├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md └── dependabot.yml ├── .gitignore ├── .travis.yml ├── CODE_OF_CONDUCT.md ├── LICENSE ├── README.md ├── doc ├── .nojekyll ├── Makefile ├── _config.yml ├── manpages │ ├── Makefile │ ├── man │ │ └── .gitignore │ └── src │ │ ├── errata-diff.yml.5.md │ │ ├── katprep.1.md │ │ ├── katprep.auth.5.md │ │ ├── katprep_authconfig.1.md │ │ ├── katprep_maintenance.1.md │ │ ├── katprep_parameters.1.md │ │ ├── katprep_populate.1.md │ │ ├── katprep_report.1.md │ │ ├── katprep_snapshot.1.md │ │ └── show_manpage.sh ├── publish.sh └── source │ ├── _static │ ├── example_1.png │ └── example_2.png │ ├── authentication.rst │ ├── changelog.rst │ ├── conf.py │ ├── debug.rst │ ├── drawings.vsdx │ ├── examples.rst │ ├── index.rst │ ├── installation.rst │ ├── issues.rst │ ├── katprep.management.rst │ ├── katprep.monitoring.rst │ ├── katprep.rst │ ├── landscape.rst │ ├── man │ ├── errata-diff.yml.5.rst │ ├── katprep.1.rst │ ├── katprep.auth.5.rst │ ├── katprep_authconfig.1.rst │ ├── katprep_maintenance.1.rst │ ├── katprep_parameters.1.rst │ ├── katprep_populate.1.rst │ ├── katprep_report.1.rst │ └── katprep_snapshot.1.rst │ ├── parameter_overview.rst │ ├── reports.rst │ └── tested_setups.rst ├── docs ├── .nojekyll ├── _images │ ├── example_1.png │ └── example_2.png ├── _modules │ ├── AuthContainer.html │ ├── index.html │ └── logging.html ├── _sources │ ├── authentication.rst.txt │ ├── changelog.rst.txt │ ├── debug.rst.txt │ ├── examples.rst.txt │ ├── index.rst.txt │ ├── installation.rst.txt │ ├── issues.rst.txt │ ├── katprep.clients.rst.txt │ ├── katprep.rst.txt │ ├── landscape.rst.txt │ ├── man │ │ ├── errata-diff.yml.5.rst.txt │ │ ├── katprep.1.rst.txt │ │ ├── katprep.auth.5.rst.txt │ │ ├── katprep_authconfig.1.rst.txt │ │ ├── katprep_maintenance.1.rst.txt │ │ ├── katprep_parameters.1.rst.txt │ │ ├── katprep_populate.1.rst.txt │ │ ├── katprep_report.1.rst.txt │ │ └── katprep_snapshot.1.rst.txt │ ├── parameter_overview.rst.txt │ ├── reports.rst.txt │ └── tested_setups.rst.txt ├── _static │ ├── ajax-loader.gif │ ├── basic.css │ ├── classic.css │ ├── comment-bright.png │ ├── comment-close.png │ ├── comment.png │ ├── default.css │ ├── doctools.js │ ├── documentation_options.js │ ├── down-pressed.png │ ├── down.png │ ├── example_1.png │ ├── example_2.png │ ├── file.png │ ├── jquery.js │ ├── minus.png │ ├── plus.png │ ├── pygments.css │ ├── searchtools.js │ ├── sidebar.js │ ├── underscore.js │ ├── up-pressed.png │ ├── up.png │ └── websupport.js ├── authentication.html ├── changelog.html ├── debug.html ├── examples.html ├── genindex.html ├── index.html ├── installation.html ├── issues.html ├── katprep.clients.html ├── katprep.html ├── landscape.html ├── man │ ├── katprep.1.html │ ├── katprep.auth.5.html │ ├── katprep_authconfig.1.html │ ├── katprep_maintenance.1.html │ ├── katprep_parameters.1.html │ ├── katprep_populate.1.html │ ├── katprep_report.1.html │ └── katprep_snapshot.1.html ├── objects.inv ├── parameter_overview.html ├── py-modindex.html ├── reports.html ├── search.html ├── searchindex.js └── tested_setups.html ├── katprep.spec ├── katprep ├── AuthContainer.py ├── __init__.py ├── authconfig.py ├── exceptions.py ├── maintenance.py ├── management │ ├── __init__.py │ ├── base.py │ ├── foreman.py │ ├── libvirt.py │ ├── spacewalk.py │ └── vmware.py ├── monitoring │ ├── __init__.py │ ├── base.py │ ├── icinga2.py │ └── nagios.py ├── network.py ├── parameters.py ├── populate.py ├── report.py └── snapshot.py ├── katprep_workflow.jpg ├── requirements-tests.txt ├── requirements.txt ├── setup.py ├── templates ├── template.html └── template.md └── tests ├── .gitignore ├── .gitlab-ci.yml ├── README.md ├── Vagrant ├── README.md ├── Vagrantfile ├── files │ └── nested-Vagrantfile ├── playbook_katello.yml ├── playbook_kvm.yml ├── playbook_monitoring.yml ├── playbook_uyuni.yml ├── playbook_zabbix.yml ├── requirements_katello.yml ├── requirements_kvm.yml ├── requirements_monitoring.yml ├── requirements_uyuni.yml └── requirements_zabbix.yml ├── __init__.py ├── conftest.py ├── fman_config.json.tmpl ├── icinga2_config.json.tmpl ├── icinga2_config.json.vagrant ├── libvirt_config.json.tmpl ├── nagios_config.json.tmpl ├── nagios_config.json.vagrant ├── pytest.ini ├── pyvmomi_config.json.tmpl ├── spw_config.json.tmpl ├── test_ForemanAPIClient.py ├── test_Icinga2APIClient.py ├── test_LibvirtClient.py ├── test_NagiosCompatibleCGIClient.py ├── test_PyvmomiClient.py ├── test_SpacewalkAPIClient.py ├── test_network_utilities.py ├── tmpl-katprep-centos7 └── Dockerfile ├── update_docker.sh └── utilities.py /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | 5 | --- 6 | 7 | **Describe the bug** 8 | A clear and concise description of what the bug is. 9 | 10 | **To Reproduce** 11 | Steps to reproduce the behavior: 12 | 1. Enter command '...' 13 | 2. Execute task '....' 14 | 3. See error 15 | 16 | **Expected behavior** 17 | A clear and concise description of what you expected to happen. 18 | 19 | **Screenshots** 20 | If applicable, add screenshots to help explain your problem. 21 | 22 | **Environment (please complete the following information):** 23 | - OS version: [e.g. CentOS 7.4] 24 | - Red Hat Satellite or Foreman/Katello version [e.g. 1.17.1/3.6.0] 25 | 26 | **Additional context** 27 | Add any other context about the problem here [e.g. logs] 28 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | 5 | --- 6 | 7 | **Is your feature request related to a problem? Please describe.** 8 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 9 | 10 | **Describe the solution you'd like** 11 | A clear and concise description of what you want to happen. 12 | 13 | **Describe alternatives you've considered** 14 | A clear and concise description of any alternative solutions or features you've considered. 15 | 16 | **Additional context** 17 | Add any other context or screenshots about the feature request here. 18 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: pip 4 | directory: "/" 5 | schedule: 6 | interval: daily 7 | time: "04:00" 8 | open-pull-requests-limit: 10 9 | ignore: 10 | - dependency-name: pytest-cov 11 | versions: 12 | - 2.11.0 13 | - dependency-name: lxml 14 | versions: 15 | - 4.6.1 16 | - dependency-name: pytest 17 | versions: 18 | - 6.0.0 19 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.py[oc] 2 | *.log 3 | *.vlog 4 | *.json 5 | *.auth 6 | *.bak 7 | *.swp 8 | errata-*.html 9 | errata-*.yml 10 | errata-*.md 11 | test*.py 12 | test*.yml 13 | TODO 14 | .buildinfo 15 | build/ 16 | dist/ 17 | 18 | # Python dirs 19 | __pycache__ 20 | *.egg-info 21 | .cache/ 22 | .idea 23 | 24 | # Coverage dirs 25 | .coverage 26 | coverage.xml 27 | htmlcov/ 28 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: python 2 | python: 3 | - "3.8" 4 | # command to install dependencies 5 | install: "pip install -r requirements-tests.txt" 6 | 7 | script: 8 | - pytest --cov=katprep 9 | - codecov 10 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation. 6 | 7 | ## Our Standards 8 | 9 | Examples of behavior that contributes to creating a positive environment include: 10 | 11 | * Using welcoming and inclusive language 12 | * Being respectful of differing viewpoints and experiences 13 | * Gracefully accepting constructive criticism 14 | * Focusing on what is best for the community 15 | * Showing empathy towards other community members 16 | 17 | Examples of unacceptable behavior by participants include: 18 | 19 | * The use of sexualized language or imagery and unwelcome sexual attention or advances 20 | * Trolling, insulting/derogatory comments, and personal or political attacks 21 | * Public or private harassment 22 | * Publishing others' private information, such as a physical or electronic address, without explicit permission 23 | * Other conduct which could reasonably be considered inappropriate in a professional setting 24 | 25 | ## Our Responsibilities 26 | 27 | Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior. 28 | 29 | Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful. 30 | 31 | ## Scope 32 | 33 | This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers. 34 | 35 | ## Enforcement 36 | 37 | Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at info@cstan.io. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately. 38 | 39 | Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. 40 | 41 | ## Attribution 42 | 43 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version] 44 | 45 | [homepage]: http://contributor-covenant.org 46 | [version]: http://contributor-covenant.org/version/1/4/ 47 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Build Status](https://travis-ci.org/stdevel/katprep.svg?branch=master)](https://travis-ci.org/stdevel/katprep) 2 | [![codecov](https://codecov.io/gh/stdevel/katprep/branch/master/graph/badge.svg)](https://codecov.io/gh/stdevel/katprep) 3 | 4 | # katprep 5 | 6 | **katprep** is a Python toolkit for automating system maintenance and generating patch reports for systems managed with [Foreman](http://www.theforeman.org/)/[Katello](http://www.katello.org/) or [Red Hat Satellite 6.x](http://www.redhat.com/products/enterprise-linux/satellite/). 7 | 8 | This can be very useful if you need to document software changes due to IT certifications like [ISO/IEC 27001:2005](http://en.wikipedia.org/wiki/ISO/IEC_27001:2005) or many other. 9 | 10 | katprep can automate the following infrastructure tasks: 11 | 12 | - create/remove virtual machine snapshots hypervisor independently (*e.g. VMware vSphere, KVM, XEN, Hyper-V,...*) by utilizing [libvirt](http://www.libvirt.org) and the [VMware vSphere Python API bindings (*pyVmomi*)](https://github.com/vmware/pyvmomi) 13 | - schedule/remove downtimes within your monitoring system (*Nagios/Icinga, Icinga2*) 14 | - patch and reboot affected systems 15 | - document system changes in a customizable report by utilizing [Pandoc](https://pypi.python.org/pypi/pypandoc) (*HTML, Markdown,...*) 16 | 17 | This software is a complete rewrite of my other toolkit [**satprep**](https://github.com/stdevel/satprep). 18 | 19 | ## Documentation and contribution 20 | 21 | The project documentation is created automatically using [Sphinx](http://www.sphinx-doc.org) - it can be found in the **doc** folder of this repository. Check-out [**this website**](https://stdevel.github.io/katprep/) for an online mirror. 22 | 23 | You want to contribute? That's great! Please check-out the [**Issues**](https://github.com/stdevel/katprep/issues) tab of this project and share your thoughts/ideas in a new issue - also, pull requests are welcome! 24 | 25 | ## How does this work? 26 | 27 | katprep uses Puppet host parameters to assign additional meta information to systems managed with Foreman/Katello or Red Hat Satellite such as: 28 | - monitoring/virtualization system managing the host 29 | - differing object names within those systems 30 | - snapshots required before system maintenance 31 | 32 | ![katprep workflow](https://raw.githubusercontent.com/stdevel/katprep/master/katprep_workflow.jpg "katprep workflow") 33 | 34 | If you plan to execute maintenance tasks, katprep triggers (*`katprep_maintenance` utility*) monitoring and virtualization hosts to schedule downtimes and create VM snapshots. Once these tasks have been completed, katprep can automatically trigger the patch installation and system reboot. After verifying your systems, katprep can remove downtimes and snapshots automatically. Before and after patching systems, it is necessary to create an inventory report of your system landscape. These reports contain information such as outstanding patches - after patching your systems, the `katprep_report` utility automatically calculares differences and creates patch reports for all updated hosts. 35 | 36 | As a result, patching big system landscapes becomes less time-consuming with katprep: it's only executing three commands - independent whether you are patching 1 host or 1000 hosts. 37 | 38 | To make the installation even easier, an auto-discover functionality can scan your monitoring systems and hypervisors and link gathered information with Foreman/Katello and Red Hat Satellite automatically (``katprep_populate``). 39 | -------------------------------------------------------------------------------- /doc/.nojekyll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/doc/.nojekyll -------------------------------------------------------------------------------- /doc/_config.yml: -------------------------------------------------------------------------------- 1 | include: 2 | - _images 3 | - _sources 4 | - _static 5 | - _modules 6 | - _templates 7 | -------------------------------------------------------------------------------- /doc/manpages/Makefile: -------------------------------------------------------------------------------- 1 | #Makefile friendly inspired by https://gist.github.com/bertvv/e77e3a5d24d8c2a9bcc4 2 | 3 | #source and output directory 4 | source := src 5 | output := man 6 | output_rst := ../source/man 7 | 8 | #all Markdown files in source directory are considered 9 | sources := $(wildcard $(source)/*.md) 10 | 11 | #convert the list of source files (Markdown files in directory src/) 12 | #into a list of output files (GZIPs in man/ directory) 13 | objects := $(patsubst %.md,%.gz,$(subst $(source),$(output),$(sources))) 14 | #convert the list of source files (Markdown files in directory src/) 15 | #into a list of output files (rst files) 16 | objects_rst := $(patsubst %.md,%.rst,$(subst $(source),$(output_rst),$(sources))) 17 | 18 | #default make target 19 | all: $(objects) $(objects_rst) 20 | #all: $(objects) 21 | 22 | #recipe for converting markdown to manpage and gzipping it afterwards 23 | $(output)/%.gz: $(source)/%.md 24 | pandoc $< -s -t man | gzip -f > $@ 25 | 26 | #recipe for also exporting to markdown and copying it to the main documentation 27 | $(output_rst)/%.rst: $(source)/%.md 28 | pandoc $< --from=markdown -t rst --output $@ 29 | 30 | .PHONY : clean 31 | 32 | #clean _all_ the rubbish 33 | clean: 34 | rm -f $(output)/*.gz 35 | rm -f $(output_rst)/*.1.rst 36 | rm -f $(output_rst)/*.5.rst 37 | -------------------------------------------------------------------------------- /doc/manpages/man/.gitignore: -------------------------------------------------------------------------------- 1 | *.gz 2 | -------------------------------------------------------------------------------- /doc/manpages/src/errata-diff.yml.5.md: -------------------------------------------------------------------------------- 1 | % errata-diff.yml(5) Version 0.5.0 | katprep documentation 2 | 3 | NAME 4 | ==== 5 | 6 | **errata-diff.yml** — An individual katprep host maintenance report variable file 7 | 8 | DESCRIPTION 9 | =========== 10 | 11 | A _errata-diff.yml_ file is an individual katprep host maintenance report variable file used by **katprep_report(1)** in order to create host reports. The following information can be found in the variable file: 12 | 13 | - Generic system information (hostname, IP address,...) 14 | - Verification data obtained by **katprep_maintenance(1)** 15 | - Errata delta information (CVEs, packages,...) between two infrastructure snapshot reports created by **katprep_snapshot(1)** 16 | 17 | Usually, these variable files are removed automatically - but for debugging purposes or writing your own templates it might be necessary to check the content. To preserve YAML files execute **katprep_report(1)** like this: 18 | 19 | | $ katprep_report errata*json -t _template_ -x 20 | 21 | A valid variable file is written in YAML and contains the following dictionaries: 22 | 23 | - errata 24 | - params 25 | - verification 26 | 27 | Every errata entry consists at least of the following variables: 28 | 29 | cves 30 | : CVE numbers 31 | 32 | description 33 | : Erratum description 34 | 35 | errata_id 36 | : Erratum ID 37 | 38 | issued 39 | : Erratum release date 40 | 41 | packages 42 | : Dictionary containing related package names 43 | 44 | severity 45 | : Erratum severity (bugfix, enhancement, critical) 46 | 47 | summary 48 | : Erratum summary 49 | 50 | type 51 | : Erratum type (bugfix, enhancement, critical) 52 | 53 | The `params` section includes at least: 54 | 55 | environment_name 56 | : Puppet environment name 57 | 58 | ip 59 | : IP address 60 | 61 | katprep\_\* 62 | : katprep-related host parameters 63 | 64 | location_name 65 | : Location the host is assigned to 66 | 67 | name 68 | : Object name within Foreman 69 | 70 | operatingsystem_name 71 | : Operating system name 72 | 73 | organization_name 74 | : Organization the host is assigned to 75 | 76 | owner 77 | : Specified owner within Foreman 78 | 79 | system_physical 80 | : Flag whether the system is physical 81 | 82 | date 83 | : Snapshot creation date 84 | 85 | time 86 | : Snapshot creation time 87 | 88 | The `verification` section can include: 89 | 90 | mon_cleanup 91 | : Flag whether downtime has been cleared 92 | 93 | mon_status 94 | : Overall monitoring state 95 | 96 | mon_status_detail 97 | : Detailed monitoring state (e.g. service states) 98 | 99 | virt_cleanup 100 | : Flag whether snapshot has been removed 101 | 102 | 103 | BUGS 104 | ==== 105 | 106 | See GitHub issues: 107 | 108 | AUTHOR 109 | ====== 110 | 111 | Christian Stankowic 112 | 113 | SEE ALSO 114 | ======== 115 | 116 | **katprep(1)**, **katprep_maintenance(1)**, **katprep_report(1)**, **katprep_snapshot(1)** 117 | -------------------------------------------------------------------------------- /doc/manpages/src/katprep.1.md: -------------------------------------------------------------------------------- 1 | % katprep(1) Version 0.5.0 | katprep documentation 2 | 3 | NAME 4 | ==== 5 | 6 | **katprep** — Python toolkit for automating system maintenance and generating patch reports along with Foreman/Katello and Red Hat Satellite 6.x 7 | 8 | DESCRIPTION 9 | =========== 10 | 11 | katprep is a toolkit for automating system maintenance tasks such as: 12 | 13 | - Preparing system maintenance (scheduling downtimes, creating VM snapshots) 14 | - Installing errata and non-erratum package upgrades 15 | - Showing status of maintenance progress 16 | - Checking monitoring and snapshot status 17 | - Reverting VM snapshots 18 | - Removing downtimes and snapshots 19 | - Generating maintenance reports (e.g. because of of ISO/IEC 27001:2005 IT certifications) 20 | 21 | For VM management, the **libvirt** and **pyVmomi** (VMware vSphere Python API bindings) libraries are used, therefore at least the following hypervisors are supported: 22 | - VMware vSphere, Workstation, Player 23 | - VirtualBox 24 | - QEMU 25 | - KVM 26 | - XEN 27 | - Microsoft Hyper-V 28 | 29 | Check-out the libvirt website (https://libvirt.org/drivers.html) for additional drivers. 30 | 31 | For managing monitoring, the following products are supported: 32 | - Nagios/Icinga 1.x 33 | - Icinga2 34 | 35 | When creating reports, the document converter Pandoc is used. This enables exporting reports in various formats; this utility offers pre-defined Markdown and HTML templates. 36 | 37 | Virtualization URIs 38 | ------------------- 39 | When using **libvirt** specify a valid connection URI, such as: 40 | 41 | | qemu+ssh://root@pinkepank.giertz.loc/system 42 | | xen:///system 43 | | esx:///system 44 | | vpx://vc01/cluster02/locaiton03/esxi04/?no_verify=1 45 | | vbox:///system 46 | 47 | See the libvirt documentation (https://libvirt.org/guide/html/Application_Development_Guide-Connections-URI_Formats.html) for more examples. 48 | 49 | When using **pyvmomi**, specify a valid ESXi host or vCenter Server hostname, such as: 50 | 51 | | vcenter.localdomain.loc 52 | | esxi.giertz.loc 53 | 54 | Monitoring URLs: 55 | ---------------- 56 | When using **nagios** (_NagiosCGIClient_), specify the full Nagios or Icinga 1.x URL - make sure **not** to include **/cgi-bin**. Examples: 57 | 58 | | https://nagios.giertz.loc/nagios 59 | | http://omd.pinkepank.loc/icinga 60 | 61 | When using **icinga** (_IcingaAPIClient_), specify the full API URL including the port - such as: 62 | 63 | | https://bigbrother.giertz.loc:5665 64 | 65 | Utilities 66 | --------- 67 | 68 | The following utilities are part of the katprep framework: 69 | 70 | - **katprep_authconfig(1)** - Manages credentials for third-party systems triggered by katprep 71 | - **katprep_maintenance(1)** - Prepares, executes and verifies system maintenance tasks 72 | - **katprep_parameters(1)** - Bulk edits Puppet host parameters for managed hosts 73 | - **katprep_populate(1)** - Auto-discovers and updates monitoring and hypervisor information for managed systems 74 | - **katprep_report(1)** - Creates reports after system maintenance 75 | - **katprep_snapshot(1)** - Creates infrastructure status overview snapshots 76 | 77 | Usage 78 | ----- 79 | 80 | In order to automate system maintenance, you will need to represent your system landscape in katprep as the toolkit needs to know _which_ hosts are _VMs_ running on _which_ hypervisor monitored by _which_ monitoring system (managing physical hosts is also possible). From a Foreman perspective, these information are stored as Puppet host parameter - see also **katprep_parameters(1)**. 81 | To omit the need of entering these information manually, two tools can assist - see **katprep_parameters(1)** and **katprep_populate(1)**. 82 | 83 | After your infrastructure is known to katprep, it can create infrastructure status reports using **katprep_snapshot(5)**. This snapshot includes information about hosts and outstanding patches. Before and after managing hosts, a report needs to be created in order to be able to calculate the delta. 84 | System maintenance is triggered via **katprep_maintenance(1)**. This utilities automates preparing, executing, verifying and cleaning-up maintenance tasks. 85 | 86 | After finishing maintenance, it is possible to create maintenance reports by leveraging **katprep_report(1)**. 87 | 88 | So, in summary - to automate patching your system landscape, execute the following tools: 89 | 90 | 1. **katprep_snapshot(1)** to create an infrastructure snapshot 91 | 2. **katprep_maintenance(1)** to prepare, execute and clean-up maintenance 92 | 3. **katprep_snapshot(1)** to create another infrastructure snapshot 93 | 4. **katprep_report(1)** to create maintenance reports (optional) 94 | 95 | BUGS 96 | ==== 97 | 98 | See GitHub issues: 99 | 100 | AUTHOR 101 | ====== 102 | 103 | Christian Stankowic 104 | 105 | SEE ALSO 106 | ======== 107 | 108 | **katprep_authconfig(1)**, **katprep_maintenance(1)**, **katprep_parameters(1)**, **katprep_populate(1)**, **katprep_report(1)**, **katprep_snapshot(1)** 109 | -------------------------------------------------------------------------------- /doc/manpages/src/katprep.auth.5.md: -------------------------------------------------------------------------------- 1 | % katprep_auth(5) Version 0.5.0 | katprep documentation 2 | 3 | NAME 4 | ==== 5 | 6 | **katprep.auth** — An individual katprep authentication container file 7 | 8 | DESCRIPTION 9 | =========== 10 | 11 | A _katprep.auth_ file is an individual authentication container file used by the **katprep(1)** framework in order to gain access to external third-party systems (such as monitoring systems and hypervisors). This removes the need of entering login information every time to trigger external systems. Authentication containers are JSON documents that can also be protected by a passphrase. In this case, you need to enter the passphrase once when using the container. 12 | 13 | A valid document contains a dictionary containing hostnames and another dictionary specifying the following fields: 14 | 15 | username 16 | : A valid username 17 | 18 | password 19 | : Appropriate password 20 | 21 | Example: 22 | 23 | | {"vcenter.giertz.loc": {"username": "stdevel", "password": "chad"} 24 | 25 | Once encrypted, corresponding password entries are replaced with symmetric Fernet hashes: 26 | 27 | | {"vcenter.giertz.loc": {"username": "stdevel", "password": "s/gAAAA..."} 28 | 29 | To modify an authentication container, utilize the **katprep_authconfig(1)** utility - manually editing the file is **not supported**. 30 | 31 | BUGS 32 | ==== 33 | 34 | See GitHub issues: 35 | 36 | AUTHOR 37 | ====== 38 | 39 | Christian Stankowic 40 | 41 | SEE ALSO 42 | ======== 43 | 44 | **katprep(1)**, **katprep_authconfig(1)** 45 | -------------------------------------------------------------------------------- /doc/manpages/src/katprep_authconfig.1.md: -------------------------------------------------------------------------------- 1 | % katprep_authconfig(1) Version 0.5.0 | katprep documentation 2 | 3 | NAME 4 | ==== 5 | 6 | **katprep_authconfig** — Manages credentials for third-party systems triggered by katprep 7 | 8 | SYNOPSIS 9 | ======== 10 | 11 | | **katprep_authconfig** \[**-h**] \[**-v**] \[**-q**] \[**-d**] \[_file_] \[**list**|**add**|**remove**|**password**] 12 | 13 | DESCRIPTION 14 | =========== 15 | 16 | Creates, modifies and removes entries from authentication containers used by the **katprep(1)** framework in order to gain access to external third-party systems (such as monitoring systems and hypervisors). This removes the need of entering login information every time to trigger external systems. 17 | Authentication containers are JSON documents that can also be protected by a passphrase. In this case, you need to enter the passphrase once when using the container. 18 | 19 | Options 20 | ------- 21 | 22 | -h, --help 23 | 24 | : Prints brief usage information. 25 | 26 | -v, --version 27 | 28 | : Prints the current version number. 29 | 30 | -q, --quiet 31 | 32 | : Supresses printing status messages to stdout. 33 | 34 | -d, --debug 35 | 36 | : Enables debugging outputs. 37 | 38 | Listing credentials 39 | ------------------- 40 | 41 | To list credentials, use the **list** command. By default, the output will contain hostnames and usernames, but no password. To also show password in plain text, add the following parameter: 42 | 43 | -a, --show-password 44 | : also print passwords. 45 | 46 | Adding credentials 47 | ------------------ 48 | 49 | To add credentials, use the **add** command. By default, you will be prompted for hostname, username and password. To pre-select information, utilize the following parameters: 50 | 51 | -H _hostname_, --hostname _hostname_ 52 | 53 | : Third-party system hostname 54 | 55 | -u _username_, --username _username_ 56 | 57 | : Appropriate username 58 | 59 | -p _password_, --password _password_ 60 | 61 | : Corresponding password 62 | 63 | Removing credentials 64 | -------------------- 65 | 66 | To remove credentials, use the **remove** command. You will be prompted for a hostname, to pre-select the hostname, utilize the following parameter: 67 | 68 | -H _hostname_, --hostname _hostname_ 69 | 70 | : Third-party system hostname 71 | 72 | Encrypting/decrypting containers 73 | -------------------------------- 74 | 75 | By default, authentication containers contain login information in plain text. To enhance security, it is possible to encrypt the passwords with a passphrase up to 32 chars. To encrypt or decrypt a file, utilize the **password** command. By default, the utility prompts a password. To pre-select the password, utilize the following parameter: 76 | 77 | -p _password_, --password _password_ 78 | 79 | : Password 80 | 81 | To encrypt an authentication container, simply execute **katprep_authconfig** \[_file_] **password** and specify a passphrase. To remove the encryption, re-run the command without specifying a passphrase. 82 | 83 | FILES 84 | ===== 85 | 86 | *~/.katpreprc* 87 | 88 | : Per-user katprep configuration file. 89 | 90 | *katprep.auth* 91 | 92 | : Individual katprep authentication container file. 93 | 94 | BUGS 95 | ==== 96 | 97 | See GitHub issues: 98 | 99 | AUTHOR 100 | ====== 101 | 102 | Christian Stankowic 103 | 104 | SEE ALSO 105 | ======== 106 | 107 | **katprep(1)**, **katprep.auth(5)** 108 | -------------------------------------------------------------------------------- /doc/manpages/src/katprep_parameters.1.md: -------------------------------------------------------------------------------- 1 | % katprep_parameters(1) Version 0.5.0 | katprep documentation 2 | 3 | NAME 4 | ==== 5 | 6 | **katprep_parameters** — Bulk edits Puppet host parameters for managed hosts 7 | 8 | SYNOPSIS 9 | ======== 10 | 11 | | **katprep_parameters** \[**-h**] \[**-v**] \[**-q**] \[**-d**] \[**-n**] \[**-C** _authentication\_contianer_] \[**-P** _password_] \[**--insecure**] \[**-s** _server_] \[**-l** _name_|_id_ | **-o** _name_|_id_ | **-g** _name_|_id_ | **-e** _name_|_id_] \[**-A** | **--add-optional-parameters** | **-R** | **-D** | **-U** | **-L**] 12 | 13 | DESCRIPTION 14 | =========== 15 | 16 | Creates, removes, updates or audits Puppet host parameters used by the **katprep(1)** framework in order to automate system maintenance. 17 | Use this utility to bulk edit host parameters, e.g. to change snapshot protection settings per hostgroup. For the first integration of your infrastructure, use **katprep_populate(1)** as it offers auto-discovery. 18 | 19 | Host parameters 20 | --------------- 21 | 22 | The following Puppet host parameters are created/updated: 23 | 24 | katprep_mon 25 | 26 | : URL of the monitoring system (see also **Monitoring URLs**) 27 | 28 | katprep_mon_name 29 | 30 | : Object name within monitoring if ont FQDN 31 | 32 | katprep_mon_type 33 | 34 | : Monitoring system type: \[_nagios_|_icinga_] (default: icinga) 35 | 36 | katprep_virt 37 | 38 | : URI of the virtualization host (see also **Virtualization URIs**) 39 | 40 | katprep_virt_snapshot 41 | 42 | : Boolean \[_0_|_1_] whether the system needs to be protected by a snapshot 43 | 44 | katprep_virt_name 45 | 46 | : Object name within hypervisor if not FQDN 47 | 48 | katprep_virt_type 49 | 50 | : Virtualization host type, \[_libvirt_|_pyvmovmi_] (default: libvirt) 51 | 52 | For valid Virtualization URIs and monitoring URLs, see **katprep(1)**. 53 | 54 | Options 55 | ------- 56 | 57 | -h, --help 58 | 59 | : Prints brief usage information. 60 | 61 | -v, --version 62 | 63 | : Prints the current version number. 64 | 65 | -q, --quiet 66 | 67 | : Supresses printing status messages to stdout. 68 | 69 | -d, --debug 70 | 71 | : Enables debugging outputs. 72 | 73 | -n, --dry-run 74 | 75 | : Only simulates what would be done (default: no) 76 | 77 | -C _filename_, --auth-container _filename_ 78 | 79 | : Defines an authentication container file (see also **katprep.auth(5)** and **katprep_authconfig(1)**) 80 | 81 | -P _passphrase_, --auth-password _passphrase_ 82 | 83 | : Defines the authentication container password to avoid password prompt (unattented mode) 84 | 85 | --insecure 86 | 87 | : Disables SSL verification (default: no) 88 | 89 | -s _hostname_, --server _hostname_ 90 | 91 | : Defines the Foreman server to use (default: localhost) 92 | 93 | -l _name_|_id_, --location _name_|_id_ 94 | 95 | : filters by particular location 96 | 97 | -o _name_|_id_, --organization _name_|_id_ 98 | 99 | : filters by particular organization 100 | 101 | -g _name_|_id_, --hostgroup _name_|_id_ 102 | 103 | : filters by particular hostgroup 104 | 105 | -e _name_|_id_, --environment _name_|_id_ 106 | 107 | : filters by particular Puppet environment 108 | 109 | -A, --add-parameters 110 | 111 | : Adds built-in parameters (_katprep\_mon_, _katprep\_virt_, _katprep\_virt\_snapshot_) to all affected hosts (default: no) 112 | 113 | --add-optional-parameters 114 | 115 | : Adds optoinal built-in parameters (_katprep\_mon\_type_, _katprep\_mon\_name_, _katprep\_virt\_name_, _katprep\_virt\_type_) to all affected hosts (default: no) 116 | 117 | -R, --remove-parameters 118 | 119 | : Removes built-in parameters from all affected hosts (default: no) 120 | 121 | -D, --display-parameters 122 | 123 | : Lists values of defined parameters for affected hosts (default: no) 124 | 125 | -U, --update-parameters 126 | : Updates values of defined parameters for affected hosts (default: no) 127 | 128 | -L, --list-parameters 129 | : Only lists available parameters (default: no) 130 | 131 | FILES 132 | ===== 133 | 134 | *~/.katpreprc* 135 | 136 | : Per-user katprep configuration file. 137 | 138 | *katprep.auth* 139 | 140 | : Individual katprep authentication container file. 141 | 142 | BUGS 143 | ==== 144 | 145 | See GitHub issues: 146 | 147 | AUTHOR 148 | ====== 149 | 150 | Christian Stankowic 151 | 152 | SEE ALSO 153 | ======== 154 | 155 | **katprep(1)**, **katprep_authconfig(1)**, **katprep_populate(1)** 156 | -------------------------------------------------------------------------------- /doc/manpages/src/katprep_populate.1.md: -------------------------------------------------------------------------------- 1 | % katprep_populate(1) Version 0.5.0 | katprep documentation 2 | 3 | NAME 4 | ==== 5 | 6 | **katprep_populate** — Auto-discovers and updates monitoring and hypervisor information for managed systems 7 | 8 | SYNOPSIS 9 | ======== 10 | 11 | | **katprep_populate** \[**-h**] \[**-v**] \[**-q**] \[**-d**] \[**-n**] \[**-C** _authentication\_contianer_] \[**-P** _password_] \[**--ipv6-only**] \[**--insecure**] \[**-s** _server_] \[**-u**] \[**--virt-uri** _uri_] \[**--virt-type** _libvirt_|_pyvmomi_] \[**--skip-virt**] \[**--mon-url** _url_] \[**--mon-type** _nagios_|_icinga_] \[**--skip-mon**] 12 | 13 | DESCRIPTION 14 | =========== 15 | 16 | Auto-discovers monitoring host definitions and virtual machines and links those objects to Foreman hosts. This is done by comparing IP addresses and hostnames. Differing hostnames between Foreman, monitoring and hypervisor are detected and configured as host parameters (see also **Host parameters**). 17 | 18 | To only update particular host parameters, utilize the **katprep_parameters(1)** utility. 19 | 20 | 21 | Host parameters 22 | --------------- 23 | 24 | The following Puppet host parameters are created/updated: 25 | 26 | katprep_mon 27 | 28 | : URL of the monitoring system (see also **Monitoring URLs**) 29 | 30 | katprep_mon_name 31 | 32 | : Object name within monitoring if ont FQDN 33 | 34 | katprep_mon_type 35 | 36 | : Monitoring system type: \[_nagios_|_icinga_] (default: icinga) 37 | 38 | katprep_virt 39 | 40 | : URI of the virtualization host (see also **Virtualization URIs**) 41 | 42 | katprep_virt_snapshot 43 | 44 | : Boolean \[_0_|_1_] whether the system needs to be protected by a snapshot 45 | 46 | katprep_virt_name 47 | 48 | : Object name within hypervisor if not FQDN 49 | 50 | katprep_virt_type 51 | 52 | : Virtualization host type, \[_libvirt_|_pyvmovmi_] (default: libvirt) 53 | 54 | For valid Virtualization URIs and monitoring URLs, see **katprep(1)**. 55 | 56 | Options 57 | ------- 58 | 59 | -h, --help 60 | 61 | : Prints brief usage information. 62 | 63 | -v, --version 64 | 65 | : Prints the current version number. 66 | 67 | -q, --quiet 68 | 69 | : Supresses printing status messages to stdout. 70 | 71 | -d, --debug 72 | 73 | : Enables debugging outputs. 74 | 75 | -n, --dry-run 76 | 77 | : Only simulates what would be done (default: no) 78 | 79 | -C _filename_, --auth-container _filename_ 80 | 81 | : Defines an authentication container file (see also **katprep.auth(5)** and **katprep_authconfig(1)**) 82 | 83 | -P _passphrase_, --auth-password _passphrase_ 84 | 85 | : Defines the authentication container password to avoid password prompt (unattented mode) 86 | 87 | --ipv6-only 88 | 89 | : Filters for IPv6-only addresses (default: no) 90 | 91 | --insecure 92 | 93 | : Disables SSL verification (default: no) 94 | 95 | -s _hostname_, --server _hostname_ 96 | 97 | : Defines the Foreman server to use (default: localhost) 98 | 99 | -u, --update 100 | 101 | : Updates pre-existing host parameters (default: no) 102 | 103 | --virt-uri _uri_ 104 | 105 | : Defines an URI to use (see also **Virtualization URIs**) 106 | 107 | --virt-type _libvirt_|_pyvmomi_ 108 | 109 | : Defines the library to use for accessing the hypervisor, currently supported: _libvirt_ or _pyvmomi_ (VMware vSphere). (default: libvirt) 110 | 111 | --skip-virt 112 | 113 | : Skips gathering data from hypervisor (default: no) 114 | 115 | --mon-url _url_ 116 | 117 | : Defines a monitoring URL to use (see also **Monitoring URLs**) 118 | 119 | --mon-type _nagios_|_icinga_ 120 | 121 | : Defines the monitoring sytem type, currently supported: _nagios_ (Nagios, Icinga 1.x) or _icinga_ (Icinga 2). (default: icinga) 122 | 123 | --skip-mon 124 | 125 | : Skips gathering data from monitoring system (default: no) 126 | 127 | EXAMPLES 128 | ======== 129 | 130 | It is a good idea to start-over by specifying your monitoring and hypervisor systems and enabling **dry-run** mode: 131 | 132 | | $ katprep_populate --virt-uri st-vcsa03.stankowic.loc --virt-type pyvmomi --mon-url https://st-mon03.stankowic.loc:5665 -C pinkepank.auth --dry-run 133 | | INFO:katprep_populate:This is just a SIMULATION - no changes will be made. 134 | | INFO:katprep_populate:Host 'giertz.stankowic.loc' ==> set/update parameter/value: katprep_virt/st-vcsa03.stankowic.loc 135 | | INFO:katprep_populate:Host 'giertz.stankowic.loc' ==> set/update parameter/value: katprep_mon_type/icinga 136 | | ... 137 | 138 | Check the values that would be set - run the command again with omitting the **dry-run** parameter if they are correct. 139 | 140 | FILES 141 | ===== 142 | 143 | *~/.katpreprc* 144 | 145 | : Per-user katprep configuration file. 146 | 147 | *katprep.auth* 148 | 149 | : Individual katprep authentication container file. 150 | 151 | BUGS 152 | ==== 153 | 154 | See GitHub issues: 155 | 156 | AUTHOR 157 | ====== 158 | 159 | Christian Stankowic 160 | 161 | SEE ALSO 162 | ======== 163 | 164 | **katprep(1)**, **katprep_parameters(1)** 165 | -------------------------------------------------------------------------------- /doc/manpages/src/katprep_report.1.md: -------------------------------------------------------------------------------- 1 | % katprep_report(1) Version 0.5.0 | katprep documentation 2 | 3 | NAME 4 | ==== 5 | 6 | **katprep_report** — Creates reports after system maintenance 7 | 8 | SYNOPSIS 9 | ======== 10 | 11 | | **katprep_report** \[**-h**] \[**-v**] \[**-q**] \[**-d**] \[**-p** _path_] \[**-o** _path_] \[**-x**] \[**-t** _file_] _snapshot\_file_ _snapshot\_file_ 12 | 13 | DESCRIPTION 14 | =========== 15 | 16 | Creates reports after system maintenance based on two infrastructure status snapshots created by **katprep_snapshot(1)**. The utility will automatically detect previous and current snapshots by checking the report change times. 17 | 18 | Run this utility after maintaining systems using **katprep_maintenance(1)**. 19 | 20 | Options 21 | ------- 22 | 23 | -h, --help 24 | 25 | : Prints brief usage information. 26 | 27 | -v, --version 28 | 29 | : Prints the current version number. 30 | 31 | -q, --quiet 32 | 33 | : Supresses printing status messages to stdout. 34 | 35 | -d, --debug 36 | 37 | : Enables debugging outputs. 38 | 39 | -p _path_, --output-path _path_ 40 | 41 | : Defines the report output path (default: current directory) 42 | 43 | -C _filename_, --auth-container _filename_ 44 | 45 | : Defines an authentication container file (see also **katprep.auth(5)** and **katprep_authconfig(1)**) 46 | 47 | -o _type_, --output-tpe _type_ 48 | 49 | : Defines the Pandoc output file type, usually this is set automatically based on the template file extension (default: no) 50 | 51 | -x, --preserve-yaml 52 | 53 | : Keeps the YAML metadata after creating the reports, useful for debugging (default: no) 54 | 55 | -t _file_, --template _file_ 56 | 57 | : Defined the Pandoc template to use 58 | 59 | FILES 60 | ===== 61 | 62 | *~/.katpreprc* 63 | 64 | : Per-user katprep configuration file. 65 | 66 | *katprep.auth* 67 | 68 | : Individual katprep authentication container file. 69 | 70 | BUGS 71 | ==== 72 | 73 | See GitHub issues: 74 | 75 | AUTHOR 76 | ====== 77 | 78 | Christian Stankowic 79 | 80 | SEE ALSO 81 | ======== 82 | 83 | **katprep(1)**, **errata-diff.yml(5)**, **katprep_maintenance(1)**, **katprep_snapshot(1)** 84 | -------------------------------------------------------------------------------- /doc/manpages/src/katprep_snapshot.1.md: -------------------------------------------------------------------------------- 1 | % katprep_snapshot(1) Version 0.5.0 | katprep documentation 2 | 3 | NAME 4 | ==== 5 | 6 | **katprep_snapshot** — Creates infrastructure status overview snapshots 7 | 8 | SYNOPSIS 9 | ======== 10 | 11 | | **katprep_snapshot** \[**-h**] \[**-v**] \[**-q**] \[**-d**] \[**-p** _path_] \[**-C** _authentication\_contianer_] \[**-P** _password_] \[**-s** _server_] \[**--insecure**] \[**-l** _name_|_id_ | **-o** _name_|_id_ | **-g** _name_|_id_ | **-e** _name_|_id_] \[**-E** _name_] 12 | 13 | DESCRIPTION 14 | =========== 15 | 16 | Creates infrastructure status overview snapshots including host information such as: 17 | 18 | - system information (IP address, operating system, owner,...) 19 | - katprep configuration parameters (monitoring and hypervisor configuration) 20 | - errata information (outstanding patches) 21 | 22 | These information are required by the **katprep(1)** framework in order to create maintenance reports using **katprep_report(1)**. 23 | 24 | Run this utility before and after maintaining systems using **katprep_maintenance(1)**. 25 | 26 | Options 27 | ------- 28 | 29 | -h, --help 30 | 31 | : Prints brief usage information. 32 | 33 | -v, --version 34 | 35 | : Prints the current version number. 36 | 37 | -q, --quiet 38 | 39 | : Supresses printing status messages to stdout. 40 | 41 | -d, --debug 42 | 43 | : Enables debugging outputs. 44 | 45 | -p _path_, --output-path _path_ 46 | 47 | : Defines the report output path (default: current directory) 48 | 49 | -C _filename_, --auth-container _filename_ 50 | 51 | : Defines an authentication container file (see also **katprep.auth(5)** and **katprep_authconfig(1)**) 52 | 53 | -P _passphrase_, --auth-password _passphrase_ 54 | 55 | : Defines the authentication container password to avoid password prompt (unattented mode) 56 | 57 | -s _hostname_, --server _hostname_ 58 | 59 | : Defines the Foreman server to use (default: localhost) 60 | 61 | --insecure 62 | 63 | : Disables SSL verification (default: no) 64 | 65 | -E _hostname_, --exclude _hostname_ 66 | 67 | : Excludes particular hosts, using wildcards is possible. 68 | 69 | -l _name_|_id_, --location _name_|_id_ 70 | 71 | : filters by particular location 72 | 73 | -o _name_|_id_, --organization _name_|_id_ 74 | 75 | : filters by particular organization 76 | 77 | -g _name_|_id_, --hostgroup _name_|_id_ 78 | 79 | : filters by particular hostgroup 80 | 81 | -e _name_|_id_, --environment _name_|_id_ 82 | 83 | : filters by particular Puppet environment 84 | 85 | FILES 86 | ===== 87 | 88 | *~/.katpreprc* 89 | 90 | : Per-user katprep configuration file. 91 | 92 | *katprep.auth* 93 | 94 | : Individual katprep authentication container file. 95 | 96 | BUGS 97 | ==== 98 | 99 | See GitHub issues: 100 | 101 | AUTHOR 102 | ====== 103 | 104 | Christian Stankowic 105 | 106 | SEE ALSO 107 | ======== 108 | 109 | **katprep(1)**, **katprep_maintenance(1)**, **katprep_report(1)** 110 | -------------------------------------------------------------------------------- /doc/manpages/src/show_manpage.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | if [ -z "$1" ]; then 3 | echo "Use manpage source as parameter" 4 | else 5 | pandoc $1 -s -t man | man -l - 6 | fi 7 | -------------------------------------------------------------------------------- /doc/publish.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | rm -Rf ../docs 3 | make html && mv build/html ../docs 4 | cp .nojekyll ../docs 5 | rm -Rf build 6 | -------------------------------------------------------------------------------- /doc/source/_static/example_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/doc/source/_static/example_1.png -------------------------------------------------------------------------------- /doc/source/_static/example_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/doc/source/_static/example_2.png -------------------------------------------------------------------------------- /doc/source/changelog.rst: -------------------------------------------------------------------------------- 1 | ========= 2 | Changelog 3 | ========= 4 | This page shows changes of the latest releases. 5 | 6 | ------------- 7 | Version 0.5.0 8 | ------------- 9 | Release date: **2018/06/29** 10 | 11 | .. note:: Red Hat Satellite 6.x users need to update to version 6.3 in order to enable VM reboots after system maintenance. Also, you will need to ensure that your virtualization infrastructure is registered within Foreman to link VMs to hosts. 12 | 13 | Changes since previous development releases: 14 | 15 | katprep_maintenance 16 | =================== 17 | * added posibility to suppress reboots under any circumstances (`issue39`_) 18 | * changed default reboot behavior to only reboot if erratum suggests it (`issue39`_) 19 | * fixed a bug where errata were tried to install if no errata were applicable (`issue39`_) 20 | * fixed a bug where enabled reboots were executed before gracefully completing errata installation (`issue40`_) 21 | * implemented ``-p`` / ``--include-packages`` parameters to also include non-erratum package upgrades during maintenance (`issue33`_) 22 | * implemented ``-E`` / ``--exclude`` parameters to exclude particular hosts by hostname wildcards (`issue38`_) 23 | * fixed bug where non-existent snapshots forced crashes 24 | * implemented ``-I`` / ``--include-only`` parameters to only include particular hosts by hostname wildcards (`issue63`_) 25 | * implemented ``revert`` command (`issue6`_) 26 | 27 | .. _issue6: https://github.com/stdevel/katprep/issues/6 28 | .. _issue33: https://github.com/stdevel/katprep/issues/33 29 | .. _issue38: https://github.com/stdevel/katprep/issues/38 30 | .. _issue39: https://github.com/stdevel/katprep/issues/39 31 | .. _issue40: https://github.com/stdevel/katprep/issues/40 32 | .. _issue63: https://github.com/stdevel/katprep/issues/63 33 | 34 | katprep_snapshot 35 | ================ 36 | * fixed a bug where detecting physical hosts was not working properly (`issue44`_) 37 | * fixed a bug where unregistered content hosts forced crashes (`issue52`_) 38 | * changed missing key log facility to debug 39 | * fixed a bug where hostnames were not verified 40 | * fixed a bug where ``reboot_required`` flags were not set correctly (`issue61`_) 41 | * fixed a bug where physical host/VMs flags were not set correctly (`issue61`_) 42 | 43 | .. _issue44: https://github.com/stdevel/katprep/issues/44 44 | .. _issue52: https://github.com/stdevel/katprep/issues/52 45 | .. _issue61: https://github.com/stdevel/katprep/issues/61 46 | 47 | katprep_populate 48 | ================ 49 | * implemented a IPv6 filter (`issue35`_) 50 | 51 | .. _issue35: https://github.com/stdevel/katprep/issues/35 52 | 53 | katprep_report 54 | ============== 55 | * fixed several bugs where report information were incorrect (`issue61`_) 56 | 57 | .. _issue61: https://github.com/stdevel/katprep/issues/61 58 | 59 | API integrations 60 | ================ 61 | * All: implemented unit tests for API clients (`issue13`_) 62 | * NagiosCGIClient, Icinga2APIClient, PyvmomiClient: implemented IPv4/6 filters 63 | * NagiosCGIClient: fixed a bug where scheduling downtime for hosts was not possible (`issue41`_) 64 | * NagiosCGIClient: implemented Nagios legacy detection throwing execptions for non-supported actions (`issue41`_) 65 | * NagiosCGIClient: fixed several bugs where web-scraping was not working properly forcing incorrect results (`issue41`_) 66 | * NagiosCGIClient: fixed a bug where scheduling downtimes was not possible 67 | * NagiosCGIClient: made ``has_downtime()`` more efficient and overhauled webscraping (`issue64`_) 68 | * SpacewalkAPIClient: first integration stubs 69 | * ForemanAPIClient, SpacewalkAPIClient: Moved hostname verification to shared library 70 | * Icinga2APIClient: Fixed a bug where some information were not retrieved correctly (`issue60`_) 71 | 72 | .. _issue13: https://github.com/stdevel/katprep/issues/13 73 | .. _issue41: https://github.com/stdevel/katprep/issues/41 74 | .. _issue60: https://github.com/stdevel/katprep/issues/60 75 | .. _issue64: https://github.com/stdevel/katprep/issues/64 76 | 77 | Shared library 78 | ============== 79 | * added parameters ``-P`` / ``--auth-password`` for pre-defining authentication container password (`issue36`_) 80 | 81 | .. _issue36: https://github.com/stdevel/katprep/issues/36 82 | 83 | Miscellaneous 84 | ============= 85 | * added manpages (`issue11`_) 86 | 87 | .. _issue11: https://github.com/stdevel/katprep/issues/11 88 | -------------------------------------------------------------------------------- /doc/source/debug.rst: -------------------------------------------------------------------------------- 1 | ========================== 2 | Debugging and getting help 3 | ========================== 4 | 5 | This software is at an early stage, so perhaps things might explode. This page describes how to get in touch with the development team to get help. 6 | 7 | ------------ 8 | Getting help 9 | ------------ 10 | Basically, the best idea when having problems is to open an issue on GitHub_. Please supply the following information: 11 | - the Foreman/Katello or Red Hat Satellite version you are using 12 | - the katprep version you're using 13 | - a short description of your landscape (*e.g. single Foreman instance with some VMs running on a single ESXi host*) 14 | - debugging output of the command you're facing errors with (*see also Debugging*) - please attach a file instead of pasting the console output directly in the issue 15 | 16 | With these information it is easier to reproduce the error you're reporting. 17 | 18 | .. _GitHub: https://github.com/stdevel/katprep/issues 19 | 20 | --------- 21 | Debugging 22 | --------- 23 | Every katprep command offers a ``-d`` / ``--debug`` parameter. When investigating on an error, use this parameter to enable debugging outputs. Keep in mind, that the output will be quite long, so using these parameters along with ``tee`` is basically a good idea:: 24 | 25 | $ katprep_snapshot -C mycontainer.auth -s myforeman.giertz.loc -d 2>&1 | tee myerror.log 26 | 27 | This command will dump all standard and error output into a file named ``myerror.log``. When opening an issue on GitHub, please attach this file. 28 | 29 | ------------- 30 | Common issues 31 | ------------- 32 | Please checkout the issues_ page - it contains some common issues and how to fix them. 33 | 34 | .. _issues: issues.html 35 | -------------------------------------------------------------------------------- /doc/source/drawings.vsdx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/doc/source/drawings.vsdx -------------------------------------------------------------------------------- /doc/source/index.rst: -------------------------------------------------------------------------------- 1 | .. katprep documentation master file, created by 2 | sphinx-quickstart on Wed Mar 1 16:33:04 2017. 3 | You can adapt this file completely to your liking, but it should at least 4 | contain the root `toctree` directive. 5 | 6 | Welcome to katprep's documentation! 7 | =================================== 8 | 9 | Generic topics 10 | ============== 11 | 12 | .. toctree:: 13 | :maxdepth: 1 14 | 15 | Changelog 16 | Tested setups 17 | Common issues 18 | Debugging and getting help 19 | Module details 20 | 21 | Instalation and usage 22 | ===================== 23 | 24 | .. toctree:: 25 | :maxdepth: 1 26 | 27 | Basic installation 28 | Authentication 29 | Represent your landscape 30 | Customizing reports 31 | Parameter overview 32 | Implementation examples 33 | 34 | Manpages 35 | ======== 36 | 37 | --------- 38 | Utilities 39 | --------- 40 | 41 | - :doc:`katprep(1) ` 42 | - :doc:`katprep_authconfig(1) ` 43 | - :doc:`katprep_maintenance(1) ` 44 | - :doc:`katprep_parameters(1) ` 45 | - :doc:`katprep_populate(1) ` 46 | - :doc:`katprep_report(1) ` 47 | - :doc:`katprep_snapshot(1) ` 48 | 49 | ------------------- 50 | Configuration files 51 | ------------------- 52 | 53 | - :doc:`errata-diff.yml(5) ` 54 | - :doc:`katprep.auth(5) ` 55 | 56 | Indices and tables 57 | ================== 58 | 59 | * :ref:`genindex` 60 | * :ref:`modindex` 61 | * :ref:`search` 62 | -------------------------------------------------------------------------------- /doc/source/installation.rst: -------------------------------------------------------------------------------- 1 | ============ 2 | Requirements 3 | ============ 4 | In order to install and use katprep, the following requirements need to be met: 5 | 6 | * Python 2.7 or newer 7 | * Python modules: 8 | 9 | * simplejson 10 | * PyYAML 11 | * PyPandoc 12 | * Libvirt (*usually part of the libvirt-python package*) 13 | * PyVmomi (*VMware vSphere Python SDK*) 14 | 15 | * Pandoc (*for creating the reports*) 16 | * System running katprep needs access to the Foreman/Katello host using HTTPS 17 | * An API user for Foreman/Katello and other management systems (*Monitoring, virtualization host*) 18 | 19 | All these Python modules are available for the most Linux distributions using the package manager or PyPi. 20 | 21 | ========= 22 | API users 23 | ========= 24 | To ensure that katprep is able to control hosts and retrieve data from connected management systems, create appropriate service users: 25 | 26 | ------- 27 | Foreman 28 | ------- 29 | Basically, katprep only needs read access to Foreman/Katello - ensure to assign the following roles to your API user: 30 | * Viewer 31 | * View hosts 32 | * Tasks Reader 33 | 34 | If you want to automate create Puppet host parameters (*which can be done by using katprep_parameters and katprep_populate*) it is also necessary to assign the **Manager** role. 35 | 36 | ------------- 37 | Nagios/Icinga 38 | ------------- 39 | In order to schedule and remove downtimes, a service user needs to be created for katprep:: 40 | 41 | define contact { 42 | contact_name svc-katprep 43 | alias katprep user 44 | use generic-contact 45 | email root@localhost 46 | } 47 | 48 | Depending on your Nagios/Icinga configuration, it might be necessary to add the new user to the following roles in **cgi.cfg** like this:: 49 | * authorized_for_system_information 50 | * authorized_for_system_commands 51 | * authorized_for_all_services 52 | * authorized_for_all_hosts 53 | * authorized_for_all_service_commands 54 | * authorized_for_all_host_commands 55 | 56 | ------- 57 | Icinga2 58 | ------- 59 | To enable scheduling/removing downtimes and reading host configuration from Icinga2, create an API user with the following permissions:: 60 | 61 | #katprep user 62 | object ApiUser "svc-katprep" { 63 | password = "shittyrobots" 64 | permissions = [ "status/query", "objects/query/*", "actions/*" ] 65 | } 66 | 67 | -------------- 68 | VMware vCenter 69 | -------------- 70 | katprep needs to be able to read datacenter/cluster/host/vm information and create/remove snapshots. You can create a dedicated role with the following permissions: 71 | * Sessions 72 | 73 | * Validate sessions 74 | 75 | * Virtual machine 76 | 77 | * Interaction 78 | 79 | * Consolidate hard disks 80 | * Power On 81 | * Power Off 82 | * Reset 83 | 84 | * Snapshot management 85 | 86 | * Create Snapshot 87 | * Remove Snapshot 88 | * Revert Snapshot 89 | 90 | It is a common procedure to define permissions at a global vCenter Server level. 91 | 92 | ============ 93 | Installation 94 | ============ 95 | To install katprep, you can clone the GitHub repository and install the utility or build a RPM package to install. At a later point, we might also supply pre-built RPM packages:: 96 | 97 | $ wget https://github.com/stdevel/katprep/archive/master.zip 98 | $ unzip master.zip 99 | $ cd katprep-master 100 | 101 | ------------------- 102 | Manual installation 103 | ------------------- 104 | Proceed with the following steps:: 105 | 106 | $ python setup.py install 107 | 108 | In case you want to install the toolkit only for your current user (*e.g. because of file system restrictions*), use the **--user parameter**:: 109 | 110 | $ python setup.py install --user 111 | 112 | If you're a developer and want to contribute, you might prefer to install katprep in developer mode within your user context:: 113 | 114 | $ python setup.py develop --user 115 | 116 | --------- 117 | Build RPM 118 | --------- 119 | Ensure to have RPM development utilities installed and proceed with the following steps:: 120 | 121 | $ python setup.py bdist_rpm 122 | $ sudo yum localinstall dist/katprep*.rpm 123 | 124 | Specifying the **--spec-only** parameter will only create a RPM spec file:: 125 | 126 | $ python setup.py bdist_rpm --spec-only 127 | $ less dist/katprep.spec 128 | -------------------------------------------------------------------------------- /doc/source/issues.rst: -------------------------------------------------------------------------------- 1 | ============= 2 | Common Issues 3 | ============= 4 | This page shows some common issues and how to fix them. 5 | 6 | -------------- 7 | Error messages 8 | -------------- 9 | 10 | No connection adapters were found for 'hostname.domain.loc/v1/objects/hosts' 11 | ============================================================================ 12 | When using katprep along with an Icinga2 instance, you're receiving an error like this:: 13 | 14 | ERROR:BasicIcinga2APIClient:No connection adapters were found for 'hostname.domain.loc/v1/objects/hosts' 15 | 16 | **Reason:** You forgot to specify a correct Icinga2 URL, protocol and port are missing. Use a value like ``https://hostname.domain.loc:5665`` 17 | 18 | SSL: CERTIFICATE_VERIFY_FAILED 19 | ============================== 20 | When accessing the Foreman/Katello API, the following error is displayed:: 21 | 22 | File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 576, in send r = adapter.send(request, 23 | **kwargs) File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 431, in send raise SSLError(e, 24 | request=request) requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed 25 | (_ssl.c:579) 26 | 27 | **Reason:** Your Foreman/Katello server is using a self-signed certificate, use the ``--insecure`` parameter to ignore this error. 28 | -------------------------------------------------------------------------------- /doc/source/katprep.management.rst: -------------------------------------------------------------------------------- 1 | management Package 2 | ================= 3 | 4 | :mod:`foreman` Module 5 | --------------------- 6 | 7 | .. automodule:: management.foreman 8 | :members: 9 | :undoc-members: 10 | :show-inheritance: 11 | 12 | :mod:`spacewalk` Module 13 | ----------------------- 14 | 15 | .. automodule:: management.spacewalk 16 | :members: 17 | :undoc-members: 18 | :show-inheritance: 19 | 20 | :mod:`libvirt` Module 21 | --------------------------- 22 | 23 | .. automodule:: management.libvirt 24 | :members: 25 | :undoc-members: 26 | :show-inheritance: 27 | 28 | :mod:`vmware` Module 29 | --------------------------- 30 | 31 | .. automodule:: management.vmware 32 | :members: 33 | :undoc-members: 34 | :show-inheritance: 35 | -------------------------------------------------------------------------------- /doc/source/katprep.monitoring.rst: -------------------------------------------------------------------------------- 1 | monitoring Package 2 | ================== 3 | 4 | :mod:`monitoring.icinga2` Module 5 | -------------------------------- 6 | 7 | .. automodule:: monitoring.icinga2 8 | :members: 9 | :undoc-members: 10 | :show-inheritance: 11 | 12 | :mod:`monitoring.nagios` Module 13 | ------------------------------- 14 | 15 | .. automodule:: monitoring.nagios 16 | :members: 17 | :undoc-members: 18 | :show-inheritance: 19 | -------------------------------------------------------------------------------- /doc/source/katprep.rst: -------------------------------------------------------------------------------- 1 | Package 2 | =============== 3 | 4 | :mod:` Package 5 | ---------------------- 6 | 7 | .. automodule:: katprep 8 | :members: 9 | :undoc-members: 10 | :show-inheritance: 11 | 12 | :mod:`AuthContainer` Module 13 | --------------------------- 14 | 15 | .. automodule:: AuthContainer 16 | :members: 17 | :undoc-members: 18 | :show-inheritance: 19 | 20 | :mod:`authconfig` Module 21 | ------------------------ 22 | 23 | .. automodule:: katprep.authconfig 24 | :members: 25 | :undoc-members: 26 | :show-inheritance: 27 | 28 | :mod:`exceptions` Module 29 | ------------------------ 30 | 31 | .. automodule:: exceptions 32 | :members: 33 | :undoc-members: 34 | :show-inheritance: 35 | 36 | :mod:`maintenance` Module 37 | ------------------------- 38 | 39 | .. automodule:: katprep.maintenance 40 | :members: 41 | :undoc-members: 42 | :show-inheritance: 43 | 44 | :mod:`parameters` Module 45 | ------------------------ 46 | 47 | .. automodule:: katprep.parameters 48 | :members: 49 | :undoc-members: 50 | :show-inheritance: 51 | 52 | :mod:`populate` Module 53 | ---------------------- 54 | 55 | .. automodule:: katprep.populate 56 | :members: 57 | :undoc-members: 58 | :show-inheritance: 59 | 60 | :mod:`report` Module 61 | -------------------- 62 | 63 | .. automodule:: katprep.report 64 | :members: 65 | :undoc-members: 66 | :show-inheritance: 67 | 68 | :mod:`snapshot` Module 69 | ---------------------- 70 | 71 | .. automodule:: katprep.snapshot 72 | :members: 73 | :undoc-members: 74 | :show-inheritance: 75 | 76 | Subpackages 77 | ----------- 78 | 79 | .. toctree:: 80 | 81 | katprep.management 82 | katprep.monitoring 83 | -------------------------------------------------------------------------------- /doc/source/man/errata-diff.yml.5.rst: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **errata-diff.yml** — An individual katprep host maintenance report 5 | variable file 6 | 7 | DESCRIPTION 8 | =========== 9 | 10 | A *errata-diff.yml* file is an individual katprep host maintenance 11 | report variable file used by **katprep\_report(1)** in order to create 12 | host reports. The following information can be found in the variable 13 | file: 14 | 15 | - Generic system information (hostname, IP address,...) 16 | - Verification data obtained by **katprep\_maintenance(1)** 17 | - Errata delta information (CVEs, packages,...) between two 18 | infrastructure snapshot reports created by **katprep\_snapshot(1)** 19 | 20 | Usually, these variable files are removed automatically - but for 21 | debugging purposes or writing your own templates it might be necessary 22 | to check the content. To preserve YAML files execute 23 | **katprep\_report(1)** like this: 24 | 25 | $ katprep\_report errata\*json -t *template* -x 26 | 27 | A valid variable file is written in YAML and contains the following 28 | dictionaries: 29 | 30 | - errata 31 | - params 32 | - verification 33 | 34 | Every errata entry consists at least of the following variables: 35 | 36 | cves 37 | CVE numbers 38 | 39 | description 40 | Erratum description 41 | 42 | errata\_id 43 | Erratum ID 44 | 45 | issued 46 | Erratum release date 47 | 48 | packages 49 | Dictionary containing related package names 50 | 51 | severity 52 | Erratum severity (bugfix, enhancement, critical) 53 | 54 | summary 55 | Erratum summary 56 | 57 | type 58 | Erratum type (bugfix, enhancement, critical) 59 | 60 | The ``params`` section includes at least: 61 | 62 | environment\_name 63 | Puppet environment name 64 | 65 | ip 66 | IP address 67 | 68 | katprep\_\* 69 | katprep-related host parameters 70 | 71 | location\_name 72 | Location the host is assigned to 73 | 74 | name 75 | Object name within Foreman 76 | 77 | operatingsystem\_name 78 | Operating system name 79 | 80 | organization\_name 81 | Organization the host is assigned to 82 | 83 | owner 84 | Specified owner within Foreman 85 | 86 | system\_physical 87 | Flag whether the system is physical 88 | 89 | date 90 | Snapshot creation date 91 | 92 | time 93 | Snapshot creation time 94 | 95 | The ``verification`` section can include: 96 | 97 | mon\_cleanup 98 | Flag whether downtime has been cleared 99 | 100 | mon\_status 101 | Overall monitoring state 102 | 103 | mon\_status\_detail 104 | Detailed monitoring state (e.g. service states) 105 | 106 | virt\_cleanup 107 | Flag whether snapshot has been removed 108 | 109 | BUGS 110 | ==== 111 | 112 | See GitHub issues: https://github.com/stdevel/katprep/issues 113 | 114 | AUTHOR 115 | ====== 116 | 117 | Christian Stankowic info@cstan.io 118 | 119 | SEE ALSO 120 | ======== 121 | 122 | **katprep(1)**, **katprep\_maintenance(1)**, **katprep\_report(1)**, 123 | **katprep\_snapshot(1)** 124 | -------------------------------------------------------------------------------- /doc/source/man/katprep.1.rst: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep** — Python toolkit for automating system maintenance and 5 | generating patch reports along with Foreman/Katello and Red Hat 6 | Satellite 6.x 7 | 8 | DESCRIPTION 9 | =========== 10 | 11 | katprep is a toolkit for automating system maintenance tasks such as: 12 | 13 | - Preparing system maintenance (scheduling downtimes, creating VM 14 | snapshots) 15 | - Installing errata and non-erratum package upgrades 16 | - Showing status of maintenance progress 17 | - Checking monitoring and snapshot status 18 | - Reverting VM snapshots 19 | - Removing downtimes and snapshots 20 | - Generating maintenance reports (e.g. because of of ISO/IEC 27001:2005 21 | IT certifications) 22 | 23 | For VM management, the **libvirt** and **pyVmomi** (VMware vSphere 24 | Python API bindings) libraries are used, therefore at least the 25 | following hypervisors are supported: - VMware vSphere, Workstation, 26 | Player - VirtualBox - QEMU - KVM - XEN - Microsoft Hyper-V 27 | 28 | Check-out the libvirt website (https://libvirt.org/drivers.html) for 29 | additional drivers. 30 | 31 | For managing monitoring, the following products are supported: - 32 | Nagios/Icinga 1.x - Icinga2 33 | 34 | When creating reports, the document converter Pandoc is used. This 35 | enables exporting reports in various formats; this utility offers 36 | pre-defined Markdown and HTML templates. 37 | 38 | Virtualization URIs 39 | ------------------- 40 | 41 | When using **libvirt** specify a valid connection URI, such as: 42 | 43 | | qemu+ssh://root@pinkepank.giertz.loc/system 44 | | xen:///system 45 | | esx:///system 46 | | vpx://vc01/cluster02/locaiton03/esxi04/?no\_verify=1 47 | | vbox:///system 48 | 49 | See the libvirt documentation 50 | (https://libvirt.org/guide/html/Application\_Development\_Guide-Connections-URI\_Formats.html) 51 | for more examples. 52 | 53 | When using **pyvmomi**, specify a valid ESXi host or vCenter Server 54 | hostname, such as: 55 | 56 | | vcenter.localdomain.loc 57 | | esxi.giertz.loc 58 | 59 | Monitoring URLs: 60 | ---------------- 61 | 62 | When using **nagios** (*NagiosCGIClient*), specify the full Nagios or 63 | Icinga 1.x URL - make sure **not** to include **/cgi-bin**. Examples: 64 | 65 | | https://nagios.giertz.loc/nagios 66 | | http://omd.pinkepank.loc/icinga 67 | 68 | When using **icinga** (*IcingaAPIClient*), specify the full API URL 69 | including the port - such as: 70 | 71 | https://bigbrother.giertz.loc:5665 72 | 73 | Utilities 74 | --------- 75 | 76 | The following utilities are part of the katprep framework: 77 | 78 | - **katprep\_authconfig(1)** - Manages credentials for third-party 79 | systems triggered by katprep 80 | - **katprep\_maintenance(1)** - Prepares, executes and verifies system 81 | maintenance tasks 82 | - **katprep\_parameters(1)** - Bulk edits Puppet host parameters for 83 | managed hosts 84 | - **katprep\_populate(1)** - Auto-discovers and updates monitoring and 85 | hypervisor information for managed systems 86 | - **katprep\_report(1)** - Creates reports after system maintenance 87 | - **katprep\_snapshot(1)** - Creates infrastructure status overview 88 | snapshots 89 | 90 | Usage 91 | ----- 92 | 93 | In order to automate system maintenance, you will need to represent your 94 | system landscape in katprep as the toolkit needs to know *which* hosts 95 | are *VMs* running on *which* hypervisor monitored by *which* monitoring 96 | system (managing physical hosts is also possible). From a Foreman 97 | perspective, these information are stored as Puppet host parameter - see 98 | also **katprep\_parameters(1)**. To omit the need of entering these 99 | information manually, two tools can assist - see 100 | **katprep\_parameters(1)** and **katprep\_populate(1)**. 101 | 102 | After your infrastructure is known to katprep, it can create 103 | infrastructure status reports using **katprep\_snapshot(5)**. This 104 | snapshot includes information about hosts and outstanding patches. 105 | Before and after managing hosts, a report needs to be created in order 106 | to be able to calculate the delta. System maintenance is triggered via 107 | **katprep\_maintenance(1)**. This utilities automates preparing, 108 | executing, verifying and cleaning-up maintenance tasks. 109 | 110 | After finishing maintenance, it is possible to create maintenance 111 | reports by leveraging **katprep\_report(1)**. 112 | 113 | So, in summary - to automate patching your system landscape, execute the 114 | following tools: 115 | 116 | 1. **katprep\_snapshot(1)** to create an infrastructure snapshot 117 | 2. **katprep\_maintenance(1)** to prepare, execute and clean-up 118 | maintenance 119 | 3. **katprep\_snapshot(1)** to create another infrastructure snapshot 120 | 4. **katprep\_report(1)** to create maintenance reports (optional) 121 | 122 | BUGS 123 | ==== 124 | 125 | See GitHub issues: https://github.com/stdevel/katprep/issues 126 | 127 | AUTHOR 128 | ====== 129 | 130 | Christian Stankowic info@cstan.io 131 | 132 | SEE ALSO 133 | ======== 134 | 135 | **katprep\_authconfig(1)**, **katprep\_maintenance(1)**, 136 | **katprep\_parameters(1)**, **katprep\_populate(1)**, 137 | **katprep\_report(1)**, **katprep\_snapshot(1)** 138 | -------------------------------------------------------------------------------- /doc/source/man/katprep.auth.5.rst: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep.auth** — An individual katprep authentication container file 5 | 6 | DESCRIPTION 7 | =========== 8 | 9 | A *katprep.auth* file is an individual authentication container file 10 | used by the **katprep(1)** framework in order to gain access to external 11 | third-party systems (such as monitoring systems and hypervisors). This 12 | removes the need of entering login information every time to trigger 13 | external systems. Authentication containers are JSON documents that can 14 | also be protected by a passphrase. In this case, you need to enter the 15 | passphrase once when using the container. 16 | 17 | A valid document contains a dictionary containing hostnames and another 18 | dictionary specifying the following fields: 19 | 20 | username 21 | A valid username 22 | 23 | password 24 | Appropriate password 25 | 26 | Example: 27 | 28 | {"vcenter.giertz.loc": {"username": "stdevel", "password": "chad"} 29 | 30 | Once encrypted, corresponding password entries are replaced with 31 | symmetric Fernet hashes: 32 | 33 | {"vcenter.giertz.loc": {"username": "stdevel", "password": "s/gAAAA..."} 34 | 35 | To modify an authentication container, utilize the 36 | **katprep\_authconfig(1)** utility - manually editing the file is **not 37 | supported**. 38 | 39 | BUGS 40 | ==== 41 | 42 | See GitHub issues: https://github.com/stdevel/katprep/issues 43 | 44 | AUTHOR 45 | ====== 46 | 47 | Christian Stankowic info@cstan.io 48 | 49 | SEE ALSO 50 | ======== 51 | 52 | **katprep(1)**, **katprep\_authconfig(1)** 53 | -------------------------------------------------------------------------------- /doc/source/man/katprep_authconfig.1.rst: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep\_authconfig** — Manages credentials for third-party systems 5 | triggered by katprep 6 | 7 | SYNOPSIS 8 | ======== 9 | 10 | **katprep\_authconfig** [**-h**\ ] [**-v**\ ] [**-q**\ ] [**-d**\ ] 11 | [*file*\ ] [**list**\ \|\ **add**\ \|\ **remove**\ \|\ **password**] 12 | 13 | DESCRIPTION 14 | =========== 15 | 16 | Creates, modifies and removes entries from authentication containers 17 | used by the **katprep(1)** framework in order to gain access to external 18 | third-party systems (such as monitoring systems and hypervisors). This 19 | removes the need of entering login information every time to trigger 20 | external systems. Authentication containers are JSON documents that can 21 | also be protected by a passphrase. In this case, you need to enter the 22 | passphrase once when using the container. 23 | 24 | Options 25 | ------- 26 | 27 | -h, --help 28 | Prints brief usage information. 29 | 30 | -v, --version 31 | Prints the current version number. 32 | 33 | -q, --quiet 34 | Supresses printing status messages to stdout. 35 | 36 | -d, --debug 37 | Enables debugging outputs. 38 | 39 | Listing credentials 40 | ------------------- 41 | 42 | To list credentials, use the **list** command. By default, the output 43 | will contain hostnames and usernames, but no password. To also show 44 | password in plain text, add the following parameter: 45 | 46 | -a, --show-password 47 | also print passwords. 48 | 49 | Adding credentials 50 | ------------------ 51 | 52 | To add credentials, use the **add** command. By default, you will be 53 | prompted for hostname, username and password. To pre-select information, 54 | utilize the following parameters: 55 | 56 | -H *hostname*, --hostname *hostname* 57 | Third-party system hostname 58 | 59 | -u *username*, --username *username* 60 | Appropriate username 61 | 62 | -p *password*, --password *password* 63 | Corresponding password 64 | 65 | Removing credentials 66 | -------------------- 67 | 68 | To remove credentials, use the **remove** command. You will be prompted 69 | for a hostname, to pre-select the hostname, utilize the following 70 | parameter: 71 | 72 | -H *hostname*, --hostname *hostname* 73 | Third-party system hostname 74 | 75 | Encrypting/decrypting containers 76 | -------------------------------- 77 | 78 | By default, authentication containers contain login information in plain 79 | text. To enhance security, it is possible to encrypt the passwords with 80 | a passphrase up to 32 chars. To encrypt or decrypt a file, utilize the 81 | **password** command. By default, the utility prompts a password. To 82 | pre-select the password, utilize the following parameter: 83 | 84 | -p *password*, --password *password* 85 | Password 86 | 87 | To encrypt an authentication container, simply execute 88 | **katprep\_authconfig** [*file*\ ] **password** and specify a 89 | passphrase. To remove the encryption, re-run the command without 90 | specifying a passphrase. 91 | 92 | FILES 93 | ===== 94 | 95 | *~/.katpreprc* 96 | Per-user katprep configuration file. 97 | 98 | *katprep.auth* 99 | Individual katprep authentication container file. 100 | 101 | BUGS 102 | ==== 103 | 104 | See GitHub issues: https://github.com/stdevel/katprep/issues 105 | 106 | AUTHOR 107 | ====== 108 | 109 | Christian Stankowic info@cstan.io 110 | 111 | SEE ALSO 112 | ======== 113 | 114 | **katprep(1)**, **katprep.auth(5)** 115 | -------------------------------------------------------------------------------- /doc/source/man/katprep_parameters.1.rst: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep\_parameters** — Bulk edits Puppet host parameters for managed 5 | hosts 6 | 7 | SYNOPSIS 8 | ======== 9 | 10 | **katprep\_parameters** [**-h**\ ] [**-v**\ ] [**-q**\ ] [**-d**\ ] 11 | [**-n**\ ] [**-C** *authentication\_contianer*] [**-P** *password*] 12 | [**--insecure**\ ] [**-s** *server*] [**-l** *name*\ \|\ *id* \| **-o** 13 | *name*\ \|\ *id* \| **-g** *name*\ \|\ *id* \| **-e** *name*\ \|\ *id*] 14 | [**-A** \| **--add-optional-parameters** \| **-R** \| **-D** \| **-U** 15 | \| **-L**] 16 | 17 | DESCRIPTION 18 | =========== 19 | 20 | Creates, removes, updates or audits Puppet host parameters used by the 21 | **katprep(1)** framework in order to automate system maintenance. Use 22 | this utility to bulk edit host parameters, e.g. to change snapshot 23 | protection settings per hostgroup. For the first integration of your 24 | infrastructure, use **katprep\_populate(1)** as it offers 25 | auto-discovery. 26 | 27 | Host parameters 28 | --------------- 29 | 30 | The following Puppet host parameters are created/updated: 31 | 32 | katprep\_mon 33 | URL of the monitoring system (see also **Monitoring URLs**) 34 | 35 | katprep\_mon\_name 36 | Object name within monitoring if ont FQDN 37 | 38 | katprep\_mon\_type 39 | Monitoring system type: [*nagios*\ \|\ *icinga*] (default: icinga) 40 | 41 | katprep\_virt 42 | URI of the virtualization host (see also **Virtualization URIs**) 43 | 44 | katprep\_virt\_snapshot 45 | Boolean [*0*\ \|\ *1*] whether the system needs to be protected by a 46 | snapshot 47 | 48 | katprep\_virt\_name 49 | Object name within hypervisor if not FQDN 50 | 51 | katprep\_virt\_type 52 | Virtualization host type, [*libvirt*\ \|\ *pyvmovmi*] (default: 53 | libvirt) 54 | 55 | For valid Virtualization URIs and monitoring URLs, see **katprep(1)**. 56 | 57 | Options 58 | ------- 59 | 60 | -h, --help 61 | Prints brief usage information. 62 | 63 | -v, --version 64 | Prints the current version number. 65 | 66 | -q, --quiet 67 | Supresses printing status messages to stdout. 68 | 69 | -d, --debug 70 | Enables debugging outputs. 71 | 72 | -n, --dry-run 73 | Only simulates what would be done (default: no) 74 | 75 | -C *filename*, --auth-container *filename* 76 | Defines an authentication container file (see also 77 | **katprep.auth(5)** and **katprep\_authconfig(1)**) 78 | 79 | -P *passphrase*, --auth-password *passphrase* 80 | Defines the authentication container password to avoid password 81 | prompt (unattented mode) 82 | 83 | --insecure 84 | Disables SSL verification (default: no) 85 | 86 | -s *hostname*, --server *hostname* 87 | Defines the Foreman server to use (default: localhost) 88 | 89 | -l *name*\ \|\ *id*, --location *name*\ \|\ *id* 90 | filters by particular location 91 | 92 | -o *name*\ \|\ *id*, --organization *name*\ \|\ *id* 93 | filters by particular organization 94 | 95 | -g *name*\ \|\ *id*, --hostgroup *name*\ \|\ *id* 96 | filters by particular hostgroup 97 | 98 | -e *name*\ \|\ *id*, --environment *name*\ \|\ *id* 99 | filters by particular Puppet environment 100 | 101 | -A, --add-parameters 102 | Adds built-in parameters (*katprep\_mon*, *katprep\_virt*, 103 | *katprep\_virt\_snapshot*) to all affected hosts (default: no) 104 | 105 | --add-optional-parameters 106 | Adds optoinal built-in parameters (*katprep\_mon\_type*, 107 | *katprep\_mon\_name*, *katprep\_virt\_name*, *katprep\_virt\_type*) 108 | to all affected hosts (default: no) 109 | 110 | -R, --remove-parameters 111 | Removes built-in parameters from all affected hosts (default: no) 112 | 113 | -D, --display-parameters 114 | Lists values of defined parameters for affected hosts (default: no) 115 | 116 | -U, --update-parameters 117 | Updates values of defined parameters for affected hosts (default: 118 | no) 119 | 120 | -L, --list-parameters 121 | Only lists available parameters (default: no) 122 | 123 | FILES 124 | ===== 125 | 126 | *~/.katpreprc* 127 | Per-user katprep configuration file. 128 | 129 | *katprep.auth* 130 | Individual katprep authentication container file. 131 | 132 | BUGS 133 | ==== 134 | 135 | See GitHub issues: https://github.com/stdevel/katprep/issues 136 | 137 | AUTHOR 138 | ====== 139 | 140 | Christian Stankowic info@cstan.io 141 | 142 | SEE ALSO 143 | ======== 144 | 145 | **katprep(1)**, **katprep\_authconfig(1)**, **katprep\_populate(1)** 146 | -------------------------------------------------------------------------------- /doc/source/man/katprep_populate.1.rst: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep\_populate** — Auto-discovers and updates monitoring and 5 | hypervisor information for managed systems 6 | 7 | SYNOPSIS 8 | ======== 9 | 10 | **katprep\_populate** [**-h**\ ] [**-v**\ ] [**-q**\ ] [**-d**\ ] 11 | [**-n**\ ] [**-C** *authentication\_contianer*] [**-P** *password*] 12 | [**--ipv6-only**\ ] [**--insecure**\ ] [**-s** *server*] [**-u**\ ] 13 | [**--virt-uri** *uri*] [**--virt-type** *libvirt*\ \|\ *pyvmomi*] 14 | [**--skip-virt**\ ] [**--mon-url** *url*] [**--mon-type** 15 | *nagios*\ \|\ *icinga*] [**--skip-mon**\ ] 16 | 17 | DESCRIPTION 18 | =========== 19 | 20 | Auto-discovers monitoring host definitions and virtual machines and 21 | links those objects to Foreman hosts. This is done by comparing IP 22 | addresses and hostnames. Differing hostnames between Foreman, monitoring 23 | and hypervisor are detected and configured as host parameters (see also 24 | **Host parameters**). 25 | 26 | To only update particular host parameters, utilize the 27 | **katprep\_parameters(1)** utility. 28 | 29 | Host parameters 30 | --------------- 31 | 32 | The following Puppet host parameters are created/updated: 33 | 34 | katprep\_mon 35 | URL of the monitoring system (see also **Monitoring URLs**) 36 | 37 | katprep\_mon\_name 38 | Object name within monitoring if ont FQDN 39 | 40 | katprep\_mon\_type 41 | Monitoring system type: [*nagios*\ \|\ *icinga*] (default: icinga) 42 | 43 | katprep\_virt 44 | URI of the virtualization host (see also **Virtualization URIs**) 45 | 46 | katprep\_virt\_snapshot 47 | Boolean [*0*\ \|\ *1*] whether the system needs to be protected by a 48 | snapshot 49 | 50 | katprep\_virt\_name 51 | Object name within hypervisor if not FQDN 52 | 53 | katprep\_virt\_type 54 | Virtualization host type, [*libvirt*\ \|\ *pyvmovmi*] (default: 55 | libvirt) 56 | 57 | For valid Virtualization URIs and monitoring URLs, see **katprep(1)**. 58 | 59 | Options 60 | ------- 61 | 62 | -h, --help 63 | Prints brief usage information. 64 | 65 | -v, --version 66 | Prints the current version number. 67 | 68 | -q, --quiet 69 | Supresses printing status messages to stdout. 70 | 71 | -d, --debug 72 | Enables debugging outputs. 73 | 74 | -n, --dry-run 75 | Only simulates what would be done (default: no) 76 | 77 | -C *filename*, --auth-container *filename* 78 | Defines an authentication container file (see also 79 | **katprep.auth(5)** and **katprep\_authconfig(1)**) 80 | 81 | -P *passphrase*, --auth-password *passphrase* 82 | Defines the authentication container password to avoid password 83 | prompt (unattented mode) 84 | 85 | --ipv6-only 86 | Filters for IPv6-only addresses (default: no) 87 | 88 | --insecure 89 | Disables SSL verification (default: no) 90 | 91 | -s *hostname*, --server *hostname* 92 | Defines the Foreman server to use (default: localhost) 93 | 94 | -u, --update 95 | Updates pre-existing host parameters (default: no) 96 | 97 | --virt-uri *uri* 98 | Defines an URI to use (see also **Virtualization URIs**) 99 | 100 | --virt-type *libvirt*\ \|\ *pyvmomi* 101 | Defines the library to use for accessing the hypervisor, currently 102 | supported: *libvirt* or *pyvmomi* (VMware vSphere). (default: 103 | libvirt) 104 | 105 | --skip-virt 106 | Skips gathering data from hypervisor (default: no) 107 | 108 | --mon-url *url* 109 | Defines a monitoring URL to use (see also **Monitoring URLs**) 110 | 111 | --mon-type *nagios*\ \|\ *icinga* 112 | Defines the monitoring sytem type, currently supported: *nagios* 113 | (Nagios, Icinga 1.x) or *icinga* (Icinga 2). (default: icinga) 114 | 115 | --skip-mon 116 | Skips gathering data from monitoring system (default: no) 117 | 118 | EXAMPLES 119 | ======== 120 | 121 | It is a good idea to start-over by specifying your monitoring and 122 | hypervisor systems and enabling **dry-run** mode: 123 | 124 | | $ katprep\_populate --virt-uri st-vcsa03.stankowic.loc --virt-type 125 | pyvmomi --mon-url https://st-mon03.stankowic.loc:5665 -C pinkepank.auth 126 | --dry-run 127 | | INFO:katprep\_populate:This is just a SIMULATION - no changes will be 128 | made. 129 | | INFO:katprep\_populate:Host 'giertz.stankowic.loc' ==> set/update 130 | parameter/value: katprep\_virt/st-vcsa03.stankowic.loc 131 | | INFO:katprep\_populate:Host 'giertz.stankowic.loc' ==> set/update 132 | parameter/value: katprep\_mon\_type/icinga 133 | | ... 134 | 135 | Check the values that would be set - run the command again with omitting 136 | the **dry-run** parameter if they are correct. 137 | 138 | FILES 139 | ===== 140 | 141 | *~/.katpreprc* 142 | Per-user katprep configuration file. 143 | 144 | *katprep.auth* 145 | Individual katprep authentication container file. 146 | 147 | BUGS 148 | ==== 149 | 150 | See GitHub issues: https://github.com/stdevel/katprep/issues 151 | 152 | AUTHOR 153 | ====== 154 | 155 | Christian Stankowic info@cstan.io 156 | 157 | SEE ALSO 158 | ======== 159 | 160 | **katprep(1)**, **katprep\_parameters(1)** 161 | -------------------------------------------------------------------------------- /doc/source/man/katprep_report.1.rst: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep\_report** — Creates reports after system maintenance 5 | 6 | SYNOPSIS 7 | ======== 8 | 9 | **katprep\_report** [**-h**\ ] [**-v**\ ] [**-q**\ ] [**-d**\ ] [**-p** 10 | *path*] [**-o** *path*] [**-x**\ ] [**-t** *file*] *snapshot\_file* 11 | *snapshot\_file* 12 | 13 | DESCRIPTION 14 | =========== 15 | 16 | Creates reports after system maintenance based on two infrastructure 17 | status snapshots created by **katprep\_snapshot(1)**. The utility will 18 | automatically detect previous and current snapshots by checking the 19 | report change times. 20 | 21 | Run this utility after maintaining systems using 22 | **katprep\_maintenance(1)**. 23 | 24 | Options 25 | ------- 26 | 27 | -h, --help 28 | Prints brief usage information. 29 | 30 | -v, --version 31 | Prints the current version number. 32 | 33 | -q, --quiet 34 | Supresses printing status messages to stdout. 35 | 36 | -d, --debug 37 | Enables debugging outputs. 38 | 39 | -p *path*, --output-path *path* 40 | Defines the report output path (default: current directory) 41 | 42 | -C *filename*, --auth-container *filename* 43 | Defines an authentication container file (see also 44 | **katprep.auth(5)** and **katprep\_authconfig(1)**) 45 | 46 | -o *type*, --output-tpe *type* 47 | Defines the Pandoc output file type, usually this is set 48 | automatically based on the template file extension (default: no) 49 | 50 | -x, --preserve-yaml 51 | Keeps the YAML metadata after creating the reports, useful for 52 | debugging (default: no) 53 | 54 | -t *file*, --template *file* 55 | Defined the Pandoc template to use 56 | 57 | FILES 58 | ===== 59 | 60 | *~/.katpreprc* 61 | Per-user katprep configuration file. 62 | 63 | *katprep.auth* 64 | Individual katprep authentication container file. 65 | 66 | BUGS 67 | ==== 68 | 69 | See GitHub issues: https://github.com/stdevel/katprep/issues 70 | 71 | AUTHOR 72 | ====== 73 | 74 | Christian Stankowic info@cstan.io 75 | 76 | SEE ALSO 77 | ======== 78 | 79 | **katprep(1)**, **errata-diff.yml(5)**, **katprep\_maintenance(1)**, 80 | **katprep\_snapshot(1)** 81 | -------------------------------------------------------------------------------- /doc/source/man/katprep_snapshot.1.rst: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep\_snapshot** — Creates infrastructure status overview snapshots 5 | 6 | SYNOPSIS 7 | ======== 8 | 9 | **katprep\_snapshot** [**-h**\ ] [**-v**\ ] [**-q**\ ] [**-d**\ ] 10 | [**-p** *path*] [**-C** *authentication\_contianer*] [**-P** *password*] 11 | [**-s** *server*] [**--insecure**\ ] [**-l** *name*\ \|\ *id* \| **-o** 12 | *name*\ \|\ *id* \| **-g** *name*\ \|\ *id* \| **-e** *name*\ \|\ *id*] 13 | [**-E** *name*] 14 | 15 | DESCRIPTION 16 | =========== 17 | 18 | Creates infrastructure status overview snapshots including host 19 | information such as: 20 | 21 | - system information (IP address, operating system, owner,...) 22 | - katprep configuration parameters (monitoring and hypervisor 23 | configuration) 24 | - errata information (outstanding patches) 25 | 26 | These information are required by the **katprep(1)** framework in order 27 | to create maintenance reports using **katprep\_report(1)**. 28 | 29 | Run this utility before and after maintaining systems using 30 | **katprep\_maintenance(1)**. 31 | 32 | Options 33 | ------- 34 | 35 | -h, --help 36 | Prints brief usage information. 37 | 38 | -v, --version 39 | Prints the current version number. 40 | 41 | -q, --quiet 42 | Supresses printing status messages to stdout. 43 | 44 | -d, --debug 45 | Enables debugging outputs. 46 | 47 | -p *path*, --output-path *path* 48 | Defines the report output path (default: current directory) 49 | 50 | -C *filename*, --auth-container *filename* 51 | Defines an authentication container file (see also 52 | **katprep.auth(5)** and **katprep\_authconfig(1)**) 53 | 54 | -P *passphrase*, --auth-password *passphrase* 55 | Defines the authentication container password to avoid password 56 | prompt (unattented mode) 57 | 58 | -s *hostname*, --server *hostname* 59 | Defines the Foreman server to use (default: localhost) 60 | 61 | --insecure 62 | Disables SSL verification (default: no) 63 | 64 | -E *hostname*, --exclude *hostname* 65 | Excludes particular hosts, using wildcards is possible. 66 | 67 | -l *name*\ \|\ *id*, --location *name*\ \|\ *id* 68 | filters by particular location 69 | 70 | -o *name*\ \|\ *id*, --organization *name*\ \|\ *id* 71 | filters by particular organization 72 | 73 | -g *name*\ \|\ *id*, --hostgroup *name*\ \|\ *id* 74 | filters by particular hostgroup 75 | 76 | -e *name*\ \|\ *id*, --environment *name*\ \|\ *id* 77 | filters by particular Puppet environment 78 | 79 | FILES 80 | ===== 81 | 82 | *~/.katpreprc* 83 | Per-user katprep configuration file. 84 | 85 | *katprep.auth* 86 | Individual katprep authentication container file. 87 | 88 | BUGS 89 | ==== 90 | 91 | See GitHub issues: https://github.com/stdevel/katprep/issues 92 | 93 | AUTHOR 94 | ====== 95 | 96 | Christian Stankowic info@cstan.io 97 | 98 | SEE ALSO 99 | ======== 100 | 101 | **katprep(1)**, **katprep\_maintenance(1)**, **katprep\_report(1)** 102 | -------------------------------------------------------------------------------- /doc/source/parameter_overview.rst: -------------------------------------------------------------------------------- 1 | ================== 2 | Parameter overview 3 | ================== 4 | 5 | katprep uses multiple Puppet host parameters to control maintenance preparation and executing per system. Some parameters are created automatically using ``katprep_parameters``, some need to be created manually. The following table gives an overview: 6 | 7 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 8 | | Parameter | Example | Explanation | 9 | +=======================+======================+=======================================================================================+ 10 | | katprep_mon | http://host/icinga | URL of the monitoring system | 11 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 12 | | katprep_mon_name | giertz.stankowic.loc | Object name within monitoring if not FQDN | 13 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 14 | | katprep_mon_type | nagios | Monitoring host type: Nagios/Icinga 1.x (*nagios*) or Icinga2 (*icinga, default*) | 15 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 16 | | katprep_virt | vpx://esx.test.loc | Virtualization URL of the system (*libvirt or pyvmomi hostname*) | 17 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 18 | | katprep_virt_name | MYVM001 | VM name within hypervisor if not FQDN | 19 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 20 | | katprep_virt_type | pyvmomi | Virtualization host type: pyvmomi (*VMware*) or libvirt (*default*) | 21 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 22 | | katprep_virt_snapshot | 1 | Boolean (*1/0*) whether system needs to be protected by a snapshot before maintenance | 23 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 24 | -------------------------------------------------------------------------------- /doc/source/tested_setups.rst: -------------------------------------------------------------------------------- 1 | ============= 2 | Tested setups 3 | ============= 4 | 5 | katprep supports multiple Foreman, monitoring and virtualization systems. This page tries to summarize which software suites and versions have been tested. Feel free to report your experiences! 6 | 7 | ------- 8 | Foreman 9 | ------- 10 | 11 | +-------------------+---------+-------------+ 12 | | Product | Version | Status/Note | 13 | +===================+=========+=============+ 14 | | Foreman | 1.13.x+ | working | 15 | +-------------------+---------+-------------+ 16 | | Red Hat Satellite | 6.2.x | working | 17 | +-------------------+---------+-------------+ 18 | 19 | ---------- 20 | Monitoring 21 | ---------- 22 | 23 | +---------+---------+---------------------------+ 24 | | Product | Version | Status/Note | 25 | +=========+=========+===========================+ 26 | | Icinga | 1.12.x+ | working | 27 | +---------+---------+---------------------------+ 28 | | Nagios | 2.x | untested, but should work | 29 | +---------+---------+---------------------------+ 30 | | Nagios | 3.x | working | 31 | +---------+---------+---------------------------+ 32 | | Icinga2 | 2.4x | working | 33 | +---------+---------+---------------------------+ 34 | 35 | .. note:: 36 | When using `Open Monitoring Distribution (OMD)` ensure to utilize **Basic Auth** rather than **check_mk** authorization. 37 | 38 | -------------- 39 | Virtualization 40 | -------------- 41 | As katprep uses libvirt for communicating with a hypervisor, all hypervisors supported by libvirt should be supported by katprep as well. On the other hand, katprep also implements **VMware vSphere SDK for Python** (*PyVmomi*) as the VMware product support by **libvirt** is poor (*e.g. libvirt does not support DRS*). 42 | 43 | +---------------------+---------+---------------------------+ 44 | | Product | Version | Status/Note | 45 | +=====================+=========+===========================+ 46 | | VMware vCenter | 6.7 | untested, but should work | 47 | +---------------------+---------+---------------------------+ 48 | | VMware vCenter | 6.5 | works | 49 | +---------------------+---------+---------------------------+ 50 | | VMware vCenter | 6.0 | works | 51 | +---------------------+---------+---------------------------+ 52 | | VMware vCenter | 5.5 | untested, but should work | 53 | +---------------------+---------+---------------------------+ 54 | | VMware vSphere ESXi | 6.7 | untested, but should work | 55 | +---------------------+---------+---------------------------+ 56 | | VMware vSphere ESXi | 6.5 | works | 57 | +---------------------+---------+---------------------------+ 58 | | VMware vSphere ESXi | 6.0 | works | 59 | +---------------------+---------+---------------------------+ 60 | | VMware vSphere ESXi | 5.5 | untested, but should work | 61 | +---------------------+---------+---------------------------+ 62 | -------------------------------------------------------------------------------- /docs/.nojekyll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/.nojekyll -------------------------------------------------------------------------------- /docs/_images/example_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_images/example_1.png -------------------------------------------------------------------------------- /docs/_images/example_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_images/example_2.png -------------------------------------------------------------------------------- /docs/_modules/index.html: -------------------------------------------------------------------------------- 1 | 2 | 4 | 5 | 6 | 7 | 8 | 9 | Overview: module code — katprep 0.5.0 documentation 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 31 | 32 |
33 |
34 |
35 |
36 | 37 |

All modules for which code is available

38 | 41 | 42 |
43 |
44 |
45 | 61 |
62 |
63 | 75 | 79 | 80 | -------------------------------------------------------------------------------- /docs/_sources/changelog.rst.txt: -------------------------------------------------------------------------------- 1 | ========= 2 | Changelog 3 | ========= 4 | This page shows changes of the latest releases. 5 | 6 | ------------- 7 | Version 0.5.0 8 | ------------- 9 | Release date: **2018/06/29** 10 | 11 | .. note:: Red Hat Satellite 6.x users need to update to version 6.3 in order to enable VM reboots after system maintenance. Also, you will need to ensure that your virtualization infrastructure is registered within Foreman to link VMs to hosts. 12 | 13 | Changes since previous development releases: 14 | 15 | katprep_maintenance 16 | =================== 17 | * added posibility to suppress reboots under any circumstances (`issue39`_) 18 | * changed default reboot behavior to only reboot if erratum suggests it (`issue39`_) 19 | * fixed a bug where errata were tried to install if no errata were applicable (`issue39`_) 20 | * fixed a bug where enabled reboots were executed before gracefully completing errata installation (`issue40`_) 21 | * implemented ``-p`` / ``--include-packages`` parameters to also include non-erratum package upgrades during maintenance (`issue33`_) 22 | * implemented ``-E`` / ``--exclude`` parameters to exclude particular hosts by hostname wildcards (`issue38`_) 23 | * fixed bug where non-existent snapshots forced crashes 24 | * implemented ``-I`` / ``--include-only`` parameters to only include particular hosts by hostname wildcards (`issue63`_) 25 | * implemented ``revert`` command (`issue6`_) 26 | 27 | .. _issue6: https://github.com/stdevel/katprep/issues/6 28 | .. _issue33: https://github.com/stdevel/katprep/issues/33 29 | .. _issue38: https://github.com/stdevel/katprep/issues/38 30 | .. _issue39: https://github.com/stdevel/katprep/issues/39 31 | .. _issue40: https://github.com/stdevel/katprep/issues/40 32 | .. _issue63: https://github.com/stdevel/katprep/issues/63 33 | 34 | katprep_snapshot 35 | ================ 36 | * fixed a bug where detecting physical hosts was not working properly (`issue44`_) 37 | * fixed a bug where unregistered content hosts forced crashes (`issue52`_) 38 | * changed missing key log facility to debug 39 | * fixed a bug where hostnames were not verified 40 | * fixed a bug where ``reboot_required`` flags were not set correctly (`issue61`_) 41 | * fixed a bug where physical host/VMs flags were not set correctly (`issue61`_) 42 | 43 | .. _issue44: https://github.com/stdevel/katprep/issues/44 44 | .. _issue52: https://github.com/stdevel/katprep/issues/52 45 | .. _issue61: https://github.com/stdevel/katprep/issues/61 46 | 47 | katprep_populate 48 | ================ 49 | * implemented a IPv6 filter (`issue35`_) 50 | 51 | .. _issue35: https://github.com/stdevel/katprep/issues/35 52 | 53 | katprep_report 54 | ============== 55 | * fixed several bugs where report information were incorrect (`issue61`_) 56 | 57 | .. _issue61: https://github.com/stdevel/katprep/issues/61 58 | 59 | API integrations 60 | ================ 61 | * All: implemented unit tests for API clients (`issue13`_) 62 | * NagiosCGIClient, Icinga2APIClient, PyvmomiClient: implemented IPv4/6 filters 63 | * NagiosCGIClient: fixed a bug where scheduling downtime for hosts was not possible (`issue41`_) 64 | * NagiosCGIClient: implemented Nagios legacy detection throwing execptions for non-supported actions (`issue41`_) 65 | * NagiosCGIClient: fixed several bugs where web-scraping was not working properly forcing incorrect results (`issue41`_) 66 | * NagiosCGIClient: fixed a bug where scheduling downtimes was not possible 67 | * NagiosCGIClient: made ``has_downtime()`` more efficient and overhauled webscraping (`issue64`_) 68 | * SpacewalkAPIClient: first integration stubs 69 | * ForemanAPIClient, SpacewalkAPIClient: Moved hostname verification to shared library 70 | * Icinga2APIClient: Fixed a bug where some information were not retrieved correctly (`issue60`_) 71 | 72 | .. _issue13: https://github.com/stdevel/katprep/issues/13 73 | .. _issue41: https://github.com/stdevel/katprep/issues/41 74 | .. _issue60: https://github.com/stdevel/katprep/issues/60 75 | .. _issue64: https://github.com/stdevel/katprep/issues/64 76 | 77 | Shared library 78 | ============== 79 | * added parameters ``-P`` / ``--auth-password`` for pre-defining authentication container password (`issue36`_) 80 | 81 | .. _issue36: https://github.com/stdevel/katprep/issues/36 82 | 83 | Miscellaneous 84 | ============= 85 | * added manpages (`issue11`_) 86 | 87 | .. _issue11: https://github.com/stdevel/katprep/issues/11 88 | -------------------------------------------------------------------------------- /docs/_sources/debug.rst.txt: -------------------------------------------------------------------------------- 1 | ========================== 2 | Debugging and getting help 3 | ========================== 4 | 5 | This software is at an early stage, so perhaps things might explode. This page describes how to get in touch with the development team to get help. 6 | 7 | ------------ 8 | Getting help 9 | ------------ 10 | Basically, the best idea when having problems is to open an issue on GitHub_. Please supply the following information: 11 | - the Foreman/Katello or Red Hat Satellite version you are using 12 | - the katprep version you're using 13 | - a short description of your landscape (*e.g. single Foreman instance with some VMs running on a single ESXi host*) 14 | - debugging output of the command you're facing errors with (*see also Debugging*) - please attach a file instead of pasting the console output directly in the issue 15 | 16 | With these information it is easier to reproduce the error you're reporting. 17 | 18 | .. _GitHub: https://github.com/stdevel/katprep/issues 19 | 20 | --------- 21 | Debugging 22 | --------- 23 | Every katprep command offers a ``-d`` / ``--debug`` parameter. When investigating on an error, use this parameter to enable debugging outputs. Keep in mind, that the output will be quite long, so using these parameters along with ``tee`` is basically a good idea:: 24 | 25 | $ katprep_snapshot -C mycontainer.auth -s myforeman.giertz.loc -d 2>&1 | tee myerror.log 26 | 27 | This command will dump all standard and error output into a file named ``myerror.log``. When opening an issue on GitHub, please attach this file. 28 | 29 | ------------- 30 | Common issues 31 | ------------- 32 | Please checkout the issues_ page - it contains some common issues and how to fix them. 33 | 34 | .. _issues: issues.html 35 | -------------------------------------------------------------------------------- /docs/_sources/index.rst.txt: -------------------------------------------------------------------------------- 1 | .. katprep documentation master file, created by 2 | sphinx-quickstart on Wed Mar 1 16:33:04 2017. 3 | You can adapt this file completely to your liking, but it should at least 4 | contain the root `toctree` directive. 5 | 6 | Welcome to katprep's documentation! 7 | =================================== 8 | 9 | Generic topics 10 | ============== 11 | 12 | .. toctree:: 13 | :maxdepth: 1 14 | 15 | Changelog 16 | Tested setups 17 | Common issues 18 | Debugging and getting help 19 | Module details 20 | 21 | Instalation and usage 22 | ===================== 23 | 24 | .. toctree:: 25 | :maxdepth: 1 26 | 27 | Basic installation 28 | Authentication 29 | Represent your landscape 30 | Customizing reports 31 | Parameter overview 32 | Implementation examples 33 | 34 | Manpages 35 | ======== 36 | 37 | --------- 38 | Utilities 39 | --------- 40 | 41 | - :doc:`katprep(1) ` 42 | - :doc:`katprep_authconfig(1) ` 43 | - :doc:`katprep_maintenance(1) ` 44 | - :doc:`katprep_parameters(1) ` 45 | - :doc:`katprep_populate(1) ` 46 | - :doc:`katprep_report(1) ` 47 | - :doc:`katprep_snapshot(1) ` 48 | 49 | ------------------- 50 | Configuration files 51 | ------------------- 52 | 53 | - :doc:`errata-diff.yml(5) ` 54 | - :doc:`katprep.auth(5) ` 55 | 56 | Indices and tables 57 | ================== 58 | 59 | * :ref:`genindex` 60 | * :ref:`modindex` 61 | * :ref:`search` 62 | -------------------------------------------------------------------------------- /docs/_sources/installation.rst.txt: -------------------------------------------------------------------------------- 1 | ============ 2 | Requirements 3 | ============ 4 | In order to install and use katprep, the following requirements need to be met: 5 | 6 | * Python 2.7 or newer 7 | * Python modules: 8 | 9 | * simplejson 10 | * PyYAML 11 | * PyPandoc 12 | * Libvirt (*usually part of the libvirt-python package*) 13 | * PyVmomi (*VMware vSphere Python SDK*) 14 | 15 | * Pandoc (*for creating the reports*) 16 | * System running katprep needs access to the Foreman/Katello host using HTTPS 17 | * An API user for Foreman/Katello and other management systems (*Monitoring, virtualization host*) 18 | 19 | All these Python modules are available for the most Linux distributions using the package manager or PyPi. 20 | 21 | ========= 22 | API users 23 | ========= 24 | To ensure that katprep is able to control hosts and retrieve data from connected management systems, create appropriate service users: 25 | 26 | ------- 27 | Foreman 28 | ------- 29 | Basically, katprep only needs read access to Foreman/Katello - ensure to assign the following roles to your API user: 30 | * Viewer 31 | * View hosts 32 | * Tasks Reader 33 | 34 | If you want to automate create Puppet host parameters (*which can be done by using katprep_parameters and katprep_populate*) it is also necessary to assign the **Manager** role. 35 | 36 | ------------- 37 | Nagios/Icinga 38 | ------------- 39 | In order to schedule and remove downtimes, a service user needs to be created for katprep:: 40 | 41 | define contact { 42 | contact_name svc-katprep 43 | alias katprep user 44 | use generic-contact 45 | email root@localhost 46 | } 47 | 48 | Depending on your Nagios/Icinga configuration, it might be necessary to add the new user to the following roles in **cgi.cfg** like this:: 49 | * authorized_for_system_information 50 | * authorized_for_system_commands 51 | * authorized_for_all_services 52 | * authorized_for_all_hosts 53 | * authorized_for_all_service_commands 54 | * authorized_for_all_host_commands 55 | 56 | ------- 57 | Icinga2 58 | ------- 59 | To enable scheduling/removing downtimes and reading host configuration from Icinga2, create an API user with the following permissions:: 60 | 61 | #katprep user 62 | object ApiUser "svc-katprep" { 63 | password = "shittyrobots" 64 | permissions = [ "status/query", "objects/query/*", "actions/*" ] 65 | } 66 | 67 | -------------- 68 | VMware vCenter 69 | -------------- 70 | katprep needs to be able to read datacenter/cluster/host/vm information and create/remove snapshots. You can create a dedicated role with the following permissions: 71 | * Sessions 72 | 73 | * Validate sessions 74 | 75 | * Virtual machine 76 | 77 | * Interaction 78 | 79 | * Consolidate hard disks 80 | * Power On 81 | * Power Off 82 | * Reset 83 | 84 | * Snapshot management 85 | 86 | * Create Snapshot 87 | * Remove Snapshot 88 | * Revert Snapshot 89 | 90 | It is a common procedure to define permissions at a global vCenter Server level. 91 | 92 | ============ 93 | Installation 94 | ============ 95 | To install katprep, you can clone the GitHub repository and install the utility or build a RPM package to install. At a later point, we might also supply pre-built RPM packages:: 96 | 97 | $ wget https://github.com/stdevel/katprep/archive/master.zip 98 | $ unzip master.zip 99 | $ cd katprep-master 100 | 101 | ------------------- 102 | Manual installation 103 | ------------------- 104 | Proceed with the following steps:: 105 | 106 | $ python setup.py install 107 | 108 | In case you want to install the toolkit only for your current user (*e.g. because of file system restrictions*), use the **--user parameter**:: 109 | 110 | $ python setup.py install --user 111 | 112 | If you're a developer and want to contribute, you might prefer to install katprep in developer mode within your user context:: 113 | 114 | $ python setup.py develop --user 115 | 116 | --------- 117 | Build RPM 118 | --------- 119 | Ensure to have RPM development utilities installed and proceed with the following steps:: 120 | 121 | $ python setup.py bdist_rpm 122 | $ sudo yum localinstall dist/katprep*.rpm 123 | 124 | Specifying the **--spec-only** parameter will only create a RPM spec file:: 125 | 126 | $ python setup.py bdist_rpm --spec-only 127 | $ less dist/katprep.spec 128 | -------------------------------------------------------------------------------- /docs/_sources/issues.rst.txt: -------------------------------------------------------------------------------- 1 | ============= 2 | Common Issues 3 | ============= 4 | This page shows some common issues and how to fix them. 5 | 6 | -------------- 7 | Error messages 8 | -------------- 9 | 10 | No connection adapters were found for 'hostname.domain.loc/v1/objects/hosts' 11 | ============================================================================ 12 | When using katprep along with an Icinga2 instance, you're receiving an error like this:: 13 | 14 | ERROR:BasicIcinga2APIClient:No connection adapters were found for 'hostname.domain.loc/v1/objects/hosts' 15 | 16 | **Reason:** You forgot to specify a correct Icinga2 URL, protocol and port are missing. Use a value like ``https://hostname.domain.loc:5665`` 17 | 18 | SSL: CERTIFICATE_VERIFY_FAILED 19 | ============================== 20 | When accessing the Foreman/Katello API, the following error is displayed:: 21 | 22 | File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 576, in send r = adapter.send(request, 23 | **kwargs) File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 431, in send raise SSLError(e, 24 | request=request) requests.exceptions.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed 25 | (_ssl.c:579) 26 | 27 | **Reason:** Your Foreman/Katello server is using a self-signed certificate, use the ``--insecure`` parameter to ignore this error. 28 | -------------------------------------------------------------------------------- /docs/_sources/katprep.clients.rst.txt: -------------------------------------------------------------------------------- 1 | clients Package 2 | =============== 3 | 4 | :mod:`ForemanAPIClient` Module 5 | ------------------------------ 6 | 7 | .. automodule:: clients.ForemanAPIClient 8 | :members: 9 | :undoc-members: 10 | :show-inheritance: 11 | 12 | :mod:`SpacewalnAPIClient` Module 13 | -------------------------------- 14 | 15 | .. automodule:: clients.SpacewalkAPIClient 16 | :members: 17 | :undoc-members: 18 | :show-inheritance: 19 | 20 | :mod:`Icinga2APIClient` Module 21 | ------------------------------ 22 | 23 | .. automodule:: clients.Icinga2APIClient 24 | :members: 25 | :undoc-members: 26 | :show-inheritance: 27 | 28 | :mod:`LibvirtClient` Module 29 | --------------------------- 30 | 31 | .. automodule:: clients.LibvirtClient 32 | :members: 33 | :undoc-members: 34 | :show-inheritance: 35 | 36 | :mod:`NagiosCGIClient` Module 37 | ----------------------------- 38 | 39 | .. automodule:: clients.NagiosCGIClient 40 | :members: 41 | :undoc-members: 42 | :show-inheritance: 43 | 44 | :mod:`PyvmomiClient` Module 45 | --------------------------- 46 | 47 | .. automodule:: clients.PyvmomiClient 48 | :members: 49 | :undoc-members: 50 | :show-inheritance: 51 | 52 | -------------------------------------------------------------------------------- /docs/_sources/katprep.rst.txt: -------------------------------------------------------------------------------- 1 | Package 2 | =============== 3 | 4 | :mod:` Package 5 | ---------------------- 6 | 7 | .. automodule:: katprep 8 | :members: 9 | :undoc-members: 10 | :show-inheritance: 11 | 12 | :mod:`AuthContainer` Module 13 | --------------------------- 14 | 15 | .. automodule:: AuthContainer 16 | :members: 17 | :undoc-members: 18 | :show-inheritance: 19 | 20 | :mod:`authconfig` Module 21 | ------------------------ 22 | 23 | .. automodule:: katprep.authconfig 24 | :members: 25 | :undoc-members: 26 | :show-inheritance: 27 | 28 | :mod:`exceptions` Module 29 | ------------------------ 30 | 31 | .. automodule:: exceptions 32 | :members: 33 | :undoc-members: 34 | :show-inheritance: 35 | 36 | :mod:`maintenance` Module 37 | ------------------------- 38 | 39 | .. automodule:: katprep.maintenance 40 | :members: 41 | :undoc-members: 42 | :show-inheritance: 43 | 44 | :mod:`parameters` Module 45 | ------------------------ 46 | 47 | .. automodule:: katprep.parameters 48 | :members: 49 | :undoc-members: 50 | :show-inheritance: 51 | 52 | :mod:`populate` Module 53 | ---------------------- 54 | 55 | .. automodule:: katprep.populate 56 | :members: 57 | :undoc-members: 58 | :show-inheritance: 59 | 60 | :mod:`report` Module 61 | -------------------- 62 | 63 | .. automodule:: katprep.report 64 | :members: 65 | :undoc-members: 66 | :show-inheritance: 67 | 68 | :mod:`snapshot` Module 69 | ---------------------- 70 | 71 | .. automodule:: katprep.snapshot 72 | :members: 73 | :undoc-members: 74 | :show-inheritance: 75 | 76 | Subpackages 77 | ----------- 78 | 79 | .. toctree:: 80 | 81 | katprep.clients 82 | 83 | -------------------------------------------------------------------------------- /docs/_sources/man/errata-diff.yml.5.rst.txt: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **errata-diff.yml** — An individual katprep host maintenance report 5 | variable file 6 | 7 | DESCRIPTION 8 | =========== 9 | 10 | A *errata-diff.yml* file is an individual katprep host maintenance 11 | report variable file used by **katprep\_report(1)** in order to create 12 | host reports. The following information can be found in the variable 13 | file: 14 | 15 | - Generic system information (hostname, IP address,...) 16 | - Verification data obtained by **katprep\_maintenance(1)** 17 | - Errata delta information (CVEs, packages,...) between two 18 | infrastructure snapshot reports created by **katprep\_snapshot(1)** 19 | 20 | Usually, these variable files are removed automatically - but for 21 | debugging purposes or writing your own templates it might be necessary 22 | to check the content. To preserve YAML files execute 23 | **katprep\_report(1)** like this: 24 | 25 | $ katprep\_report errata\*json -t *template* -x 26 | 27 | A valid variable file is written in YAML and contains the following 28 | dictionaries: 29 | 30 | - errata 31 | - params 32 | - verification 33 | 34 | Every errata entry consists at least of the following variables: 35 | 36 | cves 37 | CVE numbers 38 | 39 | description 40 | Erratum description 41 | 42 | errata\_id 43 | Erratum ID 44 | 45 | issued 46 | Erratum release date 47 | 48 | packages 49 | Dictionary containing related package names 50 | 51 | severity 52 | Erratum severity (bugfix, enhancement, critical) 53 | 54 | summary 55 | Erratum summary 56 | 57 | type 58 | Erratum type (bugfix, enhancement, critical) 59 | 60 | The ``params`` section includes at least: 61 | 62 | environment\_name 63 | Puppet environment name 64 | 65 | ip 66 | IP address 67 | 68 | katprep\_\* 69 | katprep-related host parameters 70 | 71 | location\_name 72 | Location the host is assigned to 73 | 74 | name 75 | Object name within Foreman 76 | 77 | operatingsystem\_name 78 | Operating system name 79 | 80 | organization\_name 81 | Organization the host is assigned to 82 | 83 | owner 84 | Specified owner within Foreman 85 | 86 | system\_physical 87 | Flag whether the system is physical 88 | 89 | date 90 | Snapshot creation date 91 | 92 | time 93 | Snapshot creation time 94 | 95 | The ``verification`` section can include: 96 | 97 | mon\_cleanup 98 | Flag whether downtime has been cleared 99 | 100 | mon\_status 101 | Overall monitoring state 102 | 103 | mon\_status\_detail 104 | Detailed monitoring state (e.g. service states) 105 | 106 | virt\_cleanup 107 | Flag whether snapshot has been removed 108 | 109 | BUGS 110 | ==== 111 | 112 | See GitHub issues: https://github.com/stdevel/katprep/issues 113 | 114 | AUTHOR 115 | ====== 116 | 117 | Christian Stankowic info@cstan.io 118 | 119 | SEE ALSO 120 | ======== 121 | 122 | **katprep(1)**, **katprep\_maintenance(1)**, **katprep\_report(1)**, 123 | **katprep\_snapshot(1)** 124 | -------------------------------------------------------------------------------- /docs/_sources/man/katprep.1.rst.txt: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep** — Python toolkit for automating system maintenance and 5 | generating patch reports along with Foreman/Katello and Red Hat 6 | Satellite 6.x 7 | 8 | DESCRIPTION 9 | =========== 10 | 11 | katprep is a toolkit for automating system maintenance tasks such as: 12 | 13 | - Preparing system maintenance (scheduling downtimes, creating VM 14 | snapshots) 15 | - Installing errata and non-erratum package upgrades 16 | - Showing status of maintenance progress 17 | - Checking monitoring and snapshot status 18 | - Reverting VM snapshots 19 | - Removing downtimes and snapshots 20 | - Generating maintenance reports (e.g. because of of ISO/IEC 27001:2005 21 | IT certifications) 22 | 23 | For VM management, the **libvirt** and **pyVmomi** (VMware vSphere 24 | Python API bindings) libraries are used, therefore at least the 25 | following hypervisors are supported: - VMware vSphere, Workstation, 26 | Player - VirtualBox - QEMU - KVM - XEN - Microsoft Hyper-V 27 | 28 | Check-out the libvirt website (https://libvirt.org/drivers.html) for 29 | additional drivers. 30 | 31 | For managing monitoring, the following products are supported: - 32 | Nagios/Icinga 1.x - Icinga2 33 | 34 | When creating reports, the document converter Pandoc is used. This 35 | enables exporting reports in various formats; this utility offers 36 | pre-defined Markdown and HTML templates. 37 | 38 | Virtualization URIs 39 | ------------------- 40 | 41 | When using **libvirt** specify a valid connection URI, such as: 42 | 43 | | qemu+ssh://root@pinkepank.giertz.loc/system 44 | | xen:///system 45 | | esx:///system 46 | | vpx://vc01/cluster02/locaiton03/esxi04/?no\_verify=1 47 | | vbox:///system 48 | 49 | See the libvirt documentation 50 | (https://libvirt.org/guide/html/Application\_Development\_Guide-Connections-URI\_Formats.html) 51 | for more examples. 52 | 53 | When using **pyvmomi**, specify a valid ESXi host or vCenter Server 54 | hostname, such as: 55 | 56 | | vcenter.localdomain.loc 57 | | esxi.giertz.loc 58 | 59 | Monitoring URLs: 60 | ---------------- 61 | 62 | When using **nagios** (*NagiosCGIClient*), specify the full Nagios or 63 | Icinga 1.x URL - make sure **not** to include **/cgi-bin**. Examples: 64 | 65 | | https://nagios.giertz.loc/nagios 66 | | http://omd.pinkepank.loc/icinga 67 | 68 | When using **icinga** (*IcingaAPIClient*), specify the full API URL 69 | including the port - such as: 70 | 71 | https://bigbrother.giertz.loc:5665 72 | 73 | Utilities 74 | --------- 75 | 76 | The following utilities are part of the katprep framework: 77 | 78 | - **katprep\_authconfig(1)** - Manages credentials for third-party 79 | systems triggered by katprep 80 | - **katprep\_maintenance(1)** - Prepares, executes and verifies system 81 | maintenance tasks 82 | - **katprep\_parameters(1)** - Bulk edits Puppet host parameters for 83 | managed hosts 84 | - **katprep\_populate(1)** - Auto-discovers and updates monitoring and 85 | hypervisor information for managed systems 86 | - **katprep\_report(1)** - Creates reports after system maintenance 87 | - **katprep\_snapshot(1)** - Creates infrastructure status overview 88 | snapshots 89 | 90 | Usage 91 | ----- 92 | 93 | In order to automate system maintenance, you will need to represent your 94 | system landscape in katprep as the toolkit needs to know *which* hosts 95 | are *VMs* running on *which* hypervisor monitored by *which* monitoring 96 | system (managing physical hosts is also possible). From a Foreman 97 | perspective, these information are stored as Puppet host parameter - see 98 | also **katprep\_parameters(1)**. To omit the need of entering these 99 | information manually, two tools can assist - see 100 | **katprep\_parameters(1)** and **katprep\_populate(1)**. 101 | 102 | After your infrastructure is known to katprep, it can create 103 | infrastructure status reports using **katprep\_snapshot(5)**. This 104 | snapshot includes information about hosts and outstanding patches. 105 | Before and after managing hosts, a report needs to be created in order 106 | to be able to calculate the delta. System maintenance is triggered via 107 | **katprep\_maintenance(1)**. This utilities automates preparing, 108 | executing, verifying and cleaning-up maintenance tasks. 109 | 110 | After finishing maintenance, it is possible to create maintenance 111 | reports by leveraging **katprep\_report(1)**. 112 | 113 | So, in summary - to automate patching your system landscape, execute the 114 | following tools: 115 | 116 | 1. **katprep\_snapshot(1)** to create an infrastructure snapshot 117 | 2. **katprep\_maintenance(1)** to prepare, execute and clean-up 118 | maintenance 119 | 3. **katprep\_snapshot(1)** to create another infrastructure snapshot 120 | 4. **katprep\_report(1)** to create maintenance reports (optional) 121 | 122 | BUGS 123 | ==== 124 | 125 | See GitHub issues: https://github.com/stdevel/katprep/issues 126 | 127 | AUTHOR 128 | ====== 129 | 130 | Christian Stankowic info@cstan.io 131 | 132 | SEE ALSO 133 | ======== 134 | 135 | **katprep\_authconfig(1)**, **katprep\_maintenance(1)**, 136 | **katprep\_parameters(1)**, **katprep\_populate(1)**, 137 | **katprep\_report(1)**, **katprep\_snapshot(1)** 138 | -------------------------------------------------------------------------------- /docs/_sources/man/katprep.auth.5.rst.txt: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep.auth** — An individual katprep authentication container file 5 | 6 | DESCRIPTION 7 | =========== 8 | 9 | A *katprep.auth* file is an individual authentication container file 10 | used by the **katprep(1)** framework in order to gain access to external 11 | third-party systems (such as monitoring systems and hypervisors). This 12 | removes the need of entering login information every time to trigger 13 | external systems. Authentication containers are JSON documents that can 14 | also be protected by a passphrase. In this case, you need to enter the 15 | passphrase once when using the container. 16 | 17 | A valid document contains a dictionary containing hostnames and another 18 | dictionary specifying the following fields: 19 | 20 | username 21 | A valid username 22 | 23 | password 24 | Appropriate password 25 | 26 | Example: 27 | 28 | {"vcenter.giertz.loc": {"username": "stdevel", "password": "chad"} 29 | 30 | Once encrypted, corresponding password entries are replaced with 31 | symmetric Fernet hashes: 32 | 33 | {"vcenter.giertz.loc": {"username": "stdevel", "password": "s/gAAAA..."} 34 | 35 | To modify an authentication container, utilize the 36 | **katprep\_authconfig(1)** utility - manually editing the file is **not 37 | supported**. 38 | 39 | BUGS 40 | ==== 41 | 42 | See GitHub issues: https://github.com/stdevel/katprep/issues 43 | 44 | AUTHOR 45 | ====== 46 | 47 | Christian Stankowic info@cstan.io 48 | 49 | SEE ALSO 50 | ======== 51 | 52 | **katprep(1)**, **katprep\_authconfig(1)** 53 | -------------------------------------------------------------------------------- /docs/_sources/man/katprep_authconfig.1.rst.txt: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep\_authconfig** — Manages credentials for third-party systems 5 | triggered by katprep 6 | 7 | SYNOPSIS 8 | ======== 9 | 10 | **katprep\_authconfig** [**-h**\ ] [**-v**\ ] [**-q**\ ] [**-d**\ ] 11 | [*file*\ ] [**list**\ \|\ **add**\ \|\ **remove**\ \|\ **password**] 12 | 13 | DESCRIPTION 14 | =========== 15 | 16 | Creates, modifies and removes entries from authentication containers 17 | used by the **katprep(1)** framework in order to gain access to external 18 | third-party systems (such as monitoring systems and hypervisors). This 19 | removes the need of entering login information every time to trigger 20 | external systems. Authentication containers are JSON documents that can 21 | also be protected by a passphrase. In this case, you need to enter the 22 | passphrase once when using the container. 23 | 24 | Options 25 | ------- 26 | 27 | -h, --help 28 | Prints brief usage information. 29 | 30 | -v, --version 31 | Prints the current version number. 32 | 33 | -q, --quiet 34 | Supresses printing status messages to stdout. 35 | 36 | -d, --debug 37 | Enables debugging outputs. 38 | 39 | Listing credentials 40 | ------------------- 41 | 42 | To list credentials, use the **list** command. By default, the output 43 | will contain hostnames and usernames, but no password. To also show 44 | password in plain text, add the following parameter: 45 | 46 | -a, --show-password 47 | also print passwords. 48 | 49 | Adding credentials 50 | ------------------ 51 | 52 | To add credentials, use the **add** command. By default, you will be 53 | prompted for hostname, username and password. To pre-select information, 54 | utilize the following parameters: 55 | 56 | -H *hostname*, --hostname *hostname* 57 | Third-party system hostname 58 | 59 | -u *username*, --username *username* 60 | Appropriate username 61 | 62 | -p *password*, --password *password* 63 | Corresponding password 64 | 65 | Removing credentials 66 | -------------------- 67 | 68 | To remove credentials, use the **remove** command. You will be prompted 69 | for a hostname, to pre-select the hostname, utilize the following 70 | parameter: 71 | 72 | -H *hostname*, --hostname *hostname* 73 | Third-party system hostname 74 | 75 | Encrypting/decrypting containers 76 | -------------------------------- 77 | 78 | By default, authentication containers contain login information in plain 79 | text. To enhance security, it is possible to encrypt the passwords with 80 | a passphrase up to 32 chars. To encrypt or decrypt a file, utilize the 81 | **password** command. By default, the utility prompts a password. To 82 | pre-select the password, utilize the following parameter: 83 | 84 | -p *password*, --password *password* 85 | Password 86 | 87 | To encrypt an authentication container, simply execute 88 | **katprep\_authconfig** [*file*\ ] **password** and specify a 89 | passphrase. To remove the encryption, re-run the command without 90 | specifying a passphrase. 91 | 92 | FILES 93 | ===== 94 | 95 | *~/.katpreprc* 96 | Per-user katprep configuration file. 97 | 98 | *katprep.auth* 99 | Individual katprep authentication container file. 100 | 101 | BUGS 102 | ==== 103 | 104 | See GitHub issues: https://github.com/stdevel/katprep/issues 105 | 106 | AUTHOR 107 | ====== 108 | 109 | Christian Stankowic info@cstan.io 110 | 111 | SEE ALSO 112 | ======== 113 | 114 | **katprep(1)**, **katprep.auth(5)** 115 | -------------------------------------------------------------------------------- /docs/_sources/man/katprep_parameters.1.rst.txt: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep\_parameters** — Bulk edits Puppet host parameters for managed 5 | hosts 6 | 7 | SYNOPSIS 8 | ======== 9 | 10 | **katprep\_parameters** [**-h**\ ] [**-v**\ ] [**-q**\ ] [**-d**\ ] 11 | [**-n**\ ] [**-C** *authentication\_contianer*] [**-P** *password*] 12 | [**--insecure**\ ] [**-s** *server*] [**-l** *name*\ \|\ *id* \| **-o** 13 | *name*\ \|\ *id* \| **-g** *name*\ \|\ *id* \| **-e** *name*\ \|\ *id*] 14 | [**-A** \| **--add-optional-parameters** \| **-R** \| **-D** \| **-U** 15 | \| **-L**] 16 | 17 | DESCRIPTION 18 | =========== 19 | 20 | Creates, removes, updates or audits Puppet host parameters used by the 21 | **katprep(1)** framework in order to automate system maintenance. Use 22 | this utility to bulk edit host parameters, e.g. to change snapshot 23 | protection settings per hostgroup. For the first integration of your 24 | infrastructure, use **katprep\_populate(1)** as it offers 25 | auto-discovery. 26 | 27 | Host parameters 28 | --------------- 29 | 30 | The following Puppet host parameters are created/updated: 31 | 32 | katprep\_mon 33 | URL of the monitoring system (see also **Monitoring URLs**) 34 | 35 | katprep\_mon\_name 36 | Object name within monitoring if ont FQDN 37 | 38 | katprep\_mon\_type 39 | Monitoring system type: [*nagios*\ \|\ *icinga*] (default: icinga) 40 | 41 | katprep\_virt 42 | URI of the virtualization host (see also **Virtualization URIs**) 43 | 44 | katprep\_virt\_snapshot 45 | Boolean [*0*\ \|\ *1*] whether the system needs to be protected by a 46 | snapshot 47 | 48 | katprep\_virt\_name 49 | Object name within hypervisor if not FQDN 50 | 51 | katprep\_virt\_type 52 | Virtualization host type, [*libvirt*\ \|\ *pyvmovmi*] (default: 53 | libvirt) 54 | 55 | For valid Virtualization URIs and monitoring URLs, see **katprep(1)**. 56 | 57 | Options 58 | ------- 59 | 60 | -h, --help 61 | Prints brief usage information. 62 | 63 | -v, --version 64 | Prints the current version number. 65 | 66 | -q, --quiet 67 | Supresses printing status messages to stdout. 68 | 69 | -d, --debug 70 | Enables debugging outputs. 71 | 72 | -n, --dry-run 73 | Only simulates what would be done (default: no) 74 | 75 | -C *filename*, --auth-container *filename* 76 | Defines an authentication container file (see also 77 | **katprep.auth(5)** and **katprep\_authconfig(1)**) 78 | 79 | -P *passphrase*, --auth-password *passphrase* 80 | Defines the authentication container password to avoid password 81 | prompt (unattented mode) 82 | 83 | --insecure 84 | Disables SSL verification (default: no) 85 | 86 | -s *hostname*, --server *hostname* 87 | Defines the Foreman server to use (default: localhost) 88 | 89 | -l *name*\ \|\ *id*, --location *name*\ \|\ *id* 90 | filters by particular location 91 | 92 | -o *name*\ \|\ *id*, --organization *name*\ \|\ *id* 93 | filters by particular organization 94 | 95 | -g *name*\ \|\ *id*, --hostgroup *name*\ \|\ *id* 96 | filters by particular hostgroup 97 | 98 | -e *name*\ \|\ *id*, --environment *name*\ \|\ *id* 99 | filters by particular Puppet environment 100 | 101 | -A, --add-parameters 102 | Adds built-in parameters (*katprep\_mon*, *katprep\_virt*, 103 | *katprep\_virt\_snapshot*) to all affected hosts (default: no) 104 | 105 | --add-optional-parameters 106 | Adds optoinal built-in parameters (*katprep\_mon\_type*, 107 | *katprep\_mon\_name*, *katprep\_virt\_name*, *katprep\_virt\_type*) 108 | to all affected hosts (default: no) 109 | 110 | -R, --remove-parameters 111 | Removes built-in parameters from all affected hosts (default: no) 112 | 113 | -D, --display-parameters 114 | Lists values of defined parameters for affected hosts (default: no) 115 | 116 | -U, --update-parameters 117 | Updates values of defined parameters for affected hosts (default: 118 | no) 119 | 120 | -L, --list-parameters 121 | Only lists available parameters (default: no) 122 | 123 | FILES 124 | ===== 125 | 126 | *~/.katpreprc* 127 | Per-user katprep configuration file. 128 | 129 | *katprep.auth* 130 | Individual katprep authentication container file. 131 | 132 | BUGS 133 | ==== 134 | 135 | See GitHub issues: https://github.com/stdevel/katprep/issues 136 | 137 | AUTHOR 138 | ====== 139 | 140 | Christian Stankowic info@cstan.io 141 | 142 | SEE ALSO 143 | ======== 144 | 145 | **katprep(1)**, **katprep\_authconfig(1)**, **katprep\_populate(1)** 146 | -------------------------------------------------------------------------------- /docs/_sources/man/katprep_populate.1.rst.txt: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep\_populate** — Auto-discovers and updates monitoring and 5 | hypervisor information for managed systems 6 | 7 | SYNOPSIS 8 | ======== 9 | 10 | **katprep\_populate** [**-h**\ ] [**-v**\ ] [**-q**\ ] [**-d**\ ] 11 | [**-n**\ ] [**-C** *authentication\_contianer*] [**-P** *password*] 12 | [**--ipv6-only**\ ] [**--insecure**\ ] [**-s** *server*] [**-u**\ ] 13 | [**--virt-uri** *uri*] [**--virt-type** *libvirt*\ \|\ *pyvmomi*] 14 | [**--skip-virt**\ ] [**--mon-url** *url*] [**--mon-type** 15 | *nagios*\ \|\ *icinga*] [**--skip-mon**\ ] 16 | 17 | DESCRIPTION 18 | =========== 19 | 20 | Auto-discovers monitoring host definitions and virtual machines and 21 | links those objects to Foreman hosts. This is done by comparing IP 22 | addresses and hostnames. Differing hostnames between Foreman, monitoring 23 | and hypervisor are detected and configured as host parameters (see also 24 | **Host parameters**). 25 | 26 | To only update particular host parameters, utilize the 27 | **katprep\_parameters(1)** utility. 28 | 29 | Host parameters 30 | --------------- 31 | 32 | The following Puppet host parameters are created/updated: 33 | 34 | katprep\_mon 35 | URL of the monitoring system (see also **Monitoring URLs**) 36 | 37 | katprep\_mon\_name 38 | Object name within monitoring if ont FQDN 39 | 40 | katprep\_mon\_type 41 | Monitoring system type: [*nagios*\ \|\ *icinga*] (default: icinga) 42 | 43 | katprep\_virt 44 | URI of the virtualization host (see also **Virtualization URIs**) 45 | 46 | katprep\_virt\_snapshot 47 | Boolean [*0*\ \|\ *1*] whether the system needs to be protected by a 48 | snapshot 49 | 50 | katprep\_virt\_name 51 | Object name within hypervisor if not FQDN 52 | 53 | katprep\_virt\_type 54 | Virtualization host type, [*libvirt*\ \|\ *pyvmovmi*] (default: 55 | libvirt) 56 | 57 | For valid Virtualization URIs and monitoring URLs, see **katprep(1)**. 58 | 59 | Options 60 | ------- 61 | 62 | -h, --help 63 | Prints brief usage information. 64 | 65 | -v, --version 66 | Prints the current version number. 67 | 68 | -q, --quiet 69 | Supresses printing status messages to stdout. 70 | 71 | -d, --debug 72 | Enables debugging outputs. 73 | 74 | -n, --dry-run 75 | Only simulates what would be done (default: no) 76 | 77 | -C *filename*, --auth-container *filename* 78 | Defines an authentication container file (see also 79 | **katprep.auth(5)** and **katprep\_authconfig(1)**) 80 | 81 | -P *passphrase*, --auth-password *passphrase* 82 | Defines the authentication container password to avoid password 83 | prompt (unattented mode) 84 | 85 | --ipv6-only 86 | Filters for IPv6-only addresses (default: no) 87 | 88 | --insecure 89 | Disables SSL verification (default: no) 90 | 91 | -s *hostname*, --server *hostname* 92 | Defines the Foreman server to use (default: localhost) 93 | 94 | -u, --update 95 | Updates pre-existing host parameters (default: no) 96 | 97 | --virt-uri *uri* 98 | Defines an URI to use (see also **Virtualization URIs**) 99 | 100 | --virt-type *libvirt*\ \|\ *pyvmomi* 101 | Defines the library to use for accessing the hypervisor, currently 102 | supported: *libvirt* or *pyvmomi* (VMware vSphere). (default: 103 | libvirt) 104 | 105 | --skip-virt 106 | Skips gathering data from hypervisor (default: no) 107 | 108 | --mon-url *url* 109 | Defines a monitoring URL to use (see also **Monitoring URLs**) 110 | 111 | --mon-type *nagios*\ \|\ *icinga* 112 | Defines the monitoring sytem type, currently supported: *nagios* 113 | (Nagios, Icinga 1.x) or *icinga* (Icinga 2). (default: icinga) 114 | 115 | --skip-mon 116 | Skips gathering data from monitoring system (default: no) 117 | 118 | EXAMPLES 119 | ======== 120 | 121 | It is a good idea to start-over by specifying your monitoring and 122 | hypervisor systems and enabling **dry-run** mode: 123 | 124 | | $ katprep\_populate --virt-uri st-vcsa03.stankowic.loc --virt-type 125 | pyvmomi --mon-url https://st-mon03.stankowic.loc:5665 -C pinkepank.auth 126 | --dry-run 127 | | INFO:katprep\_populate:This is just a SIMULATION - no changes will be 128 | made. 129 | | INFO:katprep\_populate:Host 'giertz.stankowic.loc' ==> set/update 130 | parameter/value: katprep\_virt/st-vcsa03.stankowic.loc 131 | | INFO:katprep\_populate:Host 'giertz.stankowic.loc' ==> set/update 132 | parameter/value: katprep\_mon\_type/icinga 133 | | ... 134 | 135 | Check the values that would be set - run the command again with omitting 136 | the **dry-run** parameter if they are correct. 137 | 138 | FILES 139 | ===== 140 | 141 | *~/.katpreprc* 142 | Per-user katprep configuration file. 143 | 144 | *katprep.auth* 145 | Individual katprep authentication container file. 146 | 147 | BUGS 148 | ==== 149 | 150 | See GitHub issues: https://github.com/stdevel/katprep/issues 151 | 152 | AUTHOR 153 | ====== 154 | 155 | Christian Stankowic info@cstan.io 156 | 157 | SEE ALSO 158 | ======== 159 | 160 | **katprep(1)**, **katprep\_parameters(1)** 161 | -------------------------------------------------------------------------------- /docs/_sources/man/katprep_report.1.rst.txt: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep\_report** — Creates reports after system maintenance 5 | 6 | SYNOPSIS 7 | ======== 8 | 9 | **katprep\_report** [**-h**\ ] [**-v**\ ] [**-q**\ ] [**-d**\ ] [**-p** 10 | *path*] [**-o** *path*] [**-x**\ ] [**-t** *file*] *snapshot\_file* 11 | *snapshot\_file* 12 | 13 | DESCRIPTION 14 | =========== 15 | 16 | Creates reports after system maintenance based on two infrastructure 17 | status snapshots created by **katprep\_snapshot(1)**. The utility will 18 | automatically detect previous and current snapshots by checking the 19 | report change times. 20 | 21 | Run this utility after maintaining systems using 22 | **katprep\_maintenance(1)**. 23 | 24 | Options 25 | ------- 26 | 27 | -h, --help 28 | Prints brief usage information. 29 | 30 | -v, --version 31 | Prints the current version number. 32 | 33 | -q, --quiet 34 | Supresses printing status messages to stdout. 35 | 36 | -d, --debug 37 | Enables debugging outputs. 38 | 39 | -p *path*, --output-path *path* 40 | Defines the report output path (default: current directory) 41 | 42 | -C *filename*, --auth-container *filename* 43 | Defines an authentication container file (see also 44 | **katprep.auth(5)** and **katprep\_authconfig(1)**) 45 | 46 | -o *type*, --output-tpe *type* 47 | Defines the Pandoc output file type, usually this is set 48 | automatically based on the template file extension (default: no) 49 | 50 | -x, --preserve-yaml 51 | Keeps the YAML metadata after creating the reports, useful for 52 | debugging (default: no) 53 | 54 | -t *file*, --template *file* 55 | Defined the Pandoc template to use 56 | 57 | FILES 58 | ===== 59 | 60 | *~/.katpreprc* 61 | Per-user katprep configuration file. 62 | 63 | *katprep.auth* 64 | Individual katprep authentication container file. 65 | 66 | BUGS 67 | ==== 68 | 69 | See GitHub issues: https://github.com/stdevel/katprep/issues 70 | 71 | AUTHOR 72 | ====== 73 | 74 | Christian Stankowic info@cstan.io 75 | 76 | SEE ALSO 77 | ======== 78 | 79 | **katprep(1)**, **errata-diff.yml(5)**, **katprep\_maintenance(1)**, 80 | **katprep\_snapshot(1)** 81 | -------------------------------------------------------------------------------- /docs/_sources/man/katprep_snapshot.1.rst.txt: -------------------------------------------------------------------------------- 1 | NAME 2 | ==== 3 | 4 | **katprep\_snapshot** — Creates infrastructure status overview snapshots 5 | 6 | SYNOPSIS 7 | ======== 8 | 9 | **katprep\_snapshot** [**-h**\ ] [**-v**\ ] [**-q**\ ] [**-d**\ ] 10 | [**-p** *path*] [**-C** *authentication\_contianer*] [**-P** *password*] 11 | [**-s** *server*] [**--insecure**\ ] [**-l** *name*\ \|\ *id* \| **-o** 12 | *name*\ \|\ *id* \| **-g** *name*\ \|\ *id* \| **-e** *name*\ \|\ *id*] 13 | [**-E** *name*] 14 | 15 | DESCRIPTION 16 | =========== 17 | 18 | Creates infrastructure status overview snapshots including host 19 | information such as: 20 | 21 | - system information (IP address, operating system, owner,...) 22 | - katprep configuration parameters (monitoring and hypervisor 23 | configuration) 24 | - errata information (outstanding patches) 25 | 26 | These information are required by the **katprep(1)** framework in order 27 | to create maintenance reports using **katprep\_report(1)**. 28 | 29 | Run this utility before and after maintaining systems using 30 | **katprep\_maintenance(1)**. 31 | 32 | Options 33 | ------- 34 | 35 | -h, --help 36 | Prints brief usage information. 37 | 38 | -v, --version 39 | Prints the current version number. 40 | 41 | -q, --quiet 42 | Supresses printing status messages to stdout. 43 | 44 | -d, --debug 45 | Enables debugging outputs. 46 | 47 | -p *path*, --output-path *path* 48 | Defines the report output path (default: current directory) 49 | 50 | -C *filename*, --auth-container *filename* 51 | Defines an authentication container file (see also 52 | **katprep.auth(5)** and **katprep\_authconfig(1)**) 53 | 54 | -P *passphrase*, --auth-password *passphrase* 55 | Defines the authentication container password to avoid password 56 | prompt (unattented mode) 57 | 58 | -s *hostname*, --server *hostname* 59 | Defines the Foreman server to use (default: localhost) 60 | 61 | --insecure 62 | Disables SSL verification (default: no) 63 | 64 | -E *hostname*, --exclude *hostname* 65 | Excludes particular hosts, using wildcards is possible. 66 | 67 | -l *name*\ \|\ *id*, --location *name*\ \|\ *id* 68 | filters by particular location 69 | 70 | -o *name*\ \|\ *id*, --organization *name*\ \|\ *id* 71 | filters by particular organization 72 | 73 | -g *name*\ \|\ *id*, --hostgroup *name*\ \|\ *id* 74 | filters by particular hostgroup 75 | 76 | -e *name*\ \|\ *id*, --environment *name*\ \|\ *id* 77 | filters by particular Puppet environment 78 | 79 | FILES 80 | ===== 81 | 82 | *~/.katpreprc* 83 | Per-user katprep configuration file. 84 | 85 | *katprep.auth* 86 | Individual katprep authentication container file. 87 | 88 | BUGS 89 | ==== 90 | 91 | See GitHub issues: https://github.com/stdevel/katprep/issues 92 | 93 | AUTHOR 94 | ====== 95 | 96 | Christian Stankowic info@cstan.io 97 | 98 | SEE ALSO 99 | ======== 100 | 101 | **katprep(1)**, **katprep\_maintenance(1)**, **katprep\_report(1)** 102 | -------------------------------------------------------------------------------- /docs/_sources/parameter_overview.rst.txt: -------------------------------------------------------------------------------- 1 | ================== 2 | Parameter overview 3 | ================== 4 | 5 | katprep uses multiple Puppet host parameters to control maintenance preparation and executing per system. Some parameters are created automatically using ``katprep_parameters``, some need to be created manually. The following table gives an overview: 6 | 7 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 8 | | Parameter | Example | Explanation | 9 | +=======================+======================+=======================================================================================+ 10 | | katprep_mon | http://host/icinga | URL of the monitoring system | 11 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 12 | | katprep_mon_name | giertz.stankowic.loc | Object name within monitoring if not FQDN | 13 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 14 | | katprep_mon_type | nagios | Monitoring host type: Nagios/Icinga 1.x (*nagios*) or Icinga2 (*icinga, default*) | 15 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 16 | | katprep_virt | vpx://esx.test.loc | Virtualization URL of the system (*libvirt or pyvmomi hostname*) | 17 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 18 | | katprep_virt_name | MYVM001 | VM name within hypervisor if not FQDN | 19 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 20 | | katprep_virt_type | pyvmomi | Virtualization host type: pyvmomi (*VMware*) or libvirt (*default*) | 21 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 22 | | katprep_virt_snapshot | 1 | Boolean (*1/0*) whether system needs to be protected by a snapshot before maintenance | 23 | +-----------------------+----------------------+---------------------------------------------------------------------------------------+ 24 | -------------------------------------------------------------------------------- /docs/_sources/tested_setups.rst.txt: -------------------------------------------------------------------------------- 1 | ============= 2 | Tested setups 3 | ============= 4 | 5 | katprep supports multiple Foreman, monitoring and virtualization systems. This page tries to summarize which software suites and versions have been tested. Feel free to report your experiences! 6 | 7 | ------- 8 | Foreman 9 | ------- 10 | 11 | +-------------------+---------+-------------+ 12 | | Product | Version | Status/Note | 13 | +===================+=========+=============+ 14 | | Foreman | 1.13.x+ | working | 15 | +-------------------+---------+-------------+ 16 | | Red Hat Satellite | 6.2.x | working | 17 | +-------------------+---------+-------------+ 18 | 19 | ---------- 20 | Monitoring 21 | ---------- 22 | 23 | +---------+---------+---------------------------+ 24 | | Product | Version | Status/Note | 25 | +=========+=========+===========================+ 26 | | Icinga | 1.12.x+ | working | 27 | +---------+---------+---------------------------+ 28 | | Nagios | 2.x | untested, but should work | 29 | +---------+---------+---------------------------+ 30 | | Nagios | 3.x | working | 31 | +---------+---------+---------------------------+ 32 | | Icinga2 | 2.4x | working | 33 | +---------+---------+---------------------------+ 34 | 35 | .. note:: 36 | When using `Open Monitoring Distribution (OMD)` ensure to utilize **Basic Auth** rather than **check_mk** authorization. 37 | 38 | -------------- 39 | Virtualization 40 | -------------- 41 | As katprep uses libvirt for communicating with a hypervisor, all hypervisors supported by libvirt should be supported by katprep as well. On the other hand, katprep also implements **VMware vSphere SDK for Python** (*PyVmomi*) as the VMware product support by **libvirt** is poor (*e.g. libvirt does not support DRS*). 42 | 43 | +---------------------+---------+---------------------------+ 44 | | Product | Version | Status/Note | 45 | +=====================+=========+===========================+ 46 | | VMware vCenter | 6.7 | untested, but should work | 47 | +---------------------+---------+---------------------------+ 48 | | VMware vCenter | 6.5 | works | 49 | +---------------------+---------+---------------------------+ 50 | | VMware vCenter | 6.0 | works | 51 | +---------------------+---------+---------------------------+ 52 | | VMware vCenter | 5.5 | untested, but should work | 53 | +---------------------+---------+---------------------------+ 54 | | VMware vSphere ESXi | 6.7 | untested, but should work | 55 | +---------------------+---------+---------------------------+ 56 | | VMware vSphere ESXi | 6.5 | works | 57 | +---------------------+---------+---------------------------+ 58 | | VMware vSphere ESXi | 6.0 | works | 59 | +---------------------+---------+---------------------------+ 60 | | VMware vSphere ESXi | 5.5 | untested, but should work | 61 | +---------------------+---------+---------------------------+ 62 | -------------------------------------------------------------------------------- /docs/_static/ajax-loader.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/ajax-loader.gif -------------------------------------------------------------------------------- /docs/_static/comment-bright.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/comment-bright.png -------------------------------------------------------------------------------- /docs/_static/comment-close.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/comment-close.png -------------------------------------------------------------------------------- /docs/_static/comment.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/comment.png -------------------------------------------------------------------------------- /docs/_static/default.css: -------------------------------------------------------------------------------- 1 | @import url("classic.css"); 2 | -------------------------------------------------------------------------------- /docs/_static/documentation_options.js: -------------------------------------------------------------------------------- 1 | var DOCUMENTATION_OPTIONS = { 2 | URL_ROOT: document.getElementById("documentation_options").getAttribute('data-url_root'), 3 | VERSION: '0.5.0', 4 | LANGUAGE: 'None', 5 | COLLAPSE_INDEX: false, 6 | FILE_SUFFIX: '.html', 7 | HAS_SOURCE: true, 8 | SOURCELINK_SUFFIX: '.txt' 9 | }; -------------------------------------------------------------------------------- /docs/_static/down-pressed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/down-pressed.png -------------------------------------------------------------------------------- /docs/_static/down.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/down.png -------------------------------------------------------------------------------- /docs/_static/example_1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/example_1.png -------------------------------------------------------------------------------- /docs/_static/example_2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/example_2.png -------------------------------------------------------------------------------- /docs/_static/file.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/file.png -------------------------------------------------------------------------------- /docs/_static/minus.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/minus.png -------------------------------------------------------------------------------- /docs/_static/plus.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/plus.png -------------------------------------------------------------------------------- /docs/_static/pygments.css: -------------------------------------------------------------------------------- 1 | .highlight .hll { background-color: #ffffcc } 2 | .highlight { background: #eeffcc; } 3 | .highlight .c { color: #408090; font-style: italic } /* Comment */ 4 | .highlight .err { border: 1px solid #FF0000 } /* Error */ 5 | .highlight .k { color: #007020; font-weight: bold } /* Keyword */ 6 | .highlight .o { color: #666666 } /* Operator */ 7 | .highlight .ch { color: #408090; font-style: italic } /* Comment.Hashbang */ 8 | .highlight .cm { color: #408090; font-style: italic } /* Comment.Multiline */ 9 | .highlight .cp { color: #007020 } /* Comment.Preproc */ 10 | .highlight .cpf { color: #408090; font-style: italic } /* Comment.PreprocFile */ 11 | .highlight .c1 { color: #408090; font-style: italic } /* Comment.Single */ 12 | .highlight .cs { color: #408090; background-color: #fff0f0 } /* Comment.Special */ 13 | .highlight .gd { color: #A00000 } /* Generic.Deleted */ 14 | .highlight .ge { font-style: italic } /* Generic.Emph */ 15 | .highlight .gr { color: #FF0000 } /* Generic.Error */ 16 | .highlight .gh { color: #000080; font-weight: bold } /* Generic.Heading */ 17 | .highlight .gi { color: #00A000 } /* Generic.Inserted */ 18 | .highlight .go { color: #333333 } /* Generic.Output */ 19 | .highlight .gp { color: #c65d09; font-weight: bold } /* Generic.Prompt */ 20 | .highlight .gs { font-weight: bold } /* Generic.Strong */ 21 | .highlight .gu { color: #800080; font-weight: bold } /* Generic.Subheading */ 22 | .highlight .gt { color: #0044DD } /* Generic.Traceback */ 23 | .highlight .kc { color: #007020; font-weight: bold } /* Keyword.Constant */ 24 | .highlight .kd { color: #007020; font-weight: bold } /* Keyword.Declaration */ 25 | .highlight .kn { color: #007020; font-weight: bold } /* Keyword.Namespace */ 26 | .highlight .kp { color: #007020 } /* Keyword.Pseudo */ 27 | .highlight .kr { color: #007020; font-weight: bold } /* Keyword.Reserved */ 28 | .highlight .kt { color: #902000 } /* Keyword.Type */ 29 | .highlight .m { color: #208050 } /* Literal.Number */ 30 | .highlight .s { color: #4070a0 } /* Literal.String */ 31 | .highlight .na { color: #4070a0 } /* Name.Attribute */ 32 | .highlight .nb { color: #007020 } /* Name.Builtin */ 33 | .highlight .nc { color: #0e84b5; font-weight: bold } /* Name.Class */ 34 | .highlight .no { color: #60add5 } /* Name.Constant */ 35 | .highlight .nd { color: #555555; font-weight: bold } /* Name.Decorator */ 36 | .highlight .ni { color: #d55537; font-weight: bold } /* Name.Entity */ 37 | .highlight .ne { color: #007020 } /* Name.Exception */ 38 | .highlight .nf { color: #06287e } /* Name.Function */ 39 | .highlight .nl { color: #002070; font-weight: bold } /* Name.Label */ 40 | .highlight .nn { color: #0e84b5; font-weight: bold } /* Name.Namespace */ 41 | .highlight .nt { color: #062873; font-weight: bold } /* Name.Tag */ 42 | .highlight .nv { color: #bb60d5 } /* Name.Variable */ 43 | .highlight .ow { color: #007020; font-weight: bold } /* Operator.Word */ 44 | .highlight .w { color: #bbbbbb } /* Text.Whitespace */ 45 | .highlight .mb { color: #208050 } /* Literal.Number.Bin */ 46 | .highlight .mf { color: #208050 } /* Literal.Number.Float */ 47 | .highlight .mh { color: #208050 } /* Literal.Number.Hex */ 48 | .highlight .mi { color: #208050 } /* Literal.Number.Integer */ 49 | .highlight .mo { color: #208050 } /* Literal.Number.Oct */ 50 | .highlight .sa { color: #4070a0 } /* Literal.String.Affix */ 51 | .highlight .sb { color: #4070a0 } /* Literal.String.Backtick */ 52 | .highlight .sc { color: #4070a0 } /* Literal.String.Char */ 53 | .highlight .dl { color: #4070a0 } /* Literal.String.Delimiter */ 54 | .highlight .sd { color: #4070a0; font-style: italic } /* Literal.String.Doc */ 55 | .highlight .s2 { color: #4070a0 } /* Literal.String.Double */ 56 | .highlight .se { color: #4070a0; font-weight: bold } /* Literal.String.Escape */ 57 | .highlight .sh { color: #4070a0 } /* Literal.String.Heredoc */ 58 | .highlight .si { color: #70a0d0; font-style: italic } /* Literal.String.Interpol */ 59 | .highlight .sx { color: #c65d09 } /* Literal.String.Other */ 60 | .highlight .sr { color: #235388 } /* Literal.String.Regex */ 61 | .highlight .s1 { color: #4070a0 } /* Literal.String.Single */ 62 | .highlight .ss { color: #517918 } /* Literal.String.Symbol */ 63 | .highlight .bp { color: #007020 } /* Name.Builtin.Pseudo */ 64 | .highlight .fm { color: #06287e } /* Name.Function.Magic */ 65 | .highlight .vc { color: #bb60d5 } /* Name.Variable.Class */ 66 | .highlight .vg { color: #bb60d5 } /* Name.Variable.Global */ 67 | .highlight .vi { color: #bb60d5 } /* Name.Variable.Instance */ 68 | .highlight .vm { color: #bb60d5 } /* Name.Variable.Magic */ 69 | .highlight .il { color: #208050 } /* Literal.Number.Integer.Long */ -------------------------------------------------------------------------------- /docs/_static/up-pressed.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/up-pressed.png -------------------------------------------------------------------------------- /docs/_static/up.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/_static/up.png -------------------------------------------------------------------------------- /docs/objects.inv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/docs/objects.inv -------------------------------------------------------------------------------- /docs/py-modindex.html: -------------------------------------------------------------------------------- 1 | 2 | 4 | 5 | 6 | 7 | 8 | 9 | Python Module Index — katprep 0.5.0 documentation 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 23 | 24 | 25 | 26 | 38 | 39 |
40 |
41 |
42 |
43 | 44 | 45 |

Python Module Index

46 | 47 |
48 | a 49 |
50 | 51 | 52 | 53 | 55 | 56 | 57 | 60 |
 
54 | a
58 | AuthContainer 59 |
61 | 62 | 63 |
64 |
65 |
66 | 82 |
83 |
84 | 96 | 100 | 101 | -------------------------------------------------------------------------------- /docs/search.html: -------------------------------------------------------------------------------- 1 | 2 | 4 | 5 | 6 | 7 | 8 | 9 | Search — katprep 0.5.0 documentation 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 22 | 23 | 24 | 25 | 26 | 27 | 39 | 40 |
41 |
42 |
43 |
44 | 45 |

Search

46 |
47 | 48 |

49 | Please activate JavaScript to enable the search 50 | functionality. 51 |

52 |
53 |

54 | From here you can search these documents. Enter your search 55 | words into the box below and click "search". Note that the search 56 | function will automatically search for all of the words. Pages 57 | containing fewer words won't appear in the result list. 58 |

59 |
60 | 61 | 62 | 63 |
64 | 65 |
66 | 67 |
68 | 69 |
70 |
71 |
72 | 76 |
77 |
78 | 90 | 94 | 95 | -------------------------------------------------------------------------------- /katprep.spec: -------------------------------------------------------------------------------- 1 | %define name katprep 2 | %define version 0.5.0 3 | %define unmangled_version 0.5.0 4 | %define unmangled_version 0.5.0 5 | %define release 1 6 | 7 | Summary: Python toolkit for automating system maintenance and generating patch reports along with Foreman/Katello and Red Hat Satellite 6.x 8 | Name: %{name} 9 | Version: %{version} 10 | Release: %{release} 11 | Source0: %{name}-%{unmangled_version}.tar.gz 12 | License: GPLv3 13 | Group: Development/Libraries 14 | BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot 15 | Prefix: %{_prefix} 16 | BuildArch: noarch 17 | Vendor: Christian Stankowic 18 | Url: https://github.com/stdevel/katprep 19 | 20 | %description 21 | [![Build Status](https://travis-ci.org/stdevel/katprep.svg?branch=master)](https://travis-ci.org/stdevel/katprep) 22 | 23 | # katprep 24 | **katprep** is a Python toolkit for automating system maintenance and generating patch reports for systems managed with [Foreman](http://www.theforeman.org/)/[Katello](http://www.katello.org/) or [Red Hat Satellite 6.x](http://www.redhat.com/products/enterprise-linux/satellite/). 25 | 26 | This can be very useful if you need to document software changes due to IT certifications like [ISO/IEC 27001:2005](http://en.wikipedia.org/wiki/ISO/IEC_27001:2005) or many other. 27 | 28 | katprep can automate the following infrastructure tasks: 29 | - create/remove virtual machine snapshots hypervisor independently (*e.g. VMware vSphere, KVM, XEN, Hyper-V,...*) by utilizing [libvirt](http://www.libvirt.org) and the [VMware vSphere Python API bindings (*pyVmomi*)](https://github.com/vmware/pyvmomi) 30 | - schedule/remove downtimes within your monitoring system (*Nagios/Icinga, Icinga2*) 31 | - patch and reboot affected systems 32 | - document system changes in a customizable report by utilizing [Pandoc](https://pypi.python.org/pypi/pypandoc) (*HTML, Markdown,...*) 33 | 34 | This software is a complete rewrite of my other toolkit [**satprep**](https://github.com/stdevel/satprep). 35 | 36 | # Documentation and contribution 37 | The project documentation is created automatically using [Sphinx](http://www.sphinx-doc.org) - it can be found in the **doc** folder of this repository. Check-out [**this website**](https://stdevel.github.io/katprep/) for an online mirror. 38 | 39 | You want to contribute? That's great! Please check-out the [**Issues**](https://github.com/stdevel/katprep/issues) tab of this project and share your thoughts/ideas in a new issue - also, pull requests are welcome! 40 | 41 | # How does this work? 42 | katprep uses Puppet host parameters to assign additional meta information to systems managed with Foreman/Katello or Red Hat Satellite such as: 43 | - monitoring/virtualization system managing the host 44 | - differing object names within those systems 45 | - snapshots required before system maintenance 46 | 47 | ![katprep workflow](https://raw.githubusercontent.com/stdevel/katprep/master/katprep_workflow.jpg "katprep workflow") 48 | 49 | If you plan to execute maintenance tasks, katprep triggers (*`katprep_maintenance` utility*) monitoring and virtualization hosts to schedule downtimes and create VM snapshots. Once these tasks have been completed, katprep can automatically trigger the patch installation and system reboot. After verifying your systems, katprep can remove downtimes and snapshots automatically. Before and after patching systems, it is necessary to create an inventory report of your system landscape. These reports contain information such as outstanding patches - after patching your systems, the `katprep_report` utility automatically calculares differences and creates patch reports for all updated hosts. 50 | 51 | As a result, patching big system landscapes becomes less time-consuming with katprep: it's only executing three commands - independent whether you are patching 1 host or 1000 hosts. 52 | 53 | To make the installation even easier, an auto-discover functionality can scan your monitoring systems and hypervisors and link gathered information with Foreman/Katello and Red Hat Satellite automatically (``katprep_populate``). 54 | 55 | 56 | %prep 57 | %setup -n %{name}-%{unmangled_version} -n %{name}-%{unmangled_version} 58 | 59 | %build 60 | python setup.py build 61 | 62 | %install 63 | python setup.py install --single-version-externally-managed -O1 --root=$RPM_BUILD_ROOT --record=INSTALLED_FILES 64 | 65 | %clean 66 | rm -rf $RPM_BUILD_ROOT 67 | 68 | %files -f INSTALLED_FILES 69 | %defattr(-,root,root) 70 | -------------------------------------------------------------------------------- /katprep/exceptions.py: -------------------------------------------------------------------------------- 1 | """ 2 | Exceptions used by the management classes. 3 | """ 4 | 5 | 6 | class SessionException(Exception): 7 | """ 8 | Dummy class for session errors 9 | 10 | .. class:: SessionException 11 | """ 12 | 13 | 14 | class InvalidCredentialsException(Exception): 15 | """ 16 | Dummy class for invalid credentials 17 | 18 | .. class:: InvalidCredentialsException 19 | """ 20 | 21 | 22 | class APILevelNotSupportedException(Exception): 23 | """ 24 | Dummy class for unsupported API levels 25 | 26 | .. class:: APILevelNotSupportedException 27 | """ 28 | 29 | 30 | class UnsupportedRequestException(Exception): 31 | """ 32 | Dummy class for unsupported requests 33 | 34 | .. class:: UnsupportedRequest 35 | """ 36 | 37 | 38 | class InvalidHostnameFormatException(Exception): 39 | """ 40 | Dummy class for invalid hostname formats (non-FQDN) 41 | 42 | .. class:: InvalidHostnameFormatException 43 | """ 44 | 45 | 46 | class UnsupportedFilterException(Exception): 47 | """ 48 | Dummy class for unsupported filters 49 | 50 | .. class:: UnsupportedFilterException 51 | """ 52 | 53 | 54 | class EmptySetException(Exception): 55 | """ 56 | Dummy class for empty result sets 57 | 58 | .. class:: EmptySetException 59 | """ 60 | 61 | 62 | class SnapshotExistsException(Exception): 63 | """ 64 | Dummy class for existing snapshots 65 | 66 | .. class:: SnapshotExistsException 67 | """ 68 | 69 | class UnauthenticatedError(RuntimeError): 70 | """ 71 | Exception for showing that a client wasn't able to authenticate itself. 72 | """ 73 | -------------------------------------------------------------------------------- /katprep/management/__init__.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | """ 3 | Clients to access various management systems. 4 | """ 5 | -------------------------------------------------------------------------------- /katprep/management/spacewalk.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | """ 3 | This file contains the SpacewalkAPIClient and 4 | depending exception classes 5 | """ 6 | 7 | import logging 8 | 9 | from .base import BaseConnector 10 | from ..exceptions import (APILevelNotSupportedException, InvalidCredentialsException, 11 | SessionException) 12 | 13 | try: 14 | from xmlrpc.server import SimpleXMLRPCServer as Server 15 | from xmlrpc.client import Fault 16 | except ImportError: 17 | from xmlrpclib import Server, Fault 18 | 19 | 20 | class SpacewalkAPIClient(BaseConnector): 21 | """ 22 | Class for communicating with the Spacewalk API 23 | 24 | .. class:: SpacewalkAPIClient 25 | """ 26 | LOGGER = logging.getLogger('SpacewalkAPIClient') 27 | """ 28 | logging: Logger instance 29 | """ 30 | API_MIN = 14.0 31 | """ 32 | int: Minimum supported API version. 33 | """ 34 | HEADERS = {'User-Agent': 'katprep (https://github.com/stdevel/katprep)'} 35 | """ 36 | dict: Default headers set for every HTTP request 37 | """ 38 | 39 | def __init__(self, log_level, hostname, username, password): 40 | """ 41 | Constructor, creating the class. It requires specifying a 42 | hostname, username and password to access the API. After 43 | initialization, a connected is established. 44 | 45 | :param log_level: log level 46 | :type log_level: logging 47 | :param hostname: Spacewalk API hostname 48 | :type hostname: str 49 | :param username: API username 50 | :type username: str 51 | :param password: corresponding password 52 | :type password: str 53 | """ 54 | #set logging 55 | logging.basicConfig(level=log_level) 56 | self.LOGGER.setLevel(log_level) 57 | self.LOGGER.debug( 58 | "About to create Spacewalk client '%s'@'%s'", username, hostname 59 | ) 60 | 61 | #set connection information 62 | self.hostname = hostname 63 | self.LOGGER.debug("Set hostname to '%s'", self.hostname) 64 | self.url = "https://{0}/rpc/api".format(self.hostname) 65 | 66 | #start session and check API version if Spacewalk API 67 | self.api_key = None 68 | super().__init__(username, password) 69 | self.validate_api_support() 70 | 71 | 72 | 73 | def __exit__(self, exc_type, exc_value, traceback): 74 | """ 75 | Destructor 76 | """ 77 | self.api_session.auth.logout(self.api_key) 78 | 79 | 80 | 81 | def _connect(self): 82 | """ 83 | This function establishes a connection to Spacewalk. 84 | """ 85 | #set api session and key 86 | try: 87 | self._session = Server(self.url) 88 | self.api_key = self._session.auth.login(self._username, self._password) 89 | except Fault as err: 90 | if err.faultCode == 2950: 91 | raise InvalidCredentialsException( 92 | "Wrong credentials supplied: '%s'", err.faultString 93 | ) 94 | else: 95 | raise SessionException( 96 | "Generic remote communication error: '%s'", err.faultString 97 | ) 98 | 99 | 100 | 101 | def validate_api_support(self): 102 | """ 103 | Checks whether the API version on the Spacewalk server is supported. 104 | Using older versions than 11.1 is not recommended. In this case, an 105 | exception will be thrown. 106 | """ 107 | try: 108 | #check whether API is supported 109 | api_level = self._session.api.getVersion() 110 | if float(api_level) < self.API_MIN: 111 | raise APILevelNotSupportedException( 112 | "Your API version ({0}) does not support the required calls. " 113 | "You'll need API version ({1}) or higher!".format( 114 | api_level, self.API_MIN 115 | ) 116 | ) 117 | else: 118 | self.LOGGER.info("Supported API version (" + api_level + ") found.") 119 | except ValueError as err: 120 | self.LOGGER.error(err) 121 | raise APILevelNotSupportedException("Unable to verify API version") 122 | 123 | 124 | 125 | def get_url(self): 126 | """ 127 | Returns the configured URL of the object instance. 128 | """ 129 | return self.url 130 | 131 | 132 | 133 | def get_hostname(self): 134 | """ 135 | Returns the configured hostname of the object instance. 136 | """ 137 | return self.hostname 138 | -------------------------------------------------------------------------------- /katprep/monitoring/__init__.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | """ 3 | Interfaces for accessing monitoring systems. 4 | """ 5 | -------------------------------------------------------------------------------- /katprep/network.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | """ 3 | Functions useful for work with networking. 4 | """ 5 | 6 | import socket 7 | 8 | from .exceptions import InvalidHostnameFormatException 9 | 10 | 11 | def is_ipv4(address): 12 | """ 13 | Returns whether the supplied address is a valid IPv4 address 14 | 15 | :param address: IP address 16 | :type address: str 17 | """ 18 | # Friendly inspired by: https://stackoverflow.com/questions/319279/ 19 | # how-to-validate-ip-address-in-python 20 | try: 21 | socket.inet_pton(socket.AF_INET, address) 22 | except AttributeError: 23 | try: 24 | socket.inet_aton(address) 25 | except socket.error: 26 | return False 27 | return address.count(".") == 3 28 | except socket.error: 29 | return False 30 | return True 31 | 32 | 33 | def is_ipv6(address): 34 | """ 35 | Returns whether the supplied address is a valid IPv6 address. 36 | 37 | :param address: IP address 38 | :type address: str 39 | """ 40 | # Friendly inspired by: https://stackoverflow.com/questions/319279/ 41 | # how-to-validate-ip-address-in-python 42 | try: 43 | socket.inet_pton(socket.AF_INET6, address) 44 | except socket.error: 45 | return False 46 | return True 47 | 48 | 49 | def validate_hostname(hostname): 50 | """ 51 | Validates using a FQDN rather than a short name as some 52 | APIs are very picky and SSL verification might fail. 53 | 54 | :param hostname: the hostname to validate 55 | :type hostname: str 56 | """ 57 | try: 58 | if hostname == "localhost": 59 | # get real hostname 60 | hostname = socket.gethostname() 61 | if hostname.count(".") != 2: 62 | # get convert to FQDN if possible 63 | hostname = socket.getaddrinfo( 64 | socket.getfqdn(hostname), 0, 0, 0, 0, socket.AI_CANONNAME 65 | )[0][3] 66 | except socket.gaierror: 67 | raise InvalidHostnameFormatException( 68 | "Unable to find FQDN for host '{}'".format(hostname) 69 | ) 70 | return hostname 71 | -------------------------------------------------------------------------------- /katprep_workflow.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stdevel/katprep/c8e4b78a433756f52c70db36783d30045c9d208f/katprep_workflow.jpg -------------------------------------------------------------------------------- /requirements-tests.txt: -------------------------------------------------------------------------------- 1 | -r requirements.txt 2 | pytest 3 | pytest-cov 4 | mock 5 | codecov 6 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | lxml>=4.6.2 2 | pyvmomi 3 | pyyaml 4 | fernet 5 | cryptography 6 | -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- 1 | """A setuptools based setup module. 2 | 3 | See: 4 | https://packaging.python.org/en/latest/distributing.html 5 | https://github.com/pypa/sampleproject 6 | """ 7 | 8 | # Always prefer setuptools over distutils 9 | from setuptools import setup, find_packages 10 | # To use a consistent encoding 11 | from codecs import open 12 | from os import path 13 | 14 | here = path.abspath(path.dirname(__file__)) 15 | 16 | # Get the long description from the README file 17 | with open(path.join(here, 'README.md'), encoding='utf-8') as f: 18 | long_description = f.read() 19 | 20 | setup( 21 | name='katprep', 22 | 23 | # Versions should comply with PEP440. For a discussion on single-sourcing 24 | # the version across setup.py and the project code, see 25 | # https://packaging.python.org/en/latest/single_source_version.html 26 | version='0.5.0', 27 | description='Python toolkit for automating system maintenance and generating patch reports along with Foreman/Katello and Red Hat Satellite 6.x', 28 | long_description=long_description, 29 | url='https://github.com/stdevel/katprep', 30 | author='Christian Stankowic', 31 | author_email='katprep@st-devel.net', 32 | 33 | # Choose your license 34 | license='GPLv3', 35 | 36 | # Add classifier https://pypi.python.org/pypi?%3Aaction=list_classifiers 37 | classifiers=[ 38 | # How mature is this project? Common values are 39 | # 3 - Alpha 40 | # 4 - Beta 41 | # 5 - Production/Stable 42 | 'Development Status :: 4 - Beta', 43 | 'Intended Audience :: System Administrators', 44 | 'Topic :: System :: Systems Administration', 45 | 'Topic :: Utilities', 46 | 'License :: OSI Approved :: GNU General Public License v3 (GPLv3)', 47 | 'Programming Language :: Python :: 2', 48 | 'Programming Language :: Python :: 2.7', 49 | ], 50 | 51 | keywords='foreman katello linux redhat centos satellite6 satellite fedora maintenance maintenance-tasks maintenance-reports iso27001', 52 | packages=find_packages(exclude=['doc', 'tests']), 53 | 54 | # List run-time dependencies here. These will be installed by pip when 55 | # your project is installed. For an analysis of "install_requires" vs pip's 56 | # requirements files see: 57 | # https://packaging.python.org/en/latest/requirements.html 58 | install_requires=[ 59 | 'lxml', 60 | 'pyvmomi', 61 | 'pyyaml', 62 | 'fernet', 63 | 'cryptography', 64 | # TODO: specify libvirt? 65 | ], 66 | # Remember to insert the requirements into requirements.txt! 67 | 68 | # List additional groups of dependencies here (e.g. development 69 | # dependencies). You can install these using the following syntax, 70 | # for example: 71 | # $ pip install -e .[dev,test] 72 | extras_require={ 73 | # 'dev': ['check-manifest'], 74 | 'test': ['pytest', 'codecov'], 75 | }, 76 | 77 | # If there are data files included in your packages that need to be 78 | # installed, specify them here. If using Python 2.6 or less, then these 79 | # have to be included in MANIFEST.in as well. 80 | # package_data={ 81 | # 'sample': ['package_data.dat'], 82 | # }, 83 | 84 | # Although 'package_data' is the preferred approach, in some case you may 85 | # need to place data files outside of your packages. See: 86 | # http://docs.python.org/3.4/distutils/setupscript.html#installing-additional-files # noqa 87 | # In this case, 'data_file' will be installed into '/my_data' 88 | # TODO: add config.yml later 89 | data_files=[('etc/katprep/', ['templates/template.html', 'templates/template.md'])], 90 | 91 | # To provide executable scripts, use entry points in preference to the 92 | # "scripts" keyword. Entry points provide cross-platform support and allow 93 | # pip to create the appropriate form of executable for the target platform. 94 | entry_points={ 95 | 'console_scripts': [ 96 | 'katprep_authconfig=katprep.authconfig:cli', 97 | 'katprep_maintenance=katprep.maintenance:cli', 98 | 'katprep_parameters=katprep.parameters:cli', 99 | 'katprep_populate=katprep.populate:cli', 100 | 'katprep_report=katprep.report:cli', 101 | 'katprep_snapshot=katprep.snapshot:cli', 102 | ], 103 | }, 104 | ) 105 | -------------------------------------------------------------------------------- /templates/template.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | System maintenance report$if(params.name)$ for $params.name$$endif$ 5 | 20 | 21 | 22 |

System maintenance report$if(params.name)$ for $params.name$$endif$

23 | 24 |

Meta information

25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 |
IPDateTimeOwner
$if(params.ip)$$params.ip$$endif$$if(params.date)$$params.date$$endif$$if(params.time)$$params.time$$endif$$if(params.owner)$$params.owner$$endif$
39 | 40 |

Task checklist

41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 |
TaskStatusDescription/Notes
Snapshot created$if(verification.virt_snapshot)$$verification.virt_snapshot$$endif$$if(params.system_physical)$$params.system_physical$$endif$
Monitoring disabled$if(verification.mon_downtime)$$verification.mon_downtime$$endif$$if(params.environment)$$params.environment$ lifecycle$endif$
System rebooted$if(verification.system_reboot)$$verification.system_reboot$$endif$
Monitoring status$if(verification.mon_status)$$verification.mon_status$$endif$$if(verification.mon_status_detail)$$verification.mon_status_detail$$endif$
Monitoring enabled$if(verification.mon_cleanup)$$verification.mon_cleanup$$endif$$if(params.environment)$$params.environment$ lifecycle$endif$
73 | 74 |

Patch list

75 | 76 | 77 | 78 | 79 | 80 | 81 | 82 | 83 | $for(errata)$ 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | $endfor$ 94 |
TypeNameDateDescriptionReboot required?
$if(errata.type)$$errata.type$$endif$$if(errata.errata_id)$$errata.errata_id$$endif$$if(errata.issued)$$errata.issued$$endif$$if(errata.description)$$errata.description$$endif$$errata.reboot_suggested$
95 | 96 |

This report was created automatically by katprep

97 | 98 | 99 | 100 | -------------------------------------------------------------------------------- /templates/template.md: -------------------------------------------------------------------------------- 1 | # System maintenance report $if(params.name)$for $params.name$$endif$ 2 | 3 | ## Meta information 4 | 5 | IP | Date | Time | Owner 6 | -- | ---- | ---- | ----- 7 | $if(params.ip)$$params.ip$$endif$ | $if(params.date)$$params.date$$endif$ | $if(params.time)$$params.time$$endif$ | $if(params.owner)$$params.owner$$endif$ | 8 | 9 | ## Task checklist 10 | 11 | Task | Status | Description/Notes 12 | ---- | ------ | ----------------- 13 | Snapshot created | $if(verification.virt_snapshot)$$verification.virt_snapshot$$endif$ | $if(params.system_physical)$physical system$endif$ 14 | Monitoring disabled | $if(verification.mon_downtime)$$verification.mon_downtime$$endif$ | $if(params.environment)$$params.environment$ lifecycle$endif$ 15 | System rebooted | $if(verification.system_reboot)$$verification.system_reboot$$endif$ | 16 | Monitoring status | $if(verification.mon_status)$$verification.mon_status$$endif$ | $if(verification.mon_status_detail)$$verification.mon_status_detail$$endif$ 17 | Monitoring enabled | $if(verification.mon_cleanup)$$verification.mon_cleanup$$endif$ | $if(params.environment)$$params.environment$ lifecycle$endif$ 18 | 19 | ## Patch list 20 | 21 | Type | Name | Date | Description | Reboot required? 22 | ---- | ---- | ---- | ----------- | ---------------- 23 | $for(errata)$ 24 | $if(errata.type)$$errata.type$$endif$ | $if(errata.errata_id)$$errata.errata_id$$endif$ | $if(errata.issued)$$errata.issued$$endif$ | $if(errata.description)$$errata.description$$endif$ | $if(errata.reboot_suggested)$$errata.reboot_suggested$$endif$ 25 | $endfor$ 26 | 27 | *This report was created automatically by [katprep](https://github.com/stdevel/katprep)* 28 | -------------------------------------------------------------------------------- /tests/.gitignore: -------------------------------------------------------------------------------- 1 | *.json 2 | .vagrant 3 | -------------------------------------------------------------------------------- /tests/.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | #NOTE: This is _just_ a template tested on GitLab CI 2 | # 3 | #You might want to alter it, to: 4 | #- exlucde/include particular tests 5 | #- change Docker image 6 | #- work on other CI (e.g. Travis CI) 7 | 8 | #install katprep 9 | #create unit test configuration files from secret variables 10 | before_script: 11 | - cd $CI_PROJECT_DIR/katprep 12 | - python setup.py install 13 | - echo $fman_config > $CI_PROJECT_DIR/katprep/tests/fman_config.json 14 | - echo $nagios_config > $CI_PROJECT_DIR/katprep/tests/nagios_config.json 15 | - echo $icinga2_config > $CI_PROJECT_DIR/katprep/tests/icinga2_config.json 16 | - echo $pyvmomi_config > $CI_PROJECT_DIR/katprep/tests/pyvmomi_config.json 17 | - echo $libvirt_config > $CI_PROJECT_DIR/katprep/tests/libvirt_config.json 18 | - echo $spw_config > $CI_PROJECT_DIR/katprep/tests/spw_config.json 19 | 20 | stages: 21 | - test 22 | 23 | #Foreman unit tests 24 | #test:foreman: 25 | # stage: test 26 | # image: localhost:5000/katprep-centos7 27 | # script: 28 | # - cd $CI_PROJECT_DIR/katprep/tests 29 | # - python ForemanAPIClientTest.py 30 | 31 | #Nagios unit tests 32 | #test:nagios: 33 | # stage: test 34 | # image: localhost:5000/katprep-centos7 35 | # script: 36 | # - cd $CI_PROJECT_DIR/katprep/tests 37 | # - python NagiosCGIClientTest.py 38 | 39 | #Icinga 1.x unit tests 40 | #test:icinga: 41 | # stage: test 42 | # image: localhost:5000/katprep-centos7 43 | # script: 44 | # - cd $CI_PROJECT_DIR/katprep/tests 45 | # - python IcingaCGIClientTest.py 46 | 47 | #Icinga2 unit tests 48 | #test:icinga2: 49 | # stage: test 50 | # image: localhost:5000/katprep-centos7 51 | # script: 52 | # - cd $CI_PROJECT_DIR/katprep/tests 53 | # - python Icinga2APIClientTest.py 54 | 55 | #Pyvmomi unit tests 56 | #test:pyvmomi: 57 | # stage: test 58 | # image: localhost:5000/katprep-centos7 59 | # script: 60 | # - cd $CI_PROJECT_DIR/katprep/tests 61 | # - python PyvmomiClientTest.py 62 | 63 | #Libvirt unit tests 64 | #test:libvirt: 65 | # stage: test 66 | # image: localhost:5000/katprep-centos7 67 | # script: 68 | # - cd $CI_PROJECT_DIR/katprep/tests 69 | # - python LibvirtClientTest.py 70 | 71 | #Spacewalk unit tests 72 | #test:spacewalk: 73 | # stage: test 74 | # image: localhost:5000/katprep-centos7 75 | # script: 76 | # - cd $CI_PROJECT_DIR/katprep/tests 77 | # - python SpacewalkClientTest.py 78 | -------------------------------------------------------------------------------- /tests/Vagrant/README.md: -------------------------------------------------------------------------------- 1 | # Vagrant boxes 2 | 3 | This folder contains Vagrant boxes for suitable for testing integration during development. 4 | 5 | ## Network 6 | 7 | Every box forwards some ports directly so that you can use the endpoints for unit tests. 8 | 9 | ## Boxes 10 | 11 | | Box | Autostart | Description | Forwarded ports | 12 | | --- | --------- | ----------- | --------------- | 13 | | ``monitoring`` | yes | EL7 running OMD with Icinga2, etc. | 80=>8080 (*http*), 443=>8443 (*https*), 5665=>8665 (*icinga2*) | 14 | | ``zabbix`` | no | EL7 running Zabbix | 80=>8081 (*http*), 443=>8444 (*https*) | 15 | | ``kvm`` | yes | EL7 running KVM and dummy VM with networking (**WIP**) | | 16 | | ``esxi`` | no | vSphere ESXi 6.7 running a dummy VM with networking (**WIP**) | | 17 | | ``katello`` | yes | EL7 running Foreman/Katello (**WIP**) | 80=>8083 (*http*), 443=>8446 (*https*) | 18 | | ``uyuni`` | yes | openSUSE 15.1 running Uyuni | 80=>8084 (*http*), 443=>8447 (*https*) | 19 | 20 | ## Requirements 21 | 22 | - Hardware 23 | - at least 16 GB of memory for running the VMs 24 | - at least 20 GB of disk storage 25 | - Software 26 | - [HashiCorp Vagrant](https://vagrantup.com) 27 | - [Oracle VirtualBox](https://virtualbox.org) or **KVM** 28 | 29 | ## Usage 30 | 31 | Run the following command to create all autostart boxes: 32 | 33 | ```bash 34 | $ vagrant up 35 | ``` 36 | 37 | To create non-autostart boxes, run one of the following commands: 38 | 39 | ```bash 40 | $ vagrant up zabbix 41 | $ vagrant up kvm 42 | $ vagrant up esxi 43 | ``` 44 | 45 | To destroy the VMs after testing integrations, run the following command: 46 | 47 | ```bash 48 | $ vagrant destroy 49 | ``` 50 | 51 | ## Running tests in VMs 52 | 53 | TODO: will follow soon 54 | -------------------------------------------------------------------------------- /tests/Vagrant/files/nested-Vagrantfile: -------------------------------------------------------------------------------- 1 | Vagrant.configure("2") do |config| 2 | config.vm.box = "generic/alpine312" 3 | config.vm.provider :libvirt do |p| 4 | p.management_network_name = 'vagrant-libvirt-inception' 5 | p.management_network_address = '192.168.124.0/24' 6 | end 7 | end -------------------------------------------------------------------------------- /tests/Vagrant/playbook_katello.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: katello 3 | remote_user: root 4 | become: true 5 | pre_tasks: 6 | - name: Install needed repositories 7 | yum: 8 | name: 9 | - https://yum.theforeman.org/releases/2.2/el7/x86_64/foreman-release.rpm 10 | - https://fedorapeople.org/groups/katello/releases/yum/3.17/katello/el7/x86_64/katello-repos-latest.rpm 11 | - https://yum.puppet.com/puppet6-release-el-7.noarch.rpm 12 | - https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm 13 | - name: Install CentOS SCL release 14 | yum: 15 | name: centos-release-scl-rh 16 | 17 | roles: 18 | - role: sean797.foreman_installer 19 | foreman_installer_pkg: katello 20 | foreman_installer_scenario: katello 21 | foreman_installer_scenarios_answers: [foreman: {initial_admin_password: "admin"}] 22 | -------------------------------------------------------------------------------- /tests/Vagrant/playbook_kvm.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: kvm 3 | remote_user: root 4 | become: true 5 | post_tasks: 6 | - name: Add user to libvirt group 7 | user: 8 | name: "{{ ansible_user }}" 9 | groups: libvirt 10 | append: true 11 | - name: Install Vagrant 12 | block: 13 | - name: Install Vagrant 14 | yum: 15 | name: https://releases.hashicorp.com/vagrant/2.2.9/vagrant_2.2.9_x86_64.rpm 16 | - name: Install Vagrant development files 17 | yum: 18 | name: 19 | - ruby-devel 20 | - gcc 21 | - make 22 | - libvirt-devel 23 | - name: Install vagrant-libvirt plugin 24 | command: vagrant plugin install vagrant-libvirt 25 | become: false 26 | args: 27 | creates: /home/vagrant/.vagrant.d/gems 28 | - name: Create Alpine Linux VM 29 | block: 30 | - name: Create Vagrantfile 31 | copy: 32 | src: files/nested-Vagrantfile 33 | dest: /home/vagrant/Vagrantfile 34 | owner: "{{ ansible_user }}" 35 | group: "{{ ansible_user }}" 36 | - name: Create Vagrantbox 37 | command: vagrant up 38 | args: 39 | chdir: /home/vagrant 40 | become: false 41 | roles: 42 | - role: while_true_do.srv_kvm 43 | wtd_srv_kvm_reboot_enabled: false 44 | -------------------------------------------------------------------------------- /tests/Vagrant/playbook_monitoring.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: monitoring 3 | remote_user: root 4 | become: true 5 | roles: 6 | - role: geerlingguy.repo-epel 7 | - role: stdevel.omd 8 | omd_sites: 9 | - name: nagios 10 | core: nagios 11 | default_gui: thruk 12 | thruk_cookie_auth: false 13 | remove_nagios_protection: false 14 | admin_password: ilikeoldstuff 15 | - name: icinga2 16 | core: icinga2 17 | default_gui: thruk 18 | thruk_cookie_auth: false 19 | remove_nagios_protection: false 20 | admin_password: drageekeksi 21 | -------------------------------------------------------------------------------- /tests/Vagrant/playbook_uyuni.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: uyuni 3 | remote_user: root 4 | become: true 5 | roles: 6 | - role: stdevel.uyuni 7 | use_lvm: false 8 | -------------------------------------------------------------------------------- /tests/Vagrant/playbook_zabbix.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - hosts: zabbix 3 | remote_user: root 4 | become: true 5 | roles: 6 | - role: geerlingguy.apache 7 | - role: geerlingguy.mysql 8 | - role: dj-wasabi.zabbix-server 9 | zabbix_server_database: mysql 10 | zabbix_server_database_long: mysql 11 | zabbix_server_dbport: 3306 12 | - role: dj-wasabi.zabbix-web 13 | zabbix_url: "localhost" 14 | zabbix_server_database: mysql 15 | zabbix_server_database_long: mysql 16 | zabbix_server_dbport: 3306 17 | -------------------------------------------------------------------------------- /tests/Vagrant/requirements_katello.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - src: sean797.foreman_installer 3 | -------------------------------------------------------------------------------- /tests/Vagrant/requirements_kvm.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - src: while_true_do.srv_kvm 3 | version: 1.4.0 4 | -------------------------------------------------------------------------------- /tests/Vagrant/requirements_monitoring.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - src: stdevel.omd 3 | version: 1.2.0 4 | - src: geerlingguy.repo-epel 5 | version: 1.3.0 6 | -------------------------------------------------------------------------------- /tests/Vagrant/requirements_uyuni.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - src: stdevel.uyuni 3 | version: 1.2.0 4 | -------------------------------------------------------------------------------- /tests/Vagrant/requirements_zabbix.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - src: geerlingguy.mysql 3 | version: 3.1.0 4 | - src: geerlingguy.apache 5 | version: 3.1.0 6 | - src: dj-wasabi.zabbix-server 7 | version: 1.8.0 8 | - src: dj-wasabi.zabbix-web 9 | version: 1.5.0 10 | -------------------------------------------------------------------------------- /tests/__init__.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | -------------------------------------------------------------------------------- /tests/conftest.py: -------------------------------------------------------------------------------- 1 | #! -*- coding: utf-8 -*- 2 | 3 | from __future__ import absolute_import 4 | 5 | import logging 6 | import pytest 7 | 8 | from .utilities import load_config 9 | 10 | 11 | @pytest.fixture 12 | def nonexisting_vm(): 13 | return "giertz.pinkepank.loc" 14 | 15 | 16 | @pytest.fixture 17 | def snapshot_name(virtualisation): 18 | if virtualisation == 'libvirt': 19 | return "LibvirtClientTest" 20 | elif virtualisation == 'pyvmomi': 21 | return "PyvmomiClientTest" 22 | 23 | 24 | @pytest.fixture(params=['libvirt', 'pyvmomi']) 25 | def virtualisation(request): 26 | return request.param 27 | 28 | 29 | @pytest.fixture 30 | def virtConfigFile(virtualisation): 31 | if virtualisation == 'libvirt': 32 | return "libvirt_config.json" 33 | elif virtualisation == 'pyvmomi': 34 | return "pyvmomi_config.json" 35 | 36 | 37 | @pytest.fixture 38 | def virtConfig(virtConfigFile): 39 | return load_config(virtConfigFile) 40 | 41 | 42 | @pytest.fixture 43 | def virtClass(virtualisation): 44 | if virtualisation == 'libvirt': 45 | LibvirtClient = pytest.importorskip("katprep.clients.LibvirtClient") 46 | return LibvirtClient.LibvirtClient 47 | elif virtualisation == 'pyvmomi': 48 | PyvmomiClient = pytest.importorskip("katprep.clients.PyvmomiClient") 49 | return PyvmomiClient.PyvmomiClient 50 | 51 | 52 | @pytest.fixture 53 | def virtClient(virtualisation, virtConfig, virtClass): 54 | if virtualisation == 'libvirt': 55 | address = virtConfig["config"]["uri"], 56 | elif virtualisation == 'pyvmomi': 57 | address = virtConfig["config"]["hostname"], 58 | 59 | return virtClass( 60 | logging.ERROR, 61 | address, 62 | virtConfig["config"]["api_user"], 63 | virtConfig["config"]["api_pass"] 64 | ) 65 | -------------------------------------------------------------------------------- /tests/fman_config.json.tmpl: -------------------------------------------------------------------------------- 1 | { 2 | "config": { 3 | "hostname": "foreman.giertz.loc", 4 | "api_user": "giertz", 5 | "api_pass": "shittypassword" 6 | }, 7 | "valid_objects": { 8 | "environment": { 9 | "name": "KT_giertz_Dev_CentOS_7_3", 10 | "id": 4 11 | }, 12 | "organization": { 13 | "name": "ShittyNation", 14 | "id": 1 15 | }, 16 | "host": { 17 | "name": "shittyserver.giertz.loc", 18 | "id": 12 19 | }, 20 | "location": { 21 | "name": "Darmstadt", 22 | "id": 4 23 | }, 24 | "hostgroup": { 25 | "name": "dev-hosts", 26 | "id": 3 27 | } 28 | } 29 | } -------------------------------------------------------------------------------- /tests/icinga2_config.json.tmpl: -------------------------------------------------------------------------------- 1 | { 2 | "config": { 3 | "hostname": "https://shittymon.giertz.loc:5665", 4 | "api_user": "giertz", 5 | "api_pass": "stdevel" 6 | }, 7 | "valid_objects": { 8 | "host": "shittyserver.giertz.loc", 9 | "hostgroup": "dev-hosts", 10 | "host_service": "DIAG: ping4", 11 | "host_services": 2 12 | } 13 | } -------------------------------------------------------------------------------- /tests/icinga2_config.json.vagrant: -------------------------------------------------------------------------------- 1 | { 2 | "config": { 3 | "hostname": "https://localhost:8665", 4 | "api_user": "omdadmin", 5 | "api_pass": "omd" 6 | }, 7 | "valid_objects": { 8 | "host": "dummyA", 9 | "hostgroup": "dummy-hosts", 10 | "host_service": "PING", 11 | "host_services": 3 12 | } 13 | } -------------------------------------------------------------------------------- /tests/libvirt_config.json.tmpl: -------------------------------------------------------------------------------- 1 | { 2 | "config": { 3 | "uri": "vpx://shittyvc03.giertz.loc/Giertz/Pinkepank/shittyesxi03.giertz.loc/?no_verify=1", 4 | "api_user": "svc-katello@pinkepank.local", 5 | "api_pass": "giertz" 6 | }, 7 | "valid_objects": { 8 | "vm": "shittyvm01" 9 | } 10 | } -------------------------------------------------------------------------------- /tests/nagios_config.json.tmpl: -------------------------------------------------------------------------------- 1 | { 2 | "main": { 3 | "hostname": "https://shittymon03.giertz.loc/icinga/icinga", 4 | "cgi_user": "omdadmin", 5 | "cgi_pass": "omd", 6 | "host": "dummy", 7 | "hostgroup": "dummy-hosts", 8 | "host_service": "PING", 9 | "host_services": 2 10 | }, 11 | "legacy": { 12 | "hostname": "https://shittymon04.stankowic.loc/nagios/nagios", 13 | "cgi_user": "omdadmin", 14 | "cgi_pass": "omd", 15 | "host": "dummy", 16 | "hostgroup": "dummy-hosts", 17 | "host_service": "PING", 18 | "host_services": 2 19 | } 20 | } -------------------------------------------------------------------------------- /tests/nagios_config.json.vagrant: -------------------------------------------------------------------------------- 1 | { 2 | "main": { 3 | "hostname": "https://localhost:8443/mon_icinga/icinga", 4 | "cgi_user": "omdadmin", 5 | "cgi_pass": "omd", 6 | "host": "dummyA", 7 | "hostgroup": "dummy-hosts", 8 | "host_service": "PING", 9 | "host_services": 2 10 | }, 11 | "legacy": { 12 | "hostname": "https://localhost:8443/mon_nagios/nagios", 13 | "cgi_user": "omdadmin", 14 | "cgi_pass": "omd", 15 | "host": "dummyA", 16 | "hostgroup": "dummy-hosts", 17 | "host_service": "PING", 18 | "host_services": 2 19 | } 20 | } -------------------------------------------------------------------------------- /tests/pytest.ini: -------------------------------------------------------------------------------- 1 | [pytest] 2 | xfail_strict=true -------------------------------------------------------------------------------- /tests/pyvmomi_config.json.tmpl: -------------------------------------------------------------------------------- 1 | { 2 | "config": { 3 | "hostname": "shittyvc03.giertz.loc", 4 | "api_user": "svc-katello@pinkepank.local", 5 | "api_pass": "giertz" 6 | }, 7 | "valid_objects": { 8 | "vm": "shittyvm01" 9 | } 10 | } -------------------------------------------------------------------------------- /tests/spw_config.json.tmpl: -------------------------------------------------------------------------------- 1 | {"config": {"hostname": "shittywalk03.giertz.loc", "hostname_legacy": "shittywalk02.giertz.loc", "api_user": "giertz", "api_pass": "stdevel"}, "valid_objects": {"host": {"name": "dummy", "id": 4}}} 2 | -------------------------------------------------------------------------------- /tests/test_Icinga2APIClient.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | """ 4 | Unit tests for Icinga2 API integration 5 | """ 6 | 7 | from __future__ import absolute_import 8 | 9 | import logging 10 | import pytest 11 | from katprep.exceptions import EmptySetException, SessionException 12 | from katprep.monitoring.icinga2 import Icinga2APIClient 13 | 14 | from .utilities import load_config 15 | 16 | 17 | @pytest.fixture 18 | def config(): 19 | return load_config("icinga2_config.json") 20 | 21 | 22 | @pytest.fixture 23 | def client(config): 24 | return Icinga2APIClient( 25 | logging.ERROR, 26 | config["config"]["hostname"], 27 | config["config"]["api_user"], 28 | config["config"]["api_pass"] 29 | ) 30 | 31 | 32 | def test_valid_login(client): 33 | """ 34 | Ensure exceptions on valid logins 35 | """ 36 | client.is_authenticated() 37 | 38 | 39 | def test_invalid_login(config): 40 | """ 41 | Ensure exceptions on invalid logins 42 | """ 43 | with pytest.raises(SessionException): 44 | client = Icinga2APIClient( 45 | logging.ERROR, 46 | config["config"]["hostname"], 47 | "giertz", 48 | "paulapinkepank" 49 | ) 50 | client.is_authenticated() 51 | 52 | 53 | def test_scheduling_downtime_for_host(client, config): 54 | """ 55 | Ensure that host downtimes can be scheduled 56 | """ 57 | host = config["valid_objects"]["host"] 58 | client.schedule_downtime(host, "host") 59 | assert client.has_downtime(host) 60 | assert client.remove_downtime(host, "host") 61 | 62 | 63 | def test_sched_dt_host_fail(client, config): 64 | """ 65 | Ensure that host downtimes cannot be scheduled when using invalid hosts 66 | """ 67 | with pytest.raises(EmptySetException): 68 | client.schedule_downtime("giertz.pinkepank.loc", "host") 69 | 70 | 71 | def test_schedule_downtime_for_hostgrp(client, config): 72 | """ 73 | Ensure that hostgroup downtimes can be scheduled 74 | """ 75 | hostgroup = config["valid_objects"]["hostgroup"] 76 | assert client.schedule_downtime(hostgroup, "hostgroup") 77 | assert client.remove_downtime(hostgroup, "hostgroup") 78 | 79 | 80 | def test_sched_dt_hostgrp_fail(client): 81 | """ 82 | Ensure that hostgroup downtimes cannot be scheduled with invalid names 83 | """ 84 | with pytest.raises(EmptySetException): 85 | client.schedule_downtime("giertz.pinkepank.loc", "hostgroup") 86 | 87 | 88 | def test_sched_has_downtime_fail(client): 89 | """ 90 | Ensure that checking downtime fails for non-existing hosts 91 | """ 92 | with pytest.raises(EmptySetException): 93 | client.has_downtime("giertz.pinkepank.loc") 94 | 95 | 96 | def test_unsched_dt_host_fail(client): 97 | """ 98 | Ensure that unscheduling downtimes fails for non-existing hosts 99 | """ 100 | with pytest.raises(SessionException): 101 | client.remove_downtime("giertz.pinkepank.loc", "host") 102 | 103 | 104 | def test_unsched_dt_hostgrp_fail(client): 105 | """ 106 | Ensure that unscheduling downtimes fails for non-existing hostgroups 107 | """ 108 | with pytest.raises(SessionException): 109 | client.remove_downtime("giertz-hosts", "hostgroup") 110 | 111 | 112 | def test_get_hosts(client, config): 113 | """ 114 | Ensure that receiving hosts is possible 115 | """ 116 | hosts = client.get_hosts() 117 | assert config["valid_objects"]["host"] in [host['name'] for host in hosts] 118 | 119 | 120 | def test_get_services(client, config): 121 | """ 122 | Ensure that hosts include existing services 123 | """ 124 | services = client.get_services( 125 | config["valid_objects"]["host"], 126 | only_failed=False 127 | ) 128 | assert config["valid_objects"]["host_service"] in [service['name'] for service in services] 129 | 130 | 131 | def test_get_services_fail(client): 132 | """ 133 | Ensure that checking services of non-existing hosts fails 134 | """ 135 | with pytest.raises(EmptySetException): 136 | client.get_services("giertz.pinkepank.loc", only_failed=False) 137 | -------------------------------------------------------------------------------- /tests/test_LibvirtClient.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | """ 4 | Unit tests for Libvirt integration 5 | """ 6 | 7 | from __future__ import absolute_import, print_function 8 | 9 | import logging 10 | import pytest 11 | from katprep.exceptions import (EmptySetException, 12 | InvalidCredentialsException, SessionException) 13 | 14 | from .utilities import load_config 15 | 16 | 17 | @pytest.fixture(scope="session") 18 | def config(): 19 | return load_config("libvirt_config.json") 20 | 21 | 22 | @pytest.fixture 23 | def client(config): 24 | LibvirtClient = pytest.importorskip("katprep.clients.LibvirtClient") 25 | 26 | return LibvirtClient.LibvirtClient( 27 | logging.ERROR, 28 | config["config"]["uri"], 29 | config["config"]["api_user"], 30 | config["config"]["api_pass"] 31 | ) 32 | 33 | 34 | def test_invalid_login(config): 35 | """ 36 | Ensure exceptions on invalid logins 37 | """ 38 | LibvirtClient = pytest.importorskip("katprep.clients.LibvirtClient") 39 | 40 | with pytest.raises(InvalidCredentialsException): 41 | LibvirtClient.LibvirtClient( 42 | logging.ERROR, 43 | config["config"]["uri"], 44 | "giertz", "paulapinkepank" 45 | ) 46 | 47 | # TODO: make a call? 48 | # api_dummy.get_vm_ips 49 | 50 | 51 | def test_create_snapshot_fail(virtClient, nonexisting_vm, snapshot_name): 52 | """ 53 | Ensure that creating snapshots of non-existing VMs is not possible 54 | """ 55 | with pytest.raises(SessionException): 56 | virtClient.create_snapshot(nonexisting_vm, snapshot_name, snapshot_name) 57 | 58 | 59 | def test_remove_snapshot_fail(virtClient, nonexisting_vm, snapshot_name): 60 | """ 61 | Ensure that removing snapshots of non-existing VMs is not possible 62 | """ 63 | with pytest.raises(SessionException): 64 | virtClient.remove_snapshot(nonexisting_vm, snapshot_name) 65 | 66 | 67 | def test_has_snapshot_fail(virtClient, nonexisting_vm, snapshot_name): 68 | """ 69 | Ensure that checking non-existing VMs for snapshots is not possible 70 | """ 71 | with pytest.raises(EmptySetException): 72 | virtClient.has_snapshot(nonexisting_vm, snapshot_name) 73 | 74 | 75 | def test_revert_snapshot_fail(virtClient, nonexisting_vm, snapshot_name): 76 | """ 77 | Ensure that reverting non-existing snapshots is not possible 78 | """ 79 | with pytest.raises(SessionException): 80 | virtClient.revert_snapshot(nonexisting_vm, snapshot_name) 81 | 82 | 83 | def test_snapshot_handling(virtClient, config, snapshot_name): 84 | host = config["valid_objects"]["vm"] 85 | virtClient.create_snapshot(host, snapshot_name, snapshot_name) 86 | 87 | try: 88 | virtClient.revert_snapshot(host, snapshot_name) 89 | 90 | try: 91 | assert virtClient.has_snapshot(host, snapshot_name) 92 | except EmptySetException as err: 93 | print(err) 94 | finally: 95 | virtClient.remove_snapshot(host, snapshot_name) 96 | -------------------------------------------------------------------------------- /tests/test_NagiosCompatibleCGIClient.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | """ 4 | Unit tests for Nagios/Icinga 1.x CGI integration 5 | """ 6 | 7 | from __future__ import absolute_import 8 | 9 | import logging 10 | import time 11 | import pytest 12 | 13 | from katprep.exceptions import SessionException, UnsupportedRequestException 14 | from katprep.monitoring.nagios import NagiosCGIClient 15 | 16 | from .utilities import load_config 17 | 18 | 19 | @pytest.fixture( 20 | params=["main", "legacy"], 21 | ids=["Icinga 1", "Nagios"] 22 | ) 23 | def nagiosType(request): 24 | return request.param 25 | 26 | 27 | @pytest.fixture(scope='session') 28 | def config(): 29 | return load_config("nagios_config.json") 30 | 31 | 32 | @pytest.fixture 33 | def monitoringClient(config, nagiosType): 34 | try: 35 | yield NagiosCGIClient( 36 | logging.ERROR, 37 | config[nagiosType]["hostname"], 38 | config[nagiosType]["cgi_user"], 39 | config[nagiosType]["cgi_pass"], 40 | verify_ssl=False 41 | ) 42 | finally: 43 | time.sleep(8) 44 | 45 | 46 | @pytest.fixture 47 | def icingaClient(config): 48 | try: 49 | yield NagiosCGIClient( 50 | logging.ERROR, 51 | config["main"]["hostname"], 52 | config["main"]["cgi_user"], 53 | config["main"]["cgi_pass"], 54 | verify_ssl=False 55 | ) 56 | finally: 57 | time.sleep(8) 58 | 59 | 60 | @pytest.fixture 61 | def nagiosClient(config): 62 | try: 63 | yield NagiosCGIClient( 64 | logging.ERROR, 65 | config["legacy"]["hostname"], 66 | config["legacy"]["cgi_user"], 67 | config["legacy"]["cgi_pass"], 68 | verify_ssl=False 69 | ) 70 | finally: 71 | time.sleep(8) 72 | 73 | 74 | def test_valid_login(monitoringClient): 75 | """ 76 | Ensure exceptions on valid logins 77 | """ 78 | monitoringClient.is_authenticated() 79 | 80 | 81 | def test_invalid_login(config, nagiosType): 82 | """ 83 | Ensure exceptions on invalid logins 84 | """ 85 | with pytest.raises(SessionException): 86 | client = NagiosCGIClient( 87 | logging.ERROR, 88 | config[nagiosType]["hostname"], 89 | "giertz", 90 | "paulapinkepank", 91 | verify_ssl=False 92 | ) 93 | client.is_authenticated() 94 | 95 | 96 | def test_scheduling_downtime_for_host(monitoringClient, config, nagiosType): 97 | """ 98 | Testing downtime scheduling. 99 | 100 | Ensure that downtimes can be scheduled, even on ancient systems. 101 | Ensure that checking downtime is working. 102 | For Icinga we also ensure that unscheduling downtimes works. 103 | """ 104 | host = config[nagiosType]["host"] 105 | monitoringClient.schedule_downtime(host, "host") 106 | assert monitoringClient.has_downtime(host) 107 | 108 | if nagiosType == 'main': # Icinga 109 | assert monitoringClient.remove_downtime(host) 110 | else: # Nagios 111 | with pytest.raises(UnsupportedRequestException): 112 | # try to remove downtime 113 | monitoringClient.remove_downtime("dummy") 114 | 115 | 116 | def test_schedule_downtime_hostgrp(icingaClient, config): 117 | """ 118 | Ensure that scheduling downtimes for hostgroups is working 119 | """ 120 | hostgroup = config["main"]["hostgroup"] 121 | assert icingaClient.schedule_downtime(hostgroup, "hostgroup") 122 | 123 | 124 | def test_get_hosts(monitoringClient, config, nagiosType): 125 | """ 126 | Ensure that receiving hosts is possible 127 | """ 128 | hosts = monitoringClient.get_hosts() 129 | assert config[nagiosType]["host"] in [host['name'] for host in hosts] 130 | 131 | 132 | def test_get_services(monitoringClient, config, nagiosType): 133 | """ 134 | Ensure that hosts include existing services 135 | """ 136 | services = monitoringClient.get_services( 137 | config[nagiosType]["host"], only_failed=False 138 | ) 139 | assert config[nagiosType]["host_service"] in [service['name'] for service in services] 140 | assert len(services) == config[nagiosType]["host_services"] 141 | -------------------------------------------------------------------------------- /tests/test_PyvmomiClient.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | """ 4 | Unit tests for Pyvmomi integration 5 | """ 6 | from __future__ import absolute_import 7 | 8 | import logging 9 | import pytest 10 | import time 11 | from katprep.management.vmware import PyvmomiClient 12 | from katprep.exceptions import (EmptySetException, InvalidCredentialsException, 13 | SessionException) 14 | 15 | from .utilities import load_config 16 | 17 | 18 | # scope used to reuse the same fixture for all tests 19 | @pytest.fixture(scope="session") 20 | def config(): 21 | return load_config("pyvmomi_config.json") 22 | 23 | 24 | @pytest.fixture 25 | def client(config): 26 | try: 27 | yield PyvmomiClient( 28 | logging.ERROR, 29 | config["config"]["hostname"], 30 | config["config"]["api_user"], 31 | config["config"]["api_pass"] 32 | ) 33 | finally: 34 | # Executes this after every test 35 | # wait for changes to be applied 36 | time.sleep(20) 37 | 38 | 39 | def test_valid_login(config, client, snapshot_name): 40 | """ 41 | Ensure exceptions on valid logins 42 | """ 43 | try: 44 | result = client.has_snapshot( 45 | config["valid_objects"]["vm"], 46 | snapshot_name 47 | ) 48 | assert result in [True, False] 49 | except EmptySetException: 50 | # An alternative could be to use a skip here to give a reason 51 | # why this has been skipped 52 | # pytest.skip("Insert reason here...") 53 | pass 54 | 55 | 56 | def test_invalid_login(config): 57 | """ 58 | Ensure exceptions on invalid logins 59 | """ 60 | with pytest.raises(InvalidCredentialsException): 61 | api_dummy = PyvmomiClient( 62 | logging.ERROR, 63 | config["config"]["hostname"], 64 | "giertz", 65 | "paulapinkepank" 66 | ) 67 | 68 | api_dummy.get_vm_ips() # dummy call 69 | 70 | 71 | def test_a_get_vm_ips(client, config): 72 | """ 73 | Ensure that receiving VMs with their IPs is possible 74 | """ 75 | vm_ips = client.get_vm_ips() 76 | assert config["valid_objects"]["vm"] in vm_ips 77 | 78 | 79 | def test_a_get_vm_hosts(client, config): 80 | """ 81 | Ensure that receiving VMs with their hosts is possible 82 | """ 83 | vm_hosts = client.get_vm_hosts() 84 | assert config["valid_objects"]["vm"] in vm_hosts 85 | 86 | 87 | @pytest.mark.parametrize("forcefully", [True, False]) 88 | def test_restart_vm(client, config, forcefully): 89 | """ 90 | Ensure that restarting VMs is possible 91 | """ 92 | client.restart_vm(config["valid_objects"]["vm"], force=forcefully) 93 | 94 | 95 | @pytest.mark.parametrize("forcefully", [True, False]) 96 | def test_restart_vm_fail(virtClient, nonexisting_vm, forcefully): 97 | """ 98 | Ensure that restarting non-existing VMs is not possible 99 | """ 100 | with pytest.raises(SessionException): 101 | virtClient.restart_vm(nonexisting_vm, force=forcefully) 102 | 103 | 104 | def test_get_vm_powerstate(client, config): 105 | """ 106 | Ensure that retrieving a VM's powerstate is possible 107 | """ 108 | vm = config["valid_objects"]["vm"] 109 | assert client.powerstate_vm(vm) in ["poweredOn", "poweredOff"] 110 | 111 | 112 | def test_get_vm_powerstate_fail(client, nonexisting_vm): 113 | """ 114 | Ensure that retrieving a non-existent VM's powerstate is not possible 115 | """ 116 | with pytest.raises(SessionException): 117 | client.powerstate_vm(nonexisting_vm) 118 | 119 | 120 | def test_vm_powerchange(client, config): 121 | """ 122 | Ensure that powering off a VM is possible 123 | """ 124 | vm = config["valid_objects"]["vm"] 125 | client.poweroff_vm(vm) 126 | client.poweron_vm(vm) 127 | 128 | 129 | def test_vm_poweroff_fail(client, nonexisting_vm): 130 | """ 131 | Ensure that powering off a non-existing VM is not possible 132 | """ 133 | with pytest.raises(SessionException): 134 | client.poweroff_vm(nonexisting_vm) 135 | 136 | 137 | def test_vm_poweron_fail(client, nonexisting_vm): 138 | """ 139 | Ensure that powering on a non-existing VM is not possible 140 | """ 141 | with pytest.raises(SessionException): 142 | client.poweron_vm(nonexisting_vm) 143 | -------------------------------------------------------------------------------- /tests/test_SpacewalkAPIClient.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | # -*- coding: utf-8 -*- 3 | """ 4 | Unit tests for Spacewalk API integration 5 | """ 6 | 7 | from __future__ import absolute_import 8 | 9 | import logging 10 | import mock 11 | import pytest 12 | import ssl 13 | from katprep.management.spacewalk import SpacewalkAPIClient 14 | from katprep.exceptions import (APILevelNotSupportedException, 15 | InvalidCredentialsException) 16 | 17 | from .utilities import load_config 18 | 19 | 20 | @pytest.fixture(scope='session') 21 | def config(): 22 | return load_config("spw_config.json") 23 | 24 | 25 | @pytest.fixture 26 | def client(config): 27 | # TODO: Instance client 28 | pytest.skip('Diggi, bau mich ein!') 29 | 30 | 31 | def test_invalid_login(config): 32 | """ 33 | Ensure exceptions on invalid logins 34 | """ 35 | with pytest.raises(InvalidCredentialsException): 36 | SpacewalkAPIClient( 37 | logging.ERROR, 38 | config["config"]["hostname"], 39 | "giertz", 40 | "paulapinkepank" 41 | ) 42 | 43 | 44 | def test_deny_legacy(config): 45 | """ 46 | Ensure that old Spacewalk APIs are refused 47 | """ 48 | with mock.patch('ssl._create_default_https_context', 49 | ssl._create_unverified_context): 50 | # we really need to skip SSL verification for old versions 51 | 52 | with pytest.raises(APILevelNotSupportedException): 53 | SpacewalkAPIClient( 54 | logging.ERROR, 55 | config["config"]["hostname_legacy"], 56 | config["config"]["api_user"], 57 | config["config"]["api_pass"], 58 | ) 59 | -------------------------------------------------------------------------------- /tests/test_network_utilities.py: -------------------------------------------------------------------------------- 1 | import logging 2 | import mock 3 | import pytest 4 | import ssl 5 | from katprep.network import is_ipv4 6 | 7 | from .utilities import load_config 8 | 9 | 10 | @pytest.mark.parametrize("address", [ 11 | '192.168.0.1', 12 | '12.34.56.78', 13 | pytest.param('no', marks=pytest.mark.xfail), 14 | pytest.param('1.2.3', marks=pytest.mark.xfail), 15 | pytest.param('1.2.3.4.5', marks=pytest.mark.xfail), 16 | pytest.param('1.2.3.4', marks=pytest.mark.xfail), 17 | ]) 18 | def test_ipv4_check(address): 19 | "Making sure we are able to identify an IPv4 address" 20 | assert is_ipv4(address) 21 | -------------------------------------------------------------------------------- /tests/tmpl-katprep-centos7/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM centos:centos7 2 | MAINTAINER Christian Stankowic 3 | 4 | #Update _all_ the packages 5 | #RUN echo "proxy=http://myproxy.giertz.loc:8080" >> /etc/yum.conf 6 | RUN yum update -y 7 | 8 | #Install some important utilities 9 | RUN yum install -y git redhat-lsb-core openssh-clients which epel-release 10 | 11 | #Install required Python modules 12 | RUN yum install -y python{,-{pip,requests,lxml}} PyYAML 13 | #RUN yes | pip --proxy=http://myproxy.giertz.loc:8080 install pyvmomi fernet cryptography 14 | RUN yes | pip install pyvmomi fernet cryptography 15 | -------------------------------------------------------------------------------- /tests/update_docker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | REGISTRY=localhost:5000 3 | 4 | # remove existing katprep image 5 | docker rmi katprep-centos7 6 | # retrieve CentOS image and update katprep image 7 | docker pull centos:centos7 8 | docker build -t katprep-centos7 tmpl-katprep-centos7 9 | 10 | # upload to local registry 11 | docker tag katprep-centos7 $REGISTRY/katprep-centos7 12 | docker push $REGISTRY/katprep-centos7 13 | -------------------------------------------------------------------------------- /tests/utilities.py: -------------------------------------------------------------------------------- 1 | # -*- coding: utf-8 -*- 2 | 3 | import json 4 | import os 5 | import pytest 6 | 7 | 8 | def load_config(config_file): 9 | if not os.path.isfile(config_file): 10 | pytest.skip("Please create configuration file %s!" % config_file) 11 | 12 | try: 13 | with open(config_file, "r") as json_file: 14 | return json.load(json_file) 15 | except IOError as err: 16 | pytest.skip("Unable to read configuration file: '%s'", err) 17 | --------------------------------------------------------------------------------