def read_ca_cert_path(self, agent_only=False): """ Read ca certs path from config file """ ad_config_path = os.path.join(self.install_path, Constant.ANOMALY_DETECTION_CONFIG_PATH) # read agent cert path agent_cert_path = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_AGENT_CERT, self.module_path) # read agent key path agent_key_path = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_AGENT_KEY, self.module_path) # read ca root cert path ca_root_file_path = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_CA_PATH, self.module_path) if agent_only: return [agent_key_path, agent_cert_path, ca_root_file_path] # get ca root key path ca_root_key_path = ca_root_file_path + '.key' # read server cert path server_cert_path = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_SERVER_CERT, self.module_path) # read server key path server_key_path = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_SERVER_KEY, self.module_path) # judge the basename of path is duplicate file_names = [ os.path.basename(file) for file in [ ca_root_file_path, server_cert_path, server_key_path, agent_cert_path, agent_key_path ] ] if len(file_names) != len(set(file_names)): raise Exception(Errors.CONTENT_OR_VALUE['gauss_0504']) return ca_root_file_path, ca_root_key_path, server_cert_path, \ server_key_path, agent_cert_path, agent_key_path
def backup_db_file(self): """ Backup data file. """ ad_config_path = os.path.join(self.install_path, Constant.ANOMALY_DETECTION_CONFIG_PATH) if not os.path.isfile(ad_config_path): g.logger.info('Config file not exist, can not backup db file') return False, None, None db_cabin = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_DATABASE, Constant.AD_CONF_DATABASE_PATH, self.module_path) if os.path.isdir(db_cabin): g.logger.info('Start backup db file.') back_up_path = os.path.join(EXTRACT_DIR, os.path.basename(db_cabin)) CommonTools.copy_file_to_dest_path(db_cabin, back_up_path) return True, db_cabin, back_up_path else: g.logger.info('No need backup db file.') return False, None, None
def run(self, remote=False): if remote: self.check_remote_params() self.check_project_path_access() self.init_globals() back_status, from_path, to_path = self.backup_db_file() if not remote: self.prepare_module_path() g.logger.info('Start deploy module files.') self.deploy_module_files() self.restore_db_file(back_status, from_path, to_path) g.logger.info('Start modify config file.') self.modify_config_file(remote=remote) g.logger.info('Start parse ca information.') ad_config_path = os.path.join(self.install_path, Constant.ANOMALY_DETECTION_CONFIG_PATH) tls = CommonTools.read_info_from_config_file( ad_config_path, Constant.AD_CONF_SECTION_SECURITY, Constant.AD_CONF_TLS_FLAG) g.logger.info('Get server type is https:[%s].' % tls) if (not remote) and tls.lower() == 'true': ca_password, ssl_password, ca_root_file_path, ca_root_key_path, ca_config_path, \ agent_cert_path, agent_key_path = self.prepare_ca_certificates() self.generate_agent_ca_files(ca_password, ssl_password, ca_root_file_path, ca_root_key_path, ca_config_path, agent_cert_path, agent_key_path) if remote and tls.lower() == 'true': self.deploy_agent_certs() g.logger.info('Start add crontab.') self.start_agent_server_monitor() g.logger.info('Start kill process.') self.try_to_kill_process_exist() g.logger.info('Start record version info.') self.record_version_info() g.logger.info( 'Waiting for start, the service will start in 1 minute...') self.waiting_for_start(Constant.DEFAULT_WAIT_SECONDS)