docker_net.py

#
# -*- coding: utf-8 -*-
#获取路由器下可用ip，分配给各个容器，循环检查分配是否正常

import os
import time
from itertools import islice
import os.path

#网关
ip_gate = "192.168.124.1"
mask = ""

#可用ip列表
ip1 = ""
ip2 = ""
ip3 = ""
ip4 = ""

# docker容器列表
docker_list = ["in1","in2","in3","in4"]

#log
logfile = "/root/cron/docker_net_check.log"

def save_file(file,data,type):
    t = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time()))
    f = open(file, type)
    f.write(str(t))
    f.write(data)
    f.close()

# init 初始化
def init_ip():
    if os.path.isfile("/root/cron/ping_ip.sh"):
        print("init_ip: find ping_ip.sh ok")
    else:
        f = open("/root/cron/ping_ip.sh", "a+")
        f.write("#!/bin/sh\n")
        f.write("for i in `seq 211 229`\n")
        f.write("do\n")
        f.write("ping -c 1 $1$i | grep -q 'ttl=' ||  echo \"$1$i\" &\n")
        f.write("done\n")
        f.close()
        print("init_ip: create ping_ip.sh ok")

    if os.path.isfile("/root/cron/pip_ip.txt"):
        os.remove("/root/cron/pip_ip.txt")
        print("init_ip: del ping_ip.log")

    ping_str = "/usr/bin/ping " + ip_gate +" -c 1 -W 1"
    ping_gateway = os.popen(ping_str)
    strr = ping_gateway.read().find("1 packets transmitted, 1 received")
    print("init_ip: ping test gate:" + str(strr))
    if int(strr) > 0:
        sh_str = "/usr/bin/sh /root/cron/ping_ip.sh " + str(ip_gate[:-1]) + " >> /root/cron/pip_ip.txt"
        os.popen(sh_str)
    else:
        while True:
            print("init_ip: gate err, please check ip_gate")
            # test bad
            time.sleep(1)

# 读取可用ip
def read_ip():
    global ip1
    global ip2
    global ip3
    global ip4
    if os.path.isfile("/root/cron/pip_ip.txt"):
        print("read_ip: find pip_ip.txt")
        for i in range(10):
            f = open("/root/cron/pip_ip.txt", "r")
            ip = f.readlines()
            f.close()
            if len(ip) < 4:
                print("read_ip: -for")
                time.sleep(1)
            else:
                continue

        #print(ip)
        print("read_ip : len(ip)" ,str(len(ip)))
        if len(ip) > 3:
            k = list(islice(ip, 4))
            ip1 = k[0][:-1]
            ip2 = k[1][:-1]
            ip3 = k[2][:-1]
            ip4 = k[3][:-1]
            print(ip1, ip2, ip3, ip4)
        else:
            print("read_ip : ip < 4 ")
            save_file("/root/cron/pip_py.log","  ip < 4 \n","a+")
    else:
        print("read_ip : no find ")
        save_file("/root/cron/pip_py.log", "no find ip.log", "a+")

    print("read_ip: ",ip1,ip2,ip3,ip3)

# 防火墙添加
def firewalld(ip1, ip2, ip3, ip4):
    str1 = "/usr/bin/firewall-cmd --add-forward-port=port=8201:proto=tcp:toport=8080:toaddr=" + str(ip1)
    str2 = "/usr/bin/firewall-cmd --add-forward-port=port=8202:proto=tcp:toport=8080:toaddr=" + str(ip2)
    str3 = "/usr/bin/firewall-cmd --add-forward-port=port=8203:proto=tcp:toport=8080:toaddr=" + str(ip3)
    str4 = "/usr/bin/firewall-cmd --add-forward-port=port=8204:proto=tcp:toport=8080:toaddr=" + str(ip4)
    os.popen("/usr/bin/firewall-cmd --reload")
    os.popen(str1)
    os.popen(str2)
    os.popen(str3)
    os.popen(str4)
    os.popen("/usr/bin/firewall-cmd --list-all")
    print("firewalld :ok")

#重启所有容器
def restart_docker():
    for docker_name in docker_list:
        sh_str = "/usr/bin/docker restart " + docker_name
        r = os.popen(sh_str)
        r = r.read()
    print("restart_docker: ", r)

#使用pipework给容器分配ip
def pipework_ip(docker_name,ip,ip_gate):
    sh_str = "/usr/bin/docker restart " + docker_name
    r = os.popen(sh_str)
    r = r.read()
    print("restart_docker: ", r)

    str1 = "/usr/local/bin/pipework br0 " + docker_name + " " + str(ip) + "/24" + "@" + str(ip_gate)
    os.popen(str1)
    print("pipework_ip: ",docker_name)

#检查ip分配情况，分配失败的容器重新分配
def check():
        sh_str1 = "/usr/bin/docker exec  -i " + "in1" + " sh -c 'ip addr' |grep 'inet 192'"
        sh_str2 = "/usr/bin/docker exec  -i " + "in2" + " sh -c 'ip addr' |grep 'inet 192'"
        sh_str3 = "/usr/bin/docker exec  -i " + "in3" + " sh -c 'ip addr' |grep 'inet 192'"
        sh_str4 = "/usr/bin/docker exec  -i " + "in4" + " sh -c 'ip addr' |grep 'inet 192'"
        r1 = os.popen(sh_str1)
        r1 = r1.read()
        r2 = os.popen(sh_str2)
        r2 = r2.read()
        r3 = os.popen(sh_str3)
        r3 = r3.read()
        r4 = os.popen(sh_str4)
        r4 = r4.read()
        #print("check_net: r.read():",r)

        if "inet 192" in r1:
            print("check: " +"in1" + " net is ok")
        else:
            print("check: " + "in1" + " net is err")
            save_file(logfile, "in1 bad", "a+")
            pipework_ip("in1", ip1, ip_gate)
        if "inet 192" in r2:
            print("check: " +"in2" + " net is ok")
        else:
            print("check: " + "in2" + " net is err")
            save_file(logfile, "in2 bad", "a+")
            pipework_ip("in2", ip2, ip_gate)
        if "inet 192" in r3:
            print("check: " +"in3" + " net is ok")
        else:
            print("check: " + "in3" + " net is err")
            save_file(logfile, "in3 bad", "a+")
            pipework_ip("in3", ip3, ip_gate)
        if "inet 192" in r4:
            print("check: " +"in4" + " net is ok")
        else:
            print("check: " + "in4" + " net is err")
            save_file(logfile, "in4 bad", "a+")
            pipework_ip("in4", ip4, ip_gate)
        time.sleep(1)

#运行
def start():
    init_ip()
    read_ip()
    restart_docker()
    firewalld(ip1, ip2, ip3, ip4)
    while True:
        print("start: check")
        check()
        time.sleep(10)

start()