secrets & fleetlock
This commit is contained in:
parent
d10def05f8
commit
a9fca4619f
GPG key ID:
6EF520A1829E8B1D
3 changed files with 145 additions and 0 deletions
|
|
@ -0,0 +1,71 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
|
import yaml
|
||||||
|
import subprocess
|
||||||
|
import time
|
||||||
|
import sys
|
||||||
|
|
||||||
|
groupyaml = '/etc/hiera/data/group.yaml'
|
||||||
|
|
||||||
|
def get_frontends(data):
|
||||||
|
try:
|
||||||
|
return list(data['sunet_frontend']['load_balancer']['websites'].keys())
|
||||||
|
except KeyError:
|
||||||
|
return []
|
||||||
|
|
||||||
|
def check_docker_instance_status(instance):
|
||||||
|
cmd = f"docker inspect -f {r'{{.State.Status}}'} {instance}"
|
||||||
|
result = subprocess.run(cmd, shell=True, capture_output=True, text=True)
|
||||||
|
return result.stdout.strip() == 'running'
|
||||||
|
|
||||||
|
def is_exabgp_running():
|
||||||
|
cmd = ["systemctl", "is-active", "exabgp.service"]
|
||||||
|
result = subprocess.run(cmd, capture_output=True, text=True)
|
||||||
|
return result.stdout.strip() == 'active'
|
||||||
|
|
||||||
|
def check_docker_instances(instances, max_retries=3, initial_wait=10):
|
||||||
|
for instance in instances:
|
||||||
|
retries = 0
|
||||||
|
while retries < max_retries:
|
||||||
|
if check_docker_instance_status(instance):
|
||||||
|
print(f"Instance: {instance} is running!")
|
||||||
|
break
|
||||||
|
else:
|
||||||
|
print(f"Instance: {instance} is not running! Will try again in {initial_wait * (2**retries)} seconds.")
|
||||||
|
time.sleep(initial_wait * (2**retries))
|
||||||
|
retries += 1
|
||||||
|
if retries == max_retries:
|
||||||
|
print(f"Max retries reached for instance: {instance}, exiting!")
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
def check_exabgp_running(max_retries=3, initial_wait=10):
|
||||||
|
retries = 0
|
||||||
|
while retries < max_retries:
|
||||||
|
if is_exabgp_running():
|
||||||
|
print("ExaBGP service is running!")
|
||||||
|
break
|
||||||
|
else:
|
||||||
|
print(f"Exabgp is not running! Will try again in {initial_wait * (2**retries)} seconds.")
|
||||||
|
time.sleep(initial_wait * (2**retries))
|
||||||
|
retries += 1
|
||||||
|
if retries == max_retries:
|
||||||
|
print(f"Max retries reached for checking if exabgp is running, exiting!")
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
with open(groupyaml, 'r') as f:
|
||||||
|
data = yaml.safe_load(f)
|
||||||
|
|
||||||
|
frontends = get_frontends(data)
|
||||||
|
instances = []
|
||||||
|
|
||||||
|
for frontend in frontends:
|
||||||
|
instances.append(frontend + '-haproxy-1')
|
||||||
|
instances.append(frontend + '-monitor-1')
|
||||||
|
instances.append(frontend + '-config-1')
|
||||||
|
|
||||||
|
instances.append('frontend-api-1')
|
||||||
|
instances.append('frontend-telegraf-1')
|
||||||
|
|
||||||
|
check_exabgp_running()
|
||||||
|
check_docker_instances(instances)
|
||||||
|
sys.exit(0)
|
||||||
37
lb-test-sthb-1.komreg.net/overlay/etc/hiera/data/local.eyaml
Normal file
37
lb-test-sthb-1.komreg.net/overlay/etc/hiera/data/local.eyaml
Normal file
|
|
@ -0,0 +1,37 @@
|
||||||
|
---
|
||||||
|
acme_c_ssh_key: >
|
||||||
|
ENC[PKCS7,MIIEYQYJKoZIhvcNAQcDoIIEUjCCBE4CAQAxggKFMIICgQIBAD
|
||||||
|
BpMFExCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV
|
||||||
|
lBTUwxIjAgBgNVBAMMGWxiLXRlc3Qtc3RoYi0xLmtvbXJlZy5uZXQCFDPHJK
|
||||||
|
g1+IXKHUqBMyiDxc0qhJz2MA0GCSqGSIb3DQEBAQUABIICAHhuZn43Go8j1R
|
||||||
|
taCORk7erdvZaAUeX98O8pBZHbaR7yuTJLk70ek9Kz18oENZgdJshSqHVw0L
|
||||||
|
gGch9FbXxGahhN2qHJ2bilUUHH5MtIyMmOzc92h+s7JaL+IpdU8WT920vmuP
|
||||||
|
gxr0xMZBf9AyBInJIXU8ZDvjDMMpXsAnMypFw8LDgYSPWfbzqH+Pv7p9fx8R
|
||||||
|
EEz/bBJjTQUmUypw8KQj5OMYKIj5uqe47rttwyB/D2y/yDPJPfQtWzihAo2k
|
||||||
|
p3POZ/3FW8+PEqBW10GXE5k+uA6Wp8VUJasoaUkd28j2olvNifAhSM102iDi
|
||||||
|
g5tbieM0GqFSIyCtbQuBAv5p92koiuXVrgMj4IdBDC+In+2HphhmSBQBAwUW
|
||||||
|
lap/yVDzoL7XzPi6dl53vdO7XhtcLNlc/ffU2VdUvmKI4NMP7Rv67AgQj5/n
|
||||||
|
6Wh7HOtU2Ol2i6PqxIZkzb4NaLWpjv3qjYQsOyE/C1reZJ3YyndpbhdZPslP
|
||||||
|
Ve9ZbUMUZtPkkjRzXMEVq65hke9sJH4LclOQ7ebx4Q95ZfzN4EgNjKVj1pVG
|
||||||
|
QvHgeL+MRvljexaprJ51jcQVx66arYhf1y6pcFg+qK7H+KHHBQd1RlZ9sHTO
|
||||||
|
HO0X0MkSIIzxwdL62MsSgbVKsUzsjV5+DB5yKynX3kFXBIcJc2pgjTD2Xyzd
|
||||||
|
I/WTDEqAGmMIIBvgYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQZCxw12Mv0p
|
||||||
|
aDRHbL5iHD6ICCAZCMmoWZzkY94cJmoiWYFSdwcY4llDC90fXX7ZDFVUSpqP
|
||||||
|
+IAPKJ+Y80HFJd+Ijiwu9zwVw792nPQUhmFONgW9FHFn7cQMTxole6k5B8w/
|
||||||
|
eO1QcdiANhA4uJiRLPgN1vxpZO2M+TeBRsiXTqc5YcpaIFiCL6UFI6e6VPNq
|
||||||
|
Ffva1QNHG19kVpJbjefdWQ2zOpIVDPJgK5mvazozscpr0jw5tBhDAfZxQAHK
|
||||||
|
uFWQRD9GK4ECPHuKtOduj2MPri0qOmKV/2rccsRKW0HFqCnCiTSzu9Da3zTK
|
||||||
|
gsm7kIK2knrOsNBUDhPB3wxA9X054FGgwH87d9NRn7js7vZEzHkkERl7EKMs
|
||||||
|
jWYaXlnKIPyV7RlJMouYVJPfG9e93Flsow/ACMUlRhKtFdZ6SYTPWZ5T6DRa
|
||||||
|
VthM6uCKqqPxKWtYonpUWUmpkmKxGx4EuBNZ6fKfruXI1AIU3g1ZJ7QCBJq3
|
||||||
|
hwIbLRkZjv/ae2w4MOJKSobvZ42dPK8Xdzjc7llBb7nLBr5DZoe4OtE771d8
|
||||||
|
c7+rEljSLg]
|
||||||
|
|
||||||
|
fleetlock_config:
|
||||||
|
eidas-test-frontends:
|
||||||
|
server: https://fl-test.knubbis.sunet.se
|
||||||
|
password: ENC[PKCS7,MIIC7QYJKoZIhvcNAQcDoIIC3jCCAtoCAQAxggKFMIICgQIBADBpMFExCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxIjAgBgNVBAMMGWxiLXRlc3Qtc3RoYi0xLmtvbXJlZy5uZXQCFDPHJKg1+IXKHUqBMyiDxc0qhJz2MA0GCSqGSIb3DQEBAQUABIICAD1eDj35KDIqkzuuIVyEOgUxI+oxm6xJp4iwkzYOOkIKS7sieYkA/wzxHYqDyg3zJGBxsFrpEpGQRP/rWj9DqCirClnToEoUqrXymSsCD9Gz77gBXZqXmpbICVMVWlOXeZ7LA2g9O8w8OG2AsYKorTC5udEB01mwueZfjmwhKJLWcBU5i6B0BvB1S5SConud9QuV8fx2wr1VMjvEEM5fGanrW6IlXtQuGfdVOiNOjb7v9lvSZ+xk0Xiiix5g++YSUw12MHWQrGTUJbWORlenQS+WZayaEtPcQqOb4W232FarE8OWvOROzozO5+NypQHtC91oMChCd3hByzc2y3+Ls1ZS2Ov+mdbeLvMocjuI6TjGXKhTKd8Iy8pIGKJqO8VhXwNORoBlK2152gqTPyL/1H805HYRbdX12UFqSQIfCliGKtbGFoHAizh3XfFkTEdymV9LSzqR+jqGxQTsLwmbpmPQre7EeEAPHw5R0TU6HutEKUaelJuBm9plYN19gVyRMMgmogNhx1YI/xn6eOd+wqeCW2n47NRN3ogv/PCujIymCOnx/KPSyEaVwc0zXDZYucQT6xvHFXZwEd7H0KEuymSv1POumj+w2HJQxR4x1Thd0K2JK2hZBCjP4BrX7cv+0+AEvNLu64K09AVGRe+TV1WSFQg74tgQKmr2lmPJ6pdbMEwGCSqGSIb3DQEHATAdBglghkgBZQMEASoEEEcbWfvYifEn5tvFePnugTyAIC6j/0ddAjdxhSsskddTq4cTtrzTIs+enD6CzNHu4RZq]
|
||||||
|
cosmos_fleetlock_config:
|
||||||
|
fleetlock_group: eidas-test-frontends
|
||||||
|
fleetlock_healthcheck_timeout: 300
|
||||||
|
fleetlock_lock_timeout: 300
|
||||||
37
lb-test-tug-1.komreg.net/overlay/etc/hiera/data/local.eyaml
Normal file
37
lb-test-tug-1.komreg.net/overlay/etc/hiera/data/local.eyaml
Normal file
|
|
@ -0,0 +1,37 @@
|
||||||
|
---
|
||||||
|
acme_c_ssh_key: >
|
||||||
|
ENC[PKCS7,MIIEYAYJKoZIhvcNAQcDoIIEUTCCBE0CAQAxggKEMIICgAIBAD
|
||||||
|
BoMFAxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRV
|
||||||
|
lBTUwxITAfBgNVBAMMGGxiLXRlc3QtdHVnLTEua29tcmVnLm5ldAIUMtNt7i
|
||||||
|
vC927EO0MzoBgDN9RQKlcwDQYJKoZIhvcNAQEBBQAEggIAvpKHYl/8mHRYFK
|
||||||
|
huNaGIWN9iOcChLCXqDpoek+SXpwWc2REeXhncDRKpaPwBzEcUoHRg2Bqzhu
|
||||||
|
+/r3I8Lb/FTszvv5CCEGY+jTzoMKcf2uzLSgmsugzQvmdjLlc6XrKZKUmgRo
|
||||||
|
Bt9n/PWqawAPnt9vcjd6Iy3AatI+xFOBeCmJB50pMJOQm8+B4aRGwDypuOTr
|
||||||
|
8obOrXmumOhuJkTLnkEJaee0qU5Be5niT6F8bjzWPM76EtRytNe7MR9bkWQx
|
||||||
|
Okvv3w6sTSUZEev/uW3dRc1NCgvJ58x2DrfwT9SNFP/R/tLmws2uYPJvDU4K
|
||||||
|
/DHbijDJt4Vdl8G7nDK3tdkMh/3gUNxCuew1igxnbkDppKAtr3XuhQsfzkXL
|
||||||
|
sgyIldYbSmgZbQuf+yDzN9meWn5edB4pXNGl1n8mOFPJch/Jjt4Ybwizst8Y
|
||||||
|
59FWhp1xrB+GtXyuMdeVtyX58YEgIRvjVe912RbpFU96VVf2/DQXj2lAmjvj
|
||||||
|
I9RqmjnBY2xBOPKzHV6rdrC9ppawURYxPRGgDOA7JW3+ekoTB1OlF4dxTZD5
|
||||||
|
ytQJygZvAwgVJwAHnhXN0eJZc/ra5qZ2NwXrrTr+HW5cEJo92H5OVVuuh+5H
|
||||||
|
MEITleduAzgQzyUDP+hhrMHSyPe2SP+H8K8EMsH6aYnSBufaUeA38B7394Kc
|
||||||
|
qssyohbRgwggG+BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBCd4CyYzajGwN
|
||||||
|
hsVitZsMRbgIIBkIC0NzJK5xrkIvENF1HJ9E35qi1i44LPNXpw4n8JePASLz
|
||||||
|
IMbuog2me03ql+vTR1nGo4g3eUloxTHX+lBIdcKHM0qau38mkqO4jekZm/za
|
||||||
|
56+I8CY7/J+o2lEv1U49+kWU9b/+zJ8ref4kNHVR/EXSK8BneH8+WEHZ5rQT
|
||||||
|
h3+L0fVveJp3PkcZg66BvaUveITqgNfDjG3JWiLhyqU7P49CG3XZ70Y/TzMD
|
||||||
|
jH837Cpkdyj9kiB1xOCc9hJNnnbCpKf4+UIAtwMInDNM/DlZ6yoGpUEssveO
|
||||||
|
kno5P+rAT2AwvOvnIGV10sxrVTNnupTS8XrFDg8hZ4695mRPJ1TLQ1nYzJNk
|
||||||
|
/UUHVGleIjaEMdmgUl3tHTa591LyAnFtrrJ72ifLuh3NxZA/OAEVL75fTsvh
|
||||||
|
TmZtrrFkD6Vg/2SelguTYZxazAt3NSEkuYtmJDAZsLOB/TpvKsJ+SQKc0gTv
|
||||||
|
bYF668aB7wc0w7GZjKQ1fFvjUqtUyXe83in7CrMyTWcDOcbzJ1GJOPmHpnoq
|
||||||
|
sWz3qzS24=]
|
||||||
|
|
||||||
|
fleetlock_config:
|
||||||
|
eidas-test-frontends:
|
||||||
|
server: https://fl-test.knubbis.sunet.se
|
||||||
|
password: ENC[PKCS7,MIIC7AYJKoZIhvcNAQcDoIIC3TCCAtkCAQAxggKEMIICgAIBADBoMFAxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVTVU5FVDEOMAwGA1UECwwFRVlBTUwxITAfBgNVBAMMGGxiLXRlc3QtdHVnLTEua29tcmVnLm5ldAIUMtNt7ivC927EO0MzoBgDN9RQKlcwDQYJKoZIhvcNAQEBBQAEggIAtdqAewDzon5oPq1tCO2DxJWVPz07K9bRP1//zC5600AhViDrDFtZ5bsf9dsaefgY2YT5QJCcYQiiM6sineDWgK6idXBQQqyrtsMqGOLjClxBwYXYBiK4fdn+8Igr1r88RDJUKSnuXiI8exp7B7yycQUNYnwA5w9pziesGhLGk7ghnbuhhkeBCfZ61xIYQdpgKIFmedmhsubpt4ZDdhok8lYtYhFhlsS4HWTf4Gf38+2h72u5PqC/gK81ylsssSLu+H180gE/lmEaHPZobTtqkCrXdK9h/lGrn7PkJs3odU0O89nYUlkmYp/HHNS0dmFzz7vVgrOhBmeT79DwBZmseWFfWM6nBQ/zDfyuMPOrdwuorMxrJOWXVWglq9HobMIP6eFU0ir3UswR7B1/GoZQLYCUC0uCUCKbVnjQtgfZ9ZHyLCny/leRMgFqneuVURczsrRTh9crL73G6uhgUKqbTG/TRa8as876IGGd0Xrk4q4tUTjGkIXO3pIHN2zI2BiIzFCJSYmvWTAVVY/G0mdqOV1Roa5az3lO0NHB/VHSA99dc5+LOmehvlCW2G5FKXw1O+kNDv4yFV0EeA9vUeKtIghZjOl8jkunW9vECOIoAGpdjlqzslg/jpySmytDnEgFkxke3wDfRcvmYh0Zsu5MT7/nXptc77UMi0HLXXT3O9QwTAYJKoZIhvcNAQcBMB0GCWCGSAFlAwQBKgQQGk3cpfuOPlPIdT+TKx/PkYAgb+1gj40iL6ErTwruQyPr8B5a8i+cfE3QDUL3slH/ykY=]
|
||||||
|
cosmos_fleetlock_config:
|
||||||
|
fleetlock_group: eidas-test-frontends
|
||||||
|
fleetlock_healthcheck_timeout: 300
|
||||||
|
fleetlock_lock_timeout: 300
|
||||||
Loading…
Add table
Reference in a new issue