其他
蓝鲸实现虚拟机交付-跳板机管理(JUMP)
蓝鲸实现vsphere虚拟机交付 -虚拟机管理(VSPHERE)实现的是从模板克隆新的虚拟机,下面我们需要利用蓝鲸将其添加到jumpserver中,可通过jumpserver swagger来查看相关API。
思路
jumpserver添加主机的流程:
1.创建资产,需要主机的基本信息、管理用户、节点等信息;
2.推送系统用户,需要将主机推送到指定的系统用户下;
因此我们需要在跳板机管理下建两个原子:
1.创建资产原子
2.推送系统用户原子
流程如下:
跳板机管理(JUMP)开发
1.创建资产原子前端开发
vim jump_asset_create.js(function(){ $.atoms.jump_asset_create = [ { tag_code: "jump_asset_hostname", type: "input", attrs: { name: gettext("跳板机主机名"), placeholder: gettext("主机名"), hookable: true, validation: [ { type: "required" } ] } }, { tag_code: "jump_asset_host", type: "input", attrs: { name: gettext("IP"), placeholder: gettext("IP"), hookable: true, validation: [ { type: "required" } ] } }, { tag_code: "jump_asset_protocol", type: "select", attrs: { name: gettext("协议"), placeholder: gettext("协议"), items: [ {text: "ssh", value: "ssh"}, ], hookable: true, validation: [ { type: "required" } ] } }, { tag_code: "jump_asset_port", type: "select", attrs: { name: gettext("端口"), placeholder: gettext("SSH端口"), items: [ {text: "1022", value: "1022"}, {text: "22", value: "22"}, ], hookable: true, validation: [ { type: "required" } ] } }, { tag_code: "jump_asset_platform", type: "select", attrs: { name: gettext("系统平台"), placeholder: gettext("系统平台"), items: [ {text: "Linux", value: "Linux"}, ], hookable: true, validation: [ { type: "required" } ] } }, { tag_code: "jump_asset_adminuser", type: "select", attrs: { name: gettext("管理用户"), placeholder: gettext("管理用户"), items: [ {text: "all-server-root", value: "f2fe91582dcf44f4a711295953b1ffe2"}, ], hookable: true, validation: [ { type: "required" } ] } }, { tag_code: "jump_asset_node", type: "select", attrs: { name: gettext("跳板机节点"), placeholder: gettext("节点"), hookable: true, remote: true, remote_url: $.context.site_url + 'pipeline/jump_assets_nodes/' + $.context.biz_cc_id + '/', remote_data_init: function(resp) { return resp.data; }, validation: [ { type: "required" } ] } }, ]})();
开发完成展示如下:
2.推送系统用户原子前端开发
vim jump_system_user_push.js(function(){ $.atoms.jump_system_user_push = [ { tag_code: "jump_asset_id", type: "input", attrs: { name: gettext("资产"), placeholder: gettext("资产uuid"), hookable: true, validation: [ { type: "required" } ] } }, { tag_code: "jump_system_user", type: "select", attrs: { name: gettext("系统用户"), placeholder: gettext("系统用户uuid"), items: [ {text: "first_line_sa", value: "1e955415-df33-4bab-9228-42199c6714d4"}, {text: "second_line_sa", value: "991e668b-0bf0-4743-8bcb-2442a524f7da"}, ], hookable: true, validation: [ { type: "required" } ] } }, ]})();开发完成展示如下:
3.两个原子的后端开发
vim jump.py# -*- coding: utf-8 -*-"""jumpserver 跳板机管理
Tencent is pleased to support the open source community by making 蓝鲸智云PaaS平台社区版 (BlueKing PaaS CommunityEdition) available.Copyright (C) 2017-2019 THL A29 Limited, a Tencent company. All rights reserved.Licensed under the MIT License (the "License"); you may not use this file except in compliance with the License.You may obtain a copy of the License athttp://opensource.org/licenses/MITUnless required by applicable law or agreed to in writing, software distributed under the License is distributed onan "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for thespecific language governing permissions and limitations under the License."""
import logging
from pipeline.conf import settingsfrom pipeline.core.flow.activity import Servicefrom pipeline.component_framework.component import Component
#jump 原子所需扩展import requestsimport json
logger = logging.getLogger('celery')
__group_name__ = u"跳板机管理(JUMP)"
class JumpAssetCreateService(Service): __need_schedule__ = False
def execute(self, data, parent_data): jump_asset_hostname = data.get_one_of_inputs('jump_asset_hostname') jump_asset_host = data.get_one_of_inputs('jump_asset_host') jump_asset_protocol = data.get_one_of_inputs('jump_asset_protocol') jump_asset_port = data.get_one_of_inputs('jump_asset_port') jump_asset_platform = data.get_one_of_inputs('jump_asset_platform') #jump_asset_adminuser和jump_asset_node必须是uuid,否则请求jumpserver不成功 jump_asset_adminuser = data.get_one_of_inputs('jump_asset_adminuser') jump_asset_node = data.get_one_of_inputs('jump_asset_node')
headers = { "Authorization": "Token 8465f987623e372d14ddb88f3f1df3f3c9573955", "Content-Type": "application/json" } param = { "hostname": jump_asset_hostname, "ip": jump_asset_host, "protocol": jump_asset_protocol, "port": jump_asset_port, "platform": jump_asset_platform, "admin_user": jump_asset_adminuser, "nodes": [jump_asset_node] }
response = requests.post('http://jump.test.cn/api/assets/v1/assets/', data=json.dumps(param), headers=headers)
if response.status_code < 300: asset_id = response.json()["id"] data.set_outputs('asset_id', asset_id) return True else: data.set_outputs('ex_data', u"资产更新失败(可能资产已经存在),status_code: %s" % str(response.status_code)) return False def outputs_format(self): return [ self.OutputItem(name=(u'资产id'), key='asset_id', type='str'), self.OutputItem(name=(u'异常信息'), key='ex_data', type='str') ]
class JumpAssetCreateComponent(Component): name = u'创建资产' code = 'jump_asset_create' bound_service = JumpAssetCreateService #form = settings.STATIC_URL + 'custom_atoms/jumpserver/jump_asset_create.js' form = '%scustom_atoms/jump_asset_create.js' % settings.STATIC_URLclass JumpSystemUserPushService(Service): __need_schedule__ = False
def execute(self, data, parent_data): #jump_asset和jump_system_user必须是uuid,否则请求jumpserver不成功 jump_asset_id = data.get_one_of_inputs('jump_asset_id') jump_system_user = data.get_one_of_inputs('jump_system_user')
headers = { "Authorization": "Token 8465f987623e372d14ddb88f3f1df3f3c9573955", "Content-Type": "application/json" }
url = 'http://jump.test.cn/api/assets/v1/system-user/' + jump_system_user.strip() + '/asset/' + jump_asset_id.strip() + '/push/' try: #推送系统用户 response = requests.get(url, headers=headers) if response.status_code < 300: task = response.json()["task"] data.set_outputs('data', task) return True else: data.set_outputs('ex_data', u"推送系统用户失败,status_code: %s" % str(response.status_code)) return False except Exception as e: data.set_outputs('ex_data', e) logger.error(e) return False
def outputs_format(self): return [ self.OutputItem(name=(u'查询结果'), key='data', type='str'), self.OutputItem(name=(u'异常信息'), key='ex_data', type='str') ]
class JumpSystemUserPushComponent(Component): name = u'推送系统用户' code = 'jump_system_user_push' bound_service = JumpSystemUserPushService #form = settings.STATIC_URL + 'custom_atoms/jumpserver/jump_system_user_push.js' form = '%scustom_atoms/jump_system_user_push.js' % settings.STATIC_URL
后端开发过程需要注意:
jumpserver的jump_asset、jump_system_user、jump_asset_adminuser和jump_asset_node必须是uuid,否则请求jumpserver不成功
跳板机节点信息我们需要异步获取jumpserver的节点信息,如下:
vim bk-sops-atoms/pipeline_plugins/components/query/sites/open/query.py#获取jumpserver的节点信息def jump_assets_nodes(request, biz_cc_id): """ @summary: 查询jumpserver节点 @param request: @param biz_cc_id: @return: """ headers = { "Authorization": "Token 8465f987623e372d14ddb88f3f1df3f3c9573955", "Content-Type": "application/json" }
response = requests.get('http://jump.test.cn/api/assets/v1/nodes/', headers=headers) if response.status_code != 200: message = "[http://jump.test.cn/api/assets/v1/nodes/] status_code: %s" % str(response.status_code) logger.error(message) result = { 'result': False, 'data': [], 'message': message } return JsonResponse(result) assets_nodes = [] for item in response.json(): assets_nodes.append({ 'value': item['id'], 'text': item['value'] }) return JsonResponse({'result': True, 'data': assets_nodes})
#在此文件下添加路由urlpatterns = [ #新增获取jumpserver节点信息 url(r'^jump_assets_nodes/(?P<biz_cc_id>\d+)/$', jump_assets_nodes),]4.最终效果
填写新上架虚拟机的基本信息
最终执行过程如下:
总结
在开发跳板机管理原子时,前端异步获取的节点信息及路由方式是通过查看蓝鲸自带的获取方式进行模仿添加,可以将跳板机的最新的节点信息展示给我们,非常便捷。
蓝鲸实现vsphere虚拟机交付 -虚拟机管理(VSPHERE)
vcenter自定义规范定制虚拟机-vsphere client