cheshire
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Activity

bgpwtf/cccampix: cronjobify ripe-sync 

Change-Id: I185c2702384941b6537a6a4048bdb2e1c4e183ba
master
Serge Bazanski 2019-08-14 14:33:30 +02:00
parent 49bf87f8e1
commit 821fa5fcc4
3 changed files with 61 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
bgpwtf/cccampix/BUILD
View File

@ -1,18 +1,24 @@
load("@io_bazel_rules_docker//container:container.bzl", "container_image", "container_layer", "container_push")
load("@subpar//:subpar.bzl", "par_binary")
py_binary(
name = "sync",
par_binary(
name = "ripe-sync",
srcs = [
"sync.py",
"ripe-sync.py",
],
deps = [
"@pip36//grpcio",
"@pip36//requests",
"//bgpwtf/cccampix/proto:ix_py_proto",
],
legacy_create_init = False,
zip_safe = False,
)
container_layer(
name = "layer_bin",
files = [
"//bgpwtf/cccampix:ripe-sync.par",
"//bgpwtf/cccampix/irr:irr",
"//bgpwtf/cccampix/peeringdb:peeringdb",
"//bgpwtf/cccampix/verifier:verifier",

36
bgpwtf/cccampix/kube/ix.libsonnet
View File

@ -5,7 +5,7 @@ local kube = import "../../../kube/kube.libsonnet";
local ix = self,
local cfg = ix.cfg,
cfg:: {
image: "registry.k0.hswaw.net/bgpwtf/cccampix:1565559239-95928eecd7e35e8582fa011d1457643ca398c310",
image: "registry.k0.hswaw.net/bgpwtf/cccampix:1565566961-49bf87f8e1ff80e35acd8eb9fc699c4ae0bf250e",
domain: "ix-status.bgp.wtf",
octorpki: {
@ -213,6 +213,40 @@ local kube = import "../../../kube/kube.libsonnet";
],
},
ripeSync: kube.CronJob(ix.name("ripe-sync")) {
metadata+: ix.metadata("ripe-sync"),
spec+: {
schedule: "*/5 * * * *",
jobTemplate+: {
spec+: {
selector:: null,
template+: {
spec+: {
containers_: {
"ripe-sync": kube.Container(ix.name("ripe-sync")) {
image: cfg.image,
args: [
"/ix/ripe-sync.par",
"$(PASSWORD)",
ix.verifier.address,
],
env_: {
PASSWORD: {
secretKeyRef: {
name: ix.name("ripe-sync"),
key: "password",
},
},
},
},
},
},
},
},
},
},
},
ingress: kube.Ingress("ingress") {
metadata+: ix.metadata("public") {
annotations+: {

24
bgpwtf/cccampix/sync.py → bgpwtf/cccampix/ripe-sync.py
View File

@ -15,8 +15,12 @@ import string
import sys
import time
import grpc
import requests
from bgpwtf.cccampix.proto import ix_pb2 as ipb
from bgpwtf.cccampix.proto import ix_pb2_grpc as ipb_grpc
class IRRObject:
"""An IRR object from RIPE."""
@ -199,18 +203,24 @@ def sync_asset(members, password, force=False):
if __name__ == '__main__':
if len(sys.argv) != 3:
print("Usage: {} password AS1,AS2,AS3,...".format(sys.argv[0]))
print("Usage: {} <password> <verifier addr>".format(sys.argv[0]))
sys.exit(1)
password = sys.argv[1]
members = [m.strip().upper() for m in sys.argv[2].split(',')]
verifier = sys.argv[2]
for member in members:
if not member.startswith('AS'):
raise Exception('{} is not a valid ASN'.format(member))
chan = grpc.insecure_channel(verifier)
stub = ipb_grpc.VerifierStub(chan)
if not all(c in string.digits for c in member[2:]):
raise Exception('{} is not a valid ASN'.format(member))
req = ipb.PeerSummaryRequest()
peers = stub.PeerSummary(req)
members = []
for peer in peers:
if peer.check_status != peer.STATUS_OK:
continue
members.append('AS'+str(peer.peeringdb_info.asn))
print("Members:", members)
sync_autnum(members, password)
sync_asset(members, password)