def read_ca_cert_path(self, agent_only=False):
"""
Read ca certs path from config file
"""
ad_config_path = os.path.join(self.install_path,
Constant.ANOMALY_DETECTION_CONFIG_PATH)
# read agent cert path
agent_cert_path = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_AGENT_CERT, self.module_path)
# read agent key path
agent_key_path = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_AGENT_KEY, self.module_path)
# read ca root cert path
ca_root_file_path = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_CA_PATH, self.module_path)
if agent_only:
return [agent_key_path, agent_cert_path, ca_root_file_path]
# get ca root key path
ca_root_key_path = ca_root_file_path + '.key'
# read server cert path
server_cert_path = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_SERVER_CERT, self.module_path)
# read server key path
server_key_path = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_SERVER_KEY, self.module_path)
# judge the basename of path is duplicate
file_names = [
os.path.basename(file) for file in [
ca_root_file_path, server_cert_path, server_key_path,
agent_cert_path, agent_key_path
]
]
if len(file_names) != len(set(file_names)):
raise Exception(Errors.CONTENT_OR_VALUE['gauss_0504'])
return ca_root_file_path, ca_root_key_path, server_cert_path, \
server_key_path, agent_cert_path, agent_key_path
def backup_db_file(self):
"""
Backup data file.
"""
ad_config_path = os.path.join(self.install_path,
Constant.ANOMALY_DETECTION_CONFIG_PATH)
if not os.path.isfile(ad_config_path):
g.logger.info('Config file not exist, can not backup db file')
return False, None, None
db_cabin = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_DATABASE,
Constant.AD_CONF_DATABASE_PATH, self.module_path)
if os.path.isdir(db_cabin):
g.logger.info('Start backup db file.')
back_up_path = os.path.join(EXTRACT_DIR,
os.path.basename(db_cabin))
CommonTools.copy_file_to_dest_path(db_cabin, back_up_path)
return True, db_cabin, back_up_path
else:
g.logger.info('No need backup db file.')
return False, None, None
def run(self, remote=False):
if remote:
self.check_remote_params()
self.check_project_path_access()
self.init_globals()
back_status, from_path, to_path = self.backup_db_file()
if not remote:
self.prepare_module_path()
g.logger.info('Start deploy module files.')
self.deploy_module_files()
self.restore_db_file(back_status, from_path, to_path)
g.logger.info('Start modify config file.')
self.modify_config_file(remote=remote)
g.logger.info('Start parse ca information.')
ad_config_path = os.path.join(self.install_path,
Constant.ANOMALY_DETECTION_CONFIG_PATH)
tls = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_TLS_FLAG)
g.logger.info('Get server type is https:[%s].' % tls)
if (not remote) and tls.lower() == 'true':
ca_password, ssl_password, ca_root_file_path, ca_root_key_path, ca_config_path, \
agent_cert_path, agent_key_path = self.prepare_ca_certificates()
self.generate_agent_ca_files(ca_password, ssl_password,
ca_root_file_path, ca_root_key_path,
ca_config_path, agent_cert_path,
agent_key_path)
if remote and tls.lower() == 'true':
self.deploy_agent_certs()
g.logger.info('Start add crontab.')
self.start_agent_server_monitor()
g.logger.info('Start kill process.')
self.try_to_kill_process_exist()
g.logger.info('Start record version info.')
self.record_version_info()
g.logger.info(
'Waiting for start, the service will start in 1 minute...')
self.waiting_for_start(Constant.DEFAULT_WAIT_SECONDS)
