CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-06-14 14:18:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

move logic from reactor to orchestration

Browse Source
This commit is contained in:
Josh Patterson
2025-02-23 14:07:51 -05:00
parent 3246176c0a
commit fd9a4966ec
2 changed files with 76 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/orch/dyanno_hypervisor.sls
+65 -59
View File
@@ -12,76 +12,72 @@
{% if 'hvn' in salt['pillar.get']('features', []) %} {% if 'hvn' in salt['pillar.get']('features', []) %}
{% do salt.log.info('dyanno_hypervisor_orch: Running') %} {% do salt.log.info('dyanno_hypervisor_orch: Running') %}
{% set event_data = pillar.get('event_data', {}) %} {% set data = pillar.get('data', {}) %}
{% set event_tag = pillar.get('event_tag', '') %} {% set tag = pillar.get('tag', '') %}
{% set timestamp = event_data.get('_stamp') %} {% set timestamp = data.get('_stamp') %}
{% do salt.log.debug('dyanno_hypervisor_orch: tag: ' ~ event_tag) %} {% do salt.log.debug('dyanno_hypervisor_orch: tag: ' ~ tag) %}
{% do salt.log.debug('dyanno_hypervisor_orch: Received data: ' ~ data|json|string) %}
{# Our custom tag #} {# Our custom tag #}
{% if event_tag.startswith('soc/dyanno/hypervisor') %} {% if tag.startswith('soc/dyanno/hypervisor') %}
{% set status_data = event_data.get('data')%} {% set status_data = data.get('data')%}
{% do salt.log.debug('dyanno_hypervisor_orch: Received data: ' ~ status_data|json|string) %} {% do salt.log.debug('dyanno_hypervisor_orch: Received data: ' ~ status_data|json|string) %}
{% do salt.log.debug('dyanno_hypervisor_orch: Setting vm_name, hypervisor and status') %} {% do salt.log.debug('dyanno_hypervisor_orch: Setting vm_name, hypervisor and status') %}
{% set vm_name = status_data.get('vm_name') %} {% set vm_name = status_data.get('vm_name') %}
{% set hypervisor = status_data.get('hypervisor') %} {% set hypervisor = status_data.get('hypervisor') %}
{% set status = status_data.get('status') %} {% set status = status_data.get('status') %}
{% set details = status_data.get('details', '') %} {% endif %}
{% do salt.log.info('dyanno_hypervisor_orch: vm_name: ' ~ vm_name ~ ' hypervisor: ' ~ hypervisor ~ ' status: ' ~ status) %}
{# setup/so-minion tag #}
{% if tag == ('setup/so-minion') %}
{% set status_data = data.get('data')%}
{% do salt.log.debug('dyanno_hypervisor_orch: Received data: ' ~ status_data|json|string) %}
{% do salt.log.debug('dyanno_hypervisor_orch: Setting vm_name, hypervisor and status') %}
{% set vm_name = data.get('id') %}
{% set grains = salt.saltutil.runner('cache.grains', tgt=vm_name).get(vm_name) %}
{% if grains %}
{% do salt.log.debug('dyanno_hypervisor_orch: Got cache.grains ' ~ grains|string) %}
{% if grains.get('salt-cloud').get('profile') %}
{% do salt.log.debug('dyanno_hypervisor_orch: Found salt-cloud:profile grain: ' ~ grains.get('salt-cloud').get('profile')|string) %}
{% set hypervisor = grains.get('salt-cloud').get('profile').split('-')[1] %}
{% do salt.log.debug('dyanno_hypervisor_orch: Got hypervisor: ' ~ hypervisor) %}
{% endif %}
{% else %}
{% do salt.log.debug('dyanno_hypervisor_orch: Did not get cache.grains.') %}
{% endif %}
{% set hypervisor = hypervisor %}
{% set status = 'Initialize Minion Pillars' %}
{% endif %} {% endif %}
{# salt-cloud tag #} {# salt-cloud tag #}
{% if 'salt/cloud/' in event_tag and event_tag.endswith('/destroyed') %} {% if tag.startswith('salt/cloud/') and (tag.endswith('/creating') or tag.endswith('/deploying') or tag.endswith('/created') or tag.endswith('/destroyed')) %}
{% set status_data = event_data %} {% do salt.log.debug('dyanno_hypervisor_orch: Received data: ' ~ data|json|string) %}
{% do salt.log.debug('dyanno_hypervisor_orch: Setting vm_name, hypervisor and status') %} {% do salt.log.debug('dyanno_hypervisor_orch: Setting vm_name, hypervisor and status') %}
{% do salt.log.debug('dyanno_hypervisor_orch: Received data: ' ~ status_data|json|string) %} {% set vm_name = tag.split('/')[2] %}
{% set vm_name = status_data.get('name') %} {% do salt.log.debug('dyanno_hypervisor_orch: Got vm_name from tag: ' ~ vm_name) %}
{% set hypervisor = None %} {% if tag.endswith('/deploying') %}
{% set status = status_data.get('event') %} {% set hypervisor = data.get('kwargs').get('cloud_grains').get('profile').split('-')[1] %}
{% do salt.log.info('dyanno_hypervisor_orch: vm_name: ' ~ vm_name ~ ' hypervisor: ' ~ hypervisor ~ ' status: ' ~ status) %}
{% endif %}
{#
{% if event_tag.startswith('soc/dyanno/hypervisor') %}
{% if vm_name and status and hypervisor %}
{% do salt.log.info('dyanno_hypervisor_orch: soc.dyanno.hypervisor.write_status state running - vm_name: ' ~ vm_name ~ ' hypervisor: ' ~ hypervisor ~ ' status: ' ~ status) %}
# Write status file
write_vm_status:
salt.runner:
- name: state.orchestrate
- mods: soc.dyanno.hypervisor.write_status
- pillar:
vm_name: {{ vm_name }}
hypervisor: {{ hypervisor }}
status_data:
timestamp: {{ timestamp }}
status: {{ status }}
details: {{ details }}
event_tag: {{ event_tag }}
write_vm_status:
salt.state:
- tgt: 'G@role:so-manager or G@role:so-managersearch or G@role:so-standalone or G@role:so-eval'
- tgt_type: compound
- sls:
- soc.dyanno.hypervisor.write_status
- concurrent: True
- pillar:
vm_name: {{ vm_name }}
hypervisor: {{ hypervisor }}
status_data:
timestamp: {{ timestamp }}
status: {{ status }}
details: {{ details }}
event_tag: {{ event_tag }}
{% else %}
{% do salt.log.error('dyanno_hypervisor_orch: Missing required fields - vm_name: ' ~ vm_name ~ ' hypervisor: ' ~ hypervisor ~ ' status: ' ~ status) %}
{% endif %} {% endif %}
{% if data.get('profile', False) %}
{% do salt.log.debug('dyanno_hypervisor_orch: Did not get cache.grains.') %}
{% set hypervisor = data.profile.split('-')[1] %}
{% do salt.log.debug('dyanno_hypervisor_orch: Got hypervisor from data: ' ~ hypervisor) %}
{% else %}
{% set grains = salt.saltutil.runner('cache.grains', tgt=vm_name).get(vm_name) %}
{% if grains %}
{% do salt.log.debug('dyanno_hypervisor_orch: Got cache.grains: ' ~ grains|string) %}
{% if grains.get('salt-cloud').get('profile') %}
{% do salt.log.debug('dyanno_hypervisor_orch: Found salt-cloud:profile grain: ' ~ grains.get('salt-cloud').get('profile')|string) %}
{% set hypervisor = grains.get('salt-cloud').get('profile').split('-')[1] %}
{% do salt.log.debug('dyanno_hypervisor_orch: Got hypervisor: ' ~ hypervisor) %}
{% endif %}
{% endif %}
{% endif %}
{% set status = data.get('event').title() %}
{% endif %} {% endif %}
#}
{% do salt.log.info('dyanno_hypervisor_orch: vm_name: ' ~ vm_name ~ ' hypervisor: ' ~ hypervisor ~ ' status: ' ~ status) %}
{# We will need to populate hypervisor:hosts in this orch and pass to state to run as runner {# We will need to populate hypervisor:hosts in this orch and pass to state to run as runner
update_hypervisor_status: update_hypervisor_status:
@@ -94,6 +90,18 @@ update_hypervisor_status:
{% endif %} {% endif %}
#} #}
write_vm_status:
salt.runner:
- name: state.orchestrate
- mods: soc.dyanno.hypervisor.write_status
- pillar:
vm_name: {{ vm_name }}
hypervisor: {{ hypervisor }}
status_data:
timestamp: {{ timestamp }}
status: {{ status }}
event_tag: {{ tag }}
# Update hypervisor status # Update hypervisor status
update_hypervisor_annotation: update_hypervisor_annotation:
salt.state: salt.state:
@@ -102,10 +110,8 @@ update_hypervisor_annotation:
- sls: - sls:
- soc.dyanno.hypervisor - soc.dyanno.hypervisor
- concurrent: True - concurrent: True
{#% if event_tag.startswith('soc/dyanno/hypervisor') %}
- require: - require:
- salt: write_vm_status - salt: write_vm_status
{% endif %#}
{% do salt.log.info('dyanno_hypervisor_orch: Completed') %} {% do salt.log.info('dyanno_hypervisor_orch: Completed') %}
salt/reactor/vm_status.sls
+11 -97
View File
@@ -4,119 +4,33 @@
# Elastic License 2.0. # Elastic License 2.0.
{% do salt.log.debug('vm_status_reactor: Running') %} {% do salt.log.debug('vm_status_reactor: Running') %}
{% do salt.log.debug('vm_status_reactor: tag: ' ~ tag | string) %} {% do salt.log.debug('vm_status_reactor: tag: ' ~ tag) %}
{# Remove all the nasty characters that exist in this data #} {# Remove all the nasty characters that exist in this data #}
{% if tag.startswith('salt/cloud/') and tag.endswith('/deploying') %} {% if tag.startswith('salt/cloud/') and tag.endswith('/deploying') %}
{% set data = {
{% set event_data = {
"_stamp": data._stamp, "_stamp": data._stamp,
"event": data.event, "event": data.event,
"kwargs": { "kwargs": {
"cloud_grains": data.kwargs.cloud_grains "cloud_grains": data.kwargs.cloud_grains
} }
} %} } %}
{% else %}
{% set event_data = data %}
{% endif %} {% endif %}
{% do salt.log.debug('vm_status_reactor: Received data: ' ~ data|json|string) %} {% do salt.log.debug('vm_status_reactor: Received data: ' ~ event_data|json|string) %}
{#
update_hypervisor:
runner.state.orchestrate:
- args:
- mods: orch.dyanno_hypervisor
- pillar:
event_tag: {{ tag }}
event_data: {{ data }}
#}
{# Our custom tag #}
{% if tag.startswith('soc/dyanno/hypervisor') %}
{% set status_data = data.get('data')%}
{% do salt.log.debug('vm_status_reactor: Received data: ' ~ status_data|json|string) %}
{% do salt.log.debug('vm_status_reactor: Setting vm_name, hypervisor and status') %}
{% set vm_name = status_data.get('vm_name') %}
{% set hypervisor = status_data.get('hypervisor') %}
{% set status = status_data.get('status') %}
{% set details = status_data.get('details', '') %}
{% endif %}
{# setup/so-minion tag #}
{% if tag == ('setup/so-minion') %}
{% set status_data = data.get('data')%}
{% do salt.log.debug('vm_status_reactor: Received data: ' ~ status_data|json|string) %}
{% do salt.log.debug('vm_status_reactor: Setting vm_name, hypervisor and status') %}
{% set vm_name = data.get('id') %}
{% set grains = salt.saltutil.runner('cache.grains', tgt=vm_name).get(vm_name) %}
{% if grains %}
{% do salt.log.debug('vm_status_reactor: Got cache.grains ' ~ grains|string) %}
{% if grains.get('salt-cloud').get('profile') %}
{% do salt.log.debug('vm_status_reactor: Found salt-cloud:profile grain: ' ~ grains.get('salt-cloud').get('profile')|string) %}
{% set hypervisor = grains.get('salt-cloud').get('profile').split('-')[1] %}
{% do salt.log.debug('vm_status_reactor: Got hypervisor: ' ~ hypervisor) %}
{% endif %}
{% else %}
{% do salt.log.debug('vm_status_reactor: Did not get cache.grains.') %}
{% endif %}
{% set hypervisor = hypervisor %}
{% set status = 'Initialize Minion Pillars' %}
{% set details = status_data.get('details', '') %}
{% endif %}
{# salt-cloud tag #}
{% if tag.startswith('salt/cloud/') and (tag.endswith('/creating') or tag.endswith('/deploying') or tag.endswith('/created') or tag.endswith('/destroyed')) %}
{% do salt.log.debug('vm_status_reactor: Received data: ' ~ data|json|string) %}
{% do salt.log.debug('vm_status_reactor: Setting vm_name, hypervisor and status') %}
{% set vm_name = tag.split('/')[2] %}
{% do salt.log.debug('vm_status_reactor: Got vm_name from tag: ' ~ vm_name) %}
{% if tag.endswith('/deploying') %}
{% set hypervisor = data.get('kwargs').get('cloud_grains').get('profile').split('-')[1] %}
{% endif %}
{% if data.get('profile', False) %}
{% do salt.log.debug('vm_status_reactor: Did not get cache.grains.') %}
{% set hypervisor = data.profile.split('-')[1] %}
{% do salt.log.debug('vm_status_reactor: Got hypervisor from data: ' ~ hypervisor) %}
{% else %}
{% set grains = salt.saltutil.runner('cache.grains', tgt=vm_name).get(vm_name) %}
{% if grains %}
{% do salt.log.debug('vm_status_reactor: Got cache.grains: ' ~ grains|string) %}
{% if grains.get('salt-cloud').get('profile') %}
{% do salt.log.debug('vm_status_reactor: Found salt-cloud:profile grain: ' ~ grains.get('salt-cloud').get('profile')|string) %}
{% set hypervisor = grains.get('salt-cloud').get('profile').split('-')[1] %}
{% do salt.log.debug('vm_status_reactor: Got hypervisor: ' ~ hypervisor) %}
{% endif %}
{% endif %}
{% endif %}
{% set status = data.get('event').title() %}
{% set details = data.get('details', '') %}
{% endif %}
{% do salt.log.info('vm_status_reactor: vm_name: ' ~ vm_name ~ ' hypervisor: ' ~ hypervisor ~ ' status: ' ~ status) %}
{% set timestamp = data.get('_stamp') %}
write_vm_status:
runner.state.orchestrate:
- args:
- mods: soc.dyanno.hypervisor.write_status
- pillar:
vm_name: {{ vm_name }}
hypervisor: {{ hypervisor }}
status_data:
timestamp: {{ timestamp }}
status: {{ status }}
details: {{ details }}
event_tag: {{ tag }}
update_hypervisor: update_hypervisor:
runner.state.orchestrate: runner.state.orchestrate:
- args: - args:
- mods: orch.dyanno_hypervisor - mods: orch.dyanno_hypervisor
- pillar: - pillar:
event_tag: {{ tag }} tag: {{ tag }}
event_data: {{ data }} data: {{ event_data }}
{% do salt.log.debug('vm_status_reactor: Completed') %} {% do salt.log.debug('vm_status_reactor: Completed') %}