def update_governance_mode(tenant, region_name, app_id, governance_mode): # update the value of host env. eg. MYSQL_HOST service_ids = group_service_relation_repo.list_serivce_ids_by_app_id( tenant.tenant_id, region_name, app_id) ports = port_repo.list_inner_ports_by_service_ids( tenant.tenant_id, service_ids) for port in ports: env = env_var_repo.get_service_host_env(tenant.tenant_id, port.service_id, port.container_port) service = service_repo.get_service_by_tenant_and_id( tenant.tenant_id, port.service_id) if governance_mode == GovernanceModeEnum.KUBERNETES_NATIVE_SERVICE.name: env.attr_value = port.k8s_service_name if port.k8s_service_name else service.service_alias + "-" + str( port.container_port) else: env.attr_value = "127.0.0.1" env.save() if service.create_status == "complete": body = { "env_name": env.attr_name, "env_value": env.attr_value, "scope": env.scope } region_api.update_service_env(service.service_region, tenant.tenant_name, service.service_alias, body) group_repo.update_governance_mode(tenant.tenant_id, region_name, app_id, governance_mode) region_app_id = region_app_repo.get_region_app_id(region_name, app_id) region_api.update_app(region_name, tenant.tenant_name, region_app_id, {"governance_mode": governance_mode})
def add_service_dependency(self, tenant, service, dep_service_id): dep_service_relation = dep_relation_repo.get_depency_by_serivce_id_and_dep_service_id(tenant.tenant_id, service.service_id, dep_service_id) if dep_service_relation: return 412, u"当前应用已被关联", None dep_service = service_repo.get_service_by_tenant_and_id(tenant.tenant_id, dep_service_id) is_duplicate = self.__is_env_duplicate(tenant, service, dep_service) if is_duplicate: return 412, u"要关联的应用的变量与已关联的应用变量重复,请修改后再试", None if service.create_status == "complete": task = {} task["dep_service_id"] = dep_service_id task["tenant_id"] = tenant.tenant_id task["dep_service_type"] = dep_service.service_type task["enterprise_id"] = tenant.enterprise_id region_api.add_service_dependency(service.service_region, tenant.tenant_name, service.service_alias, task) tenant_service_relation = { "tenant_id": tenant.tenant_id, "service_id": service.service_id, "dep_service_id": dep_service_id, "dep_service_type": dep_service.service_type, "dep_order": 0, } dep_relation = dep_relation_repo.add_service_dependency(**tenant_service_relation) return 200, u"success", dep_relation
def add_service_dependency(self, tenant, service, dep_service_id, open_inner=None, container_port=None, user_name=''): dep_service_relation = dep_relation_repo.get_depency_by_serivce_id_and_dep_service_id( tenant.tenant_id, service.service_id, dep_service_id) if dep_service_relation: return 212, "当前组件已被关联", None dep_service = service_repo.get_service_by_tenant_and_id( tenant.tenant_id, dep_service_id) # 开启对内端口 if open_inner: self.__open_port(tenant, dep_service, container_port, user_name) else: # 校验要依赖的组件是否开启了对内端口 open_inner_services = port_repo.get_service_ports( tenant.tenant_id, dep_service.service_id).filter(is_inner_service=True) if not open_inner_services: service_ports = port_repo.get_service_ports( tenant.tenant_id, dep_service.service_id) port_list = [ service_port.container_port for service_port in service_ports ] return 201, "要关联的组件暂未开启对内端口,是否打开", port_list is_duplicate = self.__is_env_duplicate(tenant, service, dep_service) if is_duplicate: return 412, "要关联的组件的变量与已关联的组件变量重复,请修改后再试", None if service.create_status == "complete": task = dict() task["dep_service_id"] = dep_service_id task["tenant_id"] = tenant.tenant_id task["dep_service_type"] = dep_service.service_type task["enterprise_id"] = tenant.enterprise_id task["operator"] = user_name region_api.add_service_dependency(service.service_region, tenant.tenant_name, service.service_alias, task) tenant_service_relation = { "tenant_id": tenant.tenant_id, "service_id": service.service_id, "dep_service_id": dep_service_id, "dep_service_type": dep_service.service_type, "dep_order": 0, } dep_relation = dep_relation_repo.add_service_dependency( **tenant_service_relation) # component dependency change, will change export network governance plugin configuration if service.create_status == "complete": from console.services.plugin import app_plugin_service app_plugin_service.update_config_if_have_export_plugin( tenant, service) return 200, "success", dep_relation
def add_service_dependency(self, tenant, service, dep_service_id, open_inner=None, container_port=None): dep_service_relation = dep_relation_repo.get_depency_by_serivce_id_and_dep_service_id( tenant.tenant_id, service.service_id, dep_service_id) if dep_service_relation: return 212, u"当前应用已被关联", None dep_service = service_repo.get_service_by_tenant_and_id( tenant.tenant_id, dep_service_id) # 开启对内端口 if open_inner: tenant_service_port = port_service.get_service_port_by_port( dep_service, int(container_port)) code, msg, data = port_service.manage_port( tenant, dep_service, dep_service.service_region, int(tenant_service_port.container_port), "open_inner", tenant_service_port.protocol, tenant_service_port.port_alias) if code != 200: return 412, u"开启对内端口失败", None # 校验要依赖的服务是否开启了对内端口 open_inner_services = port_repo.get_service_ports( tenant.tenant_id, dep_service.service_id).filter(is_inner_service=True) if not open_inner_services: service_ports = port_repo.get_service_ports( tenant.tenant_id, dep_service.service_id) port_list = [ service_port.container_port for service_port in service_ports ] return 201, u"要关联的服务暂未开启对内端口,是否打开", port_list is_duplicate = self.__is_env_duplicate(tenant, service, dep_service) if is_duplicate: return 412, u"要关联的应用的变量与已关联的应用变量重复,请修改后再试", None if service.create_status == "complete": task = dict() task["dep_service_id"] = dep_service_id task["tenant_id"] = tenant.tenant_id task["dep_service_type"] = dep_service.service_type task["enterprise_id"] = tenant.enterprise_id region_api.add_service_dependency(service.service_region, tenant.tenant_name, service.service_alias, task) tenant_service_relation = { "tenant_id": tenant.tenant_id, "service_id": service.service_id, "dep_service_id": dep_service_id, "dep_service_type": dep_service.service_type, "dep_order": 0, } dep_relation = dep_relation_repo.add_service_dependency( **tenant_service_relation) return 200, u"success", dep_relation
def post(self, request, app_id, *args, **kwargs): ads = PostHTTPGatewayRuleSerializer(data=request.data) ads.is_valid(raise_exception=True) app = group_service.get_app_by_id(self.team, self.region_name, app_id) if not app: raise ErrAppNotFound httpdomain = ads.data # Compatible history code httpdomain["domain_heander"] = httpdomain.get("domain_header", None) httpdomain["domain_type"] = DomainType.WWW protocol = "http" if httpdomain.get("certificate_id", None): protocol = "https" httpdomain["protocol"] = protocol service = service_repo.get_service_by_tenant_and_id( self.team.tenant_id, httpdomain["service_id"]) if not service: rst = {"msg": "组件不存在"} return Response(rst, status=status.HTTP_400_BAD_REQUEST) if domain_service.check_domain_exist( httpdomain["service_id"], httpdomain["container_port"], httpdomain["domain_name"], protocol, httpdomain.get("domain_path"), httpdomain.get("rule_extensions")): rst = {"msg": "策略已存在"} return Response(rst, status=status.HTTP_400_BAD_REQUEST) if service.service_source == "third_party": msg, msg_show, code = port_service.check_domain_thirdpart( self.team, service) if code != 200: logger.exception(msg, msg_show) return Response({ "msg": msg, "msg_show": msg_show }, status=code) if httpdomain.get("whether_open", True): tenant_service_port = port_service.get_service_port_by_port( service, httpdomain["container_port"]) # 仅开启对外端口 code, msg, data = port_service.manage_port( self.team, service, service.service_region, int(tenant_service_port.container_port), "only_open_outer", tenant_service_port.protocol, tenant_service_port.port_alias) if code != 200: return Response({"msg": "change port fail"}, status=code) tenant_service_port = port_service.get_service_port_by_port( service, httpdomain["container_port"]) if not tenant_service_port.is_outer_service: return Response({"msg": "没有开启对外端口"}, status=status.HTTP_400_BAD_REQUEST) data = domain_service.bind_httpdomain(self.team, self.request.user, service, httpdomain, True) serializer = HTTPGatewayRuleSerializer(data=data.to_dict()) serializer.is_valid() return Response(serializer.data, status=status.HTTP_201_CREATED)
def put(self, request, app_id, rule_id, *args, **kwargs): ads = UpdatePostHTTPGatewayRuleSerializer(data=request.data) ads.is_valid(raise_exception=True) app = group_service.get_app_by_id(self.team, self.region_name, app_id) if not app: raise ErrAppNotFound httpdomain = ads.data service = service_repo.get_service_by_tenant_and_id(self.team.tenant_id, httpdomain["service_id"]) if not service: rst = {"msg": "组件不存在"} return Response(rst, status=status.HTTP_400_BAD_REQUEST) data = domain_service.update_httpdomain(self.team, service, rule_id, ads.data, True) re = HTTPGatewayRuleSerializer(data=model_to_dict(data)) re.is_valid() return Response(re.data, status=status.HTTP_200_OK)
def create_service_relation(self, tenant, service, dep_service_id): """ raise ErrDepServiceNotFound raise ServiceRelationAlreadyExist raise InnerPortNotFound """ self.check_relation(service.tenant_id, service.service_id, dep_service_id) dep_service = service_repo.get_service_by_tenant_and_id(tenant.tenant_id, dep_service_id) tenant_service_relation = { "tenant_id": tenant.tenant_id, "service_id": service.service_id, "dep_service_id": dep_service_id, "dep_service_type": dep_service.service_type, "dep_order": 0, } return dep_relation_repo.add_service_dependency(**tenant_service_relation)
def post(self, request, app_id, *args, **kwargs): ads = PostGatewayRuleSerializer(data=request.data) ads.is_valid(raise_exception=True) if ads.data.get("protocol") == "tcp": tcpdomain = ads.data.get("tcp") if not tcpdomain: raise ServiceHandleException(msg="Missing parameters: tcp", msg_show="缺少参数: tcp") container_port = tcpdomain.get("container_port", None) service_id = tcpdomain.get("service_id", None) end_point = tcpdomain.get("end_point", None) rule_extensions = tcpdomain.get("rule_extensions", None) default_port = tcpdomain.get("default_port", None) default_ip = tcpdomain.get("default_ip", None) service = service_repo.get_service_by_service_id(service_id) if not service: raise ServiceHandleException(msg="not service", msg_show="组件不存在") # Check if the given endpoint exists. service_tcpdomain = tcp_domain.get_tcpdomain_by_end_point(self.region.region_id, end_point) if service_tcpdomain: raise ServiceHandleException(msg="exist", msg_show="策略已存在") if service.service_source == "third_party": msg, msg_show, code = port_service.check_domain_thirdpart(self.team, service) if code != 200: raise ServiceHandleException(msg=msg, msg_show=msg_show) try: tenant_service_port = port_service.get_service_port_by_port(service, container_port) # 仅打开对外端口 code, msg, data = port_service.manage_port(self.team, service, service.service_region, int(tenant_service_port.container_port), "only_open_outer", tenant_service_port.protocol, tenant_service_port.port_alias) if code != 200: raise ServiceHandleException(status_code=code, msg="change port fail", msg_show=msg) except Exception as e: logger.exception(e) raise ServiceHandleException(status_code=code, msg="change port fail", msg_show="open port failure") # 添加tcp策略 domain_service.bind_tcpdomain(self.team, self.user, service, end_point, container_port, default_port, rule_extensions, default_ip) elif ads.data.get("protocol") == "http": httpdomain = ads.data.get("http") if not httpdomain: raise ServiceHandleException(msg="Missing parameters: tcp", msg_show="缺少参数: http") httpdomain["domain_heander"] = httpdomain.get("domain_header", None) httpdomain["domain_type"] = DomainType.WWW protocol = "http" if httpdomain.get("certificate_id", None): protocol = "https" httpdomain["protocol"] = protocol service = service_repo.get_service_by_tenant_and_id(self.team.tenant_id, httpdomain["service_id"]) if not service: rst = {"msg": "组件不存在"} return Response(rst, status=status.HTTP_400_BAD_REQUEST) if domain_service.check_domain_exist(httpdomain["service_id"], httpdomain["container_port"], httpdomain["domain_name"], protocol, httpdomain.get("domain_path"), httpdomain.get("rule_extensions")): rst = {"msg": "策略已存在"} return Response(rst, status=status.HTTP_400_BAD_REQUEST) if service.service_source == "third_party": msg, msg_show, code = port_service.check_domain_thirdpart(self.team, service) if code != 200: logger.exception(msg, msg_show) return Response({"msg": msg, "msg_show": msg_show}, status=code) if httpdomain.get("whether_open", True): tenant_service_port = port_service.get_service_port_by_port(service, httpdomain["container_port"]) # 仅开启对外端口 code, msg, data = port_service.manage_port(self.team, service, service.service_region, int(tenant_service_port.container_port), "only_open_outer", tenant_service_port.protocol, tenant_service_port.port_alias) if code != 200: return Response({"msg": "change port fail"}, status=code) tenant_service_port = port_service.get_service_port_by_port(service, httpdomain["container_port"]) if not tenant_service_port: raise ServiceHandleException("port not found", "端口不存在", 404, 404) if not tenant_service_port.is_outer_service: return Response({"msg": "没有开启对外端口"}, status=status.HTTP_400_BAD_REQUEST) domain_service.bind_httpdomain(self.team, self.request.user, service, httpdomain, True) else: raise ServiceHandleException(msg="error parameters: protocol", msg_show="错误参数: protocol") data = {} http_rules = domain_service.get_http_rules_by_app_id(app_id) tcp_rules = domain_service.get_tcp_rules_by_app_id(app_id) data["http"] = http_rules data["tcp"] = tcp_rules re = GatewayRuleSerializer(data) return Response(re.data, status=status.HTTP_200_OK)
def add_service_dependency(self, tenant, service, dep_service_id, open_inner=None, container_port=None): dep_service_relation = dep_relation_repo.get_depency_by_serivce_id_and_dep_service_id( tenant.tenant_id, service.service_id, dep_service_id) if dep_service_relation: return 212, u"当前组件已被关联", None dep_service = service_repo.get_service_by_tenant_and_id( tenant.tenant_id, dep_service_id) # 开启对内端口 if open_inner: openServicePorts = [] if container_port: tenant_service_port = port_service.get_service_port_by_port( dep_service, int(container_port)) openServicePorts.append(tenant_service_port) else: ports = port_service.get_service_ports(dep_service) if ports: openServicePorts.extend(ports) for tenant_service_port in openServicePorts: code, msg, data = port_service.manage_port( tenant, dep_service, dep_service.service_region, int(tenant_service_port.container_port), "open_inner", tenant_service_port.protocol, tenant_service_port.port_alias) if code != 200: logger.warning( "auto open depend service inner port faliure {}". format(msg)) else: logger.debug( "auto open depend service inner port success ") else: # 校验要依赖的组件是否开启了对内端口 open_inner_services = port_repo.get_service_ports( tenant.tenant_id, dep_service.service_id).filter(is_inner_service=True) if not open_inner_services: service_ports = port_repo.get_service_ports( tenant.tenant_id, dep_service.service_id) port_list = [ service_port.container_port for service_port in service_ports ] return 201, u"要关联的组件暂未开启对内端口,是否打开", port_list is_duplicate = self.__is_env_duplicate(tenant, service, dep_service) if is_duplicate: return 412, u"要关联的组件的变量与已关联的组件变量重复,请修改后再试", None if service.create_status == "complete": task = dict() task["dep_service_id"] = dep_service_id task["tenant_id"] = tenant.tenant_id task["dep_service_type"] = dep_service.service_type task["enterprise_id"] = tenant.enterprise_id region_api.add_service_dependency(service.service_region, tenant.tenant_name, service.service_alias, task) tenant_service_relation = { "tenant_id": tenant.tenant_id, "service_id": service.service_id, "dep_service_id": dep_service_id, "dep_service_type": dep_service.service_type, "dep_order": 0, } dep_relation = dep_relation_repo.add_service_dependency( **tenant_service_relation) return 200, u"success", dep_relation