2017-03-15 16:19:47 +00:00
|
|
|
# ~*~ coding: utf-8 ~*~
|
|
|
|
|
import json
|
2017-12-29 18:29:29 +00:00
|
|
|
import re
|
2018-03-12 02:20:23 +00:00
|
|
|
import os
|
2017-03-15 16:19:47 +00:00
|
|
|
|
2019-06-13 10:58:43 +00:00
|
|
|
from collections import defaultdict
|
2017-12-10 16:29:25 +00:00
|
|
|
from celery import shared_task
|
2017-12-29 15:53:45 +00:00
|
|
|
from django.utils.translation import ugettext as _
|
2018-12-25 05:33:37 +00:00
|
|
|
from django.core.cache import cache
|
2017-04-05 11:09:51 +00:00
|
|
|
|
2019-01-15 02:23:30 +00:00
|
|
|
from common.utils import (
|
|
|
|
|
capacity_convert, sum_capacity, encrypt_password, get_logger
|
|
|
|
|
)
|
|
|
|
|
from ops.celery.decorator import (
|
|
|
|
|
register_as_period_task, after_app_shutdown_clean_periodic
|
|
|
|
|
)
|
2017-12-24 10:53:07 +00:00
|
|
|
|
2018-03-21 10:13:16 +00:00
|
|
|
from .models import SystemUser, AdminUser, Asset
|
2017-12-15 07:50:15 +00:00
|
|
|
from . import const
|
2017-03-15 16:19:47 +00:00
|
|
|
|
|
|
|
|
|
2017-12-10 16:29:25 +00:00
|
|
|
FORKS = 10
|
|
|
|
|
TIMEOUT = 60
|
|
|
|
|
logger = get_logger(__file__)
|
2018-12-10 02:11:54 +00:00
|
|
|
CACHE_MAX_TIME = 60*60*2
|
2018-01-26 08:06:23 +00:00
|
|
|
disk_pattern = re.compile(r'^hd|sd|xvd|vd')
|
2019-02-20 02:40:43 +00:00
|
|
|
PERIOD_TASK = os.environ.get("PERIOD_TASK", "on")
|
2017-12-10 16:29:25 +00:00
|
|
|
|
|
|
|
|
|
2019-03-18 02:15:33 +00:00
|
|
|
def check_asset_can_run_ansible(asset):
|
|
|
|
|
if not asset.is_active:
|
|
|
|
|
msg = _("Asset has been disabled, skipped: {}").format(asset)
|
|
|
|
|
logger.info(msg)
|
|
|
|
|
return False
|
2019-06-13 10:58:43 +00:00
|
|
|
if not asset.is_support_ansible():
|
2019-03-18 02:15:33 +00:00
|
|
|
msg = _("Asset may not be support ansible, skipped: {}").format(asset)
|
|
|
|
|
logger.info(msg)
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
2018-12-18 09:28:45 +00:00
|
|
|
def clean_hosts(assets):
|
|
|
|
|
clean_assets = []
|
|
|
|
|
for asset in assets:
|
2019-03-18 02:15:33 +00:00
|
|
|
if not check_asset_can_run_ansible(asset):
|
2018-12-18 09:28:45 +00:00
|
|
|
continue
|
|
|
|
|
clean_assets.append(asset)
|
|
|
|
|
if not clean_assets:
|
2019-06-13 10:58:43 +00:00
|
|
|
logger.info(_("No assets matched, stop task"))
|
2018-12-18 09:28:45 +00:00
|
|
|
return clean_assets
|
|
|
|
|
|
|
|
|
|
|
2019-06-13 10:58:43 +00:00
|
|
|
def clean_hosts_by_protocol(system_user, assets):
|
|
|
|
|
hosts = [
|
|
|
|
|
asset for asset in assets
|
|
|
|
|
if asset.has_protocol(system_user.protocol)
|
|
|
|
|
]
|
|
|
|
|
if not hosts:
|
|
|
|
|
msg = _("No assets matched related system user protocol, stop task")
|
|
|
|
|
logger.info(msg)
|
|
|
|
|
return hosts
|
|
|
|
|
|
|
|
|
|
|
2017-12-24 10:53:07 +00:00
|
|
|
@shared_task
|
2018-12-10 02:11:54 +00:00
|
|
|
def set_assets_hardware_info(assets, result, **kwargs):
|
2017-12-24 10:53:07 +00:00
|
|
|
"""
|
2018-01-08 11:16:28 +00:00
|
|
|
Using ops task run result, to update asset info
|
2017-12-24 10:53:07 +00:00
|
|
|
|
|
|
|
|
@shared_task must be exit, because we using it as a task callback, is must
|
|
|
|
|
be a celery task also
|
2018-12-10 02:11:54 +00:00
|
|
|
:param assets:
|
2017-12-24 10:53:07 +00:00
|
|
|
:param result:
|
|
|
|
|
:param kwargs: {task_name: ""}
|
|
|
|
|
:return:
|
|
|
|
|
"""
|
|
|
|
|
result_raw = result[0]
|
2017-12-15 07:50:15 +00:00
|
|
|
assets_updated = []
|
2018-12-10 02:11:54 +00:00
|
|
|
success_result = result_raw.get('ok', {})
|
|
|
|
|
|
|
|
|
|
for asset in assets:
|
|
|
|
|
hostname = asset.hostname
|
|
|
|
|
info = success_result.get(hostname, {})
|
2018-01-30 02:38:40 +00:00
|
|
|
info = info.get('setup', {}).get('ansible_facts', {})
|
|
|
|
|
if not info:
|
2018-12-10 02:11:54 +00:00
|
|
|
logger.error(_("Get asset info failed: {}").format(hostname))
|
2017-03-15 16:19:47 +00:00
|
|
|
continue
|
2018-01-30 02:38:40 +00:00
|
|
|
___vendor = info.get('ansible_system_vendor', 'Unknown')
|
2018-02-09 07:24:44 +00:00
|
|
|
___model = info.get('ansible_product_name', 'Unknown')
|
2018-01-30 02:38:40 +00:00
|
|
|
___sn = info.get('ansible_product_serial', 'Unknown')
|
2017-03-15 16:19:47 +00:00
|
|
|
|
2018-01-30 02:38:40 +00:00
|
|
|
for ___cpu_model in info.get('ansible_processor', []):
|
2018-01-26 08:21:14 +00:00
|
|
|
if ___cpu_model.endswith('GHz') or ___cpu_model.startswith("Intel"):
|
2017-03-15 16:19:47 +00:00
|
|
|
break
|
|
|
|
|
else:
|
|
|
|
|
___cpu_model = 'Unknown'
|
2018-01-26 09:17:37 +00:00
|
|
|
___cpu_model = ___cpu_model[:64]
|
2018-01-30 04:09:33 +00:00
|
|
|
___cpu_count = info.get('ansible_processor_count', 0)
|
2018-12-18 09:28:45 +00:00
|
|
|
___cpu_cores = info.get('ansible_processor_cores', None) or \
|
|
|
|
|
len(info.get('ansible_processor', []))
|
2018-08-15 04:00:47 +00:00
|
|
|
___cpu_vcpus = info.get('ansible_processor_vcpus', 0)
|
2018-12-18 09:28:45 +00:00
|
|
|
___memory = '%s %s' % capacity_convert(
|
|
|
|
|
'{} MB'.format(info.get('ansible_memtotal_mb'))
|
|
|
|
|
)
|
2017-03-15 16:19:47 +00:00
|
|
|
disk_info = {}
|
2018-01-30 02:38:40 +00:00
|
|
|
for dev, dev_info in info.get('ansible_devices', {}).items():
|
2017-12-29 18:29:29 +00:00
|
|
|
if disk_pattern.match(dev) and dev_info['removable'] == '0':
|
2017-03-15 16:19:47 +00:00
|
|
|
disk_info[dev] = dev_info['size']
|
|
|
|
|
___disk_total = '%s %s' % sum_capacity(disk_info.values())
|
|
|
|
|
___disk_info = json.dumps(disk_info)
|
|
|
|
|
|
2019-06-13 10:58:43 +00:00
|
|
|
# ___platform = info.get('ansible_system', 'Unknown')
|
2018-01-30 02:38:40 +00:00
|
|
|
___os = info.get('ansible_distribution', 'Unknown')
|
|
|
|
|
___os_version = info.get('ansible_distribution_version', 'Unknown')
|
|
|
|
|
___os_arch = info.get('ansible_architecture', 'Unknown')
|
|
|
|
|
___hostname_raw = info.get('ansible_hostname', 'Unknown')
|
2017-03-15 16:19:47 +00:00
|
|
|
|
|
|
|
|
for k, v in locals().items():
|
|
|
|
|
if k.startswith('___'):
|
|
|
|
|
setattr(asset, k.strip('_'), v)
|
|
|
|
|
asset.save()
|
2017-12-15 07:50:15 +00:00
|
|
|
assets_updated.append(asset)
|
|
|
|
|
return assets_updated
|
2017-12-12 04:19:45 +00:00
|
|
|
|
|
|
|
|
|
2017-12-15 07:50:15 +00:00
|
|
|
@shared_task
|
2017-12-29 15:53:45 +00:00
|
|
|
def update_assets_hardware_info_util(assets, task_name=None):
|
2017-12-15 07:50:15 +00:00
|
|
|
"""
|
|
|
|
|
Using ansible api to update asset hardware info
|
|
|
|
|
:param assets: asset seq
|
|
|
|
|
:param task_name: task_name running
|
|
|
|
|
:return: result summary ['contacted': {}, 'dark': {}]
|
|
|
|
|
"""
|
2017-12-24 10:53:07 +00:00
|
|
|
from ops.utils import update_or_create_ansible_task
|
2017-12-29 15:53:45 +00:00
|
|
|
if task_name is None:
|
2018-09-03 03:24:25 +00:00
|
|
|
task_name = _("Update some assets hardware info")
|
2017-12-15 07:50:15 +00:00
|
|
|
tasks = const.UPDATE_ASSETS_HARDWARE_TASKS
|
2018-12-18 09:28:45 +00:00
|
|
|
hosts = clean_hosts(assets)
|
2018-12-10 02:11:54 +00:00
|
|
|
if not hosts:
|
2018-04-12 10:50:43 +00:00
|
|
|
return {}
|
2018-12-10 02:11:54 +00:00
|
|
|
created_by = str(assets[0].org_id)
|
2017-12-29 15:53:45 +00:00
|
|
|
task, created = update_or_create_ansible_task(
|
2018-12-10 02:11:54 +00:00
|
|
|
task_name, hosts=hosts, tasks=tasks, created_by=created_by,
|
|
|
|
|
pattern='all', options=const.TASK_OPTIONS, run_as_admin=True,
|
2017-12-15 07:50:15 +00:00
|
|
|
)
|
|
|
|
|
result = task.run()
|
2018-12-10 02:11:54 +00:00
|
|
|
set_assets_hardware_info(assets, result)
|
2017-12-24 10:53:07 +00:00
|
|
|
return result
|
2017-03-15 16:19:47 +00:00
|
|
|
|
|
|
|
|
|
2017-04-04 13:47:58 +00:00
|
|
|
@shared_task
|
2017-12-29 15:53:45 +00:00
|
|
|
def update_asset_hardware_info_manual(asset):
|
2018-12-10 02:11:54 +00:00
|
|
|
task_name = _("Update asset hardware info: {}").format(asset.hostname)
|
2019-01-15 02:23:30 +00:00
|
|
|
update_assets_hardware_info_util(
|
2018-12-10 02:11:54 +00:00
|
|
|
[asset], task_name=task_name
|
|
|
|
|
)
|
2017-12-24 10:53:07 +00:00
|
|
|
|
|
|
|
|
|
2018-12-10 02:11:54 +00:00
|
|
|
@shared_task
|
2017-12-24 10:53:07 +00:00
|
|
|
def update_assets_hardware_info_period():
|
2017-12-10 16:29:25 +00:00
|
|
|
"""
|
|
|
|
|
Update asset hardware period task
|
|
|
|
|
:return:
|
|
|
|
|
"""
|
2018-03-12 02:20:23 +00:00
|
|
|
if PERIOD_TASK != "on":
|
|
|
|
|
logger.debug("Period task disabled, update assets hardware info pass")
|
|
|
|
|
return
|
|
|
|
|
|
2017-12-24 10:53:07 +00:00
|
|
|
|
|
|
|
|
## ADMIN USER CONNECTIVE ##
|
|
|
|
|
|
|
|
|
|
|
2018-12-18 09:28:45 +00:00
|
|
|
@shared_task
|
|
|
|
|
def test_asset_connectivity_util(assets, task_name=None):
|
|
|
|
|
from ops.utils import update_or_create_ansible_task
|
|
|
|
|
|
|
|
|
|
if task_name is None:
|
|
|
|
|
task_name = _("Test assets connectivity")
|
2019-06-13 10:58:43 +00:00
|
|
|
|
2018-12-18 09:28:45 +00:00
|
|
|
hosts = clean_hosts(assets)
|
|
|
|
|
if not hosts:
|
|
|
|
|
return {}
|
2019-06-13 10:58:43 +00:00
|
|
|
|
|
|
|
|
hosts_category = {
|
|
|
|
|
'linux': {
|
|
|
|
|
'hosts': [],
|
|
|
|
|
'tasks': const.TEST_ADMIN_USER_CONN_TASKS
|
|
|
|
|
},
|
|
|
|
|
'windows': {
|
|
|
|
|
'hosts': [],
|
|
|
|
|
'tasks': const.TEST_WINDOWS_ADMIN_USER_CONN_TASKS
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
for host in hosts:
|
|
|
|
|
hosts_list = hosts_category['windows']['hosts'] if host.is_windows() \
|
|
|
|
|
else hosts_category['linux']['hosts']
|
|
|
|
|
hosts_list.append(host)
|
|
|
|
|
|
|
|
|
|
results_summary = dict(
|
|
|
|
|
contacted=defaultdict(dict), dark=defaultdict(dict), success=True
|
2018-12-18 09:28:45 +00:00
|
|
|
)
|
2019-06-13 10:58:43 +00:00
|
|
|
created_by = assets[0].org_id
|
2019-06-19 11:29:12 +00:00
|
|
|
for k, value in hosts_category.items():
|
2019-06-13 10:58:43 +00:00
|
|
|
if not value['hosts']:
|
|
|
|
|
continue
|
|
|
|
|
task, created = update_or_create_ansible_task(
|
|
|
|
|
task_name=task_name, hosts=value['hosts'], tasks=value['tasks'],
|
|
|
|
|
pattern='all', options=const.TASK_OPTIONS, run_as_admin=True,
|
|
|
|
|
created_by=created_by,
|
|
|
|
|
)
|
|
|
|
|
result = task.run()
|
|
|
|
|
summary = result[1]
|
2019-06-21 03:19:53 +00:00
|
|
|
success = summary.get('success', False)
|
|
|
|
|
contacted = summary.get('contacted', {})
|
|
|
|
|
dark = summary.get('dark', {})
|
|
|
|
|
|
|
|
|
|
results_summary['success'] &= success
|
|
|
|
|
results_summary['contacted'].update(contacted)
|
|
|
|
|
results_summary['dark'].update(dark)
|
2019-06-13 10:58:43 +00:00
|
|
|
|
2018-12-18 09:28:45 +00:00
|
|
|
for asset in assets:
|
2019-06-13 10:58:43 +00:00
|
|
|
if asset.hostname in results_summary.get('dark', {}):
|
2018-12-18 09:28:45 +00:00
|
|
|
asset.connectivity = asset.UNREACHABLE
|
2019-06-13 10:58:43 +00:00
|
|
|
elif asset.hostname in results_summary.get('contacted', []):
|
2018-12-18 09:28:45 +00:00
|
|
|
asset.connectivity = asset.REACHABLE
|
|
|
|
|
else:
|
|
|
|
|
asset.connectivity = asset.UNKNOWN
|
2019-06-13 10:58:43 +00:00
|
|
|
|
|
|
|
|
return results_summary
|
2018-12-18 09:28:45 +00:00
|
|
|
|
2017-12-24 10:53:07 +00:00
|
|
|
|
2018-12-18 09:28:45 +00:00
|
|
|
@shared_task
|
|
|
|
|
def test_asset_connectivity_manual(asset):
|
|
|
|
|
task_name = _("Test assets connectivity: {}").format(asset)
|
|
|
|
|
summary = test_asset_connectivity_util([asset], task_name=task_name)
|
2017-12-24 10:53:07 +00:00
|
|
|
|
2018-12-18 09:28:45 +00:00
|
|
|
if summary.get('dark'):
|
|
|
|
|
return False, summary['dark']
|
|
|
|
|
else:
|
|
|
|
|
return True, ""
|
2017-04-05 11:09:51 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@shared_task
|
2018-12-18 09:28:45 +00:00
|
|
|
def test_admin_user_connectivity_util(admin_user, task_name):
|
2017-12-10 16:29:25 +00:00
|
|
|
"""
|
|
|
|
|
Test asset admin user can connect or not. Using ansible api do that
|
|
|
|
|
:param admin_user:
|
2017-12-24 10:53:07 +00:00
|
|
|
:param task_name:
|
2017-12-10 16:29:25 +00:00
|
|
|
:return:
|
|
|
|
|
"""
|
2017-12-12 04:19:45 +00:00
|
|
|
assets = admin_user.get_related_assets()
|
2018-12-18 09:28:45 +00:00
|
|
|
hosts = clean_hosts(assets)
|
2018-02-25 10:08:00 +00:00
|
|
|
if not hosts:
|
2018-12-10 02:11:54 +00:00
|
|
|
return {}
|
2018-12-18 09:28:45 +00:00
|
|
|
summary = test_asset_connectivity_util(hosts, task_name)
|
|
|
|
|
return summary
|
2017-12-15 07:50:15 +00:00
|
|
|
|
2017-12-10 16:29:25 +00:00
|
|
|
|
2018-12-10 02:11:54 +00:00
|
|
|
@shared_task
|
2017-12-24 10:53:07 +00:00
|
|
|
@register_as_period_task(interval=3600)
|
2018-12-18 09:28:45 +00:00
|
|
|
def test_admin_user_connectivity_period():
|
2017-12-24 10:53:07 +00:00
|
|
|
"""
|
|
|
|
|
A period task that update the ansible task period
|
|
|
|
|
"""
|
2019-02-20 02:40:43 +00:00
|
|
|
if PERIOD_TASK != "on":
|
|
|
|
|
logger.debug('Period task off, skip')
|
|
|
|
|
return
|
2018-12-25 05:33:37 +00:00
|
|
|
key = '_JMS_TEST_ADMIN_USER_CONNECTIVITY_PERIOD'
|
|
|
|
|
prev_execute_time = cache.get(key)
|
|
|
|
|
if prev_execute_time:
|
|
|
|
|
logger.debug("Test admin user connectivity, less than 40 minutes, skip")
|
|
|
|
|
return
|
|
|
|
|
cache.set(key, 1, 60*40)
|
2017-12-15 07:50:15 +00:00
|
|
|
admin_users = AdminUser.objects.all()
|
|
|
|
|
for admin_user in admin_users:
|
2018-12-18 09:28:45 +00:00
|
|
|
task_name = _("Test admin user connectivity period: {}").format(admin_user.name)
|
|
|
|
|
test_admin_user_connectivity_util(admin_user, task_name)
|
2019-01-15 02:23:30 +00:00
|
|
|
cache.set(key, 1, 60*40)
|
2017-12-10 16:29:25 +00:00
|
|
|
|
|
|
|
|
|
2017-12-12 04:19:45 +00:00
|
|
|
@shared_task
|
2018-12-18 09:28:45 +00:00
|
|
|
def test_admin_user_connectivity_manual(admin_user):
|
|
|
|
|
task_name = _("Test admin user connectivity: {}").format(admin_user.name)
|
2019-01-15 11:01:33 +00:00
|
|
|
test_admin_user_connectivity_util(admin_user, task_name)
|
|
|
|
|
return True
|
2017-12-24 10:53:07 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
## System user connective ##
|
|
|
|
|
|
2017-12-10 16:29:25 +00:00
|
|
|
@shared_task
|
2019-06-13 10:58:43 +00:00
|
|
|
def set_system_user_connectivity_info(system_user, summary):
|
2018-12-18 09:28:45 +00:00
|
|
|
system_user.connectivity = summary
|
2017-12-24 10:53:07 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@shared_task
|
2018-12-18 09:28:45 +00:00
|
|
|
def test_system_user_connectivity_util(system_user, assets, task_name):
|
2017-12-10 16:29:25 +00:00
|
|
|
"""
|
|
|
|
|
Test system cant connect his assets or not.
|
|
|
|
|
:param system_user:
|
2018-09-03 03:24:25 +00:00
|
|
|
:param assets:
|
2017-12-24 10:53:07 +00:00
|
|
|
:param task_name:
|
2017-12-10 16:29:25 +00:00
|
|
|
:return:
|
|
|
|
|
"""
|
2018-02-25 10:08:00 +00:00
|
|
|
from ops.utils import update_or_create_ansible_task
|
2019-06-13 10:58:43 +00:00
|
|
|
|
2018-12-18 09:28:45 +00:00
|
|
|
hosts = clean_hosts(assets)
|
2018-02-25 10:08:00 +00:00
|
|
|
if not hosts:
|
|
|
|
|
return {}
|
2019-06-13 10:58:43 +00:00
|
|
|
|
|
|
|
|
hosts = clean_hosts_by_protocol(system_user, hosts)
|
|
|
|
|
if not hosts:
|
|
|
|
|
return {}
|
|
|
|
|
|
|
|
|
|
hosts_category = {
|
|
|
|
|
'linux': {
|
|
|
|
|
'hosts': [],
|
|
|
|
|
'tasks': const.TEST_SYSTEM_USER_CONN_TASKS
|
|
|
|
|
},
|
|
|
|
|
'windows': {
|
|
|
|
|
'hosts': [],
|
|
|
|
|
'tasks': const.TEST_WINDOWS_SYSTEM_USER_CONN_TASKS
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
for host in hosts:
|
|
|
|
|
hosts_list = hosts_category['windows']['hosts'] if host.is_windows() \
|
|
|
|
|
else hosts_category['linux']['hosts']
|
|
|
|
|
hosts_list.append(host)
|
|
|
|
|
|
|
|
|
|
results_summary = dict(
|
|
|
|
|
contacted=defaultdict(dict), dark=defaultdict(dict), success=True
|
2018-02-25 10:08:00 +00:00
|
|
|
)
|
2019-06-19 11:29:12 +00:00
|
|
|
for k, value in hosts_category.items():
|
2019-06-13 10:58:43 +00:00
|
|
|
if not value['hosts']:
|
|
|
|
|
continue
|
|
|
|
|
task, created = update_or_create_ansible_task(
|
|
|
|
|
task_name=task_name, hosts=value['hosts'], tasks=value['tasks'],
|
|
|
|
|
pattern='all', options=const.TASK_OPTIONS,
|
2019-06-21 03:19:53 +00:00
|
|
|
run_as=system_user.username, created_by=system_user.org_id,
|
2019-06-13 10:58:43 +00:00
|
|
|
)
|
|
|
|
|
result = task.run()
|
|
|
|
|
summary = result[1]
|
2019-06-21 03:19:53 +00:00
|
|
|
success = summary.get('success', False)
|
|
|
|
|
contacted = summary.get('contacted', {})
|
|
|
|
|
dark = summary.get('dark', {})
|
|
|
|
|
|
|
|
|
|
results_summary['success'] &= success
|
|
|
|
|
results_summary['contacted'].update(contacted)
|
|
|
|
|
results_summary['dark'].update(dark)
|
2019-06-13 10:58:43 +00:00
|
|
|
|
|
|
|
|
set_system_user_connectivity_info(system_user, results_summary)
|
|
|
|
|
return results_summary
|
2017-12-24 10:53:07 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@shared_task
|
2018-12-18 09:28:45 +00:00
|
|
|
def test_system_user_connectivity_manual(system_user):
|
|
|
|
|
task_name = _("Test system user connectivity: {}").format(system_user)
|
|
|
|
|
assets = system_user.get_related_assets()
|
|
|
|
|
return test_system_user_connectivity_util(system_user, assets, task_name)
|
2018-09-03 03:24:25 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@shared_task
|
2018-12-18 09:28:45 +00:00
|
|
|
def test_system_user_connectivity_a_asset(system_user, asset):
|
|
|
|
|
task_name = _("Test system user connectivity: {} => {}").format(
|
2018-09-03 03:24:25 +00:00
|
|
|
system_user, asset
|
|
|
|
|
)
|
2018-12-18 09:28:45 +00:00
|
|
|
return test_system_user_connectivity_util(system_user, [asset], task_name)
|
2017-12-10 16:29:25 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@shared_task
|
2018-12-18 09:28:45 +00:00
|
|
|
def test_system_user_connectivity_period():
|
2018-03-12 02:20:23 +00:00
|
|
|
if PERIOD_TASK != "on":
|
2018-12-18 09:28:45 +00:00
|
|
|
logger.debug("Period task disabled, test system user connectivity pass")
|
2018-03-12 02:20:23 +00:00
|
|
|
return
|
2018-12-18 09:28:45 +00:00
|
|
|
system_users = SystemUser.objects.all()
|
|
|
|
|
for system_user in system_users:
|
|
|
|
|
task_name = _("Test system user connectivity period: {}").format(system_user)
|
|
|
|
|
assets = system_user.get_related_assets()
|
|
|
|
|
test_system_user_connectivity_util(system_user, assets, task_name)
|
2017-12-13 09:21:08 +00:00
|
|
|
|
2017-12-10 16:29:25 +00:00
|
|
|
|
2017-12-24 10:53:07 +00:00
|
|
|
#### Push system user tasks ####
|
2017-12-10 16:29:25 +00:00
|
|
|
|
2019-06-13 10:58:43 +00:00
|
|
|
def get_push_linux_system_user_tasks(system_user):
|
2018-02-02 11:04:09 +00:00
|
|
|
tasks = []
|
|
|
|
|
if system_user.password:
|
|
|
|
|
tasks.append({
|
2017-12-15 07:50:15 +00:00
|
|
|
'name': 'Add user {}'.format(system_user.username),
|
2017-12-10 16:29:25 +00:00
|
|
|
'action': {
|
|
|
|
|
'module': 'user',
|
|
|
|
|
'args': 'name={} shell={} state=present password={}'.format(
|
|
|
|
|
system_user.username, system_user.shell,
|
2018-01-08 11:16:28 +00:00
|
|
|
encrypt_password(system_user.password, salt="K3mIlKK"),
|
2017-12-10 16:29:25 +00:00
|
|
|
),
|
|
|
|
|
}
|
2018-02-02 11:04:09 +00:00
|
|
|
})
|
2018-12-18 09:28:45 +00:00
|
|
|
tasks.extend([
|
|
|
|
|
{
|
2019-06-13 10:58:43 +00:00
|
|
|
'name': 'Check home dir exists',
|
|
|
|
|
'action': {
|
|
|
|
|
'module': 'stat',
|
|
|
|
|
'args': 'path=/home/{}'.format(system_user.username)
|
|
|
|
|
},
|
|
|
|
|
'register': 'home_existed'
|
2018-12-18 09:28:45 +00:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
'name': "Set home dir permission",
|
|
|
|
|
'action': {
|
|
|
|
|
'module': 'file',
|
|
|
|
|
'args': "path=/home/{0} owner={0} group={0} mode=700".format(system_user.username)
|
|
|
|
|
},
|
|
|
|
|
'when': 'home_existed.stat.exists == true'
|
|
|
|
|
}
|
|
|
|
|
])
|
2018-02-02 11:04:09 +00:00
|
|
|
if system_user.public_key:
|
|
|
|
|
tasks.append({
|
2017-12-15 07:50:15 +00:00
|
|
|
'name': 'Set {} authorized key'.format(system_user.username),
|
2017-12-10 16:29:25 +00:00
|
|
|
'action': {
|
|
|
|
|
'module': 'authorized_key',
|
|
|
|
|
'args': "user={} state=present key='{}'".format(
|
|
|
|
|
system_user.username, system_user.public_key
|
|
|
|
|
)
|
|
|
|
|
}
|
2018-02-02 11:04:09 +00:00
|
|
|
})
|
|
|
|
|
if system_user.sudo:
|
2019-02-26 08:49:55 +00:00
|
|
|
sudo = system_user.sudo.replace('\r\n', '\n').replace('\r', '\n')
|
|
|
|
|
sudo_list = sudo.split('\n')
|
|
|
|
|
sudo_tmp = []
|
|
|
|
|
for s in sudo_list:
|
|
|
|
|
sudo_tmp.append(s.strip(','))
|
|
|
|
|
sudo = ','.join(sudo_tmp)
|
2018-02-02 11:04:09 +00:00
|
|
|
tasks.append({
|
2017-12-15 07:50:15 +00:00
|
|
|
'name': 'Set {} sudo setting'.format(system_user.username),
|
2017-12-10 16:29:25 +00:00
|
|
|
'action': {
|
|
|
|
|
'module': 'lineinfile',
|
|
|
|
|
'args': "dest=/etc/sudoers state=present regexp='^{0} ALL=' "
|
|
|
|
|
"line='{0} ALL=(ALL) NOPASSWD: {1}' "
|
|
|
|
|
"validate='visudo -cf %s'".format(
|
2019-02-26 08:49:55 +00:00
|
|
|
system_user.username, sudo,
|
2017-12-10 16:29:25 +00:00
|
|
|
)
|
|
|
|
|
}
|
2018-02-02 11:04:09 +00:00
|
|
|
})
|
2019-06-13 10:58:43 +00:00
|
|
|
|
|
|
|
|
return tasks
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def get_push_windows_system_user_tasks(system_user):
|
|
|
|
|
tasks = []
|
|
|
|
|
if system_user.password:
|
|
|
|
|
tasks.append({
|
|
|
|
|
'name': 'Add user {}'.format(system_user.username),
|
|
|
|
|
'action': {
|
|
|
|
|
'module': 'win_user',
|
|
|
|
|
'args': 'fullname={} '
|
|
|
|
|
'name={} '
|
|
|
|
|
'password={} '
|
|
|
|
|
'state=present '
|
2019-06-13 11:46:27 +00:00
|
|
|
'update_password=always '
|
2019-06-13 10:58:43 +00:00
|
|
|
'password_expired=no '
|
|
|
|
|
'password_never_expires=yes '
|
|
|
|
|
'groups="Users,Remote Desktop Users" '
|
|
|
|
|
'groups_action=add '
|
|
|
|
|
''.format(system_user.name,
|
|
|
|
|
system_user.username,
|
|
|
|
|
system_user.password),
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
return tasks
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def get_push_system_user_tasks(host, system_user):
|
|
|
|
|
if host.is_unixlike():
|
|
|
|
|
tasks = get_push_linux_system_user_tasks(system_user)
|
|
|
|
|
elif host.is_windows():
|
|
|
|
|
tasks = get_push_windows_system_user_tasks(system_user)
|
|
|
|
|
else:
|
|
|
|
|
msg = _(
|
|
|
|
|
"The asset {} system platform {} does not "
|
|
|
|
|
"support run Ansible tasks".format(host.hostname, host.platform)
|
|
|
|
|
)
|
|
|
|
|
logger.info(msg)
|
|
|
|
|
tasks = []
|
2017-12-10 16:29:25 +00:00
|
|
|
return tasks
|
|
|
|
|
|
|
|
|
|
|
2017-12-15 07:50:15 +00:00
|
|
|
@shared_task
|
2018-12-10 02:11:54 +00:00
|
|
|
def push_system_user_util(system_user, assets, task_name):
|
2017-12-24 10:53:07 +00:00
|
|
|
from ops.utils import update_or_create_ansible_task
|
2018-12-10 02:11:54 +00:00
|
|
|
if not system_user.is_need_push():
|
|
|
|
|
msg = _("Push system user task skip, auto push not enable or "
|
2019-06-13 10:58:43 +00:00
|
|
|
"protocol is not ssh or rdp: {}").format(system_user.name)
|
2018-12-10 02:11:54 +00:00
|
|
|
logger.info(msg)
|
2019-06-13 10:58:43 +00:00
|
|
|
return {}
|
|
|
|
|
|
|
|
|
|
# Set root as system user is dangerous
|
|
|
|
|
if system_user.username.lower() in ["root", "administrator"]:
|
|
|
|
|
msg = _("For security, do not push user {}".format(system_user.username))
|
|
|
|
|
logger.info(msg)
|
|
|
|
|
return {}
|
2018-12-10 02:11:54 +00:00
|
|
|
|
2018-12-18 09:28:45 +00:00
|
|
|
hosts = clean_hosts(assets)
|
2018-01-05 09:57:02 +00:00
|
|
|
if not hosts:
|
|
|
|
|
return {}
|
2019-06-13 10:58:43 +00:00
|
|
|
|
|
|
|
|
hosts = clean_hosts_by_protocol(system_user, hosts)
|
|
|
|
|
if not hosts:
|
|
|
|
|
return {}
|
|
|
|
|
|
2019-03-18 02:15:33 +00:00
|
|
|
for host in hosts:
|
|
|
|
|
system_user.load_specific_asset_auth(host)
|
2019-06-13 10:58:43 +00:00
|
|
|
tasks = get_push_system_user_tasks(host, system_user)
|
|
|
|
|
if not tasks:
|
|
|
|
|
continue
|
2019-03-18 02:15:33 +00:00
|
|
|
task, created = update_or_create_ansible_task(
|
|
|
|
|
task_name=task_name, hosts=[host], tasks=tasks, pattern='all',
|
|
|
|
|
options=const.TASK_OPTIONS, run_as_admin=True,
|
|
|
|
|
created_by=system_user.org_id,
|
|
|
|
|
)
|
|
|
|
|
task.run()
|
2017-12-10 16:29:25 +00:00
|
|
|
|
|
|
|
|
|
2018-02-09 03:12:40 +00:00
|
|
|
@shared_task
|
|
|
|
|
def push_system_user_to_assets_manual(system_user):
|
2018-12-18 09:28:45 +00:00
|
|
|
assets = system_user.get_related_assets()
|
2018-09-03 03:24:25 +00:00
|
|
|
task_name = _("Push system users to assets: {}").format(system_user.name)
|
2018-12-10 02:11:54 +00:00
|
|
|
return push_system_user_util(system_user, assets, task_name=task_name)
|
2018-02-09 03:12:40 +00:00
|
|
|
|
|
|
|
|
|
2018-09-03 03:24:25 +00:00
|
|
|
@shared_task
|
|
|
|
|
def push_system_user_a_asset_manual(system_user, asset):
|
|
|
|
|
task_name = _("Push system users to asset: {} => {}").format(
|
2018-12-10 02:11:54 +00:00
|
|
|
system_user.name, asset
|
2018-09-03 03:24:25 +00:00
|
|
|
)
|
2018-12-10 02:11:54 +00:00
|
|
|
return push_system_user_util(system_user, [asset], task_name=task_name)
|
2018-09-03 03:24:25 +00:00
|
|
|
|
|
|
|
|
|
2018-04-08 12:02:40 +00:00
|
|
|
@shared_task
|
|
|
|
|
def push_system_user_to_assets(system_user, assets):
|
2018-09-03 03:24:25 +00:00
|
|
|
task_name = _("Push system users to assets: {}").format(system_user.name)
|
2018-12-10 02:11:54 +00:00
|
|
|
return push_system_user_util(system_user, assets, task_name)
|
2017-03-15 16:19:47 +00:00
|
|
|
|
|
|
|
|
|
2018-12-18 12:14:44 +00:00
|
|
|
@shared_task
|
2019-01-15 02:23:30 +00:00
|
|
|
@after_app_shutdown_clean_periodic
|
2018-12-18 12:14:44 +00:00
|
|
|
def test_system_user_connectability_period():
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@shared_task
|
2019-01-15 02:23:30 +00:00
|
|
|
@after_app_shutdown_clean_periodic
|
2018-12-18 12:14:44 +00:00
|
|
|
def test_admin_user_connectability_period():
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
|
2019-06-13 10:58:43 +00:00
|
|
|
#### Test Asset user connectivity task ####
|
|
|
|
|
|
|
|
|
|
def get_test_asset_user_connectivity_tasks(asset):
|
|
|
|
|
if asset.is_unixlike():
|
|
|
|
|
tasks = const.TEST_ASSET_USER_CONN_TASKS
|
|
|
|
|
elif asset.is_windows():
|
|
|
|
|
tasks = const.TEST_WINDOWS_ASSET_USER_CONN_TASKS
|
|
|
|
|
else:
|
|
|
|
|
msg = _(
|
|
|
|
|
"The asset {} system platform {} does not "
|
|
|
|
|
"support run Ansible tasks".format(asset.hostname, asset.platform)
|
|
|
|
|
)
|
|
|
|
|
logger.info(msg)
|
|
|
|
|
tasks = []
|
|
|
|
|
return tasks
|
|
|
|
|
|
|
|
|
|
|
2019-03-18 02:15:33 +00:00
|
|
|
@shared_task
|
|
|
|
|
def set_asset_user_connectivity_info(asset_user, result):
|
|
|
|
|
summary = result[1]
|
2019-06-19 03:31:38 +00:00
|
|
|
if summary.get('contacted'):
|
|
|
|
|
connectivity = 1
|
|
|
|
|
elif summary.get("dark"):
|
|
|
|
|
connectivity = 0
|
|
|
|
|
else:
|
|
|
|
|
connectivity = 3
|
|
|
|
|
asset_user.connectivity = connectivity
|
2019-03-18 02:15:33 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@shared_task
|
2019-06-19 03:31:38 +00:00
|
|
|
def test_asset_user_connectivity_util(asset_user, task_name, run_as_admin=False):
|
2019-03-18 02:15:33 +00:00
|
|
|
"""
|
|
|
|
|
:param asset_user: <AuthBook>对象
|
|
|
|
|
:param task_name:
|
|
|
|
|
:return:
|
|
|
|
|
"""
|
|
|
|
|
from ops.utils import update_or_create_ansible_task
|
2019-06-13 10:58:43 +00:00
|
|
|
|
2019-03-18 02:15:33 +00:00
|
|
|
if not check_asset_can_run_ansible(asset_user.asset):
|
|
|
|
|
return
|
|
|
|
|
|
2019-06-13 10:58:43 +00:00
|
|
|
tasks = get_test_asset_user_connectivity_tasks(asset_user.asset)
|
|
|
|
|
if not tasks:
|
|
|
|
|
return
|
|
|
|
|
|
2019-06-19 03:31:38 +00:00
|
|
|
args = (task_name,)
|
|
|
|
|
kwargs = {
|
|
|
|
|
'hosts': [asset_user.asset], 'tasks': tasks,
|
|
|
|
|
'pattern': 'all', 'options': const.TASK_OPTIONS,
|
|
|
|
|
'created_by': asset_user.org_id,
|
|
|
|
|
}
|
|
|
|
|
if run_as_admin:
|
|
|
|
|
kwargs["run_as_admin"] = True
|
|
|
|
|
else:
|
|
|
|
|
kwargs["run_as"] = asset_user.username
|
|
|
|
|
task, created = update_or_create_ansible_task(*args, **kwargs)
|
2019-03-18 02:15:33 +00:00
|
|
|
result = task.run()
|
|
|
|
|
set_asset_user_connectivity_info(asset_user, result)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@shared_task
|
2019-06-19 03:31:38 +00:00
|
|
|
def test_asset_users_connectivity_manual(asset_users, run_as_admin=False):
|
2019-03-18 02:15:33 +00:00
|
|
|
"""
|
|
|
|
|
:param asset_users: <AuthBook>对象
|
|
|
|
|
"""
|
|
|
|
|
for asset_user in asset_users:
|
|
|
|
|
task_name = _("Test asset user connectivity: {}").format(asset_user)
|
2019-06-19 03:31:38 +00:00
|
|
|
test_asset_user_connectivity_util(asset_user, task_name, run_as_admin=run_as_admin)
|
2019-03-18 02:15:33 +00:00
|
|
|
|
|
|
|
|
|
2018-02-25 10:08:00 +00:00
|
|
|
# @shared_task
|
|
|
|
|
# @register_as_period_task(interval=3600)
|
|
|
|
|
# @after_app_ready_start
|
2019-01-15 02:23:30 +00:00
|
|
|
# @after_app_shutdown_clean_periodic
|
2018-02-25 10:08:00 +00:00
|
|
|
# def push_system_user_period():
|
|
|
|
|
# for system_user in SystemUser.objects.all():
|
|
|
|
|
# push_system_user_related_nodes(system_user)
|
2018-03-23 11:46:46 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
