def __close_outer(self, tenant, service, deal_port):
deal_port.is_outer_service = False
if service.create_status == "complete":
region_api.manage_outer_port(service.service_region, tenant.tenant_name, service.service_alias,
deal_port.container_port, {
"operation": "close",
"enterprise_id": tenant.enterprise_id
})
deal_port.save()
# 改变httpdomain表中端口状态
if deal_port.protocol == "http":
service_domains = domain_repo.get_service_domain_by_container_port(service.service_id, deal_port.container_port)
if service_domains:
for service_domain in service_domains:
service_domain.is_outer_service = False
service_domain.save()
else:
service_tcp_domains = tcp_domain.get_service_tcp_domains_by_service_id_and_port(
service.service_id, deal_port.container_port)
# 改变tcpdomain表中状态
if service_tcp_domains:
for service_tcp_domain in service_tcp_domains:
service_tcp_domain.is_outer_service = False
service_tcp_domain.save()
return 200, "success"
def __get_port_access_url(self, tenant, service, port):
# domain = region_services.get_region_httpdomain(service.service_region)
# suf_port = 80
# if domain:
# if ":" in domain:
# domain_split = domain.split(":")
# if len(domain_split) == 2:
# suf_port = int(domain_split[1])
# domain = str(domain_split[0])
#
# url = "http://{0}.{1}.{2}.{3}:{4}".format(port, service.service_alias, tenant.tenant_name,
# domain,
# suf_port)
urls = []
domains = domain_repo.get_service_domain_by_container_port(
service.service_id, port)
if domains:
for d in domains:
domain_path = d.domain_path if d.domain_path else "/"
if d.protocol != "http":
urls.insert(
0, "https://{0}{1}".format(d.domain_name, domain_path))
else:
urls.insert(
0, "http://{0}{1}".format(d.domain_name, domain_path))
return urls
def __only_open_outer(self, tenant, service, region, deal_port):
deal_port.is_outer_service = True
if service.create_status == "complete":
body = region_api.manage_outer_port(service.service_region, tenant.tenant_name, service.service_alias,
deal_port.container_port, {
"operation": "open",
"enterprise_id": tenant.enterprise_id
})
logger.debug("open outer port body {}".format(body))
lb_mapping_port = body["bean"]["port"]
deal_port.lb_mapping_port = lb_mapping_port
deal_port.save()
service_domains = domain_repo.get_service_domain_by_container_port(service.service_id, deal_port.container_port)
# 改变httpdomain表中端口状态
if service_domains:
for service_domain in service_domains:
service_domain.is_outer_service = True
service_domain.save()
service_tcp_domains = tcp_domain.get_service_tcp_domains_by_service_id_and_port(service.service_id,
deal_port.container_port)
if service_tcp_domains:
for service_tcp_domain in service_tcp_domains:
# 改变tcpdomain表中状态
service_tcp_domain.is_outer_service = True
service_tcp_domain.save()
return 200, "success"
def delete_port_by_container_port(self, tenant, service, container_port):
service_domain = domain_repo.get_service_domain_by_container_port(service.service_id, container_port)
if len(service_domain) > 1 or len(service_domain) == 1 and service_domain[0].type != 0:
return 412, u"该端口有自定义域名,请先解绑域名", None
port_info = port_repo.get_service_port_by_port(tenant.tenant_id, service.service_id, container_port)
if not port_info:
return 404, u"端口{0}不存在".format(container_port), None
if port_info.is_inner_service:
return 409, u"请关闭对内服务", None
if port_info.is_outer_service:
return 409, u"请关闭外部服务", None
if service.create_status == "complete":
# 删除数据中心端口
region_api.delete_service_port(service.service_region, tenant.tenant_name, service.service_alias, container_port,
tenant.enterprise_id)
# 删除端口时禁用相关服务
self.disable_service_when_delete_port(tenant, service, container_port)
# 删除env
env_var_service.delete_env_by_container_port(tenant, service, container_port)
# 删除端口
port_repo.delete_serivce_port_by_port(tenant.tenant_id, service.service_id, container_port)
# 删除端口绑定的域名
domain_repo.delete_service_domain_by_port(service.service_id, container_port)
return 200, u"删除成功", port_info
def __get_port_access_url(self, tenant, service, port):
domain = region_services.get_region_httpdomain(service.service_region)
suf_port = 80
if domain:
if ":" in domain:
domain_split = domain.split(":")
if len(domain_split) == 2:
suf_port = int(domain_split[1])
domain = str(domain_split[0])
url = "http://{0}.{1}.{2}.{3}:{4}".format(port,
service.service_alias,
tenant.tenant_name,
domain, suf_port)
urls = [url]
domains = domain_repo.get_service_domain_by_container_port(
service.service_id, port)
if domains:
for d in domains:
if d.protocol != "http":
urls.insert(0, "https://{0}".format(d.domain_name))
else:
urls.insert(0, "http://{0}".format(d.domain_name))
return urls
def delete_port_by_container_port(self, tenant, service, container_port):
service_domain = domain_repo.get_service_domain_by_container_port(
service.service_id, container_port)
if service_domain:
return 412, u"请先解绑该端口绑定的域名", None
port_info = port_repo.get_service_port_by_port(tenant.tenant_id,
service.service_id,
container_port)
if not port_info:
return 404, u"端口{0}不存在".format(container_port), None
if port_info.is_inner_service:
return 409, u"请关闭对外服务", None
if port_info.is_outer_service:
return 409, u"请关闭外部服务", None
if service.create_status == "complete":
# 删除数据中心端口
region_api.delete_service_port(service.service_region,
tenant.tenant_name,
service.service_alias,
container_port,
tenant.enterprise_id)
# 删除env
env_var_service.delete_env_by_container_port(tenant, service,
container_port)
# 删除端口
port_repo.delete_serivce_port_by_port(tenant.tenant_id,
service.service_id,
container_port)
# 删除端口绑定的域名
domain_repo.delete_service_domain_by_port(service.service_id,
container_port)
return 200, u"删除成功", port_info
def __close_outer(self, tenant, service, deal_port):
deal_port.is_outer_service = False
if service.create_status == "complete":
region_api.manage_outer_port(
service.service_region, tenant.tenant_name,
service.service_alias, deal_port.container_port, {
"operation": "close",
"enterprise_id": tenant.enterprise_id
})
deal_port.save()
# 改变httpdomain表中端口状态
if deal_port.protocol == "http":
service_domains = domain_repo.get_service_domain_by_container_port(
service.service_id, deal_port.container_port)
if service_domains:
for service_domain in service_domains:
service_domain.is_outer_service = False
service_domain.save()
else:
service_tcp_domains = tcp_domain.get_service_tcp_domains_by_service_id_and_port(
service.service_id, deal_port.container_port)
# 改变tcpdomain表中状态
if service_tcp_domains:
for service_tcp_domain in service_tcp_domains:
service_tcp_domain.is_outer_service = False
service_tcp_domain.save()
# component port change, will change entrance network governance plugin configuration
if service.create_status == "complete":
from console.services.plugin import app_plugin_service
app_plugin_service.update_config_if_have_entrance_plugin(
tenant, service)
return 200, "success"
def __get_port_access_url(self, tenant, service, port):
urls = []
domains = domain_repo.get_service_domain_by_container_port(
service.service_id, port)
if domains:
for d in domains:
domain_path = d.domain_path if d.domain_path else "/"
if d.protocol != "http":
urls.insert(
0, "https://{0}{1}".format(d.domain_name, domain_path))
else:
urls.insert(
0, "http://{0}{1}".format(d.domain_name, domain_path))
return urls
def __save_port(self, tenant, service, tenant_service_ports):
port_list = []
for port in tenant_service_ports:
port.pop("ID")
new_port = TenantServicesPort(**port)
new_port.service_id = service.service_id
new_port.tenant_id = tenant.tenant_id
port_list.append(new_port)
if port_list:
TenantServicesPort.objects.bulk_create(port_list)
region = region_repo.get_region_by_region_name(
service.service_region)
# 为每一个端口状态是打开的生成默认域名
for port in port_list:
if port.is_outer_service:
if port.protocol == "http":
service_domains = domain_repo.get_service_domain_by_container_port(
service.service_id, port.container_port)
# 在domain表中保存数据
if service_domains:
for service_domain in service_domains:
service_domain.is_outer_service = True
service_domain.save()
else:
# 在service_domain表中保存数据
service_id = service.service_id
service_name = service.service_alias
container_port = port.container_port
domain_name = str(container_port) + "." + str(
service_name) + "." + str(
tenant.tenant_name) + "." + str(
region.httpdomain)
create_time = datetime.datetime.now().strftime(
'%Y-%m-%d %H:%M:%S')
protocol = "http"
http_rule_id = make_uuid(domain_name)
tenant_id = tenant.tenant_id
service_alias = service.service_cname
region_id = region.region_id
domain_repo.create_service_domains(
service_id, service_name, domain_name,
create_time, container_port, protocol,
http_rule_id, tenant_id, service_alias,
region_id)
# 给数据中心发请求添加默认域名
data = dict()
data["domain"] = domain_name
data["service_id"] = service.service_id
data["tenant_id"] = tenant.tenant_id
data["tenant_name"] = tenant.tenant_name
data["protocol"] = protocol
data["container_port"] = int(container_port)
data["http_rule_id"] = http_rule_id
try:
region_api.bind_http_domain(
service.service_region, tenant.tenant_name,
data)
except Exception as e:
logger.exception(e)
domain_repo.delete_http_domains(http_rule_id)
continue
else:
service_tcp_domains = tcp_domain.get_service_tcp_domains_by_service_id_and_port(
service.service_id, port.container_port)
if service_tcp_domains:
for service_tcp_domain in service_tcp_domains:
# 改变tcpdomain表中状态
service_tcp_domain.is_outer_service = True
service_tcp_domain.save()
else:
# ip+port
# 在service_tcp_domain表中保存数据
res, data = region_api.get_port(
region.region_name, tenant.tenant_name)
if int(res.status) != 200:
continue
end_point = str(region.tcpdomain) + ":" + str(
data["bean"])
service_id = service.service_id
service_name = service.service_alias
create_time = datetime.datetime.now().strftime(
'%Y-%m-%d %H:%M:%S')
container_port = port.container_port
protocol = port.protocol
service_alias = service.service_cname
tcp_rule_id = make_uuid(end_point)
tenant_id = tenant.tenant_id
region_id = region.region_id
tcp_domain.create_service_tcp_domains(
service_id, service_name, end_point,
create_time, container_port, protocol,
service_alias, tcp_rule_id, tenant_id,
region_id)
# 默认ip不需要传给数据中心
# ip = end_point.split(":")[0]
port = end_point.split(":")[1]
data = dict()
data["service_id"] = service.service_id
data["container_port"] = int(container_port)
# data["ip"] = ip
data["port"] = int(port)
data["tcp_rule_id"] = tcp_rule_id
logger.debug(
'--------------------------------->{0}'.format(
data["port"]))
try:
# 给数据中心传送数据添加策略
region_api.bindTcpDomain(
service.service_region, tenant.tenant_name,
data)
except Exception as e:
logger.exception(e)
tcp_domain.delete_tcp_domain(tcp_rule_id)
continue
def get_sld_domains(self, service, container_port):
return domain_repo.get_service_domain_by_container_port(
service.service_id,
container_port).filter(domain_type=DomainType.SLD_DOMAIN)
def get_port_bind_domains(self, service, container_port):
return domain_repo.get_service_domain_by_container_port(
service.service_id, container_port)
def __open_outer(self, tenant, service, region, deal_port):
if deal_port.protocol == "http":
service_domains = domain_repo.get_service_domain_by_container_port(service.service_id, deal_port.container_port)
# 在domain表中保存数据
if service_domains:
for service_domain in service_domains:
service_domain.is_outer_service = True
service_domain.save()
else:
# 在service_domain表中保存数据
service_id = service.service_id
service_name = service.service_alias
container_port = deal_port.container_port
domain_name = str(container_port) + "." + str(service_name) + "." + str(tenant.tenant_name) + "." + str(
region.httpdomain)
create_time = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
protocol = "http"
http_rule_id = make_uuid(domain_name)
tenant_id = tenant.tenant_id
service_alias = service.service_cname
region_id = region.region_id
domain_repo.create_service_domains(service_id, service_name, domain_name, create_time, container_port, protocol,
http_rule_id, tenant_id, service_alias, region_id)
# 给数据中心发请求添加默认域名
data = dict()
data["domain"] = domain_name
data["service_id"] = service.service_id
data["tenant_id"] = tenant.tenant_id
data["tenant_name"] = tenant.tenant_name
data["protocol"] = protocol
data["container_port"] = int(container_port)
data["http_rule_id"] = http_rule_id
try:
region_api.bind_http_domain(service.service_region, tenant.tenant_name, data)
except Exception as e:
logger.exception(e)
domain_repo.delete_http_domains(http_rule_id)
return 412, u"数据中心添加策略失败"
else:
service_tcp_domains = tcp_domain.get_service_tcp_domains_by_service_id_and_port(
service.service_id, deal_port.container_port)
if service_tcp_domains:
for service_tcp_domain in service_tcp_domains:
# 改变tcpdomain表中状态
service_tcp_domain.is_outer_service = True
service_tcp_domain.save()
else:
# ip+port
# 在service_tcp_domain表中保存数据
res, data = region_api.get_port(region.region_name, tenant.tenant_name)
if int(res.status) != 200:
return 400, u"请求数据中心异常"
end_point = "0.0.0.0:{0}".format(data["bean"])
service_id = service.service_id
service_name = service.service_alias
create_time = datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S')
container_port = deal_port.container_port
protocol = deal_port.protocol
service_alias = service.service_cname
tcp_rule_id = make_uuid(end_point)
tenant_id = tenant.tenant_id
region_id = region.region_id
tcp_domain.create_service_tcp_domains(service_id, service_name, end_point, create_time, container_port,
protocol, service_alias, tcp_rule_id, tenant_id, region_id)
port = end_point.split(":")[1]
data = dict()
data["service_id"] = service.service_id
data["container_port"] = int(container_port)
data["ip"] = "0.0.0.0"
data["port"] = int(port)
data["tcp_rule_id"] = tcp_rule_id
try:
# 给数据中心传送数据添加策略
region_api.bindTcpDomain(service.service_region, tenant.tenant_name, data)
except Exception as e:
logger.exception(e)
tcp_domain.delete_tcp_domain(tcp_rule_id)
return 412, u"数据中心添加策略失败"
deal_port.is_outer_service = True
if service.create_status == "complete":
body = region_api.manage_outer_port(service.service_region, tenant.tenant_name, service.service_alias,
deal_port.container_port, {
"operation": "open",
"enterprise_id": tenant.enterprise_id
})
logger.debug("open outer port body {}".format(body))
lb_mapping_port = body["bean"]["port"]
deal_port.lb_mapping_port = lb_mapping_port
deal_port.save()
return 200, "success"
def __save_port(self,
region_name,
tenant,
service,
tenant_service_ports,
governance_mode,
tenant_service_env_vars,
sync_flag=False):
port_2_envs = dict()
for env in tenant_service_env_vars:
container_port = env.get("container_port")
if not container_port:
continue
envs = port_2_envs.get(container_port) if port_2_envs.get(
container_port) else []
envs.append(env)
port_2_envs[container_port] = envs
port_list = []
for port in tenant_service_ports:
port.pop("ID")
k8s_service_name = port.get("k8s_service_name", "")
if k8s_service_name:
try:
port_repo.get_by_k8s_service_name(tenant.tenant_id,
k8s_service_name)
k8s_service_name += "-" + make_uuid()[-4:]
# update port if k8s_service_name has changed.
body = port
body["k8s_service_name"] = k8s_service_name
if sync_flag:
port_service.update_service_port(
tenant, region_name, service.service_alias, body)
except TenantServicesPort.DoesNotExist:
pass
new_port = TenantServicesPort(**port)
new_port.service_id = service.service_id
new_port.tenant_id = tenant.tenant_id
new_port.k8s_service_name = port.get("k8s_service_name")
port_list.append(new_port)
# make sure the value of X_HOST env is correct
envs = port_2_envs.get(port["container_port"])
if envs:
for env in envs:
if not env.get("container_port"
) or not env["attr_name"].endswith("_HOST"):
continue
origin_attr_value = env["attr_value"]
if governance_mode == GovernanceModeEnum.BUILD_IN_SERVICE_MESH.name:
env["attr_value"] = "127.0.0.1"
else:
env["attr_value"] = k8s_service_name
# update env if attr_value has changed.
if origin_attr_value != env["attr_value"] and sync_flag:
region_api.update_service_env(
region_name, tenant.tenant_name,
service.service_alias, {
"env_name": env["attr_name"],
"env_value": env["attr_value"]
})
if port_list:
TenantServicesPort.objects.bulk_create(port_list)
region = region_repo.get_region_by_region_name(
service.service_region)
for port in port_list:
if port.is_outer_service:
if port.protocol == "http":
service_domains = domain_repo.get_service_domain_by_container_port(
service.service_id, port.container_port)
# 在domain表中保存数据
if service_domains:
for service_domain in service_domains:
service_domain.is_outer_service = True
service_domain.save()
else:
# 在service_domain表中保存数据
service_id = service.service_id
service_name = service.service_alias
container_port = port.container_port
domain_name = str(container_port) + "." + str(
service_name) + "." + str(
tenant.tenant_name) + "." + str(
region.httpdomain)
create_time = datetime.datetime.now().strftime(
'%Y-%m-%d %H:%M:%S')
protocol = "http"
http_rule_id = make_uuid(domain_name)
tenant_id = tenant.tenant_id
service_alias = service.service_cname
region_id = region.region_id
domain_repo.create_service_domains(
service_id, service_name, domain_name,
create_time, container_port, protocol,
http_rule_id, tenant_id, service_alias,
region_id)
else:
service_tcp_domains = tcp_domain.get_service_tcp_domains_by_service_id_and_port(
service.service_id, port.container_port)
if service_tcp_domains:
for service_tcp_domain in service_tcp_domains:
# 改变tcpdomain表中状态
service_tcp_domain.is_outer_service = True
service_tcp_domain.save()
else:
# 在service_tcp_domain表中保存数据
res, data = region_api.get_port(
region.region_name, tenant.tenant_name, True)
if int(res.status) != 200:
continue
end_point = str(region.tcpdomain) + ":" + str(
data["bean"])
service_id = service.service_id
service_name = service.service_alias
create_time = datetime.datetime.now().strftime(
'%Y-%m-%d %H:%M:%S')
container_port = port.container_port
protocol = port.protocol
service_alias = service.service_cname
tcp_rule_id = make_uuid(end_point)
tenant_id = tenant.tenant_id
region_id = region.region_id
tcp_domain.create_service_tcp_domains(
service_id, service_name, end_point,
create_time, container_port, protocol,
service_alias, tcp_rule_id, tenant_id,
region_id)
