def do_nmap(self, p_kvm_list):
for item in p_kvm_list:
ip_items = HostLoginifo.objects.filter(ip=item)
docker_dct = {}
nr = prpcrypt()
for ip_item in ip_items:
doobj = J_ssh_do([ip_item.ip, ip_item.ssh_port, ip_item.ssh_user])
if ip_item.ssh_type == 0:
ssh_passwd = nr.decrypt(ip_item.ssh_passwd)
login_info = (ip_item.ip, int(ip_item.ssh_port), ip_item.ssh_user, ssh_passwd)
res = doobj.pass_do(login_info, self.p_kvm_cmds)
if ip_item.ssh_type == 1:
login_info = (ip_item.ip, int(ip_item.ssh_port), ip_item.ssh_user, ip_item.ssh_rsa)
res = doobj.rsa_do(login_info, self.p_kvm_cmds)
if ip_item.ssh_type == 2:
login_info = (ip_item.ip, int(ip_item.ssh_port), ip_item.ssh_user, ip_item.ssh_rsa)
res = doobj.dsa_do(login_info, self.p_kvm_cmds)
if ip_item.ssh_type == 3:
login_info = (
ip_item.ip, int(ip_item.ssh_port), ip_item.ssh_user, ip_item.ssh_rsa, ip_item.rsa_pass)
res = doobj.imoocc_rsa_do(login_info, self.p_kvm_cmds)
kvm_mac_list = res[self.p_kvm_cmds[0]].split('\n')
for kvm_item in kvm_mac_list:
if kvm_item:
kvm_mac_str = mac_trans(kvm_item)[-10:]
py_id = PhysicalServerInfo.objects.get(conn_phy__sn_key=self.ip_key_dic[item]).id
v_obj = VirtualServerInfo.objects.filter(mac__contains=kvm_mac_str)
if v_obj:
v_obj.update(vir_phy=py_id, server_type="KVM")
else:
p_ob = PhysicalServerInfo.objects.filter(mac__contains=kvm_mac_str)
if p_ob and len(p_ob) < 2:
p_ob.update(vir_phy=py_id, server_type="KVM")
def try_login(self, sship_list, keyfile, cmdlist):
for ip, port in sship_list.items():
print "try key login ...... ", ip, port
logger.info("Try ssh idrsa key : %s,%s" % (ip, port))
keyfile = "/home/raffaele/.ssh/id_rsa"
if ip not in self.can_login_list.keys():
logger.info("Try ssh id_rsa key: %s, %s, %s" %
(ip, port, keyfile))
print "Try ssh id_rsa key: %s, %s, %s" % (ip, port, keyfile)
login_info = (ip, int(port), 'raffaele', keyfile)
doobj = J_ssh_do()
res = doobj.rsa_do(login_info, cmdlist)
if res["status"] == "success":
sys_hostname = res["hostname"].replace('\n', '')
system_info = getsysversion(res[
"cat /etc/issue |grep [0-9] || cat /etc/redhat-release |grep [0-9]"]
)
sys_mac = mac_trans(res[
"cat /sys/class/net/[^vftlsdb]*/address || esxcfg-vmknic -l|awk '{print $8}'|grep ':'"]
)
sys_sn = sn_trans(
res["sudo dmidecode -s system-serial-number"].replace(
'\n', ''))
machine_type = machine_type_trans(
res["sudo dmidecode -s system-manufacturer"] +
res["sudo dmidecode -s system-product-name"])
self.can_login_list[ip] = (sys_hostname, port, "raffaele",
keyfile, system_info, sys_mac,
sys_sn, machine_type)
else:
if ip not in self.can_not_login_list.keys(
) and ip not in self.can_login_list.keys():
self.can_not_login_list[ip] = (port, keyfile)
return self.can_login_list, self.can_not_login_list
def do_nmap(self, host_list):
ip_items = HostLoginifo.objects.filter(ip__in=host_list)
ns = prpcrypt()
for ip_item in ip_items:
docker_dct = {}
tmp_sship_list = []
doobj = J_ssh_do([ip_item.ip, ip_item.ssh_port, ip_item.ssh_user])
if ip_item.ssh_type == 0:
ssh_passwd = ns.decrypt(ip_item.ssh_passwd)
login_info = (ip_item.ip, int(ip_item.ssh_port), ip_item.ssh_user, ssh_passwd)
res = doobj.pass_do(login_info, self.docker_cmd_list)
if ip_item.ssh_type == 1:
login_info = (ip_item.ip, int(ip_item.ssh_port), ip_item.ssh_user, ip_item.ssh_rsa)
res = doobj.rsa_do(login_info, self.docker_cmd_list)
if ip_item.ssh_type == 2:
login_info = (ip_item.ip, int(ip_item.ssh_port), ip_item.ssh_user, ip_item.ssh_rsa)
res = doobj.dsa_do(login_info, self.docker_cmd_list)
if ip_item.ssh_type == 3:
login_info = (ip_item.ip, int(ip_item.ssh_port), ip_item.ssh_user, ip_item.ssh_rsa, ip_item.rsa_pass)
res = doobj.imoocc_rsa_do(login_info, self.docker_cmd_list)
# port_list = res["docker ps |awk -F '->' '{print $1}'|grep -v 'CONTAINER'|awk -F ':' '{print $NF}'|grep '^[0-9]'"].split("\n")
port_list = res[
"docker ps |awk -F '->' '{print $1}'|grep -v 'CONTAINER'|awk 'BEGIN{FS~/s+/;}{print $NF\" \"$1\" \"$2;}'|sed s/0.0.0.0://"].split(
"\n")
for d_item in port_list:
if d_item:
print("...............d_item", d_item)
d_port, d_id, d_dn = re.split('\s+', d_item)[:3]
d_cid = d_id + d_dn
docker_dct[d_port] = sn_trans(d_cid)
sship_list = [(ip_item.ip, port) for port in docker_dct.keys() if port]
nr = prpcrypt()
canlogin_list, notlogin_list = self.try_docker_login(sship_list, self.password_list, self.docker_cmd)
for ip, port in sship_list:
# sship_obj = {}
# sship_obj[ip] = port
if canlogin_list.has_key(port):
id = ConnectionInfo.objects.all().count() + 1
item_val = canlogin_list[port]
ssh_passwd = nr.encrypt(item_val[1])
ConnectionInfo.objects.create(id=id, ssh_username=item_val[2], ssh_userpasswd=ssh_passwd,
ssh_hostip=ip, ssh_host_port=port,
ssh_status=1, ssh_type=4, sn_key=docker_dct[port])
py_id = PhysicalServerInfo.objects.get(conn_phy__sn_key=self.ip_key_dic[ip]).id
VirtualServerInfo.objects.create(server_ip=ip, server_type="Docker Contianer",
system_ver=item_val[3], sys_hostname=item_val[4], mac=item_val[5],
sn=docker_dct[port], vir_phy_id=py_id, conn_vir_id=id)
if notlogin_list.has_key(port):
item_val = notlogin_list[ip]
ConnectionInfo.objects.create(id=id, ssh_username=item_val[2], ssh_hostip=ip,
ssh_host_port=item_val[0],
ssh_status=0, ssh_type=5, sn_key=docker_dct[port])
py_id = PhysicalServerInfo.objects.get(conn_phy__sn_key=self.ip_key_dic[ip]).id
VirtualServerInfo.objects.create(server_ip=ip, server_type="Docker Contianer", vir_phy_id=py_id,
conn_vir_id=id)
def try_key_login(self, sship_list, allkeyfile, syscmd_list):
'''
尝试ssh秘钥登录,获取机器基本信息
:param sship_list:
:param allkeyfile:
:param syscmd_list:
:return:
'''
# import traceback
for ip, port in sship_list.items():
print("try key login....", ip, port)
logger.info("Try ssh key login : %s,%s" % (ip, port))
keyfile = allkeyfile[0]
if ip not in self.can_key_login_lst.keys():
logger.info("Try ssh idrsa key : %s,%s,%s" %
(ip, port, keyfile))
print('try idrsakey....', ip, port, keyfile)
login_info = (ip, int(port), 'root', keyfile)
doobj = J_ssh_do(login_info)
res = doobj.rsa_do(login_info, syscmd_list)
if res["status"] == "success":
sys_hostname = res["hostname"]
system_info = getsysversion([
res["cat /etc/issue"], res["cat /etc/redhat-release"]
])
sys_mac = mac_trans(res[
"cat /sys/class/net/[^vtlsbd]*/address||esxcfg-vmknic -l|awk '{print $8}'|grep ':'"]
)
sys_sn = sn_trans(res["dmidecode -s system-serial-number"])
machine_type = machine_type_trans(
res["dmidecode -s system-manufacturer"] +
res["dmidecode -s system-product-name"])
self.can_key_login_lst[ip] = (port, keyfile, "root", "", 1,
system_info, sys_hostname,
sys_mac, sys_sn,
machine_type)
if res["status"] == "failed":
keyfile = allkeyfile[1]
logger.info("try iddsa login...%s,%s,%s" %
(ip, port, keyfile))
print("try iddsa login...", ip, port, keyfile)
login_info = (ip, port, 'root', keyfile)
doobj = J_ssh_do(login_info)
res = doobj.dsa_do(login_info, syscmd_list)
if res["status"] == "success":
sys_hostname = res["hostname"]
system_info = getsysversion([
res["cat /etc/issue"],
res["cat /etc/redhat-release"]
])
sys_mac = mac_trans(res[
"cat /sys/class/net/[^vtlsbd]*/address||esxcfg-vmknic -l|awk '{print $8}'|grep ':'"]
)
sys_sn = sn_trans(
res["dmidecode -s system-serial-number"])
machine_type = machine_type_trans(
res["dmidecode -s system-manufacturer"] +
res["dmidecode -s system-product-name"])
if ip in self.key_not_login_lst:
self.key_not_login_lst.pop(ip)
self.can_key_login_lst[ip] = (port, keyfile, "root",
"", 2, system_info,
sys_hostname, sys_mac,
sys_sn, machine_type)
else:
keyfile = allkeyfile[2]
logger.info("try Non-root idrsa login:%s,%s" %
(ip, port))
print("try Non-root idrsa login...", ip, port)
password = '******'
login_info = (ip, port, 'root', keyfile, password)
doobj = J_ssh_do(login_info)
res = doobj.imoocc_rsa_do(login_info, syscmd_list)
if res["status"] == "success":
sys_hostname = res["hostname"]
sys_mac = mac_trans(res[
"cat /sys/class/net/[^vtlsbd]*/address||esxcfg-vmknic -l|awk '{print $8}'|grep ':'"]
)
system_info = getsysversion([
res["cat /etc/issue"],
res["cat /etc/redhat-release"]
])
sys_sn = sn_trans(
res["dmidecode -s system-serial-number"])
machine_type = machine_type_trans(
res["dmidecode -s system-manufacturer"] +
res["dmidecode -s system-product-name"])
if ip in self.key_not_login_lst:
self.key_not_login_lst.pop(ip)
self.can_key_login_lst[ip] = (port, keyfile,
"root", "", 3,
system_info,
sys_hostname,
sys_mac, sys_sn,
machine_type)
else:
if ip not in self.key_not_login_lst.keys(
) and ip not in self.can_key_login_lst.keys():
self.key_not_login_lst[ip] = (port, keyfile)
return self.can_key_login_lst, self.key_not_login_lst