modify network deploy

dsy3502 · zhangjing57 · commit 1d4b3495685c · 2025-08-13T01:51:55.000Z
diff --git a/dingo_command/__init__.py b/dingo_command/__init__.py
@@ -0,0 +1,46 @@
+
+from dingo_command.common.keystone_client import KeystoneClient
+from dingo_command.common.neutron import API as NeutronAPI
+from dingo_command.common import CONF
+
+PROJECT_NAME = "dingo-command"
+NETWORK_NAME = "dingo-command-shared-net"
+NETWORK_CIDR = "172.254.0.0/16"
+
+
+
+def init_openstack_project_and_network():
+    # 初始化项目
+    keystone = KeystoneClient()
+    project = keystone.get_project_by_name(PROJECT_NAME)
+    if not project:
+        project = keystone.create_project(PROJECT_NAME, "default")
+    project_id = project.id
+
+    # 初始化网络
+    neutron_api = NeutronAPI()
+    neutron = neutron_api.get_neutron_client(CONF)
+    # 查询网络是否存在
+    networks = neutron.list_networks(name=NETWORK_NAME).get('networks', [])
+    if not networks:
+        # 创建网络
+        network = neutron.create_network({
+            "network": {
+                "name": NETWORK_NAME,
+                "project_id": project_id,
+                "shared": True
+            }
+        })
+        network_id = network["network"]["id"]
+        # 创建子网
+        subnet = neutron.create_subnet({
+            "subnet": {
+                "name": f"{NETWORK_NAME}-subnet",
+                "network_id": network_id,
+                "ip_version": 4,
+                "cidr": NETWORK_CIDR,
+                "project_id": project_id
+            }
+        })
+# 初始化时自动调用
+init_openstack_project_and_network()
diff --git a/dingo_command/api/k8s/resource.py b/dingo_command/api/k8s/resource.py
@@ -138,6 +138,33 @@ async def list_resources(
     #将resources转为json返回
     return resources
 
+@router.get("/k8s/{resource}/list", summary="查询资源列表", description="查询资源列表")
+async def list_resources(
+    cluster_id:str = Query(None, description="集群id"),
+    resource: str = Path(..., description="Kubernetes 资源类型"),
+    search_terms: str = Query(None, description="搜索关键词"),
+    page: str = Query(None, description="页码"),
+    page_size: str = Query(None, description="每页大小"),
+    sort_by: str = Query(None, description="排序字段"),
+    sort_order: str = Query(None, description="排序顺序"),
+    token: str = Depends(get_token),
+):
+    k8sclient = get_k8s_client_by_cluster(cluster_id)
+    #将search_terms按照逗号分开
+    search_terms_list = search_terms.split(",") if search_terms else []
+    resources = k8sclient.list_resource(
+        resource_type=resource,
+        search_terms=search_terms_list,
+        page=page,
+        page_size=page_size,
+        sort_by=sort_by,
+        sort_order=sort_order
+    )
+    if resources is None:
+        raise HTTPException(status_code=500, detail=f"查询资源 '{resource}' 失败。")
+    #将resources转为json返回
+    return resources
+
 @router.get("/k8s/namespace/{namespace}/{resource}/{name}", summary="查询资源", description="查询资源")
 async def get_resources(
     cluster_id:str = Query(None, description="集群id"),
diff --git a/dingo_command/celery_api/workers.py b/dingo_command/celery_api/workers.py
@@ -31,6 +31,7 @@
 from dingo_command.services import CONF as ServiceConf
 from dingo_command.common.nova_client import NovaClient
 from dingo_command.common import neutron
+from dingo_command.common.network import init_cluster_network 
 from dingo_command.common.cinder_client import CinderClient
 from celery.exceptions import SoftTimeLimitExceeded
 
@@ -331,7 +332,7 @@ def create_infrastructure(cluster:ClusterTFVarsObject, task_info:Taskinfo, scale
                 db_cluster.bus_network_cidr = bus_subnet.get("cidr")
             #db_cluster.status = "running"
             ClusterSQL.update_cluster(db_cluster)
-
+        init_cluster_network()
         # 更新任务状态为"成功"
         task_info.end_time = datetime.fromtimestamp(datetime.now().timestamp())
         task_info.state = "success"
diff --git a/dingo_command/common/__init__.py b/dingo_command/common/__init__.py
@@ -55,7 +55,7 @@
 CONF.register_group(cloudkitty_group)
 CONF.register_opts(cloudkitty_opts, cloudkitty_group)
 
-# nova的配置信息
+# cinder的配置信息
 cinder_group = cfg.OptGroup(name='cinder', title='cinder conf data')
 cinder_opts = [
     cfg.StrOpt( 'auth_url', default='http://10.220.56.254:5000', help='auth url'),
@@ -71,6 +71,39 @@
 CONF.register_group(cinder_group)
 CONF.register_opts(cinder_opts, cinder_group)
 
+# keystone的配置信息
+keystone_group = cfg.OptGroup(name='keystone', title='keystone conf data')
+keystone_opts = [
+    cfg.StrOpt( 'auth_url', default='http://10.220.56.254:5000', help='auth url'),
+    cfg.StrOpt( 'auth_type', default="password", help='auth type'),
+    cfg.StrOpt( 'project_domain', default="default", help='project domain'),
+    cfg.StrOpt( 'user_domain', default='default', help='user domain'),
+    cfg.StrOpt( 'project_name', default='service', help='project name'),
+    cfg.StrOpt( 'user_name', default='nova', help='user name'),
+    cfg.StrOpt( 'password', default='XModTf5fcvUw7aAr3CUBBVdO38WQS15QQwNqVjGJ', help='password'),
+    cfg.StrOpt( 'region_name', default='RegionOne', help='region name'),
+]
+# 注册nova配置
+CONF.register_group(keystone_group)
+CONF.register_opts(keystone_opts, keystone_group)
+
+default_group = cfg.OptGroup(name='default', title='default conf data')
+
+default_opts = [
+    cfg.StrOpt('controller_nodes', default=None, help='the openstack controller nodes'),
+    cfg.StrOpt('my_ip', default=None, help='the openstack host ip'),
+    cfg.StrOpt('transport_url', default=None, help='the openstack rabbit mq url'),
+    cfg.StrOpt('center_transport_url', default=None, help='the region one openstack rabbit mq url'),
+    cfg.BoolOpt('center_region_flag', default=False, help='the region is center region'),
+    cfg.StrOpt('region_name', default=None, help='the openstack region name'),
+    cfg.StrOpt('cluster_work_dir', default='/var/lib/dingo-command', help='the openstack region name'),
+    cfg.StrOpt('auth_url', default=None, help='the openstack region name'),
+    cfg.StrOpt('k8s_master_image', default=None, help='the master image id'),
+    cfg.StrOpt('k8s_master_flavor', default=None, help='the master flavor name')
+]
+CONF.register_group(default_group)
+CONF.register_opts(default_opts, default_group)
+
 # 注册neutron配置
 neutron_group = cfg.OptGroup(name='neutron', title='neutron conf data')
 CONF.register_group(neutron_group)
diff --git a/dingo_command/common/keystone_client.py b/dingo_command/common/keystone_client.py
@@ -0,0 +1,36 @@
+from keystoneauth1 import loading, session
+from keystoneclient.v3 import client as keystone_client
+from dingo_command.common import CONF
+
+class KeystoneClient:
+    def __init__(self, conf=CONF):
+        # 从conf中加载keystone认证信息
+        loader = loading.get_plugin_loader('password')
+        auth = loader.load_from_options(
+            auth_url=conf.keystone.auth_url,
+            username=conf.keystone.user_name,
+            password=conf.keystone.password,
+            project_name=conf.keystone.project_name,
+            user_domain_name=getattr(conf.keystone, 'user_domain_name', 'Default'),
+            project_domain_name=getattr(conf.keystone, 'project_domain_name', 'Default')
+        )
+        sess = session.Session(auth=auth)
+        self.client = keystone_client.Client(session=sess)
+
+    def get_project_by_name(self, name):
+        """
+        根据项目名称查询项目
+        """
+        projects = self.client.projects.list(name=name)
+        return projects[0] if projects else None
+
+    def create_project(self, name, domain=None, description=None):
+        """
+        创建新项目
+        """
+        domain = domain or self.client.session.get_project_domain_id()
+        return self.client.projects.create(
+            name=name,
+            domain=domain,
+            description=description
+        )
diff --git a/dingo_command/common/network.py b/dingo_command/common/network.py
@@ -0,0 +1,121 @@
+from dingo_command.common.neutron import API as NeutronAPI
+from dingo_command.common.nova_client import NovaClient
+from dingo_command.common import CONF
+import subprocess
+
+def get_controller_nodes():
+    #获取openstack的所有主节点
+    control_nodes = CONF.default.controller_nodes
+    if not control_nodes:
+        raise Exception("No control nodes configured in the dingo-command configuration.")
+    control_nodes = control_nodes.split(',')
+    
+    return control_nodes 
+
+def get_network_ports(network_name):
+    neutron_api = NeutronAPI()
+    neutron = neutron_api.get_neutron_client(CONF)
+    networks = neutron.list_networks(name=network_name).get('networks', [])
+    if not networks:
+        raise Exception(f"Network {network_name} not found")
+    network_id = networks[0]['id']
+    ports = neutron.list_ports(network_id=network_id).get('ports', [])
+    if not ports:
+        return None
+    return ports[0]
+
+def assign_ports_to_ovs(port):
+    iface = port['name']
+    mac = port['mac_address']
+    iface_id = port['id']
+    ip_addr = port['fixed_ips'][0]['ip_address']
+    # 这里假设/24，实际应根据子网信息获取
+    cmd = (
+        f"ovs-vsctl --may-exist add-port br-int {iface} "
+        f"-- set Interface {iface} type=internal "
+        f"-- set Interface {iface} external-ids:iface-status=active "
+        f"-- set Interface {iface} external-ids:attached-mac={mac} "
+        f"-- set Interface {iface} external-ids:iface-id={iface_id} && "
+        f"ip link set dev {iface} address {mac} && "
+        f"ip addr add {ip_addr}/24 dev {iface} && "
+        f"ip link set {iface} up"
+    )
+    subprocess.run(cmd, shell=True, check=True)
+
+
+
+
+def connect_network_to_vpc(project_id:str):
+    """
+    将 dingo-command-shared-net 网络连接到用户 project 的路由上
+    """
+    neutron_api = NeutronAPI()
+    neutron = neutron_api.get_neutron_client(CONF)
+    # 获取 dingo-command-shared-net 网络
+    networks = neutron.list_networks(name="dingo-command-shared-net").get('networks', [])
+    if not networks:
+        raise Exception("dingo-command-shared-net 网络不存在")
+    network_id = networks[0]['id']
+    # 获取该网络的子网
+    subnets = neutron.list_subnets(network_id=network_id).get('subnets', [])
+    if not subnets:
+        raise Exception("dingo-command-shared-net 没有子网")
+    subnet_id = subnets[0]['id']
+    # 获取名为cluster-router的路由器,根据project过滤
+    port_ip = ""
+    routers = neutron.list_routers(project_id=project_id).get('routers', [])
+    for router in routers:
+        if router['name'] != 'cluster-router':
+            continue
+        # 检查是否已连接
+        ports = neutron.list_ports(device_id=router['id'], network_id=network_id).get('ports', [])
+        if not ports:
+            # 添加接口到路由器
+            neutron.add_interface_router(router['id'], {'subnet_id': subnet_id})
+            #获取添加到路由器上的port的ip
+            ports = neutron.list_ports(device_id=router['id'], network_id=network_id).get('ports', [])
+            for port in ports:
+                print(f"路由器{router['name']} ({router['id']}) 上的端口 {port['name']} ({port['id']}) 的IP地址为 {port['fixed_ips'][0]['ip_address']}")
+            print(f"已将子网{subnet_id}连接到路由器{router['name']} ({router['id']})")
+        else:
+            print(f"路由器{router['name']} ({router['id']}) 已连接该网络")
+        port_ip = ports[0]['fixed_ips'][0]['ip_address']
+    #返回vpc子网的cidr
+    return subnets[0]['cidr'],port_ip
+
+def init_cluster_network(project_id:str, subnet_id:str):
+    # 初始化网络配置
+    controller_nodes = get_controller_nodes()
+    cidr, port_ip = connect_network_to_vpc(project_id)
+    index = 1
+    # 根据subnet_id获取网络的cidr
+    subnet = neutron_api.get_subnet_by_id(subnet_id)
+    cidr = subnet.get('cidr', cidr)
+    print(f"VPC子网的CIDR为 {cidr}")
+    for node in controller_nodes:
+        print(f"正在初始化控制节点 {node['name']} 的网络配置...")
+        #创建port
+        port = get_network_ports("dingo-port-" + index)
+
+        if not port:
+            print(f"控制节点 {node['name']} 没有找到相关网络端口，尝试创建...")
+            # 如果没有端口，可能需要创建一个新的端口
+            neutron_api = NeutronAPI()
+            neutron = neutron_api.get_neutron_client(CONF)
+            network_id = neutron.list_networks(name="dingo-command-shared-net").get('networks', [])[0]['id']
+            port = neutron.create_port({
+                "port": {
+                    "network_id": network_id,
+                    "name": "dingo-port-" + index,
+                    "admin_state_up": True
+                }
+            })
+
+        # 将端口分配到 OVS
+        assign_ports_to_ovs(port)
+        print(f"控制节点 {node['name']} 的网络端口已分配到 OVS")    
+        cmd = f"ip route add {node['name']} {cidr} via {port_ip} dev dingo-port-{node['name']}"
+        subprocess.run(cmd, shell=True, check=True)
+    
+    print("网络初始化完成，dingo-command-shared-net 已连接到 VPC 路由上。")
+
diff --git a/dingo_command/common/neutron.py b/dingo_command/common/neutron.py
@@ -7,7 +7,7 @@
 from neutronclient.v2_0 import client as neutron_client
 from keystoneauth1 import loading
 from keystoneauth1 import session
-from dingo_command.services import CONF
+from dingo_command.common import CONF
 
 class API:
     
@@ -17,7 +17,7 @@ def get_neutron_client(self, conf) -> neutron_client.Client:
         
         参数:
             auth_url: Keystone认证URL
-            username: 用户名
+            user_name: 用户名
             password: 密码
             project_name: 项目名称
             project_domain_name: 项目域名称，默认为'Default'
@@ -28,8 +28,6 @@ def get_neutron_client(self, conf) -> neutron_client.Client:
             neutron_client.Client: Neutron客户端实例
         """
         # 优先使用传入的参数，否则从环境变量获取
-        sss = conf["neutron"]
-        nb = conf["neutron"].auth_section
         region_name = conf.neutron.region_name
 
         auth_plugin = loading.load_auth_from_conf_options(conf,
diff --git a/dingo_command/common/nova_client.py b/dingo_command/common/nova_client.py
@@ -184,3 +184,16 @@ def nova_create_server(self, name, image_id, flavor_id, network_id, security_gro
             raise Exception(f"创建失败[HTTP {response.status_code}]: {response.text}")
         return response.json()['server']
 
+    def get_controller_nodes(self):
+        # 获取控制节点列表
+        nova = NovaClient()
+        endpoint = nova.get_service_endpoint('compute')
+        # 获取所有服务
+        response = nova.session.get(f"{endpoint}/os-services")
+        if response.status_code != 200:
+            raise Exception(f"获取nova服务失败: {response.text}")
+        services = response.json().get('services', [])
+        # 过滤出控制节点服务
+        controller_binaries = {"nova-scheduler", "nova-conductor", "nova-api"}
+        controller_hosts = set(s['host'] for s in services if s['binary'] in controller_binaries)
+        return list(controller_hosts)
diff --git a/dingo_command/common/test_neutron.py b/dingo_command/common/test_neutron.py
@@ -3,10 +3,22 @@
 
 from dingo_command.utils.neutron import API as neutron
 from dingo_command.common.cinder_client import CinderClient
+from dingo_command.common.network import init_cluster_network
 from dingo_command.services import CONF
 
 
 class TestNeutron(unittest.TestCase):
+    def test_init_cluster_network(self):
+        """
+        测试 init_cluster_network 方法
+        """
+        # 假设有一个测试 project_id
+        test_project_id = "0ad6b7751e904a35a9e99afaf1da416a"
+        try:
+            init_cluster_network(test_project_id, "68ebc544-0f4f-4fce-8106-7c1c31fbae4c")
+            print("init_cluster_network 测试通过")
+        except Exception as e:
+            print(f"init_cluster_network 测试失败: {e}")
 
     def test_list_external_networks(self):
         # 准备模拟数据
