def parameter_check(parameter, ptype='pstr', exist='yes'): if (parameter is None) and (exist == 'no'): return parameter elif (parameter is None) and (exist == 'yes'): raise (Exception('Parameter is not allowed to be None')) para_format = { "pstr": "[A-Za-z0-9-_]{1,60}$", "pnam": "[A-Za-z]{1,30}[A-Za-z0-9-_]{0,10}$", "pint": "-{0,1}[0-9]{1,16}$", "pflt": "-{0,1}[0-9]{1,15}[.]{0,1}[0-9]{1,6}$", "peml": ("[A-Za-z]{1,1}[A-Za-z0-9-_]{2,30}" "@[A-Za-z0-9]{1,1}[A-Za-z0-9-_.]{1,20}" "[.]{1,1}[A-Za-z]{1,5}$"), "ppwd": ".{5,60}" } m = re.match(para_format[ptype], str(parameter)) if m is None: log.warning( 'Parameter format error, parameter=%s, ptype=%s, exist=%s' % (str(parameter), ptype, exist)) raise (Exception('Parameter format error')) return parameter
def rpcapp_run(self, dict_data): try: api = dict_data['api'] context = dict_data['context'] parameters = dict_data['parameters'] except Exception, e: log.warning('parameters error: %s' % (e)) return request_result(101)
def server_start(service_name): while True: try: log.info('Starting %s Restful API Server' % (service_name)) rest_app_run() except Exception, e: log.warning('%s RESTful API Server running error, reason=%s' % (service_name, e)) sleep(10)
def get(self, cloudhost_uuid): try: token = request.headers.get('token') token_auth(token) except Exception, e: log.warning('Token check error, token=%s, reason=%s' % (token, e)) return request_result(201)
def rest_app_run(): while True: try: app.run(debug=True, host="0.0.0.0", port=9000, threaded=True) except Exception, e: log.warning('k8s API Server running error, reason=%s' % e) sleep(8)
def server_run(self, qu_ex_name): try: self.channel.start_consuming() except BaseException, e: log.warning('RabbitMQ server %s exit, reason = %s' % (qu_ex_name, e)) self.channel.stop_consuming() self.connection.close() raise
def cloudhost_info(self, context, parameters): try: vm_uuid = context['resource_uuid'] vm_uuid = parameter_check(vm_uuid, ptype='pstr') except Exception, e: log.warning('parameters error, context=%s, ' 'parameters=%s, reason=%s' % (context, parameters, e)) return request_result(101)
def __aclauth(*args, **kwargs): func_args = inspect.getcallargs(func, *args, **kwargs) context = func_args.get('context') token = context['token'] resources_uuid = context['resource_uuid'] action = context['action'] user_info = token_auth(token)['result'] user_uuid = user_info['user_uuid'] team_uuid = user_info['team_uuid'] team_priv = user_info['team_priv'] project_uuid = user_info['project_uuid'] project_priv = user_info['project_priv'] context = "%s%s%s%s%s%s%s" % (user_uuid, team_uuid, team_priv, project_uuid, project_priv, resources_uuid, action) log.debug('start ack check, context=%s' % (context)) acl_info = caches.get(context) for resource_uuid in resources_uuid: if (acl_info is LocalCache.notFound): log.debug('Cache acl not hit, context=%s' % (context)) auth_manager = AuthManager(service_name) ret = auth_manager.resource_acl_check( user_uuid, team_uuid, team_priv, project_uuid, project_priv, resource_uuid, action) expire = int(time.time()) + 300 caches.set(context, {"acl_check": ret, "expire": expire}) log.debug('Cached acl check, context=%s' % (context)) else: log.debug('Cache acl hit, context=%s' % (context)) ret = acl_info['acl_check'] log.debug('ack check result=%s' % (ret)) if ret == 0: try: return func(*args, **kwargs) except Exception, e: log.error('function(%s) exec error, reason = %s' % (func.__name__, e)) return request_result(999) else: log.warning('Resource acl auth denied: user_uuid = %s, \ team_uuid=%s, team_priv=%s, project_uuid=%s, \ project_priv=%s, resource_uuid=%s, action=%s' % (user_uuid, team_uuid, team_priv, project_uuid, project_priv, resource_uuid, action)) return request_result(202)
def cloudhost_status_update(self, vm_uuid, status): # 更新时,先从redis中获取该vm状态值进行比对, # 不一致时才进行数据库更新,并更新redis缓存值。 try: status_cached = self.redis_cache.get_data(vm_uuid) self.redis_cache.set_data(vm_uuid, status, 60) if status == status_cached: return except Exception, e: log.warning('redis operation failure, reason=%s' % (e))
def cloudhost_recovery(self, context, parameters): try: token = context['token'] source_ip = context.get('source_ip') vm_uuid = context['resource_uuid'] vm_uuid = parameter_check(vm_uuid, ptype='pstr') except Exception, e: log.warning('parameters error, context=%s, ' 'parameters=%s, reason=%s' % (context, parameters, e)) return request_result(101)
def snapshot_delete(self, context, parameters): try: token = context['token'] source_ip = context.get('source_ip') snapshot_uuid = context['resource_uuid'] snapshot_uuid = parameter_check(snapshot_uuid, ptype='pstr') except Exception, e: log.warning('parameters error, context=%s, ' 'parameters=%s, reason=%s' % (context, parameters, e)) return request_result(101)
def put(self, cloudhost_uuid): try: token = request.headers.get('token') token_auth(token) source_ip = request.headers.get('X-Real-IP') if source_ip is None: source_ip = request.remote_addr except Exception, e: log.warning('Token check error, token=%s, reason=%s' % (token, e)) return request_result(201)
def get_response(self, timeout, queue_name): cnt = 0 timeout = int(timeout) * 10 while self.response is None: cnt += 1 if cnt >= timeout: log.warning('RPC client exec time out, queue = %s' % (queue_name)) self.response = request_result(597) return self.connection.sleep(0.1) self.connection.process_data_events()
def cloudhost_list(self, context, parameters): try: user_info = token_auth(context['token'])['result'] user_uuid = user_info.get('user_uuid') team_uuid = user_info.get('team_uuid') team_priv = user_info.get('team_priv') project_uuid = user_info.get('project_uuid') project_priv = user_info.get('project_priv') except Exception, e: log.warning('parameters error, context=%s, ' 'parameters=%s, reason=%s' % (context, parameters, e)) return request_result(101)
def parameter_check(parameter, ptype='pstr', exist='yes'): if (parameter is None) and (exist == 'no'): return parameter if (parameter is None) and (exist == 'yes'): raise(Exception('Parameter is not allow to be None')) if ptype == 'ncid': IPNetwork(parameter) return parameter if exist == 'not_essential': if parameter is None: return parameter else: if ptype == 'ndes': return parameter para_format = { "pstr": "[A-Za-z0-9-_]{1,60}$", "pnam": "[A-Za-z]{1}[A-Za-z0-9-_]{4,19}$", # name "psiz": "[1-9]\d*", # size "psnm": "[A-Za-z]{1}[A-Za-z0-9-_]{2,19}$", "pint": "-{0,1}[0-9]{1,24}$", "pflt": "-{0,1}[0-9]{1,15}[.]{0,1}[0-9]{0,6}$", "peml": ("[A-Za-z1-9]{1,1}[A-Za-z0-9-_]{2,30}" "@[A-Za-z0-9]{1,1}[A-Za-z0-9-_.]{1,20}" "[.]{1,1}[A-Za-z]{1,5}$"), "puid": ("[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-" "[a-z0-9]{4}-[a-z0-9]{12}$"), "pver": "[A-Za-z]{1}[A-Za-z0-9-_.]{2,19}$", "pdat": "20{1}[0-9]{2}.[0-9]{2}.[0-9]{2}$", "pnip": "[1-9]{1}[0-9]{0,2}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$", "pdsk": "/dev/[s|v]{1}d[a-z]{1}[0-9]{1,2}$", "pmac": ("[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:" "[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}$"), "ppwd": ".{6,60}", "nname": "[A-Za-z]{1}[A-Za-z0-9-_]{3,19}$", "n01": "^[01]$", "n04": "^[46]$", "nnum": "^\+?[1-9][0-9]*$", "nip": "((25[0-5]|2[0-4]\d|((1\d{2})|([1-9]?\d)))\.){3}(25[0-5]" "|2[0-4]\d|((1\d{2})|([1-9]?\d)))", } m = re.match(para_format[ptype], str(parameter)) if m is None: log.warning('Parameter format error, parameter=%s, ptype=%s, exist=%s' % (str(parameter), ptype, exist)) raise(Exception('Parameter format error')) return parameter
def appstatus_service(): appstatus = AppStatusManager() rc_status_cache = {} while True: try: log.debug('rc_status_cache=%s' % (rc_status_cache)) rc_status_cache = appstatus.rc_status_update(rc_status_cache) except Exception, e: rc_status_cache = {} log.warning('Appstatus Service running error, reason=%s' % e) sleep(15)
def server_start(n): queue = conf.call_queue while True: try: log.info('Starting RPC Call API Server, topic=%s' % queue) rbtmq = RabbitmqServer(60) rbtmq.rpc_call_server(queue, rpcapi_register) except Exception, e: log.warning( 'RPC Call API Server running error, queue=%s, reason=%s' % (queue, e)) sleep(10)
def parameter_check(parameter, ptype='pstr', exist='yes'): if (parameter is None) and (exist == 'no'): return parameter elif (parameter is None) and (exist == 'yes'): raise (Exception('Parameter is not allow to be None')) para_format = { "pstr": "[A-Za-z0-9-_]{1,60}$", "pnam": "[A-Za-z]{1}[A-Za-z0-9-_]{4,19}$", # name "psiz": "[1-9]\d*", # size "psnm": "[A-Za-z]{1}[A-Za-z0-9-_]{2,19}$", "pint": "-{0,1}[0-9]{1,24}$", "pflt": "-{0,1}[0-9]{1,15}[.]{0,1}[0-9]{0,6}$", "peml": ("[A-Za-z1-9]{1,1}[A-Za-z0-9-_]{2,30}" "@[A-Za-z0-9]{1,1}[A-Za-z0-9-_.]{1,20}" "[.]{1,1}[A-Za-z]{1,5}$"), "puid": ("[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-" "[a-z0-9]{4}-[a-z0-9]{12}$"), "pver": "[A-Za-z]{1}[A-Za-z0-9-_.]{2,19}$", "pdat": "20{1}[0-9]{2}.[0-9]{2}.[0-9]{2}$", "pnip": "[1-9]{1}[0-9]{0,2}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$", "pdsk": "/dev/[s|v]{1}d[a-z]{1}[0-9]{1,2}$", "pmac": ("[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:" "[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}:[A-Fa-f0-9]{2}$"), "ppwd": ".{6,60}", "n01": "^[01]$" } m = re.match(para_format[ptype], str(parameter)) if m is None: log.warning( 'Parameter format error, parameter=%s, ptype=%s, exist=%s' % (str(parameter), ptype, exist)) raise (Exception('Parameter format error')) return parameter
def server_start(n): queue = 'kubernetes_create' while True: try: log.info('Starting RPC Call API Server, topic=%s' % queue) rbtmq = RabbitmqServer(60) rbtmq.rpc_cast_server(queue, kuber_register) except Exception, e: log.warning( 'RPC Call API Server running error, queue=%s, reason=%s' % (queue, e)) sleep(10)
def attachment_create(self, server_uuid, volume_uuid, team_uuid, project_uuid, user_uuid): log.info('attachment args: server_uuid:%s, volume_uuid:' '%s' % (server_uuid, volume_uuid)) # check the volume is used try: if_attach = self.db.get_attachment_info(volume_uuid) if len(if_attach) != 0: log.warning('volume(%s) is used, can\'t attach again' % volume_uuid) return request_result(302) except Exception, e: log.error('check the volume(%s) if is used by vm error, ' 'reason is: %s' % (volume_uuid, e)) return request_result(403)
def parameter_check(parameter, ptype='pstr', exist='yes'): if (parameter is None or parameter == '') and (exist == 'no'): return parameter elif (parameter is None or parameter == '') and (exist == 'yes'): raise (Exception('Parameter is not allowed to be None')) para_format = { "pstr": "[A-Za-z0-9-_]{1,60}$", "pnam": "[A-Za-z]{1}[A-Za-z0-9-_]{4,19}$", "pint": "-{0,1}[0-9]{1,16}$", "pflt": "-{0,1}[0-9]{1,15}[.]{0,1}[0-9]{1,6}$", "peml": ("[A-Za-z1-9]{1,1}[A-Za-z0-9-_]{2,30}" "@[A-Za-z0-9]{1,1}[A-Za-z0-9-_.]{1,20}" "[.]{1,1}[A-Za-z]{1,5}$"), "puid": ("[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-" "[a-z0-9]{4}-[a-z0-9]{12}$"), "pdat": "20{1}[0-9]{2}.[0-9]{2}.[0-9]{2}$", "pnip": "[1-9]{1}[0-9]{0,2}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}$", "ppwd": ".{6,60}", "pimgid": "^[0-9]*$", "choice": "^[01]$", "pod_num": "^([0-9]|10)$", "command": "^[A-Za-z]{1}[A-Za-z0-9-_@,& ]{1,130}[A-Za-z0-9]{1}$", "container_port": "^([0-9]|[1-9]\d|[1-9]\d{2}|[1-9]\d{3}|[1-5]\d{4}|6[0-4]\d{3}|65[0-4]\d{2}|655[0-2]\d|6553[0-5])$", "domain": "^((http://)|(https://))?([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}(/)?" } m = re.match(para_format[ptype], str(parameter)) if m is None: log.warning( 'Parameter format error, parameter=%s, ptype=%s, exist=%s' % (str(parameter), ptype, exist)) raise (Exception('Parameter format error')) return parameter
def snap_list(self, context, parameters): try: user_info = token_auth(context['token'])['result'] user_uuid = user_info.get('user_uuid') team_uuid = user_info.get('team_uuid') team_priv = user_info.get('team_priv') project_uuid = user_info.get('project_uuid') project_priv = user_info.get('project_priv') volume_uuid = parameters.get('volume_uuid') page_size = parameters.get('page_size') page_num = parameters.get('page_num') parameter_check(volume_uuid, exist='no') except Exception, e: log.warning('parameters error, context=%s, reason=%s' % (context, e)) return request_result(101)
class VolumeRouteManager(object): def __init__(self): self.op_driver = OpenstackDriver() self.db = CinderDB() self.cinder = CinderDriver() self.op_user = conf.op_user self.op_pass = conf.op_pass # --force # Attempt forced removal of volume(s), regardless of state(defaults to # False) # --purge # Remove any snapshots along with volume(s)(defaults to False) # Volume version 2 only # <volume> # Volume(s) to delete(name or ID): this use ID def if_can_delete(self, volume_uuid): try: db_result = self.db.volume_if_can_delete(volume_uuid) if_as_templet = self.db.volume_if_as_templet(volume_uuid) attach_info = self.db.get_attachment_info(volume_uuid) except Exception, e: log.error('check if can delete the volume(%s) error, ' 'reason is: %s' % (volume_uuid, e)) return if (db_result[0][0] != 0) or (len(attach_info) != 0) or (if_as_templet[0][0] != 0): log.warning('can\'t delete the volume(%s)' % volume_uuid) return False else: return True
def role_check(action, privilege): try: if ((action == 'create') and ('C' in privilege)): return 0 elif ((action == 'delete') and ('D' in privilege)): return 0 elif ((action == 'update') and ('U' in privilege)): return 0 elif ((action == 'read') and ('R' in privilege)): return 0 else: return 1 except Exception, e: log.warning('Role check error, reason=%s' % (e)) return 1
class CloudHostsApi(Resource): def __init__(self): self.compute_api = compute_manager.ComputeManagerAPI() @time_log def post(self): try: token = request.headers.get('token') token_auth(token) source_ip = request.headers.get('X-Real-IP') if source_ip is None: source_ip = request.remote_addr except Exception, e: log.warning('Token check error, token=%s, reason=%s' % (token, e)) return request_result(201) try: body = request.get_data() parameters = json.loads(body) except Exception, e: log.warning('Parameters error, body=%s, reason=%s' % (body, e)) return request_result(101)
def get_response(self, timeout, queue_name): cnt = 0 timeout = int(timeout) * 100 while self.response is None: cnt += 1 if cnt >= timeout: log.warning('RPC client exec time out, queue = %s' % (queue_name)) self.response = json.dumps(request_result(597)) return self.connection.sleep(0.01) try: self.connection.process_data_events() except Exception, e: log.error('process_data_events exec error, reason is: %s' % e) raise Exception('process_data_events exec error')
def osdisk_delete(self, volume_uuid): # try: # self.db.volume_delete(volume_uuid) # except Exception, e: # log.error('delete the osdisk error, reason is: %s' % e) # return request_result(404) try: db_ret = self.db.get_attachment_info(volume_uuid) if len(db_ret) != 0: attachment_uuid = db_ret[0][0] # server_uuid = db_ret[0][1] else: log.warning('don\'t have this volume(%s) attachment' 'msg' % volume_uuid) return request_result(0) except Exception, e: log.error('get the attachment uuid error, reason is: %s' % e) return request_result(403)
def token_auth(token): log.debug('start token check, token=%s' % (token)) token_info = caches.get(token) if (token_info is LocalCache.notFound): log.debug('Cache token auth not hit, token=%s' % (token)) try: headers = {'token': token} ret = requests.get(token_auth_url, headers=headers, timeout=5).json() status = ret['status'] if status != 0: raise(Exception('Token auth denied')) except Exception, e: log.warning('Token ucenter auth error: reason=%s' % (e)) raise(Exception('Token auth error')) expire = int(time.time()) + 300 caches.set(token, {"token_info": ret, "expire": expire})
def __reslmt(*args, **kwargs): try: func_args = inspect.getcallargs(func, *args, **kwargs) token = func_args.get('token') cost = func_args.get('cost') user_info = token_auth(token)['result'] team_uuid = user_info.get('team_uuid') project_uuid = user_info.get('project_uuid') user_uuid = user_info.get('user_uuid') if user_uuid != 'sysadmin': limit_info = billing_limit_check( token, resource_type, cost) balance_check = limit_info['result']['balance_check'] if int(balance_check) != 0: log.warning('Limit check denied, not enough balance') return request_result(302) limit_check = limit_info['result']['limit_check'] res_db = resources_db.ResourcesDB() resource_count = res_db.resource_count( resource_type, team_uuid, project_uuid, user_uuid) log.debug('billing_limit_check=%s, resource_count=%s' % (limit_check, resource_count)) if int(resource_count) >= int(limit_check): log.warning('Limit check denied, Team(%s) resource(%s) ' 'reach upper limit' % (team_uuid, resource_type)) return request_result(303) try: return func(*args, **kwargs) except Exception, e: log.error('function(%s) exec error, reason = %s' % (func.__name__, e)) return request_result(601) except Exception, e: log.error('Limit check error, reason=%s' % (e)) return request_result(303)
def snapshot_create(self, context, parameters): try: token = context['token'] source_ip = context.get('source_ip') user_info = token_auth(context['token'])['result'] user_uuid = user_info.get('user_uuid') team_uuid = user_info.get('team_uuid') project_uuid = user_info.get('project_uuid') cloudhost_uuid = parameters.get('cloudhost_uuid') snapshot_name = parameters.get('snapshot') comment = parameters.get('comment') cloudhost_uuid = parameter_check(cloudhost_uuid, ptype='pstr') snapshot_name = parameter_check(snapshot_name, ptype='pnam') except Exception, e: log.warning('parameters error, context=%s, ' 'parameters=%s, reason=%s' % (context, parameters, e)) return request_result(101)