confluent/confluent_server/bin/confluentutil

#!/usr/bin/env python

import argparse
import os
import socket
import subprocess
import sys

path = os.path.dirname(os.path.realpath(__file__))
path = os.path.realpath(os.path.join(path, '..', 'lib', 'python'))
if path.startswith('/opt'):
    # if installed into system path, do not muck with things
    sys.path.append(path)

import confluent.client as client
import confluent.tlvdata as tlvdata

try:
    input = raw_input
except NameError:
    pass

def make_certificate():
    umask = os.umask(0077)
    if subprocess.check_call(
            'openssl ecparam -name secp384r1 -genkey -out '
            '/etc/confluent/privkey.pem'.split(' ')):
        raise Exception('Error generating private key')

    if subprocess.check_call('openssl req -new -x509 -key '
                              '/etc/confluent/privkey.pem -days 7300 -out '
                              '/etc/confluent/srvcert.pem -subj /CN='
                              '{0}'.format(socket.gethostname()).split(' ')):
        raise Exception('Error generating certificate')
    print('Certificate generated successfully')
    os.umask(umask)


def show_invitation(name):
    if not os.path.exists('/etc/confluent/srvcert.pem'):
        make_certificate()
    s = client.Command().connection
    tlvdata.send(s, {'collective': {'operation': 'invite', 'name': name}})
    invite = tlvdata.recv(s)['collective']
    if 'error' in invite:
        sys.stderr.write(invite['error'] + '\n')
        return
    print ('Invitatation for {0}: {1}'.format(name, invite['invitation']))


def join_collective(server, invitation):
    if not os.path.exists('/etc/confluent/srvcert.pem'):
        make_certificate()
    s = client.Command().connection
    while not invitation:
        invitation = raw_input('Paste the invitation here: ')
    tlvdata.send(s, {'collective': {'operation': 'join',
                                    'invitation': invitation,
                                    'server': server}})
    res = tlvdata.recv(s)
    print(res.get('collective',
                  {'status': 'Unknown response: ' + repr(res)})['status'])


def main():
    a = argparse.ArgumentParser(description='Confluent server utility')
    sp = a.add_subparsers(dest='command')
    gc = sp.add_parser('gencert', help='Generate Confluent Certificates for '
                                'collective mode and remote CLI access')
    ic = sp.add_parser('invite', help='Generate a invitation to allow a new '
                                    'confluent instance to join as a '
                                    'collective member')
    ic.add_argument('name', help='Name of server to invite to join the '
                                 'collective')
    jc = sp.add_parser('join', help='Join a collective')
    jc.add_argument('server', help='A server currently in the collective')
    jc.add_argument('-i', help='Invitation provided by runniing invite on an '
                               'existing collective member')
    cmdset = a.parse_args()
    if cmdset.command == 'gencert':
        make_certificate()
    elif cmdset.command == 'invite':
        show_invitation(cmdset.name)
    elif cmdset.command == 'join':
        join_collective(cmdset.server, cmdset.i)

if __name__ == '__main__':
    main()
Add general confluentutil command This provides util commands to manage certificates and collective membership. 2018-06-13 20:23:49 +00:00			`#!/usr/bin/env python`

			`import argparse`
			`import os`
			`import socket`
			`import subprocess`
			`import sys`

			`path = os.path.dirname(os.path.realpath(__file__))`
			`path = os.path.realpath(os.path.join(path, '..', 'lib', 'python'))`
			`if path.startswith('/opt'):`
			`# if installed into system path, do not muck with things`
			`sys.path.append(path)`

			`import confluent.client as client`
			`import confluent.tlvdata as tlvdata`

			`try:`
			`input = raw_input`
			`except NameError:`
			`pass`

			`def make_certificate():`
			`umask = os.umask(0077)`
			`if subprocess.check_call(`
			`'openssl ecparam -name secp384r1 -genkey -out '`
			`'/etc/confluent/privkey.pem'.split(' ')):`
			`raise Exception('Error generating private key')`

			`if subprocess.check_call('openssl req -new -x509 -key '`
			`'/etc/confluent/privkey.pem -days 7300 -out '`
			`'/etc/confluent/srvcert.pem -subj /CN='`
			`'{0}'.format(socket.gethostname()).split(' ')):`
			`raise Exception('Error generating certificate')`
			`print('Certificate generated successfully')`
			`os.umask(umask)`


			`def show_invitation(name):`
Auto-make certificate if missing Automatically fix a missing certificate if this is the case. 2018-06-19 15:05:38 +00:00			`if not os.path.exists('/etc/confluent/srvcert.pem'):`
			`make_certificate()`
Add general confluentutil command This provides util commands to manage certificates and collective membership. 2018-06-13 20:23:49 +00:00			`s = client.Command().connection`
			`tlvdata.send(s, {'collective': {'operation': 'invite', 'name': name}})`
Correctly show the error on non-leader When non-leader tries to invite, print the error rather than unhelpful exception with no helpful data. 2018-06-26 18:35:23 +00:00			`invite = tlvdata.recv(s)['collective']`
			`if 'error' in invite:`
			`sys.stderr.write(invite['error'] + '\n')`
			`return`
			`print ('Invitatation for {0}: {1}'.format(name, invite['invitation']))`
Add general confluentutil command This provides util commands to manage certificates and collective membership. 2018-06-13 20:23:49 +00:00

			`def join_collective(server, invitation):`
Auto-make certificate if missing Automatically fix a missing certificate if this is the case. 2018-06-19 15:05:38 +00:00			`if not os.path.exists('/etc/confluent/srvcert.pem'):`
			`make_certificate()`
Add general confluentutil command This provides util commands to manage certificates and collective membership. 2018-06-13 20:23:49 +00:00			`s = client.Command().connection`
			`while not invitation:`
			`invitation = raw_input('Paste the invitation here: ')`
			`tlvdata.send(s, {'collective': {'operation': 'join',`
			`'invitation': invitation,`
			`'server': server}})`
			`res = tlvdata.recv(s)`
			`print(res.get('collective',`
			`{'status': 'Unknown response: ' + repr(res)})['status'])`


			`def main():`
			`a = argparse.ArgumentParser(description='Confluent server utility')`
			`sp = a.add_subparsers(dest='command')`
			`gc = sp.add_parser('gencert', help='Generate Confluent Certificates for '`
			`'collective mode and remote CLI access')`
			`ic = sp.add_parser('invite', help='Generate a invitation to allow a new '`
			`'confluent instance to join as a '`
			`'collective member')`
			`ic.add_argument('name', help='Name of server to invite to join the '`
			`'collective')`
			`jc = sp.add_parser('join', help='Join a collective')`
			`jc.add_argument('server', help='A server currently in the collective')`
			`jc.add_argument('-i', help='Invitation provided by runniing invite on an '`
			`'existing collective member')`
			`cmdset = a.parse_args()`
			`if cmdset.command == 'gencert':`
			`make_certificate()`
			`elif cmdset.command == 'invite':`
			`show_invitation(cmdset.name)`
			`elif cmdset.command == 'join':`
			`join_collective(cmdset.server, cmdset.i)`

			`if __name__ == '__main__':`
			`main()`