def wulihost_add(request):
if request.method == 'GET':
idc = Idc.objects.all()
operators = User.objects.all()
return render(request, 'cmdb/servers/physical_host_add.html', locals())
if request.method == "POST":
'''新增加数据,这个IP 一定是在hostfail 中,并且不再 host 中'''
ip = request.POST['ip']
hostname = request.POST['hostname']
port = request.POST['port']
system_type = request.POST['system_type']
username = request.POST['username']
passwd = request.POST['passwd']
idc = request.POST['idc']
useuser=request.POST['useuser']
purpose=request.POST['purpose']
up_date=request.POST['up_date']
ssh_status = request.POST['ssh_status']
try:
hostfail = Host_fail.objects.filter(ip__exact=ip)
if hostfail.exists():
try:
host_check = Host.objects.filter(ip__exact=ip)
if not host_check.exists():
host = Host()
pc=prpcrypt()
host.hostname = hostname
host.ip = ip
host.port = port
host.username = username
host.passwd = pc.encrypt(passwd)
host.idc_id = idc
host.useuser=useuser
host.purpose=purpose
host.onlinedate=up_date
host.ssh_status = ssh_status
host.asset_type = u'物理机'
host.save()
hostfail.delete()
json_data = {'code': 0, 'msg': '主机添加成功,登陆失败记录已经删除'}
return JsonResponse(json_data)
else:
json_data = {'code': 0, 'msg': '主机添加失败,确定ip是否已经在主机表中'}
return JsonResponse(json_data)
except Exception as e:
print e
json_data = {'code': 0, 'msg': '主机添加失败,请看信息' + e}
return JsonResponse(json_data)
else:
json_data = {'code': 0, 'msg': '主机添加失败,确定ip是在登陆失败表中'}
return JsonResponse(json_data)
except Exception as e:
print e
def get_ans_host(hostid_list):
'''
传入的是 id 的列表, 输出的是 ip列表 和 可登陆主机的 【ip,port,username,password】
:param hostid_list:
:return:
'''
ip_list = []
host_list = []
try:
host = Host.objects.filter(id__in=hostid_list)
if host:
for i in host:
temp = {}
temp['ip'] = i.ip
temp['port'] = int(i.port)
temp['username'] = i.username
temp['sudo_passwd'] = i.sudo_passwd
if i.keyfile != 1:
pc = prpcrypt()
temp['password'] = pc.decrypt(i.passwd)
ip_list.append(i.ip)
host_list.append(temp)
return ip_list, host_list
except Exception as e:
print e
return ip_list, host_list
def wulihost_edit(request):
if request.method == 'GET':
hostid = request.GET['id']
host = Host.objects.get(id=hostid)
idc = Idc.objects.all()
operators = User.objects.all()
return render(request, 'cmdb/servers/physical_host_edit.html', locals())
if request.method == "POST":
'''新增加数据,这个IP 一定是在hostfail 中,并且不再 host 中'''
id = request.POST['id']
onlinedate = request.POST['up_date']
useuser = request.POST['useuser']
purpose = request.POST['purpose']
idc = request.POST['idc']
cabinet = request.POST['cabinet']
location=request.POST['location']
uplink_port=request.POST['uplink_port']
username=request.POST['username']
passwd=request.POST['passwd']
port=request.POST['port']
ssh_status = request.POST['ssh_status']
try:
pc=prpcrypt()
host = Host.objects.get(id=id)
host.onlinedate = onlinedate
host.useuser = useuser
host.purpose = purpose
host.username=username
# host.passwd=pc.encrypt(passwd)
host.port=port
host.idc_id = idc
host.cabinet=cabinet
host.location=location
host.uplink_port=uplink_port
host.ssh_status = ssh_status
host.save()
json_data = {'code': 0, 'msg': '主机编辑成功'}
return JsonResponse(json_data)
except Exception as e:
print e
json_data = {'code': 0, 'msg': '主机编辑失败,请看信息' + e}
return JsonResponse(json_data)
def get_ans_host(hostid_list):
ip_list = []
host_list = []
try:
host = Host.objects.filter(id__in=hostid_list)
if host:
for i in host:
temp = {}
temp['ip'] = i.ip
temp['port'] = i.port
temp['username'] = i.username
temp['sudo_passwd'] = i.sudo_passwd
if i.keyfile != 1:
pc = prpcrypt()
temp['password'] = pc.decrypt(i.passwd)
ip_list.append(i.ip)
host_list.append(temp)
return ip_list, host_list
except Exception as e:
print e
return ip_list, host_list
def do_scan_host(port_list, ip_duan, black_list, sshpass_list):
'''
:return:
'''
nmap_item = NmapDev()
sship_list, host_list, unkown_list = nmap_item.nmap_sship(
port_list, ip_duan, black_list)
#sship_list:存在ssh端口的主机,host_list:所有主主机IP,unkown_list 在host中,不在 sship_list 中的 未知主机IP
#存在ssh端口登陆与否的设备返回
syscmd_list = [
"cat /etc/issue",
"cat /etc/redhat-release",
"hostname",
"cat /sys/class/net/[^vtlsb]*/address||esxcfg-vmknic -l|awk '{print $8}'|grep ':'",
"dmidecode -s system-serial-number",
"dmidecode -s system-manufacturer",
"dmidecode -s system-product-name",
"grep 'model name' /proc/cpuinfo |uniq |awk -F : '{print $2}' |sed 's/^[ \t]*//g'", # cpuÐͺÅ
"grep 'processor' /proc/cpuinfo |sort |uniq |wc -l", # cpu ºËÊý
"cat /proc/meminfo |grep 'MemTotal' |awk -F : '{print $2/1048576}' |sed 's/^[ \t]*//g'"
]
canlogin_list, notlogin_list = nmap_item.try_pass_login(
sship_list, sshpass_list, syscmd_list)
login_host_info = dict()
crpt_do = prpcrypt()
if canlogin_list:
for item in canlogin_list:
mathine_t = canlogin_list[item][7] if canlogin_list[item][
7] else u"未知(需要安装dmidecode工具)"
crpt_pass = crpt_do.encrypt(
canlogin_list[item]
[1]) if canlogin_list[item][1] else crpt_do.encrypt('')
print(item)
tempdict = dict()
tempdict['ip'] = item
tempdict['ssh_port'] = str(canlogin_list[item][0])
tempdict['ssh_passwd'] = crpt_pass
tempdict['ssh_user'] = str(canlogin_list[item][2])
tempdict['system_ver'] = canlogin_list[item][3]
tempdict['hostname'] = canlogin_list[item][4]
tempdict['machine_type'] = mathine_t
tempdict['sn'] = canlogin_list[item][6]
tempdict['cpu_model'] = canlogin_list[item][8]
tempdict['cpu_num'] = canlogin_list[item][9]
tempdict['mem_total'] = int(
math.ceil(float(canlogin_list[item][10])))
try: # 如果主机存在,并且,扫描的IP 在IP 资源表中,则主机的IP_others 增加IP
# ipsource=IpSource.objects.get(ip=ip)
host = Host.objects.get(sn=tempdict['sn'])
host.hostname = tempdict['hostname']
host.system_type = tempdict['system_ver']
host.port = tempdict['ssh_port']
host.username = tempdict['ssh_user']
host.passwd = tempdict['ssh_passwd']
# host.disk=disk
host.status = '1'
host.ssh_status = '1'
host.vendor = tempdict['machine_type']
if item[0:3] == '172':
host.idc_id = '1'
elif item[0:3] == '10.':
host.idc_id = '2'
# if tempdict['machine_type'][0:6] == 'XenHVM':
# host.asset_type = u'虚拟机'
ip_temp = host.ip_other.split(',')
tem = 0 # 如果 ip other 有这个ip 就是已经保存了这个IP,忽略,增加,如过没有则保存
for i in ip_temp:
if i == item:
tem = 1
if tem == 0:
host.ip_other = item + ',' + host.ip_other
host.save()
except Exception as msg: # 如果找不到这个主机就认为是新的,就去部署ansible
print(msg)
host = Host()
# ssh_pwd = tempdict['ssh_passwd']
# data = deploy_key(ip, int(ssh_port), ssh_pwd)
host.hostname = tempdict['hostname']
host.system_type = tempdict['system_ver']
host.port = tempdict['ssh_port']
host.username = tempdict['ssh_user']
host.passwd = tempdict['ssh_passwd']
host.sn = tempdict['sn']
# host.disk = disk
host.status = '1'
host.ssh_status = '1'
host.vendor = tempdict['machine_type']
host.ip = tempdict['ip']
host.ip_other = tempdict['ip']
if item[0:3] == '172':
host.idc_id = '1'
elif item[0:3] == '10.':
host.idc_id = '2'
# if tempdict['machine_type'][0:6] == 'XenHVM':
# host.asset_type = '虚拟机'
host.save()
if unkown_list:
for item in unkown_list:
tempdict = dict()
tempdict['ip'] = item
tempdict['is_ssh'] = 0
tempdict['port'] = ''
ip = item
is_active = 1
try: # 如果主机ip存在,则设置fail表, 主机已经存在host表 增加 增加IP
ip_host = Host.objects.filter(ip_other__contains=ip)
if not ip_host.exists():
Host_fail.objects.create(ip=ip,
is_ssh=tempdict['is_ssh'],
port=tempdict['port'],
is_active=is_active,
is_inhost=False)
else:
is_inhost = False
for ips in ip_host:
ip_list = ips.ip_other.split(',') # 因为总是出现会过包含主机的信息
for ipi in ip_list:
if ipi == ip:
is_inhost = True
break
if is_inhost:
break
if not is_inhost:
Host_fail.objects.create(ip=ip,
is_ssh=tempdict['is_ssh'],
port=tempdict['port'],
is_inhost=is_inhost)
except Exception as e:
print(e)
if notlogin_list:
for item in notlogin_list:
tempdict = dict()
tempdict['ip'] = item
tempdict['is_ssh'] = 1
tempdict['port'] = notlogin_list[item]
ip = item
is_active = 1
try: # 如果主机ip存在,则设置fail表, 主机已经存在host表 增加 增加IP
ip_host = Host.objects.filter(ip_other__contains=ip)
if not ip_host.exists():
Host_fail.objects.create(ip=ip,
is_ssh=tempdict['is_ssh'],
port=tempdict['port'],
is_active=is_active,
is_inhost=False)
else:
is_inhost = False
for ips in ip_host:
ip_list = ips.ip_other.split(',') #因为总是出现会过包含主机的信息
for ipi in ip_list:
if ipi == ip:
is_inhost = True
break
if is_inhost:
break
if not is_inhost:
Host_fail.objects.update_or_create(
ip=ip,
is_ssh=tempdict['is_ssh'],
port=tempdict['port'],
is_inhost=is_inhost)
except Exception as e:
print(e)
return
def snmp_begin(nmap_IP, netpass, ports, password_list, imoocc_key_file,
syscmd_list, black_list):
'''
????????
:param nmap_type: ??IP
:param ports:
:param password_list:
:param imoocc_key_file:
:param imoocc_key_file:
:param syscmd_list:
:param black_list:
:param s_emails:
:return:
'''
if nmap_IP is None: return False
nm_item = NmapDev(black_list) #网络扫描设备
sship_list, host_list, unkown_list = nm_item.nmap_sship(
ports, nmap_IP, netpass)
#sship_list:存在ssh端口的主机,host_list:所有主主机IP,unkown_list 在host中,不在 sship_list 中的 未知主机IP
#存在ssh端口登陆与否的设备返回
canlogin_list, notlogin_list = nm_item.try_pass_login(
sship_list, password_list, syscmd_list)
print("Password Login ...", canlogin_list, notlogin_list)
logging.info("Use password login:%s,%s" % (canlogin_list, notlogin_list))
#这里注释key 方式登陆
# key_login_list,key_not_login_list = nm_item.try_key_login(notlogin_list,imoocc_key_file,syscmd_list)
# print ("Key Login ...",key_login_list,key_not_login_list)
# logging.info("Use key login:%s,%s"%(key_login_list,key_not_login_list))
#
login_host_info = dict()
crpt_do = prpcrypt()
if canlogin_list:
for item in canlogin_list:
mathine_t = canlogin_list[item][7] if canlogin_list[item][
7] else u"未知(需要安装dmidecode工具)"
crpt_pass = crpt_do.encrypt(
canlogin_list[item]
[1]) if canlogin_list[item][1] else crpt_do.encrypt('')
print(item)
tempdict = dict()
tempdict['ip'] = item
tempdict['ssh_port'] = str(canlogin_list[item][0])
tempdict['ssh_passwd'] = crpt_pass
tempdict['ssh_user'] = str(canlogin_list[item][2])
tempdict['ssh_rsa'] = ''
tempdict['rsa_pass'] = ''
tempdict['system_ver'] = canlogin_list[item][3]
tempdict['hostname'] = canlogin_list[item][4]
tempdict['machine_type'] = mathine_t
tempdict['sn'] = canlogin_list[item][6]
tempdict['ssh_status'] = 1,
tempdict['cpu_model'] = canlogin_list[item][8]
tempdict['cpu_num'] = canlogin_list[item][9]
tempdict['mem_total'] = canlogin_list[item][10]
tempdict['disk'] = canlogin_list[item][11]
login_host_info[item] = tempdict
# HostLoginifo.objects.update_or_create(ip=item,
# ssh_port=str(canlogin_list[item][0]),
# ssh_passwd=crpt_pass,
# ssh_user=canlogin_list[item][2],
# ssh_status=1,
# ssh_type=0,
# system_ver=canlogin_list[item][3],
# hostname=canlogin_list[item][4],
# mac_address=canlogin_list[item][5],
# sn=canlogin_list[item][6],
# mathine_type=mathine_t)
# if key_login_list:
# for item in key_login_list:
# mathine_t = key_login_list[item][9] if key_login_list[item][9] else u"未知(需要安装dmidecode工具)"
# tempdict = dict()
# tempdict['ip'] = item
# tempdict['ssh_port'] = key_login_list[item][0]
# tempdict['ssh_rsa'] = key_login_list[item][0]
# tempdict['rsa_pass'] = key_login_list[item][3]
# tempdict['ssh_user'] = key_login_list[item][2]
# tempdict['ssh_passwd'] = ''
# tempdict['system_ver'] = key_login_list[item][5]
# tempdict['hostname'] = key_login_list[item][6]
# tempdict['sn'] = key_login_list[item][8]
# tempdict['machine_type'] = mathine_t
# tempdict['ssh_status'] = str(2),
# login_host_info[item] = tempdict
# # HostLoginifo.objects.update_or_create(ip=item,
# # ssh_port=key_login_list[item][0],
# # ssh_rsa=key_login_list[item][1],
# # ssh_user=key_login_list[item][2],
# # rsa_pass=key_login_list[item][3],
# # ssh_status=1,
# # ssh_type=key_login_list[item][4],
# # system_ver=key_login_list[item][5],
# # hostname=key_login_list[item][6],
# # mac_address=key_login_list[item][7],
# # sn=key_login_list[item][8],
# # mathine_type=mathine_t)
# print("login_host_info is ",login_host_info)
#
allip = dict()
if sship_list:
for item in sship_list:
tempdict = dict()
tempdict['ip'] = item
tempdict['is_ssh'] = 1
tempdict['port'] = sship_list[item]
allip[item] = tempdict
host_fail_login = dict()
if unkown_list:
for item in unkown_list:
tempdict = dict()
tempdict['ip'] = item
tempdict['is_ssh'] = 0
tempdict['port'] = ''
allip[item] = tempdict
host_fail_login[item] = tempdict
if notlogin_list:
for item in notlogin_list:
tempdict = dict()
tempdict['ip'] = item
tempdict['is_ssh'] = 1
tempdict['port'] = notlogin_list[item]
host_fail_login[item] = tempdict
return allip, host_fail_login, login_host_info
def connect(self, message, **kwargs):
if 1 == 1:
print 'here'
if self.message.user:
# 获取用户信息
user = User.objects.get(username=self.message.user)
self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
self.ssh.load_system_host_keys()
try:
sid = int(message['path'].strip('/').split('/')[-1])
except Exception:
message.reply_channel.send(
{
"text":
json.dumps(
['stdout', '\033[1;3;31m"主机不存在或者已被删除"\033[0m'])
},
immediately=True)
self.disconnect(message)
try:
if user.is_superuser:
server = Host.objects.get(id=sid)
else:
user_server = User_Host.objects.get(user_id=user.id,
server_id=sid)
server = Host.objects.get(id=user_server.server_id)
except:
message.reply_channel.send(
{
"text":
json.dumps(
['stdout', '\033[1;3;31m"主机不存在或者已被删除"\\033[0m'])
},
immediately=True)
message.reply_channel.send({"accept": False})
self.disconnect(message)
try:
if server.username == 'root':
keyfile = "/root/.ssh/id_rsa"
else:
keyfile = "/home/{user}/.ssh/id_rsa".format(
user=server.username)
pkey = paramiko.RSAKey.from_private_key_file(keyfile)
encypt = prpcrypt()
password = encypt.decrypt(server.passwd)
self.ssh.connect(server.ip,
port=int(server.port),
username=server.username,
password=password,
timeout=3,
pkey=pkey)
except socket.timeout:
message.reply_channel.send(
{
"text":
json.dumps([
'stdout',
'\033[1;3;31mConnect to server time out\033[0m'
])
},
immediately=True)
message.reply_channel.send({"accept": False})
self.disconnect(message)
return
except Exception, ex:
message.reply_channel.send(
{
"text":
json.dumps([
'stdout',
'\033[1;3;31m连接服务器失败: {ex}\033[0m'.format(
ex=str(ex))
])
},
immediately=True)
message.reply_channel.send({"accept": False})
self.disconnect(message)
return
self.chan = self.ssh.invoke_shell(width=150, height=100)
sRbt = SshTerminalThread(self.message, self.chan)
sRbt.setDaemon = True
if user.is_superuser and server:
sRbt.start()
interactive_shell(self.chan, message.reply_channel.name)
message.reply_channel.send({"accept": True})
elif server:
sRbt.start()
interactive_shell(self.chan, message.reply_channel.name)
message.reply_channel.send({"accept": True})
def jiemi(value):
pc = prpcrypt()
jiemi = pc.decrypt(value)
return jiemi