def push_role_to_asset(asset_list, role, username, proxy=None):
"""from permManage.ansible_api import MyTask
推送系统用户到远程主机上
"""
try:
proxy_assets = Asset.objects.filter(proxy__proxy_name=proxy.proxy_name)
need_push_assets = list(set(asset_list) & set(proxy_assets))
push_resource = gen_resource(need_push_assets)
# TODO 调用Ansible API 进行推送
host_list = [asset.networking.all()[0].ip_address for asset in need_push_assets]
host_names = [asset.name for asset in need_push_assets]
if host_list:
task = MyTask(push_resource, host_list)
ret = {}
# 因为要先建立用户,而push key是在 password也完成的情况下的可选项
# 1. 以秘钥 方式推送角色
role_proxy = get_one_or_all('PermRole', proxy, role.uuid_id)
ret["pass_push"] = task.add_user(role.name, proxy, role.system_groups, username)
time.sleep(1) # 暂停1秒,保证用户创建完成之后再推送key
ret["key_push"] = task.push_key(role.name, os.path.join(role_proxy['key_path'], 'id_rsa.pub'),
proxy, username)
# 2. 推送账号密码 <为了安全 系统用户统一使用秘钥进行通信,不再提供密码方式的推送>
# 3. 推送sudo配置文件
sudo_list = [sudo for sudo in role.sudo.all()]
if sudo_list:
sudo_uuids = [sudo.uuid_id for sudo in role.sudo.all()]
ret['sudo'] = task.push_sudo(role, sudo_uuids, proxy, username)
logger.info('推送用户结果ret:%s'%ret)
# TODO 将事件放进queue中
event_task_names = []
if ret.has_key('pass_push'):
tk_pass_push = ret['pass_push']['task_name']
event_task_names.append(tk_pass_push)
if ret.has_key('key_push'):
tk_key_push = ret['key_push']['task_name']
event_task_names.append(tk_key_push)
if ret.has_key('sudo'):
if 'task_name' in ret['sudo']:
tk_sudo_push = ret['sudo']['task_name']
event_task_names.append(tk_sudo_push)
event = dict(push_assets=host_names, role_name=role.name, password_push=False,
key_push=True, task_proxy=proxy.proxy_name)
event['tasks'] = event_task_names
event['username'] = username
task_queue.put(event)
# TODO 记录task事件
for item in event['tasks']:
tk = Task()
tk.task_name = item
tk.status = 'running'
tk.start_time = datetime.datetime.now()
tk.username = username
tk.save()
except Exception as e:
raise ServerError(e)
def push_role_to_asset(asset_list, role, username, proxy=None):
"""from permManage.ansible_api import MyTask
推送系统用户到远程主机上
"""
try:
proxy_assets = Asset.objects.filter(proxy__proxy_name=proxy.proxy_name)
need_push_assets = list(set(asset_list) & set(proxy_assets))
push_resource = gen_resource(need_push_assets)
# TODO 调用Ansible API 进行推送
host_list = [
asset.networking.all()[0].ip_address for asset in need_push_assets
]
host_names = [asset.name for asset in need_push_assets]
if host_list:
task = MyTask(push_resource, host_list)
ret = {}
# 因为要先建立用户,而push key是在 password也完成的情况下的可选项
# 1. 以秘钥 方式推送角色
role_proxy = get_one_or_all('PermRole', proxy, role.uuid_id)
ret["pass_push"] = task.add_user(role.name, proxy,
role.system_groups, username)
time.sleep(1) # 暂停1秒,保证用户创建完成之后再推送key
ret["key_push"] = task.push_key(
role.name, os.path.join(role_proxy['key_path'], 'id_rsa.pub'),
proxy, username)
# 2. 推送账号密码 <为了安全 系统用户统一使用秘钥进行通信,不再提供密码方式的推送>
# 3. 推送sudo配置文件
sudo_list = [sudo for sudo in role.sudo.all()]
if sudo_list:
sudo_uuids = [sudo.uuid_id for sudo in role.sudo.all()]
ret['sudo'] = task.push_sudo(role, sudo_uuids, proxy, username)
logger.info('推送用户结果ret:%s' % ret)
# TODO 将事件放进queue中
event_task_names = []
if ret.has_key('pass_push'):
tk_pass_push = ret['pass_push']['task_name']
event_task_names.append(tk_pass_push)
if ret.has_key('key_push'):
tk_key_push = ret['key_push']['task_name']
event_task_names.append(tk_key_push)
if ret.has_key('sudo'):
if 'task_name' in ret['sudo']:
tk_sudo_push = ret['sudo']['task_name']
event_task_names.append(tk_sudo_push)
event = dict(push_assets=host_names,
role_name=role.name,
password_push=False,
key_push=True,
task_proxy=proxy.proxy_name)
event['tasks'] = event_task_names
event['username'] = username
task_queue.put(event)
# TODO 记录task事件
for item in event['tasks']:
tk = Task()
tk.task_name = item
tk.status = 'running'
tk.start_time = datetime.datetime.now()
tk.username = username
tk.save()
except Exception as e:
raise ServerError(e)
