# # -*- coding: utf-8 -*- #获取路由器下可用ip，分配给各个容器，循环检查分配是否正常 import os import time from itertools import islice import os.path #网关 ip_gate = "192.168.124.1" mask = "" #可用ip列表 ip1 = "" ip2 = "" ip3 = "" ip4 = "" # docker容器列表 docker_list = ["in1","in2","in3","in4"] #log logfile = "/root/cron/docker_net_check.log" def save_file(file,data,type): t = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(time.time())) f = open(file, type) f.write(str(t)) f.write(data) f.close() # init 初始化 def init_ip(): if os.path.isfile("/root/cron/ping_ip.sh"): print("init_ip: find ping_ip.sh ok") else: f = open("/root/cron/ping_ip.sh", "a+") f.write("#!/bin/sh\n") f.write("for i in `seq 211 229`\n") f.write("do\n") f.write("ping -c 1 $1$i | grep -q 'ttl=' || echo \"$1$i\" &\n") f.write("done\n") f.close() print("init_ip: create ping_ip.sh ok") if os.path.isfile("/root/cron/pip_ip.txt"): os.remove("/root/cron/pip_ip.txt") print("init_ip: del ping_ip.log") ping_str = "/usr/bin/ping " + ip_gate +" -c 1 -W 1" ping_gateway = os.popen(ping_str) strr = ping_gateway.read().find("1 packets transmitted, 1 received") print("init_ip: ping test gate:" + str(strr)) if int(strr) > 0: sh_str = "/usr/bin/sh /root/cron/ping_ip.sh " + str(ip_gate[:-1]) + " >> /root/cron/pip_ip.txt" os.popen(sh_str) else: while True: print("init_ip: gate err, please check ip_gate") # test bad time.sleep(1) # 读取可用ip def read_ip(): global ip1 global ip2 global ip3 global ip4 if os.path.isfile("/root/cron/pip_ip.txt"): print("read_ip: find pip_ip.txt") for i in range(10): f = open("/root/cron/pip_ip.txt", "r") ip = f.readlines() f.close() if len(ip) < 4: print("read_ip: -for") time.sleep(1) else: continue #print(ip) print("read_ip : len(ip)" ,str(len(ip))) if len(ip) > 3: k = list(islice(ip, 4)) ip1 = k[0][:-1] ip2 = k[1][:-1] ip3 = k[2][:-1] ip4 = k[3][:-1] print(ip1, ip2, ip3, ip4) else: print("read_ip : ip < 4 ") save_file("/root/cron/pip_py.log"," ip < 4 \n","a+") else: print("read_ip : no find ") save_file("/root/cron/pip_py.log", "no find ip.log", "a+") print("read_ip: ",ip1,ip2,ip3,ip3) # 防火墙添加 def firewalld(ip1, ip2, ip3, ip4): str1 = "/usr/bin/firewall-cmd --add-forward-port=port=8201:proto=tcp:toport=8080:toaddr=" + str(ip1) str2 = "/usr/bin/firewall-cmd --add-forward-port=port=8202:proto=tcp:toport=8080:toaddr=" + str(ip2) str3 = "/usr/bin/firewall-cmd --add-forward-port=port=8203:proto=tcp:toport=8080:toaddr=" + str(ip3) str4 = "/usr/bin/firewall-cmd --add-forward-port=port=8204:proto=tcp:toport=8080:toaddr=" + str(ip4) os.popen("/usr/bin/firewall-cmd --reload") os.popen(str1) os.popen(str2) os.popen(str3) os.popen(str4) os.popen("/usr/bin/firewall-cmd --list-all") print("firewalld :ok") #重启所有容器 def restart_docker(): for docker_name in docker_list: sh_str = "/usr/bin/docker restart " + docker_name r = os.popen(sh_str) r = r.read() print("restart_docker: ", r) #使用pipework给容器分配ip def pipework_ip(docker_name,ip,ip_gate): sh_str = "/usr/bin/docker restart " + docker_name r = os.popen(sh_str) r = r.read() print("restart_docker: ", r) str1 = "/usr/local/bin/pipework br0 " + docker_name + " " + str(ip) + "/24" + "@" + str(ip_gate) os.popen(str1) print("pipework_ip: ",docker_name) #检查ip分配情况，分配失败的容器重新分配 def check(): sh_str1 = "/usr/bin/docker exec -i " + "in1" + " sh -c 'ip addr' |grep 'inet 192'" sh_str2 = "/usr/bin/docker exec -i " + "in2" + " sh -c 'ip addr' |grep 'inet 192'" sh_str3 = "/usr/bin/docker exec -i " + "in3" + " sh -c 'ip addr' |grep 'inet 192'" sh_str4 = "/usr/bin/docker exec -i " + "in4" + " sh -c 'ip addr' |grep 'inet 192'" r1 = os.popen(sh_str1) r1 = r1.read() r2 = os.popen(sh_str2) r2 = r2.read() r3 = os.popen(sh_str3) r3 = r3.read() r4 = os.popen(sh_str4) r4 = r4.read() #print("check_net: r.read():",r) if "inet 192" in r1: print("check: " +"in1" + " net is ok") else: print("check: " + "in1" + " net is err") save_file(logfile, "in1 bad", "a+") pipework_ip("in1", ip1, ip_gate) if "inet 192" in r2: print("check: " +"in2" + " net is ok") else: print("check: " + "in2" + " net is err") save_file(logfile, "in2 bad", "a+") pipework_ip("in2", ip2, ip_gate) if "inet 192" in r3: print("check: " +"in3" + " net is ok") else: print("check: " + "in3" + " net is err") save_file(logfile, "in3 bad", "a+") pipework_ip("in3", ip3, ip_gate) if "inet 192" in r4: print("check: " +"in4" + " net is ok") else: print("check: " + "in4" + " net is err") save_file(logfile, "in4 bad", "a+") pipework_ip("in4", ip4, ip_gate) time.sleep(1) #运行 def start(): init_ip() read_ip() restart_docker() firewalld(ip1, ip2, ip3, ip4) while True: print("start: check") check() time.sleep(10) start()