100 lines
4.5 KiB
ReStructuredText
100 lines
4.5 KiB
ReStructuredText
bob - a CLI sysdb client
|
|
========================
|
|
|
|
``bob`` is a command-line client for sysdb. It supports adding, updating, and
|
|
retrieving information about environments, nodes, MAC addresses and attributes.
|
|
It can authenticate using Kerberos credentials or username/password pairs.
|
|
|
|
|
|
Installation and setup
|
|
----------------------
|
|
|
|
For production use of bob there will be RPMs for bob and its dependencies.
|
|
|
|
For the moment the steps are the following::
|
|
|
|
yum -y install python-setuptools python-requests-kerberos
|
|
git clone git@git.psi.ch:linux-infra/admin-tools.git
|
|
cd admin-tools
|
|
python setup.py install
|
|
|
|
|
|
Configuration
|
|
-------------
|
|
|
|
``bob`` takes a number of arguments, one of which is the base URL of the sysdb
|
|
instance. It can be passed via ``--url BASEURL`` on the command-line, or using
|
|
the environment variable ``PSI_BOB_URL``. Therefore it is useful include the
|
|
following in your ``.bash_profile``::
|
|
|
|
PSI_BOB_URL=https://boot00.psi.ch/
|
|
|
|
Development
|
|
-----------
|
|
For development, the easiest way to use bob is the following::
|
|
|
|
pip install --user click
|
|
git clone XXX
|
|
cd YYY
|
|
pip install --user --editable .
|
|
|
|
This will place a script ``bob`` in ``~/.local/bin``, which will reference the
|
|
code in the working directory of the repository clone. This way, local changes
|
|
in the source are effective immediately. It might be a good idea to use
|
|
``virtualenv`` to avoid installing dependencies system-wide.
|
|
|
|
In addition to the ``PSI_BOB_URL`` it can be handy to also have the following
|
|
in your ``.bash_profile``::
|
|
|
|
alias bobtest='PSI_BOB_URL=https://boot00-test.psi.ch/ bob'
|
|
alias bobdev='PSI_BOB_URL=http://localhost:5000/ bob'
|
|
|
|
During development sysdb usually listens on ``localhost:5000`` and doesn't use
|
|
SSL, explaining the second alias. It also doesn't support authentication,
|
|
instead expecting to find the username in the ``REMOTE_USER`` header. The latter
|
|
can be set using the ``--fake-user`` option in bob or using the ``-H`` option in
|
|
cURL::
|
|
|
|
bobdev --fake-user kaminski_k node set-attr foo.psi.ch ipxe_installer=rhel72server
|
|
|
|
curl -X PUT -H REMOTE_USER:talamo_i http://localhost:5000/sysdb/v1/
|
|
|
|
Attributes
|
|
----------
|
|
|
|
The following attributes can be set for a node:
|
|
|
|
+------------------------+------------------+-----------+------------------------------------------------------------------------------+
|
|
| attribute name | sample value | mandatory | meaning |
|
|
+========================+==================+===========+==============================================================================+
|
|
| ``ipxe_installer`` | rhel73installer | yes | the installation entry to use at installation time via IPXE |
|
|
+------------------------+------------------+-----------+------------------------------------------------------------------------------+
|
|
| ``network`` | static | yes | network setup of the installed system. can be ``static`` or ``dhcp`` |
|
|
+------------------------+------------------+-----------+------------------------------------------------------------------------------+
|
|
| ``puppet_env`` | prod | yes | puppet environment |
|
|
+------------------------+------------------+-----------+------------------------------------------------------------------------------+
|
|
| ``puppet_role`` | ``role::server`` | yes | puppet role of the node. String should start with ``role::`` |
|
|
+------------------------+------------------+-----------+------------------------------------------------------------------------------+
|
|
| ``puppet_group`` | computing | no | defines the group for the hiera values. If not set takes the ``default`` one |
|
|
+------------------------+------------------+-----------+------------------------------------------------------------------------------+
|
|
|
|
|
|
root password
|
|
~~~~~~~~~~~~~
|
|
|
|
The root password can be set with the attribute ``rootpw``. The value
|
|
of the attribute must be the password hash, and can be generated with the command
|
|
``openssl passwd -6 "this is the password"``
|
|
|
|
partitions
|
|
~~~~~~~~~~
|
|
|
|
Partition schema can be passed as a url using the ``partitions`` attribute.
|
|
It must be a publicly accessible url and its content will be copied into the
|
|
kickstart section related to the partition.
|
|
|
|
The usage of this attribute is generally discouraged and is provided to cover
|
|
only the cases that are not actually already covered by the installation system,
|
|
eg. the software raid configuration.
|
|
|