一、实际生产的架构图
1、生产环境为什么要这样干
- 解耦
- 异步
2、常用的queue软件
- redis, rabbitmq
- github ,
- restful API
- celery
二、我们今天如何实现?
1、实现思路
问题:views和web之间已返回,线程这里就断开了,那是因为你用django又启了一个线程
怎样才启动一个独立的进程,和django是没有关系,只不过是用django启动的,由操作系统来管理
三、目录结构
四、代码实现
1、backend
1、main
- import subprocess
- from web import models
- from django.contrib.auth import authenticate
- import random,string,uuid
-
-
- class HostManager(object):
- """用户登陆堡垒机后的交互程序"""
- def __init__(self):
- self.user = None
- def get_session_id(self,bind_host_obj,tag):
- '''apply session id'''
- session_obj = models.Session(user_id = self.user.id,bind_host=bind_host_obj,tag=tag)
-
- session_obj.save()
- return session_obj
-
- def interactive(self):
- """交互脚本"""
- print("----run---------")
-
- count = 0
- while count <3:
- username = input("Username:").strip()
- password = input("Password:").strip()
- user = authenticate(username=username,password=password)
- if user:
- print("Welcome %s".center(50,'-') % user.name )
- self.user = user
- break
- else:
- print("Wrong username or password!")
-
- count += 1
-
- else:
- exit("Too many attempts, bye.")
-
- if self.user: #验证成功
- while True:
- for index,host_group in enumerate(self.user.host_groups.all()): #select_related()
- print("%s.\t%s[%s]" %(index,host_group.name, host_group.bind_hosts.count()))
- print("z.\t未分组主机[%s]" %(self.user.bind_hosts.count()))
-
-
- choice = input("%s>>:"% self.user.name).strip()
- if len(choice) == 0:continue
- selected_host_group = None
-
- if choice.isdigit():
- choice = int(choice)
- if choice >=0 and choice <= index: #合法选项
- selected_host_group = self.user.host_groups.all()[choice]
- elif choice == 'z':
- selected_host_group = self.user
-
- if selected_host_group:
- print("selected host group", selected_host_group)
- while True:
- for index, bind_host in enumerate(selected_host_group.bind_hosts.all()):
- print("%s.\t%s" % (index, bind_host))
- choice = choice = input("%s>>>:" % self.user.name).strip()
- if choice.isdigit():
- choice = int(choice)
- if choice >= 0 and choice <= index: # 合法选项
- print("going to logon ....", selected_host_group.bind_hosts.all()[choice])
- bind_host = selected_host_group.bind_hosts.all()[choice]
- ssh_tag = uuid.uuid4()
- session_obj = self.get_session_id(bind_host,ssh_tag)
-
- monitor_script = subprocess.Popen("sh /opt/CrazyEye/backend/session_tracker.sh %s %s" % (ssh_tag,session_obj.id),shell=True,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
-
- #print(monitor_script.stderr.read())
-
- subprocess.run('sshpass -p %s ssh %s@%s -E %s -o StrictHostKeyChecking=no' %(bind_host.remote_user.password,
- bind_host.remote_user.username,
- bind_host.host.ip_addr ,ssh_tag ), shell=True)
-
-
- elif choice == 'b':
- break
2、task_manager
- import json,os ,subprocess
- from django import conf
- from web import models
-
- class MultiTaskManger(object):
- """负责解析并触发批量任务"""
-
- def __init__(self,request):
- self.request = request
-
- self.call_task()
-
- def task_parser(self):
- """解析任务"""
- self.task_data = json.loads(self.request.POST.get("task_data"))
-
- def call_task(self):
-
- self.task_parser()
-
- if self.task_data['task_type'] == 0:#cmd
- self.cmd_task()
-
- elif self.task_data['task_type'] == 1:#file transfer
- self.file_transfer_task()
-
-
- def cmd_task(self):
- """
- 1.生产任务id
- 2.触发任务
- 3.返回任务id
- :return:
- """
-
- task_obj = models.Task.objects.create(user=self.request.user,
- task_type=self.task_data['task_type'],
- content = self.task_data["cmd"])
-
- sub_task_objs = []
-
- for host_id in self.task_data['selected_host_ids'] :
- sub_task_objs.append(models.TaskLogDetail(task=task_obj,bind_host_id=host_id,result='init...',status=2))
-
-
- models.TaskLogDetail.objects.bulk_create(sub_task_objs)
-
- task_script_obj = subprocess.Popen("python %s %s" %(conf.settings.MULTITASK_SCRIPT,task_obj.id),
- shell=True,stdout=subprocess.PIPE)
-
-
-
- self.task = task_obj
-
-
-
-
-
- def file_transfer_task(self):
- """
- 1.生产任务记录
- 2.触发任务
- 3. 返回任务id
- :return:
- """
-
-
- task_obj = models.Task.objects.create(user=self.request.user,
- task_type=self.task_data['task_type'],
- content=json.dumps(self.task_data))
-
- sub_task_objs = []
-
-
- for host_id in self.task_data['selected_host_ids']:
- sub_task_objs.append(models.TaskLogDetail(task=task_obj, bind_host_id=host_id, result='init...', status=2))
-
- models.TaskLogDetail.objects.bulk_create(sub_task_objs)
-
-
- task_script_obj = subprocess.Popen("python %s %s" % (conf.settings.MULTITASK_SCRIPT, task_obj.id),
- shell=True, stdout=subprocess.PIPE)
-
- self.task = task_obj
3、task_runner
- import sys ,os
- import time,json
- from concurrent.futures import ThreadPoolExecutor
-
- import paramiko
-
- def ssh_cmd(task_log_obj):
- host = task_log_obj.bind_host.host
- user_obj = task_log_obj.bind_host.remote_user
-
- try:
-
- ssh = paramiko.SSHClient()
- ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
- ssh.connect(host.ip_addr, host.port, user_obj.username, user_obj.password,timeout=10)
-
- stdin, stdout, stderr = ssh.exec_command(task_log_obj.task.content)
-
- stdout_res = stdout.read()
- stderr_res = stderr.read()
-
- result = stdout_res + stderr_res
- print(result)
- task_log_obj.result = result
-
- task_log_obj.status = 0
- ssh.close()
-
- except Exception as e :
- task_log_obj.result = e
- task_log_obj.status = 1
-
- task_log_obj.save()
-
- def file_transfer(task_log_obj):
- host = task_log_obj.bind_host.host
- user_obj = task_log_obj.bind_host.remote_user
- try:
-
- t = paramiko.Transport((host.ip_addr, host.port))
-
- t.connect(username=user_obj.username, password=user_obj.password)
-
- sftp = paramiko.SFTPClient.from_transport(t)
-
- task_data = json.loads(task_log_obj.task.content)
-
-
- if task_data['file_transfer_type'] == 'send':
- sftp.put(task_data['local_file_path'],task_data['remote_file_path'])
- task_log_obj.result = "send local file [%s] to remote [%s] succeeded!" %(task_data['local_file_path'],
- task_data['remote_file_path'])
-
- else: #get
-
- local_file_path = "%s/%s" %(django.conf.settings.DOWNLOAD_DIR,task_log_obj.task.id)
- if not os.path.isdir(local_file_path):
- os.mkdir(local_file_path)
- file_name = task_data['remote_file_path'].split('/')[-1]
- sftp.get(task_data['remote_file_path'], "%s/%s.%s" %(local_file_path,host.ip_addr,file_name))
- task_log_obj.result = "get remote file [%s] succeeded" %(task_data['remote_file_path'])
-
- t.close()
- task_log_obj.status = 0
-
- except Exception as e:
- task_log_obj.result = e
- task_log_obj.status = 1
- task_log_obj.save()
-
-
- if __name__ == '__main__':
-
- base_dir = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
- sys.path.append(base_dir)
- os.environ.setdefault("DJANGO_SETTINGS_MODULE", "CrazyEye.settings")
- import django
- django.setup()
- from django import conf
-
- from web import models
-
-
- if len(sys.argv) == 1:
- exit("error:must provide task_id!")
- task_id = sys.argv[1]
-
- task_obj = models.Task.objects.get(id=task_id)
-
-
- #1. 生产多线程
- pool = ThreadPoolExecutor(10)
-
-
- if task_obj.task_type == 0:#cmd
- thread_func = ssh_cmd
- else: #file_transfer
- thread_func = file_transfer
-
- for task_log_detail_obj in task_obj.tasklogdetail_set.all():
- pool.submit(thread_func,task_log_detail_obj)
-
- #ssh_cmd(task_log_detail_obj)
-
- pool.shutdown(wait=True)
2、CrazyEye
1、settings
1 import os 2 3 # Build paths inside the project like this: os.path.join(BASE_DIR, ...) 4 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 5 6 7 # Quick-start development settings - unsuitable for production 8 # See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/ 9 10 # SECURITY WARNING: keep the secret key used in production secret! 11 SECRET_KEY = 'c+lq-s!5j1($4zj+_3icw1xwr)yt#%x%&um#!e!b*-*5x(0&3a' 12 13 # SECURITY WARNING: don't run with debug turned on in production! 14 DEBUG = True 15 16 ALLOWED_HOSTS = ["*"] 17 18 19 # Application definition 20 21 INSTALLED_APPS = [ 22 'django.contrib.admin', 23 'django.contrib.auth', 24 'django.contrib.contenttypes', 25 'django.contrib.sessions', 26 'django.contrib.messages', 27 'django.contrib.staticfiles', 28 'web', 29 ] 30 31 MIDDLEWARE = [ 32 'django.middleware.security.SecurityMiddleware', 33 'django.contrib.sessions.middleware.SessionMiddleware', 34 'django.middleware.common.CommonMiddleware', 35 'django.middleware.csrf.CsrfViewMiddleware', 36 'django.contrib.auth.middleware.AuthenticationMiddleware', 37 'django.contrib.messages.middleware.MessageMiddleware', 38 'django.middleware.clickjacking.XFrameOptionsMiddleware', 39 ] 40 41 ROOT_URLCONF = 'CrazyEye.urls' 42 43 TEMPLATES = [ 44 { 45 'BACKEND': 'django.template.backends.django.DjangoTemplates', 46 'DIRS': [os.path.join(BASE_DIR, 'templates')] 47 , 48 'APP_DIRS': True, 49 'OPTIONS': { 50 'context_processors': [ 51 'django.template.context_processors.debug', 52 'django.template.context_processors.request', 53 'django.contrib.auth.context_processors.auth', 54 'django.contrib.messages.context_processors.messages', 55 ], 56 }, 57 }, 58 ] 59 60 WSGI_APPLICATION = 'CrazyEye.wsgi.application' 61 62 63 # Database 64 # https://docs.djangoproject.com/en/1.10/ref/settings/#databases 65 66 DATABASES = { 67 'default': { 68 'ENGINE': 'django.db.backends.sqlite3', 69 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'), 70 } 71 } 72 73 74 # Password validation 75 # https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators 76 77 AUTH_PASSWORD_VALIDATORS = [ 78 { 79 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', 80 }, 81 { 82 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', 83 }, 84 { 85 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', 86 }, 87 { 88 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', 89 }, 90 ] 91 92 93 # Internationalization 94 # https://docs.djangoproject.com/en/1.10/topics/i18n/ 95 96 LANGUAGE_CODE = 'en-us' 97 98 TIME_ZONE = 'UTC' 99 100 USE_I18N = True 101 102 USE_L10N = True 103 104 USE_TZ = True 105 106 107 # Static files (CSS, JavaScript, Images) 108 # https://docs.djangoproject.com/en/1.10/howto/static-files/ 109 110 STATIC_URL = '/static/' 111 112 STATICFILES_DIRS = ( 113 os.path.join(BASE_DIR,'statics'), 114 ) 115 116 117 AUTH_USER_MODEL = 'web.UserProfile' 118 119 AUDIT_LOG_DIR = os.path.join(BASE_DIR,'log') 120 MULTITASK_SCRIPT= os.path.join(BASE_DIR,'backend/task_runner.py') 121 122 DOWNLOAD_DIR = os.path.join(BASE_DIR,'downloads') 123 124 125 LOGIN_URL = "/login/"
2、urls
- from django.conf.urls import url
- from django.contrib import admin
- from web import views
-
- urlpatterns = [
- url(r'^admin/', admin.site.urls),
- url(r'^$', views.dashboard),
- url(r'^user_audit/$', views.user_audit,name="user_audit"),
- url(r'^audit_log/(\w+-\w+-\w+)/$', views.audit_log_date,name="audit_log_date"),
- url(r'^audit_log/(\w+-\w+-\w+)/(\d+)/$', views.audit_log_detail,name="audit_log_detail"),
- url(r'^webssh/$', views.webssh,name="webssh"),
- url(r'^multitask/cmd/$', views.multitask_cmd,name="multitask_cmd"),
- url(r'^multitask/file_transfer/$', views.multitask_file_transfer,name="multitask_file_transfer"),
- url(r'^multitask/$', views.multitask,name="multitask"),
- url(r'^multitask/result/$', views.multitask_result,name="task_result"),
- url(r'^login/$', views.acc_login),
- url(r'^logout/$', views.acc_logout,name="logout"),
-
- ]
3、templates
1、multitack_cmd.html
- {% extends 'index.html' %}
-
-
- {% block page-title %}主机管理|批量命令{% endblock %}
-
- {% block page-content %}
- {% csrf_token %}
-
- <div class="row">
-
- {% include 'multitask_host_list_component.html' %}
-
- <div class="col-lg-8">
- <div class="panel">
- <div class="panel-heading">
- <h3 class="panel-title">命令操作</h3>
- </div>
- <div class="panel-body">
- <textarea id="cmd_text" class="form-control"></textarea>
- <input type="button" id='post_task_btn' οnclick="PostTask(this,'cmd')" class="btn btn-success pull-right" value="执行命令">
- </div>
- </div>
- <div class="panel">
- <div class="panel-heading">
- <h3 class="panel-title">任务结果</h3>
- </div>
- <div class="panel-body">
- <ul id="task_result_container"></ul>
- </div>
- </div>
- </div>
-
- </div>
-
-
- {% include 'multitask_js_component.html' %}
-
- {% endblock %}
2、multitask_host_list_component
- <div class="col-lg-4">
- <div class="panel">
- <div class="panel-heading">
- <h3 class="panel-title">主机列表</h3>
- </div>
- <div class="panel-body">
- <div class="list-group bord-no">
- <a οnclick="HostListDisplayToggle(this)" class="list-group-item " href="#">
- <input type="checkbox" οnclick="SelectGroup(this)">
- 未分组主机
- <span class="badge badge-primary">{{ request.user.bind_hosts.count }}</span>
- </a>
- <ol class="hide">
- {% for bind_host in request.user.bind_hosts.all %}
- <li><input type="checkbox" select_host="true" value="{{ bind_host.id }}">{{ bind_host.host.hostname }}({{ bind_host.host.ip_addr }})@{{ bind_host.remote_user.username}}</li>
- {% endfor %}
- </ol>
-
-
-
- {% for host_group in request.user.host_groups.select_related %}
-
- <a οnclick="HostListDisplayToggle(this)" class="list-group-item " href="#">
- <input type="checkbox" οnclick="SelectGroup(this)">
- {{ host_group.name }}
- <span class="badge badge-primary">{{ host_group.bind_hosts.count }}</span>
- </a>
- <ol class="hide">
- {% for bind_host in host_group.bind_hosts.all %}
- <li><input type="checkbox" select_host="true" value="{{ bind_host.id }}">{{ bind_host.host.hostname }}({{ bind_host.host.ip_addr }})@{{ bind_host.remote_user.username}}</li>
- {% endfor %}
- </ol>
-
-
- {% endfor %}
- </div>
- </div>
- </div>
-
- </div>
3、multitask_js_component
- <script>
-
-
- function SelectFileTransferType(ele) {
- if ($(ele).val() == 'get'){
-
- $("#local_file_path").addClass("hide");
- }else {
- $("#local_file_path").removeClass("hide");
- }
- }
-
- function HostListDisplayToggle(ele) {
-
- $(ele).next().toggleClass("hide");
-
-
- }
-
- function SelectGroup(ele) {
-
- $(ele).parent().next().find("input").prop("checked",$(ele).prop("checked"))
-
- }
-
- function GetTaskResult(task_id) {
-
- $.getJSON( "{% url 'task_result' %}" ,{'task_id':task_id},function(callback){
-
- console.log( callback);
- var all_task_done = true;
- $.each(callback,function (index,ele) {
- var li_ele = $("li[bind_host_id='"+ ele['id'] +"']");
- li_ele.next().text(ele['result']);
- $(li_ele.children()[0]).text(ele.status);
- if ( ele.status == 2 ){
- all_task_done = false; //有任务未完成
- }
-
- })
-
- if (all_task_done){
-
- clearInterval(ResultRefreshObj);
- $("#post_task_btn").removeClass("disabled");
- }
-
- });//end getJSON
- }
-
-
- function PostTask(ele,task_type) {
-
- var selected_host_ids = [];
-
- $("input[select_host]:checked").each(function () {
- selected_host_ids.push( $(this).val() );
- })
-
- console.log(selected_host_ids)
- if (selected_host_ids.length == 0){
- alert("必须选择主机!")
- return false
- }
-
- if (task_type == "cmd"){
- var cmd_text = $("#cmd_text").val().trim();
-
- if (cmd_text.length == 0){
-
- alert("必须输入要执行的命令!")
- return false
- }
-
- var task_arguments = {
- 'selected_host_ids' : selected_host_ids,
- 'task_type':0 ,//cmd
- 'cmd': cmd_text,
-
- }
-
- }else {
-
- var file_transfer_type = $("select[name='file_transfer_type']").val()
- var local_file_path = $("#local_file_path").val().trim()
- var remote_file_path = $("#remote_file_path").val().trim()
- if (file_transfer_type == "send"){
- if (local_file_path.length == 0){
- alert("必须输入本地文件路径!")
- return false
- }
-
- }
-
- if (remote_file_path.length == 0){
- alert("必须输入远程文件路径!")
- return false
- }
-
- var task_arguments = {
- 'selected_host_ids' : selected_host_ids,
- 'task_type':1 ,//file_transfer
- 'file_transfer_type': file_transfer_type,
- 'local_file_path':local_file_path,
- 'remote_file_path':remote_file_path
-
- }
-
- }
-
-
-
-
-
-
- //再此任务执行完成前,不允许再提交新任务
- $(ele).addClass("disabled")
- //提交新任务之前情况任务结果面版
- $("#task_result_container").empty();
-
-
- $.post("{% url 'multitask' %}" , {'task_data':JSON.stringify(task_arguments),'csrfmiddlewaretoken':$("input[name='csrfmiddlewaretoken']").val() },function(callback){
-
- console.log(callback);
-
- var callback = JSON.parse(callback);
- $.each(callback.selected_hosts,function (index,ele) {
- var li_ele = "<li bind_host_id='"+ ele['id'] +"'>Host:" + ele.bind_host__host__hostname + "(" +ele.bind_host__host__ip_addr +")----------------<span></span></li><pre>sdff</pre>" ;
- $("#task_result_container").append(li_ele);
-
- })
-
-
-
- //去后端定时拿结果
- ResultRefreshObj = setInterval(function () {
-
- GetTaskResult(callback.task_id);
-
-
- },2000);
-
- });//end post
-
-
-
- }
-
- </script>
4、web
1、admin
1 from django.contrib import admin 2 3 from web import models 4 # Register your models here. 5 6 7 from django import forms 8 from django.contrib import admin 9 from django.contrib.auth.models import Group 10 from django.contrib.auth.admin import UserAdmin as BaseUserAdmin 11 from django.contrib.auth.forms import ReadOnlyPasswordHashField 12 13 from web.models import UserProfile 14 15 16 class UserCreationForm(forms.ModelForm): 17 """A form for creating new users. Includes all the required 18 fields, plus a repeated password.""" 19 password1 = forms.CharField(label='Password', widget=forms.PasswordInput) 20 password2 = forms.CharField(label='Password confirmation', widget=forms.PasswordInput) 21 22 class Meta: 23 model = UserProfile 24 fields = ('email', 'name') 25 26 def clean_password2(self): 27 # Check that the two password entries match 28 password1 = self.cleaned_data.get("password1") 29 password2 = self.cleaned_data.get("password2") 30 if password1 and password2 and password1 != password2: 31 raise forms.ValidationError("Passwords don't match") 32 return password2 33 34 def save(self, commit=True): 35 # Save the provided password in hashed format 36 user = super(UserCreationForm, self).save(commit=False) 37 user.set_password(self.cleaned_data["password1"]) 38 if commit: 39 user.save() 40 return user 41 42 43 class UserChangeForm(forms.ModelForm): 44 """A form for updating users. Includes all the fields on 45 the user, but replaces the password field with admin's 46 password hash display field. 47 """ 48 password = ReadOnlyPasswordHashField() 49 50 class Meta: 51 model = UserProfile 52 fields = ('email', 'password', 'name', 'is_active', 'is_admin') 53 54 def clean_password(self): 55 # Regardless of what the user provides, return the initial value. 56 # This is done here, rather than on the field, because the 57 # field does not have access to the initial value 58 return self.initial["password"] 59 60 61 class UserProfileAdmin(BaseUserAdmin): 62 # The forms to add and change user instances 63 form = UserChangeForm 64 add_form = UserCreationForm 65 66 # The fields to be used in displaying the User model. 67 # These override the definitions on the base UserAdmin 68 # that reference specific fields on auth.User. 69 list_display = ('email', 'name','is_staff', 'is_admin') 70 list_filter = ('is_admin','is_staff') 71 fieldsets = ( 72 (None, {'fields': ('email', 'password')}), 73 ('Personal info', {'fields': ('name',)}), 74 ('堡垒机主机授权', {'fields': ('bind_hosts','host_groups')}), 75 ('Permissions', {'fields': ('is_admin','is_staff','user_permissions','groups')}), 76 ) 77 # add_fieldsets is not a standard ModelAdmin attribute. UserAdmin 78 # overrides get_fieldsets to use this attribute when creating a user. 79 add_fieldsets = ( 80 (None, { 81 'classes': ('wide',), 82 'fields': ('email', 'name', 'password1', 'password2')} 83 ), 84 ) 85 search_fields = ('email',) 86 ordering = ('email',) 87 filter_horizontal = ('user_permissions','groups','bind_hosts','host_groups') 88 89 # Now register the new UserAdmin... 90 admin.site.register(models.UserProfile, UserProfileAdmin) 91 # ... and, since we're not using Django's built-in permissions, 92 # unregister the Group model from admin. 93 admin.site.unregister(Group) 94 95 96 97 class RemoteUserAdmin(admin.ModelAdmin): 98 list_display = ('username','auth_type','password') 99 100 101 class TaskAdmin(admin.ModelAdmin): 102 list_display = ['id','user','task_type','content','date'] 103 104 105 class TaskLogDetailAdmin(admin.ModelAdmin): 106 list_display = ['id','task','bind_host','result','status','start_date','end_date'] 107 108 109 admin.site.register(models.Host) 110 admin.site.register(models.HostGroup) 111 admin.site.register(models.BindHost) 112 admin.site.register(models.RemoteUser,RemoteUserAdmin) 113 admin.site.register(models.IDC) 114 admin.site.register(models.Session) 115 admin.site.register(models.Task,TaskAdmin) 116 admin.site.register(models.TaskLogDetail,TaskLogDetailAdmin)
2、models
1 from django.db import models 2 from django.contrib.auth.models import User 3 4 from django.contrib.auth.models import ( 5 BaseUserManager, AbstractBaseUser,PermissionsMixin 6 ) 7 8 9 10 # Create your models here. 11 12 class IDC(models.Model): 13 name = models.CharField(max_length=64,unique=True) 14 15 def __str__(self): 16 return self.name 17 18 class Host(models.Model): 19 """存储所有主机""" 20 hostname = models.CharField(max_length=64) 21 ip_addr = models.GenericIPAddressField(unique=True) 22 port = models.PositiveSmallIntegerField(default=22) 23 idc = models.ForeignKey("IDC") 24 25 enabled = models.BooleanField(default=True) 26 27 def __str__(self): 28 return self.ip_addr 29 30 31 32 class HostGroup(models.Model): 33 """主机组""" 34 name = models.CharField(max_length=64, unique=True) 35 bind_hosts = models.ManyToManyField("BindHost") 36 def __str__(self): 37 return self.name 38 39 40 41 class RemoteUser(models.Model): 42 """存储远程用户名密码""" 43 username = models.CharField(max_length=64) 44 auth_type_choices = ((0,'ssh/password'),(1,'ssh/key')) 45 auth_type = models.SmallIntegerField(choices=auth_type_choices,default=0) 46 password = models.CharField(max_length=128,blank=True,null=True) 47 48 #hosts = models.ManyToManyField("Host") 49 50 def __str__(self): 51 return "%s(%s)%s" %( self.username,self.get_auth_type_display(),self.password) 52 53 class Meta: 54 unique_together = ('username','auth_type','password') 55 56 class BindHost(models.Model): 57 """绑定远程主机和远程用户的对应关系""" 58 host = models.ForeignKey("Host") 59 remote_user = models.ForeignKey("RemoteUser") 60 61 def __str__(self): 62 return "%s -> %s" %(self.host,self.remote_user) 63 class Meta: 64 unique_together = ("host","remote_user") 65 66 67 68 class UserProfileManager(BaseUserManager): 69 def create_user(self, email, name, password=None): 70 """ 71 Creates and saves a User with the given email, date of 72 birth and password. 73 """ 74 if not email: 75 raise ValueError('Users must have an email address') 76 77 user = self.model( 78 email=self.normalize_email(email), 79 name=name, 80 ) 81 82 user.set_password(password) 83 user.save(using=self._db) 84 return user 85 86 def create_superuser(self, email, name, password): 87 """ 88 Creates and saves a superuser with the given email, date of 89 birth and password. 90 """ 91 user = self.create_user( 92 email, 93 password=password, 94 name=name, 95 ) 96 user.is_admin = True 97 user.is_staff = True 98 user.save(using=self._db) 99 return user 100 101 102 class UserProfile(AbstractBaseUser,PermissionsMixin): 103 email = models.EmailField( 104 verbose_name='email address', 105 max_length=255, 106 unique=True, 107 ) 108 name = models.CharField(max_length=64) 109 is_active = models.BooleanField(default=True) 110 is_admin = models.BooleanField(default=False) 111 is_staff = models.BooleanField( 112 ('staff status'), 113 default=False, 114 help_text=('Designates whether the user can log into this admin site.'), 115 ) 116 117 bind_hosts = models.ManyToManyField("BindHost",blank=True) 118 host_groups = models.ManyToManyField("HostGroup",blank=True) 119 120 objects = UserProfileManager() 121 122 USERNAME_FIELD = 'email' 123 REQUIRED_FIELDS = ['name',] 124 125 def get_full_name(self): 126 # The user is identified by their email address 127 return self.email 128 129 def get_short_name(self): 130 # The user is identified by their email address 131 return self.email 132 133 def __str__(self): # __unicode__ on Python 2 134 return self.email 135 136 def has_perm(self, perm, obj=None): 137 "Does the user have a specific permission?" 138 # Simplest possible answer: Yes, always 139 return True 140 141 def has_module_perms(self, app_label): 142 "Does the user have permissions to view the app `app_label`?" 143 # Simplest possible answer: Yes, always 144 return True 145 146 147 148 149 class Session(models.Model): 150 '''生成用户操作session id ''' 151 user = models.ForeignKey('UserProfile') 152 bind_host = models.ForeignKey('BindHost') 153 tag = models.CharField(max_length=128,default='n/a') 154 closed = models.BooleanField(default=False) 155 cmd_count = models.IntegerField(default=0) #命令执行数量 156 stay_time = models.IntegerField(default=0, help_text="每次刷新自动计算停留时间",verbose_name="停留时长(seconds)") 157 date = models.DateTimeField(auto_now_add=True) 158 159 def __str__(self): 160 return '<id:%s user:%s bind_host:%s>' % (self.id,self.user.email,self.bind_host.host) 161 class Meta: 162 verbose_name = '审计日志' 163 verbose_name_plural = '审计日志' 164 165 166 167 class Task(models.Model): 168 """批量任务记录表""" 169 user = models.ForeignKey("UserProfile") 170 task_type_choices = ((0,'cmd'),(1,'file_transfer')) 171 task_type = models.SmallIntegerField(choices=task_type_choices) 172 content = models.TextField(verbose_name="任务内容") 173 #hosts = models.ManyToManyField("BindHost") 174 date = models.DateTimeField(auto_now_add=True) 175 176 def __str__(self): 177 return "%s %s" %(self.task_type,self.content) 178 179 180 class TaskLogDetail(models.Model): 181 task = models.ForeignKey("Task") 182 bind_host = models.ForeignKey("BindHost") 183 result = models.TextField() 184 185 status_choices = ((0,'success'),(1,'failed'),(2,'init')) 186 status = models.SmallIntegerField(choices=status_choices) 187 188 start_date = models.DateTimeField(auto_now_add=True) 189 end_date = models.DateTimeField(blank=True,null=True) 190 191 192 def __str__(self): 193 return "%s %s" %(self.bind_host,self.status)
3、views
- from django.shortcuts import render,redirect,HttpResponse
- from django.contrib.auth.decorators import login_required
- from django.contrib.auth import authenticate,logout,login
- from django.conf import settings
- import os,re,json
- from web import models
- from backend.task_manager import MultiTaskManger
-
- from backend import audit
- # Create your views here.
-
- def json_date_handler(obj):
- if hasattr(obj, 'isoformat'):
- return obj.strftime("%Y-%m-%d %T")
-
-
-
- @login_required
- def dashboard(request):
- return render(request,'index.html')
-
-
- def acc_login(request):
-
- error_msg = ''
-
- if request.method == "POST":
- username = request.POST.get('username')
- password = request.POST.get('password')
- user = authenticate(username=username,password=password)
- if user:
- login(request,user)
-
- return redirect("/")
-
- else:
- error_msg = "Wrong username or password!"
- return render(request,"login.html",{'error_msg':error_msg})
-
-
- def acc_logout(request):
-
- logout(request)
-
- return redirect("/login/")
-
-
-
- @login_required
- def webssh(request):
- return render(request,'web_ssh.html')
-
- @login_required
- def user_audit(request):
-
- log_dirs = os.listdir(settings.AUDIT_LOG_DIR)
-
-
- return render(request,'user_audit.html',locals())
-
-
- @login_required
- def audit_log_date(request,log_date):
- log_date_path = "%s/%s" %(settings.AUDIT_LOG_DIR,log_date)
- log_file_dirs = os.listdir(log_date_path)
- session_ids = [re.search("\d+",i).group() for i in log_file_dirs ]
-
- session_objs = models.Session.objects.filter(id__in=session_ids)
-
- return render(request, 'user_audit_file_list.html', locals())
-
-
- @login_required
- def multitask_cmd(request):
-
- return render(request,"multitask_cmd.html")
-
- @login_required
- def multitask_file_transfer(request):
- return render(request,'multitask_file_transfer.html')
-
-
- @login_required
- def multitask_result(request):
- task_id = request.GET.get('task_id')
- task_obj = models.Task.objects.get(id=task_id)
- task_log_results = list(task_obj.tasklogdetail_set.values('id', 'result','status','start_date','end_date'))
-
- return HttpResponse(json.dumps(task_log_results,default=json_date_handler))
-
- @login_required
- def multitask(request):
-
- print("--->",request.POST)
- task_data = json.loads(request.POST.get('task_data'))
- print("--->selcted hosts",task_data)
-
- task_obj= MultiTaskManger(request)
- selected_hosts = list(task_obj.task.tasklogdetail_set.all().values('id', 'bind_host__host__ip_addr',
- 'bind_host__host__hostname', 'bind_host__remote_user__username'))
-
-
-
- return HttpResponse(
- json.dumps({'task_id':task_obj.task.id,'selected_hosts':selected_hosts})
- )
-
-
- @login_required
- def audit_log_detail(request,log_date,session_id):
- log_date_path = "%s/%s" % (settings.AUDIT_LOG_DIR, log_date)
- log_file_path = "%s/session_%s.log" %(log_date_path,session_id)
-
- log_parser = audit.AuditLogHandler(log_file_path)
- cmd_list = log_parser.parse()
-
- return render(request,"user_audit_detail.html",locals())
五、测试截图
1、执行一条命令
1、web端
2、admin后台
2、执行多条命令
1、web前端
2、admin后台
4、连接不上的命令截图
连接不上直接排除timeout
3、后台触发一条命令
1、后台触发创建
2、控制台截图
3、admin后台截图
4、执行结果前端web显示
1、任务结果前端显示hostid
2、任务结果限制执行结果
3、超时处理
4、机器连接不通
5、超时状态数字变化
6、执行成功状态变化
