Page MenuHomePhabricator
Paste P3833

Labs internal domains cleanup script
ActivePublic

Authored by AlexMonk-WMF on Aug 15 2016, 9:38 PM.
Referenced Files
F4508723: Labs internal domains cleanup script
Sep 21 2016, 2:30 PM
F4508627: Labs internal domains cleanup script
Sep 21 2016, 2:13 PM
F4365625: Labs internal domains cleanup script
Aug 15 2016, 9:46 PM
F4365623: Labs internal domains cleanup script
Aug 15 2016, 9:45 PM
F4365612: Labs internal domains cleanup script
Aug 15 2016, 9:38 PM
Subscribers
None
import requests
import json
identity_host = "http://labcontrol1001.wikimedia.org"
dns_host = "http://labservices1001.wikimedia.org"
novaadmin_pass = open('novaadmin_pass').read().strip()
forward_zone_name = 'eqiad.wmflabs.'
reverse_zone_name = '68.10.in-addr.arpa.'
headers = {"Content-Type": "application/json", "X-Designate-Edit-Managed-Records": "true"}
auth_data = json.dumps({
'auth': {
'identity': {
'methods': [
'password'
],
'password': {
'user': {
'name': 'novaadmin',
'domain': {
'name': 'default'
},
'password': novaadmin_pass
}
}
},
'scope': {
'project': {
'name': 'admin',
'domain': {
'name': 'default'
}
}
}
}
})
resp = requests.post(identity_host + ":35357/v3/auth/tokens", headers=headers, data=auth_data)
token = resp.headers['X-Subject-Token']
headers['X-Auth-Token'] = token
headers['X-Auth-Sudo-Project-ID'] = 'noauth-project'
resp = requests.get(dns_host + ":9001/v2/zones", headers=headers)
forward_zone_id = None
reverse_zone_id = None
for zone in resp.json()['zones']:
if zone['name'] == forward_zone_name:
forward_zone_id = zone['id']
elif zone['name'] == reverse_zone_name:
reverse_zone_id = zone['id']
assert forward_zone_id is not None
assert reverse_zone_id is not None
recordset_list_url = dns_host + ":9001/v2/zones/{zone_id}/recordsets?limit=20000"
forward_recordset_list_url = recordset_list_url.format(zone_id=forward_zone_id)
resp = requests.get(forward_recordset_list_url, headers=headers)
forward_records = {}
for recordset in resp.json()['recordsets']:
if recordset['type'] != 'A':
continue
if len(recordset['records']) == 0:
# TODO: Why is this check necessary? Designate still contains recordsets with names like deployment-cache-text02.deployment-prep.eqiad.wmflabs.
continue
forward_records[recordset['name']] = recordset['records']
reverse_recordset_list_url = recordset_list_url.format(zone_id=reverse_zone_id)
resp = requests.get(reverse_recordset_list_url, headers=headers)
recordset_url = dns_host + ":9001/v2/zones/" + reverse_zone_id + "/recordsets/{recordset_id}"
for recordset in resp.json()['recordsets']:
if recordset['type'] != 'PTR' or len(recordset['records']) <= 1:
continue
IPv4 = '.'.join(reversed(recordset['name'].rstrip('.in-addr.arpa.').split('.')))
correct_records = []
for record in recordset['records']:
if record in forward_records:
correct_records.append(record)
this_recordset_url = recordset_url.format(recordset_id=recordset['id'])
if len(correct_records) == len(recordset['records']):
print("Leaving " + IPv4 + " with: " + str(recordset['records']))
continue
if len(correct_records):
# Update
new_data = {
'ttl': recordset['ttl'],
'description': recordset['description'],
'records': correct_records
}
print("Update " + IPv4 + " to remove " + str(list(set(recordset['records']) - set(correct_records))))
#requests.put(this_recordset_url, data=json.dumps(new_data), headers=headers)
else:
# Delete
print("Delete " + IPv4 + ", contained: " + str(recordset['records']))
#requests.delete(this_recordset_url, headers=headers)