ClusterHQ · wallrj · Jun 2, 2015 · Jun 6, 2015 · Jun 6, 2015 · Jun 6, 2015
diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1,8 @@
+cuisine==0.7.7
+ecdsa==0.13
+Fabric==1.10.1
+paramiko==1.15.2
+pycrypto==2.6.1
+PyYAML==3.11
+Twisted==15.2.1
+zope.interface==4.1.2
diff --git a/slave/redhat-openstack/fabfile.py b/slave/redhat-openstack/fabfile.py
@@ -8,6 +8,7 @@
 from pipes import quote as shellQuote
 from fabric.api import sudo, task, env, put, run, local
 from fabric.context_managers import shell_env
+from cuisine import file_update, text_ensure_line, mode_sudo, mode_remote
 from twisted.python.filepath import FilePath
 from StringIO import StringIO
 import yaml
@@ -25,6 +26,9 @@
 # modify VMs or resources of another more important tenant
 TENANT_NAME = "tmz-mdl-1"
 
+NETWORK_MANAGER_CONF_PATH = '/etc/NetworkManager/NetworkManager.conf'
+SSHD_CONFIG_PATH = '/etc/ssh/sshd_config'
+
 
 def cmd(*args):
     """
@@ -95,15 +99,10 @@ def put_template(template, replacements, remote_path, **put_kwargs):
         local_file.remove()
 
 
-def set_google_dns():
+@task
+def configure_resolvconf():
     """
     Replace the ``/etc/resolv.conf`` file on the target server.
-
-    XXX: This isn't a solution, but it at least allows the packages to
-    install
-    There is a documented permanent solution:
-    * http://askubuntu.com/a/615951
-    ...but it doesn't work.
     """
     put(
         StringIO(
@@ -118,6 +117,43 @@ def set_google_dns():
     )
 
 
+@task
+def configure_networkmanager():
+    """
+    Configure NetworkManager to not modify ``resolve.conf``.
+    """
+    with mode_remote():
+        with mode_sudo():
+            updated = file_update(
+                NETWORK_MANAGER_CONF_PATH,
+                lambda content: text_ensure_line(
+                    content,
+                    'dns=none'
+                )
+            )
+    if updated:
+        sudo("systemctl restart NetworkManager")
+
+
+@task
+def configure_sshd():
+    """
+    Configure SSH to not perform reverse DNS lookups for the IP addresses of in
+    coming connections.
+    """
+    with mode_remote():
+        with mode_sudo():
+            updated = file_update(
+                SSHD_CONFIG_PATH,
+                lambda content: text_ensure_line(
+                    content,
+                    'UseDNS no'
+                )
+            )
+    if updated:
+        sudo("systemctl restart sshd")
+
+
 @task
 def create_server(
         keypair_name,
@@ -127,6 +163,7 @@ def create_server(
         image=u'ab32525b-f565-49ca-9595-48cdb5eaa794',
         # tmz-mdl-net1
         net_id=u'74632532-1629-44b4-a464-dd31657f46a3',
+        node_name=BUILDSLAVE_NODENAME
 ):
     """
     Run ``nova boot`` to create a new server on which to run the
@@ -146,11 +183,44 @@ def create_server(
             '--config-drive', 'true',
             # Wait for the machine to become active.
             '--poll',
-            BUILDSLAVE_NODENAME
+            node_name
         )
 
         run(commandline)
-        run('nova list | grep {!r}'.format(BUILDSLAVE_NODENAME))
+        output = run(
+            'nova list --fields="Networks" --name={!r}'.format(node_name)
+        )
+        ip_address = extract_ip_from_nova_list_table(output)
+        print "IPADDRESS", ip_address
+
+
+def extract_ip_from_nova_list_table(table_text):
+    """
+    $ nova list --name=clusterhq_flocker_buildslave --fields=Networks
+    +--------------------------------------+----------------------------+
+    | ID                                   | Networks                   |
+    +--------------------------------------+----------------------------+
+    | 7965dddd-809d-4fa3-90fe-73c582536a3c | tmz-mdl-net1=172.19.139.51 |
+    +--------------------------------------+----------------------------+
+    """
+    lines = []
+    for line in table_text.splitlines():
+        line = line.rstrip()
+        if set(line) == set('+-'):
+            continue
+        lines.append(line)
+
+    assert len(lines) == 2
+    # Remove first and last pipes
+    headings, values = list(line.lstrip('| ').rstrip(' |') for line in lines)
+    # Split on internal pipes
+    headings = list(heading.strip() for heading in headings.split(' | '))
+    values = list(values.strip() for value in values.split(' | '))
+    assert len(headings) == len(values)
+    assert headings == ['ID', 'Networks']
+    networks = values[-1]
+    network, ip_address = networks.split('=')
+    return ip_address
 
 
 @task
@@ -178,9 +248,13 @@ def configure(index, password, master='build.staging.clusterhq.com'):
     """
     # The default DNS servers on our redhat-openstack tenant prevent
     # resolution of public DNS names.
-    # Instead use Google's public DNS servers for the duration of the
+    # Prevent NetworkManager from using them
+    configure_networkmanager()
+    # And instead use Google's public DNS servers for the duration of the
     # build slave installation.
-    set_google_dns()
+    configure_resolvconf()
+    # Prevent reverse DNS lookups
+    configure_sshd()
 
     sudo("yum install -y epel-release")