IP management system built on top of Bcfg2. It has four main parts: a django data model, a web frontend, command-line utilities, and a Bcfg2 plugin that generates dhcp, dns, and yp configuration files.
Installation of Hostbase requires installation of a python module, configuration of database (mysql or postgres), and configuration of an Apache webserver with mod_python. Hostbase was developed using MySQL, so this document is aimed at MySQL users.
Create the hostbase database and a user. For MySQL users:
mysql> CREATE DATABASE hostbase
mysql> quit
systemprompt#: mysql -u root hostbase
mysql> GRANT ALL PRIVILEGES ON *.* TO hostbaseuser@mycomputer.private.net IDENTIFIED
BY 'password' WITH GRANT OPTION;
mysql> quit
As of Bcfg2 v0.8.7 configuration options for Hostbase have moved to /etc/bcfg2.conf. There is an example bcfg2.conf with Hostbase options located at bcfg2-tarball/examples/bcfg2.confHostbase. Edit the hostbase options to correspond to the database you’ve initialized and copy the configuration to /etc/bcfg2.conf. To finish creating the database, from your path to python/Bcfg2/Server/Hostbase directory, run python manage.py syncdb to do all table creation.
Now it’s possible to explore the Hostbase web interface. For curiosity, you can run Django’s built-in development server to take a peek. Do this by running python manage.py runserver [servername:port] from your Hostbase directory. Django will default to localhost:8000 if no server or port is entered. Now you can explore the web interface. Try adding a host and a zone. You’ll see that a ”.rev” zone already exists. This is where information for reverse files will go.
For production, you’ll want to have this configured for Apache with mod_python. Here is an example of how to configure Hostbase as a virtual host.
<VirtualHost hostbase.mcs.anl.gov:80>
ServerAdmin systems@mcs.anl.gov
DocumentRoot /var/www/hostbase/
<Directory />
AllowOverride None
</Directory>
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
ServerSignature Off
# Stop TRACE/TRACK vulnerability
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
</IfModule>
Redirect / https://hostbase.mcs.anl.gov/
</VirtualHost>
<VirtualHost hostbase.mcs.anl.gov:443>
ServerAdmin systems@mcs.anl.gov
DocumentRoot /var/www/hostbase/
<Directory />
AllowOverride None
</Directory>
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
ServerSignature Off
# Stop TRACE/TRACK vulnerability
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
</IfModule>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/hostbase_server.crt
SSLCertificateKeyfile /etc/apache2/ssl/hostbase_server.key
<Location "/">
SetHandler python-program
PythonHandler django.core.handlers.modpython
SetEnv DJANGO_SETTINGS_MODULE Bcfg2.Server.Hostbase.settings
PythonDebug On
</Location>
<Location "/site_media/">
SetHandler None
</Location>
</VirtualHost>
You’ll need to copy the contents of Hostbase/media into /var/www/hostbase/site_media in this configuration to serve the correct css files.
Now that the database is accessible and there is some data in it, you can enable the Hostbase plugin on your Bcfg2 server to start generating some configuration files. All that needs to be done is to add Hostbase to the end of the list of generators in your bcfg2.conf file. To see what’s being generated by Hostbase, fire up a Bcfg2 development server: bcfg2-info. For more information on how to use the Bcfg2 development server, type help at the prompt. For our purposes, type debug. This will bring you to an interactive python prompt where you can access bcfg’s core data.
for each in bcore.plugins['Hostbase'].filedata:
print each
The above loop will print out the name of each file that was generated by Hostbase. You can see the contents of any of these by typing print bcore.plugins['Hostbase'].filedata[filename].
Bcfg2 needs a way to distribute the files generated by Hostbase. We’ll do this with a bundle. In bcfg’s Bundler directory, touch hostbase.xml.
<Bundle name='hostbase' version='0.1'>
<Package name='dhcp3-server'/>
<Package name='bind9'/>
<Service name='dhcp3-server'/>
<Service name='bind9'/>
<Path name='/etc/dhcp3/dhcpd.conf'/>
<Path name='/etc/bind/[your domain]'/>
<Path name='/etc/bind/xxx.xxx.xxx.rev'/>
</Bundle>
The above example is a bundle that will deliver both dhcp and dns files. This can be trivially split into separate bundles. It is planned that Hostbase will eventually be able to generate the list of Paths in its bundles automatically.
You’ll want to be able to trigger the Hostbase plugin to rebuild it’s config files and push them out when data has been modified in the database. This can be done through and XMLRPC function available from the Bcfg2 server. From a client that is configured to receive one or more hostbase bundles, you’ll need to first edit your python/site-packages/Bcfg2/Client/Proxy.py file. Add 'Hostbase.rebuildState' to the list of methods in the Bcfg2 client proxy object. The modified list is shown below:
class bcfg2(ComponentProxy):
'''bcfg2 client code'''
name = 'bcfg2'
methods = ['AssertProfile', 'GetConfig', 'GetProbes', 'RecvProbeData', 'RecvStats', 'Hostbase.rebuildState']
Now copy the file hostbasepush.py from bcfg2/tools in the Bcfg2 source to your machine. When this command is run as root, it triggers the Hostbase to rebuild it’s files, then runs the Bcfg2 client on your local machine to grab the new configs.
Django allows for custom authentication backends to its login procedure. Hostbase has an NIS authentication backend that verifies a user to be in the unix group allowed to modify Hostbase.
To enable this feature:
Hostbase will now direct the user to a login page if he or she is not authorized to view a certain page. Users should log in with their regular Unix username and password.