def get_config_server_host(self): env_config = CONFIG.ENV_SETTINGS.get(self.env) if len(env_config) > 1: for ip_address in env_config: if 'yaobili-platform-config' in env_config.get(ip_address): return parse_address(ip_address) raise ValueError( 'ENV_SETTINGS 配置有误,找不到yaobili-platform-config服务所在ip') else: ip_address = list(env_config.keys())[0] return parse_address(ip_address)
def restart(self, ip_address, services): ip, port = parse_address(ip_address) ssh = SSHConnect(host=ip, port=port) sftp_client = ssh.get_sftp() self.base_init(ssh, sftp_client) self.deploy(ssh, ip_address, services) ssh.close()
def get_proxy_sock(self): sock = None gateway_ip, gateway_port = parse_address(self.gateway_address) gateway_username, gateway_password = config.SSH_GATEWAYS_LOGIN_INFO.get( self.gateway_address) ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) try: ssh.connect(gateway_ip, gateway_port, username=gateway_username, password=gateway_password, timeout=config.SSH_TIMEOUT) except Exception as e: print("Connect gateway error") print(e) try: transport = ssh.get_transport() # transport.set_keepalive(20) sock = transport.open_channel('direct-tcpip', (self.host, self.port), ('127.0.0.1', 0)) except Exception as e: print("Open gateway channel error") print(e) return sock
def start_service(): for i in IPS.get('master'): ip, port = parse_address(i) ssh = SSHConnect(ip, int(port)) ssh.run( 'systemctl daemon-reload && systemctl enable kube-apiserver && systemctl start kube-apiserver && ' 'systemctl status kube-apiserver && systemctl enable kube-controller-manager && ' 'systemctl start kube-controller-manager && systemctl status kube-controller-manager && ' 'systemctl enable kube-scheduler && systemctl start kube-scheduler && systemctl status kube-scheduler' )
def start_service(): for i in IPS.get('etcd'): ip,port = parse_address(i) cmd = 'mkdir -p mkdir /var/lib/etcd && systemctl daemon-reload && systemctl enable etcd ' \ '&& systemctl start etcd && systemctl status etcd' if not check_is_localip(ip): ssh = SSHConnect(ip,int(port)) ssh.run(cmd) else: exec_shell(cmd)
def rollback(self, ip_address, projects): ip, port = parse_address(ip_address) ssh = SSHConnect(host=ip, port=port) for project in projects: try: ssh.run( 'cd {0}/{1}/{2} && rm -rf ./* && tar -zxf {0}/{1}/history_version/{2}.tar.gz' .format(CONFIG.DEPLOY_DIR, self.env, project)) except Exception: print('ERROR: {} 项目不存在,无法回滚'.format(project), flush=True) ssh.close()
def init_deploy_dir(self): print('init_deploy_dir......', flush=True) ip, port = parse_address(CONFIG.K8S_MASTER.get(self.env)) self.ssh = SSHConnect(host=ip, port=port) self.ssh.run('mkdir -p {}'.format(CONFIG.DEPLOY_YAMLS_DIR)) self.sftp_client = self.ssh.get_sftp() # 传python文件 put_dir(self.sftp_client, CONFIG.PROJECT_DIR, CONFIG.DEPLOY_DIR) put_dir( self.sftp_client, os.path.join(get_project_root_path(), 'utils'), os.path.join(CONFIG.DEPLOY_DIR, 'utils') )
def rollback(self, ip_address, services): ip, port = parse_address(ip_address) ssh = SSHConnect(host=ip, port=port) sftp_client = ssh.get_sftp() self.base_init(ssh, sftp_client) for i in services: history_jar_path = '{}/{}-{}.jar'.format(CONFIG.HISTORY_DIR, i, CONFIG.JAR_VERSION) remote_jar_path = '{}/{}-{}.jar'.format(CONFIG.DEPLOY_DIR, i, CONFIG.JAR_VERSION) ssh.run('cp -rf {} {}'.format(history_jar_path, remote_jar_path)) self.deploy(ssh, ip_address, services) ssh.close()
def get_etcd_cluster(type=str): etcds = IPS.get('etcd') ETCD_INITIAL_CLUSTER = [] etcd_cluster_dict = {} for i in range(1, len(etcds) + 1): ip, port = parse_address(etcds[i - 1]) ETCD_INITIAL_CLUSTER.append('etcd-node{}=https://{}:2380'.format( i, ip)) etcd_cluster_dict[ip] = 'etcd-node{}'.format(i) if type == 'dict': return etcd_cluster_dict else: return ','.join(ETCD_INITIAL_CLUSTER)
def check_health(): etcd_endpoints = get_etcd_endpoints() cmd = 'source /etc/profile && etcdctl --endpoints={} --ca-file=/opt/kubernetes/ssl/ca.pem ' \ '--cert-file=/opt/kubernetes/ssl/etcd.pem --key-file=/opt/kubernetes/ssl/etcd-key.pem ' \ 'cluster-health'.format(etcd_endpoints) for i in IPS.get('etcd'): ip,port = parse_address(i) if not check_is_localip(ip): ssh = SSHConnect(ip,int(port)) ssh.run(cmd) ssh.close() else: exec_shell(cmd)
def init_api_server_config(): path = os.path.join(TEMPLATE_DIR, 'master', 'kube-apiserver.service') f = FileModify(path) for i in IPS.get('master'): ip, port = parse_address(i) f.replace('(?<=--bind-address=).*', '{} \\'.format(ip)) f.replace('(?<=service-cluster-ip-range=).*', '{} \\'.format(SETTINGS.SERVICE_CIDR)) f.replace('(?<=service-node-port-range=).*', '{} \\'.format(SETTINGS.NODE_PORT_RANGE)) f.replace('(?<=etcd-servers=).*', '{} \\'.format(get_etcd_endpoints())) send_files( os.path.join(TEMPLATE_DIR, 'master', 'kube-apiserver.service'), '/usr/lib/systemd/system', i)
def init_etcd_ca(): path = os.path.join(TEMPLATE_DIR,'etcd','etcd-csr.json') f = FileModify(path) template_content = f.content() result = json.loads(template_content,encoding='UTF-8') for ip_ in IPS.get('etcd'): ip,port = parse_address(ip_) result['hosts'].append(ip) f.cover(json.dumps(result)) cfssl_dir = get_cfssl_dir() os.chdir(os.path.join(TEMPLATE_DIR,'etcd')) exec_shell('{0}/cfssl gencert -ca={1}/ca.pem -ca-key={1}/ca-key.pem -config={1}/ca-config.json ' '-profile=kubernetes etcd-csr.json | {0}/cfssljson -bare etcd'.format(cfssl_dir,os.path.join(TEMPLATE_DIR,'ca'))) f.cover(template_content)
def init_config(): path = os.path.join(TEMPLATE_DIR, 'etcd', 'etcd.conf') f = FileModify(path) etcd_cluster = get_etcd_cluster() f.replace('(?<=ETCD_INITIAL_CLUSTER=").*(?=")',etcd_cluster) etcd_cluster_dict = get_etcd_cluster('dict') for i in IPS.get('etcd'): ip,port = parse_address(i) f.replace('(?<=ETCD_NAME=").*(?=")',etcd_cluster_dict.get(ip)) f.replace('(?<=ETCD_LISTEN_PEER_URLS=").*(?=")','https://{}:2380'.format(ip)) f.replace('(?<=ETCD_LISTEN_CLIENT_URLS=").*(?=")','https://{}:2379,https://127.0.0.1:2379'.format(ip)) f.replace('(?<=ETCD_INITIAL_ADVERTISE_PEER_URLS=").*(?=")','https://{}:2380'.format(ip)) f.replace('(?<=ETCD_ADVERTISE_CLIENT_URLS=").*(?=")','https://{}:2379'.format(ip)) send_files(path,'/opt/kubernetes/cfg/',i)
def set_kubectl(): for i in IPS.get('master'): ip, port = parse_address(i) ssh = SSHConnect(ip, int(port)) ssh.run( 'source /etc/profile && kubectl config set-cluster kubernetes ' '--certificate-authority=/opt/kubernetes/ssl/ca.pem --embed-certs=true ' '--server=https://{}:6443'.format(ip)) ssh.run( 'source /etc/profile && kubectl config set-credentials admin ' '--client-certificate=/opt/kubernetes/ssl/admin.pem --embed-certs=true ' '--client-key=/opt/kubernetes/ssl/admin-key.pem') ssh.run( 'source /etc/profile && kubectl config set-context kubernetes --cluster=kubernetes --user=admin' ) ssh.run('source /etc/profile && kubectl config use-context kubernetes')
def install(self, ip_address, projects): ip, port = parse_address(ip_address) ssh = SSHConnect(host=ip, port=port) sftp_client = ssh.get_sftp() ssh.run('mkdir -p {}/{}/history_version && mkdir -p {}'.format( CONFIG.DEPLOY_DIR, self.env, CONFIG.TMP_DIR)) for project in projects: targz_path = '{}/{}.tar.gz'.format(CONFIG.LIB_DIR, project) remote_targz_path = '{}/{}.tar.gz'.format(CONFIG.TMP_DIR, project) sftp_client.put(targz_path, remote_targz_path) ssh.run( 'mkdir -p {0}/{1}/{2} && cd {0}/{1}/{2} && tar -zcf {0}/{1}/history_version/{2}.tar.gz ./' .format(CONFIG.DEPLOY_DIR, self.env, project)) ssh.run('cd {0}/{1}/{2} && rm -rf ./* && tar -zxf {3}/{2}.tar.gz'. format(CONFIG.DEPLOY_DIR, self.env, project, CONFIG.TMP_DIR)) ssh.close()
def install(self, ip_address, services): ip, port = parse_address(ip_address) ssh = SSHConnect(host=ip, port=port) sftp_client = ssh.get_sftp() # 基础初始化 self.base_init(ssh, sftp_client) # 传hosts文件 if len(self.env_config) > 1: sftp_client.put('/tmp/hosts', '/etc/hosts') # 传JAR包 self.send_jar_file(ssh, sftp_client, services) # 部署 self.deploy(ssh, ip_address, services) ssh.close()
def init(): ips = get_all_ip(IPS) scripts_dir = os.path.join(CONFIG.PROJECT_DIR, 'utils', 'scripts', 'k8s', 'init') for ipa in ips: if not check_rsa_secret(): create_rsa_secret() ssh_copy_id(ipa) ip, port = parse_address(ipa) print('init {}...'.format(ip)) if not check_is_localip(ip): ssh = SSHConnect(host=ip, port=int(port)) for filename in os.listdir(scripts_dir): f = FileModify(os.path.join(scripts_dir, filename)) ssh.run(f.content()) ssh.close() else: for filename in os.listdir(scripts_dir): f = FileModify(os.path.join(scripts_dir, filename)) exec_shell(f.content())
def init_ca(): path = os.path.join(TEMPLATE_DIR, 'master', 'kubernetes-csr.json') f = FileModify(path) template_content = f.content() result = json.loads(template_content, encoding='UTF-8') for ip_ in IPS.get('master'): ip, port = parse_address(ip_) result['hosts'].append(ip) result['hosts'].append(SETTINGS.CLUSTER_KUBERNETES_SVC_IP) f.cover(json.dumps(result)) cfssl_dir = get_cfssl_dir() os.chdir(os.path.join(TEMPLATE_DIR, 'master')) ca_dir = os.path.join(TEMPLATE_DIR, 'ca') exec_shell( '{0}/cfssl gencert -ca={1}/ca.pem -ca-key={1}/ca-key.pem -config={1}/ca-config.json ' '-profile=kubernetes kubernetes-csr.json | {0}/cfssljson -bare kubernetes' .format(cfssl_dir, ca_dir)) exec_shell( '{0}/cfssl gencert -ca={1}/ca.pem -ca-key={1}/ca-key.pem -config={1}/ca-config.json ' '-profile=kubernetes admin-csr.json | {0}/cfssljson -bare admin'. format(cfssl_dir, ca_dir)) f.cover(template_content)
def check_health(): for i in IPS.get('master'): ip, port = parse_address(i) ssh = SSHConnect(ip, int(port)) ssh.run('source /etc/profile && kubectl get cs')
def edit_hosts_file(self, ip_address, hosts_file): ip, port = parse_address(ip_address) ssh = SSHConnect(host=ip, port=port) hostname = ssh.run('hostname', response=True) ssh.close() hosts_file.add('{} {}'.format(ip, hostname.strip()))
def get_etcd_endpoints(): ETCD_ENDPOINTS = [] for i in IPS.get('etcd'): ip, port = parse_address(i) ETCD_ENDPOINTS.append('https://{}:2379'.format(ip)) return ','.join(ETCD_ENDPOINTS)