def deploy_ca_certs(file_path_list, remote_ip, user, password, dest_dir, no_delete=None): """ Copy files to remote node and remove local files """ CommonTools.remote_mkdir_with_mode(dest_dir, Constant.AUTH_COMMON_DIR_STR, remote_ip, user, password) for file_path in file_path_list: dest_file_path = os.path.join(dest_dir, os.path.basename(file_path)) status, output = CommonTools.remote_copy_files( remote_ip, user, password, file_path, dest_file_path) if status != 0: raise Exception(Errors.EXECUTE_RESULT['gauss_0406'] % (remote_ip, output)) g.logger.debug('Successfully copy [%s] to remote node[%s]' % (file_path, remote_ip)) if no_delete: file_path_list = [ file for file in file_path_list if file not in no_delete ] CommonTools.remove_files(file_path_list)
def _copy_lib(): """ Copy lib file to project path """ from_path = os.path.realpath(os.path.join(EXTRACT_DIR, Constant.AI_LIB_PATH)) to_path = PYTHON_PATH CommonTools.copy_file_to_dest_path(from_path, to_path) g.logger.info('Successfully to copy lib files.')
def _clean_manager_dir(self): """ Clean install path before unpack. """ file_list = os.listdir(self.ai_manager_path) if file_list: g.logger.info('Start clean install path, file list:[%s]' % file_list) CommonTools.clean_dir(self.ai_manager_path)
def _copy_manager_files(self): """ Copy manager files to manager dir """ from_path = os.path.join(os.path.dirname(os.path.dirname( os.path.realpath(__file__))), Constant.AI_MANAGER_PATH) to_path = self.ai_manager_path CommonTools.copy_file_to_dest_path(from_path, to_path) g.logger.info('Successfully to copy files to manager path.')
def _mk_manager_dir(self): """ Create install path if the path is not exist. """ if not os.path.isdir(self.ai_manager_path): g.logger.info('Install path:%s is not exist, start creating.' % self.ai_manager_path) CommonTools.mkdir_with_mode(self.ai_manager_path, Constant.AUTH_COMMON_DIR_STR) else: g.logger.info('Install path:%s is already exist.' % self.ai_manager_path)
def restore_db_file(status, db_cabin, back_up_path): """ Restore db file. """ if status: CommonTools.mkdir_with_mode(os.path.dirname(db_cabin), Constant.AUTH_COMMON_DIR_STR) CommonTools.copy_file_to_dest_path(back_up_path, db_cabin) else: g.logger.info('No need Restore db file.')
def prepare_param_file(self): """ Write params into file """ param_file_path = os.path.join(EXTRACT_DIR, Constant.TEMP_ANOMALY_PARAM_FILE) self.param_dict.pop(Constant.CA_INFO) CommonTools.mkdir_with_mode(os.path.dirname(param_file_path), Constant.AUTH_COMMON_DIR_STR) CommonTools.dict_to_json_file(self.param_dict, param_file_path) self._copy_param_file_to_remote_node(param_file_path, param_file_path)
def _clean_remote_manager_dir(self): """ Clean install path before unpack. """ for node in self.agent_nodes: ip = node.get(Constant.NODE_IP) uname = node.get(Constant.NODE_USER) pwd = node.get(Constant.NODE_PWD) CommonTools.retry_remote_clean_dir(self.manager_path, ip, uname, pwd) g.logger.info('Successfully clean manager path on node:[%s]' % ip)
def record_version_info(self): """ Record install time, version, install path in record file. """ time_install = datetime.now().strftime("%Y-%m-%d, %H:%M:%S") content = '|'.join([time_install, self.version, self.install_path ]) + '\n' CommonTools.add_content_to_file(VERSION_RECORD_FILE_INDEX_ADVISOR, content) CommonTools.delete_early_record(VERSION_RECORD_FILE_INDEX_ADVISOR, Constant.VERSION_FILE_MAX_LINES) g.logger.info('Successfully record version information.')
def _mk_remote_manager_dir(self): """ Create install path if the path is not exist. """ for node in self.agent_nodes: ip = node.get(Constant.NODE_IP) uname = node.get(Constant.NODE_USER) pwd = node.get(Constant.NODE_PWD) CommonTools.remote_mkdir_with_mode(self.manager_path, Constant.AUTH_COMMON_DIR_STR, ip, uname, pwd) g.logger.info('Successfully create manager path dir on node:[%s]' % ip)
def deploy_module_files(self): """ Copy files to module path. """ from_path = os.path.join( os.path.dirname( os.path.dirname( os.path.dirname(os.path.dirname( os.path.realpath(__file__))))), self.module_name) to_path = os.path.realpath( os.path.join(self.install_path, self.module_name)) CommonTools.copy_file_to_dest_path(from_path, to_path) g.logger.info('Successfully to copy files to package path.')
def __create_logfile(self): """ function: create log file input : N/A output: N/A """ try: if not os.path.isdir(os.path.dirname(self.log_file)): CommonTools.mkdir_with_mode(os.path.dirname(self.log_file), Constant.AUTH_COMMON_DIR_STR) CommonTools.create_file_if_not_exist(self.log_file) except Exception as error: raise Exception(Errors.EXECUTE_RESULT['gauss_0411'] % error)
def get_lock_file(self): """ Get lock file path for cron service. """ lock_file_dir = TMP_DIR CommonTools.mkdir_with_mode(lock_file_dir, Constant.AUTH_COMMON_DIR_STR) lock_file_name = '' for name in Constant.TASK_NAME_LIST: if name in self.cmd.split('role')[-1]: lock_file_name = 'ai_' + name + '.lock' if not lock_file_name: raise Exception(Errors.CONTENT_OR_VALUE['gauss_0502'] % self.cmd) else: return os.path.join(lock_file_dir, lock_file_name)
def _get_install_path_with_no_package(self): """ Get version info from version file with relative path :return: """ version_file = os.path.join(os.path.dirname(os.path.dirname(os.path.dirname( os.path.dirname(os.path.realpath(__file__))))), Constant.VERSION_FILE) version = CommonTools.get_version_info_from_file(version_file) g.logger.info('Got version info:%s' % version) base_dir = Constant.PACK_PATH_PREFIX + version install_path = os.path.join(self.project_path, base_dir) g.logger.info('Got install path:%s.' % install_path) CommonTools.check_path_valid(install_path) g.logger.info('Successfully to get install path.') return install_path, version
def remote_install(self): """ Remote install agent on all nodes """ install_script_path = os.path.join( self.install_path, Constant.ANOMALY_DETECTION_INSTALL_SCRIPT_PATH) param_file_path = os.path.join(EXTRACT_DIR, Constant.TEMP_ANOMALY_PARAM_FILE) cmd = Constant.EXECUTE_REMOTE_SCRIPT % ( Constant.CMD_PREFIX, install_script_path, param_file_path) params_list = [ (node.get(Constant.NODE_IP), node.get(Constant.NODE_USER), node.get(Constant.NODE_PWD), cmd) for node in self.agent_nodes ] CommonTools.parallel_execute(self.remote_install_single_agent, params_list)
def modify_config_file(self, remote=False): """ Modify config file with "config_info" in param file. """ config_path = os.path.realpath( os.path.join(self.install_path, Constant.ANOMALY_DETECTION_CONFIG_PATH)) g.logger.info('Got config file path:[%s]' % config_path) if not os.path.isfile(config_path): raise Exception(Errors.FILE_DIR_PATH['gauss_0102'] % config_path) config_info = self.param_dict.get('config_info') if not remote: CommonTools.modify_config_file(config_path, config_info) else: CommonTools.modify_agent_config_file(config_path, config_info) g.logger.info('Successfully modify config file.')
def try_to_kill_process_exist(self): """ Try to kill process, if already exist """ script_path = os.path.realpath( os.path.join(self.install_path, Constant.ANORMALY_MAIN_SCRIPT)) process_list = [ (cmd % (Constant.CMD_PREFIX, os.path.dirname(script_path), script_path)).split(self.version)[-1] for cmd in self.service_list ] for process in process_list: process_num = CommonTools.check_process(process) if process_num: CommonTools.grep_process_and_kill(process) g.logger.info('Killed process of [%s]' % process)
def check_remote_params(self): funcs = CommonTools.get_funcs(params_checkers) for param_name, param_value in self.param_dict.items(): if param_name not in params_checkers.PARAMS_CHECK_MAPPING: raise Exception(Errors.PARAMETER['gauss_0203'] % param_name) funcs[params_checkers.PARAMS_CHECK_MAPPING[param_name]]( param_value)
def create_root_certificate(ca_password, ca_crt_path, ca_key_path, config_path): """ function : create root ca file input : rand pass, dir path of certificates, config path output : NA """ if not os.path.isfile(config_path): raise Exception(Errors.FILE_DIR_PATH['gauss_0102'] % config_path) CommonTools.mkdir_with_mode(os.path.dirname(ca_crt_path), Constant.AUTH_COMMON_DIR_STR) CommonTools.mkdir_with_mode(os.path.dirname(ca_key_path), Constant.AUTH_COMMON_DIR_STR) ca_req_path = os.path.realpath( os.path.join(os.path.dirname(ca_crt_path), Constant.CA_ROOT_REQ)) # create ca key file cmd = "%s echo '%s' |openssl genrsa -aes256 -passout stdin -out %s 2048" % ( Constant.CMD_PREFIX, ca_password, ca_key_path) cmd += " && %s" % Constant.SHELL_CMD_DICT['changeMode'] % ( Constant.AUTH_COMMON_FILE_STR, ca_key_path) status, output = CommonTools.get_status_output_error(cmd, mixed=True) if status != 0: raise Exception(Errors.EXECUTE_RESULT['gauss_0414'] % 'ca root key file') # 2 create ca req file cmd = "%s echo '%s' | openssl req -new -out %s -key %s -config %s -passin stdin" % ( Constant.CMD_PREFIX, ca_password, ca_req_path, ca_key_path, config_path) cmd += " && %s" % Constant.SHELL_CMD_DICT['changeMode'] % ( Constant.AUTH_COMMON_FILE_STR, ca_req_path) status, output = CommonTools.get_status_output_error(cmd, mixed=True) if status != 0: raise Exception(Errors.EXECUTE_RESULT['gauss_0414'] % 'ca root req file') # 3 create ca crt file cmd = "%s echo '%s' | openssl x509 -req -in %s " \ "-signkey %s -days %s -out %s -passin stdin" % ( Constant.CMD_PREFIX, ca_password, ca_req_path, ca_key_path, Constant.CA_ROOT_VALID_DATE, ca_crt_path) cmd += " && %s" % Constant.SHELL_CMD_DICT['changeMode'] % ( Constant.AUTH_COMMON_FILE_STR, ca_crt_path) status, output = CommonTools.get_status_output_error(cmd, mixed=True) if status != 0: raise Exception(Errors.EXECUTE_RESULT['gauss_0414'] % 'ca root crt file') CommonTools.remove_files([ca_req_path]) g.logger.info( 'Successfully generate ca root certificate, file path[%s].' % ca_crt_path)
def get_rand_str(): """ function: get random passwd input: NA output: passwd """ uppercmd = 'openssl rand -base64 12 | tr "[0-9][a-z]" "[A-Z]" | tr -d [/+=] |cut -c 1-3' lowercmd = 'openssl rand -base64 12 | tr "[0-9][A-Z]" "[a-z]" | tr -d [/+=] |cut -c 1-4' numcmd = 'openssl rand -base64 12 | md5sum | tr "[a-z]" "[0-9]" |cut -c 1-3' strcmd = 'openssl rand -base64 48 | tr "[0-9][a-z][A-Z]" "[~@_#*]" | tr -d [/+=] |cut -c 1-1' upper_code, upper_output, upper_error = CommonTools.get_status_output_error( uppercmd) lower_code, lower_output, lower_error = CommonTools.get_status_output_error( lowercmd) num_code, num_output, num_error = CommonTools.get_status_output_error( numcmd) str_code, str_output, str_error = CommonTools.get_status_output_error( strcmd) if any([upper_code, lower_code, num_code, str_code]): raise Exception(Errors.EXECUTE_RESULT['gauss_0412'] % str([upper_code, lower_code, num_code, str_code])) rand_pwd = 'G' + upper_output.strip() + lower_output.strip() + \ num_output.strip() + str_output.strip() if len(rand_pwd) == Constant.RANDOM_PASSWD_LEN: return rand_pwd rand_pwd = "G" cmd_tuple = (uppercmd, lowercmd, numcmd, strcmd) out_tuple = (upper_output.strip(), lower_output.strip(), num_output.strip(), str_output.strip()) str_len = (3, 4, 3, 1) for i in range(4): if len(out_tuple[i]) != str_len[i]: count = 0 while True: count += 1 _, output, _ = CommonTools.get_status_output_error( cmd_tuple[i]) if len(output.strip()) == str_len[i]: rand_pwd += output.strip() break if count > 100: raise Exception(Errors.EXECUTE_RESULT['gauss_0413'] % (cmd_tuple[i], 'generate rand pwd')) else: rand_pwd += out_tuple[i].strip() return rand_pwd
def check_params(self): lost_checker = LostChecker(self.arg_dict) lost_checker.run() funcs = CommonTools.get_funcs(params_checkers) for param_name, param_value in self.arg_dict.items(): if param_name not in params_checkers.PARAMS_CHECK_MAPPING: raise Exception(Errors.PARAMETER['gauss_0203'] % param_name) funcs[params_checkers.PARAMS_CHECK_MAPPING[param_name]](param_value)
def create_env_file_if_not_exist(self): """ Create env file """ ret = CommonTools.create_file_if_not_exist(self.env_file_path) if ret: g.logger.info('Successfully create env file.') else: g.logger.info('Env file already exist.')
def clean_module_path(self): """ Delete files in install path. """ status, output = CommonTools.clean_dir(self.module_path) if status != 0: g.logger.warning('Failed clean path:[%s]' % self.module_path) else: g.logger.info('Successfully clean install path:[%s]' % self.module_path)
def clean_remote_module_dir(self): """ Clean install path before unpack. """ for node in self.install_nodes: ip = node.get(Constant.NODE_IP) uname = node.get(Constant.NODE_USER) pwd = node.get(Constant.NODE_PWD) _, output = CommonTools.retry_remote_clean_dir(self.module_path, ip, uname, pwd) g.logger.info('Result of clean module path on node:[%s], output:%s' % (ip, output))
def _copy_param_file_to_remote_node(self, path_from, path_to): """ Copy params file to remote agent node """ for node in self.agent_nodes: ip = node.get(Constant.NODE_IP) uname = node.get(Constant.NODE_USER) pwd = node.get(Constant.NODE_PWD) CommonTools.remote_mkdir_with_mode(os.path.dirname(path_to), Constant.AUTH_COMMON_DIR_STR, ip, uname, pwd) status, output = CommonTools.remote_copy_files( ip, uname, pwd, path_from, path_to) if status != 0: raise Exception(Errors.EXECUTE_RESULT['gauss_0406'] % (ip, output)) else: g.logger.info( 'Successfully copy install param file to node[%s].' % ip)
def _get_install_info(): """ Get installed information from record file. install time | install version | install path """ install_time, install_version, install_path = '', '', '' if not os.path.isfile(VERSION_RECORD_FILE_INDEX_ADVISOR): raise Exception( Errors.FILE_DIR_PATH['gauss_0102'] % VERSION_RECORD_FILE_INDEX_ADVISOR) install_info = CommonTools.read_last_line_from_file( VERSION_RECORD_FILE_INDEX_ADVISOR).strip() if install_info: install_time, install_version, install_path = install_info.split('|') # check path valid CommonTools.check_path_valid(install_path) if not os.path.isdir(install_path): raise Exception(Errors.FILE_DIR_PATH['gauss_0103'] % install_path) else: g.logger.info('Successfully got index advisor install path[%s].' % install_path) return install_time, install_version, install_path
def remote_install_single_agent(params): """ Remote install single node agent """ ip, uname, pwd, cmd = params g.logger.debug('Install node[%s], cmd[%s]' % (ip, cmd)) g.logger.info('Starting install on node:[%s], please wait ...' % ip) status, output = CommonTools.remote_execute_cmd(ip, uname, pwd, cmd) if status != 0: raise Exception(Errors.EXECUTE_RESULT['gauss_0418'] % (ip, output)) g.logger.info('Install result on node:[%s]-output:%s\n' % (ip, output))
def create_ca_certificate_with_script(ca_password, ssl_password, ca_crt_path, ca_key_path, config_path, out_crt_path, out_key_path, ip, crt_type='server'): """ function : create server ca file or client ca file with shell script. input : rand pass, dir path of certificates, config path """ if not os.path.isfile(config_path): raise Exception(Errors.FILE_DIR_PATH['gauss_0102'] % 'config file:%s' % config_path) if not os.path.isfile(ca_crt_path): raise Exception(Errors.FILE_DIR_PATH['gauss_0102'] % 'ca crt file:%s' % ca_crt_path) if not os.path.isfile(ca_key_path): raise Exception(Errors.FILE_DIR_PATH['gauss_0102'] % 'ca key file:%s' % ca_key_path) CommonTools.mkdir_with_mode(os.path.dirname(out_key_path), Constant.AUTH_COMMON_DIR_STR) CommonTools.mkdir_with_mode(os.path.dirname(out_crt_path), Constant.AUTH_COMMON_DIR_STR) ca_req_path = os.path.realpath( os.path.join(os.path.dirname(ca_crt_path), Constant.CA_REQ)) pwd = "%s %s" % (ca_password, ssl_password) script_path = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'bin/gen_certificate.sh') cmd = "unset LD_LIBRARY_PATH && echo '%s' | sh %s %s %s %s %s %s %s %s" % ( pwd, script_path, ca_crt_path, ca_key_path, out_crt_path, out_key_path, ca_req_path, ip, crt_type) status, output = CommonTools.get_status_output_error(cmd, mixed=True) if status != 0: raise Exception(Errors.EXECUTE_RESULT['gauss_0414'] % 'ca crt file' + output) g.logger.info("Successfully generate %s ssl cert for node[%s]." % (crt_type, ip))
def read_ca_cert_path(self, agent_only=False): """ Read ca certs path from config file """ ad_config_path = os.path.join(self.install_path, Constant.ANOMALY_DETECTION_CONFIG_PATH) # read agent cert path agent_cert_path = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_AGENT_CERT, self.module_path) # read agent key path agent_key_path = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_AGENT_KEY, self.module_path) # read ca root cert path ca_root_file_path = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_CA_PATH, self.module_path) if agent_only: return [agent_key_path, agent_cert_path, ca_root_file_path] # get ca root key path ca_root_key_path = ca_root_file_path + '.key' # read server cert path server_cert_path = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_SERVER_CERT, self.module_path) # read server key path server_key_path = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_SERVER_KEY, self.module_path) # judge the basename of path is duplicate file_names = [ os.path.basename(file) for file in [ ca_root_file_path, server_cert_path, server_key_path, agent_cert_path, agent_key_path ] ] if len(file_names) != len(set(file_names)): raise Exception(Errors.CONTENT_OR_VALUE['gauss_0504']) return ca_root_file_path, ca_root_key_path, server_cert_path, \ server_key_path, agent_cert_path, agent_key_path
def backup_db_file(self): """ Backup data file. """ ad_config_path = os.path.join(self.install_path, Constant.ANOMALY_DETECTION_CONFIG_PATH) if not os.path.isfile(ad_config_path): g.logger.info('Config file not exist, can not backup db file') return False, None, None db_cabin = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_DATABASE, Constant.AD_CONF_DATABASE_PATH, self.module_path) if os.path.isdir(db_cabin): g.logger.info('Start backup db file.') back_up_path = os.path.join(EXTRACT_DIR, os.path.basename(db_cabin)) CommonTools.copy_file_to_dest_path(db_cabin, back_up_path) return True, db_cabin, back_up_path else: g.logger.info('No need backup db file.') return False, None, None