bob - a CLI sysdb client ======================== ``bob`` is a command-line client for sysdb. It supports adding, updating, and retrieving information about environments, nodes, MAC addresses and attributes. It can authenticate using Kerberos credentials or username/password pairs. Installation and setup ---------------------- For production use of bob there will be RPMs for bob and its dependencies. For the moment the steps are the following:: yum -y install python-setuptools python-requests-kerberos git clone git@git.psi.ch:linux-infra/admin-tools.git cd admin-tools python setup.py install Configuration ------------- ``bob`` takes a number of arguments, one of which is the base URL of the sysdb instance. It can be passed via ``--url BASEURL`` on the command-line, or using the environment variable ``PSI_BOB_URL``. Therefore it is useful include the following in your ``.bash_profile``:: PSI_BOB_URL=https://boot00.psi.ch/ Development ----------- For development, the easiest way to use bob is the following:: pip install --user click git clone XXX cd YYY pip install --user --editable . This will place a script ``bob`` in ``~/.local/bin``, which will reference the code in the working directory of the repository clone. This way, local changes in the source are effective immediately. It might be a good idea to use ``virtualenv`` to avoid installing dependencies system-wide. In addition to the ``PSI_BOB_URL`` it can be handy to also have the following in your ``.bash_profile``:: alias bobtest='PSI_BOB_URL=https://boot00-test.psi.ch/ bob' alias bobdev='PSI_BOB_URL=http://localhost:5000/ bob' During development sysdb usually listens on ``localhost:5000`` and doesn't use SSL, explaining the second alias. It also doesn't support authentication, instead expecting to find the username in the ``REMOTE_USER`` header. The latter can be set using the ``--fake-user`` option in bob or using the ``-H`` option in cURL:: bobdev --fake-user kaminski_k node set-attr foo.psi.ch ipxe_installer=rhel72server curl -X PUT -H REMOTE_USER:talamo_i http://localhost:5000/sysdb/v1/ Attributes ---------- The following attributes can be set for a node: +------------------------+------------------+-----------+------------------------------------------------------------------------------+ | attribute name | sample value | mandatory | meaning | +========================+==================+===========+==============================================================================+ | ``ipxe_installer`` | rhel73installer | yes | the installation entry to use at installation time via IPXE | +------------------------+------------------+-----------+------------------------------------------------------------------------------+ | ``network`` | static | yes | network setup of the installed system. can be ``static`` or ``dhcp`` | +------------------------+------------------+-----------+------------------------------------------------------------------------------+ | ``puppet_env`` | prod | yes | puppet environment | +------------------------+------------------+-----------+------------------------------------------------------------------------------+ | ``puppet_role`` | ``role::server`` | yes | puppet role of the node. String should start with ``role::`` | +------------------------+------------------+-----------+------------------------------------------------------------------------------+ | ``puppet_group`` | computing | no | defines the group for the hiera values. If not set takes the ``default`` one | +------------------------+------------------+-----------+------------------------------------------------------------------------------+ root password ~~~~~~~~~~~~~ The root password can be set with the attribute ``rootpw``. The value of the attribute must be the password hash, and can be generated with the command ``openssl passwd -6 "this is the password"`` partitions ~~~~~~~~~~ Partition schema can be passed as a url using the ``partitions`` attribute. It must be a publicly accessible url and its content will be copied into the kickstart section related to the partition. The usage of this attribute is generally discouraged and is provided to cover only the cases that are not actually already covered by the installation system, eg. the software raid configuration.