def check_domain_exist(self, service_id, container_port, domain_name,
protocol, domain_path, rule_extensions):
rst = False
http_exist = False
add_httptohttps = False
service_domain = domain_repo.get_domain_by_name_and_port_and_protocol(
service_id, container_port, domain_name, protocol, domain_path)
if service_domain:
rst = True
domains = domain_repo.get_domain_by_name_and_path(
domain_name, domain_path)
for domain in domains:
if "http" == domain.protocol:
http_exist = True
if "httptohttps" in domain.rule_extensions:
rst = True
if rule_extensions:
for rule in rule_extensions:
if rule["key"] == "httptohttps":
add_httptohttps = True
if http_exist and add_httptohttps:
rst = True
return rst
def post(self, request, *args, **kwargs):
"""
添加http策略
"""
try:
container_port = request.data.get("container_port", None)
domain_name = request.data.get("domain_name", None)
certificate_id = request.data.get("certificate_id", None)
service_id = request.data.get("service_id", None)
domain_path = request.data.get("domain_path", None)
domain_cookie = request.data.get("domain_cookie", None)
domain_heander = request.data.get("domain_heander", None)
rule_extensions = request.data.get("rule_extensions", None)
whether_open = request.data.get("whether_open", False)
the_weight = request.data.get("the_weight", 100)
# 判断参数
if not container_port or not domain_name or not service_id:
return Response(general_message(400, "parameters are missing", "参数缺失"), status=400)
service = service_repo.get_service_by_service_id(service_id)
if not service:
return Response(general_message(400, "not service", "服务不存在"), status=400)
# 判断域名格式(如果用户添加的域名与默认域名后缀一致,那么他后缀必须是 "租户别名.默认后缀"
#
# 比如默认域名后缀是:37e53f.grapps.cn 这个值来自于region_info http_domain
# 那么如果它绑定 xxx.37e53f.grapps.cn是不允许的,只能绑定:
# xxx.yaufe6r5.37e53f.grapps.cn
#
# 此限制是防止租户之间盗用域名。)
region = region_repo.get_region_by_region_name(service.service_region)
if domain_name.endswith(region.httpdomain):
domain_name_spt = domain_name.split(region.httpdomain)
if self.tenant.tenant_name != domain_name_spt[0].split('.')[len(domain_name_spt[0].split('.'))-2]:
return Response(general_message(400, "the domain name format is incorrect", "域名格式不正确"), status=400)
protocol = "http"
if certificate_id:
protocol = "https"
# 判断策略是否存在
service_domain = domain_repo.get_domain_by_name_and_port_and_protocol(service.service_id, container_port, domain_name, protocol)
if service_domain:
result = general_message(400, "faild", "策略已存在")
return Response(result, status=400)
if whether_open:
try:
tenant_service_port = port_service.get_service_port_by_port(service, container_port)
# 仅开启对外端口
code, msg, data = port_service.manage_port(self.tenant, service, service.service_region, int(tenant_service_port.container_port), "only_open_outer",
tenant_service_port.protocol, tenant_service_port.port_alias)
if code != 200:
return Response(general_message(code, "change port fail", msg), status=code)
except Exception:
raise
tenant_service_port = port_service.get_service_port_by_port(service, container_port)
if not tenant_service_port.is_outer_service:
return Response(general_message(200, "not outer port", "没有开启对外端口", bean={"is_outer_service": False}),
status=200)
# 绑定端口(添加策略)
code, msg, data = domain_service.bind_httpdomain(self.tenant, self.user, service, domain_name, container_port, protocol,
certificate_id, DomainType.WWW, domain_path,
domain_cookie, domain_heander, the_weight, rule_extensions)
if code != 200:
return Response(general_message(code, "bind domain error", msg), status=code)
result = general_message(200, "success", "策略添加成功", bean=data)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def post(self, request, *args, **kwargs):
"""
服务端口绑定域名
---
parameters:
- name: tenantName
description: 团队名
required: true
type: string
paramType: path
- name: serviceAlias
description: 服务别名
required: true
type: string
paramType: path
- name: domain_name
description: 域名
required: true
type: string
paramType: form
- name: container_port
description: 服务端口
required: true
type: string
paramType: form
- name: protocol
description: 端口协议(http,https,httptohttps,httpandhttps)
required: true
type: string
paramType: form
- name: certificate_id
description: 证书ID
required: false
type: string
paramType: form
"""
try:
container_port = request.data.get("container_port", None)
domain_name = request.data.get("domain_name", None)
protocol = request.data.get("protocol", None)
certificate_id = request.data.get("certificate_id", None)
rule_extensions = request.data.get("rule_extensions", None)
# 判断策略是否存在
service_domain = domain_repo.get_domain_by_name_and_port_and_protocol(self.service.service_id, container_port,
domain_name, protocol)
if service_domain:
result = general_message(400, "faild", "策略已存在")
return Response(result, status=400)
code, msg = domain_service.bind_domain(self.tenant, self.user, self.service, domain_name, container_port,
protocol, certificate_id, DomainType.WWW, rule_extensions)
if code != 200:
return Response(general_message(code, "bind domain error", msg), status=code)
# htt与https共存的协议需存储两条数据(创建完https数据再创建一条http数据)
if protocol == "httpandhttps":
certificate_id = 0
code, msg = domain_service.bind_domain(self.tenant, self.user, self.service, domain_name,
container_port,
protocol, certificate_id, DomainType.WWW,
rule_extensions)
if code != 200:
return Response(general_message(code, "bind domain error", msg), status=code)
result = general_message(200, "success", "域名绑定成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])