Beispiel #1
0
 def exec_shell_cmd(cls, cmd, hostname=''):
     """ 要使用salt模式,将当前代码部署在master主机上,程序会向salt-api发送请求,有salt-master向minion发送命令 """
     # 使用subprocess方式在本地执行salt命令
     # import subprocess
     # ret = subprocess.getoutput("salt '*' cmd.run {}".format(cmd))
     # print(ret)
     sa = SaltAPI()
     result = sa.remote_execution(tgt=hostname, fun='cmd.run', arg=cmd)
     return result[hostname]
Beispiel #2
0
    def get(self):
        ok, info = check.check_login(self.token)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        local_permission_list = [self.handler_permission, self.get_permission]
        ok, info, _ = verify.has_permission(self.token, local_permission_list)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        task_id = self.get_argument('task_id', None)
        if not task_id:
            ok = False
            info = 'Must have task_id'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        task = db_task.get(task_id)
        result = sapi.run_script([task['ip']],
                                 'salt://scripts/get_task_log.sh', task_id)
        retcode = result[task['ip']]['retcode']
        if retcode == 0:
            log_info = result[task['ip']]['stdout']
            ok = True
            info = {'data': log_info}
        else:
            ok = False
            info = 'Get Log info Failed'
        self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
Beispiel #3
0
 def salt_run_update(self, task):
     encode_update_string = encrypt.base64_encode(task['task_id'] + '@' +
                                                  task['type'] + "@" +
                                                  task['target'] + "@" +
                                                  str(task['version']) +
                                                  "@" + task['content'])
     result = sapi.run_script([task['ip']], 'salt://scripts/update.sh',
                              encode_update_string)
     log.info(result)
Beispiel #4
0
    def post(self):
        post_update_file_permission = '5.2.1'
        post_update_db_permission = '5.2.2'

        ok, info = check.check_login(self.token)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        ok, info = check.check_content_type(self.request)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        body = json.loads(self.request.body)
        action, data = body['action'], body['data']
        excutor = self.get_cookie("username")

        if action == 'update':
            task = db_task.get(data['task_id'])
            update_type = task['type']
            local_permission_list = [
                self.handler_permission, self.post_permission
            ]
            if update_type == 'update_file':
                local_permission_list = [
                    self.handler_permission, self.post_permission,
                    post_update_file_permission
                ]
            if update_type == 'update_db':
                local_permission_list = [
                    self.handler_permission, self.post_permission,
                    post_update_db_permission
                ]

            ok, info, _ = verify.has_permission(self.token,
                                                local_permission_list)
            if not ok:
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            if task['status'] is True:
                ok = False
                info = 'Task has been executed'
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            task_status = {
                'task_id': task['task_id'],
                'status': 1,
                'start_time': utils.cur_timestamp(),
                'executor': excutor
            }
            if not db_task.update(task_status):
                ok = False
                info = 'update task status failed'
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            tornado.ioloop.IOLoop.instance().add_callback(
                self.salt_run_update(task))
            ok = True
            info = 'Execute update script successful'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        if action == 'revert':
            task = db_task.get(data['task_id'])
            update_type = task['type']
            local_permission_list = [
                self.handler_permission, self.post_permission
            ]
            if update_type == 'update_file':
                local_permission_list = [
                    self.handler_permission, self.post_permission,
                    post_update_file_permission
                ]
            if update_type == 'update_db':
                local_permission_list = [
                    self.handler_permission, self.post_permission,
                    post_update_db_permission
                ]

            ok, info, is_admin = verify.has_permission(self.token,
                                                       local_permission_list)
            if not is_admin:
                info = "Only admin can revert."
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            task_status = {
                'task_id': task['task_id'],
                'revert': 1,
                'revert_time': utils.cur_timestamp()
            }
            if not db_task.update(task_status):
                ok = False
                info = 'update task status failed'
                self.finish(
                    tornado.escape.json_encode({
                        'ok': ok,
                        'info': info
                    }))
                return

            tornado.ioloop.IOLoop.instance().add_callback(
                self.salt_run_revert(task))
            ok = True
            info = 'Execute revert script successful'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        if action == 'get_current_version':
            target = data['target']
            ip = '127.0.0.1'
            result = sapi.run_script([ip],
                                     'salt://scripts/get_current_version.sh',
                                     target)
            retcode, cur_version = result[ip]['retcode'], result[ip]['stdout']

            if retcode == 0:
                ok = True
                info = cur_version
            else:
                ok = False
                info = u'Get version info failed'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        ok = False
        info = 'Unsupported update action'
        self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
Beispiel #5
0
 def salt_run_revert(self, task):
     encode_update_string = encrypt.base64_encode(task['task_id'])
     result = sapi.run_script([task['ip']], 'salt://scripts/revert.sh',
                              encode_update_string)
     log.info(result)
Beispiel #6
0
    def post(self):
        post_add_permission = '7.2.1'
        post_delete_permission = '7.2.1'

        ok, info = check.check_login(self.token)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        ok, info = check.check_content_type(self.request)
        if not ok:
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        body = json.loads(self.request.body)
        action, ssh_key_data = body['action'], body['data']
        if action == 'add':
            local_permission_list = [self.handler_permission, self.post_permission, post_add_permission]
            ok, info, _ = verify.has_permission(self.token, local_permission_list)
            if not ok:
                self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
                return

            ip = ssh_key_data['ip']
            ssh_key_string = db_user.get(username=ssh_key_data['username'])['ssh_key']
            if ssh_key_string is None:
                ok = False
                info = "User ssh-key does not exist, please add first"
                self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
                return

            encrypt_ssh_key_info = encrypt.base64_encode(ssh_key_data['system_user'] + '@' +
                                                         ssh_key_string + " " + ssh_key_data['username'])
            result = sapi.run_script([ip], 'salt://scripts/add_ssh_key.sh', encrypt_ssh_key_info)
            retcode = result[ip]['retcode']

            if retcode == 0:
                if db_ssh_key_info.add(ssh_key_data):
                    ok = True
                    info = 'Add ssh-key successful'
                else:
                    ok = False
                    info = 'Add ssh-key failed'
            else:
                ok = False
                info = 'Add ssh-key failed'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        if action == 'delete':
            local_permission_list = [self.handler_permission, self.post_permission, post_delete_permission]
            ok, info, _ = verify.has_permission(self.token, local_permission_list)
            if not ok:
                self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
                return

            fail_count = 0
            for ssh_key_info in ssh_key_data:
                ip = ssh_key_info['ip']
                encrypt_ssh_key_info = encrypt.base64_encode(ssh_key_info['system_user'] + '@' +
                                                             ssh_key_info['username'])
                result = sapi.run_script([ip], 'salt://scripts/delete_ssh_key.sh', encrypt_ssh_key_info)
                retcode = result[ip]['retcode']
                if retcode == 0:
                    if db_ssh_key_info.delete(ssh_key_info['username'], ssh_key_info['ip'], ssh_key_info['system_user']):
                        fail_count += 0
                    else:
                        fail_count += 1
                else:
                    fail_count += 1

            if fail_count == 0:
                ok = True
                info = 'Delete all ssh-key info failed'
            else:
                ok = False
                info = 'Delete some ssh-key info failed, please retry'
            self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
            return

        ok = False
        info = 'Unsupported ssh-key action'
        self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
Beispiel #7
0
 def machine_initialize(self, ip):
     result = sapi.run_script([ip], 'salt://scripts/initialize.sh', 'initialize')
     log.info(result)
Beispiel #8
0
 def install_software(self, ip, software):
     result = sapi.run_script([ip], 'salt://scripts/install_software.sh', software)
     log.info(result)