v2.2

Keepalived edit config
2018-04-28 10:06:48 +06:00 · 2018-04-28 10:06:48 +06:00 · 115cb257ee
parent bc4875e670
commit 115cb257ee
8 changed files with 221 additions and 36 deletions
--- a/cgi-bin/funct.py
+++ b/cgi-bin/funct.py
@ -1,6 +1,6 @@
 # -*- coding: utf-8 -*-"
 import cgi
-import os
+import os, sys
 import paramiko
 import http.cookies
 from paramiko import SSHClient
@ -172,18 +172,20 @@ def links():
 						'<li><a href=/cgi-bin/map.py title="View map" class="map head-submenu">Map</a></li>'				
 				'</li>'
 				'<li><a href=/cgi-bin/edit.py title="Runtime API" class="runtime">Runtime API</a> </li>'
-				'<li><a title="Actions with configs" class="config-show">Configs</a>'					
-						'<li><a href=/cgi-bin/configshow.py title="Show Config" class="config-show head-submenu">Show</a></li> '
-						'<li><a href=/cgi-bin/diff.py title="Compare Configs" class="compare head-submenu">Compare</a></li>')
+				'<li><a title="Actions with Haproxy configs" class="config-show">Haproxy</a>'					
+						'<li><a href=/cgi-bin/configshow.py title="Show Haproxy Config" class="config-show head-submenu">Show config</a></li> '
+						'<li><a href=/cgi-bin/diff.py title="Compare Haproxy Configs" class="compare head-submenu">Compare configs</a></li>')
 	if is_admin(level = 2):
 		print('<li><a href=/cgi-bin/add.py#listner title="Add single listen" class="add head-submenu">Add listen</a></li>'
 						'<li><a href=/cgi-bin/add.py#frontend title="Add single frontend" class="add head-submenu">Add frontend</a></li>'
 						'<li><a href=/cgi-bin/add.py#backend title="Add single backend" class="add head-submenu">Add backend</a></li>'
 						'<li><a href=/cgi-bin/add.py#ssl title="Upload SSL cert" class="cert head-submenu">SSL</a></li>'
-						'<li><a href=/cgi-bin/config.py title="Edit Config" class="edit head-submenu">Edit</a> </li>')
+						'<li><a href=/cgi-bin/config.py title="Edit Haproxy Config" class="edit head-submenu">Edit config</a> </li>')
 	print('</li>')
 	if is_admin():
-		print('<li><a title="Create HA cluster" class="ha">HA</a>')		
+		print('<li><a title="Keepalived" class="ha">Keepalived</a>'
+				'<li><a href=/cgi-bin/ha.py title="Create HA cluster" class="keepalived head-submenu">HA</a>'
+				'<li><a href=/cgi-bin/keepalivedconfig.py title="Edit keepalived config" class="edit head-submenu">Edit config</a></li>')		
 	if is_admin(level = 2):
 		print('<li><a title="Actions with configs" class="version">Versions</a>'			
 				'<li><a href=/cgi-bin/configver.py title="Upload old versions configs" class="upload head-submenu">Upload</a></li>')
@ -203,7 +205,7 @@ def links():
 				'</li>')
 	print('</ul>'
 		  '</nav>'
-		  '<div class="copyright-menu">HAproxy-WI v2.1</div>'
+		  '<div class="copyright-menu">HAproxy-WI v2.2</div>'
 		  '</div>')	

 def show_login_links():
@ -218,7 +220,7 @@ def show_login_links():
 def footer():
 	print('</center></div>'
 			'<center>'
-				'<h3>'
+				'<h3 style="margin-left: 8%">'
 					'<a class="ui-button ui-widget ui-corner-all" href="#top" title="Move up">UP</a>'
 				'</h3><br />'
 			'</center>'
@ -314,12 +316,18 @@ def ssh_connect(serv):
 	except Exception as e:
 		print('<div class="alert alert-danger">{}</div>'.format(e.args))	

-def get_config(serv, cfg):
-	os.chdir(hap_configs_dir)
+def get_config(serv, cfg, **kwargs):
+	if kwargs.get("keepalived"):
+		os.chdir("/var/www/haproxy-wi/cgi-bin/kp_config/")
+		config_path = "/etc/keepalived/keepalived.conf"
+	else:
+		os.chdir(hap_configs_dir)
+		config_path = haproxy_config_path
+		
 	ssh = ssh_connect(serv)
 	try:
 		sftp = ssh.open_sftp()
-		sftp.get(haproxy_config_path, cfg)
+		sftp.get(config_path, cfg)
 		sftp.close()
 		ssh.close()
 	except Exception as e:
@ -370,6 +378,16 @@ def show_config(cfg):
 	print('</div></div>')
 	conf.close

+def install_haproxy(serv):
+	script = "install_haproxy.sh"
+	os.system("cp scripts/%s ." % script)
+	commands = [ "chmod +x "+tmp_config_path+script, tmp_config_path+script ]
+	
+	upload(serv, tmp_config_path, script)	
+	ssh_command(serv, commands)
+	
+	os.system("rm -f %s" % script)
+	
 def upload(serv, path, file, **kwargs):
 	full_path = path + file
 	
@ -396,17 +414,22 @@ def upload_and_restart(serv, cfg, **kwargs):
 	sftp = ssh.open_sftp()
 	sftp.put(cfg, tmp_file)
 	sftp.close()
-	
-	if kwargs.get("just_save") == "save":
-		commands = [ "/sbin/haproxy  -q -c -f " + tmp_file, "mv -f " + tmp_file + " " + haproxy_config_path ]
+	if kwargs.get("keepalived") == 1:
+		print("123")
+		if kwargs.get("just_save") == "save":
+			commands = [ "mv -f " + tmp_file + " /etc/keepalived/keepalived.conf" ]
+		else:
+			commands = [ "mv -f " + tmp_file + " /etc/keepalived/keepalived.conf", "systemctl restart keepalived" ]
 	else:
-		commands = [ "/sbin/haproxy  -q -c -f " + tmp_file, "mv -f " + tmp_file + " " + haproxy_config_path, restart_command ]
-	
-	try:
-		if config.get('haproxy', 'firewall_enable') == "1":
-			commands.extend(open_port_firewalld(cfg))
-	except:
-		print('<div class="alert alert-warning">Please check the config for the presence of the parameter - "firewall_enable". Mast be: "0" or "1". Firewalld configure not working now </div>')
+		if kwargs.get("just_save") == "save":
+			commands = [ "/sbin/haproxy  -q -c -f " + tmp_file, "mv -f " + tmp_file + " " + haproxy_config_path ]
+		else:
+			commands = [ "/sbin/haproxy  -q -c -f " + tmp_file, "mv -f " + tmp_file + " " + haproxy_config_path, restart_command ]	
+		try:
+			if config.get('haproxy', 'firewall_enable') == "1":
+				commands.extend(open_port_firewalld(cfg))
+		except:
+			print('<div class="alert alert-warning">Please check the config for the presence of the parameter - "firewall_enable". Mast be: "0" or "1". Firewalld configure not working now </div>')
 			
 	i = 0
 	for command in commands:
--- a/cgi-bin/haproxy-webintarface.config
+++ b/cgi-bin/haproxy-webintarface.config
@ -40,7 +40,7 @@ syslog_server =
 #Send log message to telegram channel
 #Default bot send message disable
 enable = 0
-token = 
+token =
 channel_name =
 proxy = 

@ -61,4 +61,4 @@ haproxy_sock = /var/run/haproxy.sock
 tmp_config_path = /tmp/
 cert_path = /etc/ssl/certs/
 #If enable this option Haproxy-wi will be configure firewalld based on config port
-firewall_enable = 1
+firewall_enable = 1
--- a/cgi-bin/keepalivedconfig.py
+++ b/cgi-bin/keepalivedconfig.py
@ -0,0 +1,99 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-"
+import html
+import cgi
+import os
+import http.cookies
+from configparser import ConfigParser, ExtendedInterpolation
+import funct
+import sql
+import codecs
+
+form = cgi.FieldStorage()
+serv = form.getvalue('serv')
+servNew = form.getvalue('serNew')
+
+funct.head("Edit Running Keepalived config")
+funct.check_config()
+funct.check_login()
+funct.page_for_admin(level = 1)
+
+path_config = "haproxy-webintarface.config"
+config = ConfigParser(interpolation=ExtendedInterpolation())
+config.read(path_config)
+
+log_path = config.get('main', 'log_path')
+hap_configs_dir = config.get('configs', 'haproxy_save_configs_dir')
+
+print('<h2>Edit Running Keepalived config</h2>'
+		'<center>'
+			'<h3>Choose server</h3>'
+			'<form action="keepalivedconfig.py" method="get">'
+				'<select name="serv">')
+				
+SERVERS = sql.is_master("123", master_slave=1)
+for server in SERVERS:
+	if serv == server[1]:
+		selected = "selected"
+	else:
+		selected = ""
+	print('<option value="%s" %s>%s</option>' % (server[1],selected, server[0]))
+	if serv == server[3]:
+		selected = "selected"
+	else:
+		selected = ""
+	print('<option value="%s" %s>%s</option>' % (server[3], selected, server[2]))
+	
+print('</select>')
+funct.get_button("Open", value="open")
+print('</form>')
+
+if serv is not None:
+	cfg = '/var/www/haproxy-wi/cgi-bin/kp_config/'+ serv + '-' + funct.get_data('config') + '.conf'
+
+if form.getvalue('serv') is not None and form.getvalue('open') is not None :
+	
+	funct.logging(serv, "keepalivedconfig.py open config")
+	funct.get_config(serv, cfg, keepalived=1)
+	
+	try:
+		conf = open(cfg, "r",encoding='utf-8', errors='ignore')
+	except IOError:
+		print('<div class="alert alert-danger">Can\'t read import config file</div>')
+
+	print("<center><h3>Config from %s</h3>" % serv)
+	print('<form action="" method="get">')
+	print('<input type="hidden" value="%s" name="serv">' % serv)
+	print('<input type="hidden" value="%s.old" name="oldconfig">' % cfg)
+	print('<textarea name="config" class="config" rows="35" cols="100">%s</textarea>' % conf.read())
+	print('<p>')
+	funct.get_button("Just save", value="save")
+	funct.get_button("Save and restart")
+	print('</p></form>')
+	conf.close
+
+	os.system("/bin/mv %s %s.old" % (cfg, cfg))	
+
+if form.getvalue('serv') is not None and form.getvalue('config') is not None:
+	funct.logging(serv, "keepalivedconfig.py edited config")
+	config = form.getvalue('config')
+	oldcfg = form.getvalue('oldconfig')
+	save = form.getvalue('save')
+
+	try:
+		with open(cfg, "a") as conf:
+			conf.write(config)
+	except IOError:
+		print("Can't read import config file")
+
+	print('<center><br><div class="alert alert-info">New config was saved as: %s </div></center>' % cfg)
+			
+	funct.upload_and_restart(serv, cfg, just_save=save, keepalived=1)
+	
+	
+	os.system("/bin/diff -ub %s %s >> %s/config_edit-%s.log" % (oldcfg, cfg, log_path, funct.get_data('logs')))
+	os.system("/bin/rm -f kp_config/*.old")
+
+	print('</br><a href="viewsttats.py?serv=%s" target="_blank" title="View stats">Go to view stats</a> <br />' % serv)
+	
+funct.footer()
--- a/cgi-bin/options.py
+++ b/cgi-bin/options.py
@ -232,16 +232,19 @@ if form.getvalue('master'):
 	tmp_config_path = config.get('haproxy', 'tmp_config_path')
 	script = "install_keepalived.sh"
 	
+	if hap == "1":
+		funct.install_haproxy(master)
+		funct.install_haproxy(slave)
+	
 	os.system("cp scripts/%s ." % script)
-	
-	
+		
 	funct.upload(master, tmp_config_path, script)
 	funct.upload(slave, tmp_config_path, script)
 	
-	commands = [ "chmod +x "+tmp_config_path+script, tmp_config_path+script+" MASTER "+interface+" "+vrrpip+" "+hap ]
+	commands = [ "chmod +x "+tmp_config_path+script, tmp_config_path+script+" MASTER "+interface+" "+vrrpip ]
 	funct.ssh_command(master, commands)
 	
-	commands = [ "chmod +x "+tmp_config_path+script, tmp_config_path+script+" BACKUP "+interface+" "+vrrpip+" "+hap ]
+	commands = [ "chmod +x "+tmp_config_path+script, tmp_config_path+script+" BACKUP "+interface+" "+vrrpip ]
 	funct.ssh_command(slave, commands)
 			
 	os.system("rm -f %s" % script)
--- a/cgi-bin/scripts/install_haproxy.sh
+++ b/cgi-bin/scripts/install_haproxy.sh
@ -0,0 +1,59 @@
+#!/bin/bash
+yum install haproxy -y > /dev/null
+
+echo "" > /etc/haproxy/haproxy.cfg
+cat << EOF > /etc/haproxy/haproxy.cfg
+global
+    log         127.0.0.1 local2
+    chroot      /var/lib/haproxy
+    pidfile     /var/run/haproxy.pid
+    maxconn     4000
+    user        haproxy
+    group       haproxy
+    daemon
+    stats socket /var/lib/haproxy/stats
+    stats socket *:1999 level admin
+
+defaults
+    mode                    http
+    log                     global
+    option                  httplog
+    option                  dontlognull
+    option http-server-close
+    option forwardfor       except 127.0.0.0/8
+    option                  redispatch
+    retries                 3
+    timeout http-request    10s
+    timeout queue           1m
+    timeout connect         10s
+    timeout client          1m
+    timeout server          1m
+    timeout http-keep-alive 10s
+    timeout check           10s
+    maxconn                 3000
+
+listen stats *:8085 
+        stats enable
+        stats uri /stats
+        stats realm HAProxy-04\ Statistics
+        stats auth admin:password
+EOF
+cat << EOF > /etc/rsyslog.d/haproxy.conf
+local2.*                       /var/log/haproxy.log
+EOF
+
+sed -i "s/#$ModLoad imudp/$ModLoad imudp/g" /etc/rsyslog.conf 
+sed -i "s/#$UDPServerRun/$UDPServerRun /g" /etc/rsyslog.conf 
+
+firewall-cmd --zone=public --add-port=8085/tcp --permanent
+firewall-cmd --reload
+setenforce 0
+sed -i 's/SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config 
+systemctl enable haproxy
+systemctl restart haproxy
+
+if [ $? -eq 1 ]
+then
+        echo "Can't start Haproxy service"
+        exit 1
+fi
--- a/cgi-bin/scripts/install_keepalived.sh
+++ b/cgi-bin/scripts/install_keepalived.sh
@ -1,12 +1,6 @@
 #!/bin/bash
 CONF=/etc/keepalived/keepalived.conf

-if [[ $4 == 1 ]];then
-        yum install haproxy -y > /dev/null
-		systemctl enable haproxy
-		systemctl restart haproxy
-fi
-
 yum install keepalived -y > /dev/null
 if [ $? -eq 1 ]
 then
--- a/inc/awesome.css
+++ b/inc/awesome.css
@ -71,6 +71,11 @@
 	font-family: "Font Awesome 5 Solid";
 	content: "\f0c2";
 }
+.keepalived::before {
+	display: none;
+	font-family: "Font Awesome 5 Solid";
+	content: "\f126";
+}
 .version::before {
 	display: none;
 	font-family: "Font Awesome 5 Solid";
--- a/install.sh
+++ b/install.sh
@ -42,7 +42,11 @@ if [[ $MINSTALL == 1 ]];then
   yum -y install mariadb mariadb-server mysql-devel
 fi

-yum -y install epel-release && yum -y install git ncat net-tools lshw python34 python34-pip  httpd mod_ssl gcc python34-devel 
+if [[ $(cat /etc/*-rele* |grep NAME |head -1) == 'NAME="Red Hat Enterprise Linux Server"' ]];then
+        yum -y install epel-release
+fi
+
+yum -y install git ncat net-tools lshw python34 python34-pip  httpd mod_ssl gcc python34-devel 

 if [ $? -eq 1 ]
 then
@ -245,8 +249,6 @@ echo ""
 echo "################################"

          systemctl enable httpd ; systemctl restart httpd
-          systemctl enable haproxy ; systemctl start haproxy
-

 if [ $? -eq 1 ]
 then