X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FN2VC.git;a=blobdiff_plain;f=n2vc%2Fk8s_juju_conn.py;h=808201d23fa92dadcd1ec9d417352328fafbafb4;hp=313e878fce927557bc5f1fc17b141060cfeb0987;hb=2c791b34626ff76ab1886a110599998f9de0df80;hpb=5d79939ab780d4717fe36bfd62f398b922f84829 diff --git a/n2vc/k8s_juju_conn.py b/n2vc/k8s_juju_conn.py index 313e878..808201d 100644 --- a/n2vc/k8s_juju_conn.py +++ b/n2vc/k8s_juju_conn.py @@ -124,79 +124,66 @@ class K8sJujuConnector(K8sConnector): # reuse_cluster_uuid, e.g. to try to fix it. # ################################################### - if not reuse_cluster_uuid: - # This is a new cluster, so bootstrap it + # This is a new cluster, so bootstrap it - cluster_uuid = str(uuid.uuid4()) + cluster_uuid = reuse_cluster_uuid or str(uuid.uuid4()) - # Is a local k8s cluster? - localk8s = self.is_local_k8s(k8s_creds) + # Is a local k8s cluster? + localk8s = self.is_local_k8s(k8s_creds) - # If the k8s is external, the juju controller needs a loadbalancer - loadbalancer = False if localk8s else True + # If the k8s is external, the juju controller needs a loadbalancer + loadbalancer = False if localk8s else True - # Name the new k8s cloud - k8s_cloud = "k8s-{}".format(cluster_uuid) + # Name the new k8s cloud + k8s_cloud = "k8s-{}".format(cluster_uuid) - self.log.debug("Adding k8s cloud {}".format(k8s_cloud)) - await self.add_k8s(k8s_cloud, k8s_creds) + self.log.debug("Adding k8s cloud {}".format(k8s_cloud)) + await self.add_k8s(k8s_cloud, k8s_creds) - # Bootstrap Juju controller - self.log.debug("Bootstrapping...") - await self.bootstrap(k8s_cloud, cluster_uuid, loadbalancer) - self.log.debug("Bootstrap done.") + # Bootstrap Juju controller + self.log.debug("Bootstrapping...") + await self.bootstrap(k8s_cloud, cluster_uuid, loadbalancer) + self.log.debug("Bootstrap done.") - # Get the controller information + # Get the controller information - # Parse ~/.local/share/juju/controllers.yaml - # controllers.testing.api-endpoints|ca-cert|uuid - self.log.debug("Getting controller endpoints") - with open(os.path.expanduser("~/.local/share/juju/controllers.yaml")) as f: - controllers = yaml.load(f, Loader=yaml.Loader) - controller = controllers["controllers"][cluster_uuid] - endpoints = controller["api-endpoints"] - self.juju_endpoint = endpoints[0] - self.juju_ca_cert = controller["ca-cert"] + # Parse ~/.local/share/juju/controllers.yaml + # controllers.testing.api-endpoints|ca-cert|uuid + self.log.debug("Getting controller endpoints") + with open(os.path.expanduser("~/.local/share/juju/controllers.yaml")) as f: + controllers = yaml.load(f, Loader=yaml.Loader) + controller = controllers["controllers"][cluster_uuid] + endpoints = controller["api-endpoints"] + self.juju_endpoint = endpoints[0] + self.juju_ca_cert = controller["ca-cert"] - # Parse ~/.local/share/juju/accounts - # controllers.testing.user|password - self.log.debug("Getting accounts") - with open(os.path.expanduser("~/.local/share/juju/accounts.yaml")) as f: - controllers = yaml.load(f, Loader=yaml.Loader) - controller = controllers["controllers"][cluster_uuid] + # Parse ~/.local/share/juju/accounts + # controllers.testing.user|password + self.log.debug("Getting accounts") + with open(os.path.expanduser("~/.local/share/juju/accounts.yaml")) as f: + controllers = yaml.load(f, Loader=yaml.Loader) + controller = controllers["controllers"][cluster_uuid] - self.juju_user = controller["user"] - self.juju_secret = controller["password"] + self.juju_user = controller["user"] + self.juju_secret = controller["password"] - # raise Exception("EOL") + # raise Exception("EOL") - self.juju_public_key = None - - config = { - "endpoint": self.juju_endpoint, - "username": self.juju_user, - "secret": self.juju_secret, - "cacert": self.juju_ca_cert, - "namespace": namespace, - "loadbalancer": loadbalancer, - } - - # Store the cluster configuration so it - # can be used for subsequent calls - self.log.debug("Setting config") - await self.set_config(cluster_uuid, config) - - else: - # This is an existing cluster, so get its config - cluster_uuid = reuse_cluster_uuid + self.juju_public_key = None - config = self.get_config(cluster_uuid) + config = { + "endpoint": self.juju_endpoint, + "username": self.juju_user, + "secret": self.juju_secret, + "cacert": self.juju_ca_cert, + "namespace": namespace, + "loadbalancer": loadbalancer, + } - self.juju_endpoint = config["endpoint"] - self.juju_user = config["username"] - self.juju_secret = config["secret"] - self.juju_ca_cert = config["cacert"] - self.juju_public_key = None + # Store the cluster configuration so it + # can be used for subsequent calls + self.log.debug("Setting config") + await self.set_config(cluster_uuid, config) # Login to the k8s cluster if not self.authenticated: @@ -696,7 +683,16 @@ class K8sJujuConnector(K8sConnector): ) -> list: """Return a list of services of a kdu_instance""" - config_file = self.get_config_file(cluster_uuid=cluster_uuid) + credentials = self.get_credentials(cluster_uuid=cluster_uuid) + + config_path = "/tmp/{}".format(cluster_uuid) + config_file = "{}/config".format(config_path) + + if not os.path.exists(config_path): + os.makedirs(config_path) + with open(config_file, "w") as f: + f.write(credentials) + kubectl = Kubectl(config_file=config_file) return kubectl.get_services( field_selector="metadata.namespace={}".format(kdu_instance) @@ -707,7 +703,16 @@ class K8sJujuConnector(K8sConnector): ) -> object: """Return data for a specific service inside a namespace""" - config_file = self.get_config_file(cluster_uuid=cluster_uuid) + credentials = self.get_credentials(cluster_uuid=cluster_uuid) + + config_path = "/tmp/{}".format(cluster_uuid) + config_file = "{}/config".format(config_path) + + if not os.path.exists(config_path): + os.makedirs(config_path) + with open(config_file, "w") as f: + f.write(credentials) + kubectl = Kubectl(config_file=config_file) return kubectl.get_services( @@ -771,6 +776,7 @@ class K8sJujuConnector(K8sConnector): self.log.debug( "Adding model '{}' to cluster_uuid '{}'".format(model_name, cluster_uuid) ) + model = None try: if self.juju_public_key is not None: model = await self.controller.add_model( @@ -863,11 +869,23 @@ class K8sJujuConnector(K8sConnector): if "already exists" not in stderr: raise Exception(stderr) - def get_config_file(self, cluster_uuid: str) -> str: + def get_credentials(self, cluster_uuid: str) -> str: """ - Get Cluster Kubeconfig location + Get Cluster Kubeconfig """ - return "{}/{}/.kube/config".format(self.fs.path, cluster_uuid) + k8scluster = self.db.get_one( + "k8sclusters", q_filter={"_id": cluster_uuid}, fail_on_empty=False + ) + + self.db.encrypt_decrypt_fields( + k8scluster.get("credentials"), + "decrypt", + ["password", "secret"], + schema_version=k8scluster["schema_version"], + salt=k8scluster["_id"], + ) + + return yaml.safe_dump(k8scluster.get("credentials")) def get_config(self, cluster_uuid: str,) -> dict: """Get the cluster configuration @@ -946,14 +964,13 @@ class K8sJujuConnector(K8sConnector): :param credentials dict: A dictionary containing the k8s credentials :returns: A boolean if the cluster is running locally """ + creds = yaml.safe_load(credentials) - if os.getenv("OSMLCM_VCA_APIPROXY"): - host_ip = os.getenv("OSMLCM_VCA_APIPROXY") - if creds and host_ip: + if creds and os.getenv("OSMLCM_VCA_APIPROXY"): for cluster in creds["clusters"]: if "server" in cluster["cluster"]: - if host_ip in cluster["cluster"]["server"]: + if os.getenv("OSMLCM_VCA_APIPROXY") in cluster["cluster"]["server"]: return True return False