Merge "Bug 1000: Fix authentication when deleting service"

[osm/N2VC.git] / n2vc / k8s_juju_conn.py
diff --git a/n2vc/k8s_juju_conn.py b/n2vc/k8s_juju_conn.py

index 3acc10e..9bc5d40 100644 (file)
--- a/n2vc/k8s_juju_conn.py
+++ b/n2vc/k8s_juju_conn.py
@@ -12,9 +12,11 @@
  #     See the License for the specific language governing permissions and
  #     limitations under the License.
  
  #     See the License for the specific language governing permissions and
  #     limitations under the License.
  
+import asyncio
  import concurrent
  from .exceptions import NotImplemented
  
  import concurrent
  from .exceptions import NotImplemented
  
+import io
  import juju
  # from juju.bundle import BundleHandler
  from juju.controller import Controller
  import juju
  # from juju.bundle import BundleHandler
  from juju.controller import Controller
@@ -28,7 +30,6 @@ from n2vc.k8s_conn import K8sConnector
  import os
  # import re
  # import ssl
  import os
  # import re
  # import ssl
-import subprocess
  # from .vnf import N2VC
  
  import uuid
  # from .vnf import N2VC
  
  import uuid
@@ -69,6 +70,7 @@ class K8sJujuConnector(K8sConnector):
          self.models = {}
          self.log = logging.getLogger(__name__)
  
          self.models = {}
          self.log = logging.getLogger(__name__)
  
+        self.juju_command = juju_command
          self.juju_secret = ""
  
          self.info('K8S Juju connector initialized')
          self.juju_secret = ""
  
          self.info('K8S Juju connector initialized')
@@ -80,13 +82,14 @@ class K8sJujuConnector(K8sConnector):
          namespace: str = 'kube-system',
          reuse_cluster_uuid: str = None,
      ) -> (str, bool):
          namespace: str = 'kube-system',
          reuse_cluster_uuid: str = None,
      ) -> (str, bool):
-        """Initialize a Kubernetes environment
-
-        :param k8s_creds dict: A dictionary containing the Kubernetes cluster
-        configuration
-        :param namespace str: The Kubernetes namespace to initialize
+        """
+        It prepares a given K8s cluster environment to run Juju bundles.
  
  
-        :return: UUID of the k8s context or raises an exception
+        :param k8s_creds: credentials to access a given K8s cluster, i.e. a valid '.kube/config'
+        :param namespace: optional namespace to be used for juju. By default, 'kube-system' will be used
+        :param reuse_cluster_uuid: existing cluster uuid for reuse
+        :return: uuid of the K8s cluster and True if connector has installed some software in the cluster
+        (on error, an exception will be raised)
          """
  
          """Bootstrapping
          """
  
          """Bootstrapping
@@ -94,10 +97,6 @@ class K8sJujuConnector(K8sConnector):
          Bootstrapping cannot be done, by design, through the API. We need to
          use the CLI tools.
          """
          Bootstrapping cannot be done, by design, through the API. We need to
          use the CLI tools.
          """
-        # TODO: The path may change
-        jujudir = "/usr/local/bin"
-
-        self.k8scli = "{}/juju".format(jujudir)
  
          """
          WIP: Workflow
  
          """
          WIP: Workflow
@@ -121,37 +120,37 @@ class K8sJujuConnector(K8sConnector):
          # TODO: Pull info from db based on the namespace #
          ##################################################
  
          # TODO: Pull info from db based on the namespace #
          ##################################################
  
+        ###################################################
+        # TODO: Make it idempotent, calling add-k8s and   #
+        # bootstrap whenever reuse_cluster_uuid is passed #
+        # as parameter                                    #
+        # `init_env` is called to initialize the K8s      #
+        # cluster for juju. If this initialization fails, #
+        # it can be called again by LCM with the param    #
+        # reuse_cluster_uuid, e.g. to try to fix it.       #
+        ###################################################
+
          if not reuse_cluster_uuid:
              # This is a new cluster, so bootstrap it
  
              cluster_uuid = str(uuid.uuid4())
  
          if not reuse_cluster_uuid:
              # This is a new cluster, so bootstrap it
  
              cluster_uuid = str(uuid.uuid4())
  
-            # Add k8s cloud to Juju (unless it's microk8s)
+            # Is a local k8s cluster?
+            localk8s = self.is_local_k8s(k8s_creds)
  
  
-            # Convert to a dict
-            # k8s_creds = yaml.safe_load(k8s_creds)
+            # If the k8s is external, the juju controller needs a loadbalancer
+            loadbalancer = False if localk8s else True
  
  
-            # Does the kubeconfig contain microk8s?
-            microk8s = self.is_microk8s_by_credentials(k8s_creds)
+            # Name the new k8s cloud
+            k8s_cloud = "k8s-{}".format(cluster_uuid)
  
  
-            if not microk8s:
-                # Name the new k8s cloud
-                k8s_cloud = "{}-k8s".format(namespace)
+            print("Adding k8s cloud {}".format(k8s_cloud))
+            await self.add_k8s(k8s_cloud, k8s_creds)
  
  
-                print("Adding k8s cloud {}".format(k8s_cloud))
-                await self.add_k8s(k8s_cloud, k8s_creds)
-
-                # Bootstrap Juju controller
-                print("Bootstrapping...")
-                await self.bootstrap(k8s_cloud, cluster_uuid)
-                print("Bootstrap done.")
-            else:
-                # k8s_cloud = 'microk8s-test'
-                k8s_cloud = "{}-k8s".format(namespace)
-
-                await self.add_k8s(k8s_cloud, k8s_creds)
-
-                await self.bootstrap(k8s_cloud, cluster_uuid)
+            # Bootstrap Juju controller
+            print("Bootstrapping...")
+            await self.bootstrap(k8s_cloud, cluster_uuid, loadbalancer)
+            print("Bootstrap done.")
  
              # Get the controller information
  
  
              # Get the controller information
  
@@ -194,7 +193,7 @@ class K8sJujuConnector(K8sConnector):
                  'secret': self.juju_secret,
                  'cacert': self.juju_ca_cert,
                  'namespace': namespace,
                  'secret': self.juju_secret,
                  'cacert': self.juju_ca_cert,
                  'namespace': namespace,
-                'microk8s': microk8s,
+                'loadbalancer': loadbalancer,
              }
  
              # Store the cluster configuration so it
              }
  
              # Store the cluster configuration so it
@@ -219,15 +218,15 @@ class K8sJujuConnector(K8sConnector):
              await self.login(cluster_uuid)
  
          # We're creating a new cluster
              await self.login(cluster_uuid)
  
          # We're creating a new cluster
-        print("Getting model {}".format(self.get_namespace(cluster_uuid), cluster_uuid=cluster_uuid))
-        model = await self.get_model(
-            self.get_namespace(cluster_uuid), 
-            cluster_uuid=cluster_uuid
-        )
+        #print("Getting model {}".format(self.get_namespace(cluster_uuid), cluster_uuid=cluster_uuid))
+        #model = await self.get_model(
+        #    self.get_namespace(cluster_uuid),
+        #    cluster_uuid=cluster_uuid
+        #)
  
  
-        # Disconnect from the model
-        if model and model.is_connected():
-            await model.disconnect()
+        ## Disconnect from the model
+        #if model and model.is_connected():
+        #    await model.disconnect()
  
          return cluster_uuid, True
  
  
          return cluster_uuid, True
  
@@ -280,27 +279,21 @@ class K8sJujuConnector(K8sConnector):
  
                  # Disconnect from the controller
                  print("[reset] Disconnecting controller")
  
                  # Disconnect from the controller
                  print("[reset] Disconnecting controller")
-                await self.controller.disconnect()
+                await self.logout()
  
                  # Destroy the controller (via CLI)
                  print("[reset] Destroying controller")
                  await self.destroy_controller(cluster_uuid)
  
  
                  # Destroy the controller (via CLI)
                  print("[reset] Destroying controller")
                  await self.destroy_controller(cluster_uuid)
  
-                """Remove the k8s cloud
-
-                Only remove the k8s cloud if it's not a microk8s cloud,
-                since microk8s is a built-in cloud type.
-                """
-                # microk8s = self.is_microk8s_by_cluster_uuid(cluster_uuid)
-                # if not microk8s:
                  print("[reset] Removing k8s cloud")
                  print("[reset] Removing k8s cloud")
-                namespace = self.get_namespace(cluster_uuid)
-                k8s_cloud = "{}-k8s".format(namespace)
+                k8s_cloud = "k8s-{}".format(cluster_uuid)
                  await self.remove_cloud(k8s_cloud)
  
          except Exception as ex:
              print("Caught exception during reset: {}".format(ex))
  
                  await self.remove_cloud(k8s_cloud)
  
          except Exception as ex:
              print("Caught exception during reset: {}".format(ex))
  
+        return True
+
      """Deployment"""
  
      async def install(
      """Deployment"""
  
      async def install(
@@ -310,7 +303,8 @@ class K8sJujuConnector(K8sConnector):
          atomic: bool = True,
          timeout: float = 300,
          params: dict = None,
          atomic: bool = True,
          timeout: float = 300,
          params: dict = None,
-        db_dict: dict = None
+        db_dict: dict = None,
+        kdu_name: str = None
      ) -> bool:
          """Install a bundle
  
      ) -> bool:
          """Install a bundle
  
@@ -321,6 +315,7 @@ class K8sJujuConnector(K8sConnector):
          :param timeout int: The time, in seconds, to wait for the install
                              to finish
          :param params dict: Key-value pairs of instantiation parameters
          :param timeout int: The time, in seconds, to wait for the install
                              to finish
          :param params dict: Key-value pairs of instantiation parameters
+        :param kdu_name: Name of the KDU instance to be installed
  
          :return: If successful, returns ?
          """
  
          :return: If successful, returns ?
          """
@@ -330,16 +325,18 @@ class K8sJujuConnector(K8sConnector):
              await self.login(cluster_uuid)
  
          ##
              await self.login(cluster_uuid)
  
          ##
-        # Get or create the model, based on the namespace the cluster was
-        # instantiated with.
-        namespace = self.get_namespace(cluster_uuid)
-        namespace = "gitlab-demo"
-        self.log.debug("Checking for model named {}".format(namespace))
-        model = await self.get_model(namespace, cluster_uuid=cluster_uuid)
-        if not model:
-            # Create the new model
-            self.log.debug("Adding model: {}".format(namespace))
-            model = await self.add_model(namespace, cluster_uuid=cluster_uuid)
+        # Get or create the model, based on the NS
+        # uuid.
+        if kdu_name:
+            kdu_instance = "{}-{}".format(kdu_name, db_dict["filter"]["_id"])
+        else:
+            kdu_instance = db_dict["filter"]["_id"]
+
+        self.log.debug("Checking for model named {}".format(kdu_instance))
+
+        # Create the new model
+        self.log.debug("Adding model: {}".format(kdu_instance))
+        model = await self.add_model(kdu_instance, cluster_uuid=cluster_uuid)
  
          if model:
              # TODO: Instantiation parameters
  
          if model:
              # TODO: Instantiation parameters
@@ -406,7 +403,7 @@ class K8sJujuConnector(K8sConnector):
                  print("[install] Disconnecting model")
                  await model.disconnect()
  
                  print("[install] Disconnecting model")
                  await model.disconnect()
  
-            return True
+            return kdu_instance
          raise Exception("Unable to install")
  
      async def instances_list(
          raise Exception("Unable to install")
  
      async def instances_list(
@@ -519,35 +516,27 @@ class K8sJujuConnector(K8sConnector):
      async def uninstall(
          self,
          cluster_uuid: str,
      async def uninstall(
          self,
          cluster_uuid: str,
-        kdu_instance: str,
+        kdu_instance: str
      ) -> bool:
          """Uninstall a KDU instance
  
      ) -> bool:
          """Uninstall a KDU instance
  
-        :param cluster_uuid str: The UUID of the cluster to uninstall
+        :param cluster_uuid str: The UUID of the cluster
          :param kdu_instance str: The unique name of the KDU instance
  
          :return: Returns True if successful, or raises an exception
          """
          :param kdu_instance str: The unique name of the KDU instance
  
          :return: Returns True if successful, or raises an exception
          """
-        removed = False
-
-        # Remove an application from the model
-        model = await self.get_model(self.get_namespace(cluster_uuid), cluster_uuid=cluster_uuid)
-
-        if model:
-            # Get the application
-            if kdu_instance not in model.applications:
-                # TODO: Raise a named exception
-                raise Exception("Application not found.")
+        if not self.authenticated:
+            self.log.debug("[uninstall] Connecting to controller")
+            await self.login(cluster_uuid)
  
  
-            application = model.applications[kdu_instance]
+        self.log.debug("[uninstall] Destroying model")
  
  
-            # Destroy the application
-            await application.destroy()
+        await self.controller.destroy_models(kdu_instance)
  
  
-            # TODO: Verify removal
+        self.log.debug("[uninstall] Model destroyed and disconnecting")
+        await self.logout()
  
  
-            removed = True
-        return removed
+        return True
  
      """Introspection"""
      async def inspect_kdu(
  
      """Introspection"""
      async def inspect_kdu(
@@ -668,21 +657,31 @@ class K8sJujuConnector(K8sConnector):
  
          :returns: True if successful, otherwise raises an exception.
          """
  
          :returns: True if successful, otherwise raises an exception.
          """
-        cmd = [self.k8scli, "add-k8s", "--local", cloud_name]
-
-        p = subprocess.run(
-            cmd,
-            stdout=subprocess.PIPE,
-            stderr=subprocess.PIPE,
-            # input=yaml.dump(credentials, Dumper=yaml.Dumper).encode("utf-8"),
-            input=credentials.encode("utf-8"),
-            # encoding='ascii'
+
+        cmd = [self.juju_command, "add-k8s", "--local", cloud_name]
+        print(cmd)
+
+        process = await asyncio.create_subprocess_exec(
+            *cmd,
+            stdout=asyncio.subprocess.PIPE,
+            stderr=asyncio.subprocess.PIPE,
+            stdin=asyncio.subprocess.PIPE,
          )
          )
-        retcode = p.returncode
-        print("add-k8s return code: {}".format(retcode))
  
  
-        if retcode > 0:
-            raise Exception(p.stderr)
+        # Feed the process the credentials
+        process.stdin.write(credentials.encode("utf-8"))
+        await process.stdin.drain()
+        process.stdin.close()
+
+        stdout, stderr = await process.communicate()
+
+        return_code = process.returncode
+
+        print("add-k8s return code: {}".format(return_code))
+
+        if return_code > 0:
+            raise Exception(stderr)
+
          return True
  
      async def add_model(
          return True
  
      async def add_model(
@@ -702,16 +701,23 @@ class K8sJujuConnector(K8sConnector):
              await self.login(cluster_uuid)
  
          self.log.debug("Adding model '{}' to cluster_uuid '{}'".format(model_name, cluster_uuid))
              await self.login(cluster_uuid)
  
          self.log.debug("Adding model '{}' to cluster_uuid '{}'".format(model_name, cluster_uuid))
-        model = await self.controller.add_model(
-            model_name,
-            config={'authorized-keys': self.juju_public_key}
-        )
+        try:
+            model = await self.controller.add_model(
+                model_name,
+                config={'authorized-keys': self.juju_public_key}
+            )
+        except Exception as ex:
+            self.log.debug(ex)
+            self.log.debug("Caught exception: {}".format(ex))
+            pass
+
          return model
  
      async def bootstrap(
          self,
          cloud_name: str,
          return model
  
      async def bootstrap(
          self,
          cloud_name: str,
-        cluster_uuid: str
+        cluster_uuid: str,
+        loadbalancer: bool
      ) -> bool:
          """Bootstrap a Kubernetes controller
  
      ) -> bool:
          """Bootstrap a Kubernetes controller
  
@@ -719,25 +725,36 @@ class K8sJujuConnector(K8sConnector):
  
          :param cloud_name str: The name of the cloud.
          :param cluster_uuid str: The UUID of the cluster to bootstrap.
  
          :param cloud_name str: The name of the cloud.
          :param cluster_uuid str: The UUID of the cluster to bootstrap.
+        :param loadbalancer bool: If the controller should use loadbalancer or not.
          :returns: True upon success or raises an exception.
          """
          :returns: True upon success or raises an exception.
          """
-        cmd = [self.k8scli, "bootstrap", cloud_name, cluster_uuid]
+
+        if not loadbalancer:
+            cmd = [self.juju_command, "bootstrap", cloud_name, cluster_uuid]
+        else:
+            """
+            For public clusters, specify that the controller service is using a LoadBalancer.
+            """
+            cmd = [self.juju_command, "bootstrap", cloud_name, cluster_uuid, "--config", "controller-service-type=loadbalancer"]
+
          print("Bootstrapping controller {} in cloud {}".format(
              cluster_uuid, cloud_name
          ))
  
          print("Bootstrapping controller {} in cloud {}".format(
              cluster_uuid, cloud_name
          ))
  
-        p = subprocess.run(
-            cmd,
-            stdout=subprocess.PIPE,
-            stderr=subprocess.PIPE,
-            # encoding='ascii'
+        process = await asyncio.create_subprocess_exec(
+            *cmd,
+            stdout=asyncio.subprocess.PIPE,
+            stderr=asyncio.subprocess.PIPE,
          )
          )
-        retcode = p.returncode
  
  
-        if retcode > 0:
+        stdout, stderr = await process.communicate()
+
+        return_code = process.returncode
+
+        if return_code > 0:
              #
              #
-            if b'already exists' not in p.stderr:
-                raise Exception(p.stderr)
+            if b'already exists' not in stderr:
+                raise Exception(stderr)
  
          return True
  
  
          return True
  
@@ -753,7 +770,7 @@ class K8sJujuConnector(K8sConnector):
          :returns: True upon success or raises an exception.
          """
          cmd = [
          :returns: True upon success or raises an exception.
          """
          cmd = [
-            self.k8scli,
+            self.juju_command,
              "destroy-controller",
              "--destroy-all-models",
              "--destroy-storage",
              "destroy-controller",
              "--destroy-all-models",
              "--destroy-storage",
@@ -761,18 +778,20 @@ class K8sJujuConnector(K8sConnector):
              cluster_uuid
          ]
  
              cluster_uuid
          ]
  
-        p = subprocess.run(
-            cmd,
-            stdout=subprocess.PIPE,
-            stderr=subprocess.PIPE,
-            # encoding='ascii'
+        process = await asyncio.create_subprocess_exec(
+            *cmd,
+            stdout=asyncio.subprocess.PIPE,
+            stderr=asyncio.subprocess.PIPE,
          )
          )
-        retcode = p.returncode
  
  
-        if retcode > 0:
+        stdout, stderr = await process.communicate()
+
+        return_code = process.returncode
+
+        if return_code > 0:
              #
              #
-            if 'already exists' not in p.stderr:
-                raise Exception(p.stderr)
+            if 'already exists' not in stderr:
+                raise Exception(stderr)
  
      def get_config(
          self,
  
      def get_config(
          self,
@@ -861,36 +880,26 @@ class K8sJujuConnector(K8sConnector):
              return True
          return False
  
              return True
          return False
  
-    def is_microk8s_by_cluster_uuid(
-        self,
-        cluster_uuid: str,
-    ) -> bool:
-        """Check if a cluster is micro8s
-
-        Checks if a cluster is running microk8s
-
-        :param cluster_uuid str: The UUID of the cluster
-        :returns: A boolean if the cluster is running microk8s
-        """
-        config = self.get_config(cluster_uuid)
-        return config['microk8s']
-
-    def is_microk8s_by_credentials(
+    def is_local_k8s(
          self,
          credentials: str,
      ) -> bool:
          self,
          credentials: str,
      ) -> bool:
-        """Check if a cluster is micro8s
+        """Check if a cluster is local
  
  
-        Checks if a cluster is running microk8s
+        Checks if a cluster is running in the local host
  
          :param credentials dict: A dictionary containing the k8s credentials
  
          :param credentials dict: A dictionary containing the k8s credentials
-        :returns: A boolean if the cluster is running microk8s
+        :returns: A boolean if the cluster is running locally
          """
          creds = yaml.safe_load(credentials)
          """
          creds = yaml.safe_load(credentials)
-        if creds:
-            for context in creds['contexts']:
-                if 'microk8s' in context['name']:
-                    return True
+        if os.getenv("OSMLCM_VCA_APIPROXY"):
+            host_ip = os.getenv("OSMLCM_VCA_APIPROXY")
+
+        if creds and host_ip:
+            for cluster in creds['clusters']:
+                if 'server' in cluster['cluster']:
+                    if host_ip in cluster['cluster']['server']:
+                        return True
  
          return False
  
  
          return False
  
@@ -971,31 +980,34 @@ class K8sJujuConnector(K8sConnector):
          """
  
          # Remove the bootstrapped controller
          """
  
          # Remove the bootstrapped controller
-        cmd = [self.k8scli, "remove-k8s", "--client", cloud_name]
-        p = subprocess.run(
-            cmd,
-            stdout=subprocess.PIPE,
-            stderr=subprocess.PIPE,
-            # encoding='ascii'
+        cmd = [self.juju_command, "remove-k8s", "--client", cloud_name]
+        process = await asyncio.create_subprocess_exec(
+            *cmd,
+            stdout=asyncio.subprocess.PIPE,
+            stderr=asyncio.subprocess.PIPE,
          )
          )
-        retcode = p.returncode
  
  
-        if retcode > 0:
-            raise Exception(p.stderr)
+        stdout, stderr = await process.communicate()
+
+        return_code = process.returncode
+
+        if return_code > 0:
+            raise Exception(stderr)
  
          # Remove the cloud from the local config
  
          # Remove the cloud from the local config
-        cmd = [self.k8scli, "remove-cloud", "--client", cloud_name]
-        p = subprocess.run(
-            cmd,
-            stdout=subprocess.PIPE,
-            stderr=subprocess.PIPE,
-            # encoding='ascii'
+        cmd = [self.juju_command, "remove-cloud", "--client", cloud_name]
+        process = await asyncio.create_subprocess_exec(
+            *cmd,
+            stdout=asyncio.subprocess.PIPE,
+            stderr=asyncio.subprocess.PIPE,
          )
          )
-        retcode = p.returncode
  
  
-        if retcode > 0:
-            raise Exception(p.stderr)
+        stdout, stderr = await process.communicate()
+
+        return_code = process.returncode
  
  
+        if return_code > 0:
+            raise Exception(stderr)
  
          return True
  
  
          return True