Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: IDC windows机器开通前置策略 #2301

Open
1 of 3 tasks
ping15 opened this issue Jun 28, 2024 · 0 comments
Open
1 of 3 tasks

fix: IDC windows机器开通前置策略 #2301

ping15 opened this issue Jun 28, 2024 · 0 comments
Assignees
@ping15 @Huayeaaa
Labels
testing 正在测试验收中

Comments

@ping15
Copy link
Collaborator

ping15 commented Jun 28, 2024

问题描述

简明扼要地描述bug是什么

截屏

请提供截屏来解释你的问题,当然这也能更好地帮助我们理解问题。

请提供以下信息

  • bk-nodeman 版本 (发布版本号 或 git
    tag):
  • 蓝鲸PaaS 版本:
  • bk-nodeman 异常日志:

重现方法

列出如何重现的方法或操作步骤

  1. 转到 '....'
  2. 点击 '....'
  3. 错误现象 '....'

修复

建议的修复方案

修复方案

修复前

class BatchExecutionSolutionMaker(BaseExecutionSolutionMaker):
    def _make(self) -> ExecutionSolution:
        # 1. 准备阶段:创建目录
        create_pre_dirs_step: ExecutionSolutionStep = self.get_create_pre_dirs_step()

        # 2. 依赖下载
        dependencies_step: ExecutionSolutionStep = ExecutionSolutionStep(
            step_type=constants.CommonExecutionSolutionStepType.DEPENDENCIES.value,
            description=str(_("下载依赖文件到 {dest_dir} 下").format(dest_dir=self.dest_dir)),
            contents=[
                ExecutionSolutionStepContent(
                    name=name,
                    text=f"{self.gse_servers_info['package_url']}/{name}",
                    description=str(description),
                    show_description=False,
                )
                for name, description in constants.AgentWindowsDependencies.get_member_value__alias_map().items()
            ],
        )

        dependencies_step.contents.append(
            ExecutionSolutionStepContent(
                name="setup_agent.bat",
                text=f"{self.get_agent_tools_url(self.script_file_name)}",
                description="Install Scripts",
                child_dir=self.agent_setup_info.agent_tools_relative_dir,
                # 在云区域场景下需要实时更新
                always_download=True,
                show_description=False,
            )
        )

        # 3. 执行安装命令
        # download_cmd: str = (
        #     f"{self.dest_dir}curl.exe {self.get_agent_tools_url(self.script_file_name)} "
        #     f"-o {self.dest_dir}{self.script_file_name} -sSfg"
        # )
        # download_cmd = self.adjust_cmd_proxy_config(download_cmd)
        run_cmd: str = f"{self.dest_dir}{self.script_file_name} {' '.join(self.get_run_cmd_base_params())}"

        run_cmds_step: ExecutionSolutionStep = ExecutionSolutionStep(
            step_type=constants.CommonExecutionSolutionStepType.COMMANDS.value,
            description=str(_("执行{setup_type_alias}命令").format(setup_type_alias=self.get_setup_type_alias())),
            contents=[
                # ExecutionSolutionStepContent(
                #     name="download_cmd",
                #     text=download_cmd,
                #     description=str(_("下载{setup_type_alias}脚本").format(setup_type_alias=self.get_setup_type_alias())),
                #     show_description=False,
                # ),
                ExecutionSolutionStepContent(
                    name="run_cmd",
                    text=run_cmd,
                    description=str(_("执行{setup_type_alias}脚本").format(setup_type_alias=self.get_setup_type_alias())),
                    show_description=False,
                ),
            ],
        )

        return ExecutionSolution(
            solution_type=constants.CommonExecutionSolutionType.BATCH.value,
            description=str(
                _("通过 {solution_type_alias} 进行{setup_type_alias}").format(
                    solution_type_alias=constants.CommonExecutionSolutionType.get_member_value__alias_map()[
                        constants.CommonExecutionSolutionType.BATCH.value
                    ],
                    setup_type_alias=self.get_setup_type_alias(),
                )
            ),
            steps=[
                create_pre_dirs_step,
                dependencies_step,
                # 脚本的执行可能会有依赖受限,放置到依赖下载步骤之后
                *self.build_script_hook_steps(),
                run_cmds_step,
            ],
        )

修复后

class BatchExecutionSolutionMaker(BaseExecutionSolutionMaker):
    def build_jump_server_policy_steps(self) -> typing.List[ExecutionSolutionStep]:
        policy_step: typing.List[ExecutionSolutionStep] = []
        
        # 开通开通跳板机17980和17981端口
        jump_server: models.Host = self.gse_servers_info["jump_server"]
        jump_server_lan_ip: str = jump_server.inner_ip or jump_server.inner_ipv6
        if jump_server_lan_ip and not basic.is_v6(jump_server_lan_ip):
            policy_step.append(ExecutionSolutionStep(
                step_type=constants.CommonExecutionSolutionStepType.COMMANDS.value,
                description="开通跳板机17980和17981端口",
                contents=[
                    ExecutionSolutionStepContent(
                        name="run_cmd",
                        text=f'netsh advfirewall firewall show rule name=IEOD_Outbound_NodeMan_Rule_TCP 2>&1 > NUL || '
                             f'netsh advfirewall firewall add rule name=IEOD_Outbound_NodeMan_Rule_TCP dir=out '
                             f'remoteip="{jump_server_lan_ip}/32" protocol=tcp remoteport="17980,17981" '
                             f'profile=public enable=yes action=allow',
                        description="开通跳板机17980和17981端口",
                        show_description=False,
                    ),
                ],
            ))
            
        return policy_step

    def _make(self) -> ExecutionSolution:
        # 1. 准备阶段:创建目录
        create_pre_dirs_step: ExecutionSolutionStep = self.get_create_pre_dirs_step()

        # 2. 依赖下载
        dependencies_step: ExecutionSolutionStep = ExecutionSolutionStep(
            step_type=constants.CommonExecutionSolutionStepType.DEPENDENCIES.value,
            description=str(_("下载依赖文件到 {dest_dir} 下").format(dest_dir=self.dest_dir)),
            contents=[
                ExecutionSolutionStepContent(
                    name=name,
                    text=f"{self.gse_servers_info['package_url']}/{name}",
                    description=str(description),
                    show_description=False,
                )
                for name, description in constants.AgentWindowsDependencies.get_member_value__alias_map().items()
            ],
        )

        dependencies_step.contents.append(
            ExecutionSolutionStepContent(
                name="setup_agent.bat",
                text=f"{self.get_agent_tools_url(self.script_file_name)}",
                description="Install Scripts",
                child_dir=self.agent_setup_info.agent_tools_relative_dir,
                # 在云区域场景下需要实时更新
                always_download=True,
                show_description=False,
            )
        )

        # 3. 执行安装命令
        # download_cmd: str = (
        #     f"{self.dest_dir}curl.exe {self.get_agent_tools_url(self.script_file_name)} "
        #     f"-o {self.dest_dir}{self.script_file_name} -sSfg"
        # )
        # download_cmd = self.adjust_cmd_proxy_config(download_cmd)
        run_cmd: str = f"{self.dest_dir}{self.script_file_name} {' '.join(self.get_run_cmd_base_params())}"

        run_cmds_step: ExecutionSolutionStep = ExecutionSolutionStep(
            step_type=constants.CommonExecutionSolutionStepType.COMMANDS.value,
            description=str(_("执行{setup_type_alias}命令").format(setup_type_alias=self.get_setup_type_alias())),
            contents=[
                # ExecutionSolutionStepContent(
                #     name="download_cmd",
                #     text=download_cmd,
                #     description=str(_("下载{setup_type_alias}脚本").format(setup_type_alias=self.get_setup_type_alias())),
                #     show_description=False,
                # ),
                ExecutionSolutionStepContent(
                    name="run_cmd",
                    text=run_cmd,
                    description=str(_("执行{setup_type_alias}脚本").format(setup_type_alias=self.get_setup_type_alias())),
                    show_description=False,
                ),
            ],
        )

        return ExecutionSolution(
            solution_type=constants.CommonExecutionSolutionType.BATCH.value,
            description=str(
                _("通过 {solution_type_alias} 进行{setup_type_alias}").format(
                    solution_type_alias=constants.CommonExecutionSolutionType.get_member_value__alias_map()[
                        constants.CommonExecutionSolutionType.BATCH.value
                    ],
                    setup_type_alias=self.get_setup_type_alias(),
                )
            ),
            steps=[
                create_pre_dirs_step,
                # 如果是idc windows机器,则开通跳板机的17980和17981端口
                *self.build_jump_server_policy_steps(),
                dependencies_step,
                # 脚本的执行可能会有依赖受限,放置到依赖下载步骤之后
                *self.build_script_hook_steps(),
                run_cmds_step,
            ],
        )

功能自测

代码变更覆盖功能点需要自测并截图

功能点 1

描述代码变更涉及功能点及自测截图

功能点 2

描述代码变更涉及功能点及自测截图

...
@ping15 ping15 added kind/bug 缺陷 backlog 需求初始状态,等待产品进行评估 labels Jun 28, 2024
ping15 pushed a commit that referenced this issue Jun 28, 2024
fix: IDC windows机器开通前置策略 (closed #2301)
891e236
ping15 pushed a commit to ping15/bk-nodeman that referenced this issue Jun 28, 2024
@ping15
fix: IDC windows机器开通前置策略 (closed TencentBlueKing#2301)
c278282
ping15 pushed a commit to ping15/bk-nodeman that referenced this issue Jul 1, 2024
@ping15
fix: IDC windows机器开通前置策略 (closed TencentBlueKing#2301)
d71afc1
ping15 pushed a commit to ping15/bk-nodeman that referenced this issue Jul 1, 2024
@ping15
fix: IDC windows机器开通前置策略 (closed TencentBlueKing#2301)
8ec13f7
@ping15 ping15 added testing 正在测试验收中 and removed kind/bug 缺陷 backlog 需求初始状态,等待产品进行评估 labels Jul 1, 2024
ping15 pushed a commit to ping15/bk-nodeman that referenced this issue Jul 3, 2024
@ping15
fix: IDC windows机器开通前置策略 (closed TencentBlueKing#2301)
403418b
ping15 pushed a commit to ping15/bk-nodeman that referenced this issue Jul 3, 2024
@ping15
fix: IDC windows机器开通前置策略 (closed TencentBlueKing#2301)
d80961e
ping15 pushed a commit to ping15/bk-nodeman that referenced this issue Jul 3, 2024
@ping15
fix: IDC windows机器开通前置策略 (closed TencentBlueKing#2301)
c353b7d
ping15 pushed a commit to ping15/bk-nodeman that referenced this issue Jul 3, 2024
@ping15
fix: IDC windows机器开通前置策略 (closed TencentBlueKing#2301)
2ef3162
ping15 pushed a commit to ping15/bk-nodeman that referenced this issue Jul 4, 2024
@ping15
fix: IDC windows机器开通前置策略 (closed TencentBlueKing#2301)
c33773a
wyyalt pushed a commit that referenced this issue Jul 4, 2024
@wyyalt
fix: IDC windows机器开通前置策略 (closed #2301)
8e98f8b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ping15 ping15

@Huayeaaa Huayeaaa

Labels
testing 正在测试验收中
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ping15 @Huayeaaa