def deploy_ca_certs(file_path_list,
remote_ip,
user,
password,
dest_dir,
no_delete=None):
"""
Copy files to remote node and remove local files
"""
CommonTools.remote_mkdir_with_mode(dest_dir,
Constant.AUTH_COMMON_DIR_STR,
remote_ip, user, password)
for file_path in file_path_list:
dest_file_path = os.path.join(dest_dir,
os.path.basename(file_path))
status, output = CommonTools.remote_copy_files(
remote_ip, user, password, file_path, dest_file_path)
if status != 0:
raise Exception(Errors.EXECUTE_RESULT['gauss_0406'] %
(remote_ip, output))
g.logger.debug('Successfully copy [%s] to remote node[%s]' %
(file_path, remote_ip))
if no_delete:
file_path_list = [
file for file in file_path_list if file not in no_delete
]
CommonTools.remove_files(file_path_list)
def _copy_lib():
"""
Copy lib file to project path
"""
from_path = os.path.realpath(os.path.join(EXTRACT_DIR, Constant.AI_LIB_PATH))
to_path = PYTHON_PATH
CommonTools.copy_file_to_dest_path(from_path, to_path)
g.logger.info('Successfully to copy lib files.')
def _clean_manager_dir(self):
"""
Clean install path before unpack.
"""
file_list = os.listdir(self.ai_manager_path)
if file_list:
g.logger.info('Start clean install path, file list:[%s]' % file_list)
CommonTools.clean_dir(self.ai_manager_path)
def _copy_manager_files(self):
"""
Copy manager files to manager dir
"""
from_path = os.path.join(os.path.dirname(os.path.dirname(
os.path.realpath(__file__))), Constant.AI_MANAGER_PATH)
to_path = self.ai_manager_path
CommonTools.copy_file_to_dest_path(from_path, to_path)
g.logger.info('Successfully to copy files to manager path.')
def _mk_manager_dir(self):
"""
Create install path if the path is not exist.
"""
if not os.path.isdir(self.ai_manager_path):
g.logger.info('Install path:%s is not exist, start creating.' % self.ai_manager_path)
CommonTools.mkdir_with_mode(self.ai_manager_path, Constant.AUTH_COMMON_DIR_STR)
else:
g.logger.info('Install path:%s is already exist.' % self.ai_manager_path)
def restore_db_file(status, db_cabin, back_up_path):
"""
Restore db file.
"""
if status:
CommonTools.mkdir_with_mode(os.path.dirname(db_cabin),
Constant.AUTH_COMMON_DIR_STR)
CommonTools.copy_file_to_dest_path(back_up_path, db_cabin)
else:
g.logger.info('No need Restore db file.')
def prepare_param_file(self):
"""
Write params into file
"""
param_file_path = os.path.join(EXTRACT_DIR,
Constant.TEMP_ANOMALY_PARAM_FILE)
self.param_dict.pop(Constant.CA_INFO)
CommonTools.mkdir_with_mode(os.path.dirname(param_file_path),
Constant.AUTH_COMMON_DIR_STR)
CommonTools.dict_to_json_file(self.param_dict, param_file_path)
self._copy_param_file_to_remote_node(param_file_path, param_file_path)
def _clean_remote_manager_dir(self):
"""
Clean install path before unpack.
"""
for node in self.agent_nodes:
ip = node.get(Constant.NODE_IP)
uname = node.get(Constant.NODE_USER)
pwd = node.get(Constant.NODE_PWD)
CommonTools.retry_remote_clean_dir(self.manager_path, ip, uname,
pwd)
g.logger.info('Successfully clean manager path on node:[%s]' % ip)
def record_version_info(self):
"""
Record install time, version, install path in record file.
"""
time_install = datetime.now().strftime("%Y-%m-%d, %H:%M:%S")
content = '|'.join([time_install, self.version, self.install_path
]) + '\n'
CommonTools.add_content_to_file(VERSION_RECORD_FILE_INDEX_ADVISOR,
content)
CommonTools.delete_early_record(VERSION_RECORD_FILE_INDEX_ADVISOR,
Constant.VERSION_FILE_MAX_LINES)
g.logger.info('Successfully record version information.')
def _mk_remote_manager_dir(self):
"""
Create install path if the path is not exist.
"""
for node in self.agent_nodes:
ip = node.get(Constant.NODE_IP)
uname = node.get(Constant.NODE_USER)
pwd = node.get(Constant.NODE_PWD)
CommonTools.remote_mkdir_with_mode(self.manager_path,
Constant.AUTH_COMMON_DIR_STR,
ip, uname, pwd)
g.logger.info('Successfully create manager path dir on node:[%s]' %
ip)
def deploy_module_files(self):
"""
Copy files to module path.
"""
from_path = os.path.join(
os.path.dirname(
os.path.dirname(
os.path.dirname(os.path.dirname(
os.path.realpath(__file__))))), self.module_name)
to_path = os.path.realpath(
os.path.join(self.install_path, self.module_name))
CommonTools.copy_file_to_dest_path(from_path, to_path)
g.logger.info('Successfully to copy files to package path.')
def __create_logfile(self):
"""
function: create log file
input : N/A
output: N/A
"""
try:
if not os.path.isdir(os.path.dirname(self.log_file)):
CommonTools.mkdir_with_mode(os.path.dirname(self.log_file),
Constant.AUTH_COMMON_DIR_STR)
CommonTools.create_file_if_not_exist(self.log_file)
except Exception as error:
raise Exception(Errors.EXECUTE_RESULT['gauss_0411'] % error)
def get_lock_file(self):
"""
Get lock file path for cron service.
"""
lock_file_dir = TMP_DIR
CommonTools.mkdir_with_mode(lock_file_dir,
Constant.AUTH_COMMON_DIR_STR)
lock_file_name = ''
for name in Constant.TASK_NAME_LIST:
if name in self.cmd.split('role')[-1]:
lock_file_name = 'ai_' + name + '.lock'
if not lock_file_name:
raise Exception(Errors.CONTENT_OR_VALUE['gauss_0502'] % self.cmd)
else:
return os.path.join(lock_file_dir, lock_file_name)
def _get_install_path_with_no_package(self):
"""
Get version info from version file with relative path
:return:
"""
version_file = os.path.join(os.path.dirname(os.path.dirname(os.path.dirname(
os.path.dirname(os.path.realpath(__file__))))), Constant.VERSION_FILE)
version = CommonTools.get_version_info_from_file(version_file)
g.logger.info('Got version info:%s' % version)
base_dir = Constant.PACK_PATH_PREFIX + version
install_path = os.path.join(self.project_path, base_dir)
g.logger.info('Got install path:%s.' % install_path)
CommonTools.check_path_valid(install_path)
g.logger.info('Successfully to get install path.')
return install_path, version
def remote_install(self):
"""
Remote install agent on all nodes
"""
install_script_path = os.path.join(
self.install_path, Constant.ANOMALY_DETECTION_INSTALL_SCRIPT_PATH)
param_file_path = os.path.join(EXTRACT_DIR,
Constant.TEMP_ANOMALY_PARAM_FILE)
cmd = Constant.EXECUTE_REMOTE_SCRIPT % (
Constant.CMD_PREFIX, install_script_path, param_file_path)
params_list = [
(node.get(Constant.NODE_IP), node.get(Constant.NODE_USER),
node.get(Constant.NODE_PWD), cmd) for node in self.agent_nodes
]
CommonTools.parallel_execute(self.remote_install_single_agent,
params_list)
def modify_config_file(self, remote=False):
"""
Modify config file with "config_info" in param file.
"""
config_path = os.path.realpath(
os.path.join(self.install_path,
Constant.ANOMALY_DETECTION_CONFIG_PATH))
g.logger.info('Got config file path:[%s]' % config_path)
if not os.path.isfile(config_path):
raise Exception(Errors.FILE_DIR_PATH['gauss_0102'] % config_path)
config_info = self.param_dict.get('config_info')
if not remote:
CommonTools.modify_config_file(config_path, config_info)
else:
CommonTools.modify_agent_config_file(config_path, config_info)
g.logger.info('Successfully modify config file.')
def try_to_kill_process_exist(self):
"""
Try to kill process, if already exist
"""
script_path = os.path.realpath(
os.path.join(self.install_path, Constant.ANORMALY_MAIN_SCRIPT))
process_list = [
(cmd % (Constant.CMD_PREFIX, os.path.dirname(script_path),
script_path)).split(self.version)[-1]
for cmd in self.service_list
]
for process in process_list:
process_num = CommonTools.check_process(process)
if process_num:
CommonTools.grep_process_and_kill(process)
g.logger.info('Killed process of [%s]' % process)
def check_remote_params(self):
funcs = CommonTools.get_funcs(params_checkers)
for param_name, param_value in self.param_dict.items():
if param_name not in params_checkers.PARAMS_CHECK_MAPPING:
raise Exception(Errors.PARAMETER['gauss_0203'] % param_name)
funcs[params_checkers.PARAMS_CHECK_MAPPING[param_name]](
param_value)
def create_root_certificate(ca_password, ca_crt_path, ca_key_path,
config_path):
"""
function : create root ca file
input : rand pass, dir path of certificates, config path
output : NA
"""
if not os.path.isfile(config_path):
raise Exception(Errors.FILE_DIR_PATH['gauss_0102'] % config_path)
CommonTools.mkdir_with_mode(os.path.dirname(ca_crt_path),
Constant.AUTH_COMMON_DIR_STR)
CommonTools.mkdir_with_mode(os.path.dirname(ca_key_path),
Constant.AUTH_COMMON_DIR_STR)
ca_req_path = os.path.realpath(
os.path.join(os.path.dirname(ca_crt_path), Constant.CA_ROOT_REQ))
# create ca key file
cmd = "%s echo '%s' |openssl genrsa -aes256 -passout stdin -out %s 2048" % (
Constant.CMD_PREFIX, ca_password, ca_key_path)
cmd += " && %s" % Constant.SHELL_CMD_DICT['changeMode'] % (
Constant.AUTH_COMMON_FILE_STR, ca_key_path)
status, output = CommonTools.get_status_output_error(cmd, mixed=True)
if status != 0:
raise Exception(Errors.EXECUTE_RESULT['gauss_0414'] %
'ca root key file')
# 2 create ca req file
cmd = "%s echo '%s' | openssl req -new -out %s -key %s -config %s -passin stdin" % (
Constant.CMD_PREFIX, ca_password, ca_req_path, ca_key_path,
config_path)
cmd += " && %s" % Constant.SHELL_CMD_DICT['changeMode'] % (
Constant.AUTH_COMMON_FILE_STR, ca_req_path)
status, output = CommonTools.get_status_output_error(cmd, mixed=True)
if status != 0:
raise Exception(Errors.EXECUTE_RESULT['gauss_0414'] %
'ca root req file')
# 3 create ca crt file
cmd = "%s echo '%s' | openssl x509 -req -in %s " \
"-signkey %s -days %s -out %s -passin stdin" % (
Constant.CMD_PREFIX, ca_password, ca_req_path,
ca_key_path, Constant.CA_ROOT_VALID_DATE, ca_crt_path)
cmd += " && %s" % Constant.SHELL_CMD_DICT['changeMode'] % (
Constant.AUTH_COMMON_FILE_STR, ca_crt_path)
status, output = CommonTools.get_status_output_error(cmd, mixed=True)
if status != 0:
raise Exception(Errors.EXECUTE_RESULT['gauss_0414'] %
'ca root crt file')
CommonTools.remove_files([ca_req_path])
g.logger.info(
'Successfully generate ca root certificate, file path[%s].' %
ca_crt_path)
def get_rand_str():
"""
function: get random passwd
input: NA
output: passwd
"""
uppercmd = 'openssl rand -base64 12 | tr "[0-9][a-z]" "[A-Z]" | tr -d [/+=] |cut -c 1-3'
lowercmd = 'openssl rand -base64 12 | tr "[0-9][A-Z]" "[a-z]" | tr -d [/+=] |cut -c 1-4'
numcmd = 'openssl rand -base64 12 | md5sum | tr "[a-z]" "[0-9]" |cut -c 1-3'
strcmd = 'openssl rand -base64 48 | tr "[0-9][a-z][A-Z]" "[~@_#*]" | tr -d [/+=] |cut -c 1-1'
upper_code, upper_output, upper_error = CommonTools.get_status_output_error(
uppercmd)
lower_code, lower_output, lower_error = CommonTools.get_status_output_error(
lowercmd)
num_code, num_output, num_error = CommonTools.get_status_output_error(
numcmd)
str_code, str_output, str_error = CommonTools.get_status_output_error(
strcmd)
if any([upper_code, lower_code, num_code, str_code]):
raise Exception(Errors.EXECUTE_RESULT['gauss_0412'] %
str([upper_code, lower_code, num_code, str_code]))
rand_pwd = 'G' + upper_output.strip() + lower_output.strip() + \
num_output.strip() + str_output.strip()
if len(rand_pwd) == Constant.RANDOM_PASSWD_LEN:
return rand_pwd
rand_pwd = "G"
cmd_tuple = (uppercmd, lowercmd, numcmd, strcmd)
out_tuple = (upper_output.strip(), lower_output.strip(),
num_output.strip(), str_output.strip())
str_len = (3, 4, 3, 1)
for i in range(4):
if len(out_tuple[i]) != str_len[i]:
count = 0
while True:
count += 1
_, output, _ = CommonTools.get_status_output_error(
cmd_tuple[i])
if len(output.strip()) == str_len[i]:
rand_pwd += output.strip()
break
if count > 100:
raise Exception(Errors.EXECUTE_RESULT['gauss_0413'] %
(cmd_tuple[i], 'generate rand pwd'))
else:
rand_pwd += out_tuple[i].strip()
return rand_pwd
def check_params(self):
lost_checker = LostChecker(self.arg_dict)
lost_checker.run()
funcs = CommonTools.get_funcs(params_checkers)
for param_name, param_value in self.arg_dict.items():
if param_name not in params_checkers.PARAMS_CHECK_MAPPING:
raise Exception(Errors.PARAMETER['gauss_0203'] % param_name)
funcs[params_checkers.PARAMS_CHECK_MAPPING[param_name]](param_value)
def create_env_file_if_not_exist(self):
"""
Create env file
"""
ret = CommonTools.create_file_if_not_exist(self.env_file_path)
if ret:
g.logger.info('Successfully create env file.')
else:
g.logger.info('Env file already exist.')
def clean_module_path(self):
"""
Delete files in install path.
"""
status, output = CommonTools.clean_dir(self.module_path)
if status != 0:
g.logger.warning('Failed clean path:[%s]' % self.module_path)
else:
g.logger.info('Successfully clean install path:[%s]' % self.module_path)
def clean_remote_module_dir(self):
"""
Clean install path before unpack.
"""
for node in self.install_nodes:
ip = node.get(Constant.NODE_IP)
uname = node.get(Constant.NODE_USER)
pwd = node.get(Constant.NODE_PWD)
_, output = CommonTools.retry_remote_clean_dir(self.module_path, ip, uname, pwd)
g.logger.info('Result of clean module path on node:[%s], output:%s' % (ip, output))
def _copy_param_file_to_remote_node(self, path_from, path_to):
"""
Copy params file to remote agent node
"""
for node in self.agent_nodes:
ip = node.get(Constant.NODE_IP)
uname = node.get(Constant.NODE_USER)
pwd = node.get(Constant.NODE_PWD)
CommonTools.remote_mkdir_with_mode(os.path.dirname(path_to),
Constant.AUTH_COMMON_DIR_STR,
ip, uname, pwd)
status, output = CommonTools.remote_copy_files(
ip, uname, pwd, path_from, path_to)
if status != 0:
raise Exception(Errors.EXECUTE_RESULT['gauss_0406'] %
(ip, output))
else:
g.logger.info(
'Successfully copy install param file to node[%s].' % ip)
def _get_install_info():
"""
Get installed information from record file.
install time | install version | install path
"""
install_time, install_version, install_path = '', '', ''
if not os.path.isfile(VERSION_RECORD_FILE_INDEX_ADVISOR):
raise Exception(
Errors.FILE_DIR_PATH['gauss_0102'] % VERSION_RECORD_FILE_INDEX_ADVISOR)
install_info = CommonTools.read_last_line_from_file(
VERSION_RECORD_FILE_INDEX_ADVISOR).strip()
if install_info:
install_time, install_version, install_path = install_info.split('|')
# check path valid
CommonTools.check_path_valid(install_path)
if not os.path.isdir(install_path):
raise Exception(Errors.FILE_DIR_PATH['gauss_0103'] % install_path)
else:
g.logger.info('Successfully got index advisor install path[%s].' % install_path)
return install_time, install_version, install_path
def remote_install_single_agent(params):
"""
Remote install single node agent
"""
ip, uname, pwd, cmd = params
g.logger.debug('Install node[%s], cmd[%s]' % (ip, cmd))
g.logger.info('Starting install on node:[%s], please wait ...' % ip)
status, output = CommonTools.remote_execute_cmd(ip, uname, pwd, cmd)
if status != 0:
raise Exception(Errors.EXECUTE_RESULT['gauss_0418'] % (ip, output))
g.logger.info('Install result on node:[%s]-output:%s\n' % (ip, output))
def create_ca_certificate_with_script(ca_password,
ssl_password,
ca_crt_path,
ca_key_path,
config_path,
out_crt_path,
out_key_path,
ip,
crt_type='server'):
"""
function : create server ca file or client ca file with shell script.
input : rand pass, dir path of certificates, config path
"""
if not os.path.isfile(config_path):
raise Exception(Errors.FILE_DIR_PATH['gauss_0102'] %
'config file:%s' % config_path)
if not os.path.isfile(ca_crt_path):
raise Exception(Errors.FILE_DIR_PATH['gauss_0102'] %
'ca crt file:%s' % ca_crt_path)
if not os.path.isfile(ca_key_path):
raise Exception(Errors.FILE_DIR_PATH['gauss_0102'] %
'ca key file:%s' % ca_key_path)
CommonTools.mkdir_with_mode(os.path.dirname(out_key_path),
Constant.AUTH_COMMON_DIR_STR)
CommonTools.mkdir_with_mode(os.path.dirname(out_crt_path),
Constant.AUTH_COMMON_DIR_STR)
ca_req_path = os.path.realpath(
os.path.join(os.path.dirname(ca_crt_path), Constant.CA_REQ))
pwd = "%s %s" % (ca_password, ssl_password)
script_path = os.path.join(os.path.dirname(os.path.realpath(__file__)),
'bin/gen_certificate.sh')
cmd = "unset LD_LIBRARY_PATH && echo '%s' | sh %s %s %s %s %s %s %s %s" % (
pwd, script_path, ca_crt_path, ca_key_path, out_crt_path,
out_key_path, ca_req_path, ip, crt_type)
status, output = CommonTools.get_status_output_error(cmd, mixed=True)
if status != 0:
raise Exception(Errors.EXECUTE_RESULT['gauss_0414'] %
'ca crt file' + output)
g.logger.info("Successfully generate %s ssl cert for node[%s]." %
(crt_type, ip))
def read_ca_cert_path(self, agent_only=False):
"""
Read ca certs path from config file
"""
ad_config_path = os.path.join(self.install_path,
Constant.ANOMALY_DETECTION_CONFIG_PATH)
# read agent cert path
agent_cert_path = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_AGENT_CERT, self.module_path)
# read agent key path
agent_key_path = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_AGENT_KEY, self.module_path)
# read ca root cert path
ca_root_file_path = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_CA_PATH, self.module_path)
if agent_only:
return [agent_key_path, agent_cert_path, ca_root_file_path]
# get ca root key path
ca_root_key_path = ca_root_file_path + '.key'
# read server cert path
server_cert_path = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_SERVER_CERT, self.module_path)
# read server key path
server_key_path = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_SECURITY,
Constant.AD_CONF_SERVER_KEY, self.module_path)
# judge the basename of path is duplicate
file_names = [
os.path.basename(file) for file in [
ca_root_file_path, server_cert_path, server_key_path,
agent_cert_path, agent_key_path
]
]
if len(file_names) != len(set(file_names)):
raise Exception(Errors.CONTENT_OR_VALUE['gauss_0504'])
return ca_root_file_path, ca_root_key_path, server_cert_path, \
server_key_path, agent_cert_path, agent_key_path
def backup_db_file(self):
"""
Backup data file.
"""
ad_config_path = os.path.join(self.install_path,
Constant.ANOMALY_DETECTION_CONFIG_PATH)
if not os.path.isfile(ad_config_path):
g.logger.info('Config file not exist, can not backup db file')
return False, None, None
db_cabin = CommonTools.read_info_from_config_file(
ad_config_path, Constant.AD_CONF_SECTION_DATABASE,
Constant.AD_CONF_DATABASE_PATH, self.module_path)
if os.path.isdir(db_cabin):
g.logger.info('Start backup db file.')
back_up_path = os.path.join(EXTRACT_DIR,
os.path.basename(db_cabin))
CommonTools.copy_file_to_dest_path(db_cabin, back_up_path)
return True, db_cabin, back_up_path
else:
g.logger.info('No need backup db file.')
return False, None, None
