Previously all the DNS names for a given IP had an arbitrary dn constructed
out of the first DNS name used for that IP. That was producing various
bugs when we tried to manipulate other names other than the lucky first
name.
Now there are two different dn types for hosts. For private/internal
hosts, the dn is of the form dc=<instanceid>.<domain>,ou=hosts, etc.
For public/floating IP hosts, the dn is of the form dc=<ip>,ou-hosts,
etc.
This patch simplifies host accessor and searcher methods accordingly.
Change-Id: Ia604df3317e7ba92240f02e8ae3dd0776b17ca4b
---
M nova/OpenStackNovaHost.php
M nova/OpenStackNovaSudoer.php
M special/SpecialNovaAddress.php
3 files changed, 90 insertions(+), 98 deletions(-)
git pull
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/OpenStackManager
refs/changes/46/84546/1
diff --git a/nova/OpenStackNovaHost.php b/nova/OpenStackNovaHost.php
index d93f359..096cdf7 100644
--- a/nova/OpenStackNovaHost.php
+++ b/nova/OpenStackNovaHost.php
@@ -8,16 +8,25 @@
*/
class OpenStackNovaHost {
+ /**
+ * @var bool
+ */
+ var $private;
/**
* @var string
*/
- var $searchvalue;
+ var $hostname;
/**
* @var string
*/
var $hostDN;
+
+ /**
+ * @var string
+ */
+ var $ip;
/**
* @var mixed
@@ -33,9 +42,13 @@
* @param $hostname
* @param $domain
*/
- function __construct( $hostname, $domain ) {
- $this->searchvalue = $hostname;
+ function __construct( $private, $hostname, $domain, $ip ) {
+ global $wgAuth;
+
+ $this->private = $private;
+ $this->hostname = $hostname;
$this->domain = $domain;
+ $this->ip = $ip;
OpenStackNovaLdapConnection::connect();
$this->fetchHostInfo();
}
@@ -48,9 +61,14 @@
function fetchHostInfo() {
global $wgAuth;
- $this->searchvalue = $wgAuth->getLdapEscapedString(
$this->searchvalue );
- $fqdn = $this->searchvalue . '.' .
$this->domain->getFullyQualifiedDomainName();
- $result = LdapAuthenticationPlugin::ldap_search(
$wgAuth->ldapconn, $this->domain->domainDN, '(|(associateddomain=' . $fqdn .
')(cnamerecord=' . $fqdn . ')(dc=' . $this->searchvalue . '))' );
+ $this->hostname = $wgAuth->getLdapEscapedString(
$this->hostname );
+ if ( $this->private ) {
+ $fqdn = $this->hostname . '.' .
$this->domain->getFullyQualifiedDomainName();
+ $result = LdapAuthenticationPlugin::ldap_search(
$wgAuth->ldapconn, $this->domain->domainDN, '(|(associateddomain=' . $fqdn .
')(cnamerecord=' . $fqdn . ')(dc=' . $this->fqdn . '))' );
+ } else {
+ $this->ip = $wgAuth->getLdapEscapedString( $this->ip );
+ $result = LdapAuthenticationPlugin::ldap_search(
$wgAuth->ldapconn, $this->domain->domainDN, '(|(associateddomain=' . $fqdn .
')(cnamerecord=' . $fqdn . ')(dc=' . $this->ip . '))' );
+ }
$this->hostInfo = LdapAuthenticationPlugin::ldap_get_entries(
$wgAuth->ldapconn, $result );
if ( $this->hostInfo["count"] == "0" ) {
$this->hostInfo = null;
@@ -420,8 +438,25 @@
* @param $domain
* @return OpenStackNovaHost
*/
- static function getHostByName( $hostname, $domain ) {
- $host = new OpenStackNovaHost( $hostname, $domain );
+ static function getPrivateHost( $hostname, $domain ) {
+ $host = new OpenStackNovaHost( true, $hostname, $domain, null );
+ if ( $host->hostInfo ) {
+ return $host;
+ } else {
+ return null;
+ }
+ }
+
+ /**
+ * Get a public host by the host's ip. Returns
+ * null if the entry does not exist.
+ *
+ * @static
+ * @param $ip
+ * @return OpenStackNovaHost
+ */
+ static function getHostByPublicIP( $ip ) {
+ $host = new OpenStackNovaHost( false, null, null, $ip );
if ( $host->hostInfo ) {
return $host;
} else {
@@ -439,70 +474,33 @@
static function getHostByInstanceId( $instanceid ) {
$domain = OpenStackNovaDomain::getDomainByInstanceId(
$instanceid );
if ( $domain ) {
- return self::getHostByName( $instanceid, $domain );
+ return self::getPrivateHost( $instanceid, $domain );
} else {
return null;
}
}
/**
- * Get a host by ip address and an OpenStackNovaDomain. Returns null if
- * the entry does not exist.
- *
- * @static
- * @param $ip
- * @return null|OpenStackNovaHost
- */
- static function getHostByIP( $ip ) {
- global $wgAuth;
- global $wgOpenStackManagerLDAPInstanceBaseDN;
-
- $domain = OpenStackNovaDomain::getDomainByHostIP( $ip );
- if ( ! $domain ) {
- return null;
- }
- $result = LdapAuthenticationPlugin::ldap_search(
$wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN, '(arecord=' . $ip .
')' );
- $hostInfo = LdapAuthenticationPlugin::ldap_get_entries(
$wgAuth->ldapconn, $result );
- if ( $hostInfo["count"] == "0" ) {
- return null;
- } else {
- array_shift( $hostInfo );
- $hostname = $hostInfo[0]['dc'][0];
- $host = OpenStackNovaHost::getHostByName( $hostname,
$domain );
- return $host;
- }
- }
-
- /**
- * Get all host entries that have the specified IP address assigned.
Returns
- * an empty array if none are found.
+ * Get private host entries that has the specified IP address assigned.
Returns
+ * null if none is found.
*
* @static
* @param $ip
* @return array
*/
- static function getHostsByIP( $ip ) {
+ static function getHostByPrivateIP( $ip ) {
global $wgAuth;
global $wgOpenStackManagerLDAPInstanceBaseDN;
$result = LdapAuthenticationPlugin::ldap_search(
$wgAuth->ldapconn, $wgOpenStackManagerLDAPInstanceBaseDN, '(arecord=' . $ip .
')' );
- $hostsInfo = LdapAuthenticationPlugin::ldap_get_entries(
$wgAuth->ldapconn, $result );
- if ( $hostsInfo["count"] == "0" ) {
- return array();
+ $hostInfo = LdapAuthenticationPlugin::ldap_get_entries(
$wgAuth->ldapconn, $result );
+ if ( $hostInfo["count"] == "0" ) {
+ return null;
} else {
- $hosts = array();
- array_shift( $hostsInfo );
- foreach ( $hostsInfo as $host ) {
- $hostname = $host['dc'][0];
- $domainname = explode( '.',
$host['associateddomain'][0] );
- $domainname = $domainname[1];
- $domain = OpenStackNovaDomain::getDomainByName(
$domainname );
- $hostObject = OpenStackNovaHost::getHostByName(
$hostname, $domain );
- if ( $hostObject ) {
- $hosts[] = $hostObject;
- }
- }
- return $hosts;
+ $host = $hotsInfo[0];
+ $hostname = $host['dc'][0];
+ $hostObject = OpenStackNovaHost::getHostByInstanceId(
$hostname );
+ return $hostObject;
}
}
@@ -527,7 +525,7 @@
# First entry is always a count
array_shift( $entries );
foreach ( $entries as $entry ) {
- $hosts[] = new OpenStackNovaHost(
$entry['dc'][0], $domain );
+ $hosts[] = new OpenStackNovaHost( true,
$entry['dc'][0], $domain, null );
}
}
}
@@ -583,7 +581,7 @@
$ip = null;
}
$domainname = $domain->getFullyQualifiedDomainName();
- $host = OpenStackNovaHost::getHostByName( $hostname, $domain );
+ $host = OpenStackNovaHost::getHostByInstanceId( $hostname );
if ( $host ) {
$wgAuth->printDebug( "Failed to add host $hostname as
the DNS entry already exists", NONSENSITIVE );
return null;
@@ -625,15 +623,15 @@
$hostEntry['puppetvar'][] = 'instanceproject=' .
$project;
$hostEntry['puppetvar'][] = 'instancename=' . $hostname;
}
- $dn = 'dc=' . $instanceid . ',dc=' . $domain->getDomainName() .
',' . $wgOpenStackManagerLDAPInstanceBaseDN;
+ $dn = 'dc=' . $instanceid . "." . $domain->getDomainName() .
',' . $wgOpenStackManagerLDAPInstanceBaseDN;
$success = LdapAuthenticationPlugin::ldap_add(
$wgAuth->ldapconn, $dn, $hostEntry );
if ( $success ) {
$domain->updateSOA();
$wgAuth->printDebug( "Successfully added host
$hostname", NONSENSITIVE );
- return new OpenStackNovaHost( $hostname, $domain );
+ return new OpenStackNovaHost(false, $hostname, $domain,
null );
} else {
- $wgAuth->printDebug( "Failed to add host $hostname",
NONSENSITIVE );
+ $wgAuth->printDebug( "Failed to add host $hostname with
dn of $dn", NONSENSITIVE );
return null;
}
}
@@ -656,7 +654,7 @@
OpenStackNovaLdapConnection::connect();
$domainname = $domain->getFullyQualifiedDomainName();
- $host = OpenStackNovaHost::getHostByName( $hostname, $domain );
+ $host = OpenStackNovaHost::getHostByPublicIP( $ip );
if ( $host ) {
$wgAuth->printDebug( "Failed to add public host
$hostname as the DNS entry already exists", NONSENSITIVE );
return null;
@@ -668,13 +666,13 @@
$hostEntry['dc'] = $hostname;
$hostEntry['arecord'] = $ip;
$hostEntry['associateddomain'][] = $hostname . '.' .
$domainname;
- $dn = 'dc=' . $hostname . ',dc=' . $domain->getDomainName() .
',' . $wgOpenStackManagerLDAPInstanceBaseDN;
+ $dn = 'dc=' . $ip . ',' . $wgOpenStackManagerLDAPInstanceBaseDN;
$success = LdapAuthenticationPlugin::ldap_add(
$wgAuth->ldapconn, $dn, $hostEntry );
if ( $success ) {
$domain->updateSOA();
$wgAuth->printDebug( "Successfully added public host
$hostname", NONSENSITIVE );
- return new OpenStackNovaHost( $hostname, $domain );
+ return new OpenStackNovaHost( false, null, null, ip );
} else {
$wgAuth->printDebug( "Failed to add public host
$hostname", NONSENSITIVE );
return null;
diff --git a/nova/OpenStackNovaSudoer.php b/nova/OpenStackNovaSudoer.php
index cc05e1d..f2e5353 100644
--- a/nova/OpenStackNovaSudoer.php
+++ b/nova/OpenStackNovaSudoer.php
@@ -161,13 +161,10 @@
// For good measure, put the display name in
there too.
// modern instances identify themselves that
way.
list ( $name, $domain ) = explode( '.', $host );
- $domainobj =
OpenStackNovaDomain::getDomainByName( $domain );
- if ( $domainobj ) {
- $hostobj =
OpenStackNovaHost::getHostByName( $name, $domainobj );
- if ( $hostobj ) {
- $displayfqdn =
$hostobj->getFullyQualifiedDisplayName();
- $sudoer['sudohost'][] =
$displayfqdn;
- }
+ $hostobj =
OpenStackNovaHost::getHostByInstanceId( $name );
+ if ( $hostobj ) {
+ $displayfqdn =
$hostobj->getFullyQualifiedDisplayName();
+ $sudoer['sudohost'][] = $displayfqdn;
}
}
}
@@ -303,7 +300,7 @@
list ( $name, $domain ) = explode( '.', $host );
$domainobj =
OpenStackNovaDomain::getDomainByName( $domain );
if ( $domainobj ) {
- $hostobj =
OpenStackNovaHost::getHostByName( $name, $domainobj );
+ $hostobj =
OpenStackNovaHost::getHostByInstanceId( $name );
if ( $hostobj ) {
$displayfqdn =
$hostobj->getFullyQualifiedDisplayName();
$sudoer['sudohost'][] =
$displayfqdn;
diff --git a/special/SpecialNovaAddress.php b/special/SpecialNovaAddress.php
index c5baffe..946f033 100644
--- a/special/SpecialNovaAddress.php
+++ b/special/SpecialNovaAddress.php
@@ -467,27 +467,24 @@
$this->pushResourceColumn( $addressRow, '' );
$this->pushResourceColumn( $addressRow, '' );
}
- $hosts = OpenStackNovaHost::getHostsByIP( $ip );
- if ( $hosts ) {
- $hostArr = array();
- foreach ( $hosts as $host ) {
- $domain = $host->getDomain();
- $fqdns = $host->getAssociatedDomains();
- foreach ( $fqdns as $fqdn ) {
- $hostname = explode( '.', $fqdn
);
- $hostname = $hostname[0];
- $link = $this->createActionLink(
-
'openstackmanager-removehost-action',
- array(
- 'action' =>
'removehost',
- 'id' => $id,
'project' => $projectName,
- 'region' =>
$region,
- 'domain' =>
$domain->getDomainName(),
- 'hostname' =>
$hostname
- )
- );
- $hostArr[] = htmlentities(
$fqdn ) . ' ' . $link;
- }
+ $host = OpenStackNovaHost::getHostByPublicIP( $ip );
+ if ( $host ) {
+ $domain = $host->getDomain();
+ $fqdns = $host->getAssociatedDomains();
+ foreach ( $fqdns as $fqdn ) {
+ $hostname = explode( '.', $fqdn );
+ $hostname = $hostname[0];
+ $link = $this->createActionLink(
+
'openstackmanager-removehost-action',
+ array(
+ 'action' =>
'removehost',
+ 'id' => $id, 'project'
=> $projectName,
+ 'region' => $region,
+ 'domain' =>
$domain->getDomainName(),
+ 'hostname' => $hostname
+ )
+ );
+ $hostArr[] = htmlentities( $fqdn ) . '
' . $link;
}
$this->pushRawResourceColumn( $addressRow,
$this->createResourceList( $hostArr ) );
} else {
@@ -592,8 +589,8 @@
$outputPage->addWikiMsg(
'openstackmanager-cannotreleaseaddress', $ip );
return true;
}
- $hosts = OpenStackNovaHost::getHostsByIP( $ip );
- if ( $hosts ) {
+ $host = OpenStackNovaHost::getHostByPublicIP( $ip );
+ if ( $host ) {
$outputPage->addWikiMsg(
'openstackmanager-cannotreleaseaddress', $ip );
return true;
}
@@ -696,8 +693,8 @@
$hostname = $formData['hostname'];
$domain = $formData['domain'];
$domain = OpenStackNovaDomain::getDomainByName( $domain );
- $hostbyname = OpenStackNovaHost::getHostByName( $hostname,
$domain );
- $hostbyip = OpenStackNovaHost::getHostByIP( $ip );
+ $hostbyname = OpenStackNovaHost::getHostByInstanceId(
$instanceid );
+ $hostbyip = OpenStackNovaHost::getHostByPublicIP( $ip );
if ( $hostbyname ) {
# We need to add an arecord, if the arecord doesn't
already exist
@@ -751,7 +748,7 @@
$hostname = $formData['hostname'];
$domain = $formData['domain'];
$domain = OpenStackNovaDomain::getDomainByName( $domain );
- $host = OpenStackNovaHost::getHostByName( $hostname, $domain );
+ $host = OpenStackNovaHost::getHostByPublicIP( $ip );
if ( $host ) {
$fqdn = $hostname . '.' .
$domain->getFullyQualifiedDomainName();
$records = $host->getAssociatedDomains();
--
To view, visit https://gerrit.wikimedia.org/r/84546
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia604df3317e7ba92240f02e8ae3dd0776b17ca4b
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/OpenStackManager
Gerrit-Branch: master
Gerrit-Owner: Andrew Bogott <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
