diff --git a/apps/assets/automations/base/manager.py b/apps/assets/automations/base/manager.py index 7184d91f7..d9d1cc73f 100644 --- a/apps/assets/automations/base/manager.py +++ b/apps/assets/automations/base/manager.py @@ -252,8 +252,12 @@ class BasePlaybookManager: print('\033[31m %s \033[0m\n' % err_msg) not_valid.append(k) else: - jms_asset['address'] = '127.0.0.1' - jms_asset['port'] = server.local_bind_port + if host['ansible_connection'] == 'winrm': + host['ansible_host'] = '127.0.0.1' + host['ansible_port'] = server.local_bind_port + else: + jms_asset['address'] = '127.0.0.1' + jms_asset['port'] = server.local_bind_port servers.append(server) # 网域不可连接的,就不继续执行此资源的后续任务了 diff --git a/apps/ops/ansible/inventory.py b/apps/ops/ansible/inventory.py index e2b297b94..e3bdaf899 100644 --- a/apps/ops/ansible/inventory.py +++ b/apps/ops/ansible/inventory.py @@ -77,8 +77,9 @@ class JMSInventory: host['error'] = _("No account available") return host + port = protocol.port if protocol else 22 host['ansible_host'] = asset.address - host['ansible_port'] = protocol.port if protocol else 22 + host['ansible_port'] = port su_from = account.su_from if platform.su_enabled and su_from: @@ -95,36 +96,31 @@ class JMSInventory: host.update(self.make_account_ansible_vars(account)) if gateway: - host.update(self.make_proxy_command(gateway)) - - @staticmethod - def get_primary_protocol(protocols): - if protocols: - primary = protocols[0] - protocol = primary.name - port = primary.port - else: - protocol = 'null' - port = 0 - return protocol, port + ansible_connection = host.get('ansible_connection', 'ssh') + if ansible_connection in ('local', 'winrm'): + host['gateway'] = { + 'address': gateway.address, 'port': gateway.port, + 'username': gateway.username, 'secret': gateway.password + } + host['jms_asset']['port'] = port + else: + host.update(self.make_proxy_command(gateway)) @staticmethod def get_ansible_protocol(ansible_config, protocols): + invalid_protocol = type('protocol', (), {'name': 'null', 'port': 0}) ansible_connection = ansible_config.get('ansible_connection') - if ansible_connection and not ansible_config == 'smart': - # 数值越小,优先级越高 - protocol_priority = {'ssh': 10, 'winrm': 9, ansible_connection: 1} - - protocol_matched = list(filter(lambda x: x.name in protocol_priority, protocols)) - protocol_sorted = sorted(protocol_matched, key=lambda x: protocol_priority[x.name]) - - protocol = protocol_sorted[0] if protocol_sorted else None + # 数值越小,优先级越高,若用户在 ansible_config 中配置了,则提高用户配置方式的优先级 + protocol_priority = {'ssh': 10, 'winrm': 9, ansible_connection: 1} + protocol_sorted = sorted(protocols, key=lambda x: protocol_priority.get(x.name, 999)) + protocol = protocol_sorted[0] if protocol_sorted else invalid_protocol return protocol @staticmethod def fill_ansible_config(ansible_config, protocol): + if protocol.name in ('ssh', 'winrm'): + ansible_config['ansible_connection'] = protocol.name if protocol and protocol.name == 'winrm': - ansible_config['ansible_connection'] = 'winrm' if protocol.setting.get('use_ssl', False): ansible_config['ansible_winrm_scheme'] = 'https' ansible_config['ansible_winrm_transport'] = 'ssl' @@ -135,14 +131,19 @@ class JMSInventory: return ansible_config def asset_to_host(self, asset, account, automation, protocols, platform): - protocol, port = self.get_primary_protocol(protocols) + try: + ansible_config = dict(automation.ansible_config) + except (AttributeError, TypeError): + ansible_config = {} + + protocol = self.get_ansible_protocol(ansible_config, protocols) host = { 'name': '{}'.format(asset.name.replace(' ', '_')), 'jms_asset': { 'id': str(asset.id), 'name': asset.name, 'address': asset.address, 'type': asset.type, 'category': asset.category, - 'protocol': protocol, 'port': port, + 'protocol': protocol.name, 'port': protocol.port, 'spec_info': asset.spec_info, 'secret_info': asset.secret_info, 'protocols': [{'name': p.name, 'port': p.port} for p in protocols], }, @@ -155,30 +156,16 @@ class JMSInventory: if host['jms_account'] and asset.platform.type == 'oracle': host['jms_account']['mode'] = 'sysdba' if account.privileged else None - try: - ansible_config = dict(automation.ansible_config) - except (AttributeError, TypeError): - ansible_config = {} - - ansible_protocol = self.get_ansible_protocol(ansible_config, protocols) - ansible_config = self.fill_ansible_config(ansible_config, ansible_protocol) + ansible_config = self.fill_ansible_config(ansible_config, protocol) host.update(ansible_config) gateway = None if not asset.is_gateway and asset.domain: gateway = asset.domain.select_gateway() - ansible_connection = ansible_config.get('ansible_connection', 'ssh') - if ansible_connection == 'local': - if gateway: - host['gateway'] = { - 'address': gateway.address, 'port': gateway.port, - 'username': gateway.username, 'secret': gateway.password - } - else: - self.make_account_vars( - host, asset, account, automation, ansible_protocol, platform, gateway - ) + self.make_account_vars( + host, asset, account, automation, protocol, platform, gateway + ) return host def get_asset_sorted_accounts(self, asset):