From 2a4b4cd911bdb0fee42f5018b40a202ce8470c99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=A8=E7=BA=A2=E9=A3=9E?= Date: Tue, 4 Jun 2019 11:09:11 +0800 Subject: [PATCH] =?UTF-8?q?[Update]=E5=81=9A=E4=B8=80=E4=BA=9B=E7=AE=80?= =?UTF-8?q?=E5=8D=95=E7=9A=84=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- biz/handlers/admin_user_handler.py | 1 - biz/handlers/asset_server_handler.py | 5 +- biz/handlers/asset_tag_handler.py | 1 - biz/handlers/hand_update_asset_handler.py | 20 ++- biz/handlers/system_user_handler.py | 2 - libs/__pycache__/common.cpython-36.pyc | Bin 3946 -> 3925 bytes libs/aliyun/ecs.py | 4 +- libs/aws/ec2.py | 3 +- libs/common.py | 1 - libs/qcloud/cvm.py | 2 +- libs/server/asset_auto_update.py | 149 ++++++++++------------ libs/server/collect_asset_info.py | 24 ++-- libs/server/push_system_user.py | 11 +- libs/server/server_common.py | 132 +++++++++---------- libs/server/sync_public_key.py | 49 +++---- libs/server/sync_to_tagtree.py | 2 +- settings.py | 8 +- test/res_get_test.py | 14 -- 18 files changed, 191 insertions(+), 237 deletions(-) delete mode 100644 test/res_get_test.py diff --git a/biz/handlers/admin_user_handler.py b/biz/handlers/admin_user_handler.py index b82d2b6..8830688 100644 --- a/biz/handlers/admin_user_handler.py +++ b/biz/handlers/admin_user_handler.py @@ -7,7 +7,6 @@ import json -import tornado.web from libs.base_handler import BaseHandler from models.server import AdminUser, model_to_dict from websdk.db_context import DBContext diff --git a/biz/handlers/asset_server_handler.py b/biz/handlers/asset_server_handler.py index c2ebff3..387da59 100644 --- a/biz/handlers/asset_server_handler.py +++ b/biz/handlers/asset_server_handler.py @@ -3,7 +3,7 @@ # @Time : 2019/4/17 16:09 # @Author : Fred Yangxiaofei # @File : asset_server_handler.py -# @Role : 说明脚本功能 +# @Role : 主机管理 import json @@ -15,7 +15,6 @@ from tornado import gen from concurrent.futures import ThreadPoolExecutor from tornado.concurrent import run_on_executor -# from libs.server_test import RsyncPublicKey, start_rsync, get_server_sysinfo from libs.common import check_ip from libs.server.sync_to_tagtree import main as sync_tag_tree import datetime @@ -385,8 +384,6 @@ def sync_task(self): @gen.coroutine def get(self, *args, **kwargs): - # msg = yield self.sync_task() - try: # 超过120s 返回Timeout msg = yield gen.with_timeout(datetime.timedelta(seconds=120), self.sync_task(), diff --git a/biz/handlers/asset_tag_handler.py b/biz/handlers/asset_tag_handler.py index b7b0c4f..b9d1792 100644 --- a/biz/handlers/asset_tag_handler.py +++ b/biz/handlers/asset_tag_handler.py @@ -7,7 +7,6 @@ import json -import tornado.web from libs.base_handler import BaseHandler from models.server import Tag, Server, ServerTag, model_to_dict from models.db import DB, DBTag diff --git a/biz/handlers/hand_update_asset_handler.py b/biz/handlers/hand_update_asset_handler.py index f683640..400e57b 100644 --- a/biz/handlers/hand_update_asset_handler.py +++ b/biz/handlers/hand_update_asset_handler.py @@ -26,31 +26,30 @@ class HandUpdateAssetHandler(BaseHandler): @run_on_executor(executor='_thread_pool') def asset_update(self, id_list): - # time.sleep(20) #测试下阻塞 - server_list = [] # 检查下状态,是true的话直接推送资产 with DBContext('r', None, True) as session: for i in id_list: - server_info = session.query(Server.ip, Server.port, AdminUser.system_user, + server_list = session.query(Server.ip, Server.port, AdminUser.system_user, AdminUser.user_key, Server.state).outerjoin(AdminUser, AdminUser.admin_user == Server.admin_user).filter( Server.id == i).all() - server_list.append(server_info) - # server_info = [('47.100.231.147', 22, 'root', '-----BEGIN RSA PRIVATE KEYxxxxxEND RSA PRIVATE KEY-----', 'false')] - server_state = server_info[0][4] + # server_list = [('47.100.231.147', 22, 'root', '-----BEGIN RSA PRIVATE KEYxxxxxEND RSA PRIVATE KEY-----', 'false')] + server_state = server_list[0][4] if server_state == 'true': - ins_log.read_log('info', 'update asset info') + ins_log.read_log('info', '机器状态为True,开始更新资产') # 选中的是true,直接更新资产 asset_data = get_server_sysinfo(server_list) + ins_log.read_log('info', '资产信息:{}'.format(asset_data)) update_asset(asset_data) else: # 选中的是其余的状态,那就先推送key, 拿到推送成功的key,更新资产 - ins_log.read_log('info', 'rsync public key , update asset info') + ins_log.read_log('info', '状态为非True,先推送公钥再进行更新资产') rsync_sucess_list = rsync_public_key(server_list) if rsync_sucess_list: asset_data = get_server_sysinfo(server_list) + ins_log.read_log('info', '资产信息:{}'.format(asset_data)) update_asset(asset_data) @gen.coroutine @@ -60,11 +59,10 @@ def post(self, *args, **kwargs): if not id_list: return self.write(dict(code=1, msg='关键参数不能为空')) - #yield self.asset_update(id_list) try: - #超过120s 返回Timeout + # 超过120s 返回Timeout yield gen.with_timeout(datetime.timedelta(seconds=120), [self.asset_update(id_list)], - quiet_exceptions=tornado.gen.TimeoutError) + quiet_exceptions=tornado.gen.TimeoutError) except gen.TimeoutError: return self.write(dict(code=-2, msg='TimeOut')) return self.write(dict(code=0, msg='任务执行完成,提醒: 完成状态为:True, 错误状态:False, False状态下可点击查看日志进行排错')) diff --git a/biz/handlers/system_user_handler.py b/biz/handlers/system_user_handler.py index bc11d71..ab54d16 100644 --- a/biz/handlers/system_user_handler.py +++ b/biz/handlers/system_user_handler.py @@ -7,12 +7,10 @@ import json -import tornado.web from libs.base_handler import BaseHandler from models.server import SystemUser, model_to_dict from websdk.db_context import DBContext from opssdk.operate import MyCryptV2 -# from libs.test import MyCrypt from libs.common import exec_shell, is_number from libs.server.push_system_user import PushSystemUser import shortuuid diff --git a/libs/__pycache__/common.cpython-36.pyc b/libs/__pycache__/common.cpython-36.pyc index bfb6ba631acab4bd38736489672c1634fd1e4c98..8f27b9f5e5dc636e34ec3104cf12c1312c2cb1f6 100644 GIT binary patch delta 258 zcmaDQcU4Z=n3tE!?)KN1HX#Ov#|%h-8OU}3;^Ju&m9?^2Qy5YhbJ(KTfHYGMdoD*5 z2O~oYa|%lfLlkFZ8!N_Q|`8bOr zBctu+m#h|yjQ*3A*dH*4Z)WCDU}TKntilL!UYuJN#Rc60n)rFyeWJ@nlFVvMF2?i zrwFD90cn90=@gL^QJ@aN6qyvU6mcL+C`BSg5-2B}!Whh;Df<%SB)^SE*ccgwHlJpk z#mK0%IgL4jkO-|s`Q4lE-0h(6?^ejV>C5Q+G61O;uGxCc{N=q|SCNJchz@`Kg<6xX@ H%C7(bpC&^S diff --git a/libs/aliyun/ecs.py b/libs/aliyun/ecs.py index e52081d..46cd87f 100644 --- a/libs/aliyun/ecs.py +++ b/libs/aliyun/ecs.py @@ -3,7 +3,7 @@ # @Time : 2019/5/13 14:02 # @Author : Fred Yangxiaofei # @File : ecs.py -# @Role : 获取Aliyun资产信息推送到CMDB +# @Role : 获取Aliyun资产信息推送到CMDB import json @@ -113,7 +113,7 @@ def get_server_info(self): asset_data['os_name'] = i.get('OSName') server_list.append(asset_data) # print(asset_data) - ins_log.read_log('info', asset_data) + ins_log.read_log('info', '资产信息:{}'.format(asset_data)) return server_list def sync_cmdb(self): diff --git a/libs/aws/ec2.py b/libs/aws/ec2.py index 338c870..9e2223d 100644 --- a/libs/aws/ec2.py +++ b/libs/aws/ec2.py @@ -51,7 +51,6 @@ def get_server_info(self): if ret: for r in ret: for i in r['Instances']: - print(i) asset_data = dict() try: asset_data['hostname'] = i.get('Tags')[0].get('Value') @@ -81,7 +80,7 @@ def sync_cmdb(self): return False with DBContext('w') as session: for server in server_list: - print(server) + ins_log.read_log('info', '资产信息:{}'.format(server)) ip = server.get('public_ip') instance_id = server.get('instance_id', 'Null') hostname = server.get('hostname', instance_id) diff --git a/libs/common.py b/libs/common.py index c85ac8c..4890692 100644 --- a/libs/common.py +++ b/libs/common.py @@ -9,7 +9,6 @@ import time import subprocess import paramiko -import shortuuid import concurrent.futures import re from libs.ansibleAPI.runner import Runner diff --git a/libs/qcloud/cvm.py b/libs/qcloud/cvm.py index f594be8..92b1d1c 100644 --- a/libs/qcloud/cvm.py +++ b/libs/qcloud/cvm.py @@ -125,7 +125,7 @@ def get_server_info(self): asset_data['os_type'] = os_type # print(asset_data) server_list.append(asset_data) - ins_log.read_log('info', asset_data) + ins_log.read_log('info', '资产信息:{}'.format(asset_data)) return server_list def sync_cmdb(self): diff --git a/libs/server/asset_auto_update.py b/libs/server/asset_auto_update.py index cb5b464..b08c83b 100644 --- a/libs/server/asset_auto_update.py +++ b/libs/server/asset_auto_update.py @@ -8,7 +8,6 @@ from libs.db_context import DBContext from models.server import Server, ServerDetail, model_to_dict, AdminUser, AssetErrorLog -# from libs.server_test import start_rsync, get_server_sysinfo, RsyncPublicKey from libs.server.sync_public_key import RsyncPublicKey, start_rsync from libs.server.collect_asset_info import get_server_sysinfo from libs.web_logs import ins_log @@ -42,7 +41,7 @@ def rsync_public_key(self): id_list = self.check_server_state() if not id_list: ins_log.read_log('info', '[PASS]: No new server found, automatically skipping push public key') - # print('[PASS]: No new server found, automatically skipping push public key') + # print('[PASS]: No new server found, automatically skipping push public key') return @@ -90,19 +89,6 @@ def rsync_public_key(self): return rsync_sucess_list - def get_host_info(self): - '''获取主机信息''' - id_list = self.check_server_state() - connect_server_list = [] - with DBContext('r') as session: - for i in id_list: - connect_info = session.query(Server.ip, Server.port, AdminUser.system_user).outerjoin(AdminUser, - AdminUser.admin_user == Server.admin_user).filter( - Server.id == i).all() - connect_server_list.append(connect_info) - res_data_list = get_server_sysinfo(connect_server_list) - return res_data_list - def update_asset(self, host_info): """ 更新资产到数据库 @@ -110,63 +96,74 @@ def update_asset(self, host_info): :return: """ with DBContext('w') as session: - for host in host_info: - for k, v in host.items(): - try: - if host[k].get('status'): - _sn = v.get('sn', None) - _hostname = v.get('host_name', None) - _cpu = v.get('cpu', None) - _cpu_cores = v.get('cpu_cores', None) - _memory = v.get('memory', None) - _disk = v.get('disk', None) - _os_type = v.get('os_type', None) - _os_kernel = v.get('os_kernel', None) - # _instance_id = v.get('instance_id', None) - # _instance_type = v.get('instance_type', None) - # _instance_state = v.get('instance_state', None) - - exist_detail = session.query(ServerDetail).filter(ServerDetail.ip == k).first() - if not exist_detail: - # 不存在就新建 - new_server_detail = ServerDetail(ip=k, sn=_sn, cpu=_cpu, cpu_cores=_cpu_cores, - memory=_memory, disk=_disk, - os_type=_os_type, os_kernel=_os_kernel) - session.add(new_server_detail) - session.commit() - session.query(Server).filter(Server.ip == k).update( - {Server.hostname: _hostname, Server.state: 'true'}) - session.commit() - else: - # 存在就更新 - session.query(ServerDetail).filter(ServerDetail.ip == k).update({ - ServerDetail.sn: _sn, ServerDetail.ip: k, - ServerDetail.cpu: _cpu, ServerDetail.cpu_cores: _cpu_cores, - ServerDetail.disk: _disk, ServerDetail.memory: _memory, - ServerDetail.os_type: _os_type, ServerDetail.os_kernel: _os_kernel, - }) - - session.query(Server).filter(Server.ip == k).update( - {Server.hostname: _hostname, Server.state: 'true'}) - session.commit() - except sqlalchemy.exc.IntegrityError as e: - ins_log.read_log('error',e) - # 状态改为Flse->删除主机Detail--记录错误信息 - session.query(Server).filter(Server.ip == k).update({Server.state: 'false'}) - session.query(ServerDetail).filter(ServerDetail.ip == k).delete( - synchronize_session=False) - - exist_ip = session.query(AssetErrorLog).filter(AssetErrorLog.ip == k).first() - error_log = str(e) - if exist_ip: - session.query(AssetErrorLog).filter(AssetErrorLog.ip == k).update( - {AssetErrorLog.error_log: error_log}) + for k, v in host_info.items(): + try: + if host_info[k].get('status'): + _sn = v.get('sn', None) + _hostname = v.get('host_name', None) + _cpu = v.get('cpu', None) + _cpu_cores = v.get('cpu_cores', None) + _memory = v.get('memory', None) + _disk = v.get('disk', None) + _os_type = v.get('os_type', None) + _os_kernel = v.get('os_kernel', None) + # _instance_id = v.get('instance_id', None) + # _instance_type = v.get('instance_type', None) + # _instance_state = v.get('instance_state', None) + + exist_detail = session.query(ServerDetail).filter(ServerDetail.ip == k).first() + if not exist_detail: + # 不存在就新建 + new_server_detail = ServerDetail(ip=k, sn=_sn, cpu=_cpu, cpu_cores=_cpu_cores, + memory=_memory, disk=_disk, + os_type=_os_type, os_kernel=_os_kernel) + session.add(new_server_detail) + session.commit() + session.query(Server).filter(Server.ip == k).update( + {Server.hostname: _hostname, Server.state: 'true'}) + session.commit() else: - new_error_log = AssetErrorLog(ip=k, error_log=error_log) - session.add(new_error_log) + # 存在就更新 + session.query(ServerDetail).filter(ServerDetail.ip == k).update({ + ServerDetail.sn: _sn, ServerDetail.ip: k, + ServerDetail.cpu: _cpu, ServerDetail.cpu_cores: _cpu_cores, + ServerDetail.disk: _disk, ServerDetail.memory: _memory, + ServerDetail.os_type: _os_type, ServerDetail.os_kernel: _os_kernel, + }) + + session.query(Server).filter(Server.ip == k).update( + {Server.hostname: _hostname, Server.state: 'true'}) + session.commit() + except sqlalchemy.exc.IntegrityError as e: + ins_log.read_log('error', e) + # 状态改为Flse->删除主机Detail--记录错误信息 + session.query(Server).filter(Server.ip == k).update({Server.state: 'false'}) + session.query(ServerDetail).filter(ServerDetail.ip == k).delete( + synchronize_session=False) + + exist_ip = session.query(AssetErrorLog).filter(AssetErrorLog.ip == k).first() + error_log = str(e) + if exist_ip: + session.query(AssetErrorLog).filter(AssetErrorLog.ip == k).update( + {AssetErrorLog.error_log: error_log}) + else: + new_error_log = AssetErrorLog(ip=k, error_log=error_log) + session.add(new_error_log) - session.commit() - return False + session.commit() + return False + + def get_host_info(self): + '''获取主机信息,并写入数据库''' + id_list = self.check_server_state() + with DBContext('r') as session: + for i in id_list: + server_list = session.query(Server.ip, Server.port, AdminUser.system_user).outerjoin(AdminUser, + AdminUser.admin_user == Server.admin_user).filter( + Server.id == i).all() + asset_data = get_server_sysinfo(server_list) + ins_log.read_log('info', '资产信息:{}'.format(asset_data)) + self.update_asset(asset_data) def main(state): @@ -192,14 +189,9 @@ def main(state): if not obj.rsync_public_key(): # 如果没有发现有新增的主机,直接PASS return - hosts_data = obj.get_host_info() - obj.update_asset(hosts_data) + obj.get_host_info() elif state == 'true': - hosts_data_list = obj.get_host_info() - obj.update_asset(hosts_data_list) - - else: - pass + obj.get_host_info() def new_tail_data(): @@ -211,5 +203,4 @@ def true_tail_data(): if __name__ == '__main__': - main('new') -# fire.Fire(main) + fire.Fire(main) diff --git a/libs/server/collect_asset_info.py b/libs/server/collect_asset_info.py index 6ca0e82..938424b 100644 --- a/libs/server/collect_asset_info.py +++ b/libs/server/collect_asset_info.py @@ -25,7 +25,9 @@ def get_host_info(server_list): module_args="", remote_user=user, pattern="all", - hosts=ip + hosts=ip, + timeout=10, + forks=10 ) result = runner.run() @@ -116,18 +118,22 @@ def get_host_info(server_list): asset_data[ip]['os_type'] = os_type asset_data[ip]['os_kernel'] = os_kernel - print(asset_data) + # print(asset_data) + # print('ok') return asset_data def get_server_sysinfo(server_list): - """ - 多进程采集机器信息 - :param server_list: 主机列表 - :return: - """ - #print(list(exec_thread(func=get_host_info, iterable1=server_list))) - return list(exec_thread(func=get_host_info, iterable1=server_list)) + return get_host_info(server_list) + +# def get_server_sysinfo(server_list): +# """ +# 多进程采集机器信息 +# :param server_list: 主机列表 +# :return: +# """ +# #print(list(exec_thread(func=get_host_info, iterable1=server_list))) +# return list(exec_thread(func=get_host_info, iterable1=server_list)) if __name__ == '__main__': diff --git a/libs/server/push_system_user.py b/libs/server/push_system_user.py index 1ea425e..8d0ee41 100644 --- a/libs/server/push_system_user.py +++ b/libs/server/push_system_user.py @@ -141,12 +141,7 @@ def configure_keyless(self): mc = MyCryptV2() system_user = data.get('system_user') _public_key = mc.my_decrypt(data.get('id_rsa_pub')) # 解密 - # print(_public_key) - # module_args = '[ ! -d /home/{}/.ssh ] && mkdir /home/{}/.ssh && chmod 700 /home/{}/.ssh ; ' \ - # '[ ! -f /home/{}/.ssh/authorized_keys ] && touch /home/{}/.ssh/authorized_keys; ' \ - # ' grep -c "{}" /home/{}/.ssh/authorized_keys >> /dev/null || echo "{}" >> /home/{}/.ssh/authorized_keys && chmod 600 /home/{}/.ssh/authorized_keys && echo ok'.format( - # system_user, system_user, system_user, system_user, system_user, _public_key, system_user, - # _public_key, system_user, system_user) + module_args = '{sudo} [ ! -d /home/{system_user}/.ssh ]&& ' \ '{sudo} mkdir /home/{system_user}/.ssh &&' \ @@ -329,6 +324,10 @@ def delete_user_sudo(self, system_user): def main(): + """ + 这是二期规划,跳板用的 + :return: + """ obj = PushSystemUser() # obj.delete_system_user('sudo_test') # obj.delete_user_sudo('sudo_test') diff --git a/libs/server/server_common.py b/libs/server/server_common.py index b9f168b..540032f 100644 --- a/libs/server/server_common.py +++ b/libs/server/server_common.py @@ -37,71 +37,70 @@ def update_asset(asset_data): :return: """ with DBContext('w') as session: - for host in asset_data: - for k, v in host.items(): - try: - if host[k].get('status'): - _sn = v.get('sn', None) - _hostname = v.get('host_name', None) - _cpu = v.get('cpu', None) - _cpu_cores = v.get('cpu_cores', None) - _memory = v.get('memory', None) - _disk = v.get('disk', None) - _os_type = v.get('os_type', None) - _os_kernel = v.get('os_kernel', None) - # _instance_id = v.get('instance_id', None) - # _instance_type = v.get('instance_type', None) - # _instance_state = v.get('instance_state', None) - - exist_detail = session.query(ServerDetail).filter(ServerDetail.ip == k).first() - if not exist_detail: - # 不存在就新建 - new_server_detail = ServerDetail(ip=k, sn=_sn, cpu=_cpu, cpu_cores=_cpu_cores, - memory=_memory, disk=_disk, - os_type=_os_type, os_kernel=_os_kernel) - session.add(new_server_detail) - session.commit() - session.query(Server).filter(Server.ip == k).update( - {Server.hostname: _hostname, Server.state: 'true'}) - session.commit() - else: - # 存在就更新 - session.query(ServerDetail).filter(ServerDetail.ip == k).update({ - ServerDetail.sn: _sn, ServerDetail.ip: k, - ServerDetail.cpu: _cpu, ServerDetail.cpu_cores: _cpu_cores, - ServerDetail.disk: _disk, ServerDetail.memory: _memory, - ServerDetail.os_type: _os_type, ServerDetail.os_kernel: _os_kernel, - }) - - session.query(Server).filter(Server.ip == k).update( - {Server.hostname: _hostname, Server.state: 'true'}) - session.commit() - except sqlalchemy.exc.IntegrityError as e: - ins_log.read_log('error', e) - # 状态改为Flse->删除主机Detail--记录错误信息 - session.query(Server).filter(Server.ip == k).update({Server.state: 'false'}) - session.query(ServerDetail).filter(ServerDetail.ip == k).delete( - synchronize_session=False) - - exist_ip = session.query(AssetErrorLog).filter(AssetErrorLog.ip == k).first() - error_log = str(e) - if exist_ip: - session.query(AssetErrorLog).filter(AssetErrorLog.ip == k).update( - {AssetErrorLog.error_log: error_log}) + for k, v in asset_data.items(): + try: + if asset_data[k].get('status'): + _sn = v.get('sn', None) + _hostname = v.get('host_name', None) + _cpu = v.get('cpu', None) + _cpu_cores = v.get('cpu_cores', None) + _memory = v.get('memory', None) + _disk = v.get('disk', None) + _os_type = v.get('os_type', None) + _os_kernel = v.get('os_kernel', None) + # _instance_id = v.get('instance_id', None) + # _instance_type = v.get('instance_type', None) + # _instance_state = v.get('instance_state', None) + + exist_detail = session.query(ServerDetail).filter(ServerDetail.ip == k).first() + if not exist_detail: + # 不存在就新建 + new_server_detail = ServerDetail(ip=k, sn=_sn, cpu=_cpu, cpu_cores=_cpu_cores, + memory=_memory, disk=_disk, + os_type=_os_type, os_kernel=_os_kernel) + session.add(new_server_detail) + session.commit() + session.query(Server).filter(Server.ip == k).update( + {Server.hostname: _hostname, Server.state: 'true'}) + session.commit() else: - new_error_log = AssetErrorLog(ip=k, error_log=error_log) - session.add(new_error_log) - - session.commit() - return False + # 存在就更新 + session.query(ServerDetail).filter(ServerDetail.ip == k).update({ + ServerDetail.sn: _sn, ServerDetail.ip: k, + ServerDetail.cpu: _cpu, ServerDetail.cpu_cores: _cpu_cores, + ServerDetail.disk: _disk, ServerDetail.memory: _memory, + ServerDetail.os_type: _os_type, ServerDetail.os_kernel: _os_kernel, + }) + + session.query(Server).filter(Server.ip == k).update( + {Server.hostname: _hostname, Server.state: 'true'}) + session.commit() + except sqlalchemy.exc.IntegrityError as e: + ins_log.read_log('error', e) + # 状态改为Flse->删除主机Detail--记录错误信息 + session.query(Server).filter(Server.ip == k).update({Server.state: 'false'}) + session.query(ServerDetail).filter(ServerDetail.ip == k).delete( + synchronize_session=False) + + exist_ip = session.query(AssetErrorLog).filter(AssetErrorLog.ip == k).first() + error_log = str(e) + if exist_ip: + session.query(AssetErrorLog).filter(AssetErrorLog.ip == k).update( + {AssetErrorLog.error_log: error_log}) + else: + new_error_log = AssetErrorLog(ip=k, error_log=error_log) + session.add(new_error_log) + + session.commit() + return False def rsync_public_key(server_list): """ 推送PublicKey - :return: + :return: 只返回推送成功的,失败的直接写错误日志 """ - # server_info = [('47.100.231.147', 22, 'root', '-----BEGIN RSA PRIVATE KEYxxxxxEND RSA PRIVATE KEY-----', 'false')] + # server_list = [('47.100.231.147', 22, 'root', '-----BEGIN RSA PRIVATE KEYxxxxxEND RSA PRIVATE KEY-----', 'false')] ins_log.read_log('info', 'first, rsync public key to server') rsync_error_list = [] rsync_sucess_list = [] @@ -109,11 +108,10 @@ def rsync_public_key(server_list): check = sync_key_obj.check_rsa() if check: res_data = start_rsync(server_list) - for res in res_data: - if not res.get('status'): - rsync_error_list.append(res) - else: - rsync_sucess_list.append(res) + if not res_data.get('status'): + rsync_error_list.append(res_data) + else: + rsync_sucess_list.append(res_data) if rsync_error_list: write_error_log(rsync_error_list) @@ -121,13 +119,5 @@ def rsync_public_key(server_list): return rsync_sucess_list -def test(): - # 日志: - # error_list = [{'status': False, 'ip': 'xxxxxxx', 'msg': '认证失败,请检查管理用户Key是否正确'}, {'status': False, 'ip': 'xxxxxxx', 'msg': '认证失败,请检查管理用户Key是否正确'}] - # 资产更新 - # ass_data =[{'xxxxxxx': {'status': False, 'msg': 'Failed to connect to the host via ssh: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).'}}, {'47.101.50.185': {'status': False, 'msg': 'Failed to connect to the host via ssh: Permission denied (publickey,password).'}}, {'119.28.103.104': {'status': True, 'msg': '获取资产成功', 'sn': 'ad5d1ce7-8a14-47ce-8f10-8f3af3506721', 'host_name': 'OPS-SG_TX-01-salt-master01', 'cpu': 'Intel(R) Xeon(R) CPU E5-26xx v4', 'cpu_cores': 2, 'memory': '3.7G', 'disk': 150.0, 'os_type': 'CentOS 7.5.1804', 'os_kernel': '3.10.0-693.el7.x86_64'}}] - pass - - if __name__ == '__main__': pass diff --git a/libs/server/sync_public_key.py b/libs/server/sync_public_key.py index 1b7d67e..66875f1 100644 --- a/libs/server/sync_public_key.py +++ b/libs/server/sync_public_key.py @@ -5,23 +5,21 @@ # @File : sync_public_key.py # @Role : 推送公钥到主机,实现免密钥登陆 - - import os import paramiko from settings import PUBLIC_KEY from models.server import SSHConfigs from libs.db_context import DBContext from libs.web_logs import ins_log -from libs.common import remote_upload_file, get_key_file, exec_shell, exec_thread +from libs.common import remote_upload_file, get_key_file, exec_shell +import fire BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) class RsyncPublicKey(): def __init__(self): - self.msg = "" - + self.msg = '' def check_public_path(self): """ @@ -29,14 +27,13 @@ def check_public_path(self): :return: """ PUBLIC_KEY_PATH = os.path.dirname(PUBLIC_KEY) - cmd = '[ ! -d {} ] && mkdir {} && chmod 700 {} ; '.format(PUBLIC_KEY_PATH,PUBLIC_KEY_PATH,PUBLIC_KEY_PATH) + cmd = '[ ! -d {} ] && mkdir {} && chmod 700 {} ; '.format(PUBLIC_KEY_PATH, PUBLIC_KEY_PATH, PUBLIC_KEY_PATH) code, ret = exec_shell(cmd) if code == 0: return True else: return False - def init_rsa(self): '''Server端生成秘钥对''' cmd = 'ssh-keygen -t rsa -P "" -f {}/id_rsa'.format(os.path.dirname((PUBLIC_KEY))) @@ -56,19 +53,18 @@ def save_of(self): session.add(new_config) session.commit() - def check_rsa(self): """ 检查CMDB 密钥配置,没有则创建新的写入数据库 :return: """ - #检查路径 + # 检查路径 self.check_public_path() with DBContext('r') as session: # 这张表里面直有一条信息,名字:cmdb, 一对密钥 - exist_rsa = session.query(SSHConfigs.id, SSHConfigs.id_rsa_pub, SSHConfigs.id_rsa).filter(SSHConfigs.name == 'cmdb').first() + exist_rsa = session.query(SSHConfigs.id, SSHConfigs.id_rsa_pub, SSHConfigs.id_rsa).filter( + SSHConfigs.name == 'cmdb').first() if not exist_rsa: - print('1111') # 检查本地是否存在 local_id_rsa_exist = os.path.exists('{}/id_rsa'.format(os.path.dirname(PUBLIC_KEY))) if not local_id_rsa_exist: @@ -82,27 +78,26 @@ def check_rsa(self): id_rsa_pub = exist_rsa[1] id_rsa = exist_rsa[2] cmd1 = 'echo "{}" > {}/id_rsa.pub'.format(id_rsa_pub, PUBLIC_KEY_PATH) - cmd2 = 'echo "{}" > {}/id_rsa && chmod 600 {}/id_rsa'.format(id_rsa, PUBLIC_KEY_PATH,PUBLIC_KEY_PATH) + cmd2 = 'echo "{}" > {}/id_rsa && chmod 600 {}/id_rsa'.format(id_rsa, PUBLIC_KEY_PATH, PUBLIC_KEY_PATH) exec_shell(cmd1) exec_shell(cmd2) return True else: return True - - def sync_key(self, host): + def sync_key(self, server_list): """ 批量下发server端公钥到client端 - :param host: 主机信息,IP端口用户密码 + :param server_list: 主机信息,IP端口用户密码 :return: """ - if not isinstance(host, list): + if not isinstance(server_list, list): raise ValueError() - ip = host[0][0] - port = host[0][1] - user = host[0][2] - user_key = host[0][3] + ip = server_list[0][0] + port = server_list[0][1] + user = server_list[0][2] + user_key = server_list[0][3] cmd = '[ ! -d ~/.ssh ] && mkdir ~/.ssh && chmod 700 ~/.ssh ; ' \ '[ ! -f ~/.ssh/authorized_keys ] && touch ~/.ssh/authorized_keys; ' \ 'grep -c "`cat /tmp/id_rsa.pub`" ~/.ssh/authorized_keys >> /dev/null;' \ @@ -135,6 +130,7 @@ def sync_key(self, host): } except Exception as e: + print(e) self.msg = { 'status': False, 'ip': ip, @@ -147,17 +143,14 @@ def sync_key(self, host): def start_rsync(server_list): """ - 多进程推送CMDB公钥 + 推送CMDB公钥 + # server_list = [('172.16.0.120', 22, 'root', '-----BEGIN RSA PRIVATE KEY-----\nMIIEogIBAAKCAQEAlTbeMPz7G69rRtpAdlcR/YIKd17oFJBcQ6+2ELTs9tA5Tc/W\nZo3+ftex8pKXx9sGyH28ynrwBiJTRmyaSNFssIxDXGbS9mbliLF+3NZX8sE8soUZ\n1bJYhF3VmKhziRgcRr4QKMltVNMFI/p8ofdsrbNFX6f2OA0iP3bHTbTUzgDiRjwx\nubhXolog/eZboCTahKClPlT3ffhoyYihLX8zjgAxJsFpUAFfVXUrGjD+ttEPoSjg\nxhJRdfXMHF9QLmzMwyxJvvreKtXM+LzyrMRcdAedt3mF+BWc89XhqglM5IcR6fIm\nRyXf3dn7mgWm42xGILSOT6qSjJ1JyptkVc7/5wIBIwKCAQBMvSHQDRNtUua2uWL7\nCDUjSjFEtHdbCGn27KbGw3KNj6hxKQ8tbZjThN8sS2QAYgN9DXcJDAZpjf7xBKce\nIo+rQNIvhVaNWX1cPga6t2BuN35NLoJQpN0Q38zvbJMwkA6KyCWRUaXxHBFFtAWV\nIClDY4LDevOnzD1/uW3QMRz8Oi7/Awrce0QX42O8EkKXwf7YtV0ZIfRiKxaNKJVS\nWqxkVCxXdcAwpq6E4zaEXmBTISc2QhFD1n6yS9Z74rSAF2fIVErbBHAGRHMcUpdu\nR3ALKxo4/6R0KQ3rRj/SB8aMPp7KrR2ebSYWAlKDxete66MjIfBXQ1sr/the7iqV\nUJzLAoGBAMQgHreTPrfxtVj2hfpMl+GBvr/VyOoBVobJOZLi4/docuX2fpGVltGb\nb7Lq6F+Wd06nmmHqHhaBTgv2Vw9c8W8svhMarLs96EF/E53p7Xy3f2SmOOUoFbXO\nkMkRxPDK3uEOjDfvptiSuneaDpkbt7B9h+ipaDaTUunSYdgy4oRRAoGBAMLEex3r\nifCeo4YZrqbzk8JdgT6bO869v+DRY7MOB163zS3biIyxJnNF2eODO8diQ/S6uLKf\nKH19hhDfz3ARTdrmPBbd/mWLaHLClvVsaGlt7U0wpOEKk6FqA5x/3+hB2RiKMcL4\nxz08xaqqZ/0A6mal+OCKzZx5E7s/o1XHs0q3AoGBALjrFaXFWGRKS+YqQ869Pr6t\nh/azoC0XNFMywUFZlRx4bFUqPNJoeEH49Embp+UY1uPCmN/5/xyIi2pdSsVXoc84\n0Hhpm4v4ioblh4ZC9dv9eB0RwJ2MMboL55kCIBY7nvF0Hc5W/GXMLCef4eDQ/aZn\nuqgqsrcdMOsW0Ugv+iT7AoGAMhVEOuTLsub22VcPp0Xyy5RjEBlJ5LRzKy6HWe2q\nH6ubKQyQ07iGOuYTdQR9FgNTTY8ZjQRa3nC8Eve4/49rypL5gjkVh9NkAECqeZ+I\nkCOUyrS8ruV2a1XGahJA4/Os2myttcrxZ4Sn222lthYtpV3g6UhDgAHggJtV4tuU\ngO0CgYEAqCrkYsBaVBiCFzuTyyXjU2wYz303skO2iizcIViE5PQXeqwy6JHJuFZa\nMtuTaGKSaFHgRNdyQwlcTMlndrv7bIkhr6fif496Dadh5UqeX/60labOjX716EOk\n7JiUCeJdbXPoWLokTggzeLz1mD6AT/ZnvBEzfe8oT9UntkLXT5I=\n-----END RSA PRIVATE KEY-----')] :param server_list: CMDB主机列表 :return: """ - sync_key_obj = RsyncPublicKey() - return list(exec_thread(func=sync_key_obj.sync_key, iterable1=server_list)) + obj = RsyncPublicKey() + return obj.sync_key(server_list) if __name__ == '__main__': - pass - - - # server_list = [[('172.16.0.120', 22, 'root', '-----BEGIN RSA PRIVATE KEY-----\nMIIEogIBAAKCAQEAlTbeMPz7G69rRtpAdlcR/YIKd17oFJBcQ6+2ELTs9tA5Tc/W\nZo3+ftex8pKXx9sGyH28ynrwBiJTRmyaSNFssIxDXGbS9mbliLF+3NZX8sE8soUZ\n1bJYhF3VmKhziRgcRr4QKMltVNMFI/p8ofdsrbNFX6f2OA0iP3bHTbTUzgDiRjwx\nubhXolog/eZboCTahKClPlT3ffhoyYihLX8zjgAxJsFpUAFfVXUrGjD+ttEPoSjg\nxhJRdfXMHF9QLmzMwyxJvvreKtXM+LzyrMRcdAedt3mF+BWc89XhqglM5IcR6fIm\nRyXf3dn7mgWm42xGILSOT6qSjJ1JyptkVc7/5wIBIwKCAQBMvSHQDRNtUua2uWL7\nCDUjSjFEtHdbCGn27KbGw3KNj6hxKQ8tbZjThN8sS2QAYgN9DXcJDAZpjf7xBKce\nIo+rQNIvhVaNWX1cPga6t2BuN35NLoJQpN0Q38zvbJMwkA6KyCWRUaXxHBFFtAWV\nIClDY4LDevOnzD1/uW3QMRz8Oi7/Awrce0QX42O8EkKXwf7YtV0ZIfRiKxaNKJVS\nWqxkVCxXdcAwpq6E4zaEXmBTISc2QhFD1n6yS9Z74rSAF2fIVErbBHAGRHMcUpdu\nR3ALKxo4/6R0KQ3rRj/SB8aMPp7KrR2ebSYWAlKDxete66MjIfBXQ1sr/the7iqV\nUJzLAoGBAMQgHreTPrfxtVj2hfpMl+GBvr/VyOoBVobJOZLi4/docuX2fpGVltGb\nb7Lq6F+Wd06nmmHqHhaBTgv2Vw9c8W8svhMarLs96EF/E53p7Xy3f2SmOOUoFbXO\nkMkRxPDK3uEOjDfvptiSuneaDpkbt7B9h+ipaDaTUunSYdgy4oRRAoGBAMLEex3r\nifCeo4YZrqbzk8JdgT6bO869v+DRY7MOB163zS3biIyxJnNF2eODO8diQ/S6uLKf\nKH19hhDfz3ARTdrmPBbd/mWLaHLClvVsaGlt7U0wpOEKk6FqA5x/3+hB2RiKMcL4\nxz08xaqqZ/0A6mal+OCKzZx5E7s/o1XHs0q3AoGBALjrFaXFWGRKS+YqQ869Pr6t\nh/azoC0XNFMywUFZlRx4bFUqPNJoeEH49Embp+UY1uPCmN/5/xyIi2pdSsVXoc84\n0Hhpm4v4ioblh4ZC9dv9eB0RwJ2MMboL55kCIBY7nvF0Hc5W/GXMLCef4eDQ/aZn\nuqgqsrcdMOsW0Ugv+iT7AoGAMhVEOuTLsub22VcPp0Xyy5RjEBlJ5LRzKy6HWe2q\nH6ubKQyQ07iGOuYTdQR9FgNTTY8ZjQRa3nC8Eve4/49rypL5gjkVh9NkAECqeZ+I\nkCOUyrS8ruV2a1XGahJA4/Os2myttcrxZ4Sn222lthYtpV3g6UhDgAHggJtV4tuU\ngO0CgYEAqCrkYsBaVBiCFzuTyyXjU2wYz303skO2iizcIViE5PQXeqwy6JHJuFZa\nMtuTaGKSaFHgRNdyQwlcTMlndrv7bIkhr6fif496Dadh5UqeX/60labOjX716EOk\n7JiUCeJdbXPoWLokTggzeLz1mD6AT/ZnvBEzfe8oT9UntkLXT5I=\n-----END RSA PRIVATE KEY-----')]] - # start_rsync(server_list) \ No newline at end of file + fire.Fire(start_rsync) diff --git a/libs/server/sync_to_tagtree.py b/libs/server/sync_to_tagtree.py index b84d14b..50fbcea 100644 --- a/libs/server/sync_to_tagtree.py +++ b/libs/server/sync_to_tagtree.py @@ -6,7 +6,7 @@ # @Role : 将CMDB里面的数据同步到作业配置---标签树下面 -import os + from models.server import Server, model_to_dict from libs.db_context import DBContext from libs.web_logs import ins_log diff --git a/settings.py b/settings.py index 0cc493a..e96a3c0 100644 --- a/settings.py +++ b/settings.py @@ -15,17 +15,17 @@ cookie_secret = '61oETzKXQAGaYdkL5gEmGeJJFuYh7EQnp2X6TP1o/Vo=' #这是写库, -DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '172.16.0.101') #修改 +DEFAULT_DB_DBHOST = os.getenv('DEFAULT_DB_DBHOST', '172.16.0.223') #修改 DEFAULT_DB_DBPORT = os.getenv('DEFAULT_DB_DBPORT', '3306') #修改 DEFAULT_DB_DBUSER = os.getenv('DEFAULT_DB_DBUSER', 'root') #修改 -DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', 'shinezone2015') #修改 +DEFAULT_DB_DBPWD = os.getenv('DEFAULT_DB_DBPWD', 'ljXrcyn7chaBU4F') #修改 DEFAULT_DB_DBNAME = os.getenv('DEFAULT_DB_DBNAME', 'codo_cmdb') #默认 #这是从库,读, 一般情况下是一个数据库即可,需要主从读写分离的,请自行建立好服务 -READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '172.16.0.101') #修改 +READONLY_DB_DBHOST = os.getenv('READONLY_DB_DBHOST', '172.16.0.223') #修改 READONLY_DB_DBPORT = os.getenv('READONLY_DB_DBPORT', '3306') #修改 READONLY_DB_DBUSER = os.getenv('READONLY_DB_DBUSER', 'root') #修改 -READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', 'shinezone2015') #修改 +READONLY_DB_DBPWD = os.getenv('READONLY_DB_DBPWD', 'ljXrcyn7chaBU4F') #修改 READONLY_DB_DBNAME = os.getenv('READONLY_DB_DBNAME', 'codo_cmdb') #默认 #这是Redis配置信息,默认情况下和codo-admin里面的配置一致 diff --git a/test/res_get_test.py b/test/res_get_test.py deleted file mode 100644 index 9ff897e..0000000 --- a/test/res_get_test.py +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- -# @Time : 2019/5/10 17:35 -# @Author : Fred Yangxiaofei -# @File : res_get_test.py.py -# @Role : 说明脚本功能 - - -import requests - - -res = requests.get('http://www.qq.com/') -print(res.url) -print(res.status_code) \ No newline at end of file