Support FQDN in gpinitsystem and gpinitstandby

- Behave tests for gpinitsystem with fqdn Co-authored-by: N Goutam Tadi <gtadi@pivotal.io> Co-authored-by: N Jamie McAtamney <jmcatamney@pivotal.io>

Support FQDN in gpinitsystem and gpinitstandby
- Behave tests for gpinitsystem with fqdn Co-authored-by: N Goutam Tadi <gtadi@pivotal.io> Co-authored-by: N Jamie McAtamney <jmcatamney@pivotal.io>
43bf0c6f · Goutam Tadi · Goutam Tadi · 266013fa · 43bf0c6f · 43bf0c6f
7 changed file
--- a/gpMgmt/bin/gpinitstandby
+++ b/gpMgmt/bin/gpinitstandby
@@ -128,6 +128,8 @@ def parseargs():
                      help='remove current warm master standby.  Use this option '
                      'if the warm master standby host has failed.  This option will '
                      'need to shutdown the GPDB array to be able to complete the request')
+    optgrp.add_option('', '--fqdn_hba', action='store_true', dest='fqdn_hba',
+                      help='do not add standby IP addresses to pg_hba.conf')

    # XXX - This option is added to keep backward compatibility with DCA tools.
    # But this option plays no role in the whole process, its a No-Op
@@ -394,7 +396,7 @@ def create_standby(options):
        logger.info('Updating pg_hba.conf file...')
        update_pg_hba_conf(options, array)
        logger.debug('Updating pg_hba.conf file on segments...')
-        update_pg_hba_conf_on_segments(array, options.standby_host)
+        update_pg_hba_conf_on_segments(array, options.standby_host, options.fqdn_hba)
        logger.info('pg_hba.conf files updated successfully.')

        copy_master_datadir_to_standby(options, array, standby_datadir)
@@ -510,12 +512,16 @@ def update_pg_hba_conf(options, array):
        index = 0
        while pg_hba_conf[index].strip().startswith('#'):
            index += 1
-        
+
        new_section = ['# standby master host ip addresses\n']
        for ip in standby_ips:
-            cidr_suffix = '/128' if ':' in ip else '/32' # MPP-15889
+            if not options.fqdn_hba:
+                cidr_suffix = '/128' if ':' in ip else '/32' # MPP-15889
+                address = ip + cidr_suffix
+            else:
+                address = options.standby_host
+            values = ['host', 'all', current_user, address, 'trust']

-            values = ['host', 'all', current_user, ip + cidr_suffix, 'trust']
            newline = '\t'.join(values) + '\n'
            if newline not in pg_hba_conf:
                new_section.append(newline)

--- a/gpMgmt/bin/gpinitsystem
+++ b/gpMgmt/bin/gpinitsystem
@@ -1271,7 +1271,7 @@ CREATE_QD_DB () {
 				done
 		fi
 		LOG_MSG "[INFO]:-Adding gp_dumpall access to $PG_HBA for master host"
-		BUILD_MASTER_PG_HBA_FILE $GP_DIR
+		BUILD_MASTER_PG_HBA_FILE $GP_DIR $FQDN_HBA
 		LOG_MSG "[INFO]:-Creating gpssh configuration file"
 		BUILD_GPSSH_CONF $GP_DIR
 		LOG_MSG "[INFO]:-Creating perfmon directories and configuration file"
@@ -1410,7 +1410,7 @@ CREATE_QES_PRIMARY () {
                HAS_MIRRORS_OPTION=no
            fi

-			$GPCREATESEG $FLAG $$ 1 $I IS_PRIMARY $INST_COUNT  $LOG_FILE $HEAP_CHECKSUM \
+			MASTER_HOSTNAME=${MASTER_HOSTNAME} FQDN_HBA=${FQDN_HBA} $GPCREATESEG $FLAG $$ 1 $I IS_PRIMARY $INST_COUNT  $LOG_FILE $HEAP_CHECKSUM \
 `$ECHO ${MASTER_IP_ADDRESS[@]}|$TR ' ' '~'` \
 `$ECHO ${STANDBY_IP_ADDRESS[@]}|$TR ' ' '~'` &
 			PARALLEL_COUNT $BATCH_LIMIT $BATCH_DEFAULT
@@ -1470,7 +1470,7 @@ CREATE_QES_MIRROR () {
 		    FLAG="-p $PG_CONF_ADD_FILE"
 		fi

-		$GPCREATESEG $FLAG $$ 1 ${MIRRORS_ORDERED_BY_CONTENT_ID[$I_INDEX]} ${PRIMARIES_ORDERED_BY_CONTENT_ID[$I_INDEX]} $INST_COUNT  $LOG_FILE $HEAP_CHECKSUM \
+		MASTER_HOSTNAME=${MASTER_HOSTNAME} FQDN_HBA=${FQDN_HBA} $GPCREATESEG $FLAG $$ 1 ${MIRRORS_ORDERED_BY_CONTENT_ID[$I_INDEX]} ${PRIMARIES_ORDERED_BY_CONTENT_ID[$I_INDEX]} $INST_COUNT  $LOG_FILE $HEAP_CHECKSUM \
 `$ECHO ${MASTER_IP_ADDRESS[@]}|$TR ' ' '~'` \
 `$ECHO ${STANDBY_IP_ADDRESS[@]}|$TR ' ' '~'` &
 		PARALLEL_COUNT $BATCH_LIMIT $BATCH_DEFAULT
@@ -1520,6 +1520,9 @@ CREATE_STANDBY_QD () {
 		if [ x"" != x"$STANDBY_DATADIR" ]; then
 			INIT_STANDBY_ARGS+=" -F $STANDBY_DATADIR"
 		fi
+		if [ $FQDN_HBA -eq 1 ]; then
+		    INIT_STANDBY_ARGS+=" --fqdn_hba"
+		fi
 		export MASTER_DATA_DIRECTORY=${MASTER_DIRECTORY}/${SEG_PREFIX}-1;$INIT_STANDBY_PROG -s $STANDBY_HOSTNAME $INIT_STANDBY_ARGS -a
 		STANDBY_RET_CODE=$?
 		case ${STANDBY_RET_CODE} in

--- a/gpMgmt/bin/gppylib/operations/initstandby.py
+++ b/gpMgmt/bin/gppylib/operations/initstandby.py
@@ -19,13 +19,17 @@ logger = gplog.get_default_logger()

 DEFAULT_BATCH_SIZE = 16

-def get_standby_pg_hba_info(standby_host):
+def get_standby_pg_hba_info(standby_host, is_fqdn=False):
    standby_ips = unix.InterfaceAddrs.remote('get standby ips', standby_host)
    current_user = unix.UserId.local('get userid')
    new_section = ['# standby master host ip addresses\n']
    for ip in standby_ips:
-        cidr_suffix = '/128' if ':' in ip else '/32' # MPP-15889
-        new_section.append('host\tall\t%s\t%s%s\ttrust\n' % (current_user, ip, cidr_suffix))
+        if not is_fqdn:
+            cidr_suffix = '/128' if ':' in ip else '/32' # MPP-15889
+            address = ip + cidr_suffix
+        else:
+            address = standby_host
+        new_section.append('host\tall\t%s\t%s\ttrust\n' % (current_user, address))
    standby_pg_hba_info = ''.join(new_section)
    return standby_pg_hba_info 

@@ -144,14 +148,13 @@ def update_pg_hba(standby_pg_hba_info, data_dirs_list):
        pg_hba_content_list.append(pg_hba_contents)
    return pg_hba_content_list

-def update_pg_hba_conf_on_segments(gparr, standby_host):
+def update_pg_hba_conf_on_segments(gparr, standby_host, is_fqdn=False):
    """
    Updates the pg_hba.conf on all of the segments 
    present in the array
    """
    logger.debug('Updating pg_hba.conf file on segments...')
-
-    standby_pg_hba_info = get_standby_pg_hba_info(standby_host)
+    standby_pg_hba_info = get_standby_pg_hba_info(standby_host, is_fqdn)
    pickled_standby_pg_hba_info = base64.urlsafe_b64encode(pickle.dumps(standby_pg_hba_info))

    host_to_seg_map = defaultdict(list) 
@@ -165,7 +168,7 @@ def update_pg_hba_conf_on_segments(gparr, standby_host):
        for host, data_dirs_list in host_to_seg_map.items():
            pickled_data_dirs_list = base64.urlsafe_b64encode(pickle.dumps(data_dirs_list))
            cmdStr = "$GPHOME/lib/python/gppylib/operations/initstandby.py -p %s -d %s" % (pickled_standby_pg_hba_info, pickled_data_dirs_list)
-            cmd = Command('Update the pg_hba.conf on remote hosts', cmdStr=cmdStr , ctxt=REMOTE, remoteHost=host) 
+            cmd = Command('Update the pg_hba.conf on remote hosts', cmdStr=cmdStr, ctxt=REMOTE, remoteHost=host)
            pool.addCommand(cmd)

        pool.join()

--- a/gpMgmt/bin/lib/gp_bash_functions.sh
+++ b/gpMgmt/bin/lib/gp_bash_functions.sh
@@ -769,8 +769,9 @@ GET_CIDRADDR () {

 BUILD_MASTER_PG_HBA_FILE () {
        LOG_MSG "[INFO]:-Start Function $FUNCNAME"
-	if [ $# -eq 0 ];then ERROR_EXIT "[FATAL]:-Passed zero parameters, expected at least 1" 2;fi
+	if [ $# -eq 0 ];then ERROR_EXIT "[FATAL]:-Passed zero parameters, expected at least 2" 2;fi
 	GP_DIR=$1
+	FQDN_HBA=${2:-0}
        LOG_MSG "[INFO]:-Clearing values in Master $PG_HBA"
        $GREP "^#" ${GP_DIR}/$PG_HBA > $TMP_PG_HBA
        $MV $TMP_PG_HBA ${GP_DIR}/$PG_HBA
@@ -778,27 +779,35 @@ BUILD_MASTER_PG_HBA_FILE () {
        $ECHO "local    all         $USER_NAME         $PG_METHOD" >> ${GP_DIR}/$PG_HBA
        #$ECHO "local    all         all                $PG_METHOD" >> ${GP_DIR}/$PG_HBA
        LOG_MSG "[INFO]:-Setting local host access"
-        $ECHO "host     all         $USER_NAME         127.0.0.1/28    trust" >> ${GP_DIR}/$PG_HBA
-        for ADDR in "${MASTER_IP_ADDRESS_ALL[@]}"
-        do
-        	# MPP-15889
-        	CIDRADDR=$(GET_CIDRADDR $ADDR)
-        	$ECHO "host     all         $USER_NAME         $CIDRADDR       trust" >> ${GP_DIR}/$PG_HBA
-        done
-        for ADDR in "${STANDBY_IP_ADDRESS_ALL[@]}"
-        do
-        	# MPP-15889
-        	CIDRADDR=$(GET_CIDRADDR $ADDR)
-        	$ECHO "host     all         $USER_NAME         $CIDRADDR       trust" >> ${GP_DIR}/$PG_HBA
-        done
-
-        # Add all local IPV6 addresses
-        for ADDR in "${MASTER_IPV6_LOCAL_ADDRESS_ALL[@]}"
-        do
-        	# MPP-15889
-        	CIDRADDR=$(GET_CIDRADDR $ADDR)
-        	$ECHO "host     all         $USER_NAME         $CIDRADDR       trust" >> ${GP_DIR}/$PG_HBA
-        done
+        if [ $FQDN_HBA -eq 0 ];then
+            $ECHO "host     all         $USER_NAME         127.0.0.1/28    trust" >> ${GP_DIR}/$PG_HBA
+
+            for ADDR in "${MASTER_IP_ADDRESS_ALL[@]}"
+            do
+                # MPP-15889
+                CIDRADDR=$(GET_CIDRADDR $ADDR)
+                $ECHO "host     all         $USER_NAME         $CIDRADDR       trust" >> ${GP_DIR}/$PG_HBA
+
+            done
+            for ADDR in "${STANDBY_IP_ADDRESS_ALL[@]}"
+            do
+                # MPP-15889
+                CIDRADDR=$(GET_CIDRADDR $ADDR)
+                $ECHO "host     all         $USER_NAME         $CIDRADDR       trust" >> ${GP_DIR}/$PG_HBA
+            done
+
+            # Add all local IPV6 addresses
+            for ADDR in "${MASTER_IPV6_LOCAL_ADDRESS_ALL[@]}"
+            do
+                # MPP-15889
+                CIDRADDR=$(GET_CIDRADDR $ADDR)
+                $ECHO "host     all         $USER_NAME         $CIDRADDR       trust" >> ${GP_DIR}/$PG_HBA
+            done
+        else
+            $ECHO "host     all         $USER_NAME         localhost    trust" >> ${GP_DIR}/$PG_HBA
+            $ECHO "host     all         $USER_NAME         $MASTER_HOSTNAME       trust" >> ${GP_DIR}/$PG_HBA
+        fi
+

        # Add replication config
        $ECHO "local    replication $USER_NAME         $PG_METHOD" >> ${GP_DIR}/$PG_HBA

--- a/gpMgmt/bin/lib/gpcreateseg.sh
+++ b/gpMgmt/bin/lib/gpcreateseg.sh
@@ -174,34 +174,35 @@ PROCESS_QE () {
 	        done
        fi

-        # Configuring PG_HBA  -- on mirror, only need to add local addresses (skip the other addresses)
-        LOG_MSG "[INFO][$INST_COUNT]:-Configuring segment $PG_HBA"
+    # Configuring PG_HBA  -- on mirror, only need to add local addresses (skip the other addresses)
+    LOG_MSG "[INFO][$INST_COUNT]:-Configuring segment $PG_HBA"
+    if [ $FQDN_HBA -eq 0 ]; then
        if [ x"" = x"$COPY_FROM_PRIMARY_HOSTADDRESS" ]; then
-	        for MASTER_IP in "${MASTER_IP_ADDRESS[@]}"
-	        do
-	            # MPP-15889
-	            CIDR_MASTER_IP=$(GET_CIDRADDR $MASTER_IP)
-	            $TRUSTED_SHELL ${GP_HOSTADDRESS} "$ECHO host	all	all	${CIDR_MASTER_IP}	trust >> ${GP_DIR}/$PG_HBA"
-	            PARA_EXIT $? "Update $PG_HBA for master IP address ${CIDR_MASTER_IP}"
-	        done
-	        if [ x"" != x"$STANDBY_HOSTNAME" ];then
-	            LOG_MSG "[INFO][$INST_COUNT]:-Processing Standby master IP address for segment instances"
-	            for STANDBY_IP in "${STANDBY_IP_ADDRESS[@]}"
-	            do
-	                # MPP-15889
-	                CIDR_STANDBY_IP=$(GET_CIDRADDR $STANDBY_IP)
-		            $TRUSTED_SHELL ${GP_HOSTADDRESS} "$ECHO host	all	all	${CIDR_STANDBY_IP}	trust >> ${GP_DIR}/$PG_HBA"
-		            PARA_EXIT $? "Update $PG_HBA for master standby address ${CIDR_STANDBY_IP}"
-	            done
-	        fi
+        for MASTER_IP in "${MASTER_IP_ADDRESS[@]}"
+        do
+            # MPP-15889
+            CIDR_MASTER_IP=$(GET_CIDRADDR $MASTER_IP)
+            $TRUSTED_SHELL ${GP_HOSTADDRESS} "$ECHO host	all	all	${CIDR_MASTER_IP}	trust >> ${GP_DIR}/$PG_HBA"
+            PARA_EXIT $? "Update $PG_HBA for master IP address ${CIDR_MASTER_IP}"
+        done
+        if [ x"" != x"$STANDBY_HOSTNAME" ];then
+            LOG_MSG "[INFO][$INST_COUNT]:-Processing Standby master IP address for segment instances"
+            for STANDBY_IP in "${STANDBY_IP_ADDRESS[@]}"
+            do
+                # MPP-15889
+                CIDR_STANDBY_IP=$(GET_CIDRADDR $STANDBY_IP)
+            $TRUSTED_SHELL ${GP_HOSTADDRESS} "$ECHO host	all	all	${CIDR_STANDBY_IP}	trust >> ${GP_DIR}/$PG_HBA"
+            PARA_EXIT $? "Update $PG_HBA for master standby address ${CIDR_STANDBY_IP}"
+            done
+        fi
        fi

        # Add all local IPV4 addresses
        SEGMENT_IPV4_LOCAL_ADDRESS_ALL=(`$TRUSTED_SHELL $GP_HOSTADDRESS "$IPV4_ADDR_LIST_CMD | $GREP inet | $GREP -v \"127.0.0\" | $AWK '{print \\$2}' | $CUT -d'/' -f1"`)
        for ADDR in "${SEGMENT_IPV4_LOCAL_ADDRESS_ALL[@]}"
        do
-	        # MPP-15889
-	        CIDR_ADDR=$(GET_CIDRADDR $ADDR)
+        # MPP-15889
+        CIDR_ADDR=$(GET_CIDRADDR $ADDR)
            $TRUSTED_SHELL ${GP_HOSTADDRESS} "$ECHO host     all          $USER_NAME         $CIDR_ADDR      trust >> ${GP_DIR}/$PG_HBA"
        done

@@ -209,10 +210,29 @@ PROCESS_QE () {
        SEGMENT_IPV6_LOCAL_ADDRESS_ALL=(`$TRUSTED_SHELL $GP_HOSTADDRESS "$IPV6_ADDR_LIST_CMD | $GREP inet6 | $AWK '{print \\$2}' | $CUT -d'/' -f1"`)
        for ADDR in "${SEGMENT_IPV6_LOCAL_ADDRESS_ALL[@]}"
        do
-	        # MPP-15889
-	        CIDR_ADDR=$(GET_CIDRADDR $ADDR)
-	        $TRUSTED_SHELL ${GP_HOSTADDRESS} "$ECHO host     all          $USER_NAME         $CIDR_ADDR      trust >> ${GP_DIR}/$PG_HBA"
+        # MPP-15889
+        CIDR_ADDR=$(GET_CIDRADDR $ADDR)
+        $TRUSTED_SHELL ${GP_HOSTADDRESS} "$ECHO host     all          $USER_NAME         $CIDR_ADDR      trust >> ${GP_DIR}/$PG_HBA"
        done
+    else
+        if [ x"" = x"$COPY_FROM_PRIMARY_HOSTADDRESS" ]; then
+            $TRUSTED_SHELL ${GP_HOSTADDRESS} "$ECHO host	all	all	${MASTER_HOSTNAME}	trust >> ${GP_DIR}/$PG_HBA"
+            PARA_EXIT $? "Update $PG_HBA for master IP address ${MASTER_HOSTNAME}"
+            if [ x"" != x"$STANDBY_HOSTNAME" ];then
+                LOG_MSG "[INFO][$INST_COUNT]:-Processing Standby master IP address for segment instances"
+                $TRUSTED_SHELL ${GP_HOSTADDRESS} "$ECHO host	all	all	${STANDBY_HOSTNAME}	trust >> ${GP_DIR}/$PG_HBA"
+                PARA_EXIT $? "Update $PG_HBA for master standby address ${STANDBY_HOSTNAME}"
+            fi
+        fi
+
+        $TRUSTED_SHELL ${GP_HOSTADDRESS} "$ECHO host     all          $USER_NAME         $GP_HOSTADDRESS      trust >> ${GP_DIR}/$PG_HBA"
+    fi
+    
+    if [ x"" = x"$COPY_FROM_PRIMARY_HOSTADDRESS" ]; then
+	# Primary: start the segment to fill in configuration
+	START_QE
+	UPDATE_MPP $GP_PORT "$ARRAY_NAME" $TOTAL_SEG $GP_DBID $GP_CONTENT 1 $GP_HOSTADDRESS $GP_DIR
+	STOP_QE
    fi

    LOG_MSG "[INFO][$INST_COUNT]:-End Function $FUNCNAME"

--- a/gpMgmt/test/behave/mgmt_utils/gpinitsystem.feature
+++ b/gpMgmt/test/behave/mgmt_utils/gpinitsystem.feature
@@ -108,3 +108,23 @@ Feature: gpinitsystem tests
 		And the database timezone matches "HST"
 		And the startup timezone is saved
 		And the startup timezone matches "HST"
+
+    @gpinitsystem_fqdn
+    Scenario: gpinitsystem should print IP addresses in pg_hba.conf when FQDN_HBA=1
+        Given the cluster config is generated with FQDN_HBA "1"
+        Then verify that file "fqdn_config_file" exists under "/tmp"
+        And verify that the file "/tmp/fqdn_config_file" contains "FQDN_HBA=1"
+        And the user runs "gpinitsystem -a -I /tmp/fqdn_config_file -l /tmp/"
+        And gpinitsystem should return a return code of 0
+        Then verify that file "pg_hba.conf" exists under "../gpAux/gpdemo/datadirs/qddir"
+        And verify that the file "../gpAux/gpdemo/datadirs/qddir/pg_hba.conf" contains "master_hostname       trust"
+
+    @gpinitsystem_fqdn
+    Scenario: gpinitsystem should print FQDNs in pg_hba.conf when FQDN_HBA=0
+        Given the cluster config is generated with FQDN_HBA "0"
+        Then verify that file "fqdn_config_file" exists under "/tmp"
+        And verify that the file "/tmp/fqdn_config_file" contains "FQDN_HBA=0"
+        And the user runs "gpinitsystem -a -I /tmp/fqdn_config_file -l /tmp/"
+        And gpinitsystem should return a return code of 0
+        Then verify that file "pg_hba.conf" exists under "../gpAux/gpdemo/datadirs/qddir"
+        And verify that the file "../gpAux/gpdemo/datadirs/qddir/pg_hba.conf" contains "127.0.0.1
--- a/gpMgmt/test/behave/mgmt_utils/steps/mgmt_utils.py
+++ b/gpMgmt/test/behave/mgmt_utils/steps/mgmt_utils.py
@@ -61,6 +61,25 @@ def impl(context, checksum_toggle):
    if context.ret_code != 0:
        raise Exception('%s' % context.error_message)

+@given('the gpinitsystem config is generated with FQDN_HBA "{fqdn_toggle}"')
+def impl(context, checksum_toggle):
+    import socket
+    hostname = socket.gethostname()
+    config = """
+QD_PRIMARY_ARRAY={hostname}~5432~/greenplum/data-1~1~-1~0
+declare -a PRIMARY_ARRAY=(
+{hostname}~40000~/greenplum/data~2~0~6000
+)
+declare -a MIRROR_ARRAY=(
+{hostname}~50000~/greenplum/mirror/data~3~0~6001
+)
+FQDN_HBA={fqdn_toggle}
+""".format(hostname=hostname,
+           fqdn_toggle=fqdn_toggle)
+
+    with open("/tmp/fqdn_config_file", 'w') as fp:
+        fp.write(config)
+

 @given('the database is running')
 @then('the database is running')