feat(mongodb): 新增mongodb新建账号和删除账号flow TencentBlueKing#3087

yyhenryyy · Jan 19, 2024 · 0e88da5 · 0e88da5
1 parent 7318fad
commit 0e88da5
Show file tree

Hide file tree

Showing 12 changed files with 201 additions and 110 deletions.
diff --git a/dbm-services/mongo/db-tools/dbactuator/pkg/atomjobs/atommongodb/add_user.go b/dbm-services/mongo/db-tools/dbactuator/pkg/atomjobs/atommongodb/add_user.go
@@ -18,17 +18,18 @@ import (
 
 // AddUserConfParams 参数
 type AddUserConfParams struct {
-	IP            string   `json:"ip" validate:"required"`
-	Port          int      `json:"port" validate:"required"`
-	InstanceType  string   `json:"instanceType" validate:"required"`
-	Username      string   `json:"username" validate:"required"`
-	Password      string   `json:"password" validate:"required"`
-	AdminUsername string   `json:"adminUsername"`
-	AdminPassword string   `json:"adminPassword"`
-	AuthDb        string   `json:"authDb"`     // 为方便管理用户，验证库默认为admin库
-	Dbs           []string `json:"dbs"`        // 业务库
-	Privileges    []string `json:"privileges"` // 权限
-
+	IP            string `json:"ip" validate:"required"`
+	Port          int    `json:"port" validate:"required"`
+	InstanceType  string `json:"instanceType" validate:"required"`
+	Username      string `json:"username" validate:"required"`
+	Password      string `json:"password" validate:"required"`
+	AdminUsername string `json:"adminUsername"`
+	AdminPassword string `json:"adminPassword"`
+	AuthDb        string `json:"authDb"` // 为方便管理用户，验证库默认为admin库
+	DbsPrivileges []struct {
+		Db         string   `json:"db"`
+		Privileges []string `json:"privileges"`
+	} `json:"dbsPrivileges"` // 业务库 以及权限 [{"db":xxx,"privileges":[xxx,xxx]}]
 }
 
 // AddUser 添加分片到集群
@@ -151,16 +152,11 @@ func (u *AddUser) makeScriptContent() error {
 		u.ConfParams.AuthDb = "admin"
 	}
 
-	// 判断业务db是否存在
-	if len(u.ConfParams.Dbs) == 0 {
-		u.ConfParams.Dbs = []string{"admin"}
-	}
-
-	for _, db := range u.ConfParams.Dbs {
-		for _, privilege := range u.ConfParams.Privileges {
+	for _, dbPrivileges := range u.ConfParams.DbsPrivileges {
+		for _, privilege := range dbPrivileges.Privileges {
 			role := common.NewMongoRole()
 			role.Role = privilege
-			role.Db = db
+			role.Db = dbPrivileges.Db
 			user.Roles = append(user.Roles, role)
 		}
 	}

diff --git a/dbm-services/mongo/db-tools/mongo-toolkit-go/target/bs-cli_Darwin b/dbm-services/mongo/db-tools/mongo-toolkit-go/target/bs-cli_Darwin
diff --git a/dbm-ui/backend/flow/consts.py b/dbm-ui/backend/flow/consts.py
@@ -253,27 +253,6 @@ class MediumEnum(str, StructuredEnum):
     TBinlogDumper = EnumField("tbinlogdumper", _("tbinlogdumper实例"))
     Sqlserver = EnumField("sqlserver", _("sqlserver实例"))
     MongoDB = EnumField("mongodb", _("mongodb"))
-    MongoD = EnumField("mongod", _("mongod"))
-    MongoS = EnumField("mongos", _("mongos"))
-    MongoShardSvr = EnumField("shardsvr", _("shardsvr"))
-    MongoConfigSvr = EnumField("configsvr", _("configsvr"))
-    AuthDB = EnumField("admin", _("admin"))
-    DbaUser = EnumField("dba", _("dba"))
-    AppDbaUser = EnumField("appdba", _("appdba"))
-    MonitorUser = EnumField("monitor", _("monitor"))
-    AppMonitorUser = EnumField("appmonitor", _("appmonitor"))
-    RootRole = EnumField("root", _("root"))
-    BackupRole = EnumField("backup", _("backup"))
-    ClusterMonitorRole = EnumField("clusterMonitor", _("clusterMonitor"))
-    ReadAnyDatabaseRole = EnumField("readAnyDatabase", _("readAnyDatabase"))
-    HostManagerRole = EnumField("hostManager", _("hostManager"))
-    ReadWriteRole = EnumField("readWrite", _("readWrite"))
-    UserAdminAnyDatabaseRole = EnumField("userAdminAnyDatabase", _("userAdminAnyDatabase"))
-    DbAdminAnyDatabaseRole = EnumField("dbAdminAnyDatabase", _("dbAdminAnyDatabase"))
-    ReadWriteAnyDatabaseRole = EnumField("readWriteAnyDatabase", _("readWriteAnyDatabase"))
-    ClusterAdminRole = EnumField("clusterAdmin", _("clusterAdmin"))
-    MongoDBInitSet = EnumField("mongodb_init_set", _("mongodb_init_set"))
-    MongoDBExtraUserCreate = EnumField("mongodb_extra_user_create", _("mongodb_extra_user_create"))
 
 
 class CloudServiceName(str, StructuredEnum):
@@ -1155,8 +1134,62 @@ class SqlserverSysVersion(str, StructuredEnum):
     ],
 }
 
+
 class MongoDBClusterDefaultPort(int, StructuredEnum):
     """mongodb cluster默认端口"""
 
     CONFIG_PORT = EnumField(28021, _("config_port"))
     SHARD_START_PORT = EnumField(27001, _("shard_start_port"))
+
+
+class MongoDBManagerUser(str, StructuredEnum):
+    """mongodb 管理用户"""
+
+    DbaUser = EnumField("dba", _("dba"))
+    AppDbaUser = EnumField("appdba", _("appdba"))
+    MonitorUser = EnumField("monitor", _("monitor"))
+    AppMonitorUser = EnumField("appmonitor", _("appmonitor"))
+
+
+class MongoDBUserPrivileges(str, StructuredEnum):
+    """mongodb 用户权限"""
+
+    RootRole = EnumField("root", _("root"))
+    BackupRole = EnumField("backup", _("backup"))
+    ClusterMonitorRole = EnumField("clusterMonitor", _("clusterMonitor"))
+    ReadAnyDatabaseRole = EnumField("readAnyDatabase", _("readAnyDatabase"))
+    HostManagerRole = EnumField("hostManager", _("hostManager"))
+    ReadWriteRole = EnumField("readWrite", _("readWrite"))
+    UserAdminAnyDatabaseRole = EnumField("userAdminAnyDatabase", _("userAdminAnyDatabase"))
+    DbAdminAnyDatabaseRole = EnumField("dbAdminAnyDatabase", _("dbAdminAnyDatabase"))
+    ReadWriteAnyDatabaseRole = EnumField("readWriteAnyDatabase", _("readWriteAnyDatabase"))
+    ClusterAdminRole = EnumField("clusterAdmin", _("clusterAdmin"))
+    MongoDBInitSet = EnumField("mongodb_init_set", _("mongodb_init_set"))
+    MongoDBExtraUserCreate = EnumField("mongodb_extra_user_create", _("mongodb_extra_user_create"))
+
+
+class MongoDBTask(str, StructuredEnum):
+    """mongodb 任务"""
+
+    MongoDBInitSet = EnumField("mongodb_init_set", _("mongodb_init_set"))
+    MongoDBExtraUserCreate = EnumField("mongodb_extra_user_create", _("mongodb_extra_user_create"))
+
+
+class MongoDBInstanceType(str, StructuredEnum):
+    """mongodb 实例类型"""
+
+    MongoD = EnumField("mongod", _("mongod"))
+    MongoS = EnumField("mongos", _("mongos"))
+
+
+class MongoDBDfaultAuthDB(str, StructuredEnum):
+    """mongodb 默认验证db"""
+
+    AuthDB = EnumField("admin", _("admin"))
+
+
+class MongoDBShardType(str, StructuredEnum):
+    """mongodb shard类型"""
+
+    MongoShardSvr = EnumField("shardsvr", _("shardsvr"))
+    MongoConfigSvr = EnumField("configsvr", _("configsvr"))
diff --git a/dbm-ui/backend/flow/engine/bamboo/scene/mongodb/mongodb_install.py b/dbm-ui/backend/flow/engine/bamboo/scene/mongodb/mongodb_install.py
@@ -47,7 +47,7 @@ def __init__(self, root_id: str, data: Optional[Dict]):
         self.data = payload_clusters
         self.get_kwargs = ActKwargs()
         self.get_kwargs.payload = payload_clusters
-        self.get_kwargs.get_inti_info()
+        self.get_kwargs.get_init_info()
         self.get_kwargs.get_file_path()
 
     def prepare_job(self, pipeline: Builder):

diff --git a/dbm-ui/backend/flow/engine/bamboo/scene/mongodb/mongodb_user.py b/dbm-ui/backend/flow/engine/bamboo/scene/mongodb/mongodb_user.py
@@ -32,9 +32,8 @@ def __init__(self, root_id: str, data: Optional[Dict]):
         self.data = data
         self.get_kwargs = ActKwargs()
         self.get_kwargs.payload = data
-        self.get_kwargs.get_file_path()
 
-    def multi_cluster_create_user_flow(self, create: bool):
+    def multi_cluster_user_flow(self, create: bool):
         """
         multi replicaset create/delete user流程
         create True：创建
@@ -45,16 +44,19 @@ def multi_cluster_create_user_flow(self, create: bool):
         pipeline = Builder(root_id=self.root_id, data=self.data)
 
         # 创建/删除用户子流程并行
-        sub_pipelines = []
-        for cluster_id in self.data["cluster_ids"]:
-            sub_pipline = user(
-                root_id=self.root_id,
-                ticket_data=self.data,
-                sub_kwargs=self.get_kwargs,
-                cluster_id=cluster_id,
-                create=create,
-            )
-            sub_pipelines.append(sub_pipline)
-        pipeline.add_parallel_sub_pipeline(sub_flow_list=sub_pipelines)
+        for info in self.data["infos"]:
+            sub_pipelines = []
+            for cluster_id in info["cluster_ids"]:
+                sub_pipline = user(
+                    root_id=self.root_id,
+                    ticket_data=self.data,
+                    sub_kwargs=self.get_kwargs,
+                    cluster_id=cluster_id,
+                    create=create,
+                    info=info,
+                )
+                sub_pipelines.append(sub_pipline)
+            pipeline.add_parallel_sub_pipeline(sub_flow_list=sub_pipelines)
+
         # 运行流程
         pipeline.run_pipeline()
diff --git a/dbm-ui/backend/flow/engine/bamboo/scene/mongodb/sub_task/replicaset_install.py b/dbm-ui/backend/flow/engine/bamboo/scene/mongodb/sub_task/replicaset_install.py
@@ -14,7 +14,7 @@
 
 from django.utils.translation import ugettext as _
 
-from backend.flow.consts import MediumEnum
+from backend.flow.consts import MongoDBManagerUser, MongoDBTask
 from backend.flow.engine.bamboo.scene.common.builder import SubBuilder
 from backend.flow.plugins.components.collections.mongodb.add_domain_to_dns import ExecAddDomainToDnsOperationComponent
 from backend.flow.plugins.components.collections.mongodb.add_password_to_db import (
@@ -79,14 +79,19 @@ def replicaset_install(
     )
 
     # 创建appdba，monitor，monitor用户
-    kwargs = sub_get_kwargs.get_init_exec_script_kwargs(script_type=MediumEnum.MongoDBExtraUserCreate)
+    kwargs = sub_get_kwargs.get_init_exec_script_kwargs(script_type=MongoDBTask.MongoDBExtraUserCreate)
     sub_pipeline.add_act(
         act_name=_("MongoDB--创建额外管理用户"), act_component_code=ExecuteDBActuatorJobComponent.code, kwargs=kwargs
     )
 
     # dba, appdba，monitor，monitor用户密码写入密码服务
     kwargs = sub_get_kwargs.get_add_password_to_db_kwargs(
-        usernames=[MediumEnum.DbaUser, MediumEnum.AppDbaUser, MediumEnum.MonitorUser, MediumEnum.AppMonitorUser],
+        usernames=[
+            MongoDBManagerUser.DbaUser.value,
+            MongoDBManagerUser.AppDbaUser.value,
+            MongoDBManagerUser.MonitorUser.value,
+            MongoDBManagerUser.AppMonitorUser.value,
+        ],
         info=sub_get_kwargs.replicaset_info,
     )
     sub_pipeline.add_act(
@@ -98,7 +103,7 @@ def replicaset_install(
     # 进行初始配置
     # 创建oplog重放权限的role，把role授权给dba，appdba 把admin库的gcs_heartbeat授予给monitor用户
     # 3.x版本修改验证方式
-    kwargs = sub_get_kwargs.get_init_exec_script_kwargs(script_type=MediumEnum.MongoDBInitSet)
+    kwargs = sub_get_kwargs.get_init_exec_script_kwargs(script_type=MongoDBTask.MongoDBInitSet)
     sub_pipeline.add_act(
         act_name=_("MongoDB-{}-db初始设置".format(sub_get_kwargs.replicaset_info["nodes"][0]["ip"])),
         act_component_code=ExecuteDBActuatorJobComponent.code,

diff --git a/dbm-ui/backend/flow/engine/bamboo/scene/mongodb/sub_task/user.py b/dbm-ui/backend/flow/engine/bamboo/scene/mongodb/sub_task/user.py
@@ -14,15 +14,15 @@
 
 from django.utils.translation import ugettext as _
 
-from backend.flow.consts import MediumEnum
+from backend.flow.consts import MongoDBManagerUser
 from backend.flow.engine.bamboo.scene.common.builder import SubBuilder
 from backend.flow.plugins.components.collections.mongodb.exec_actuator_job import ExecuteDBActuatorJobComponent
 from backend.flow.plugins.components.collections.mongodb.send_media import ExecSendMediaOperationComponent
 from backend.flow.utils.mongodb.mongodb_dataclass import ActKwargs
 
 
 def user(
-    root_id: str, ticket_data: Optional[Dict], sub_kwargs: ActKwargs, cluster_id: int, create: bool
+    root_id: str, ticket_data: Optional[Dict], sub_kwargs: ActKwargs, cluster_id: int, create: bool, info: dict
 ) -> SubBuilder:
     """
     单个cluster 创建/删除用户流程
@@ -35,23 +35,24 @@ def user(
     sub_pipeline = SubBuilder(root_id=root_id, data=ticket_data)
 
     # 获取信息
-    sub_get_kwargs.get_cluster_info_user(cluster_id=cluster_id, admin_user=MediumEnum.DbaUser)
+    sub_get_kwargs.get_cluster_info_user(cluster_id=cluster_id, admin_user=MongoDBManagerUser.DbaUser.value)
 
     # 介质下发
     kwargs = sub_get_kwargs.get_send_media_kwargs()
     sub_pipeline.add_act(
         act_name=_("MongoDB-介质下发"), act_component_code=ExecSendMediaOperationComponent.code, kwargs=kwargs
     )
 
-    # 创建用户
-    kwargs = sub_get_kwargs.get_user_kwargs(create=create, admin_user=MediumEnum.DbaUser)
+    # 创建或删除用户
+    print("info:", info)
+    kwargs = sub_get_kwargs.get_user_kwargs(create=create, admin_user=MongoDBManagerUser.DbaUser.value, info=info)
     if create:
-        act_name = _("MongoDB-cluster_id:{}-创建用户".format(str(cluster_id)))
+        act_name = _("MongoDB-cluster_id:{}-创建用户:{}".format(str(cluster_id), info["username"]))
         sub_name = _(
             "MongoDB--创建用户--cluster_id:{}-{}".format(str(cluster_id), sub_get_kwargs.payload["hosts"][0]["ip"])
         )
     else:
-        act_name = _("MongoDB-cluster_id:{}-删除用户".format(str(cluster_id)))
+        act_name = _("MongoDB-cluster_id:{}-删除用户:{}".format(str(cluster_id), info["username"]))
         sub_name = _(
             "MongoDB--删除用户--cluster_id:{}-{}".format(str(cluster_id), sub_get_kwargs.payload["hosts"][0]["ip"])
         )

diff --git a/dbm-ui/backend/flow/engine/controller/mongodb.py b/dbm-ui/backend/flow/engine/controller/mongodb.py
@@ -11,6 +11,7 @@
 from backend.flow.engine.bamboo.scene.mongodb.mongodb_backup import MongoBackupFlow
 from backend.flow.engine.bamboo.scene.mongodb.mongodb_fake_install import MongoFakeInstallFlow
 from backend.flow.engine.bamboo.scene.mongodb.mongodb_install import MongoDBInstallFlow
+from backend.flow.engine.bamboo.scene.mongodb.mongodb_user import MongoUserFlow
 from backend.flow.engine.controller.base import BaseController
 
 
@@ -48,3 +49,19 @@ def fake_install(self):
         """
         flow = MongoFakeInstallFlow(root_id=self.root_id, data=self.ticket_data)
         flow.start()
+
+    def create_user(self):
+        """
+        创建用户
+        """
+
+        flow = MongoUserFlow(root_id=self.root_id, data=self.ticket_data)
+        flow.multi_cluster_user_flow(True)
+
+    def delete_user(self):
+        """
+        删除用户
+        """
+
+        flow = MongoUserFlow(root_id=self.root_id, data=self.ticket_data)
+        flow.multi_cluster_user_flow(False)
diff --git a/dbm-ui/backend/flow/urls.py b/dbm-ui/backend/flow/urls.py
@@ -65,6 +65,8 @@
 from backend.flow.views.mongodb_scene import (
     ClusterInstallApiView,
     MongoBackupApiView,
+    MongoDBCreateUserView,
+    MongoDBDeleteUserView,
     MongoFakeInstallApiView,
     MultiReplicasetInstallApiView,
 )
@@ -250,6 +252,8 @@
     url(r"^scene/cluster_create$", ClusterInstallApiView.as_view()),
     url(r"^scene/mongo_backup$", MongoBackupApiView.as_view()),
     url(r"^scene/install_rs_fake$", MongoFakeInstallApiView.as_view()),
+    url(r"^scene/multi_cluster_create_user$", MongoDBCreateUserView.as_view()),
+    url(r"^scene/multi_cluster_delete_user$", MongoDBDeleteUserView.as_view()),
     # mongodb end
     url(r"^scene/install_mysql_apply$", InstallMySQLSingleSceneApiView.as_view()),
     url(r"^scene/install_mysql_ha_apply$", InstallMySQLHASceneApiView.as_view()),

diff --git a/dbm-ui/backend/flow/utils/mongodb/calculate_cluster.py b/dbm-ui/backend/flow/utils/mongodb/calculate_cluster.py
@@ -60,12 +60,12 @@ def replicase_calc(payload: dict, payload_clusters: dict, app: str, domain_prefi
         / node_replica_count
         / 1024
     )
-    if payload["infos"][0]["mongo_machine_set"][0]["storage"].get("/data1"):
+    if payload["infos"][0]["mongo_machine_set"][0]["storage_device"].get("/data1"):
         data_disk = "/data1"
-    elif payload["infos"][0]["mongo_machine_set"][0]["storage"].get("/data"):
+    elif payload["infos"][0]["mongo_machine_set"][0]["storage_device"].get("/data"):
         data_disk = "/data"
     oplog_size_mb = int(
-        payload["infos"][0]["mongo_machine_set"][0]["storage"].get(data_disk)["size"]
+        payload["infos"][0]["mongo_machine_set"][0]["storage_device"].get(data_disk)["size"]
         * 1024
         * oplog_percent
         / node_replica_count
@@ -127,20 +127,24 @@ def cluster_calc(payload: dict, payload_clusters: dict, app: str) -> dict:
         payload["nodes"]["mongo_config"][0]["bk_mem"] * MongoDBTotalCache.Cache_Percent / node_replica_count / 1024
     )
     # shard oplogSizeMB
-    if payload["nodes"]["mongodb"][0][0]["storage"].get("/data1"):
+    data_disk = "/data1"
+    if payload["nodes"]["mongodb"][0][0]["storage_device"].get("/data1"):
         data_disk = "/data1"
-    elif payload["nodes"]["mongodb"][0][0]["storage"].get("/data"):
+    elif payload["nodes"]["mongodb"][0][0]["storage_device"].get("/data"):
         data_disk = "/data"
     shard_oplog_size_mb = int(
-        payload["nodes"]["mongodb"][0][0]["storage"].get(data_disk)["size"] * 1024 * oplog_percent / node_replica_count
+        payload["nodes"]["mongodb"][0][0]["storage_device"].get(data_disk)["size"]
+        * 1024
+        * oplog_percent
+        / node_replica_count
     )
     # config oplogSizeMB
-    if payload["nodes"]["mongo_config"][0]["storage"].get("/data1"):
+    if payload["nodes"]["mongo_config"][0]["storage_device"].get("/data1"):
         data_disk = "/data1"
-    elif payload["nodes"]["mongo_config"][0]["storage"].get("/data"):
+    elif payload["nodes"]["mongo_config"][0]["storage_device"].get("/data"):
         data_disk = "/data"
     config_oplog_size_mb = int(
-        payload["nodes"]["mongo_config"][0]["storage"].get(data_disk)["size"] * 1024 * oplog_percent
+        payload["nodes"]["mongo_config"][0]["storage_device"].get(data_disk)["size"] * 1024 * oplog_percent
     )
 
     # 获取全部主机