crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[bind2] Découpage de gen_zones, fonction pour ne regénérer que le multicast, section '__main__'

Browse source
This commit is contained in:
Valentin Samir 2014-02-03 01:53:50 +01:00
parent ac2ccf50c5
commit 3e17aee6cc
1 changed files with 103 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

132
gestion/gen_confs/bind2.py Normal file → Executable file
View file

@ -9,6 +9,7 @@ import netaddr
sys.path.append('/usr/scripts/')
import lc_ldap.shortcuts
import affich_tools
from gestion.gen_confs import gen_config
from socket import gethostname
from gestion import config
@ -175,7 +176,6 @@ class Zone(ZoneBase):
else:
return ret
else:
#print "%s not in zone %s" % (hostname, self.zone_name)
return None
def add_delegation(zone, server):
@ -360,18 +360,40 @@ class dns(gen_config) :
hostname = short_name(gethostname())
serial = int(time.time()) + 1000000000
TTL = 3600
if hostname == short_name(config.dns.DNSs[0]):
restart_cmd = '/usr/sbin/ods-signer sign --all && /etc/init.d/bind9 reload'
else:
restart_cmd = '/etc/init.d/bind9 reload'
def gen_zones(self, ttl, ns_list, populate=True):
zones = {}
serial = int(time.time()) + 1000000000
for zone in config.dns.zones_ldap:
#print "Create zone %s" % zone
zones[zone]=Zone(zone, ttl, SOA(ns_list[0], 'root.crans.org', serial, 21600, 3600, 1209600, ttl), ns_list, bl_zone=config.dns.zones_direct)
for net in config.dns.zones_reverse:
def gen_soa(self, ns_list, serial, ttl):
return SOA(ns_list[0], 'root.crans.org', serial, 21600, 3600, 1209600, ttl)
def populate_zones(self, zones, machines):
self.anim.iter=len(zones.values())
for zone in zones.values():
zone.extend(self.MXs)
for rr_type in [self.SRVs, self.NATPRs, self.DSs]:
if zone.zone_name in rr_type.keys():
zone.extend(rr_type[zone.zone_name])
for m in machines:
zone.add_machine(m)
self.anim.cycle()
return zones
def gen_zones_ldap(self, ttl, ns_list, serial, zones={}, zones_ldap=config.dns.zones_ldap):
for zone in zones_ldap:
zones[zone]=Zone(zone, ttl, self.gen_soa(ns_list, serial, ttl), ns_list, bl_zone=config.dns.zones_direct)
return zones
def gen_zones_reverse(self, ttl, ns_list, serial, zones={},
zones_reverse_v4=config.dns.zones_reverse, zones_reverse_v6=config.dns.zones_reverse_v6):
# reverse ipv4
for net in zones_reverse_v4:
net = netaddr.IPNetwork(net)
if net.prefixlen > 24:
subnets = net.subnet(32)
@ -382,35 +404,58 @@ class dns(gen_config) :
else:
subnets = net.subnet(8)
for subnet in subnets:
#print "Create zone %s" % subnet
zones[str(subnet)]=ZoneReverse(str(subnet), ttl, SOA(ns_list[0], 'root.crans.org', serial, 21600, 3600, 1209600, ttl), ns_list)
for net in config.dns.zones_reverse_v6:
#print "Create zone %s" % net
zones[net]=ZoneReverse(net, ttl, SOA(ns_list[0], 'root.crans.org', serial, 21600, 3600, 1209600, ttl), ns_list)
zones[str(subnet)]=ZoneReverse(str(subnet), ttl, self.gen_soa(ns_list, serial, ttl), ns_list)
# reverse ipv6
for net in zones_reverse_v6:
zones[net]=ZoneReverse(net, ttl, self.gen_soa(ns_list, serial, ttl), ns_list)
return zones
if populate:
conn = lc_ldap.shortcuts.lc_ldap_admin()
machines = conn.search(u"mid=*", sizelimit=10000)
machines.extend(conn.machinesMulticast())
self.anim.iter=len(zones.values())
for zone in zones.values():
#print "Generate zone %s" % zone.zone_name
zone.extend(self.MXs)
for rr_type in [self.SRVs, self.NATPRs, self.DSs]:
if zone.zone_name in rr_type.keys():
zone.extend(rr_type[zone.zone_name])
for m in machines:
zone.add_machine(m)
self.anim.cycle()
def gen_zones_clone(self, ttl, ns_list, serial, zones={}):
for zone_clone, zones_alias in config.dns.zone_alias.items():
for zone in zones_alias:
zones[zone]=ZoneClone(zone, zones[zone_clone], SOA(ns_list[0], 'root.crans.org', serial, 21600, 3600, 1209600, ttl))
zones[zone]=ZoneClone(zone, zones[zone_clone], self.gen_soa(ns_list, serial, ttl))
for rr_type in [self.SRVs, self.NATPRs, self.DSs]:
if zones[zone].zone_name in rr_type.keys():
zones[zone].extend(rr_type[zones[zone].zone_name])
return zones
def gen_zones(self, ttl, serial, ns_list, populate=True):
zones = {}
self.gen_zones_ldap(ttl, ns_list, serial, zones)
self.gen_zones_reverse(ttl, ns_list, serial, zones)
if populate:
conn = lc_ldap.shortcuts.lc_ldap_admin()
machines = conn.search(u"mid=*", sizelimit=10000)
machines.extend(conn.machinesMulticast())
self.populate_zones(zones, machines)
# Doit être fait après populate_zones lorsque l'on a l'intention d'écrire les fichiers de zone
# En effet, la génération de la zone clone dépend du contenue de la zone originale
self.gen_zones_clone(ttl, ns_list, serial, zones)
return zones
def gen_tv(self, populate=True):
self.anim = affich_tools.anim('\tgénération de la zone tv')
zones = {}
serial = self.serial
self.gen_zones_reverse(self.TTL, config.dns.DNSs, serial, zones, zones_reverse_v4=config.NETs['multicast'], zones_reverse_v6=[])
self.gen_zones_ldap(self.TTL, config.dns.DNSs, serial, zones, zones_ldap=[config.dns.zone_tv])
if populate:
conn = lc_ldap.shortcuts.lc_ldap_admin()
machines=conn.machinesMulticast()
self.populate_zones(zones, machines)
for zone in zones.values():
zone.write(self.DNS_DIR + 'db.' + zone.zone_name)
self.anim.reinit()
print affich_tools.OK
return zones
def gen_master(self):
# Syntaxe utilisée dans le fichier DNS_CONF pour définir une zone sur le maître
zone_template="""
@ -419,7 +464,7 @@ zone "%(zone_name)s" {
file "%(zone_path)s";
};
"""
zones = self.gen_zones(3600, config.dns.DNSs)
zones = self.gen_zones(self.TTL, self.serial, config.dns.DNSs)
with open(self.DNS_CONF, 'w') as f:
for zone in zones.values():
zone.write(self.DNS_DIR + 'db.' + zone.zone_name)
@ -437,7 +482,7 @@ zone "%(zone_name)s" {
masters { %(master_ip)s; };
};
"""
zones = self.gen_zones(3600, config.dns.DNSs, populate=False)
zones = self.gen_zones(self.TTL, self.serial, config.dns.DNSs, populate=False)
with open(self.DNS_CONF_BCFG2, 'w') as f:
for zone in zones.values():
if zone.zone_name in config.dns.zones_dnssec:
@ -451,3 +496,30 @@ zone "%(zone_name)s" {
def __str__(self):
return "DNS"
if __name__ == '__main__' :
hostname = short_name(gethostname())
if hostname == short_name(config.bcfg2_main):
print "Reconfiguration du fichier de BCfg2 pour configurer le bind d'un serveur en esclave (pensez à lancer bcfg2 sur les esclaves)."
c = dns()
c.gen_slave()
elif hostname == short_name(config.dns.DNSs[0]):
print "Serveur maître :"
c = dns()
zones = c.gen_tv()
import subprocess
for zone in zones.values():
if zone.zone_name in config.dns.zones_dnssec:
args=("/usr/sbin/ods-signer sign %s" % zone.zone_name).split()
p=subprocess.Popen(args,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
ret=p.communicate()
print ret[0].strip()
if ret[1].strip():
print ret[1].strip()
print "Ce serveur est également serveur maitre pour les autres zones dns, mais leur reconfiguration se fait par generate."
elif hostname in map(lambda fullhostname : short_name(fullhostname),config.dns.DNSs[1:]):
print "Ce serveur est esclave! Lancez ce script sur %s, puis lancez bcfg2 ici" % bcfg2_main
else:
print "Ce serveur ne correspond à rien pour la configuration DNS."