def create_bindhosts(argvs):
'''
create bind hosts
:param argvs:
:return:
'''
if '-f' in argvs:
bindhosts_file = argvs[argvs.index("-f") + 1]
else:
print_err(
"invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>",
quit=True)
source = yaml_parser(bindhosts_file)
if source:
for key, val in source.items():
print(key, val)
# 获取到了主机
host_obj = session.query(models.Host).filter(
models.Host.hostname == val.get('hostname')).first()
# 取hostname
assert host_obj # 断言,必须存在
for item in val['remote_users']: # 判断
print(item)
assert item.get('auth_type')
if item.get('auth_type') == 'ssh-password': # 判断认证password
remoteuser_obj = session.query(models.RemoteUser).filter(
models.RemoteUser.username == item.get('username'),
models.RemoteUser.password == item.get(
'password')).first()
else:
# 获取远程用户
remoteuser_obj = session.query(models.RemoteUser).filter(
models.RemoteUser.username == item.get('username'),
models.RemoteUser.auth_type == item.get('auth_type'),
).first()
if not remoteuser_obj: # 没取到,程序退出
print_err("RemoteUser obj %s does not exist." % item,
quit=True)
bindhost_obj = models.BindHost(host_id=host_obj.id,
remoteuser_id=remoteuser_obj.id)
session.add(bindhost_obj) # 获取到关系后添加session
# for groups this host binds to
if source[key].get('groups'): # 获取组
group_objs = session.query(models.HostGroup).filter(
models.HostGroup.name.in_(
source[key].get('groups'))).all()
assert group_objs
print('groups:', group_objs)
bindhost_obj.host_groups = group_objs
# for user_profiles this host binds to
if source[key].get('user_profiles'): # 判断是否直接属于哪一台机器
userprofile_objs = session.query(
models.Userprofile).filter(
models.Userprofile.username.in_(
source[key].get('user_profiles'))).all()
assert userprofile_objs
print("userprofiles:", userprofile_objs)
bindhost_obj.user_profiles = userprofile_objs
# print(bindhost_obj)
session.commit()
def create_bindhosts(argvs):
if '-f' in argvs:
bindhosts_file = argvs[argvs.index("-f") + 1]
else:
print_err(
"invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>",
quit=True)
source = yaml_parser(bindhosts_file)
if source:
for key, val in source.items():
print(key, val)
host_obj = session.query(models.Host).filter(
models.Host.hostname == val.get('hostname')).first()
assert host_obj
print(host_obj)
'''注意下面的for语句,实际上val['remote_users']返回的是一个列表(yaml中如果有-,则变成列表),然后列表里面嵌套了字典,
所以for其实是对列表进行了循环,而列表里面的元素则是一个个字典'''
for item in val['remote_users']:
print('remote_users is', item)
'''assert断言,表示如果没有auth_type这个key,或取不到auth_type这个的值,则下面语句不执行。'''
assert item.get('auth_type')
if item.get('auth_type') == 'ssh-password':
remoteuser_obj = session.query(models.RemoteUser).filter(
models.RemoteUser.username == item.get('username'),
models.RemoteUser.password == item.get('password'),
#models.RemoteUser.auth_type==item.get('auth_type'),
).first()
else:
remoteuser_obj = session.query(models.RemoteUser).filter(
models.RemoteUser.username == item.get('username'),
models.RemoteUser.auth_type == item.get('auth_type'),
).first()
if not remoteuser_obj:
print_err('user [%s] is not exist' % (item), quit=True)
bindhost_obj = models.BindHost(host_id=host_obj.id,
remoteuser_id=remoteuser_obj.id)
session.add(bindhost_obj)
'''判断是否有groups这个字段,如果有则执行下面语句'''
if source[key].get('groups'):
print(source[key].get('groups'))
group_objs = session.query(models.HostGroup).filter(
models.HostGroup.name.in_(
source[key].get('groups'))).all()
assert group_objs
'''通过下面语句将bind_host和host_group两个表的关联表bindhost_m2m_hostgroup建立起来,
将两个表相对应的主机和组的id相对应起来,实现主机和组的关联。
注意下面的语句将对关联表插入相关联的ID值'''
bindhost_obj.host_groups = group_objs
if source[key].get('user_profiles'):
user_objs = session.query(models.UserProfile).filter(
models.UserProfile.username.in_(
source[key].get('user_profiles'))).all()
assert user_objs
'''通过下面的语句,将堡垒机用户表和bind_host表相关联起来,对两者的关联表user_m2m_bindhost
插入对应的两方id,通过该表的外键实现两表关联,最终实现用户和主机关联'''
bindhost_obj.user_profiles = user_objs
session.commit()
def create_bindhosts(argvs):
"""
create bind hosts
主机及该主机上的账户信息
:param argvs:
:return:
"""
if '-f' in argvs:
bindhosts_file = argvs[argvs.index("-f") + 1]
else:
print_err("invalid usage, should be:\ncreate_bindhosts -f <the new bindhosts file>", logout=True)
return
source = yaml_parser(bindhosts_file)
if source:
logger.debug("source:\n%s" % source)
for key, val in source.items():
logger.debug("%s:%s" % (key, val))
# 要Bind的主机信息
host_obj = session.query(models.Host).filter(models.Host.hostname == val.get('hostname')).first()
logger.debug("host_obj---\n%s" % host_obj)
assert host_obj
for item in val['remote_users']: # 要bind到该主机上的账户信息
logger.debug(item)
assert item.get('auth_type')
if item.get('auth_type') == 'ssh-password':
remoteuser_obj = session.query(models.RemoteUser).filter(
models.RemoteUser.username == item.get('username'),
models.RemoteUser.password == item.get('password')
).first()
else:
remoteuser_obj = session.query(models.RemoteUser).filter(
models.RemoteUser.username == item.get('username'),
models.RemoteUser.auth_type == item.get('auth_type'),
).first()
if not remoteuser_obj:
print_err("RemoteUser obj %s does not exist." % item, logout=True)
bindhost_obj = models.BindHost(host_id=host_obj.id, remoteuser_id=remoteuser_obj.id) # 设定bind关系
session.add(bindhost_obj)
# for groups this host binds to 该主机bind到主机组
if source[key].get('groups'):
group_objs = session.query(models.HostGroup).filter(
models.HostGroup.name.in_(source[key].get('groups'))).all()
assert group_objs
logger.info('groups:%s' % group_objs)
bindhost_obj.host_groups = group_objs
# for user_profiles this host binds to 该主机bind到的用户
if source[key].get('user_profiles'):
userprofile_objs = session.query(models.UserProfile).filter(models.UserProfile.username.in_(
source[key].get('user_profiles')
)).all()
logger.debug(userprofile_objs)
assert userprofile_objs
logger.info("userprofiles:%s" % userprofile_objs)
bindhost_obj.user_profiles = userprofile_objs
# print(bindhost_obj)
session.commit()
logger.info("create bindhosts sucess!")
def create_bindhosts(argv):
'''
create bind hosts
:param argv:
:return:
'''
if '-f' in argv:
bindhost_file = argv[argv.index('-f') + 1]
else:
print_err(
"invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>",
quit=True)
source = yaml_parser(bindhost_file)
if source:
print(source)
for key, val in source:
host_obj = session.query(models.Host).filter(
models.Host.hostname == val.get('hostname'))
assert host_obj
for item in val['remote_users']:
assert item.get('auth_type')
if item.get('auth_type') == 'ssh-passwd':
remoteuser_obj = session.query(models.RemoteUser).filter(
models.RemoteUser.username == item.get('username'),
models.RemoteUser.password == item.get('password'),
).first()
else:
remoteuser_obj = session.query(models.RemoteUser).filter(
models.RemoteUser.username == item.get('username'),
models.RemoteUser.auth_type == item.get('auth_type'),
).first()
if not remoteuser_obj:
print_err("RemoteUser obj %s does not exist." % item,
quit=True)
bindhost_obj = models.BindHost(host_id=host_obj.id,
remoteuser_id=remoteuser_obj.id)
session.add(bindhost_obj)
if source[key].get('groups'):
group_obj = session.query(models.HostGroup).filter(
models.HostGroup.name.in_(
source[key].get('groups'))).all()
assert group_obj
bindhost_obj.host_groups = group_obj
if source[key].get('user_profiles'):
userprofile_obj = session.query(models.UserProfile).filter(
models.UserProfile.username.in_(
source[key].get('user_profiles'))).all()
assert userprofile_obj
bindhost_obj.user_profiles = userprofile_obj
session.commit()
def create_bindhosts(argvs):
'''
create bind hosts
:param argvs:
:return:
'''
if '-f' in argvs:
bindhosts_file = argvs[argvs.index("-f") + 1]
else:
print_err(
"invalid usage, should be:\ncreate_hosts -f <the new bindhosts file>",
quit=True)
source = yaml_parser(bindhosts_file)
if source:
for key, val in source.items():
#print(key,val)
# 从数据库中取出相应主机类实例
host_obj = session.query(models.Host).filter(
models.Host.hostname == val.get('hostname')).first()
# 断言该实例是否存在
assert host_obj
for item in val['remote_users']:
print(item)
# 断言是否存在断言类型
assert item.get('auth_type')
if item.get('auth_type') == 'ssh-password':
# 从数据库中取出相应远程用户类实例
remoteuser_obj = session.query(models.RemoteUser).filter(
models.RemoteUser.username == item.get('username'),
models.RemoteUser.password == item.get(
'password')).first()
else:
remoteuser_obj = session.query(models.RemoteUser).filter(
models.RemoteUser.username == item.get('username'),
models.RemoteUser.auth_type == item.get('auth_type'),
).first()
if not remoteuser_obj:
# 远程用户类实例不存在
print_err("RemoteUser obj %s does not exist." % item,
quit=True)
# 从数据库中取出相应绑定主机类实例
bindhost_obj = models.BindHost(host_id=host_obj.id,
remoteuser_id=remoteuser_obj.id)
session.add(bindhost_obj)
#for groups this host binds to
if source[key].get('groups'):
group_objs = session.query(models.HostGroup).filter(
models.HostGroup.name.in_(
source[key].get('groups'))).all()
assert group_objs
print('groups:', group_objs)
bindhost_obj.host_groups = group_objs
#for user_profiles this host binds to
if source[key].get('user_profiles'):
userprofile_objs = session.query(
models.UserProfile).filter(
models.UserProfile.username.in_(
source[key].get('user_profiles'))).all()
assert userprofile_objs
print("userprofiles:", userprofile_objs)
bindhost_obj.user_profiles = userprofile_objs
#print(bindhost_obj)
session.commit()