def get(self, request, project_id):
""" 获取项目下所有的secrets """
# 获取kind
flag, project_kind = self.get_project_kind(request, project_id)
if not flag:
return project_kind
cluster_dicts = self.get_project_cluster_info(request, project_id)
cluster_data = cluster_dicts.get('results', {}) or {}
data = []
params = dict(request.GET.items())
s_cate = 'secret' if project_kind == MESOS_VALUE else 'K8sSecret'
access_token = request.user.token.access_token
is_decode = request.GET.get('decode')
is_decode = True if is_decode == '1' else False
# get project namespace info
namespace_dict = app_utils.get_ns_id_map(
request.user.token.access_token, project_id)
for cluster_info in cluster_data:
cluster_id = cluster_info.get('cluster_id')
# 当参数中集群ID存在时,判断集群ID匹配成功后,继续后续逻辑
if params.get('cluster_id') and params['cluster_id'] != cluster_id:
continue
cluster_env = cluster_info.get('environment')
code, cluster_secrets = self.get_secrets_by_cluster_id(
request,
params,
project_id,
cluster_id,
project_kind=project_kind)
# 单个集群错误时,不抛出异常信息
if code != ErrorCode.NoError:
continue
self.handle_data(
request,
cluster_secrets,
project_kind,
s_cate,
access_token,
project_id,
cluster_id,
is_decode,
cluster_env,
cluster_info.get('name', ''),
namespace_dict=namespace_dict,
)
data += cluster_secrets
# 按时间倒序排列
data.sort(key=lambda x: x.get('createTime', ''), reverse=True)
return APIResponse({
"code": ErrorCode.NoError,
"data": {
"data": data,
"length": len(data)
},
"message": "ok"
})
def get(self, request, project_id):
"""获取项目下的所有Ingress
"""
project_kind = request.project.kind
project_kind_name = ClusterType.get(project_kind)
if project_kind_name != 'Kubernetes':
raise error_codes.CheckFailed.f("K8S项目才有Ingress", replace=True)
cluster_dicts = self.get_project_cluster_info(request, project_id)
cluster_data = cluster_dicts.get('results', {}) or {}
# 获取命名空间的id
namespace_dict = app_utils.get_ns_id_map(
request.user.token.access_token, project_id)
s_cate = 'K8sIngress'
is_decode = False
params = {}
access_token = request.user.token.access_token
data = []
for cluster_info in cluster_data:
cluster_id = cluster_info.get('cluster_id')
cluster_env = cluster_info.get('environment')
code, cluster_data = self.get_ingress_by_cluser_id(
request, params, project_id, cluster_id)
# 单个集群错误时,不抛出异常信息
if code != ErrorCode.NoError:
continue
self.handle_data(request,
cluster_data,
project_kind,
s_cate,
access_token,
project_id,
cluster_id,
is_decode,
cluster_env,
cluster_info.get('name', ''),
namespace_dict=namespace_dict)
data += cluster_data
# 按时间倒序排列
data.sort(key=lambda x: x.get('createTime', ''), reverse=True)
return APIResponse({
"code": ErrorCode.NoError,
"data": {
"data": data,
"length": len(data)
},
"message": "ok"
})
def get(self, request, project_id):
""" 获取项目下所有的ConfigMap """
# 获取kind
project_kind = request.project.kind
if project_kind not in [info[0] for info in constants.ProjectKind.get_choices()]:
raise error_codes.CheckFailed(_("项目编排类型不正确"))
cluster_dicts = self.get_project_cluster_info(request, project_id)
cluster_data = cluster_dicts.get('results', {}) or {}
data = []
params = dict(request.GET.items())
s_cate = 'configmap' if project_kind == MESOS_VALUE else 'K8sConfigMap'
access_token = request.user.token.access_token
is_decode = request.GET.get('decode')
is_decode = True if is_decode == '1' else False
# get project namespace info
namespace_dict = app_utils.get_ns_id_map(access_token, project_id)
for cluster_info in cluster_data:
cluster_id = cluster_info.get('cluster_id')
# 当参数中集群ID存在时,判断集群ID匹配成功后,继续后续逻辑
if params.get('cluster_id') and params['cluster_id'] != cluster_id:
continue
cluster_env = cluster_info.get('environment')
code, cluster_configmaps = self.get_configmaps_by_cluster_id(
request, params, project_id, cluster_id, project_kind=project_kind)
# 单个集群错误时,不抛出异常信息
if code != ErrorCode.NoError:
continue
self.handle_data(request, cluster_configmaps, project_kind, s_cate,
access_token, project_id, cluster_id,
is_decode, cluster_env, cluster_info.get('name', ''), namespace_dict=namespace_dict)
data += cluster_configmaps
# 按时间倒序排列
data.sort(key=lambda x: x.get('createTime', ''), reverse=True)
return APIResponse({
"code": ErrorCode.NoError,
"data": {
"data": data,
"length": len(data)
},
"message": "ok"
})
def batch_delete_services(self, request, project_id):
"""批量删除service"""
username = request.user.username
slz = BatchResourceSLZ(data=request.data)
slz.is_valid(raise_exception=True)
data = slz.data['data']
# 检查用户是否有命名空间的使用权限
namespace_list = [(ns['cluster_id'], ns.get('namespace'))
for ns in data]
namespace_list = set(namespace_list)
# check perm
app_utils.can_use_namespaces(request, project_id, namespace_list)
# namespace_dict format: {(cluster_id, ns_name): ns_id}
namespace_dict = app_utils.get_ns_id_map(
request.user.token.access_token, project_id)
project_kind = request.project.kind
success_list = []
failed_list = []
for _d in data:
cluster_id = _d.get('cluster_id')
name = _d.get('name')
namespace = _d.get('namespace')
namespace_id = namespace_dict.get((cluster_id, namespace))
# 删除service
resp = self.delete_single_service(request, project_id,
project_kind, cluster_id,
namespace, namespace_id, name)
# 处理已经删除,但是storage上报数据延迟的问题
message = resp.get('message', '')
is_delete_before = True if 'node does not exist' in message or 'not found' in message else False
if resp.get("code") == ErrorCode.NoError:
success_list.append({
'name':
name,
'desc':
_('{}[命名空间:{}]').format(name, namespace),
})
else:
if is_delete_before:
message = _('已经被删除,请手动刷新数据')
failed_list.append({
'name':
name,
'desc':
_('{}][命名空间:{}]:{}').format(name, namespace, message),
})
code = 0
message = ''
# 添加操作审计
if success_list:
name_list = [_s.get('name') for _s in success_list]
desc_list = [_s.get('desc') for _s in success_list]
message = _("以下service删除成功:{}").format(";".join(desc_list))
activity_client.ContextActivityLogClient(
project_id=project_id,
user=username,
resource_type="instance",
resource=';'.join(name_list),
resource_id=0,
extra=json.dumps({}),
description=";".join(desc_list),
).log_modify(activity_status="succeed")
if failed_list:
name_list = [_s.get('name') for _s in failed_list]
desc_list = [_s.get('desc') for _s in failed_list]
code = 4004
message = _("以下service删除失败:{}").format(";".join(desc_list))
activity_client.ContextActivityLogClient(
project_id=project_id,
user=username,
resource_type="instance",
resource=';'.join(name_list),
resource_id=0,
extra=json.dumps({}),
description=message,
).log_modify(activity_status="failed")
return Response({"code": code, "message": message, "data": {}})
def get(self, request, project_id):
""" 获取项目下所有的服务 """
cluster_dicts = self.get_project_cluster_info(request, project_id)
cluster_data = cluster_dicts.get('results', {}) or {}
project_kind = request.project.kind
params = dict(request.GET.items())
params['env'] = 'mesos' if project_kind == MESOS_VALUE else 'k8s'
# 获取命名空间的id
namespace_dict = app_utils.get_ns_id_map(
request.user.token.access_token, project_id)
# 项目下的所有模板集id
all_template_id_list = Template.objects.filter(
project_id=project_id,
edit_mode=TemplateEditMode.PageForm.value).values_list('id',
flat=True)
all_template_id_list = [
str(template_id) for template_id in all_template_id_list
]
skip_namespace_list = list(K8S_SYS_NAMESPACE)
skip_namespace_list.extend(K8S_PLAT_NAMESPACE)
extended_routes = {}
if project_kind == ProjectKind.K8S.value:
extended_routes = get_svc_extended_routes(project_id)
data = []
for cluster_info in cluster_data:
cluster_id = cluster_info.get('cluster_id')
if params.get('cluster_id') and params['cluster_id'] != cluster_id:
continue
cluster_name = cluster_info.get('name')
code, cluster_services = self.get_services_by_cluster_id(
request,
params,
project_id,
cluster_id,
project_kind=project_kind)
if code != ErrorCode.NoError:
continue
for _s in cluster_services:
# NOTE: 兼容处理,因为key: clusterId已被前端使用;通过非bcs创建的service,不一定包含cluster_id
_s["clusterId"] = cluster_id
_s["cluster_id"] = cluster_id
_config = _s.get('data', {})
annotations = _config.get('metadata',
{}).get('annotations', {})
_s['update_time'] = annotations.get(ANNOTATIONS_UPDATE_TIME,
'')
_s['updator'] = annotations.get(ANNOTATIONS_UPDATOR, '')
_s['cluster_name'] = cluster_name
_s['status'] = 'Running'
_s['environment'] = cluster_info.get('environment')
_s['can_update'] = True
_s['can_update_msg'] = ''
_s['can_delete'] = True
_s['can_delete_msg'] = ''
namespace_id = namespace_dict.get(
(cluster_id, _s['namespace'])) if namespace_dict else None
_s['namespace_id'] = namespace_id
labels = _config.get('metadata', {}).get('labels', {})
template_id = labels.get(LABLE_TEMPLATE_ID)
# 资源来源
source_type = labels.get(SOURCE_TYPE_LABEL_KEY)
if not source_type:
source_type = "template" if template_id else "other"
_s['source_type'] = SOURCE_TYPE_MAP.get(source_type)
if project_kind == ProjectKind.K8S.value:
_s['access_info'] = get_svc_access_info(
_config, _s['clusterId'], extended_routes)
# 处理 k8s 的系统命名空间的数据
if project_kind == ProjectKind.K8S.value and _s[
'namespace'] in skip_namespace_list:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = _(
"不允许操作系统命名空间")
continue
# 非模板集创建,可以删除但是不可以更新
_s['can_update'] = False
_s['can_update_msg'] = _("所属模板集不存在,无法操作")
if template_id and template_id in all_template_id_list:
_s['can_update'] = True
_s['can_update_msg'] = ''
data += cluster_services
# 按时间倒序排列
data.sort(key=lambda x: x.get('createTime', ''), reverse=True)
if data:
# 检查是否用命名空间的使用权限
perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES)
data = perm.hook_perms(data,
ns_id_flag='namespace_id',
cluster_id_flag='clusterId',
ns_name_flag='namespace')
return APIResponse({
"code": ErrorCode.NoError,
"data": {
"data": data,
"length": len(data)
},
"message": "ok"
})
def get(self, request, project_id):
""" 获取项目下所有的服务 """
# 获取kind
logger.debug("get project kind: %s" % project_id)
project_kind = request.project.kind
logger.debug("get project clusters: %s" % project_id)
cluster_dicts = self.get_project_cluster_info(request, project_id)
cluster_data = cluster_dicts.get('results', {}) or {}
params = dict(request.GET.items())
params.update({
"env": "mesos" if project_kind == MESOS_VALUE else "k8s",
})
data = []
access_token = request.user.token.access_token
cluster = paas_cc.get_all_clusters(access_token,
project_id,
limit=constants.ALL_LIMIT)
cluster = cluster.get('data', {}).get('results') or []
cluster = {i['cluster_id']: i['name'] for i in cluster}
# 获取命名空间的id
namespace_dict = app_utils.get_ns_id_map(
request.user.token.access_token, project_id)
# 项目下的所有模板集id
all_template_id_list = Template.objects.filter(
project_id=project_id).values_list('id', flat=True)
all_template_id_list = [
str(template_id) for template_id in all_template_id_list
]
skip_namespace_list = constants.K8S_SYS_NAMESPACE
skip_namespace_list.extend(constants.K8S_PLAT_NAMESPACE)
for cluster_info in cluster_data:
cluster_id = cluster_info.get('cluster_id')
if params.get('cluster_id') and params['cluster_id'] != cluster_id:
continue
cluster_name = cluster_info.get('name')
code, cluster_services = self.get_services_by_cluster_id(
request,
params,
project_id,
cluster_id,
project_kind=project_kind)
if code != ErrorCode.NoError:
continue
for _s in cluster_services:
_config = _s.get('data', {})
annotations = _config.get('metadata',
{}).get('annotations', {})
_s['update_time'] = annotations.get(ANNOTATIONS_UPDATE_TIME,
'')
_s['updator'] = annotations.get(ANNOTATIONS_UPDATOR, '')
_s['cluster_name'] = cluster_name
_s['status'] = 'Running'
_s['environment'] = cluster_info.get('environment')
_s['can_update'] = True
_s['can_update_msg'] = ''
_s['can_delete'] = True
_s['can_delete_msg'] = ''
namespace_id = namespace_dict.get(
(cluster_id, _s['namespace'])) if namespace_dict else None
_s['namespace_id'] = namespace_id
labels = _config.get('metadata', {}).get('labels', {})
template_id = labels.get(LABLE_TEMPLATE_ID)
# 资源来源
source_type = labels.get(SOURCE_TYPE_LABEL_KEY)
if not source_type:
source_type = "template" if template_id else "other"
_s['source_type'] = SOURCE_TYPE_MAP.get(source_type)
# 处理 k8s 的系统命名空间的数据
if project_kind == 1 and _s['namespace'] in skip_namespace_list:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = _(
"不允许操作系统命名空间")
continue
# 非模板集创建,可以删除但是不可以更新
_s['can_update'] = False
_s['can_update_msg'] = _("所属模板集不存在,无法操作")
if template_id and template_id in all_template_id_list:
_s['can_update'] = True
_s['can_update_msg'] = ''
data += cluster_services
# 按时间倒序排列
data.sort(key=lambda x: x.get('createTime', ''), reverse=True)
if data:
# 检查是否用命名空间的使用权限
perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES)
data = perm.hook_perms(data,
ns_id_flag='namespace_id',
cluster_id_flag='clusterId',
ns_name_flag='namespace')
return APIResponse({
"code": ErrorCode.NoError,
"data": {
"data": data,
"length": len(data)
},
"message": "ok"
})
