def delete(self, request, *args, **kwargs):
"""
二次确认删除组件
---
parameters:
- name: tenantName
description: 租户名
required: true
type: string
paramType: path
- name: service_id
description: 组件id
required: true
type: string
paramType: form
"""
service_id = request.data.get("service_id", None)
service = service_repo.get_service_by_service_id(service_id)
app_manage_service.delete_again(self.user,
self.tenant,
service,
is_force=True)
result = general_message(200, "success", "操作成功", bean={})
return Response(result, status=result["code"])
def get_service_mnt_details(self, tenant, service, volume_types, page=1, page_size=20):
all_mnt_relations = mnt_repo.get_service_mnts_filter_volume_type(tenant.tenant_id, service.service_id, volume_types)
total = len(all_mnt_relations)
mnt_paginator = JuncheePaginator(all_mnt_relations, int(page_size))
mnt_relations = mnt_paginator.page(page)
mounted_dependencies = []
if mnt_relations:
for mount in mnt_relations:
dep_service = service_repo.get_service_by_service_id(mount.dep_service_id)
if dep_service:
gs_rel = group_service_relation_repo.get_group_by_service_id(dep_service.service_id)
group = None
if gs_rel:
group = group_repo.get_group_by_pk(tenant.tenant_id, service.service_region, gs_rel.group_id)
dep_volume = volume_repo.get_service_volume_by_name(dep_service.service_id, mount.mnt_name)
if dep_volume:
mounted_dependencies.append({
"local_vol_path": mount.mnt_dir,
"dep_vol_name": dep_volume.volume_name,
"dep_vol_path": dep_volume.volume_path,
"dep_vol_type": dep_volume.volume_type,
"dep_app_name": dep_service.service_cname,
"dep_app_group": group.group_name if group else '未分组',
"dep_vol_id": dep_volume.ID,
"dep_group_id": group.ID if group else -1,
"dep_app_alias": dep_service.service_alias
})
return mounted_dependencies, total
def delete(self, request, *args, **kwargs):
"""
二次确认删除应用
---
parameters:
- name: tenantName
description: 租户名
required: true
type: string
paramType: path
- name: service_id
description: 应用id
required: true
type: string
paramType: form
"""
service_id = request.data.get("service_id", None)
identitys = team_services.get_user_perm_identitys_in_permtenant(
user_id=self.user.user_id, tenant_name=self.tenant_name)
perm_tuple = team_services.get_user_perm_in_tenant(user_id=self.user.user_id, tenant_name=self.tenant_name)
if "delete_service" not in perm_tuple and "owner" not in identitys and "admin" \
not in identitys and "developer" not in identitys:
return Response(general_message(400, "Permission denied", "没有删除应用权限"), status=400)
service = service_repo.get_service_by_service_id(service_id)
code, msg = app_manage_service.delete_again(self.user, self.tenant, service, is_force=True)
bean = {}
if code != 200:
return Response(general_message(code, "delete service error", msg, bean=bean), status=code)
result = general_message(code, "success", "操作成功", bean=bean)
return Response(result, status=result["code"])
def delete(self, request, *args, **kwargs):
"""
删除策略
"""
try:
service_id = request.data.get("service_id", None)
http_rule_id = request.data.get("http_rule_id", None)
if not http_rule_id or not service_id:
return Response(general_message(400, "params error", "参数错误"),
status=400)
service = service_repo.get_service_by_service_id(service_id)
if not service:
return Response(general_message(400, "not service", "服务不存在"),
status=400)
# 解绑域名
code, msg = domain_service.unbind_httpdomain(
self.tenant, service, http_rule_id)
if code != 200:
return Response(general_message(code, "delete domain error",
msg),
status=code)
result = general_message(200, "success", "策略删除成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def update_kubernetes_services(self, tenant, region_name, app_id,
k8s_services):
from console.services.app_config import port_service
service_ids = group_service_relation_repo.list_serivce_ids_by_app_id(
tenant.tenant_id, region_name, app_id)
for k8s_service in k8s_services:
port_service.check_k8s_service_name(
tenant.tenant_id, k8s_service.get("k8s_service_name"),
k8s_service["service_id"], k8s_service["port"])
# check if the given k8s_services belong to the app based on app_id
if k8s_service["service_id"] not in service_ids:
raise AbortRequest("service({}) not belong to app({})".format(
k8s_service["service_id"], app_id))
# bulk_update is only available after django 2.2
for k8s_service in k8s_services:
service = service_repo.get_service_by_service_id(
k8s_service["service_id"])
port = port_repo.get_service_port_by_port(tenant.tenant_id,
service.service_id,
k8s_service["port"])
port_service.change_port_alias(
tenant,
service,
port,
k8s_service["port_alias"],
k8s_service["k8s_service_name"],
)
def get(self, request, *args, **kwargs):
# 获取单个tcp/udp策略信息
try:
tcp_rule_id = request.GET.get("tcp_rule_id", None)
# 判断参数
if not tcp_rule_id:
return Response(general_message(400, "parameters are missing", "参数缺失"), status=400)
tcpdomain = tcp_domain.get_service_tcpdomain_by_tcp_rule_id(tcp_rule_id)
if tcpdomain:
bean = tcpdomain.to_dict()
service = service_repo.get_service_by_service_id(tcpdomain.service_id)
service_alias = service.service_cname if service else ''
group_name = ''
g_id = 0
if service:
gsr = group_service_relation_repo.get_group_by_service_id(service.service_id)
if gsr:
group = group_repo.get_group_by_id(int(gsr.group_id))
group_name = group.group_name if group else ''
g_id = int(gsr.group_id)
bean.update({"service_alias": service_alias})
bean.update({"group_name": group_name})
bean.update({"g_id": g_id})
result = general_message(200, "success", "查询成功", bean=bean)
else:
bean = dict()
result = general_message(200, "success", "查询成功", bean=bean)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def get_service_unmnt_details(self, tenant, service, service_ids, page,
page_size):
services = service_repo.get_services_by_service_ids(*service_ids)
current_tenant_services_id = service_ids
# 已挂载的服务路径
dep_mnt_names = mnt_repo.get_service_mnts(
tenant.tenant_id, service.service_id).values_list('mnt_name',
flat=True)
# 当前未被挂载的共享路径
service_volumes = volume_repo.get_services_volumes(
current_tenant_services_id).filter(
volume_type__in=[self.SHARE, self.CONFIG]).exclude(
service_id=service.service_id).exclude(
volume_name__in=dep_mnt_names)
# 只展示无状态的服务组件(有状态服务的存储类型为config-file也可)
logger.debug('----------volumes----->{0}'.format(
type(service_volumes)))
volumes = list(service_volumes)
for volume in volumes:
service_obj = service_repo.get_service_by_service_id(
volume.service_id)
if service_obj:
if service_obj.extend_method != "stateless" and volume.volume_type != "config-file":
volumes.remove(volume)
total = len(volumes)
volume_paginator = JuncheePaginator(volumes, int(page_size))
page_volumes = volume_paginator.page(page)
un_mount_dependencies = []
for volume in page_volumes:
gs_rel = group_service_relation_repo.get_group_by_service_id(
volume.service_id)
group = None
if gs_rel:
group = group_repo.get_group_by_pk(tenant.tenant_id,
service.service_region,
gs_rel.group_id)
un_mount_dependencies.append({
"dep_app_name":
services.get(service_id=volume.service_id).service_cname,
"dep_app_group":
group.group_name if group else '未分组',
"dep_vol_name":
volume.volume_name,
"dep_vol_path":
volume.volume_path,
"dep_vol_type":
volume.volume_type,
"dep_vol_id":
volume.ID,
"dep_group_id":
group.ID if group else -1,
"dep_app_alias":
services.get(service_id=volume.service_id).service_alias
})
return un_mount_dependencies, total
def get_service_unmnt_details(self, tenant, service, service_ids, page,
page_size, q):
services = service_repo.get_services_by_service_ids(service_ids)
current_tenant_services_id = service_ids
# 已挂载的组件路径
dep_mnts = mnt_repo.get_service_mnts(tenant.tenant_id,
service.service_id)
dep_volume_ids = [dep_mnt.volume_id for dep_mnt in dep_mnts]
# 当前未被挂载的共享路径
service_volumes = volume_repo.get_services_volumes(current_tenant_services_id) \
.filter(volume_type__in=[self.SHARE, self.CONFIG]) \
.exclude(service_id=service.service_id) \
.exclude(ID__in=dep_volume_ids).filter(q)
# 只展示无状态的组件(有状态组件的存储类型为config-file也可)
volumes = list(service_volumes)
copy_volumes = copy.copy(volumes)
for volume in copy_volumes:
service_obj = service_repo.get_service_by_service_id(
volume.service_id)
if service_obj:
if is_state(service_obj.extend_method):
if volume.volume_type != "config-file":
volumes.remove(volume)
total = len(volumes)
volume_paginator = JuncheePaginator(volumes, int(page_size))
page_volumes = volume_paginator.page(page)
un_mount_dependencies = []
for volume in page_volumes:
gs_rel = group_service_relation_repo.get_group_by_service_id(
volume.service_id)
group = None
if gs_rel:
group = group_repo.get_group_by_pk(tenant.tenant_id,
service.service_region,
gs_rel.group_id)
un_mount_dependencies.append({
"dep_app_name":
services.get(service_id=volume.service_id).service_cname,
"dep_app_group":
group.group_name if group else '未分组',
"dep_vol_name":
volume.volume_name,
"dep_vol_path":
volume.volume_path,
"dep_vol_type":
volume.volume_type,
"dep_vol_id":
volume.ID,
"dep_group_id":
group.ID if group else -1,
"dep_app_alias":
services.get(service_id=volume.service_id).service_alias
})
return un_mount_dependencies, total
def get_group_services_by_id(self, app_id):
services = group_service_relation_repo.get_services_by_group(app_id)
if not services:
return []
service_ids = [service.service_id for service in services]
cp_service_ids = copy.copy(service_ids)
for service_id in cp_service_ids:
service_obj = service_repo.get_service_by_service_id(service_id)
if service_obj and service_obj.service_source == "third_party":
service_ids.remove(service_id)
return service_ids
def post(self, request, *args, **kwargs):
"""
---
parameters:
- name: tenantName
description: 租户名
required: true
type: string
paramType: path
- name: action
description: 操作名称 stop| start|upgrade|deploy
required: true
type: string
paramType: form
- name: group_id
description: 组id
required: true
type: string
paramType: path
"""
action = request.data.get("action", None)
group_id = int(kwargs.get("group_id", None))
services = group_service_relation_repo.get_services_obj_by_group(
group_id)
if not services:
result = general_message(400, "not service", "当前组内无组件,无法操作")
return Response(result)
service_ids = [service.service_id for service in services]
if action not in ("stop", "start", "upgrade", "deploy"):
return Response(general_message(400, "param error", "操作类型错误"),
status=400)
# 去除掉第三方组件
for service_id in service_ids:
service_obj = service_repo.get_service_by_service_id(service_id)
if service_obj and service_obj.service_source == "third_party":
service_ids.remove(service_id)
if action == "stop":
self.has_perms([300006, 400008])
if action == "start":
self.has_perms([300005, 400006])
if action == "upgrade":
self.has_perms([300007, 400009])
if action == "deploy":
self.has_perms([300008, 400010])
# 批量操作
code, msg = app_manage_service.batch_operations(
self.tenant, self.user, action, service_ids, self.oauth_instance)
if code != 200:
result = general_message(code, "batch manage error", msg)
else:
result = general_message(200, "success", "操作成功")
return Response(result, status=result["code"])
def post(self, request, *args, **kwargs):
try:
container_port = request.data.get("container_port", None)
service_id = request.data.get("service_id", None)
end_point = request.data.get("end_point", None)
whether_open = request.data.get("whether_open", False)
rule_extensions = request.data.get("rule_extensions", None)
default_port = request.data.get("default_port", None)
default_ip = request.data.get("default_ip", None)
if not container_port or not service_id or not end_point:
return Response(general_message(400, "parameters are missing", "参数缺失"), status=400)
service = service_repo.get_service_by_service_id(service_id)
if not service:
return Response(general_message(400, "not service", "服务不存在"), status=400)
# 判断策略是否存在
service_tcpdomain = tcp_domain.get_tcpdomain_by_name_and_port(service.service_id, container_port, end_point)
if service_tcpdomain:
result = general_message(400, "faild", "策略已存在")
return Response(result)
if whether_open:
try:
tenant_service_port = port_service.get_service_port_by_port(service, container_port)
# 仅打开对外端口
code, msg, data = port_service.manage_port(self.tenant, service, service.service_region,
int(tenant_service_port.container_port), "only_open_outer",
tenant_service_port.protocol,
tenant_service_port.port_alias)
if code != 200:
return Response(general_message(code, "change port fail", msg), status=code)
except Exception:
raise
tenant_service_port = port_service.get_service_port_by_port(service, container_port)
if not tenant_service_port.is_outer_service:
return Response(general_message(200, "not outer port", "没有开启对外端口", bean={"is_outer_service": False}),
status=200)
# 添加tcp策略
code, msg, data = domain_service.bind_tcpdomain(self.tenant, self.user, service, end_point, container_port,
default_port, rule_extensions, default_ip)
if code != 200:
return Response(general_message(code, "bind domain error", msg), status=code)
result = general_message(200, "success", "tcp策略添加成功", bean=data)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def sync_dep_service(dep_service_id):
"""
raise RegionApiBaseHttpClient.CallApiError
"""
dep_service = service_repo.get_service_by_service_id(dep_service_id)
body = dict()
body["dep_service_id"] = dep_service.service_id
body["tenant_id"] = self.tenant.tenant_id
body["dep_service_type"] = dep_service.service_type
body["enterprise_id"] = self.tenant.enterprise_id
region_api.add_service_dependency(self.service.service_region, self.tenant.tenant_name, self.service.service_alias,
body)
def check_relation(self, tenant_id, service_id, dep_service_id):
"""
when creating service dependency, the dependent service needs to have an inner port.
"""
dep_service = service_repo.get_service_by_service_id(dep_service_id)
if dep_service is None:
raise ErrDepServiceNotFound(dep_service_id)
dep_service_relation = dep_relation_repo.get_depency_by_serivce_id_and_dep_service_id(
tenant_id, service_id, dep_service_id)
if dep_service_relation:
raise ServiceRelationAlreadyExist()
open_inner_services = port_repo.list_inner_ports(tenant_id, dep_service_id)
if not open_inner_services:
raise InnerPortNotFound()
def put(self, request, *args, **kwargs):
"""
编辑http策略
"""
try:
container_port = request.data.get("container_port", None)
domain_name = request.data.get("domain_name", None)
certificate_id = request.data.get("certificate_id", None)
service_id = request.data.get("service_id", None)
domain_path = request.data.get("domain_path", None)
domain_cookie = request.data.get("domain_cookie", None)
domain_heander = request.data.get("domain_heander", None)
rule_extensions = request.data.get("rule_extensions", None)
http_rule_id = request.data.get("http_rule_id", None)
the_weight = request.data.get("the_weight", 100)
# 判断参数
if not service_id or not container_port or not domain_name or not http_rule_id:
return Response(general_message(400, "parameters are missing", "参数缺失"), status=400)
service = service_repo.get_service_by_service_id(service_id)
if not service:
return Response(general_message(400, "not service", "服务不存在"), status=400)
# 判断域名格式(如果用户添加的域名与默认域名后缀一致,那么他后缀必须是 "租户别名.默认后缀"
#
# 比如默认域名后缀是:37e53f.grapps.cn 这个值来自于region_info http_domain
# 那么如果它绑定 xxx.37e53f.grapps.cn是不允许的,只能绑定:
# xxx.yaufe6r5.37e53f.grapps.cn
#
# 此限制是防止租户之间盗用域名。)
region = region_repo.get_region_by_region_name(service.service_region)
if domain_name.endswith(region.httpdomain):
domain_name_spt = domain_name.split(region.httpdomain)
if self.tenant.tenant_name != domain_name_spt[0].split('.')[len(domain_name_spt[0].split('.'))-2]:
return Response(general_message(400, "the domain name format is incorrect", "域名格式不正确"), status=400)
# 编辑域名
code, msg, data = domain_service.update_httpdomain(self.tenant, self.user, service, domain_name, container_port,
certificate_id, DomainType.WWW, domain_path,
domain_cookie, domain_heander, http_rule_id, the_weight, rule_extensions)
if code != 200:
return Response(general_message(code, "bind domain error", msg), status=code)
result = general_message(200, "success", "策略编辑成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def put(self, request, *args, **kwargs):
try:
container_port = request.data.get("container_port", None)
group_name = request.data.get("group_name", None)
service_id = request.data.get("service_id", None)
end_point = request.data.get("end_point", None)
tcp_rule_id = request.data.get("tcp_rule_id", None)
rule_extensions = request.data.get("rule_extensions", None)
type = request.data.get("type", None)
g_id = request.data.get("group_id", None)
default_ip = request.data.get("default_ip", None)
# 判断参数
if not tcp_rule_id:
return Response(general_message(400, "parameters are missing",
"参数缺失"),
status=400)
service = service_repo.get_service_by_service_id(service_id)
if not service:
return Response(general_message(400, "not service", "服务不存在"),
status=400)
# 查询端口协议
tenant_service_port = port_service.get_service_port_by_port(
service, container_port)
if tenant_service_port:
protocol = tenant_service_port.protocol
else:
protocol = ''
# 修改策略
code, msg = domain_service.update_tcpdomain(
self.tenant, self.user, service, end_point, container_port,
group_name, tcp_rule_id, protocol, type, g_id, rule_extensions,
default_ip)
if code != 200:
return Response(general_message(code, "bind domain error",
msg),
status=code)
result = general_message(200, "success", "策略修改成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def get_group_services_by_id(self, group_id):
service_group = group_repo.get_group_by_id(group_id)
if not service_group:
return None, None
tenant = team_repo.get_team_by_team_id(service_group.tenant_id)
services = group_service_relation_repo.get_services_by_group(group_id)
if not services:
return tenant, []
service_ids = [service.service_id for service in services]
cp_service_ids = copy.copy(service_ids)
for service_id in cp_service_ids:
service_obj = service_repo.get_service_by_service_id(service_id)
if service_obj:
if service_obj.service_source == "third_party":
service_ids.remove(service_id)
return tenant, service_ids
def change_lb_mapping_port(self, tenant, service, container_port, new_lb_mapping_port, mapping_service_id):
data = {"change_port": new_lb_mapping_port}
body = region_api.change_service_lb_mapping_port(service.service_region, tenant.tenant_name,
service.service_alias,
container_port, data)
current_port = port_repo.get_service_port_by_port(tenant.tenant_id, service.service_id, container_port)
exchange_port_info = port_repo.get_service_port_by_lb_mapping_port(mapping_service_id, new_lb_mapping_port)
if not current_port:
404, "应用端口{0}不存在".format(container_port)
if not exchange_port_info:
s = service_repo.get_service_by_service_id(mapping_service_id)
404, "应用{0}的端口{1}不存在".format(s.service_cname, new_lb_mapping_port)
exchange_port_info.lb_mapping_port = current_port.lb_mapping_port
exchange_port_info.save()
current_port.lb_mapping_port = new_lb_mapping_port
current_port.save()
return 200, "success"
def sync_dep_service(dep_service_id):
"""
raise RegionApiBaseHttpClient.CallApiError
"""
try:
app_relation_service.check_relation(self.service.tenant_id,
self.service.service_id,
dep_service_id)
except (ErrDepServiceNotFound, ServiceRelationAlreadyExist, InnerPortNotFound) as e:
logger.warning("failed to sync dependent service: {}".format(e))
return
dep_service = service_repo.get_service_by_service_id(dep_service_id)
body = dict()
body["dep_service_id"] = dep_service.service_id
body["tenant_id"] = self.tenant.tenant_id
body["dep_service_type"] = dep_service.service_type
body["enterprise_id"] = self.tenant.enterprise_id
region_api.add_service_dependency(self.tenant.region,
self.tenant.tenant_name,
self.service.service_alias, body)
def convert_todict(cgroup_items, cgroup_services):
# Convert application config group items to dict
config_group_items = []
if cgroup_items:
for i in cgroup_items:
cgi = i.to_dict()
config_group_items.append(cgi)
# Convert application config group services to dict
config_group_services = []
if cgroup_services:
for s in cgroup_services:
service = service_repo.get_service_by_service_id(s.service_id)
if not service:
continue
cgs = s.to_dict()
if service:
cgs["service_cname"] = service.service_cname
cgs["service_alias"] = service.service_alias
config_group_services.append(cgs)
return config_group_items, config_group_services
def post(self, request, *args, **kwargs):
"""
数据库备份数据,为回滚做准备
:param request:
:param args:
:param kwargs:
:return:
"""
service_id_list = request.data.get("service_ids", None)
if not service_id_list:
return Response(general_message(400, "service_ids is null",
"请指明需要备份数据的服务"),
status=400)
try:
data_backup_list = []
for service_id in service_id_list:
service_data = dict()
service_obj = service_repo.get_service_by_service_id(
service_id)
if not service_obj:
continue
# 备份数据
code, back_up_obj = market_app_service.service_backup_data(
self.tenant, service_obj, service_data)
if code != 200:
service_data["is_backup"] = False
service_data["service_cname"] = service_obj.service_cname
data_backup_list.append(service_data)
continue
service_data["is_backup"] = True
data_backup_list.append(service_data)
result = general_message(200,
"success",
"数据备份成功",
list=data_backup_list)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def get(self, request, *args, **kwargs):
"""
获取单个http策略
"""
try:
http_rule_id = request.GET.get("http_rule_id", None)
# 判断参数
if not http_rule_id:
return Response(general_message(400, "parameters are missing",
"参数缺失"),
status=400)
domain = domain_repo.get_service_domain_by_http_rule_id(
http_rule_id)
if domain:
bean = domain.to_dict()
if domain.certificate_id:
certificate_info = domain_repo.get_certificate_by_pk(
int(domain.certificate_id))
service = service_repo.get_service_by_service_id(
domain.service_id)
service_alias = service.service_cname if service else ''
group_name = ''
if service:
gsr = group_service_relation_repo.get_group_by_service_id(
service.service_id)
group = group_repo.get_group_by_id(int(gsr.group_id))
group_name = group.group_name if group else ''
bean.update({"certificate_name": certificate_info.alias})
bean.update({"service_alias": service_alias})
bean.update({"group_name": group_name})
else:
bean = dict()
result = general_message(200, "success", "查询成功", bean=bean)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def create_items_and_services(app_config_group, config_items, service_ids):
# create application config group items
if config_items:
for item in config_items:
group_item = {
"update_time":
time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(time.time())),
"app_id":
app_config_group.app_id,
"config_group_name":
app_config_group.config_group_name,
"item_key":
item["item_key"],
"item_value":
item["item_value"],
"config_group_id":
app_config_group.config_group_id,
}
app_config_group_item_repo.create(**group_item)
# create application config group services takes effect
if service_ids is not None:
for sid in service_ids:
s = service_repo.get_service_by_service_id(sid)
group_service = {
"update_time":
time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(time.time())),
"app_id":
app_config_group.app_id,
"config_group_name":
app_config_group.config_group_name,
"service_id":
s.service_id,
"config_group_id":
app_config_group.config_group_id,
}
app_config_group_service_repo.create(**group_service)
def post(self, request, *args, **kwargs):
"""
---
parameters:
- name: tenantName
description: 租户名
required: true
type: string
paramType: path
- name: action
description: 操作名称 stop| start|upgrade|deploy
required: true
type: string
paramType: form
- name: group_id
description: 组id
required: true
type: string
paramType: path
"""
try:
action = request.data.get("action", None)
group_id = int(kwargs.get("group_id", None))
services = group_service_relation_repo.get_services_obj_by_group(
group_id)
if not services:
result = general_message(400, "not service", "当前组内无应用,无法操作")
return Response(result)
service_ids = [service.service_id for service in services]
if action not in ("stop", "start", "upgrade", "deploy"):
return Response(general_message(400, "param error", "操作类型错误"),
status=400)
# 去除掉三方服务
for service_id in service_ids:
service_obj = service_repo.get_service_by_service_id(
service_id)
if service_obj:
if service_obj.service_source == "third_party":
service_ids.remove(service_id)
# 校验权限
identitys = team_services.get_user_perm_identitys_in_permtenant(
user_id=self.user.user_id, tenant_name=self.tenant_name)
perm_tuple = team_services.get_user_perm_in_tenant(
user_id=self.user.user_id, tenant_name=self.tenant_name)
if action == "stop":
if "stop_service" not in perm_tuple and "owner" not in identitys and "admin" not in identitys and "developer" not in identitys:
return Response(general_message(400, "Permission denied",
"没有关闭应用权限"),
status=400)
if action == "start":
if "start_service" not in perm_tuple and "owner" not in identitys and "admin" not in identitys and "developer" not in identitys:
return Response(general_message(400, "Permission denied",
"没有启动应用权限"),
status=400)
if action == "upgrade":
if "restart_service" not in perm_tuple and "owner" not in identitys and "admin" not in identitys and "developer" not in identitys:
return Response(general_message(400, "Permission denied",
"没有更新应用权限"),
status=400)
if action == "deploy":
if "deploy_service" not in perm_tuple and "owner" not in identitys and "admin" not in identitys and "developer" not in identitys:
return Response(general_message(400, "Permission denied",
"没有重新构建权限"),
status=400)
# 批量操作
code, msg = app_manage_service.batch_operations(
self.tenant, self.user, action, service_ids)
if code != 200:
result = general_message(code, "batch manage error", msg)
else:
result = general_message(200, "success", "操作成功")
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def get(self, request, tenantName, *args, **kwargs):
try:
page = int(request.GET.get("page", 1))
page_size = int(request.GET.get("page_size", 10))
search_conditions = request.GET.get("search_conditions", None)
tenant = team_services.get_tenant_by_tenant_name(tenantName)
region = region_repo.get_region_by_region_name(
self.response_region)
total = domain_repo.get_all_domain_count_by_tenant_and_region_id(
tenant.tenant_id, region.region_id)
start = (page - 1) * page_size
remaining_num = total - (page - 1) * page_size
end = page_size
if remaining_num < page_size:
end = remaining_num
try:
# 查询分页排序
if search_conditions:
cursor = connection.cursor()
cursor.execute(
"select domain_name, type, is_senior, certificate_id, group_name, service_alias, protocol, service_name, container_port, http_rule_id, service_id, domain_path, domain_cookie, domain_heander, the_weight, is_outer_service, g_id from service_domain where tenant_id='{0}' and region_id='{1}' and domain_name like '%{2}%' or service_alias like '%{3}%' or group_name like '%{4}%' order by type desc LIMIT {5},{6};"
.format(tenant.tenant_id, region.region_id,
search_conditions, search_conditions,
search_conditions, start, end))
tenant_tuples = cursor.fetchall()
else:
cursor = connection.cursor()
cursor.execute(
"select domain_name, type, is_senior, certificate_id, group_name, service_alias, protocol, service_name, container_port, http_rule_id, service_id, domain_path, domain_cookie, domain_heander, the_weight, is_outer_service, g_id from service_domain where tenant_id='{0}' and region_id='{1}' order by type desc LIMIT {2},{3};"
.format(tenant.tenant_id, region.region_id, start,
end))
tenant_tuples = cursor.fetchall()
except Exception as e:
logger.exception(e)
result = general_message(405, "faild", "查询数据库失败")
return Response(result)
# 拼接展示数据
domain_list = list()
for tenant_tuple in tenant_tuples:
service = service_repo.get_service_by_service_id(
tenant_tuple[10])
service_alias = service.service_cname if service else ''
group_name = ''
if service:
gsr = group_service_relation_repo.get_group_by_service_id(
service.service_id)
group = group_repo.get_group_by_id(int(gsr.group_id))
group_name = group.group_name if group else ''
domain_dict = dict()
certificate_info = domain_repo.get_certificate_by_pk(
int(tenant_tuple[3]))
if not certificate_info:
domain_dict["certificate_alias"] = ''
else:
domain_dict["certificate_alias"] = certificate_info.alias
domain_dict[
"domain_name"] = tenant_tuple[6] + "://" + tenant_tuple[0]
domain_dict["type"] = tenant_tuple[1]
domain_dict["is_senior"] = tenant_tuple[2]
domain_dict["group_name"] = group_name
domain_dict["service_cname"] = service_alias
domain_dict["service_alias"] = tenant_tuple[7]
domain_dict["container_port"] = tenant_tuple[8]
domain_dict["http_rule_id"] = tenant_tuple[9]
domain_dict["service_id"] = tenant_tuple[10]
domain_dict["domain_path"] = tenant_tuple[11]
domain_dict["domain_cookie"] = tenant_tuple[12]
domain_dict["domain_heander"] = tenant_tuple[13]
domain_dict["the_weight"] = tenant_tuple[14]
domain_dict["is_outer_service"] = tenant_tuple[15]
domain_dict["group_id"] = int(tenant_tuple[16])
domain_list.append(domain_dict)
bean = dict()
bean["total"] = total
result = general_message(200,
"success",
"查询成功",
list=domain_list,
bean=bean)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result)
def post(self, request, app_id, *args, **kwargs):
ads = PostGatewayRuleSerializer(data=request.data)
ads.is_valid(raise_exception=True)
if ads.data.get("protocol") == "tcp":
tcpdomain = ads.data.get("tcp")
if not tcpdomain:
raise ServiceHandleException(msg="Missing parameters: tcp", msg_show="缺少参数: tcp")
container_port = tcpdomain.get("container_port", None)
service_id = tcpdomain.get("service_id", None)
end_point = tcpdomain.get("end_point", None)
rule_extensions = tcpdomain.get("rule_extensions", None)
default_port = tcpdomain.get("default_port", None)
default_ip = tcpdomain.get("default_ip", None)
service = service_repo.get_service_by_service_id(service_id)
if not service:
raise ServiceHandleException(msg="not service", msg_show="组件不存在")
# Check if the given endpoint exists.
service_tcpdomain = tcp_domain.get_tcpdomain_by_end_point(self.region.region_id, end_point)
if service_tcpdomain:
raise ServiceHandleException(msg="exist", msg_show="策略已存在")
if service.service_source == "third_party":
msg, msg_show, code = port_service.check_domain_thirdpart(self.team, service)
if code != 200:
raise ServiceHandleException(msg=msg, msg_show=msg_show)
try:
tenant_service_port = port_service.get_service_port_by_port(service, container_port)
# 仅打开对外端口
code, msg, data = port_service.manage_port(self.team, service, service.service_region,
int(tenant_service_port.container_port), "only_open_outer",
tenant_service_port.protocol, tenant_service_port.port_alias)
if code != 200:
raise ServiceHandleException(status_code=code, msg="change port fail", msg_show=msg)
except Exception as e:
logger.exception(e)
raise ServiceHandleException(status_code=code, msg="change port fail", msg_show="open port failure")
# 添加tcp策略
domain_service.bind_tcpdomain(self.team, self.user, service, end_point, container_port, default_port,
rule_extensions, default_ip)
elif ads.data.get("protocol") == "http":
httpdomain = ads.data.get("http")
if not httpdomain:
raise ServiceHandleException(msg="Missing parameters: tcp", msg_show="缺少参数: http")
httpdomain["domain_heander"] = httpdomain.get("domain_header", None)
httpdomain["domain_type"] = DomainType.WWW
protocol = "http"
if httpdomain.get("certificate_id", None):
protocol = "https"
httpdomain["protocol"] = protocol
service = service_repo.get_service_by_tenant_and_id(self.team.tenant_id, httpdomain["service_id"])
if not service:
rst = {"msg": "组件不存在"}
return Response(rst, status=status.HTTP_400_BAD_REQUEST)
if domain_service.check_domain_exist(httpdomain["service_id"], httpdomain["container_port"],
httpdomain["domain_name"], protocol, httpdomain.get("domain_path"),
httpdomain.get("rule_extensions")):
rst = {"msg": "策略已存在"}
return Response(rst, status=status.HTTP_400_BAD_REQUEST)
if service.service_source == "third_party":
msg, msg_show, code = port_service.check_domain_thirdpart(self.team, service)
if code != 200:
logger.exception(msg, msg_show)
return Response({"msg": msg, "msg_show": msg_show}, status=code)
if httpdomain.get("whether_open", True):
tenant_service_port = port_service.get_service_port_by_port(service, httpdomain["container_port"])
# 仅开启对外端口
code, msg, data = port_service.manage_port(self.team, service, service.service_region,
int(tenant_service_port.container_port), "only_open_outer",
tenant_service_port.protocol, tenant_service_port.port_alias)
if code != 200:
return Response({"msg": "change port fail"}, status=code)
tenant_service_port = port_service.get_service_port_by_port(service, httpdomain["container_port"])
if not tenant_service_port:
raise ServiceHandleException("port not found", "端口不存在", 404, 404)
if not tenant_service_port.is_outer_service:
return Response({"msg": "没有开启对外端口"}, status=status.HTTP_400_BAD_REQUEST)
domain_service.bind_httpdomain(self.team, self.request.user, service, httpdomain, True)
else:
raise ServiceHandleException(msg="error parameters: protocol", msg_show="错误参数: protocol")
data = {}
http_rules = domain_service.get_http_rules_by_app_id(app_id)
tcp_rules = domain_service.get_tcp_rules_by_app_id(app_id)
data["http"] = http_rules
data["tcp"] = tcp_rules
re = GatewayRuleSerializer(data)
return Response(re.data, status=status.HTTP_200_OK)
def get(self, request, team_name, region_name, *args, **kwargs):
"""
获取团队下组件访问量排序
---
parameters:
- name: team_name
description: team name
required: true
type: string
paramType: path
"""
sufix_outer = "?query=sort_desc(sum(%20ceil(increase("\
+ "gateway_requests%7Bnamespace%3D%22{0}%22%7D%5B1h%5D)))%20by%20(service))".format(self.tenant.tenant_id)
sufix_inner = "?query=sort_desc(sum(ceil(increase(app_request%7B"\
+ "tenant_id%3D%22{0}%22%2Cmethod%3D%22total%22%7D%5B1h%5D)))by%20(service_id))".format(self.tenant.tenant_id)
# 对外组件访问量
try:
res, body = region_api.get_query_service_access(
region_name, team_name, sufix_outer)
outer_service_list = body["data"]["result"][0:10]
except Exception as e:
logger.debug(e)
outer_service_list = []
# 对外组件访问量
try:
res, body = region_api.get_query_service_access(
region_name, team_name, sufix_inner)
inner_service_list = body["data"]["result"][0:10]
except Exception as e:
logger.debug(e)
inner_service_list = []
# 合并
service_id_list = []
for service in outer_service_list:
service_id_list.append(service["metric"]["service"])
for service_oj in inner_service_list:
if service_oj["metric"]["service"] not in service_id_list:
service_id_list.append(service_oj["metric"]["service"])
service_traffic_list = []
for service_id in service_id_list:
service_dict = dict()
metric = dict()
value = []
service_dict["metric"] = metric
service_dict["value"] = value
traffic_num = 0
v1 = 0
for service in outer_service_list:
if service["metric"]["service"] == service_id:
traffic_num += int(service["value"][1])
v1 = service["value"][0]
for service_oj in inner_service_list:
if service_oj["metric"]["service"] == service_id:
traffic_num += int(service_oj["value"][1])
v1 = service_oj["value"][0]
metric["service"] = service_id
value.append(v1)
value.append(traffic_num)
service_traffic_list.append(service_dict)
for service_traffic in service_traffic_list[::-1]:
service_obj = service_repo.get_service_by_service_id(
service_traffic["metric"]["service"])
if service_obj:
service_traffic["metric"][
"service_cname"] = service_obj.service_cname
service_traffic["metric"][
"service_alias"] = service_obj.service_alias
if not service_obj:
service_traffic_list.remove(service_traffic)
# 排序取前十
service_list = sorted(service_traffic_list,
key=lambda x: x["value"][1],
reverse=True)[0:10]
result = general_message(200, "success", "查询成功", list=service_list)
return Response(result, status=result["code"])
def post(self, request, *args, **kwargs):
"""
添加http策略
"""
try:
container_port = request.data.get("container_port", None)
domain_name = request.data.get("domain_name", None)
certificate_id = request.data.get("certificate_id", None)
service_id = request.data.get("service_id", None)
domain_path = request.data.get("domain_path", None)
domain_cookie = request.data.get("domain_cookie", None)
domain_heander = request.data.get("domain_heander", None)
rule_extensions = request.data.get("rule_extensions", None)
whether_open = request.data.get("whether_open", False)
the_weight = request.data.get("the_weight", 100)
# 判断参数
if not container_port or not domain_name or not service_id:
return Response(general_message(400, "parameters are missing", "参数缺失"), status=400)
service = service_repo.get_service_by_service_id(service_id)
if not service:
return Response(general_message(400, "not service", "服务不存在"), status=400)
# 判断域名格式(如果用户添加的域名与默认域名后缀一致,那么他后缀必须是 "租户别名.默认后缀"
#
# 比如默认域名后缀是:37e53f.grapps.cn 这个值来自于region_info http_domain
# 那么如果它绑定 xxx.37e53f.grapps.cn是不允许的,只能绑定:
# xxx.yaufe6r5.37e53f.grapps.cn
#
# 此限制是防止租户之间盗用域名。)
region = region_repo.get_region_by_region_name(service.service_region)
if domain_name.endswith(region.httpdomain):
domain_name_spt = domain_name.split(region.httpdomain)
if self.tenant.tenant_name != domain_name_spt[0].split('.')[len(domain_name_spt[0].split('.'))-2]:
return Response(general_message(400, "the domain name format is incorrect", "域名格式不正确"), status=400)
protocol = "http"
if certificate_id:
protocol = "https"
# 判断策略是否存在
service_domain = domain_repo.get_domain_by_name_and_port_and_protocol(service.service_id, container_port, domain_name, protocol)
if service_domain:
result = general_message(400, "faild", "策略已存在")
return Response(result, status=400)
if whether_open:
try:
tenant_service_port = port_service.get_service_port_by_port(service, container_port)
# 仅开启对外端口
code, msg, data = port_service.manage_port(self.tenant, service, service.service_region, int(tenant_service_port.container_port), "only_open_outer",
tenant_service_port.protocol, tenant_service_port.port_alias)
if code != 200:
return Response(general_message(code, "change port fail", msg), status=code)
except Exception:
raise
tenant_service_port = port_service.get_service_port_by_port(service, container_port)
if not tenant_service_port.is_outer_service:
return Response(general_message(200, "not outer port", "没有开启对外端口", bean={"is_outer_service": False}),
status=200)
# 绑定端口(添加策略)
code, msg, data = domain_service.bind_httpdomain(self.tenant, self.user, service, domain_name, container_port, protocol,
certificate_id, DomainType.WWW, domain_path,
domain_cookie, domain_heander, the_weight, rule_extensions)
if code != 200:
return Response(general_message(code, "bind domain error", msg), status=code)
result = general_message(200, "success", "策略添加成功", bean=data)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result, status=result["code"])
def get(self, request, tenantName, *args, **kwargs):
try:
page = int(request.GET.get("page", 1))
page_size = int(request.GET.get("page_size", 10))
search_conditions = request.GET.get("search_conditions", None)
tenant = team_services.get_tenant_by_tenant_name(tenantName)
region = region_repo.get_region_by_region_name(self.response_region)
total = tcp_domain.get_all_domain_count_by_tenant_and_region(tenant.tenant_id, region.region_id)
start = (page - 1) * page_size
remaining_num = total - (page - 1) * page_size
end = page_size
if remaining_num < page_size:
end = remaining_num
try:
# 查询分页排序
if search_conditions:
cursor = connection.cursor()
cursor.execute(
"select end_point, type, protocol, service_name, service_alias, container_port, tcp_rule_id, service_id, is_outer_service from service_tcp_domain where tenant_id='{0}' and region_id='{1}' and end_point like '%{2}%' or service_alias like '%{3}%' or group_name like '%{4}%' order by type desc LIMIT {5},{6};".format(
tenant.tenant_id, region.region_id, search_conditions, search_conditions, search_conditions, start, end))
tenant_tuples = cursor.fetchall()
else:
cursor = connection.cursor()
cursor.execute(
"select end_point, type, protocol, service_name, service_alias, container_port, tcp_rule_id, service_id, is_outer_service from service_tcp_domain where tenant_id='{0}' and region_id='{1}' order by type desc LIMIT {2},{3};".format(
tenant.tenant_id, region.region_id, start, end))
tenant_tuples = cursor.fetchall()
except Exception as e:
logger.exception(e)
result = general_message(405, "faild", "查询数据库失败")
return Response(result)
# 拼接展示数据
domain_list = list()
for tenant_tuple in tenant_tuples:
service = service_repo.get_service_by_service_id(tenant_tuple[7])
service_alias = service.service_cname if service else ''
group_name = ''
group_id = 0
if service:
gsr = group_service_relation_repo.get_group_by_service_id(service.service_id)
if gsr:
group = group_repo.get_group_by_id(int(gsr.group_id))
group_name = group.group_name if group else ''
group_id = int(gsr.group_id)
domain_dict = dict()
domain_dict["end_point"] = tenant_tuple[0]
domain_dict["type"] = tenant_tuple[1]
domain_dict["protocol"] = tenant_tuple[2]
domain_dict["group_name"] = group_name
domain_dict["service_alias"] = tenant_tuple[3]
domain_dict["container_port"] = tenant_tuple[5]
domain_dict["service_cname"] = service_alias
domain_dict["tcp_rule_id"] = tenant_tuple[6]
domain_dict["service_id"] = tenant_tuple[7]
domain_dict["is_outer_service"] = tenant_tuple[8]
domain_dict["group_id"] = group_id
domain_list.append(domain_dict)
bean = dict()
bean["total"] = total
result = general_message(200, "success", "查询成功", list=domain_list, bean=bean)
except Exception as e:
logger.exception(e)
result = error_message(e.message)
return Response(result)
