Skip to content

Commit

Permalink
feat(mongodb): 新增mongodb新建账号和删除账号flow TencentBlueKing#3087
Browse files Browse the repository at this point in the history
yyhenryyy committed Jan 18, 2024
1 parent d9694f6 commit 1034c5a
Showing 11 changed files with 193 additions and 102 deletions.
Original file line number Diff line number Diff line change
@@ -16,6 +16,7 @@ import (
"github.com/go-playground/validator/v10"
)


// AddUserConfParams 参数
type AddUserConfParams struct {
IP string `json:"ip" validate:"required"`
@@ -26,9 +27,10 @@ type AddUserConfParams struct {
AdminUsername string `json:"adminUsername"`
AdminPassword string `json:"adminPassword"`
AuthDb string `json:"authDb"` // 为方便管理用户,验证库默认为admin库
Dbs []string `json:"dbs"` // 业务库
Privileges []string `json:"privileges"` // 权限

DbsPrivileges []struct{
Db string `json:"db"`
Privileges []string `json:"privileges"`
} `json:"dbsPrivileges"` // 业务库 以及权限 [{"db":xxx,"privileges":[xxx,xxx]}]
}

// AddUser 添加分片到集群
@@ -151,16 +153,11 @@ func (u *AddUser) makeScriptContent() error {
u.ConfParams.AuthDb = "admin"
}

// 判断业务db是否存在
if len(u.ConfParams.Dbs) == 0 {
u.ConfParams.Dbs = []string{"admin"}
}

for _, db := range u.ConfParams.Dbs {
for _, privilege := range u.ConfParams.Privileges {
for _, dbPrivileges := range u.ConfParams.DbsPrivileges {
for _, privilege := range dbPrivileges.Privileges {
role := common.NewMongoRole()
role.Role = privilege
role.Db = db
role.Db = dbPrivileges.Db
user.Roles = append(user.Roles, role)
}
}
74 changes: 53 additions & 21 deletions dbm-ui/backend/flow/consts.py
Original file line number Diff line number Diff line change
@@ -253,27 +253,6 @@ class MediumEnum(str, StructuredEnum):
TBinlogDumper = EnumField("tbinlogdumper", _("tbinlogdumper实例"))
Sqlserver = EnumField("sqlserver", _("sqlserver实例"))
MongoDB = EnumField("mongodb", _("mongodb"))
MongoD = EnumField("mongod", _("mongod"))
MongoS = EnumField("mongos", _("mongos"))
MongoShardSvr = EnumField("shardsvr", _("shardsvr"))
MongoConfigSvr = EnumField("configsvr", _("configsvr"))
AuthDB = EnumField("admin", _("admin"))
DbaUser = EnumField("dba", _("dba"))
AppDbaUser = EnumField("appdba", _("appdba"))
MonitorUser = EnumField("monitor", _("monitor"))
AppMonitorUser = EnumField("appmonitor", _("appmonitor"))
RootRole = EnumField("root", _("root"))
BackupRole = EnumField("backup", _("backup"))
ClusterMonitorRole = EnumField("clusterMonitor", _("clusterMonitor"))
ReadAnyDatabaseRole = EnumField("readAnyDatabase", _("readAnyDatabase"))
HostManagerRole = EnumField("hostManager", _("hostManager"))
ReadWriteRole = EnumField("readWrite", _("readWrite"))
UserAdminAnyDatabaseRole = EnumField("userAdminAnyDatabase", _("userAdminAnyDatabase"))
DbAdminAnyDatabaseRole = EnumField("dbAdminAnyDatabase", _("dbAdminAnyDatabase"))
ReadWriteAnyDatabaseRole = EnumField("readWriteAnyDatabase", _("readWriteAnyDatabase"))
ClusterAdminRole = EnumField("clusterAdmin", _("clusterAdmin"))
MongoDBInitSet = EnumField("mongodb_init_set", _("mongodb_init_set"))
MongoDBExtraUserCreate = EnumField("mongodb_extra_user_create", _("mongodb_extra_user_create"))


class CloudServiceName(str, StructuredEnum):
@@ -1161,3 +1140,56 @@ class MongoDBClusterDefaultPort(int, StructuredEnum):

CONFIG_PORT = EnumField(28021, _("config_port"))
SHARD_START_PORT = EnumField(27001, _("shard_start_port"))


class MongoDBManagerUser(str, StructuredEnum):
"""mongodb 管理用户"""

DbaUser = EnumField("dba", _("dba"))
AppDbaUser = EnumField("appdba", _("appdba"))
MonitorUser = EnumField("monitor", _("monitor"))
AppMonitorUser = EnumField("appmonitor", _("appmonitor"))


class MongoDBUserPrivileges(str, StructuredEnum):
"""mongodb 用户权限"""

RootRole = EnumField("root", _("root"))
BackupRole = EnumField("backup", _("backup"))
ClusterMonitorRole = EnumField("clusterMonitor", _("clusterMonitor"))
ReadAnyDatabaseRole = EnumField("readAnyDatabase", _("readAnyDatabase"))
HostManagerRole = EnumField("hostManager", _("hostManager"))
ReadWriteRole = EnumField("readWrite", _("readWrite"))
UserAdminAnyDatabaseRole = EnumField("userAdminAnyDatabase", _("userAdminAnyDatabase"))
DbAdminAnyDatabaseRole = EnumField("dbAdminAnyDatabase", _("dbAdminAnyDatabase"))
ReadWriteAnyDatabaseRole = EnumField("readWriteAnyDatabase", _("readWriteAnyDatabase"))
ClusterAdminRole = EnumField("clusterAdmin", _("clusterAdmin"))
MongoDBInitSet = EnumField("mongodb_init_set", _("mongodb_init_set"))
MongoDBExtraUserCreate = EnumField("mongodb_extra_user_create", _("mongodb_extra_user_create"))


class MongoDBTask(str, StructuredEnum):
"""mongodb 任务"""

MongoDBInitSet = EnumField("mongodb_init_set", _("mongodb_init_set"))
MongoDBExtraUserCreate = EnumField("mongodb_extra_user_create", _("mongodb_extra_user_create"))


class MongoDBInstanceType(str, StructuredEnum):
"""mongodb 实例类型"""

MongoD = EnumField("mongod", _("mongod"))
MongoS = EnumField("mongos", _("mongos"))


class MongoDBDfaultAuthDB(str, StructuredEnum):
"""mongodb 实例类型"""

AuthDB = EnumField("admin", _("admin"))


class MongoDBShardType(str, StructuredEnum):
"""mongodb 实例类型"""

MongoShardSvr = EnumField("shardsvr", _("shardsvr"))
MongoConfigSvr = EnumField("configsvr", _("configsvr"))
Original file line number Diff line number Diff line change
@@ -47,7 +47,7 @@ def __init__(self, root_id: str, data: Optional[Dict]):
self.data = payload_clusters
self.get_kwargs = ActKwargs()
self.get_kwargs.payload = payload_clusters
self.get_kwargs.get_inti_info()
self.get_kwargs.get_init_info()
self.get_kwargs.get_file_path()

def prepare_job(self, pipeline: Builder):
28 changes: 15 additions & 13 deletions dbm-ui/backend/flow/engine/bamboo/scene/mongodb/mongodb_user.py
Original file line number Diff line number Diff line change
@@ -32,9 +32,8 @@ def __init__(self, root_id: str, data: Optional[Dict]):
self.data = data
self.get_kwargs = ActKwargs()
self.get_kwargs.payload = data
self.get_kwargs.get_file_path()

def multi_cluster_create_user_flow(self, create: bool):
def multi_cluster_user_flow(self, create: bool):
"""
multi replicaset create/delete user流程
create True:创建
@@ -45,16 +44,19 @@ def multi_cluster_create_user_flow(self, create: bool):
pipeline = Builder(root_id=self.root_id, data=self.data)

# 创建/删除用户子流程并行
sub_pipelines = []
for cluster_id in self.data["cluster_ids"]:
sub_pipline = user(
root_id=self.root_id,
ticket_data=self.data,
sub_kwargs=self.get_kwargs,
cluster_id=cluster_id,
create=create,
)
sub_pipelines.append(sub_pipline)
pipeline.add_parallel_sub_pipeline(sub_flow_list=sub_pipelines)
for info in self.data["infos"]:
sub_pipelines = []
for cluster_id in info["cluster_ids"]:
sub_pipline = user(
root_id=self.root_id,
ticket_data=self.data,
sub_kwargs=self.get_kwargs,
cluster_id=cluster_id,
create=create,
info=info,
)
sub_pipelines.append(sub_pipline)
pipeline.add_parallel_sub_pipeline(sub_flow_list=sub_pipelines)

# 运行流程
pipeline.run_pipeline()
Original file line number Diff line number Diff line change
@@ -14,7 +14,7 @@

from django.utils.translation import ugettext as _

from backend.flow.consts import MediumEnum
from backend.flow.consts import MongoDBManagerUser, MongoDBTask
from backend.flow.engine.bamboo.scene.common.builder import SubBuilder
from backend.flow.plugins.components.collections.mongodb.add_domain_to_dns import ExecAddDomainToDnsOperationComponent
from backend.flow.plugins.components.collections.mongodb.add_password_to_db import (
@@ -79,14 +79,19 @@ def replicaset_install(
)

# 创建appdba,monitor,monitor用户
kwargs = sub_get_kwargs.get_init_exec_script_kwargs(script_type=MediumEnum.MongoDBExtraUserCreate)
kwargs = sub_get_kwargs.get_init_exec_script_kwargs(script_type=MongoDBTask.MongoDBExtraUserCreate)
sub_pipeline.add_act(
act_name=_("MongoDB--创建额外管理用户"), act_component_code=ExecuteDBActuatorJobComponent.code, kwargs=kwargs
)

# dba, appdba,monitor,monitor用户密码写入密码服务
kwargs = sub_get_kwargs.get_add_password_to_db_kwargs(
usernames=[MediumEnum.DbaUser, MediumEnum.AppDbaUser, MediumEnum.MonitorUser, MediumEnum.AppMonitorUser],
usernames=[
MongoDBManagerUser.DbaUser.value,
MongoDBManagerUser.AppDbaUser.value,
MongoDBManagerUser.MonitorUser.value,
MongoDBManagerUser.AppMonitorUser.value,
],
info=sub_get_kwargs.replicaset_info,
)
sub_pipeline.add_act(
@@ -98,7 +103,7 @@ def replicaset_install(
# 进行初始配置
# 创建oplog重放权限的role,把role授权给dba,appdba 把admin库的gcs_heartbeat授予给monitor用户
# 3.x版本修改验证方式
kwargs = sub_get_kwargs.get_init_exec_script_kwargs(script_type=MediumEnum.MongoDBInitSet)
kwargs = sub_get_kwargs.get_init_exec_script_kwargs(script_type=MongoDBTask.MongoDBInitSet)
sub_pipeline.add_act(
act_name=_("MongoDB-{}-db初始设置".format(sub_get_kwargs.replicaset_info["nodes"][0]["ip"])),
act_component_code=ExecuteDBActuatorJobComponent.code,
15 changes: 8 additions & 7 deletions dbm-ui/backend/flow/engine/bamboo/scene/mongodb/sub_task/user.py
Original file line number Diff line number Diff line change
@@ -14,15 +14,15 @@

from django.utils.translation import ugettext as _

from backend.flow.consts import MediumEnum
from backend.flow.consts import MongoDBManagerUser
from backend.flow.engine.bamboo.scene.common.builder import SubBuilder
from backend.flow.plugins.components.collections.mongodb.exec_actuator_job import ExecuteDBActuatorJobComponent
from backend.flow.plugins.components.collections.mongodb.send_media import ExecSendMediaOperationComponent
from backend.flow.utils.mongodb.mongodb_dataclass import ActKwargs


def user(
root_id: str, ticket_data: Optional[Dict], sub_kwargs: ActKwargs, cluster_id: int, create: bool
root_id: str, ticket_data: Optional[Dict], sub_kwargs: ActKwargs, cluster_id: int, create: bool, info: dict
) -> SubBuilder:
"""
单个cluster 创建/删除用户流程
@@ -35,23 +35,24 @@ def user(
sub_pipeline = SubBuilder(root_id=root_id, data=ticket_data)

# 获取信息
sub_get_kwargs.get_cluster_info_user(cluster_id=cluster_id, admin_user=MediumEnum.DbaUser)
sub_get_kwargs.get_cluster_info_user(cluster_id=cluster_id, admin_user=MongoDBManagerUser.DbaUser.value)

# 介质下发
kwargs = sub_get_kwargs.get_send_media_kwargs()
sub_pipeline.add_act(
act_name=_("MongoDB-介质下发"), act_component_code=ExecSendMediaOperationComponent.code, kwargs=kwargs
)

# 创建用户
kwargs = sub_get_kwargs.get_user_kwargs(create=create, admin_user=MediumEnum.DbaUser)
# 创建或删除用户
print("info:", info)
kwargs = sub_get_kwargs.get_user_kwargs(create=create, admin_user=MongoDBManagerUser.DbaUser.value, info=info)
if create:
act_name = _("MongoDB-cluster_id:{}-创建用户".format(str(cluster_id)))
act_name = _("MongoDB-cluster_id:{}-创建用户:{}".format(str(cluster_id), info["username"]))
sub_name = _(
"MongoDB--创建用户--cluster_id:{}-{}".format(str(cluster_id), sub_get_kwargs.payload["hosts"][0]["ip"])
)
else:
act_name = _("MongoDB-cluster_id:{}-删除用户".format(str(cluster_id)))
act_name = _("MongoDB-cluster_id:{}-删除用户:{}".format(str(cluster_id), info["username"]))
sub_name = _(
"MongoDB--删除用户--cluster_id:{}-{}".format(str(cluster_id), sub_get_kwargs.payload["hosts"][0]["ip"])
)
17 changes: 17 additions & 0 deletions dbm-ui/backend/flow/engine/controller/mongodb.py
Original file line number Diff line number Diff line change
@@ -11,6 +11,7 @@
from backend.flow.engine.bamboo.scene.mongodb.mongodb_backup import MongoBackupFlow
from backend.flow.engine.bamboo.scene.mongodb.mongodb_fake_install import MongoFakeInstallFlow
from backend.flow.engine.bamboo.scene.mongodb.mongodb_install import MongoDBInstallFlow
from backend.flow.engine.bamboo.scene.mongodb.mongodb_user import MongoUserFlow
from backend.flow.engine.controller.base import BaseController


@@ -48,3 +49,19 @@ def fake_install(self):
"""
flow = MongoFakeInstallFlow(root_id=self.root_id, data=self.ticket_data)
flow.start()

def create_user(self):
"""
创建用户
"""

flow = MongoUserFlow(root_id=self.root_id, data=self.ticket_data)
flow.multi_cluster_user_flow(True)

def delete_user(self):
"""
删除用户
"""

flow = MongoUserFlow(root_id=self.root_id, data=self.ticket_data)
flow.multi_cluster_user_flow(False)
4 changes: 4 additions & 0 deletions dbm-ui/backend/flow/urls.py
Original file line number Diff line number Diff line change
@@ -65,6 +65,8 @@
from backend.flow.views.mongodb_scene import (
ClusterInstallApiView,
MongoBackupApiView,
MongoDBCreateUserView,
MongoDBDeleteUserView,
MongoFakeInstallApiView,
MultiReplicasetInstallApiView,
)
@@ -250,6 +252,8 @@
url(r"^scene/cluster_create$", ClusterInstallApiView.as_view()),
url(r"^scene/mongo_backup$", MongoBackupApiView.as_view()),
url(r"^scene/install_rs_fake$", MongoFakeInstallApiView.as_view()),
url(r"^scene/multi_cluster_create_user$", MongoDBCreateUserView.as_view()),
url(r"^scene/multi_cluster_delete_user$", MongoDBDeleteUserView.as_view()),
# mongodb end
url(r"^scene/install_mysql_apply$", InstallMySQLSingleSceneApiView.as_view()),
url(r"^scene/install_mysql_ha_apply$", InstallMySQLHASceneApiView.as_view()),
22 changes: 13 additions & 9 deletions dbm-ui/backend/flow/utils/mongodb/calculate_cluster.py
Original file line number Diff line number Diff line change
@@ -60,12 +60,12 @@ def replicase_calc(payload: dict, payload_clusters: dict, app: str, domain_prefi
/ node_replica_count
/ 1024
)
if payload["infos"][0]["mongo_machine_set"][0]["storage"].get("/data1"):
if payload["infos"][0]["mongo_machine_set"][0]["storage_device"].get("/data1"):
data_disk = "/data1"
elif payload["infos"][0]["mongo_machine_set"][0]["storage"].get("/data"):
elif payload["infos"][0]["mongo_machine_set"][0]["storage_device"].get("/data"):
data_disk = "/data"
oplog_size_mb = int(
payload["infos"][0]["mongo_machine_set"][0]["storage"].get(data_disk)["size"]
payload["infos"][0]["mongo_machine_set"][0]["storage_device"].get(data_disk)["size"]
* 1024
* oplog_percent
/ node_replica_count
@@ -127,20 +127,24 @@ def cluster_calc(payload: dict, payload_clusters: dict, app: str) -> dict:
payload["nodes"]["mongo_config"][0]["bk_mem"] * MongoDBTotalCache.Cache_Percent / node_replica_count / 1024
)
# shard oplogSizeMB
if payload["nodes"]["mongodb"][0][0]["storage"].get("/data1"):
data_disk = "/data1"
if payload["nodes"]["mongodb"][0][0]["storage_device"].get("/data1"):
data_disk = "/data1"
elif payload["nodes"]["mongodb"][0][0]["storage"].get("/data"):
elif payload["nodes"]["mongodb"][0][0]["storage_device"].get("/data"):
data_disk = "/data"
shard_oplog_size_mb = int(
payload["nodes"]["mongodb"][0][0]["storage"].get(data_disk)["size"] * 1024 * oplog_percent / node_replica_count
payload["nodes"]["mongodb"][0][0]["storage_device"].get(data_disk)["size"]
* 1024
* oplog_percent
/ node_replica_count
)
# config oplogSizeMB
if payload["nodes"]["mongo_config"][0]["storage"].get("/data1"):
if payload["nodes"]["mongo_config"][0]["storage_device"].get("/data1"):
data_disk = "/data1"
elif payload["nodes"]["mongo_config"][0]["storage"].get("/data"):
elif payload["nodes"]["mongo_config"][0]["storage_device"].get("/data"):
data_disk = "/data"
config_oplog_size_mb = int(
payload["nodes"]["mongo_config"][0]["storage"].get(data_disk)["size"] * 1024 * oplog_percent
payload["nodes"]["mongo_config"][0]["storage_device"].get(data_disk)["size"] * 1024 * oplog_percent
)

# 获取全部主机
Loading

0 comments on commit 1034c5a

Please sign in to comment.