EdgeAPI/internal/installers/installer_base.go

package installers

import (
	"errors"
	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
	"github.com/iwind/TeaGo/Tea"
	stringutil "github.com/iwind/TeaGo/utils/string"
	"golang.org/x/crypto/ssh"
	"net"
	"path/filepath"
	"regexp"
	"strconv"
	"strings"
	"time"
)

type BaseInstaller struct {
	client *SSHClient
}

// Login 登录SSH服务
func (this *BaseInstaller) Login(credentials *Credentials) error {
	var hostKeyCallback ssh.HostKeyCallback = nil

	// 检查参数
	if len(credentials.Host) == 0 {
		return errors.New("'host' should not be empty")
	}
	if credentials.Port <= 0 {
		return errors.New("'port' should be greater than 0")
	}
	if len(credentials.Password) == 0 && len(credentials.PrivateKey) == 0 {
		return errors.New("require user 'password' or 'privateKey'")
	}

	// 不使用known_hosts
	if hostKeyCallback == nil {
		hostKeyCallback = func(hostname string, remote net.Addr, key ssh.PublicKey) error {
			return nil
		}
	}

	// 认证
	var methods = []ssh.AuthMethod{}
	if credentials.Method == "user" {
		{
			var authMethod = ssh.Password(credentials.Password)
			methods = append(methods, authMethod)
		}

		{
			authMethod := ssh.KeyboardInteractive(func(user, instruction string, questions []string, echos []bool) (answers []string, err error) {
				if len(questions) == 0 {
					return []string{}, nil
				}
				return []string{credentials.Password}, nil
			})
			methods = append(methods, authMethod)
		}
	} else if credentials.Method == "privateKey" {
		var signer ssh.Signer
		var err error
		if len(credentials.Passphrase) > 0 {
			signer, err = ssh.ParsePrivateKeyWithPassphrase([]byte(credentials.PrivateKey), []byte(credentials.Passphrase))
		} else {
			signer, err = ssh.ParsePrivateKey([]byte(credentials.PrivateKey))
		}
		if err != nil {
			return errors.New("parse private key: " + err.Error())
		}
		authMethod := ssh.PublicKeys(signer)
		methods = append(methods, authMethod)
	} else {
		return errors.New("invalid method '" + credentials.Method + "'")
	}

	// SSH客户端
	if len(credentials.Username) == 0 {
		credentials.Username = "root"
	}
	var config = &ssh.ClientConfig{
		User:            credentials.Username,
		Auth:            methods,
		HostKeyCallback: hostKeyCallback,
		Timeout:         5 * time.Second, // TODO 后期可以设置这个超时时间
	}

	sshClient, err := ssh.Dial("tcp", configutils.QuoteIP(credentials.Host)+":"+strconv.Itoa(credentials.Port), config)
	if err != nil {
		return err
	}
	client, err := NewSSHClient(sshClient)
	if err != nil {
		return err
	}

	if credentials.Sudo {
		client.Sudo(credentials.Password)
	}

	this.client = client

	return nil
}

// Close 关闭SSH服务
func (this *BaseInstaller) Close() error {
	if this.client != nil {
		return this.client.Close()
	}

	return nil
}

// LookupLatestInstaller 查找最新的版本的文件
func (this *BaseInstaller) LookupLatestInstaller(filePrefix string) (string, error) {
	matches, err := filepath.Glob(Tea.Root + Tea.DS + "deploy" + Tea.DS + "*.zip")
	if err != nil {
		return "", err
	}

	pattern, err := regexp.Compile(filePrefix + `-v([\d.]+)\.zip`)
	if err != nil {
		return "", err
	}

	lastVersion := ""
	result := ""
	for _, match := range matches {
		baseName := filepath.Base(match)
		if !pattern.MatchString(baseName) {
			continue
		}
		m := pattern.FindStringSubmatch(baseName)
		if len(m) < 2 {
			continue
		}
		version := m[1]
		if len(lastVersion) == 0 || stringutil.VersionCompare(version, lastVersion) > 0 {
			lastVersion = version
			result = match
		}
	}
	return result, nil
}

// InstallHelper 上传安装助手
func (this *BaseInstaller) InstallHelper(targetDir string, role nodeconfigs.NodeRole) (env *Env, err error) {
	uname, stderr, err := this.client.Exec("/usr/bin/uname -a")
	if err != nil {
		return env, err
	}

	if len(uname) == 0 {
		return nil, errors.New("unable to execute 'uname -a' on this system: " + stderr)
	}

	osName := ""
	archName := ""
	if strings.Contains(uname, "Darwin") {
		osName = "darwin"
	} else if strings.Contains(uname, "Linux") {
		osName = "linux"
	} else {
		// TODO 支持freebsd, aix ...
		return env, errors.New("installer not supported os '" + uname + "'")
	}

	if strings.Contains(uname, "aarch64") || strings.Contains(uname, "armv8") {
		archName = "arm64"
	} else if strings.Contains(uname, "aarch64_be") {
		archName = "arm64be"
	} else if strings.Contains(uname, "mips64el") {
		archName = "mips64le"
	} else if strings.Contains(uname, "mips64") {
		archName = "mips64"
	} else if strings.Contains(uname, "x86_64") {
		archName = "amd64"
	} else {
		archName = "386"
	}

	var exeName = "edge-installer-helper-" + osName + "-" + archName
	switch role {
	case nodeconfigs.NodeRoleDNS:
		exeName = "edge-installer-dns-helper-" + osName + "-" + archName
	}
	var exePath = Tea.Root + "/installers/" + exeName

	var realHelperPath = ""

	var firstCopyErr error
	for _, path := range []string{
		targetDir + "/" + exeName,
		this.client.UserHome() + "/" + exeName,
		"/tmp/" + exeName,
	} {
		err = this.client.Copy(exePath, path, 0777)
		if err != nil {
			if firstCopyErr == nil {
				firstCopyErr = err
			}
		} else {
			err = nil
			firstCopyErr = nil
			realHelperPath = path
			break
		}
	}
	if firstCopyErr != nil {
		return env, errors.New("copy '" + exeName + "' to '" + targetDir + "' failed: " + firstCopyErr.Error())
	}

	env = &Env{
		OS:         osName,
		Arch:       archName,
		HelperPath: realHelperPath,
	}
	return env, nil
}
阶段性提交 2020-09-06 16:19:54 +08:00			`package installers`

			`import (`
			`"errors"`
在各个地方支持IPv6 2021-07-20 10:55:34 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/configutils"`
修复边缘节点和DNS节点安装文件冲突的问题 2021-08-11 21:14:01 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"`
阶段性提交 2020-09-06 16:19:54 +08:00			`"github.com/iwind/TeaGo/Tea"`
			`stringutil "github.com/iwind/TeaGo/utils/string"`
			`"golang.org/x/crypto/ssh"`
			`"net"`
			`"path/filepath"`
			`"regexp"`
			`"strconv"`
			`"strings"`
			`"time"`
			`)`

			`type BaseInstaller struct {`
			`client *SSHClient`
			`}`

在各个地方支持IPv6 2021-07-20 10:55:34 +08:00			`// Login 登录SSH服务`
阶段性提交 2020-09-06 16:19:54 +08:00			`func (this BaseInstaller) Login(credentials Credentials) error {`
			`var hostKeyCallback ssh.HostKeyCallback = nil`

			`// 检查参数`
			`if len(credentials.Host) == 0 {`
			`return errors.New("'host' should not be empty")`
			`}`
			`if credentials.Port <= 0 {`
			`return errors.New("'port' should be greater than 0")`
			`}`
			`if len(credentials.Password) == 0 && len(credentials.PrivateKey) == 0 {`
			`return errors.New("require user 'password' or 'privateKey'")`
			`}`

			`// 不使用known_hosts`
			`if hostKeyCallback == nil {`
			`hostKeyCallback = func(hostname string, remote net.Addr, key ssh.PublicKey) error {`
			`return nil`
			`}`
			`}`

			`// 认证`
节点离线时尝试自动通过API节点远程启动 2022-09-17 10:18:00 +08:00			`var methods = []ssh.AuthMethod{}`
SSH认证--私钥认证方式增加用户名选项 2021-06-30 14:56:36 +08:00			`if credentials.Method == "user" {`
阶段性提交 2020-09-06 16:19:54 +08:00			`{`
节点离线时尝试自动通过API节点远程启动 2022-09-17 10:18:00 +08:00			`var authMethod = ssh.Password(credentials.Password)`
阶段性提交 2020-09-06 16:19:54 +08:00			`methods = append(methods, authMethod)`
			`}`

			`{`
			`authMethod := ssh.KeyboardInteractive(func(user, instruction string, questions []string, echos []bool) (answers []string, err error) {`
			`if len(questions) == 0 {`
			`return []string{}, nil`
			`}`
			`return []string{credentials.Password}, nil`
			`})`
			`methods = append(methods, authMethod)`
			`}`
SSH认证--私钥认证方式增加用户名选项 2021-06-30 14:56:36 +08:00			`} else if credentials.Method == "privateKey" {`
SSH登录支持Passphrase 2021-11-06 15:31:01 +08:00			`var signer ssh.Signer`
			`var err error`
			`if len(credentials.Passphrase) > 0 {`
			`signer, err = ssh.ParsePrivateKeyWithPassphrase([]byte(credentials.PrivateKey), []byte(credentials.Passphrase))`
			`} else {`
			`signer, err = ssh.ParsePrivateKey([]byte(credentials.PrivateKey))`
			`}`
阶段性提交 2020-09-06 16:19:54 +08:00			`if err != nil {`
			`return errors.New("parse private key: " + err.Error())`
			`}`
			`authMethod := ssh.PublicKeys(signer)`
			`methods = append(methods, authMethod)`
SSH认证--私钥认证方式增加用户名选项 2021-06-30 14:56:36 +08:00			`} else {`
			`return errors.New("invalid method '" + credentials.Method + "'")`
阶段性提交 2020-09-06 16:19:54 +08:00			`}`

			`// SSH客户端`
SSH认证--私钥认证方式增加用户名选项 2021-06-30 14:56:36 +08:00			`if len(credentials.Username) == 0 {`
			`credentials.Username = "root"`
			`}`
节点离线时尝试自动通过API节点远程启动 2022-09-17 10:18:00 +08:00			`var config = &ssh.ClientConfig{`
阶段性提交 2020-09-06 16:19:54 +08:00			`User: credentials.Username,`
			`Auth: methods,`
			`HostKeyCallback: hostKeyCallback,`
			`Timeout: 5 * time.Second, // TODO 后期可以设置这个超时时间`
			`}`

在各个地方支持IPv6 2021-07-20 10:55:34 +08:00			`sshClient, err := ssh.Dial("tcp", configutils.QuoteIP(credentials.Host)+":"+strconv.Itoa(credentials.Port), config)`
阶段性提交 2020-09-06 16:19:54 +08:00			`if err != nil {`
			`return err`
			`}`
			`client, err := NewSSHClient(sshClient)`
			`if err != nil {`
			`return err`
			`}`
SSH认证支持sudo 2021-12-06 19:27:11 +08:00
			`if credentials.Sudo {`
			`client.Sudo(credentials.Password)`
			`}`

阶段性提交 2020-09-06 16:19:54 +08:00			`this.client = client`
SSH认证支持sudo 2021-12-06 19:27:11 +08:00
阶段性提交 2020-09-06 16:19:54 +08:00			`return nil`
			`}`

在各个地方支持IPv6 2021-07-20 10:55:34 +08:00			`// Close 关闭SSH服务`
阶段性提交 2020-09-06 16:19:54 +08:00			`func (this *BaseInstaller) Close() error {`
			`if this.client != nil {`
			`return this.client.Close()`
			`}`

			`return nil`
			`}`

在各个地方支持IPv6 2021-07-20 10:55:34 +08:00			`// LookupLatestInstaller 查找最新的版本的文件`
阶段性提交 2020-09-06 16:19:54 +08:00			`func (this *BaseInstaller) LookupLatestInstaller(filePrefix string) (string, error) {`
			`matches, err := filepath.Glob(Tea.Root + Tea.DS + "deploy" + Tea.DS + "*.zip")`
			`if err != nil {`
			`return "", err`
			`}`

			pattern, err := regexp.Compile(filePrefix + `-v([\d.]+)\.zip`)
			`if err != nil {`
			`return "", err`
			`}`

			`lastVersion := ""`
			`result := ""`
			`for _, match := range matches {`
			`baseName := filepath.Base(match)`
			`if !pattern.MatchString(baseName) {`
			`continue`
			`}`
			`m := pattern.FindStringSubmatch(baseName)`
			`if len(m) < 2 {`
			`continue`
			`}`
			`version := m[1]`
			`if len(lastVersion) == 0 \|\| stringutil.VersionCompare(version, lastVersion) > 0 {`
			`lastVersion = version`
			`result = match`
			`}`
			`}`
			`return result, nil`
			`}`

在各个地方支持IPv6 2021-07-20 10:55:34 +08:00			`// InstallHelper 上传安装助手`
修复边缘节点和DNS节点安装文件冲突的问题 2021-08-11 21:14:01 +08:00			`func (this BaseInstaller) InstallHelper(targetDir string, role nodeconfigs.NodeRole) (env Env, err error) {`
提升ssh sudo安装的稳定性 2022-11-18 15:44:53 +08:00			`uname, stderr, err := this.client.Exec("/usr/bin/uname -a")`
阶段性提交 2020-09-06 16:19:54 +08:00			`if err != nil {`
			`return env, err`
			`}`

SSH认证支持sudo 2021-12-06 19:27:11 +08:00			`if len(uname) == 0 {`
提升ssh sudo安装的稳定性 2022-11-18 15:44:53 +08:00			`return nil, errors.New("unable to execute 'uname -a' on this system: " + stderr)`
SSH认证支持sudo 2021-12-06 19:27:11 +08:00			`}`

阶段性提交 2020-09-06 16:19:54 +08:00			`osName := ""`
			`archName := ""`
增加服务分组管理，增加多个CPU架构支持 2020-10-29 20:53:40 +08:00			`if strings.Contains(uname, "Darwin") {`
阶段性提交 2020-09-06 16:19:54 +08:00			`osName = "darwin"`
增加服务分组管理，增加多个CPU架构支持 2020-10-29 20:53:40 +08:00			`} else if strings.Contains(uname, "Linux") {`
阶段性提交 2020-09-06 16:19:54 +08:00			`osName = "linux"`
			`} else {`
			`// TODO 支持freebsd, aix ...`
			`return env, errors.New("installer not supported os '" + uname + "'")`
			`}`

增加服务分组管理，增加多个CPU架构支持 2020-10-29 20:53:40 +08:00			`if strings.Contains(uname, "aarch64") \|\| strings.Contains(uname, "armv8") {`
			`archName = "arm64"`
			`} else if strings.Contains(uname, "aarch64_be") {`
			`archName = "arm64be"`
			`} else if strings.Contains(uname, "mips64el") {`
			`archName = "mips64le"`
			`} else if strings.Contains(uname, "mips64") {`
			`archName = "mips64"`
			`} else if strings.Contains(uname, "x86_64") {`
阶段性提交 2020-09-06 16:19:54 +08:00			`archName = "amd64"`
			`} else {`
			`archName = "386"`
			`}`

提升ssh sudo安装的稳定性 2022-11-18 15:44:53 +08:00			`var exeName = "edge-installer-helper-" + osName + "-" + archName`
修复边缘节点和DNS节点安装文件冲突的问题 2021-08-11 21:14:01 +08:00			`switch role {`
			`case nodeconfigs.NodeRoleDNS:`
			`exeName = "edge-installer-dns-helper-" + osName + "-" + archName`
			`}`
提升ssh sudo安装的稳定性 2022-11-18 15:44:53 +08:00			`var exePath = Tea.Root + "/installers/" + exeName`
阶段性提交 2020-09-06 16:19:54 +08:00
提升ssh sudo安装的稳定性 2022-11-18 15:44:53 +08:00			`var realHelperPath = ""`

			`var firstCopyErr error`
			`for _, path := range []string{`
			`targetDir + "/" + exeName,`
			`this.client.UserHome() + "/" + exeName,`
			`"/tmp/" + exeName,`
			`} {`
			`err = this.client.Copy(exePath, path, 0777)`
			`if err != nil {`
			`if firstCopyErr == nil {`
			`firstCopyErr = err`
			`}`
			`} else {`
			`err = nil`
			`firstCopyErr = nil`
			`realHelperPath = path`
			`break`
			`}`
			`}`
			`if firstCopyErr != nil {`
			`return env, errors.New("copy '" + exeName + "' to '" + targetDir + "' failed: " + firstCopyErr.Error())`
阶段性提交 2020-09-06 16:19:54 +08:00			`}`

			`env = &Env{`
			`OS: osName,`
			`Arch: archName,`
提升ssh sudo安装的稳定性 2022-11-18 15:44:53 +08:00			`HelperPath: realHelperPath,`
阶段性提交 2020-09-06 16:19:54 +08:00			`}`
			`return env, nil`
			`}`