패브릭 - env.gateway를 통해 호스트 OS 정보 검색

Question

#! /usr/bin/env python 
# -*- coding: utf-8 -*- 

from fabric.api import env, run, sudo, task 
from googleapiclient.discovery import build 
from oauth2client.client import GoogleCredentials 

credentials = GoogleCredentials.get_application_default() 
compute = build('compute', 'v1', credentials=credentials) 
# sets static project 
# project = 'test1' 

env.key_filename = 'google_compute_engine' 
forward_agent = True 

@task 
# gets bastion host and sets env.gateway to be used as ssh gateway 
def ag_get_bh(project): 
    request = compute.instances().aggregatedList(project=project) 
    response = request.execute() 

    for zone, instances in response['items'].items(): 
     for host in instances.get("instances", []): 
      if host['status'] == 'RUNNING': 
       if 'bh' in host['name']: 
        env.gateway = host['networkInterfaces'][0]['accessConfigs'][0]['natIP'] 
      else: 
       print('No bastion host found') 

@task 
# gets running hosts in a single project across all zones 
def ag_get_host(project): 
    request = compute.instances().aggregatedList(project=project) 
    response = request.execute() 

    env.hosts = [] 
    for zone, instances in response['items'].items(): 
     for host in instances.get("instances", []): 
      if host['status'] == 'RUNNING': 
       env.hosts.append(host['name']) 

@task 
# identifies OS platform to be used in sec_update() 
def get_platform(): 
    x = sudo("python -c 'import platform; print(platform.platform())'") 
    if x.failed: 
     raise Exception("Python not installed") 
    else: 
     return x 
    print(x) 

@task 
# runs security updates 
def sec_update(): 
    if 'redhat' or 'centos' in get_platform().lower(): 
     sudo('echo 3 > /proc/sys/vm/drop_caches') 
     sudo('yum -y --disablerepo=rhui* install google-rhui-client-rhel7') 
     sudo('yum update yum -y') 
     sudo('yum update-minimal --security -y') 
    elif 'ubuntu' or 'debian' in get_platform().lower(): 
     sudo('apt-get install unattended-upgrades') 
     sudo('unattended-upgrades –v') 

위의 코드는 내 env.gateway 인 요새 호스트를 얻은 다음 GCP API에서 호스트를 가져 와서 env.hosts를 설정 한 다음 호스트 OS를 확인하고 그런 다음 보안 업데이트를 적용합니다.

ssh 프록시 (env.gateway)를 통해 스크립트를 실행할 때만 get_platform()이 실행되지 않으므로 sec_updates의 if 문이 실행되지 않으므로 OS 고유의 논리가 실행되지 않습니다. 로컬에서 실행될 때 (env.gateway를 사용하지 않음) get_platform()이 제대로 실행됩니다. 어떤 아이디어?

Answer 1

여기에 무슨 일이 일어나고 있는지 확실하게 알 수는 없지만 제대로 작동하고있는 다른 백업 파일에서 스크립트를 복사하여 붙여 넣는 일이 발생했습니다. 관심있는 사람은 다음과 같습니다.

#! /usr/bin/env python 
# -*- coding: utf-8 -*- 

from fabric.api import env, run, sudo, task 
from googleapiclient.discovery import build 
from oauth2client.client import GoogleCredentials 

credentials = GoogleCredentials.get_application_default() 
compute = build('compute', 'v1', credentials=credentials) 

# set to path of private key 
env.key_filename = 'google_compute_engine' 
forward_agent = True 


@task 
# gets bastion host and sets env.gateway to be used as ssh gateway 
def ag_get_bh(project): 
    request = compute.instances().aggregatedList(project=project) 
    response = request.execute() 

    for zone, instances in response['items'].items(): 
     for host in instances.get("instances", []): 
      if host['status'] == 'RUNNING': 
       if 'bh' in host['name']: 
        env.gateway = host['networkInterfaces'][0]['accessConfigs'][0]['natIP'] 
      else: 
       print('No bastion host found') 


@task 
# gets running hosts in a single project across all zones 
def ag_get_host(project): 
    request = compute.instances().aggregatedList(project=project) 
    response = request.execute() 

    env.hosts = [] 
    for zone, instances in response['items'].items(): 
     for host in instances.get("instances", []): 
      if host['status'] == 'RUNNING': 
       env.hosts.append(host['name']) 


@task 
# gets uptime 
def uptime(): 
    run('uptime') 


@task 
# gets disk space 
def disk_space(): 
    run('df -h') 


# gets OS platform to be used in sec_update() 
def get_platform(): 
    x = sudo("python -c 'import platform; print(platform.platform())'") 
    if x.failed: 
     raise Exception("Python not installed") 
    else: 
     return x 

@task 
# runs OS security updates 
def sec_update(): 
    if 'redhat' in get_platform().lower(): 
     sudo('echo 3 > /proc/sys/vm/drop_caches') 
     sudo('yum -y --disablerepo=rhui* install google-rhui-client-rhel7') 
     sudo('yum update yum -y') 
     sudo('yum update-minimal --security -y') 
    elif 'centos' in get_platform().lower(): 
     sudo('echo 3 > /proc/sys/vm/drop_caches') 
     sudo('yum update yum -y') 
     sudo('yum update-minimal --security -y') 
    elif 'ubuntu' or 'debian' in get_platform().lower(): 
     sudo('apt-get install unattended-upgrades') 
     sudo('unattended-upgrades -v') 
    else: 
     print("No supported OS found")