def write(self, content, oper, log_dict={}): ''' 写入日志,追加方式 日志格式为 写入年月日 时分秒 写入时间戳 日志级别 操作用户 日志内容(字符串或者字典) :参数 log_dict : 日志字典 oper : 操作者 content : 日志内容 isdubug:是否为debug日志 :返回 一个元组,(False,原因)或者(True, 文件名) ''' if not content : return (False , '日志内容为空!!!!') from library.utils.dict import _2dot content = _2dot(content) try : content = json.dumps(content) except : content = str(content) # json的标准格式:要求必须 只能使用双引号作为键 或者 值的边界符号,不能使用单引号,而且“键”必须使用边界符(双引号) if log_dict == {} or not log_dict or not isinstance(log_dict, dict) : log_dict = self.default_log_dict try : dest = log_dict['dest'] if dest != 'file': level = self.default_log_dict['level'] log_file = self.default_log_dict['file'] else : level = log_dict['level'] if level not in level_list : level = self.default_log_dict['level'] log_file = log_dict['file'] except : level = self.default_log_dict['level'] log_file = self.default_log_dict['file'] if not oper : oper = 'unknown' from library.utils.time_conv import timestamp2datetime curl_time = timestamp2datetime(fmt='%Y-%m-%d %H:%M:%S') message = curl_time + self.delimiter + str(time.time()) + self.delimiter + level + self.delimiter + oper + self.delimiter + content + '\n' if level == 'debug' : from library.utils.traceback import get_traceback caller_str = get_traceback() message = message + caller_str + '\n' from library.utils.file import write_file result = write_file(log_file , 'a' , message, force=True , backup=False) return result
def decrypt_file(self, filename): result = self._handle_ciphertext(filename=filename) if not result[0]: if not result[1]: return (False, result[2]) else: # 这是一个ansible-vault加密的数据,使用ansible-vault进行处理 result = self._ansible_vault_encrpyt(result[2]) if result[0]: data = result[1] result = write_file(filename, 'w', data, force=True, backup=False) if result[1]: self.logger.info('解密ansible文件' + filename + '成功,注:使用ansible2.3版本方法') else: self.logger.error('解密ansible数据' + filename + '失败,无法写入文件,原因:' + result[1] + ',注:使用ansible2.3版本方法') return result else: self.logger.error('解密ansible数据' + filename + '失败,原因:' + result[1] + ',注:使用ansible2.3版本方法') return result else: if not result[1]: result = write_file(filename, 'w', result[2], force=True, backup=False) if not result[0]: self.logger.error('解密ansible数据' + filename + '失败,无法写入文件,原因:' + result[1] + ',注:使用本系统自定义方法') return result result = self.cipher.decrypt_file(filename) if result[0]: self.logger.info('解密ansible文件' + filename + '成功,注:使用本系统自定义方法') else: self.logger.error('解密ansible数据' + filename + '失败,原因:' + result[1] + ',注:使用本系统自定义方法') return result
def _write_file(self, filename, data): ''' 把数据写入文件 :parm filename:文件名 data:数据 ''' result = write_file(filename, 'w', data, force=True, backup=False) if not result[0]: return (False, result[1]) return (True, filename)
def _write2file(self, content, filename): ''' 写入文件,如果处理加密数据等,应该放在这里 :parm content:写入的内容 filename:指定文件名 ''' if not isinstance(content, str) : self.logger.error('将yaml原始数据写入文件' + filename + '失败,原因:参数错误,content必须为字符串') return (False, '参数错误,content必须为字符串') result = write_file(filename , 'w' , content, force=True) if result[0] : self.logger.error('将yaml原始数据写入文件' + filename + '成功') return (True, filename) else : self.logger.error('将yaml原始数据写入文件' + filename + '失败,原因:' + result[1]) return (False, '写入文件失败,' + result[1])
def rekey_file(self, filename, new_password): result = self._handle_ciphertext(filename=filename) if not result[0]: if not result[1]: return (False, result[2]) else: # 这是一个ansible-vault加密的数据,使用ansible-vault进行处理 result = self._ansible_vault_encrpyt(result[2]) if result[0]: self.logger.info('修改ansible加密文件' + filename + '的vault密码成功,注:使用ansible2.3版本方法') return self.cipher.encrypt_file(filename) else: self.logger.error('修改ansible加密文件' + filename + '的vault密码失败,原因:' + result[1] + ',注:使用ansible2.3版本方法') return result else: if not result[1]: result = write_file(filename, 'w', result[2], force=True, backup=False) if not result[0]: self.logger.error('修改ansible加密文件' + filename + '的vault密码失败,无法写入文件,原因:' + result[1] + ',注:使用本系统自定义方法') return result result = self.cipher.rekey_file(filename, new_password) if result[0]: self.logger.info('修改ansible加密文件' + filename + '的vault密码成功,注:使用本系统自定义方法') else: self.logger.error('修改ansible加密文件' + filename + '的vault密码失败,原因:' + result[1] + ',注:使用本系统自定义方法') return result
def write_file(self, username, vault_password, group_list=[]): self.init_para(username) result = self.get_data(username, self.inve_rediskey, self.inve_mongocollect, force=False, mongoshare=False) if not group_list or not (isinstance(group_list, (list, tuple)) or group_list == 'all') or 'all' in group_list: group_list = self.group_list used_hosts_list = [] group_dict = {} if result[0] : allhost_data = result[1] for data in allhost_data : result = self.decryp_dict(username, vault_password, data, self.host_vault_list) if not result[0] : return result data = result[1] group = data.get('group', []) try : for g in group : if g in group_list : name = data.get('name', '') if g not in group_dict : if g != 'all' : group_dict[g] = [] if name not in used_hosts_list : ansible_ssh_host = data['ssh_host'] ansible_ssh_port = data.get('ssh_port', '') ansible_ssh_user = data.get('ssh_user', '') ansible_ssh_pass = data.get('ssh_pass', '') ansible_sudo_pass = data.get('sudo_pass', '') ansible_sudo_exec = data.get('sudo_exec', '') ansible_ssh_private_key_file = data.get('ssh_private_key_file', '') ansible_shell_type = data.get('shell_type', '') ansible_connection = data.get('connection', '') ansible_python_interpreter = data.get('python_interpreter', '') host_str = str(name) + ' ansible_ssh_host=' + str(ansible_ssh_host) protect_str = str(name) + ' ansible_ssh_host=' + str(ansible_ssh_host) if ansible_ssh_port : host_str = host_str + ' ansible_ssh_port=' + str(ansible_ssh_port) protect_str = protect_str + ' ansible_ssh_port=' + str(ansible_ssh_port) if ansible_ssh_user : host_str = host_str + ' ansible_ssh_user='******' ansible_ssh_user='******' ansible_ssh_pass='******' ansible_ssh_pass='******'***hidden***' if ansible_sudo_pass : host_str = host_str + ' ansible_sudo_pass='******' ansible_sudo_pass='******'***hidden***' if ansible_sudo_exec : host_str = host_str + ' ansible_sudo_exec=' + str(ansible_sudo_exec) protect_str = protect_str + ' ansible_sudo_exec=' + str(ansible_sudo_exec) if ansible_ssh_private_key_file : host_str = host_str + ' ansible_ssh_private_key_file=' + str(ansible_ssh_private_key_file) protect_str = protect_str + ' ansible_ssh_private_key_file=' + '***hidden***' if ansible_shell_type : host_str = host_str + ' ansible_shell_type=' + str(ansible_shell_type) protect_str = protect_str + ' ansible_shell_type=' + str(ansible_shell_type) if ansible_connection : host_str = host_str + ' ansible_connection=' + str(ansible_connection) protect_str = protect_str + ' ansible_connection=' + str(ansible_connection) if ansible_python_interpreter : host_str = host_str + ' ansible_python_interpreter=' + str(ansible_python_interpreter) protect_str = protect_str + ' ansible_python_interpreter=' + str(ansible_python_interpreter) group_dict[g].append((host_str, protect_str)) used_hosts_list.append(name) except : pass content_str = '' protect_content_str = '' for group in group_dict : content_list = group_dict[group] if content_str : content_str = content_str + '\n[' + group + ']' protect_content_str = protect_content_str + '\n[' + group + ']' else : content_str = '[' + group + ']' protect_content_str = '[' + group + ']' for content in content_list : host_str = content[0] protect_str = content[1] content_str = content_str + '\n' + host_str protect_content_str = protect_content_str + '\n' + protect_str content_str = content_str + '\n' protect_content_str = protect_content_str + '\n' inve_file = '/dev/shm/lykops/ansible/inventory_' + random_str() result = write_file(inve_file , 'w' , content_str) if result[0] : self.logger.info('将用户' + username + '主机按照ansible的hosts.conf格式写入临时文件成功') return (True, inve_file, protect_content_str) else : self.logger.info('将用户' + username + '主机按照ansible的hosts.conf格式写入临时文件失败,原因:' + result[1]) return result