secrets & fleetlock
This commit is contained in:
parent
d10def05f8
commit
a9fca4619f
GPG key ID:
6EF520A1829E8B1D
3 changed files with 145 additions and 0 deletions
|
|
@ -0,0 +1,71 @@
|
|||
#!/usr/bin/env python3
|
||||
|
||||
import yaml
|
||||
import subprocess
|
||||
import time
|
||||
import sys
|
||||
|
||||
groupyaml = '/etc/hiera/data/group.yaml'
|
||||
|
||||
def get_frontends(data):
|
||||
try:
|
||||
return list(data['sunet_frontend']['load_balancer']['websites'].keys())
|
||||
except KeyError:
|
||||
return []
|
||||
|
||||
def check_docker_instance_status(instance):
|
||||
cmd = f"docker inspect -f {r'{{.State.Status}}'} {instance}"
|
||||
result = subprocess.run(cmd, shell=True, capture_output=True, text=True)
|
||||
return result.stdout.strip() == 'running'
|
||||
|
||||
def is_exabgp_running():
|
||||
cmd = ["systemctl", "is-active", "exabgp.service"]
|
||||
result = subprocess.run(cmd, capture_output=True, text=True)
|
||||
return result.stdout.strip() == 'active'
|
||||
|
||||
def check_docker_instances(instances, max_retries=3, initial_wait=10):
|
||||
for instance in instances:
|
||||
retries = 0
|
||||
while retries < max_retries:
|
||||
if check_docker_instance_status(instance):
|
||||
print(f"Instance: {instance} is running!")
|
||||
break
|
||||
else:
|
||||
print(f"Instance: {instance} is not running! Will try again in {initial_wait * (2**retries)} seconds.")
|
||||
time.sleep(initial_wait * (2**retries))
|
||||
retries += 1
|
||||
if retries == max_retries:
|
||||
print(f"Max retries reached for instance: {instance}, exiting!")
|
||||
sys.exit(1)
|
||||
|
||||
def check_exabgp_running(max_retries=3, initial_wait=10):
|
||||
retries = 0
|
||||
while retries < max_retries:
|
||||
if is_exabgp_running():
|
||||
print("ExaBGP service is running!")
|
||||
break
|
||||
else:
|
||||
print(f"Exabgp is not running! Will try again in {initial_wait * (2**retries)} seconds.")
|
||||
time.sleep(initial_wait * (2**retries))
|
||||
retries += 1
|
||||
if retries == max_retries:
|
||||
print(f"Max retries reached for checking if exabgp is running, exiting!")
|
||||
sys.exit(1)
|
||||
|
||||
with open(groupyaml, 'r') as f:
|
||||
data = yaml.safe_load(f)
|
||||
|
||||
frontends = get_frontends(data)
|
||||
instances = []
|
||||
|
||||
for frontend in frontends:
|
||||
instances.append(frontend + '-haproxy-1')
|
||||
instances.append(frontend + '-monitor-1')
|
||||
instances.append(frontend + '-config-1')
|
||||
|
||||
instances.append('frontend-api-1')
|
||||
instances.append('frontend-telegraf-1')
|
||||
|
||||
check_exabgp_running()
|
||||
check_docker_instances(instances)
|
||||
sys.exit(0)
|
||||
37
lb-test-sthb-1.komreg.net/overlay/etc/hiera/data/local.eyaml
Normal file
37
lb-test-sthb-1.komreg.net/overlay/etc/hiera/data/local.eyaml
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
---
|
||||
acme_c_ssh_key: >
|
||||
ENC[PKCS7,MIIEYQYJKoZIhvcNAQcDoIIEUjCCBE4CAQAxggKFMIICgQIBAD
|
||||
BpMFExCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV
|
||||
lBTUwxIjAgBgNVBAMMGWxiLXRlc3Qtc3RoYi0xLmtvbXJlZy5uZXQCFDPHJK
|
||||
g1+IXKHUqBMyiDxc0qhJz2MA0GCSqGSIb3DQEBAQUABIICAHhuZn43Go8j1R
|
||||
taCORk7erdvZaAUeX98O8pBZHbaR7yuTJLk70ek9Kz18oENZgdJshSqHVw0L
|
||||
gGch9FbXxGahhN2qHJ2bilUUHH5MtIyMmOzc92h+s7JaL+IpdU8WT920vmuP
|
||||
gxr0xMZBf9AyBInJIXU8ZDvjDMMpXsAnMypFw8LDgYSPWfbzqH+Pv7p9fx8R
|
||||
EEz/bBJjTQUmUypw8KQj5OMYKIj5uqe47rttwyB/D2y/yDPJPfQtWzihAo2k
|
||||
p3POZ/3FW8+PEqBW10GXE5k+uA6Wp8VUJasoaUkd28j2olvNifAhSM102iDi
|
||||
g5tbieM0GqFSIyCtbQuBAv5p92koiuXVrgMj4IdBDC+In+2HphhmSBQBAwUW
|
||||
lap/yVDzoL7XzPi6dl53vdO7XhtcLNlc/ffU2VdUvmKI4NMP7Rv67AgQj5/n
|
||||
6Wh7HOtU2Ol2i6PqxIZkzb4NaLWpjv3qjYQsOyE/C1reZJ3YyndpbhdZPslP
|
||||
Ve9ZbUMUZtPkkjRzXMEVq65hke9sJH4LclOQ7ebx4Q95ZfzN4EgNjKVj1pVG
|
||||
QvHgeL+MRvljexaprJ51jcQVx66arYhf1y6pcFg+qK7H+KHHBQd1RlZ9sHTO
|
||||
HO0X0MkSIIzxwdL62MsSgbVKsUzsjV5+DB5yKynX3kFXBIcJc2pgjTD2Xyzd
|
||||
I/WTDEqAGmMIIBvgYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQZCxw12Mv0p
|
||||
aDRHbL5iHD6ICCAZCMmoWZzkY94cJmoiWYFSdwcY4llDC90fXX7ZDFVUSpqP
|
||||
+IAPKJ+Y80HFJd+Ijiwu9zwVw792nPQUhmFONgW9FHFn7cQMTxole6k5B8w/
|
||||
eO1QcdiANhA4uJiRLPgN1vxpZO2M+TeBRsiXTqc5YcpaIFiCL6UFI6e6VPNq
|
||||
Ffva1QNHG19kVpJbjefdWQ2zOpIVDPJgK5mvazozscpr0jw5tBhDAfZxQAHK
|
||||
uFWQRD9GK4ECPHuKtOduj2MPri0qOmKV/2rccsRKW0HFqCnCiTSzu9Da3zTK
|
||||
gsm7kIK2knrOsNBUDhPB3wxA9X054FGgwH87d9NRn7js7vZEzHkkERl7EKMs
|
||||
jWYaXlnKIPyV7RlJMouYVJPfG9e93Flsow/ACMUlRhKtFdZ6SYTPWZ5T6DRa
|
||||
VthM6uCKqqPxKWtYonpUWUmpkmKxGx4EuBNZ6fKfruXI1AIU3g1ZJ7QCBJq3
|
||||
hwIbLRkZjv/ae2w4MOJKSobvZ42dPK8Xdzjc7llBb7nLBr5DZoe4OtE771d8
|
||||
c7+rEljSLg]
|
||||
|
||||
fleetlock_config:
|
||||
eidas-test-frontends:
|
||||
server: https://fl-test.knubbis.sunet.se
|
||||
password: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggKFMIICgQIBADBpMFExCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxIjAgBgNVBAMMGWxiLXRlc3Qtc3RoYi0xLmtvbXJlZy5uZXQCFDPHJKg1+IXKHUqBMyiDxc0qhJz2MA0GCSqGSIb3DQEBAQUABIICAD1eDj35KDIqkzuuIVyEOgUxI+oxm6xJp4iwkzYOOkIKS7sieYkA/wzxHYqDyg3zJGBxsFrpEpGQRP/rWj9DqCirClnToEoUqrXymSsCD9Gz77gBXZqXmpbICVMVWlOXeZ7LA2g9O8w8OG2AsYKorTC5udEB01mwueZfjmwhKJLWcBU5i6B0BvB1S5SConud9QuV8fx2wr1VMjvEEM5fGanrW6IlXtQuGfdVOiNOjb7v9lvSZ+xk0Xiiix5g++YSUw12MHWQrGTUJbWORlenQS+WZayaEtPcQqOb4W232FarE8OWvOROzozO5+NypQHtC91oMChCd3hByzc2y3+Ls1ZS2Ov+mdbeLvMocjuI6TjGXKhTKd8Iy8pIGKJqO8VhXwNORoBlK2152gqTPyL/1H805HYRbdX12UFqSQIfCliGKtbGFoHAizh3XfFkTEdymV9LSzqR+jqGxQTsLwmbpmPQre7EeEAPHw5R0TU6HutEKUaelJuBm9plYN19gVyRMMgmogNhx1YI/xn6eOd+wqeCW2n47NRN3ogv/PCujIymCOnx/KPSyEaVwc0zXDZYucQT6xvHFXZwEd7H0KEuymSv1POumj+w2HJQxR4x1Thd0K2JK2hZBCjP4BrX7cv+0+AEvNLu64K09AVGRe+TV1WSFQg74tgQKmr2lmPJ6pdbMEwGCSqGSIb3DQEHATAdBglghkgBZQMEASoEEEcbWfvYifEn5tvFePnugTyAIC6j/0ddAjdxhSsskddTq4cTtrzTIs+enD6CzNHu4RZq]
|
||||
cosmos_fleetlock_config:
|
||||
fleetlock_group: eidas-test-frontends
|
||||
fleetlock_healthcheck_timeout: 300
|
||||
fleetlock_lock_timeout: 300
|
||||
37
lb-test-tug-1.komreg.net/overlay/etc/hiera/data/local.eyaml
Normal file
37
lb-test-tug-1.komreg.net/overlay/etc/hiera/data/local.eyaml
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
---
|
||||
acme_c_ssh_key: >
|
||||
ENC[PKCS7,MIIEYAYJKoZIhvcNAQcDoIIEUTCCBE0CAQAxggKEMIICgAIBAD
|
||||
BoMFAxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV
|
||||
lBTUwxITAfBgNVBAMMGGxiLXRlc3QtdHVnLTEua29tcmVnLm5ldAIUMtNt7i
|
||||
vC927EO0MzoBgDN9RQKlcwDQYJKoZIhvcNAQEBBQAEggIAvpKHYl/8mHRYFK
|
||||
huNaGIWN9iOcChLCXqDpoek+SXpwWc2REeXhncDRKpaPwBzEcUoHRg2Bqzhu
|
||||
+/r3I8Lb/FTszvv5CCEGY+jTzoMKcf2uzLSgmsugzQvmdjLlc6XrKZKUmgRo
|
||||
Bt9n/PWqawAPnt9vcjd6Iy3AatI+xFOBeCmJB50pMJOQm8+B4aRGwDypuOTr
|
||||
8obOrXmumOhuJkTLnkEJaee0qU5Be5niT6F8bjzWPM76EtRytNe7MR9bkWQx
|
||||
Okvv3w6sTSUZEev/uW3dRc1NCgvJ58x2DrfwT9SNFP/R/tLmws2uYPJvDU4K
|
||||
/DHbijDJt4Vdl8G7nDK3tdkMh/3gUNxCuew1igxnbkDppKAtr3XuhQsfzkXL
|
||||
sgyIldYbSmgZbQuf+yDzN9meWn5edB4pXNGl1n8mOFPJch/Jjt4Ybwizst8Y
|
||||
59FWhp1xrB+GtXyuMdeVtyX58YEgIRvjVe912RbpFU96VVf2/DQXj2lAmjvj
|
||||
I9RqmjnBY2xBOPKzHV6rdrC9ppawURYxPRGgDOA7JW3+ekoTB1OlF4dxTZD5
|
||||
ytQJygZvAwgVJwAHnhXN0eJZc/ra5qZ2NwXrrTr+HW5cEJo92H5OVVuuh+5H
|
||||
MEITleduAzgQzyUDP+hhrMHSyPe2SP+H8K8EMsH6aYnSBufaUeA38B7394Kc
|
||||
qssyohbRgwggG+BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCd4CyYzajGwN
|
||||
hsVitZsMRbgIIBkIC0NzJK5xrkIvENF1HJ9E35qi1i44LPNXpw4n8JePASLz
|
||||
IMbuog2me03ql+vTR1nGo4g3eUloxTHX+lBIdcKHM0qau38mkqO4jekZm/za
|
||||
56+I8CY7/J+o2lEv1U49+kWU9b/+zJ8ref4kNHVR/EXSK8BneH8+WEHZ5rQT
|
||||
h3+L0fVveJp3PkcZg66BvaUveITqgNfDjG3JWiLhyqU7P49CG3XZ70Y/TzMD
|
||||
jH837Cpkdyj9kiB1xOCc9hJNnnbCpKf4+UIAtwMInDNM/DlZ6yoGpUEssveO
|
||||
kno5P+rAT2AwvOvnIGV10sxrVTNnupTS8XrFDg8hZ4695mRPJ1TLQ1nYzJNk
|
||||
/UUHVGleIjaEMdmgUl3tHTa591LyAnFtrrJ72ifLuh3NxZA/OAEVL75fTsvh
|
||||
TmZtrrFkD6Vg/2SelguTYZxazAt3NSEkuYtmJDAZsLOB/TpvKsJ+SQKc0gTv
|
||||
bYF668aB7wc0w7GZjKQ1fFvjUqtUyXe83in7CrMyTWcDOcbzJ1GJOPmHpnoq
|
||||
sWz3qzS24=]
|
||||
|
||||
fleetlock_config:
|
||||
eidas-test-frontends:
|
||||
server: https://fl-test.knubbis.sunet.se
|
||||
password: ENC[PKCS7,MIIC7AYJKoZIhvcNAQcDoIIC3TCCAtkCAQAxggKEMIICgAIBADBoMFAxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxITAfBgNVBAMMGGxiLXRlc3QtdHVnLTEua29tcmVnLm5ldAIUMtNt7ivC927EO0MzoBgDN9RQKlcwDQYJKoZIhvcNAQEBBQAEggIAtdqAewDzon5oPq1tCO2DxJWVPz07K9bRP1//zC5600AhViDrDFtZ5bsf9dsaefgY2YT5QJCcYQiiM6sineDWgK6idXBQQqyrtsMqGOLjClxBwYXYBiK4fdn+8Igr1r88RDJUKSnuXiI8exp7B7yycQUNYnwA5w9pziesGhLGk7ghnbuhhkeBCfZ61xIYQdpgKIFmedmhsubpt4ZDdhok8lYtYhFhlsS4HWTf4Gf38+2h72u5PqC/gK81ylsssSLu+H180gE/lmEaHPZobTtqkCrXdK9h/lGrn7PkJs3odU0O89nYUlkmYp/HHNS0dmFzz7vVgrOhBmeT79DwBZmseWFfWM6nBQ/zDfyuMPOrdwuorMxrJOWXVWglq9HobMIP6eFU0ir3UswR7B1/GoZQLYCUC0uCUCKbVnjQtgfZ9ZHyLCny/leRMgFqneuVURczsrRTh9crL73G6uhgUKqbTG/TRa8as876IGGd0Xrk4q4tUTjGkIXO3pIHN2zI2BiIzFCJSYmvWTAVVY/G0mdqOV1Roa5az3lO0NHB/VHSA99dc5+LOmehvlCW2G5FKXw1O+kNDv4yFV0EeA9vUeKtIghZjOl8jkunW9vECOIoAGpdjlqzslg/jpySmytDnEgFkxke3wDfRcvmYh0Zsu5MT7/nXptc77UMi0HLXXT3O9QwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQGk3cpfuOPlPIdT+TKx/PkYAgb+1gj40iL6ErTwruQyPr8B5a8i+cfE3QDUL3slH/ykY=]
|
||||
cosmos_fleetlock_config:
|
||||
fleetlock_group: eidas-test-frontends
|
||||
fleetlock_healthcheck_timeout: 300
|
||||
fleetlock_lock_timeout: 300
|
||||
Loading…
Add table
Reference in a new issue