def sync_namespace(self, request, project_id):
"""同步命名空间
用来同步线上和本地存储的数据,并进行secret等的处理,保证数据一致
"""
resp = paas_cc.get_all_clusters(request.user.token.access_token,
project_id,
desire_all_data=1)
if resp.get('code') != ErrorCode.NoError:
raise error_codes.APIError(
f'get cluster error {resp.get("message")}')
data = resp.get('data') or {}
results = data.get('results')
if not results:
raise error_codes.ResNotFoundError(
f'not found cluster in project: {project_id}')
# 共享集群的命名空间只能通过产品创建,不允许同步
cluster_id_list = [
info['cluster_id'] for info in results
if get_cluster_type(info['cluster_id']) != ClusterType.SHARED
]
# 触发后台任务进行同步数据
sync_ns_task.delay(
request.user.token.access_token,
project_id,
request.project.project_code,
request.project.kind,
cluster_id_list,
request.user.username,
)
request.audit_ctx.update_fields(description=_("同步项目下所有集群的命名空间"))
return response.Response({'code': 0, 'message': 'task is running'})
def get_cluster_list(self, request, project_id):
cluster_resp = paas_cc.get_all_clusters(
request.user.token.access_token, project_id)
if cluster_resp.get('code') != ErrorCode.NoError:
raise error_codes.APIError.f(cluster_resp.get('message'))
cluster_data = cluster_resp.get('data') or {}
return cluster_data.get('results') or []
def get_cluser_list_by_user_perm(self, request, project_id):
"""
获取项目下所有集群(对接 iam v3 时去除了权限控制)
"""
cluster_data = paas_cc.get_all_clusters(
request.user.token.access_token, project_id).get('data') or {}
return cluster_data.get('results') or []
def _get_cluster_map(self, project_id):
"""获取集群dict"""
resp = paas_cc.get_all_clusters(self.request.user.token.access_token, project_id, desire_all_data=1)
data = resp.get("data") or {}
cluster_list = data.get("results") or []
cluster_map = {i["cluster_id"]: i for i in cluster_list}
return cluster_map
def get_project_cluster_info(access_token, project_id):
"""get all cluster from project
"""
project_cluster = paas_cc.get_all_clusters(access_token, project_id, desire_all_data=1)
if project_cluster.get('code') != ErrorCode.NoError:
raise error_codes.APIError(project_cluster.get('message'))
return project_cluster.get('data') or {}
def sync_namespace(self, request, project_id):
"""同步命名空间
用来同步线上和本地存储的数据,并进行secret等的处理,保证数据一致
"""
resp = paas_cc.get_all_clusters(request.user.token.access_token,
project_id,
desire_all_data=1)
if resp.get('code') != ErrorCode.NoError:
raise error_codes.APIError(
f'get cluster error {resp.get("message")}')
data = resp.get('data') or {}
results = data.get('results')
if not results:
raise error_codes.ResNotFoundError(
f'not found cluster in project: {project_id}')
cluster_id_list = [info['cluster_id'] for info in results]
# 触发后台任务进行同步数据
sync_ns_task.delay(
request.user.token.access_token,
project_id,
request.project.project_code,
request.project.kind,
cluster_id_list,
request.user.username,
)
return response.Response({'code': 0, 'message': 'task is running'})
def get_cluster_id_names_map(access_token, project_id):
resp = paas_cc.get_all_clusters(access_token, project_id, desire_all_data=1)
if resp.get('code') != ErrorCode.NoError:
raise error_codes.APIError(f'get project cluster error, {resp.get("message")}')
data = resp.get('data') or {}
results = data.get('results') or []
return {info['cluster_id']: info['name'] for info in results if info}
def get_cluster_list(self, request, project_id):
resp = get_all_clusters(request.user.token.access_token,
project_id,
desire_all_data=1)
if resp.get("code") != ErrorCode.NoError:
return {}
return resp.get("data") or {}
def get_cluster_list(self, request, project_id):
cluster_resp = paas_cc.get_all_clusters(
request.user.token.access_token, project_id, desire_all_data=1)
if cluster_resp.get('code') != ErrorCode.NoError:
logger.error('get cluster error, %s', cluster_resp)
return {}
return cluster_resp.get('data') or {}
def get_cluster_names_and_envs(self, access_token, project_id):
"""获取集群下名称和环境对应关系
"""
cluster = paas_cc.get_all_clusters(access_token, project_id, desire_all_data=True)
cluster = cluster.get('data', {}).get('results') or []
cluster_names = {i['cluster_id']: i['name'] for i in cluster}
cluster_envs = {i['cluster_id']: i['environment'] for i in cluster}
return cluster_names, cluster_envs
def get_project_clusters(access_token, project_id):
resp = paas_cc.get_all_clusters(access_token,
project_id,
desire_all_data=1)
if resp.get('code') != ErrorCode.NoError:
raise error_codes.APIError(
_("获取项目下集群信息异常,{}").format(resp.get('message')))
return resp['data'].get('results') or []
def get_project_cluster_info(self, request, project_id):
"""获取项目下所有集群信息"""
resp = paas_cc.get_all_clusters(request.user.token.access_token,
project_id,
desire_all_data=1)
if resp.get("code") != ErrorCode.NoError:
raise error_codes.APIError.f(resp.get("message"))
return resp.get("data") or {}
def get_clusters(access_token, project_id):
resp = paas_cc.get_all_clusters(access_token,
project_id,
desire_all_data=True)
if resp.get('code') != ErrorCode.NoError:
raise error_codes.APIError(
f"get clusters error, {resp.get('message')}")
return resp.get('data', {}).get('results', [])
def _get_cluster_list(self, project_id):
"""获取集群列表
"""
resp = paas_cc.get_all_clusters(self.request.user.token.access_token,
project_id,
desire_all_data=1)
data = resp.get("data") or {}
cluster_list = data.get("results") or []
return cluster_list
def get_cluster_name_id_map(self, access_token, project_id):
resp = get_all_clusters(access_token, project_id, desire_all_data=True)
if resp.get("code") != ErrorCode.NoError:
raise error_codes.APIError.f(resp.get("message"))
data = resp.get("data") or {}
results = data.get("results") or []
if not results:
raise error_codes.CheckFailed.f("查询项目下集群失败,请稍后重试")
return {info["cluster_id"]: info["name"] for info in results}
def get_project_cluster(self, request, project_id):
"""获取项目下集群信息"""
project_cluster = paas_cc.get_all_clusters(request.user.token.access_token, project_id, desire_all_data=True)
if project_cluster.get('code') != ErrorCode.NoError:
logger.error('Request cluster info error, detail: %s' % project_cluster.get('message'))
return {}
data = project_cluster.get('data') or {}
results = data.get('results') or []
return {info['cluster_id']: info for info in results} if results else {}
def has_cluster(self, request, project_id):
"""判断项目下是否有集群"""
resp = paas_cc.get_all_clusters(request.user.token.access_token, project_id)
if resp.get("code") != ErrorCode.NoError:
raise error_codes.APIError(resp.get("message"))
# 存在集群时,不允许修改
if resp.get("data", {}).get("count") > 0:
return True
return False
def get_project_clusters(access_token, project_id):
resp = paas_cc.get_all_clusters(access_token,
project_id,
desire_all_data=1)
if resp.get('code') != ErrorCode.NoError:
raise error_codes.APIError(
f'get project cluster error, {resp.get("message")}')
data = resp.get('data') or {}
return data.get('results') or []
def get_cluser_list_by_user_perm(self, request, project_id):
"""获取用户所有有使用权限的命名空间"""
access_token = request.user.token.access_token
cluster_data = paas_cc.get_all_clusters(access_token, project_id).get('data') or {}
cluster_list = cluster_data.get('results') or []
perm = bcs_perm.Cluster(request, project_id, bcs_perm.NO_RES)
cluster_list = perm.hook_perms(request, project_id, cluster_list, filter_use=True)
return cluster_list
def _get_cluster_map(self, project_id: str) -> Dict:
"""
获取集群配置信息
:param project_id: 项目 ID
:return: {cluster_id: cluster_info}
"""
resp = paas_cc.get_all_clusters(self.request.user.token.access_token,
project_id)
clusters = getitems(resp, 'data.results', [])
return {i['cluster_id']: i for i in clusters}
def get_instance(self, request, project_id, metric_id):
"""查询Metric实例化的详细信息
"""
ref = MetricModel.objects.filter(project_id=project_id,
pk=metric_id).first()
if not ref:
raise error_codes.ResNotFoundError(_('metric不存在'))
metric_name = ref.name
# 查询项目下的所有集群id列表
access_token = request.user.token.access_token
cluster_data = paas_cc.get_all_clusters(access_token,
project_id).get('data') or {}
cluster_list = cluster_data.get('results') or []
cluster_dict = {}
for _n in cluster_list:
_env = _n['environment']
if _env in cluster_dict:
cluster_dict[_env].append(_n['cluster_id'])
else:
cluster_dict[_env] = [_n['cluster_id']]
# 查询项目下的命名空间列表
access_token = request.user.token.access_token
result = paas_cc.get_namespace_list(access_token,
project_id,
with_lb=0,
limit=ALL_LIMIT)
ns_list = result.get('data', {}).get('results') or []
ns_dict = {}
for _n in ns_list:
ns_dict[_n['name']] = _n['id']
if request.project.kind == ProjectKind.MESOS.value:
# mesos
category_list = ['application', 'deployment']
else:
category_list = POD_RES_LIST
instance_info = InstanceConfig.objects.filter(
is_deleted=False, category__in=category_list).exclude(
ins_state=InsState.NO_INS.value)
data = []
# 根据集群的环境不同调用不同环境的storageAPI
for env, cluster_id_list in cluster_dict.items():
metric_instance_list = get_metric_instances(
access_token, project_id, metric_name, env, cluster_id_list,
ns_dict, instance_info)
data.extend(metric_instance_list)
return Response(data)
def get_project_clusters(self, request, project_id):
"""查询项目下所有的集群"""
resp = paas_cc.get_all_clusters(request.user.token.access_token, project_id, limit=1000, offset=0)
if resp.get("code") != ErrorCode.NoError:
return False, APIResponse({"code": resp.get("code", DEFAULT_ERROR_CODE), "message": resp.get("message")})
# 获取集群id list
cluster_id_list = []
data = resp.get("data") or {}
for info in data.get("results") or []:
cluster_id_list.append(info["cluster_id"])
return True, cluster_id_list
def get_project_clusters(access_token: str, project_id: str) -> ComponentData:
"""获取集群信息"""
cluster_info = paas_cc.get_all_clusters(access_token, project_id)
result = cluster_info.get('code') == ErrorCode.NoError
message = cluster_info.get('message', '')
data = {}
clusters = cluster_info.get('data')
for i in clusters.get('results') or ():
if i.get('status') == CommonStatus.Normal:
data[i["cluster_id"]] = i
return ComponentData(result, data, message)
def _get_cluster_map(self, project_id: str) -> Dict:
"""
获取集群配置信息
:param project_id: 项目 ID
:return: {cluster_id: cluster_info}
"""
resp = paas_cc.get_all_clusters(self.request.user.token.access_token,
project_id)
# `data.results` 可能为 None,做类型兼容处理
clusters = getitems(resp, 'data.results', []) or []
# 添加共享集群
clusters = append_shared_clusters(clusters)
return {i['cluster_id']: i for i in clusters}
def list_clusters(self, request, project_id):
params = request.query_params
params_slz = BaseParamsSLZ(data=params)
params_slz.is_valid(raise_exception=True)
params_slz = params_slz.data
resp = paas_cc.get_all_clusters(params_slz["access_token"], project_id, desire_all_data=True)
if resp.get("code") != ErrorCode.NoError:
raise error_codes.APIError.f(resp.get("message"))
data = resp.get("data") or {}
results = data.get("results") or []
if not results:
raise error_codes.CheckFailed.f("查询项目下集群失败,请稍后重试")
return Response(results)
def validate_cluster_id(self, cluster_id):
access_token = self.context['request'].user.token.access_token
project_id = self.context['project_id']
result = paas_cc.get_all_clusters(
access_token, project_id, limit=constants.ALL_LIMIT)
if result.get('code') != 0:
raise ValidationError("校验 cluster_id 失败,%s" %
result.get('message'))
data = result['data']
if not data or data['count'] == 0:
raise ValidationError("cluster_id 不正确")
for cluster in data['results']:
if cluster_id == cluster['cluster_id']:
return cluster_id
raise ValidationError("cluster_id 不正确")
def get(self, request, project_id):
""" 获取项目下所有的服务 """
# 获取kind
logger.debug("get project kind: %s" % project_id)
project_kind = request.project.kind
logger.debug("get project clusters: %s" % project_id)
cluster_dicts = self.get_project_cluster_info(request, project_id)
cluster_data = cluster_dicts.get('results', {}) or {}
params = dict(request.GET.items())
params.update({
"env": "mesos" if project_kind == MESOS_VALUE else "k8s",
})
data = []
access_token = request.user.token.access_token
cluster = paas_cc.get_all_clusters(access_token,
project_id,
limit=constants.ALL_LIMIT)
cluster = cluster.get('data', {}).get('results') or []
cluster = {i['cluster_id']: i['name'] for i in cluster}
# 获取命名空间的id
namespace_dict = app_utils.get_ns_id_map(
request.user.token.access_token, project_id)
# 项目下的所有模板集id
all_template_id_list = Template.objects.filter(
project_id=project_id).values_list('id', flat=True)
all_template_id_list = [
str(template_id) for template_id in all_template_id_list
]
skip_namespace_list = constants.K8S_SYS_NAMESPACE
skip_namespace_list.extend(constants.K8S_PLAT_NAMESPACE)
for cluster_info in cluster_data:
cluster_id = cluster_info.get('cluster_id')
if params.get('cluster_id') and params['cluster_id'] != cluster_id:
continue
cluster_name = cluster_info.get('name')
code, cluster_services = self.get_services_by_cluster_id(
request,
params,
project_id,
cluster_id,
project_kind=project_kind)
if code != ErrorCode.NoError:
continue
for _s in cluster_services:
_config = _s.get('data', {})
annotations = _config.get('metadata',
{}).get('annotations', {})
_s['update_time'] = annotations.get(ANNOTATIONS_UPDATE_TIME,
'')
_s['updator'] = annotations.get(ANNOTATIONS_UPDATOR, '')
_s['cluster_name'] = cluster_name
_s['status'] = 'Running'
_s['environment'] = cluster_info.get('environment')
_s['can_update'] = True
_s['can_update_msg'] = ''
_s['can_delete'] = True
_s['can_delete_msg'] = ''
namespace_id = namespace_dict.get(
(cluster_id, _s['namespace'])) if namespace_dict else None
_s['namespace_id'] = namespace_id
labels = _config.get('metadata', {}).get('labels', {})
template_id = labels.get(LABLE_TEMPLATE_ID)
# 资源来源
source_type = labels.get(SOURCE_TYPE_LABEL_KEY)
if not source_type:
source_type = "template" if template_id else "other"
_s['source_type'] = SOURCE_TYPE_MAP.get(source_type)
# 处理 k8s 的系统命名空间的数据
if project_kind == 1 and _s['namespace'] in skip_namespace_list:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = _(
"不允许操作系统命名空间")
continue
# 非模板集创建,可以删除但是不可以更新
_s['can_update'] = False
_s['can_update_msg'] = _("所属模板集不存在,无法操作")
if template_id and template_id in all_template_id_list:
_s['can_update'] = True
_s['can_update_msg'] = ''
data += cluster_services
# 按时间倒序排列
data.sort(key=lambda x: x.get('createTime', ''), reverse=True)
if data:
# 检查是否用命名空间的使用权限
perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES)
data = perm.hook_perms(data,
ns_id_flag='namespace_id',
cluster_id_flag='clusterId',
ns_name_flag='namespace')
return APIResponse({
"code": ErrorCode.NoError,
"data": {
"data": data,
"length": len(data)
},
"message": "ok"
})
def get_cluster_id_name_map(self, access_token, project_id):
cluster_list = paas_cc.get_all_clusters(access_token, project_id)
data = cluster_list.get("data", {}).get("results") or []
return {i["cluster_id"]: i for i in data}
def get_all_cluster(self, request, project_id):
resp = paas_cc.get_all_clusters(request.user.token.access_token, project_id)
if (resp.get('code') != ErrorCode.NoError) or (not resp.get('data')):
raise error_codes.APIError('search cluster error')
return resp.get('data') or {}
def get(self, request, project_id):
""" 获取项目下所有的服务 """
# 获取kind
logger.debug("get project kind: %s" % project_id)
flag, project_kind = self.get_project_kind(request, project_id)
if not flag:
return project_kind
logger.debug("get project clusters: %s" % project_id)
cluster_dicts = self.get_project_cluster_info(request, project_id)
cluster_data = cluster_dicts.get('results', {}) or {}
params = dict(request.GET.items())
params.update({
"env": "mesos" if project_kind == 2 else "k8s",
})
data = []
access_token = request.user.token.access_token
cluster = paas_cc.get_all_clusters(
access_token, project_id, limit=constants.ALL_LIMIT)
cluster = cluster.get('data', {}).get('results') or []
cluster = {i['cluster_id']: i['name'] for i in cluster}
# 获取命名空间的id
namespace_res = paas_cc.get_namespace_list(
access_token, project_id, limit=constants.ALL_LIMIT)
namespace_data = namespace_res.get('data', {}).get('results') or []
namespace_dict = {i['name']: i['id'] for i in namespace_data}
# 项目下的所有模板集id
all_template_id_list = Template.objects.filter(project_id=project_id).values_list('id', flat=True)
all_template_id_list = [str(template_id) for template_id in all_template_id_list]
skip_namespace_list = constants.K8S_SYS_NAMESPACE
skip_namespace_list.extend(constants.K8S_PLAT_NAMESPACE)
for cluster_info in cluster_data:
cluster_id = cluster_info.get('cluster_id')
cluster_name = cluster_info.get('name')
code, cluster_services = self.get_services_by_cluster_id(
request, params, project_id, cluster_id, project_kind=project_kind)
if code != ErrorCode.NoError:
continue
for _s in cluster_services:
_config = _s.get('data', {})
annotations = _config.get(
'metadata', {}).get('annotations', {})
_s['update_time'] = annotations.get(
ANNOTATIONS_UPDATE_TIME, '')
_s['updator'] = annotations.get(ANNOTATIONS_UPDATOR, '')
_s['cluster_name'] = cluster_name
_s['status'] = 'Running'
_s['environment'] = cluster_info.get('environment')
_s['can_update'] = True
_s['can_update_msg'] = ''
_s['can_delete'] = True
_s['can_delete_msg'] = ''
namespace_id = namespace_dict.get(_s['namespace'])
_s['namespace_id'] = namespace_id
labels = _config.get('metadata', {}).get('labels', {})
template_id = labels.get(LABLE_TEMPLATE_ID)
# 资源来源
source_type = labels.get(SOURCE_TYPE_LABEL_KEY)
if not source_type:
source_type = "template" if template_id else "other"
_s['source_type'] = SOURCE_TYPE_MAP.get(source_type)
# 处理 k8s 的系统命名空间的数据
if project_kind == 1 and _s['namespace'] in skip_namespace_list:
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = u"不允许操作系统命名空间"
continue
# 非模板集创建,可以删除但是不可以更新
_s['can_update'] = False
_s['can_update_msg'] = u"所属模板集不存在,无法操作"
if template_id and template_id in all_template_id_list:
_s['can_update'] = True
_s['can_update_msg'] = ''
# if template_id:
# is_tempalte_exist = Template.objects.filter(id=template_id).exists()
# if is_tempalte_exist:
# _s['can_update'] = True
# _s['can_update_msg'] = ''
# 备注中的更新时间比 db 中的更新时间早的话,不允许更新 (watch 上报数据会有延迟)
if _s['can_update'] and _s['update_time']:
if project_kind == 2:
# mesos 相关数据
s_cate = 'service'
else:
s_cate = 'K8sService'
# 获取db中的更新时间
_instance_sets = InstanceConfig.objects.filter(
namespace=namespace_id,
category=s_cate,
name=_s['resourceName'],
is_deleted=False
)
if _instance_sets:
is_upateing = _instance_sets.filter(
updated__gt=_s['update_time'], oper_type='update').exists()
if is_upateing:
_s['status'] = 'updating'
_s['can_update'] = _s['can_delete'] = False
_s['can_update_msg'] = _s['can_delete_msg'] = u"正在更新中,请稍后操作"
data += cluster_services
# 按时间倒序排列
data.sort(key=lambda x: x.get('createTime', ''), reverse=True)
if data:
# 检查是否用命名空间的使用权限
perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES)
data = perm.hook_perms(data, ns_id_flag='namespace_id', cluster_id_flag='clusterId',
ns_name_flag='namespace')
return APIResponse({
"code": ErrorCode.NoError,
"data": {
"data": data,
"length": len(data)
},
"message": "ok"
})
