cmdb新增自动判断并生成秘钥对

Author: yangmv

README.md

@@ -16,6 +16,7 @@
 
 #### 一 安装依赖
 ```
+yum -y install $(cat rpm_requirements.txt) 
 pip3 install --upgrade pip
 pip3 install -r requirements.txt
 ```

apps/assets/cores/__pycache__/server.cpython-36.pyc

@@ -9,12 +9,11 @@
 from ops.settings import BASE_DIR
 from assets.models import server as models
 from apps.ws.cores.api import get_asset_info
-from libs.common import remoteUpfile_Exec,remoteUpfile_Exec_KEY,getKeyFile
+from libs.common import remoteUpfile_Exec,remoteUpfile_Exec_KEY,getKeyFile,exec_shell
 from ops.settings import PUBLIC_KEY
 import json
 import os
 import threading
-from django.core import exceptions
 
 def rsyncHostData(data):
     '''更新获取到的资产信息入库CMDB'''
@@ -39,8 +38,44 @@ def __init__(self,hosts):
         self.hosts = hosts
         self.lock = threading.Lock()
         self.Error = {}
+        self.rsa_dir = os.path.dirname(PUBLIC_KEY)
+
+    @property
+    def check_rsa(self):
+        '''检查CMDB Server端秘钥对配置'''
+        obj = models.Configs.objects.filter(name='cmdb').first()
+        if not obj:
+            id_rsa_exists = os.path.exists('%s/id_rsa'%self.rsa_dir)
+            # 如果本地有，则无需重新生成
+            if not id_rsa_exists:
+                check_rsa = self.initRsa()
+                if not check_rsa:
+                    return False
+            self.saveConf()
+            return True
+        else:
+            return True
+
+    def initRsa(self):
+        '''Server端生成秘钥对，并写入配置'''
+        cmd = 'ssh-keygen -t rsa -P "" -f %s/id_rsa'%self.rsa_dir
+        code,ret = exec_shell(cmd)
+        if code == 0:
+            return True
+        else:
+            return False
+
+    def saveConf(self):
+        '''把读取或者生成的秘钥信息保存到SQL'''
+        with open('%s/id_rsa'%self.rsa_dir,'r') as id_rsa,open('%s/id_rsa.pub'%self.rsa_dir,'r') as id_rsa_pub:
+            models.Configs.objects.get_or_create(
+                name = 'cmdb',
+                id_rsa = id_rsa.read(),
+                id_rsa_pub = id_rsa_pub.read()
+            )
 
     def start(self):
+        '''批量下发server端公钥到client端'''
         threads = [threading.Thread(target=self.exec, args=(host,)) for host in self.hosts]
         for start_t in threads:
             start_t.start()
@@ -92,7 +127,7 @@ class getHostData_SSH():
     pass
 
 class getHostData():
-    '''通过AnsibleAPI 批量获取主机资产信息'''
+    '''通过AnsibleAPI 批量获取主机资产信息（容器环境不支持）'''
     def __init__(self,hosts):
         self.host_list = hosts
         self.Error_host = []

apps/assets/cores/server.py

@@ -0,0 +1,26 @@
+# Generated by Django 2.1.3 on 2019-01-11 17:10
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('assets', '0005_dbserver_region'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Configs',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('name', models.CharField(max_length=16, unique=True)),
+                ('id_rsa', models.TextField(blank=True, max_length=4096, null=True)),
+                ('id_rsa_pub', models.TextField(blank=True, max_length=4096, null=True)),
+            ],
+            options={
+                'verbose_name': 'CMDB配置表',
+                'verbose_name_plural': 'CMDB配置表',
+            },
+        ),
+    ]

apps/assets/migrations/0006_configs.py

@@ -159,4 +159,13 @@ class RecorderLog(models.Model):
     data = models.TextField(null=True,blank=True)
     class Meta:
         verbose_name = '回放日志'
-        verbose_name_plural = '回放日志'
+        verbose_name_plural = '回放日志'
+
+
+class Configs(models.Model):
+    name = models.CharField(unique=True, max_length=16)
+    id_rsa = models.TextField(max_length=4096, blank=True, null=True)       #私钥
+    id_rsa_pub = models.TextField(max_length=4096, blank=True, null=True)   #公钥
+    class Meta:
+        verbose_name = 'CMDB配置表'
+        verbose_name_plural = 'CMDB配置表'

apps/assets/models/__pycache__/server.cpython-36.pyc

@@ -235,14 +235,17 @@ def post(self, request, format=None):
         if request.data and type(request.data) == list:
             hosts = models.Server.objects.filter(id__in=request.data)
             obj = rsyncPublicKey(hosts)
-            rsync = obj.start()
-            if rsync:
-                ret['msg'] = json.dumps(rsync,ensure_ascii=False)
+            if obj.check_rsa:
+                rsync = obj.start()
+                if rsync:
+                    ret['msg'] = json.dumps(rsync,ensure_ascii=False)
+                else:
+                    models.Server.objects.filter(id__in=request.data).update(public_key=True)
+                    ret['status'] = True
+                    ret['msg'] = 'Success'
+                    ret['data'] = request.data
             else:
-                models.Server.objects.filter(id__in=request.data).update(public_key=True)
-                ret['status'] = True
-                ret['msg'] = 'Success'
-                ret['data'] = request.data
+                ret['msg'] = '秘钥对生成失败,请手工生成秘钥对'
         else:
             ret['msg'] = 'args is None, Please Check!'
         return Response(ret)

apps/assets/models/server.py

@@ -1,7 +1,6 @@
 #!/usr/bin/env python
 #encoding:utf-8
 
-
 def get_object(model, **kwargs):
     """
     use this function for query