def getOne(self, name):
""" 查询某name的swarm集群信息 """
if self.isMember(name):
return (_ for _ in self._swarms if _.get("name") == name).next()
else:
logger.warn("get one swarm named %s, but no data" % name)
def before_request():
g.startTime = time.time()
g.redis = create_redis_engine()
g.mysql = create_mysql_engine()
g.signin = verify_sessionId(request.cookies.get("sessionId"))
g.sid, g.uid = analysis_sessionId(request.cookies.get("sessionId"),
"tuple") if g.signin else (None, None)
app.logger.debug("uid: {}, sid: {}".format(g.uid, g.sid))
g.api = api
g.ip = request.headers.get('X-Real-Ip', request.remote_addr)
g.agent = request.headers.get("User-Agent")
# 仅是重定向页面快捷定义
g.redirect_uri = get_redirect_url()
# 上下文扩展点之请求后(返回前)
before_request_hook = plugin.get_all_cep.get("before_request_hook")
for cep_func in before_request_hook():
cep_func(request=request, g=g)
before_request_return = plugin.get_all_cep.get("before_request_return")
for cep_func in before_request_return():
resp = cep_func(request=request, g=g)
try:
success = resp.is_before_request_return
except:
logger.warn(
"Plugin returns abnormalities when before_request_return")
else:
if success is True:
return resp
def RollingUpgrade(self, serviceFlag, tag):
""" 服务滚动升级 """
res = {"msg": None, "code": 0}
logger.info("Update service flag(id/name) is %s, tag is %s" %
(serviceFlag, tag))
#check params
if not serviceFlag:
logger.warn("service id/name is empty")
res.update(msg="service id/name is empty", code=60000)
logger.info(res)
return res
if not tag:
res.update(msg="tag error", code=60001)
logger.info(res)
return res
#check leader
if not self.leader:
res.update(msg="No active swarm", code=-1000)
logger.info(res)
return res
data = self.GET(service=serviceFlag, core=True,
core_convert=False).get("data")[0]
Image = "{}:{}".format(data.get("Image").split(":")[0], tag)
res.update(self.PUT(serviceFlag, image=Image))
logger.info(res)
return res
def _checkSwarmToken(self, leader):
""" 根据Leader查询集群令牌 """
try:
swarm = requests.get(Splice(netloc=leader, port=self.port, path='/swarm').geturl, timeout=self.timeout, verify=self.verify).json()
token = swarm.get('JoinTokens')
except Exception,e:
logger.warn(e, exc_info=True)
def __check_modifyPass(self, uid):
"""检查是否可以修改密码,即是否存在邮箱或手机号"""
if uid:
sql = "SELECT count(uid) FROM user_auth WHERE identity_type IN (1,2) AND uid=%s"
try:
data = self.mysql.get(sql, uid)
except Exception, e:
logger.warn(e, exc_info=True)
else:
if data and isinstance(data, dict):
return int(data.get("count(uid)") or 0) > 0
def _unpickle(self):
""" 反序列化信息取出所有数据 """
if self._ssm == "local":
try:
with open(self._ssSwarms, "r") as f:
data = json.load(f)
except Exception, e:
logger.warn(e, exc_info=True)
res = []
else:
res = data or []
def __check_hasUser(self, uid):
"""检查是否存在账号"""
if uid and len(uid) == 22:
sql = "SELECT count(uid) FROM user_auth WHERE uid=%s"
try:
data = self.db.get(sql, uid)
except Exception, e:
logger.warn(e, exc_info=True)
else:
logger.debug(data)
if data and isinstance(data, dict):
return True if data.get('count(uid)', 0) > 0 else False
def __check_hasEmail(self, email):
"""检查是否存在邮箱账号"""
if email_check(email):
sql = "SELECT uid FROM user_auth WHERE identity_type=%s AND identifier=%s"
try:
data = self.db.get(sql, 2, email)
except Exception, e:
logger.warn(e, exc_info=True)
else:
logger.debug(data)
if data and isinstance(data, dict):
return "uid" in data
def _unpickleActive(self):
""" 反序列化信息取出活跃集群 """
if self._ssm == "local":
try:
with open(self._ssActive, "r") as f:
data = json.load(f)
except Exception, e:
logger.warn(e, exc_info=True)
res = {}
else:
res = data or {}
def SignUp():
if request.method == "POST":
res = UserAuth_Registry(request.form)
if res:
logger.info("SignUp Successfully")
return redirect(url_for("login"))
else:
logger.warn("SignUp Failed")
return redirect(url_for("SignUp", errmsg="SignUp Fail"))
elif g.signin:
return redirect(url_for("uc"))
else:
return render_template("signup.html")
def __check_hasEmail(self, email, getUid=False):
"""检查是否存在邮箱账号,不检测账号状态"""
if email_check(email):
sql = "SELECT uid FROM user_auth WHERE identity_type=2 AND identifier=%s"
try:
data = self.db.get(sql, email)
except Exception, e:
logger.warn(e, exc_info=True)
else:
logger.debug(data)
if data and isinstance(data, dict):
success = "uid" in data
return data["uid"] if success and getUid else success
def oauth2_signUp(self, openid, register_ip):
"""OAuth直接登录时注册入系统
@param openid str: 加密的openid,用以获取缓存中数据userinfo,格式是:
userinfo dict: 用户信息,必须包含`openid`,`identity_type`,`avatar`,`nick_name`
@param register_ip str: 注册IP地址
"""
res = dict(msg=None, success=False)
userinfo = self.__oauth2_getUserinfo(openid)
logger.debug(userinfo)
logger.debug(type(userinfo))
if userinfo and isinstance(
userinfo, dict
) and "avatar" in userinfo and "nick_name" in userinfo and "openid" in userinfo and "access_token" in userinfo and "identity_type" in userinfo:
openid = userinfo["openid"]
access_token = userinfo["access_token"]
identity_type = int(userinfo["identity_type"])
avatar = userinfo["avatar"]
nick_name = userinfo["nick_name"]
gender = userinfo.get("gender") or 2
domain_name = userinfo.get("domain_name") or ""
signature = userinfo.get("signature") or ""
location = userinfo.get("location") or ""
expire_time = userinfo.get("expire_time") or 0
guid = gen_uniqueId()
logger.debug(
"check test: guid length: {}, identifier: {}, identity_type:{}, identity_type: {}, certificate: {}"
.format(len(guid), openid, identity_type, type(identity_type),
access_token))
define_profile_sql = "INSERT INTO user_profile (uid, register_source, register_ip, nick_name, domain_name, gender, signature, avatar, location, create_time, is_realname, is_admin) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')" % (
guid, identity_type, register_ip, nick_name,
domain_name, gender, signature, avatar, location,
get_current_timestamp(), 0, 0)
upts = self.__signUp_transacion(
guid=guid,
identifier=openid,
identity_type=identity_type,
certificate=access_token,
verified=1,
register_ip=register_ip,
expire_time=expire_time,
define_profile_sql=define_profile_sql)
logger.warn(upts)
res.update(upts)
if res["success"]:
self.__oauth2_delUserinfo(openid)
res.update(identity_type=identity_type, uid=guid)
else:
res.update(msg="Check failed")
logger.info(res)
return res
def _checkSwarmHealth(self, leader):
""" 根据Leader查询某swarm集群是否健康 """
state = []
mnum = 0
logger.info("To determine whether the cluster is healthy, starting, swarm leader is %s" %leader)
try:
nodes = requests.get(Splice(netloc=leader, port=self.port, path='/nodes').geturl, timeout=self.timeout, verify=self.verify).json()
logger.debug("check swarm health, swarm nodes length is %d" % len(nodes))
for node in nodes:
if node['Spec'].get('Role') == 'manager':
mnum += 1
isHealth = True if node['Status']['State'] == 'ready' and node['Spec'].get('Availability') == 'active' and node.get('ManagerStatus', {}).get('Reachability') == 'reachable' else False
if isHealth:
state.append(isHealth)
except Exception,e:
logger.warn(e, exc_info=True)
return "ERROR"
def _checkSwarmLeader(self, swarm):
""" 查询swarm集群Leader """
logger.info("check swarm %s leader, the request swarm manager is %s" %(swarm.get("name"), swarm.get("manager")))
if swarm:
try:
url = Splice(netloc=swarm.get("manager")[0], port=self.port, path='/nodes').geturl
data = requests.get(url, timeout=self.timeout, verify=self.verify).json()
if "message" in data:
raise TypeError("The response that first get leader is error, data is {}".format(data))
except Exception, e:
logger.warn(e, exc_info=True)
try:
url = Splice(netloc=swarm.get("manager")[-1], port=self.port, path='/nodes').geturl
data = requests.get(url, timeout=self.timeout, verify=self.verify).json()
except Exception,e:
logger.error(e, exc_info=True)
data = None
def POST(self, image, **params):
"""
Create a service in docker swarm mode cluster with api.
1. get, convert, check params,
2. post data to swarm api.
"""
res = {"msg": None, "code": 0}
logger.info("Create service, the required image is %s" % image)
#check leader
if not self.leader:
res.update(msg="No active swarm", code=-1000)
logger.info(res)
return res
###get params, in version 0.1.10, optional only is "name, env, mount, publish, replicas", required "image".
logger.debug(params)
try:
name = params.get("name")
#str, needn't convert
env = self.commaConvert(
params.get("env")) if params.get("env") else []
#source data likes "key=value, key2=value2", convert to list or tuple, \n,
#`env`'ask likes this, [key=value, key2=value2] or (key3=value3, key4=value4).
mount = self.commaConvert(
params.get("mount")) if params.get("mount") else []
#source data likes "src:dst:true:mode, src:dst:true|false:mode", example "/data/swarmopsapi-logs:/SwarmOpsApi/logs:true:bind, /data/cmlogs:/data/cmdata/logs:false:bind", convert it, \n,
#`mount`'ask likes this, [src:dst:true|false(default false, rw):mode, ].
publish = self.commaConvert(
params.get("publish")) if params.get("publish") else []
#source data likes "src:desc:protocol, src2:desc2", such as `env`, convert it, \n
#list or tuple, `publish`'ask likes this, [src:desc, src2:desc2] or ().
except Exception, e:
logger.warn(e, exc_info=True)
res.update(msg="parameters error", code=40000)
logger.info(res)
return res
#product environment start application with `tornado IOLoop` and `gevent server`
from main import app
from utils.tool import logger
from config import GLOBAL, PRODUCT
Host = GLOBAL.get('Host')
Port = GLOBAL.get('Port')
Environment = GLOBAL.get('Environment')
ProcessName = PRODUCT.get('ProcessName')
ProductType = PRODUCT.get('ProductType')
try:
import setproctitle
except ImportError, e:
logger.warn("%s, try to pip install setproctitle, otherwise, you can't use the process to customize the function" %e)
else:
setproctitle.setproctitle(ProcessName)
logger.info("The process is %s" % ProcessName)
try:
msg = '%s has been launched, %s:%s' %(ProcessName, Host, Port)
print(msg)
logger.info(msg)
if ProductType == 'gevent':
from gevent.wsgi import WSGIServer
http_server = WSGIServer((Host, Port), app)
http_server.serve_forever()
elif ProductType == 'tornado':
from tornado.wsgi import WSGIContainer
def updateUserProfile(self, uid, **profiles):
"""更新用户基本资料
@param uid str: 用户id
@param profiles dict: 资料列表
"""
#: TODO 决不能拼接SQL,先获取当前资料,用提交更新的部分资料覆盖
res = dict(msg=None, code=1)
logger.debug(profiles)
nick_name = profiles.get("nick_name")
domain_name = profiles.get("domain_name")
birthday = profiles.get("birthday")
location = profiles.get("location")
gender = profiles.get("gender")
signature = profiles.get("signature")
# 定义
checked = True
invalid = []
can_lock_nick_name = False
can_lock_domain_name = False
# 防止sql注入的安全检测
for key, value in profiles.iteritems():
checked = sql_safestring_check(value)
logger.debug("check {}, value: {}, result: {}".format(
key, value, checked))
if checked is False:
invalid.append(key)
break
# 至少有一项资料修改才通过检测
if checked:
if not nick_name and \
not domain_name and \
not birthday and \
not location and \
not gender and \
not signature:
checked = False
invalid.append("all")
if checked and uid and isinstance(uid, basestring) and len(uid) == 22:
# 获取用户资料对比nick_name、domain_name是否修改过
user_old_data = self.getUserProfile(uid)
if user_old_data["code"] == 0:
# 开始检测并组建sql
sql = "UPDATE user_profile SET "
# 用户旧数据
user_old_data = user_old_data["data"]
# 昵称
if nick_name:
if len(nick_name) <= 49:
# nick_name可修改时拼接上sql
if user_old_data["lock"]["nick_name"] is False:
sql += "nick_name='%s'," % nick_name
if nick_name != user_old_data["nick_name"]:
# 判断昵称更改,加锁,设置其24小时后过期
can_lock_nick_name = True
sql += "lock_nick_name={},".format(
timestamp_after_timestamp(hours=24))
else:
checked = False
invalid.append("nick_name")
# 个性域名
if domain_name:
if domain_name_pat.match(
domain_name) and not domain_name.endswith(
'_') and not domain_name in (
"admin", "system", "root", "administrator",
"null", "none", "true", "false", "user"):
# domain_name可修改时拼接上sql
if user_old_data["lock"]["domain_name"] is False:
sql += "domain_name='%s'," % domain_name
if domain_name != user_old_data["domain_name"]:
# 判断域名更改,加锁,设置其永久有效
can_lock_domain_name = True
sql += "lock_domain_name=0,"
else:
checked = False
invalid.append("domain_name")
# 生日
if birthday:
try:
birthday = timestring_to_timestamp(birthday,
format="%Y-%m-%d")
except:
checked = False
invalid.append("birthday")
else:
sql += "birthday=%d," % birthday
# 性别
if gender:
try:
gender = int(gender)
except:
checked = False
invalid.append("gender")
else:
if gender in (0, 1, 2):
sql += "gender=%d," % gender
else:
checked = False
invalid.append("gender")
# 签名
if signature:
sql += "signature='%s'," % signature
# 城市
if location:
sql += "location='%s'," % location
# 更新sql
if checked:
# 资料更新,设置mtime
sql += "mtime={}".format(get_current_timestamp())
sql += " WHERE uid='%s'" % uid
logger.debug("update profile for {}, sql is: {}".format(
uid, sql))
try:
self.mysql.update(sql)
except IntegrityError, e:
logger.warn(e, exc_info=True)
res.update(msg="Personal domain has been occupied",
code=2)
except Exception, e:
logger.error(e, exc_info=True)
res.update(msg="System is abnormal", code=3)
else:
res.update(code=0,
refreshCache=self.refreshUserProfile(uid))
# 更新成功后设置锁
res.update(lock=dict(nick_name=can_lock_nick_name,
domain_name=can_lock_domain_name))
else:
res.update(msg="There are invalid parameters", code=5)
def PUT(self, serviceFlag, **params):
"""update a service in docker swarm mode cluster with api.
1. get, convert, check params,
2. post data to swarm api.
"""
res = {"msg": None, "code": 0}
logger.info("Update service flag(id/name) is %s, other params is %s" %
(serviceFlag, params))
#check params
if not serviceFlag:
logger.warn("service id/name is empty")
res.update(msg="service id/name is empty", code=50000)
logger.info(res)
return res
#check leader
if not self.leader:
res.update(msg="No active swarm", code=-1000)
logger.info(res)
return res
#check UpdateServiceType
USType = params.get("UpdateServiceType", "api")
if USType not in ("ui", "api"):
res.update("UpdateServiceType error", code=50001)
logger.info(res)
return res
serviceSourceData = self.GET(service=serviceFlag,
core=True).get("data")
logger.debug(serviceSourceData)
if isinstance(serviceSourceData,
(list, tuple)) and len(serviceSourceData) > 0:
serviceSourceData = serviceSourceData[0]
serviceFlag2ID = serviceSourceData.get("ID")
#default service data for api(UI filled).
defaultName = serviceSourceData.get("Name")
defaultEnv = serviceSourceData.get("Env")
defaultMount = serviceSourceData.get("Mounts")
defaultPublish = serviceSourceData.get("NetPorts")
defaultImage = serviceSourceData.get("Image")
defaultReplicas = serviceSourceData.get("Replicas")
defaultVersion = serviceSourceData.get("Version")
try:
if USType == "ui":
image = params.get("image")
name = params.get("name")
env = self.commaConvert(
params.get("env")) if params.get("env") else None
mount = self.commaConvert(
params.get("mount")) if params.get("mount") else None
publish = self.commaConvert(params.get(
"publish")) if params.get("publish") else None
replicas = int(params.get("replicas"))
delay = int(params.get("delay", 10))
parallelism = int(params.get("parallelism", 1))
else:
image = params.get("image") or defaultImage
name = params.get("name") or defaultName
env = self.commaConvert(
params.get("env")) if params.get("env") else defaultEnv
mount = self.commaConvert(params.get(
"mount")) if params.get("mount") else defaultMount
publish = self.commaConvert(
params.get("publish")) if params.get(
"publish") else defaultPublish
replicas = int(params.get("replicas")) if params.get(
"replicas") else defaultReplicas
delay = int(
params.get("delay")) if params.get("delay") else 10
parallelism = int(params.get("parallelism")) if params.get(
"parallelism") else 1
except Exception, e:
logger.warn(e, exc_info=True)
res.update(msg="parameters error", code=50001)
logger.info(res)
return res
#source data likes "src:dst:true:mode, src:dst:true|false:mode", example "/data/swarmopsapi-logs:/SwarmOpsApi/logs:true:bind, /data/cmlogs:/data/cmdata/logs:false:bind", convert it, \n,
#`mount`'ask likes this, [src:dst:true|false(default false, rw):mode, ].
publish = self.commaConvert(
params.get("publish")) if params.get("publish") else []
#source data likes "src:desc:protocol, src2:desc2", such as `env`, convert it, \n
#list or tuple, `publish`'ask likes this, [src:desc, src2:desc2] or ().
except Exception, e:
logger.warn(e, exc_info=True)
res.update(msg="parameters error", code=40000)
logger.info(res)
return res
try:
replicas = int(params.get("replicas", 1))
#int, number of instances, detault is 1.
except ValueError, e:
logger.warn(e)
res.update(msg="replicas not an integer", code=40001)
logger.info(res)
return res
#check params
if not image:
logger.warn("image is empty")
res.update(msg="image is empty", code=40002)
logger.info(res)
return res
elif not isinstance(env, (str, unicode)) and not isinstance(
env, (list, tuple)):
logger.warn("env not a list or tuple, type is %s" % type(env))
res.update(msg="env not a list or tuple", code=40003)
logger.info(res)
def call(self,
_funcname,
_callback=None,
_include=None,
_exclude=None,
_every=None,
_mode=None,
_args=None,
_kwargs=None,
*args,
**kwargs):
"""Try to execute the func method in all enabled hooks.
.. versionchanged:: 1.7.0
add param `_mode` and `_every`
.. deprecated:: 1.7.0
- _callback: replaced by `_every`
- *args: replaced by `_args`
- **kwargs: replaced by `_kwargs`
"""
if args or kwargs:
logger.warn(
"The args/kwargs is deprecated. Use _args/_kwargs instead.")
args = _args or args
kwargs = _kwargs or kwargs
response = []
for h in sorted(self.get_enabled_hooks, key=lambda h: h.name):
if _include and isinstance(_include, (tuple, list)):
if h.name not in _include:
continue
if _exclude and isinstance(_exclude, (tuple, list)):
if h.name in _exclude:
continue
func = getattr(h.proxy, _funcname, None)
if callable(func):
try:
if args and kwargs:
result = func(*args, **kwargs)
elif kwargs:
result = func(**kwargs)
elif args:
result = func(*args)
else:
result = func()
except (ValueError, TypeError, Exception) as e:
result = dict(code=1, msg=str(e), sender=h.name)
else:
if isinstance(result, dict):
result["sender"] = h.name
if "code" not in result:
result["code"] = 0
else:
result = dict(code=0, sender=h.name, data=result)
#: Use `_every` to change the hook execution result
if callable(_every):
_er = _every(result)
if _er and isinstance(_er, dict) and "code" in _er and \
"sender" in _er:
result = _er
response.append(result)
if callable(_callback):
_callback(result)
if _mode == "any_true":
if result.get("code") == 0:
break
return response
