这两天在写运维平台中的ansible命令执行功能,运维平台是php的,尝试了php的exec ?system?passthru?popen等函数,ansible 里面host ssh认证改为www,apache运行用户也为www,各种尝试,最后执行结果返回为空数组,执行 ssh www@192.168.3.169 ‘df -h’这种命令也是成功的,只是执行ansible命令不行,ansible-doc也可以。
<?PHP$cmd="/usr/bin/ansible 192.168.3.169 -m setup";exec($cmd,$result,$Errorcore);var_dump($result);?>
后来想想就换种方式吧,正好ansible-api是python的,就用tornado做个接口,然后php去调用接口执行命令
本文来自:钿畑的博客先简单的写了2个功能,发现用的比较舒服
import tornado.ioloopfrom tornado.options import define, optionsimport tornado.webimport ansible.runnerfrom ansible.inventory import Inventoryimport simplejsonimport hashlibdefine("key", default='d41d8cd98f00b204e9800998ecf8427e')def getmd5(str): m = hashlib.md5() m.update(str) return m.hexdigest()class MainHandler(tornado.web.RequestHandler): def get(self): self.write("Hello, world")class CommandHandler(tornado.web.RequestHandler): def post(self): data = simplejson.loads(self.request.body) badcmd = ['reboot','rm','kill','pkill','shutdown','half','mv','dd','mkfs','wget'] type = data['type'] cmd = data['cmd'] host = data['host'] sign = data['sign'] cmdinfo = cmd.split(" ",1) print type,host,options.key hotkey = type+host+options.key print hotkey result = getmd5(hotkey) print result if sign != result: self.write("Sign is Error") else: if cmdinfo[0] in badcmd: self.write("This is Danger Shell") else: runner = ansible.runner.Runner( module_name=type, module_args=cmd, pattern=host, forks=10 ) datastructure = runner.run() self.write(datastructure)class GetGroupHandler(tornado.web.RequestHandler): def get(self): i = Inventory() groups = i.list_groups() self.write('\n'.join(groups))application = tornado.web.Application([ (r"/", MainHandler), (r"/command", CommandHandler), (r"/getgroup", GetGroupHandler),])if __name__ == "__main__": application.listen(8888) tornado.ioloop.IOLoop.instance().start()
测试方法
代码也可以在这里获取 ?https://github.com/ivonlee/ansible
原文地址:tornado实现ansible api web请求, 感谢原作者分享。 代替你主持夕阳的葬礼。