Python CMDB Development

I. Overview of the CMDB

The composition of the CMDB mainly has the background management, the central control machine, the server.

Background management is divided into the background management page and the central control machine Exchange data API.

Users through the Background Management page input host information, the control machine through the API to obtain the IP list, the control machine according to the IP to obtain the corresponding machine configuration information, obtain the configuration information and then send the configuration information to the background management Api,api to save the data to the database.

The communication between the control machine and the server is done through the Python Paramiko module (with key authentication).

In order to ensure the security of communication between the control machine and the background Management API, API verification is required.

1. API Verification Process

The central control machine and the background management API to save a key locally, the central control machine through the API to get the data need to carry this key together with the API,API verification after the central control machine to obtain data.

It is not safe to use key only, because the key is static once intercepted, other people can also get data from the API. To be more secure, some need to make key dynamic.

Dynamic key implementation, on the basis of a static key plus a timestamp, and then calculate the key and timestamp of the MD5 value, the computed MD5 value and the time stamp for the calculation through a delimiter sent to the API,API received the request through the delimiter to remove the timestamp The locally saved key is then MD5 computed with the time stamp received, and if the resulting value is consistent with the value sent by the control machine, the data is sent to the central control machine, and the data is rejected instead. You also need to set the validity period of a key, subtract time from the local time between the control machine, and if the result exceeds the valid range of the setting, the API validation fails.

Python CMDB Development