def update_governance_mode(tenant, region_name, app_id, governance_mode):
# update the value of host env. eg. MYSQL_HOST
service_ids = group_service_relation_repo.list_serivce_ids_by_app_id(
tenant.tenant_id, region_name, app_id)
ports = port_repo.list_inner_ports_by_service_ids(
tenant.tenant_id, service_ids)
for port in ports:
env = env_var_repo.get_service_host_env(tenant.tenant_id,
port.service_id,
port.container_port)
service = service_repo.get_service_by_tenant_and_id(
tenant.tenant_id, port.service_id)
if governance_mode == GovernanceModeEnum.KUBERNETES_NATIVE_SERVICE.name:
env.attr_value = port.k8s_service_name if port.k8s_service_name else service.service_alias + "-" + str(
port.container_port)
else:
env.attr_value = "127.0.0.1"
env.save()
if service.create_status == "complete":
body = {
"env_name": env.attr_name,
"env_value": env.attr_value,
"scope": env.scope
}
region_api.update_service_env(service.service_region,
tenant.tenant_name,
service.service_alias, body)
group_repo.update_governance_mode(tenant.tenant_id, region_name,
app_id, governance_mode)
region_app_id = region_app_repo.get_region_app_id(region_name, app_id)
region_api.update_app(region_name, tenant.tenant_name, region_app_id,
{"governance_mode": governance_mode})
def add_service_dependency(self, tenant, service, dep_service_id):
dep_service_relation = dep_relation_repo.get_depency_by_serivce_id_and_dep_service_id(tenant.tenant_id,
service.service_id,
dep_service_id)
if dep_service_relation:
return 412, u"当前应用已被关联", None
dep_service = service_repo.get_service_by_tenant_and_id(tenant.tenant_id, dep_service_id)
is_duplicate = self.__is_env_duplicate(tenant, service, dep_service)
if is_duplicate:
return 412, u"要关联的应用的变量与已关联的应用变量重复,请修改后再试", None
if service.create_status == "complete":
task = {}
task["dep_service_id"] = dep_service_id
task["tenant_id"] = tenant.tenant_id
task["dep_service_type"] = dep_service.service_type
task["enterprise_id"] = tenant.enterprise_id
region_api.add_service_dependency(service.service_region, tenant.tenant_name, service.service_alias, task)
tenant_service_relation = {
"tenant_id": tenant.tenant_id,
"service_id": service.service_id,
"dep_service_id": dep_service_id,
"dep_service_type": dep_service.service_type,
"dep_order": 0,
}
dep_relation = dep_relation_repo.add_service_dependency(**tenant_service_relation)
return 200, u"success", dep_relation
def add_service_dependency(self,
tenant,
service,
dep_service_id,
open_inner=None,
container_port=None,
user_name=''):
dep_service_relation = dep_relation_repo.get_depency_by_serivce_id_and_dep_service_id(
tenant.tenant_id, service.service_id, dep_service_id)
if dep_service_relation:
return 212, "当前组件已被关联", None
dep_service = service_repo.get_service_by_tenant_and_id(
tenant.tenant_id, dep_service_id)
# 开启对内端口
if open_inner:
self.__open_port(tenant, dep_service, container_port, user_name)
else:
# 校验要依赖的组件是否开启了对内端口
open_inner_services = port_repo.get_service_ports(
tenant.tenant_id,
dep_service.service_id).filter(is_inner_service=True)
if not open_inner_services:
service_ports = port_repo.get_service_ports(
tenant.tenant_id, dep_service.service_id)
port_list = [
service_port.container_port
for service_port in service_ports
]
return 201, "要关联的组件暂未开启对内端口,是否打开", port_list
is_duplicate = self.__is_env_duplicate(tenant, service, dep_service)
if is_duplicate:
return 412, "要关联的组件的变量与已关联的组件变量重复,请修改后再试", None
if service.create_status == "complete":
task = dict()
task["dep_service_id"] = dep_service_id
task["tenant_id"] = tenant.tenant_id
task["dep_service_type"] = dep_service.service_type
task["enterprise_id"] = tenant.enterprise_id
task["operator"] = user_name
region_api.add_service_dependency(service.service_region,
tenant.tenant_name,
service.service_alias, task)
tenant_service_relation = {
"tenant_id": tenant.tenant_id,
"service_id": service.service_id,
"dep_service_id": dep_service_id,
"dep_service_type": dep_service.service_type,
"dep_order": 0,
}
dep_relation = dep_relation_repo.add_service_dependency(
**tenant_service_relation)
# component dependency change, will change export network governance plugin configuration
if service.create_status == "complete":
from console.services.plugin import app_plugin_service
app_plugin_service.update_config_if_have_export_plugin(
tenant, service)
return 200, "success", dep_relation
def add_service_dependency(self,
tenant,
service,
dep_service_id,
open_inner=None,
container_port=None):
dep_service_relation = dep_relation_repo.get_depency_by_serivce_id_and_dep_service_id(
tenant.tenant_id, service.service_id, dep_service_id)
if dep_service_relation:
return 212, u"当前应用已被关联", None
dep_service = service_repo.get_service_by_tenant_and_id(
tenant.tenant_id, dep_service_id)
# 开启对内端口
if open_inner:
tenant_service_port = port_service.get_service_port_by_port(
dep_service, int(container_port))
code, msg, data = port_service.manage_port(
tenant, dep_service, dep_service.service_region,
int(tenant_service_port.container_port), "open_inner",
tenant_service_port.protocol, tenant_service_port.port_alias)
if code != 200:
return 412, u"开启对内端口失败", None
# 校验要依赖的服务是否开启了对内端口
open_inner_services = port_repo.get_service_ports(
tenant.tenant_id,
dep_service.service_id).filter(is_inner_service=True)
if not open_inner_services:
service_ports = port_repo.get_service_ports(
tenant.tenant_id, dep_service.service_id)
port_list = [
service_port.container_port for service_port in service_ports
]
return 201, u"要关联的服务暂未开启对内端口,是否打开", port_list
is_duplicate = self.__is_env_duplicate(tenant, service, dep_service)
if is_duplicate:
return 412, u"要关联的应用的变量与已关联的应用变量重复,请修改后再试", None
if service.create_status == "complete":
task = dict()
task["dep_service_id"] = dep_service_id
task["tenant_id"] = tenant.tenant_id
task["dep_service_type"] = dep_service.service_type
task["enterprise_id"] = tenant.enterprise_id
region_api.add_service_dependency(service.service_region,
tenant.tenant_name,
service.service_alias, task)
tenant_service_relation = {
"tenant_id": tenant.tenant_id,
"service_id": service.service_id,
"dep_service_id": dep_service_id,
"dep_service_type": dep_service.service_type,
"dep_order": 0,
}
dep_relation = dep_relation_repo.add_service_dependency(
**tenant_service_relation)
return 200, u"success", dep_relation
def post(self, request, app_id, *args, **kwargs):
ads = PostHTTPGatewayRuleSerializer(data=request.data)
ads.is_valid(raise_exception=True)
app = group_service.get_app_by_id(self.team, self.region_name, app_id)
if not app:
raise ErrAppNotFound
httpdomain = ads.data
# Compatible history code
httpdomain["domain_heander"] = httpdomain.get("domain_header", None)
httpdomain["domain_type"] = DomainType.WWW
protocol = "http"
if httpdomain.get("certificate_id", None):
protocol = "https"
httpdomain["protocol"] = protocol
service = service_repo.get_service_by_tenant_and_id(
self.team.tenant_id, httpdomain["service_id"])
if not service:
rst = {"msg": "组件不存在"}
return Response(rst, status=status.HTTP_400_BAD_REQUEST)
if domain_service.check_domain_exist(
httpdomain["service_id"], httpdomain["container_port"],
httpdomain["domain_name"], protocol,
httpdomain.get("domain_path"),
httpdomain.get("rule_extensions")):
rst = {"msg": "策略已存在"}
return Response(rst, status=status.HTTP_400_BAD_REQUEST)
if service.service_source == "third_party":
msg, msg_show, code = port_service.check_domain_thirdpart(
self.team, service)
if code != 200:
logger.exception(msg, msg_show)
return Response({
"msg": msg,
"msg_show": msg_show
},
status=code)
if httpdomain.get("whether_open", True):
tenant_service_port = port_service.get_service_port_by_port(
service, httpdomain["container_port"])
# 仅开启对外端口
code, msg, data = port_service.manage_port(
self.team, service, service.service_region,
int(tenant_service_port.container_port), "only_open_outer",
tenant_service_port.protocol, tenant_service_port.port_alias)
if code != 200:
return Response({"msg": "change port fail"}, status=code)
tenant_service_port = port_service.get_service_port_by_port(
service, httpdomain["container_port"])
if not tenant_service_port.is_outer_service:
return Response({"msg": "没有开启对外端口"},
status=status.HTTP_400_BAD_REQUEST)
data = domain_service.bind_httpdomain(self.team, self.request.user,
service, httpdomain, True)
serializer = HTTPGatewayRuleSerializer(data=data.to_dict())
serializer.is_valid()
return Response(serializer.data, status=status.HTTP_201_CREATED)
def put(self, request, app_id, rule_id, *args, **kwargs):
ads = UpdatePostHTTPGatewayRuleSerializer(data=request.data)
ads.is_valid(raise_exception=True)
app = group_service.get_app_by_id(self.team, self.region_name, app_id)
if not app:
raise ErrAppNotFound
httpdomain = ads.data
service = service_repo.get_service_by_tenant_and_id(self.team.tenant_id, httpdomain["service_id"])
if not service:
rst = {"msg": "组件不存在"}
return Response(rst, status=status.HTTP_400_BAD_REQUEST)
data = domain_service.update_httpdomain(self.team, service, rule_id, ads.data, True)
re = HTTPGatewayRuleSerializer(data=model_to_dict(data))
re.is_valid()
return Response(re.data, status=status.HTTP_200_OK)
def create_service_relation(self, tenant, service, dep_service_id):
"""
raise ErrDepServiceNotFound
raise ServiceRelationAlreadyExist
raise InnerPortNotFound
"""
self.check_relation(service.tenant_id, service.service_id, dep_service_id)
dep_service = service_repo.get_service_by_tenant_and_id(tenant.tenant_id, dep_service_id)
tenant_service_relation = {
"tenant_id": tenant.tenant_id,
"service_id": service.service_id,
"dep_service_id": dep_service_id,
"dep_service_type": dep_service.service_type,
"dep_order": 0,
}
return dep_relation_repo.add_service_dependency(**tenant_service_relation)
def post(self, request, app_id, *args, **kwargs):
ads = PostGatewayRuleSerializer(data=request.data)
ads.is_valid(raise_exception=True)
if ads.data.get("protocol") == "tcp":
tcpdomain = ads.data.get("tcp")
if not tcpdomain:
raise ServiceHandleException(msg="Missing parameters: tcp", msg_show="缺少参数: tcp")
container_port = tcpdomain.get("container_port", None)
service_id = tcpdomain.get("service_id", None)
end_point = tcpdomain.get("end_point", None)
rule_extensions = tcpdomain.get("rule_extensions", None)
default_port = tcpdomain.get("default_port", None)
default_ip = tcpdomain.get("default_ip", None)
service = service_repo.get_service_by_service_id(service_id)
if not service:
raise ServiceHandleException(msg="not service", msg_show="组件不存在")
# Check if the given endpoint exists.
service_tcpdomain = tcp_domain.get_tcpdomain_by_end_point(self.region.region_id, end_point)
if service_tcpdomain:
raise ServiceHandleException(msg="exist", msg_show="策略已存在")
if service.service_source == "third_party":
msg, msg_show, code = port_service.check_domain_thirdpart(self.team, service)
if code != 200:
raise ServiceHandleException(msg=msg, msg_show=msg_show)
try:
tenant_service_port = port_service.get_service_port_by_port(service, container_port)
# 仅打开对外端口
code, msg, data = port_service.manage_port(self.team, service, service.service_region,
int(tenant_service_port.container_port), "only_open_outer",
tenant_service_port.protocol, tenant_service_port.port_alias)
if code != 200:
raise ServiceHandleException(status_code=code, msg="change port fail", msg_show=msg)
except Exception as e:
logger.exception(e)
raise ServiceHandleException(status_code=code, msg="change port fail", msg_show="open port failure")
# 添加tcp策略
domain_service.bind_tcpdomain(self.team, self.user, service, end_point, container_port, default_port,
rule_extensions, default_ip)
elif ads.data.get("protocol") == "http":
httpdomain = ads.data.get("http")
if not httpdomain:
raise ServiceHandleException(msg="Missing parameters: tcp", msg_show="缺少参数: http")
httpdomain["domain_heander"] = httpdomain.get("domain_header", None)
httpdomain["domain_type"] = DomainType.WWW
protocol = "http"
if httpdomain.get("certificate_id", None):
protocol = "https"
httpdomain["protocol"] = protocol
service = service_repo.get_service_by_tenant_and_id(self.team.tenant_id, httpdomain["service_id"])
if not service:
rst = {"msg": "组件不存在"}
return Response(rst, status=status.HTTP_400_BAD_REQUEST)
if domain_service.check_domain_exist(httpdomain["service_id"], httpdomain["container_port"],
httpdomain["domain_name"], protocol, httpdomain.get("domain_path"),
httpdomain.get("rule_extensions")):
rst = {"msg": "策略已存在"}
return Response(rst, status=status.HTTP_400_BAD_REQUEST)
if service.service_source == "third_party":
msg, msg_show, code = port_service.check_domain_thirdpart(self.team, service)
if code != 200:
logger.exception(msg, msg_show)
return Response({"msg": msg, "msg_show": msg_show}, status=code)
if httpdomain.get("whether_open", True):
tenant_service_port = port_service.get_service_port_by_port(service, httpdomain["container_port"])
# 仅开启对外端口
code, msg, data = port_service.manage_port(self.team, service, service.service_region,
int(tenant_service_port.container_port), "only_open_outer",
tenant_service_port.protocol, tenant_service_port.port_alias)
if code != 200:
return Response({"msg": "change port fail"}, status=code)
tenant_service_port = port_service.get_service_port_by_port(service, httpdomain["container_port"])
if not tenant_service_port:
raise ServiceHandleException("port not found", "端口不存在", 404, 404)
if not tenant_service_port.is_outer_service:
return Response({"msg": "没有开启对外端口"}, status=status.HTTP_400_BAD_REQUEST)
domain_service.bind_httpdomain(self.team, self.request.user, service, httpdomain, True)
else:
raise ServiceHandleException(msg="error parameters: protocol", msg_show="错误参数: protocol")
data = {}
http_rules = domain_service.get_http_rules_by_app_id(app_id)
tcp_rules = domain_service.get_tcp_rules_by_app_id(app_id)
data["http"] = http_rules
data["tcp"] = tcp_rules
re = GatewayRuleSerializer(data)
return Response(re.data, status=status.HTTP_200_OK)
def add_service_dependency(self,
tenant,
service,
dep_service_id,
open_inner=None,
container_port=None):
dep_service_relation = dep_relation_repo.get_depency_by_serivce_id_and_dep_service_id(
tenant.tenant_id, service.service_id, dep_service_id)
if dep_service_relation:
return 212, u"当前组件已被关联", None
dep_service = service_repo.get_service_by_tenant_and_id(
tenant.tenant_id, dep_service_id)
# 开启对内端口
if open_inner:
openServicePorts = []
if container_port:
tenant_service_port = port_service.get_service_port_by_port(
dep_service, int(container_port))
openServicePorts.append(tenant_service_port)
else:
ports = port_service.get_service_ports(dep_service)
if ports:
openServicePorts.extend(ports)
for tenant_service_port in openServicePorts:
code, msg, data = port_service.manage_port(
tenant, dep_service, dep_service.service_region,
int(tenant_service_port.container_port), "open_inner",
tenant_service_port.protocol,
tenant_service_port.port_alias)
if code != 200:
logger.warning(
"auto open depend service inner port faliure {}".
format(msg))
else:
logger.debug(
"auto open depend service inner port success ")
else:
# 校验要依赖的组件是否开启了对内端口
open_inner_services = port_repo.get_service_ports(
tenant.tenant_id,
dep_service.service_id).filter(is_inner_service=True)
if not open_inner_services:
service_ports = port_repo.get_service_ports(
tenant.tenant_id, dep_service.service_id)
port_list = [
service_port.container_port
for service_port in service_ports
]
return 201, u"要关联的组件暂未开启对内端口,是否打开", port_list
is_duplicate = self.__is_env_duplicate(tenant, service, dep_service)
if is_duplicate:
return 412, u"要关联的组件的变量与已关联的组件变量重复,请修改后再试", None
if service.create_status == "complete":
task = dict()
task["dep_service_id"] = dep_service_id
task["tenant_id"] = tenant.tenant_id
task["dep_service_type"] = dep_service.service_type
task["enterprise_id"] = tenant.enterprise_id
region_api.add_service_dependency(service.service_region,
tenant.tenant_name,
service.service_alias, task)
tenant_service_relation = {
"tenant_id": tenant.tenant_id,
"service_id": service.service_id,
"dep_service_id": dep_service_id,
"dep_service_type": dep_service.service_type,
"dep_order": 0,
}
dep_relation = dep_relation_repo.add_service_dependency(
**tenant_service_relation)
return 200, u"success", dep_relation
