# coding: utf-8 import os import subprocess import commands import requests from SWSCloudNode.logger import logging from SWSCloudNode.settings import settings from SWSCloudNode.logger import logging ALLOWED_TASKS = [ 'container_delete', 'container_create', 'container_start', 'container_stop', 'container_restart', 'vm_create', 'vm_delete', 'vm_start', 'vm_stop', 'vm_restart', ] class Tasks: def __init__(self): self.endpoint = settings.get('server', 'endpoint') self.id = settings.get('server', 'id') self.secret = settings.get('server', 'secret') @staticmethod def is_allowed_task(task): if task in ALLOWED_TASKS: return True return False def get_item(self): try: response = requests.get('%s/server_api/task' % self.endpoint, auth=(self.id, self.secret)) except Exception as e: logging.error('no connection with %s' % self.endpoint) return None else: if response.status_code == 200: return response.json() logging.error("Unexpected status code: %d" % response.status_code) return None def interface2ip(self): # intf = open(self.settings['proxy_interface'], 'r').read().split('\n')[0] interface = "eth0" intf_ip = commands.getoutput("ip address show dev " + interface).split() intf_ip = intf_ip[intf_ip.index('inet') + 1].split('/')[0] return intf_ip def container_create(self, task): return True def container_destroy(self, task): # check exists container name if lxc.lxc().exists(task['parameters']['hostname']): # todo: if hostname already exists then node callback to server to rename container return False lxc.lxc().destroy(task['parameters']['hostname']) # TODO: check status # delete record from dnsmasq # dnsmasq.Dnsmasq().delete(task['parameters']['hostname']) return True def container_start(self, task): logging.debug("container_start") print "================ " print task lxc.lxc().start(task['parameters']['hostname']) # TODO: check status return True def container_stop(self, task): logging.debug("container_stop") lxc.lxc().stop(task['parameters']['hostname']) # TODO: check status return True def container_restart(self, task): logging.debug("container_restart") lxc.lxc().stop(task['parameters']['hostname']) lxc.lxc().start(task['parameters']['hostname']) # TODO: check status return True def init(self): task = TCPClient().request(Request().build("task_get", self.request_auth, None)) # check exists element 'version' if not "version" in task: logging.error("Response not contain 'version' element") return False if task['version'] == "1.0": if task['status'] == 0: if task['method'] == "container_create": # create container result = Task().container_create(task) if not result: return False task_update_result = TCPClient().request( Request().build("task_update", self.request_auth, {"task_id": task['task_id'], "status": 0})) # todo: hold job if status not 0 if task_update_result['status'] == 0: return True return False if task['method'] == "container_destroy": # delete hostname from dnsmasq /etc/lxc/dnsmasq.conf result = self.container_destroy(task) task_update_result = TCPClient().request( Request().build("task_update", self.request_auth, {"task_id": task['task_id'], "status": 0})) # todo: held job if status not 0 if task_update_result['status'] == 0: return True return False if task['method'] == "container_start": self.container_start(task) # todo: held job if status not 0 task_update_result = TCPClient().request( Request().build("task_update", self.request_auth, {"task_id": task['task_id'], "status": 0})) if task_update_result['status'] == 0: return True return False if task['method'] == "container_stop": self.container_stop(task) # TODO: held job if status not 0 task_update_result = TCPClient().request( Request().build("task_update", self.request_auth, {"task_id": task['task_id'], "status": 0})) if task_update_result['status'] == 0: return True return False if task['method'] == "container_restart": self.container_restart(task) # todo: held job if status not 0 task_update_result = TCPClient().request( Request().build("task_update", self.request_auth, {"task_id": task['task_id'], "status": 0})) if task_update_result['status'] == 0: return True return False if task['method'] == "container_clone": logging.debug("container_clone") # TODO: set clone_IP to DNSMASQ subprocess.call("/usr/bin/lxc-clone -o %(hostname)s -n %(clone_hostname)s" % task['parameters'], shell=True) # TODO: check container status # todo: held job if status not 0 task_update_result = TCPClient().request( Request().build("task_update", self.request_auth, {"task_id": task['task_id'], "status": 0})) if task_update_result['status'] == 0: return True return False if task['method'] == "service_mx_add": logging.debug("create container") # todo: held job if status not 0 if self.Request_tast_update(task['task_id'])['status'] == 0: return True return False if task['method'] == "service_mx_delete": logging.debug("create container") # todo: held job if status not 0 if self.Request_tast_update(task['task_id'])['status'] == 0: return True return False if task['method'] == "service_web_add": logging.debug("create container") # todo: held job if status not 0 nginx.Nginx().vhost_add(task['parameters']['vhost_id'], task['parameters']['vhost'], task['parameters']['container_ip']) nginx.Service().reload() task_update_result = TCPClient().request( Request().build("task_update", self.request_auth, {"task_id": task['task_id'], "status": 0})) if task_update_result['status'] == 0: return True return False if task['method'] == "service_web_delete": logging.debug("service_web_delete") # todo: held job if status not 0 print print task nginx.Nginx().vhost_delete(task['parameters']['container_ip'], task['parameters']['vhost_id']) nginx.Service().reload() task_update_result = TCPClient().request( Request().build("task_update", self.request_auth, {"task_id": task['task_id'], "status": 0})) if task_update_result['status'] == 0: return True return False if task['method'] == "service_web_update": logging.debug("create container") # todo: held job if status not 0 if self.Request_tast_update(task['task_id'])['status'] == 0: return True return False if task['method'] == "service_ssh_allow": logging.debug("service_ssh_allow") # todo: held job if status not 0 values = (self.interface2ip(), task['parameters']['port'], task['parameters']['container_ip'], 22) os.popen("ufw allow %s" % task['parameters']['port']) os.popen("iptables -t nat -I PREROUTING -p tcp -d %s --dport %s -j DNAT --to %s:%s" % values) task_update_result = TCPClient().request( Request().build("task_update", self.request_auth, {"task_id": task['task_id'], "status": 0})) if task_update_result['status'] == 0: return True return False if task['method'] == "service_ssh_deny": logging.debug("service_ssh_deny") # todo: held job if status not 0 logging.debug("------") logging.debug(task) os.popen("ufw deny %s" % task['parameters']['port']) logging.debug("------") task_update_result = TCPClient().request( Request().build("task_update", self.request_auth, {"task_id": task['task_id'], "status": 0})) if task_update_result['status'] == 0: return True return False else: if task['status'] == 4: print "auth fail" else: print "structure version not supported" return None