Gitiles
Code Review Sign In
osm.etsi.org / osm / N2VC / a7102ec60fc00896351c661b130cf381504fa6fd^! / .
commita7102ec60fc00896351c661b130cf381504fa6fd[log] [tgz]
authorDavid Garcia <david.garcia@canonical.com>Wed Jul 22 17:56:12 2020 +0200
committerDavid Garcia <david.garcia@canonical.com>Thu Jul 23 10:59:46 2020 +0200
tree364c1e3aecba8011fe6e01d12e71d0388c10b88d
parent20806a454fe1d27952ba7639714649cf36a4ea02 [diff]
Get the kubeconfig credentials from MongoDB

This the previous approach, the kubeconfig was gotten from the filesystem,
which has issues scaling the LCM, because the kubeconfig was only present
in the pod that had initialized the environment.

The kubeconfig is stored in Mongo, and this commit basically gets the config from there, so it doesn't matter which LCM needs access to it.

Change-Id: I80458db5124122a4b7b3eb3a9b00cb4a4add11ff
Signed-off-by: David Garcia <david.garcia@canonical.com>

diff --git a/n2vc/k8s_juju_conn.py b/n2vc/k8s_juju_conn.py
index 8cdf388..808201d 100644
--- a/n2vc/k8s_juju_conn.py
+++ b/n2vc/k8s_juju_conn.py

@@ -683,7 +683,16 @@
     ) -> list:
         """Return a list of services of a kdu_instance"""
 
-        config_file = self.get_config_file(cluster_uuid=cluster_uuid)
+        credentials = self.get_credentials(cluster_uuid=cluster_uuid)
+
+        config_path = "/tmp/{}".format(cluster_uuid)
+        config_file = "{}/config".format(config_path)
+
+        if not os.path.exists(config_path):
+            os.makedirs(config_path)
+        with open(config_file, "w") as f:
+            f.write(credentials)
+
         kubectl = Kubectl(config_file=config_file)
         return kubectl.get_services(
             field_selector="metadata.namespace={}".format(kdu_instance)
@@ -694,7 +703,16 @@
     ) -> object:
         """Return data for a specific service inside a namespace"""
 
-        config_file = self.get_config_file(cluster_uuid=cluster_uuid)
+        credentials = self.get_credentials(cluster_uuid=cluster_uuid)
+
+        config_path = "/tmp/{}".format(cluster_uuid)
+        config_file = "{}/config".format(config_path)
+
+        if not os.path.exists(config_path):
+            os.makedirs(config_path)
+        with open(config_file, "w") as f:
+            f.write(credentials)
+
         kubectl = Kubectl(config_file=config_file)
 
         return kubectl.get_services(
@@ -851,11 +869,23 @@
             if "already exists" not in stderr:
                 raise Exception(stderr)
 
-    def get_config_file(self, cluster_uuid: str) -> str:
+    def get_credentials(self, cluster_uuid: str) -> str:
         """
-        Get Cluster Kubeconfig location
+        Get Cluster Kubeconfig
         """
-        return "{}/{}/.kube/config".format(self.fs.path, cluster_uuid)
+        k8scluster = self.db.get_one(
+            "k8sclusters", q_filter={"_id": cluster_uuid}, fail_on_empty=False
+        )
+
+        self.db.encrypt_decrypt_fields(
+            k8scluster.get("credentials"),
+            "decrypt",
+            ["password", "secret"],
+            schema_version=k8scluster["schema_version"],
+            salt=k8scluster["_id"],
+        )
+
+        return yaml.safe_dump(k8scluster.get("credentials"))
 
     def get_config(self, cluster_uuid: str,) -> dict:
         """Get the cluster configuration