Flask 定时检查阿里云RDS白名单是否没有删除公司专线IP

业务需求：

为了防止 mysql 数据库主库白名单上有公司专线IP用完忘记删除，固在中午和下班前进行提醒

目录结构：

钉钉报警

创建 operate python 包，编辑 dingtalk.py 文件

import json

from aliyunsdkcore.vendored import requests


def send_msg(msg):
    url = 'https://oapi.dingtalk.com/robot/send?access_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' #  运维组
    parameter = {
        "msgtype": "text",
        "text": {
            "content": "告警 -- 阿里云 RDS 主库白名单没有删除公司专线 IP ，白名单分组为：%s ，请及时查看~" % msg
        },
    }
    headers = {
        'Content-Type': 'application/json'
    }
    requests.post(url, data=json.dumps(parameter), headers=headers)

调用 阿里云 API 接口进行检查

在 operate python 包下，编辑 check_white_list.py 文件

from aliyunsdkcore.client import AcsClient
from aliyunsdkcore.acs_exception.exceptions import ClientException
from aliyunsdkcore.acs_exception.exceptions import ServerException
from aliyunsdkrds.request.v20140815.DescribeDBInstanceIPArrayListRequest import DescribeDBInstanceIPArrayListRequest

import json
from operate import dingtalk

client = AcsClient('xxxxxxxxxxxxxxxxx', 'xxxxxxxxxxxxxxxxxxxxxxx', 'cn-shenzhen')

request = DescribeDBInstanceIPArrayListRequest()
request.set_accept_format('json')

request.set_DBInstanceId("rm-xxxxxxxxxxxxxxxx")


def check_white_list():
    while_list_name = []

    response = client.do_action_with_exception(request)
    result_json = json.loads(str(response, encoding='utf-8'))

    list_num = len(result_json['Items']['DBInstanceIPArray'])

    for l in range(list_num):
        # print(result_json['Items']['DBInstanceIPArray'][l]['SecurityIPList'])
        tmp = result_json['Items']['DBInstanceIPArray'][l]['SecurityIPList']
        if "61.144.120.90" in tmp:
            # print(result_json['Items']['DBInstanceIPArray'][l]['DBInstanceIPArrayName'])
            list_name = result_json['Items']['DBInstanceIPArray'][l]['DBInstanceIPArrayName']
            while_list_name.append(list_name)

    return while_list_name


def main():
    msg = check_white_list()
    if msg:
        dingtalk.send_msg(msg)

编写 app.py 文件

from flask import Flask
from flask_apscheduler import APScheduler
from operate import check_white_list

app = Flask(__name__)


@app.route('/')
def hello_world():
    return 'check aliyun RDS whitelist is running!'


# 任务配置类, 同时启动 3 个定时任务
class SchedulerConfig(object):
    JOBS = [
        {
            'id': 'check_white_list',                    # 任务id
            'func': '__main__:check_white_list.main',    # 任务执行程序
            'args': None,                                # 执行程序参数
            'trigger': 'cron',                           # 任务执行类型
            'hour': '8,11,18,21',
            'minute': '30'
        }
    ]
    SCHEDULER_TIMEZONE = 'Asia/Shanghai'                 # 设定时区


if __name__ == '__main__':
    app.config.from_object(SchedulerConfig())  # 为实例化的flask引入定时任务配置
    scheduler = APScheduler()                  # 实例化APScheduler
    scheduler.init_app(app)                    # 把任务列表载入实例flask
    scheduler.start()                          # 启动任务计划
    app.run(host='0.0.0.0')

在 PyCharm 中 使用命令导出依赖

pip freeze > requirements.txt

把开发好的代码传到一个安装好 docker 的 centos 机器上

打包镜像

cp /usr/share/zoneinfo/Asia/Shanghai .

# 编辑 Dockerfile
FROM python:3.6
WORKDIR /data

RUN echo "Asia/Shanghai" > /etc/timezone
COPY Shanghai /etc/localtime
COPY requirements.txt ./
RUN pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/

COPY . .

CMD ["python", "app.py"]

# 打包镜像
docker build -t flask_check_rds_whitelist:0.0.1 ./