def exec_shell_cmd(cls, cmd, hostname=''): """ 要使用salt模式,将当前代码部署在master主机上,程序会向salt-api发送请求,有salt-master向minion发送命令 """ # 使用subprocess方式在本地执行salt命令 # import subprocess # ret = subprocess.getoutput("salt '*' cmd.run {}".format(cmd)) # print(ret) sa = SaltAPI() result = sa.remote_execution(tgt=hostname, fun='cmd.run', arg=cmd) return result[hostname]
def get(self): ok, info = check.check_login(self.token) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return local_permission_list = [self.handler_permission, self.get_permission] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return task_id = self.get_argument('task_id', None) if not task_id: ok = False info = 'Must have task_id' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return task = db_task.get(task_id) result = sapi.run_script([task['ip']], 'salt://scripts/get_task_log.sh', task_id) retcode = result[task['ip']]['retcode'] if retcode == 0: log_info = result[task['ip']]['stdout'] ok = True info = {'data': log_info} else: ok = False info = 'Get Log info Failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def salt_run_update(self, task): encode_update_string = encrypt.base64_encode(task['task_id'] + '@' + task['type'] + "@" + task['target'] + "@" + str(task['version']) + "@" + task['content']) result = sapi.run_script([task['ip']], 'salt://scripts/update.sh', encode_update_string) log.info(result)
def post(self): post_update_file_permission = '5.2.1' post_update_db_permission = '5.2.2' ok, info = check.check_login(self.token) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return body = json.loads(self.request.body) action, data = body['action'], body['data'] excutor = self.get_cookie("username") if action == 'update': task = db_task.get(data['task_id']) update_type = task['type'] local_permission_list = [ self.handler_permission, self.post_permission ] if update_type == 'update_file': local_permission_list = [ self.handler_permission, self.post_permission, post_update_file_permission ] if update_type == 'update_db': local_permission_list = [ self.handler_permission, self.post_permission, post_update_db_permission ] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return if task['status'] is True: ok = False info = 'Task has been executed' self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return task_status = { 'task_id': task['task_id'], 'status': 1, 'start_time': utils.cur_timestamp(), 'executor': excutor } if not db_task.update(task_status): ok = False info = 'update task status failed' self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return tornado.ioloop.IOLoop.instance().add_callback( self.salt_run_update(task)) ok = True info = 'Execute update script successful' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if action == 'revert': task = db_task.get(data['task_id']) update_type = task['type'] local_permission_list = [ self.handler_permission, self.post_permission ] if update_type == 'update_file': local_permission_list = [ self.handler_permission, self.post_permission, post_update_file_permission ] if update_type == 'update_db': local_permission_list = [ self.handler_permission, self.post_permission, post_update_db_permission ] ok, info, is_admin = verify.has_permission(self.token, local_permission_list) if not is_admin: info = "Only admin can revert." self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return task_status = { 'task_id': task['task_id'], 'revert': 1, 'revert_time': utils.cur_timestamp() } if not db_task.update(task_status): ok = False info = 'update task status failed' self.finish( tornado.escape.json_encode({ 'ok': ok, 'info': info })) return tornado.ioloop.IOLoop.instance().add_callback( self.salt_run_revert(task)) ok = True info = 'Execute revert script successful' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if action == 'get_current_version': target = data['target'] ip = '127.0.0.1' result = sapi.run_script([ip], 'salt://scripts/get_current_version.sh', target) retcode, cur_version = result[ip]['retcode'], result[ip]['stdout'] if retcode == 0: ok = True info = cur_version else: ok = False info = u'Get version info failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok = False info = 'Unsupported update action' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def salt_run_revert(self, task): encode_update_string = encrypt.base64_encode(task['task_id']) result = sapi.run_script([task['ip']], 'salt://scripts/revert.sh', encode_update_string) log.info(result)
def post(self): post_add_permission = '7.2.1' post_delete_permission = '7.2.1' ok, info = check.check_login(self.token) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok, info = check.check_content_type(self.request) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return body = json.loads(self.request.body) action, ssh_key_data = body['action'], body['data'] if action == 'add': local_permission_list = [self.handler_permission, self.post_permission, post_add_permission] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ip = ssh_key_data['ip'] ssh_key_string = db_user.get(username=ssh_key_data['username'])['ssh_key'] if ssh_key_string is None: ok = False info = "User ssh-key does not exist, please add first" self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return encrypt_ssh_key_info = encrypt.base64_encode(ssh_key_data['system_user'] + '@' + ssh_key_string + " " + ssh_key_data['username']) result = sapi.run_script([ip], 'salt://scripts/add_ssh_key.sh', encrypt_ssh_key_info) retcode = result[ip]['retcode'] if retcode == 0: if db_ssh_key_info.add(ssh_key_data): ok = True info = 'Add ssh-key successful' else: ok = False info = 'Add ssh-key failed' else: ok = False info = 'Add ssh-key failed' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return if action == 'delete': local_permission_list = [self.handler_permission, self.post_permission, post_delete_permission] ok, info, _ = verify.has_permission(self.token, local_permission_list) if not ok: self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return fail_count = 0 for ssh_key_info in ssh_key_data: ip = ssh_key_info['ip'] encrypt_ssh_key_info = encrypt.base64_encode(ssh_key_info['system_user'] + '@' + ssh_key_info['username']) result = sapi.run_script([ip], 'salt://scripts/delete_ssh_key.sh', encrypt_ssh_key_info) retcode = result[ip]['retcode'] if retcode == 0: if db_ssh_key_info.delete(ssh_key_info['username'], ssh_key_info['ip'], ssh_key_info['system_user']): fail_count += 0 else: fail_count += 1 else: fail_count += 1 if fail_count == 0: ok = True info = 'Delete all ssh-key info failed' else: ok = False info = 'Delete some ssh-key info failed, please retry' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info})) return ok = False info = 'Unsupported ssh-key action' self.finish(tornado.escape.json_encode({'ok': ok, 'info': info}))
def machine_initialize(self, ip): result = sapi.run_script([ip], 'salt://scripts/initialize.sh', 'initialize') log.info(result)
def install_software(self, ip, software): result = sapi.run_script([ip], 'salt://scripts/install_software.sh', software) log.info(result)