From 57e9f69c9701fe989f816da7e707e6812c52eccb Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Wed, 18 Nov 2020 12:35:33 -0500 Subject: [PATCH] Add new so-ip-update script (Work in progress) --- salt/common/tools/sbin/so-common | 61 +++++++++++++++++++++++------ salt/common/tools/sbin/so-ip-update | 59 ++++++++++++++++++++++++++++ 2 files changed, 109 insertions(+), 11 deletions(-) create mode 100644 salt/common/tools/sbin/so-ip-update diff --git a/salt/common/tools/sbin/so-common b/salt/common/tools/sbin/so-common index ab54d634e..1dfa22a5f 100755 --- a/salt/common/tools/sbin/so-common +++ b/salt/common/tools/sbin/so-common @@ -17,8 +17,8 @@ # Check for prerequisites if [ "$(id -u)" -ne 0 ]; then - echo "This script must be run using sudo!" - exit 1 + echo "This script must be run using sudo!" + exit 1 fi # Define a banner to separate sections @@ -29,19 +29,43 @@ header() { printf '%s\n' "$banner" "$*" "$banner" } +lookup_salt_value() { + key=$1 + group=$2 + kind=$3 + + if [ -z "$kind" ]; then + kind=pillar + fi + + if [ -n "$group" ]; then + group=${group}: + fi + + salt-call --no-color ${kind}.get ${group}${key} --out=newline_values_only +} + lookup_pillar() { - key=$1 - salt-call --no-color pillar.get global:${key} --out=newline_values_only + key=$1 + pillar=$2 + if [ -z "$pillar" ]; then + pillar=global + fi + lookup_salt_value "$key" "$pillar" "pillar" } lookup_pillar_secret() { - key=$1 - salt-call --no-color pillar.get secrets:${key} --out=newline_values_only + lookup_pillar "$1" "secrets" } lookup_grain() { - key=$1 - salt-call --no-color grains.get ${key} --out=newline_values_only + lookup_salt_value "$1" "" "grains" +} + +lookup_role() { + id=$(lookup_grain id) + pieces=($(echo $id | tr '_' ' ')) + echo ${pieces[1]} } check_container() { @@ -50,9 +74,9 @@ check_container() { } check_password() { - local password=$1 - echo "$password" | egrep -v "'|\"|\\$|\\\\" > /dev/null 2>&1 - return $? + local password=$1 + echo "$password" | egrep -v "'|\"|\\$|\\\\" > /dev/null 2>&1 + return $? } set_os() { @@ -96,3 +120,18 @@ require_manager() { exit 1 fi } + +is_single_node_grid() { + role=$(lookup_role) + if [ "$role" != "eval" ] && [ "$role" != "standalone" ] && [ "$role" != "import" ]; then + return 1 + fi + return 0 +} + +fail() { + msg=$1 + echo "ERROR: $msg" + echo "Exiting." + exit 1 +} diff --git a/salt/common/tools/sbin/so-ip-update b/salt/common/tools/sbin/so-ip-update new file mode 100644 index 000000000..7321a5587 --- /dev/null +++ b/salt/common/tools/sbin/so-ip-update @@ -0,0 +1,59 @@ +#!/bin/bash + +. $(dirname $0)/so-common + +if [ "$FORCE_IP_UPDATE" != "1" ]; then + is_single_node_grid || fail "Cannot update the IP on a distributed grid" +fi + +echo "This tool will update a manager's IP address to the new IP assigned to the management network interface." + +echo +echo "WARNING: This tool is still undergoing testing, use at your own risk!" +echo + +if [ -z "$OLD_IP" ]; then + OLD_IP=$(lookup_pillar "managerip") + + if [ -z "$OLD_IP" ]; then + fail "Unable to find old IP; possible salt system failure" + fi + + echo "Found old IP $OLD_IP." +fi + +if [ -z "$NEW_IP" ]; then + iface=$(lookup_pillar "mainint" "host") + NEW_IP=$(ip -4 addr list $iface | grep inet | cut -d' ' -f6 | cut -d/ -f1) + + if [ -z "$NEW_IP" ]; then + fail "Unable to detect new IP on interface $iface. " + fi + + echo "Detected new IP $NEW_IP on interface $iface." +fi + +if [ "$OLD_IP" == "$NEW_IP" ]; then + fail "IP address has not changed" +fi + +echo "About to change old IP $OLD_IP to new IP $NEW_IP." + +read -n 1 -p "Would you like to continue? (y/N) " CONTINUE +echo + +if [ "$CONTINUE" == "y" ]; then + for file in $(grep -rlI $OLD_IP /opt/so/saltstack /etc); do + echo "Updating file: $file" + sed -i "s|$OLD_IP|$NEW_IP|g" $file + done + + echo "The IP has been changed from $OLD_IP to $NEW_IP." + + if [ -z "$SKIP_STATE_APPLY" ]; then + echo "Re-applying salt states." + salt-call state.highstate queue=True + fi +else + echo "Exiting without changes." +fi \ No newline at end of file