[Freeipa-devel] [PATCH 0011-0012][RFE] ipa-replica-manage: automatically clean dangling RUVs
Martin Basti
mbasti at redhat.com
Tue Feb 2 11:23:43 UTC 2016
On 29.01.2016 08:42, Stanislav Laznicka wrote:
> On 01/26/2016 06:56 PM, Martin Basti wrote:
>>
>>
>> On 25.01.2016 16:41, Stanislav Laznicka wrote:
>>> Hi,
>>>
>>> Worked those comments into the code. Also added a bit different info
>>> message in clean_ruv with ca=True (ipa-replica-manage:430).
>>>
>>> Also adding stepst to reproduce:
>>> 1. Create a master and some replica (3 replicas is a good solution -
>>> 1 with CA, 1 without, 1 to be dangling (with CA))
>>> 2. Change domain level to 0 and ipactl restart
>>> 3. Remove the "dangling-to-be" replica from masters.ipa.etc and from
>>> both ipaca and domain subtrees in mapping tree.config
>>> 4. Try to remove the dangling ruvs with the command
>>>
>>> Cheers,
>>> Standa
>>>
>>>
>>> On 01/22/2016 01:22 PM, Martin Basti wrote:
>>>> Hello,
>>>>
>>>> I have a few comments
>>>>
>>>> PATCH Automatically detect and remove dangling RUVs
>>>>
>>>> 1)
>>>> + # get the Directory Manager password
>>>> + if options.dirman_passwd:
>>>> + dirman_passwd = options.dirman_passwd
>>>> + else:
>>>> + dirman_passwd = installutils.read_password('Directory
>>>> Manager',
>>>> + confirm=False, validate=False, retry=False)
>>>> + if dirman_passwd is None:
>>>> + sys.exit('Directory Manager password is required')
>>>> +
>>>> + options.dirman_passwd = dirman_passwd
>>>>
>>>> IMO you need only else branch here
>>>>
>>>> if not options.dirman_password:
>>>> dirman_passwd = installutils.read_password('Directory Manager',
>>>> confirm=False, validate=False, retry=False)
>>>> if dirman_passwd is None:
>>>> sys.exit('Directory Manager password is required')
>>>> options.dirman_passwd = dirman_passwd
>>>>
>>>>
>>>> 2)
>>>> We should use new formatting in new code (more times in code)
>>>>
>>>> + sys.exit(
>>>> + "Failed to get data from '%s' while trying to list
>>>> replicas: %s" %
>>>> + (host, e)
>>>> + )
>>>>
>>>> sys.exit(
>>>> "Failed to get data from '{host}' while trying to list
>>>> replicas: {e}".format(
>>>> host=host, e=e
>>>> )
>>>> )
>>>>
>>>> 3)
>>>> + # get all masters
>>>> + masters_dn = DN(('cn', 'masters'), ('cn', 'ipa'), ('cn',
>>>> 'etc'),
>>>> + ipautil.realm_to_suffix(realm))
>>>>
>>>> IMO you should use constants:
>>>> masters_dn = DN(api.env.container_masters, api.env.basedn)
>>>>
>>>> 4)
>>>> + # Get realm string for config tree
>>>> + s = realm.split('.')
>>>> + s = ['dc={dc},'.format(dc=x.lower()) for x in s]
>>>> + realm_config = DN(('cn', ''.join(s)[0:-1]))
>>>>
>>>> Can be api.env.basedn used instead of this block of code?
>>>>
>>>> 5)
>>>> + masters = [x.single_value['cn'] for x in masters]
>>>> ....
>>>> + for master in masters:
>>>>
>>>> is there any reason why not iterate over the keys in info dict?
>>>>
>>>> for master_name, master_data/values/whatever in info.items():
>>>> master_data['online'] = True
>>>>
>>>> Looks better than: info[master]['online'] = True
>>>>
>>>> 6)
>>>> I asked python gurus, for empty lists and dicts, please use [] and
>>>> {} instead of list() and dict()
>>>> It is preferred and faster.
>>>>
>>>> 7)
>>>> + if(info[master]['ca']):
>>>> + entry = conn.get_entry(csreplica_dn)
>>>> + csruv = (master,
>>>> entry.single_value.get('nsDS5ReplicaID'))
>>>> + if csruv not in csruvs:
>>>> + csruvs.append(csruv)
>>>>
>>>> I dont like too much adding tuples into list and then doing search
>>>> there, but it is as designed
>>>>
>>>> However can you use set() instead of list when the purpose of
>>>> variable is only testing existence?
>>>>
>>>> related to:
>>>> csruvs
>>>> ruvs
>>>> offlines
>>>> clean_list
>>>> cleaned
>>>>
>>>> 8)
>>>> conn in finally block may be undefined
>>>>
>>>> 9)
>>>> unused local variables
>>>>
>>>> clean_list
>>>> entry on line 570
>>>>
>>>> 10)
>>>> optional, comment what keys means in info structure
>>>>
>>>
>> Hello,
>>
>> 1)
>> I accept your silence as the following code cannot use nothing from
>> api.env
>> + # Get realm string for config tree
>> + s = realm.split('.')
>> + s = ['dc={dc},'.format(dc=x.lower()) for x in s]
>> + realm_config = DN(('cn', ''.join(s)[0:-1]))
>>
>> but then please use:
>> s = ['dc={dc}'.format(dc=x.lower()) for x in s]
>> realm_config = DN(('cn', ','.join(s)))
>>
>> But I still think that api.env.basedn can be used, because it
>> contains the same format as you need
>> realm_config = DN(('cn', api.env.basedn))
>>
> Sorry, forgot to mention that in the last email. However, turns out
> you are right. I didn't think DN works like this but it does, so this
> is now in it.
>> 2) nitpick
>> ca_dn = DN(('cn', 'ca'), DN(master.dn))
>>
>> AFAIK can be just
>>
>> ca_dn = DN(('cn', 'ca'), master.dn)
>>
> My bad, fixed.
>> 3) uber nitpick
>> This is PEP8 valid, but somehow inconsistent with the rest of code
>> and it hit my eyes
>>
>> print('\t\tid: {id}, hostname: {host}'
>> .format(id=csruv[1], host=csruv[0])
>> )
>>
>> we use in code
>>
>> print(
>> something1,
>> something2
>> )
>>
>> or
>>
>> print(something1,
>> something2)
>>
> And that shouldn't be there anymore, too :)
>> Otherwise LGTM
>
ACK
Pushed to:
ipa-4-3: 44018142747e933f7d680c8d7bacfbd883ffddf6
master: c8eabaff9ef49d3f51b02d613c25c09bf155bb3c
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160202/365e112a/attachment.htm>
More information about the Freeipa-devel
mailing list