def run(ctx, config, skip_check):
"""Run CSE service."""
try:
check_python_version(ConsoleMessagePrinter())
except Exception as err:
click.secho(str(err), fg='red')
sys.exit(1)
try:
service = Service(config, should_check_config=not skip_check)
service.run(msg_update_callback=ConsoleMessagePrinter())
except (NotAcceptableException, VcdException, ValueError, KeyError,
TypeError) as err:
click.secho(str(err), fg='red')
except AmqpConnectionError as err:
click.secho(str(err), fg='red')
click.secho("check config file amqp section.", fg='red')
except requests.exceptions.ConnectionError as err:
click.secho(f"Cannot connect to {err.request.url}.", fg='red')
except vim.fault.InvalidLogin:
click.secho("vCenter login failed (check config file vCenter "
"username/password).", fg='red')
except Exception as err:
click.secho(str(err), fg='red')
click.secho("CSE Server failure. Please check the logs.", fg='red')
def run(ctx, config, skip_check):
"""Run CSE service."""
try:
service = Service(config, should_check_config=not skip_check)
service.run()
except (KeyError, TypeError):
click.secho(
f"Config file '{config}' is invalid. Please "
f"check the logs.",
fg='red')
except (NotAcceptableException, ValueError) as err:
click.secho(str(err), fg='red')
except AmqpConnectionError as err:
click.secho(str(err), fg='red')
click.secho("check config file amqp section.", fg='red')
except requests.exceptions.ConnectionError:
click.secho("Cannot connect to vCD host (check config file vCD host).",
fg='red')
except VcdException:
click.secho(
"vCD login failed (check config file vCD "
"username/password).",
fg='red')
except vim.fault.InvalidLogin:
click.secho(
"vCenter login failed (check config file vCenter "
"username/password).",
fg='red')
except Exception as err:
click.secho(str(err), fg='red')
click.secho("CSE Server failure. Please check the logs.", fg='red')
def version(ctx):
"""Display version of CSE plug-in."""
ver_obj = Service.version()
ver_str = '%s, %s, version %s' % (ver_obj['product'],
ver_obj['description'],
ver_obj['version'])
stdout(ver_obj, ctx, ver_str)
def version(ctx):
"""Show CSE version."""
ver_obj = Service.version()
ver_str = '%s, %s, version %s' % (ver_obj['product'],
ver_obj['description'],
ver_obj['version'])
stdout(ver_obj, ctx, ver_str)
def process_request(body):
from container_service_extension.service import Service
LOGGER.debug(f"Incoming request body: {json.dumps(body)}")
url_data = _get_url_data(body['method'], body['requestUri'])
operation = url_data[_OPERATION_KEY]
# check if server is disabled
if operation not in (CseOperation.SYSTEM_INFO, CseOperation.SYSTEM_UPDATE)\
and not Service().is_running():
raise e.BadRequestError(error_message='CSE service is disabled. '
'Contact the System Administrator.')
# create request data dict from request body data
request_data = {}
if len(body['body']) > 0:
raw_body = base64.b64decode(body['body']).decode(
sys.getfilesystemencoding()) # noqa: E501
request_data = json.loads(raw_body)
LOGGER.debug(f"request body: {request_data}")
# update request data dict with query params data
if body['queryString']:
query_params = dict(parse_qsl(body['queryString']))
request_data.update(query_params)
LOGGER.debug(f"query parameters: {query_params}")
# update request spec with operation specific data in the url
request_data.update(url_data)
# remove None values from request payload
data = {k: v for k, v in request_data.items() if v is not None}
# extract out the authorization token
tenant_auth_token = body['headers'].get('x-vcloud-authorization')
is_jwt_token = False
auth_header = body['headers'].get('Authorization')
if auth_header:
tokens = auth_header.split(" ")
if len(tokens) == 2 and tokens[0].lower() == 'bearer':
tenant_auth_token = tokens[1]
is_jwt_token = True
# process the request
context = ctx.RequestContext(tenant_auth_token,
is_jwt=is_jwt_token,
request_id=body['id'])
try:
body_content = OPERATION_TO_HANDLER[operation](data, context)
finally:
if not context.is_async:
context.end()
if not isinstance(body_content, (list, dict)):
body_content = {RESPONSE_MESSAGE_KEY: str(body_content)}
response = {
'status_code': operation.ideal_response_code,
'body': body_content,
}
LOGGER.debug(f"Outgoing response: {str(response)}")
return response
def version(ctx):
"""Display version of CSE plug-in."""
CLIENT_LOGGER.debug(f'Executing command: {ctx.command_path}')
ver_obj = Service.version()
ver_str = '%s, %s, version %s' % (ver_obj['product'],
ver_obj['description'],
ver_obj['version'])
stdout(ver_obj, ctx, ver_str)
CLIENT_LOGGER.debug(ver_str)
def run(ctx, config, pks_config, skip_check, skip_config_decryption):
"""Run CSE service."""
if skip_config_decryption:
password = None
else:
password = os.getenv('CSE_CONFIG_PASSWORD') or prompt_text(
PASSWORD_FOR_CONFIG_DECRYPTION_MSG, color='green', hide_input=True)
try:
check_python_version(ConsoleMessagePrinter())
except Exception as err:
click.secho(str(err), fg='red')
sys.exit(1)
try:
service = Service(config,
pks_config_file=pks_config,
should_check_config=not skip_check,
skip_config_decryption=skip_config_decryption,
decryption_password=password)
service.run(msg_update_callback=ConsoleMessagePrinter())
except (NotAcceptableException, VcdException, ValueError, KeyError,
TypeError) as err:
click.secho(str(err), fg='red')
except AmqpConnectionError as err:
click.secho(str(err), fg='red')
click.secho("check config file amqp section.", fg='red')
except requests.exceptions.ConnectionError as err:
click.secho(f"Cannot connect to {err.request.url}.", fg='red')
except vim.fault.InvalidLogin:
click.secho(
"vCenter login failed (check config file vCenter "
"username/password).",
fg='red')
except cryptography.fernet.InvalidToken:
click.secho(CONFIG_DECRYPTION_ERROR_MSG, fg='red')
except Exception as err:
click.secho(str(err), fg='red')
click.secho("CSE Server failure. Please check the logs.", fg='red')
def process_request(body):
from container_service_extension.service import Service
LOGGER.debug(f"body: {json.dumps(body)}")
url = body['requestUri']
# url_data = _parse_request_url(method=body['method'], url=body['requestUri']) # noqa: E501
url_data = _get_url_data(body['method'], url)
operation = url_data[_OPERATION_KEY]
# check if server is disabled
if operation not in (CseOperation.SYSTEM_INFO, CseOperation.SYSTEM_UPDATE)\
and not Service().is_running():
raise BadRequestError(error_message='CSE service is disabled. Contact'
' the System Administrator.')
# create request data dict from request body data
request_data = {}
if len(body['body']) > 0:
raw_body = base64.b64decode(body['body']).decode(sys.getfilesystemencoding()) # noqa: E501
request_data = json.loads(raw_body)
LOGGER.debug(f"request body: {request_data}")
# update request data dict with query params data
if body['queryString']:
query_params = dict(parse_qsl(body['queryString']))
request_data.update(query_params)
LOGGER.debug(f"query parameters: {query_params}")
# update request spec with operation specific data in the url
request_data.update(url_data)
# remove None values from request payload
data = {k: v for k, v in request_data.items() if v is not None}
# process the request
tenant_auth_token = body['headers']['x-vcloud-authorization']
body_content = \
OPERATION_TO_HANDLER[operation](data, tenant_auth_token)
if not (isinstance(body_content, (list, dict))):
body_content = {RESPONSE_MESSAGE_KEY: str(body_content)}
reply = {
'status_code': operation.ideal_response_code,
'body': body_content
}
LOGGER.debug(f"reply: {str(reply)}")
return reply
def is_pks_enabled():
from container_service_extension.service import Service
return Service().is_pks_enabled()
def get_pks_cache():
from container_service_extension.service import Service
return Service().get_pks_cache()
def get_server_runtime_config():
from container_service_extension.service import Service
return Service().get_service_config()
def process_request(message):
from container_service_extension.service import Service
LOGGER.debug(f"Incoming request message: {json.dumps(message)}")
api_version_header = _parse_accept_header(
accept_header=message['headers'].get('Accept'))
api_version = _get_api_version_from_accept_header(
api_version_header=api_version_header)
url_data = _get_url_data(method=message['method'],
url=message['requestUri'],
api_version=api_version) # noqa: E501
operation = url_data[_OPERATION_KEY]
# Check api version and if server is disabled or not
# /system operations are excluded from these checks
if operation not in (CseOperation.SYSTEM_INFO, CseOperation.SYSTEM_UPDATE):
if not Service().is_running():
raise cse_exception.BadRequestError(
error_message='CSE service is disabled. '
'Contact the System Administrator.')
else:
server_api_version = utils.get_server_api_version()
if api_version != server_api_version:
raise cse_exception.NotAcceptableRequestError(
error_message="Invalid api version specified. Expected "
f"api version '{server_api_version}'.")
# create request data dict from incoming message data
request_data = {}
is_cse_3_0_request = _is_cse_3_0_endpoint(message['requestUri'])
if len(message['body']) > 0:
raw_body = base64.b64decode(message['body']).decode(
sys.getfilesystemencoding()) # noqa: E501
request_body = json.loads(raw_body)
if is_cse_3_0_request:
request_data[shared_constants.RequestKey.V35_SPEC] = request_body
else:
request_data.update(request_body)
LOGGER.debug(f"request body: {request_data}")
# update request data dict with query params data
if message['queryString']:
query_params = dict(parse_qsl(message['queryString']))
if is_cse_3_0_request:
request_data[shared_constants.RequestKey.V35_QUERY] = query_params
else:
request_data.update(query_params)
LOGGER.debug(f"query parameters: {query_params}")
# update request spec with operation specific data in the url
request_data.update(url_data)
# remove None values from request payload
data = {k: v for k, v in request_data.items() if v is not None}
# extract out the authorization token
tenant_auth_token = message['headers'].get('x-vcloud-authorization')
is_jwt_token = False
auth_header = message['headers'].get('Authorization')
if auth_header:
tokens = auth_header.split(" ")
if len(tokens) == 2 and tokens[0].lower() == 'bearer':
tenant_auth_token = tokens[1]
is_jwt_token = True
# create operation context
operation_ctx = ctx.OperationContext(tenant_auth_token,
is_jwt=is_jwt_token,
request_id=message['id'])
try:
body_content = OPERATION_TO_HANDLER[operation](data, operation_ctx)
finally:
if not operation_ctx.is_async:
operation_ctx.end()
if not isinstance(body_content, (list, dict)):
body_content = \
{shared_constants.RESPONSE_MESSAGE_KEY: str(body_content)}
response = {
'status_code': operation.ideal_response_code,
'body': body_content,
}
LOGGER.debug(f"Outgoing response: {str(response)}")
return response
def process_request(self, body):
LOGGER.debug('body: %s' % json.dumps(body))
reply = {}
tokens = body['requestUri'].split('/')
cluster_name = None
node_name = None
spec_request = False
config_request = False
template_request = False
node_request = False
cluster_info_request = False
node_info_request = False
system_request = False
ovdc_request = False
ovdc_id = None
ovdc_info_request = False
if len(tokens) > 3:
if tokens[3] in ['swagger', 'swagger.json', 'swagger.yaml']:
spec_request = True
elif tokens[3] == 'template':
template_request = True
elif tokens[3] == 'system':
system_request = True
elif tokens[3] == 'ovdc':
ovdc_request = True
elif tokens[3] != '':
cluster_name = tokens[3]
if len(tokens) > 4:
if cluster_name is not None:
if tokens[4] == 'config':
config_request = True
elif tokens[4] == 'info':
cluster_info_request = True
elif tokens[4] == 'node':
node_request = True
elif tokens[4] != '':
node_name = tokens[4]
elif ovdc_request:
ovdc_id = tokens[4]
if len(tokens) > 5:
if node_name is not None:
if tokens[5] == 'info':
node_info_request = True
elif ovdc_request:
if tokens[5] == 'info':
ovdc_info_request = True
if len(body['body']) > 0:
try:
request_body = json.loads(
base64.b64decode(body['body']).decode(
sys.getfilesystemencoding()))
except Exception:
LOGGER.error(traceback.format_exc())
request_body = None
else:
request_body = None
LOGGER.debug('request body: %s' % json.dumps(request_body))
from container_service_extension.service import Service
service = Service()
if not system_request and not service.is_enabled:
raise CseServerError('CSE service is disabled. '
'Contact the System Administrator.')
if body['method'] == 'GET':
if ovdc_info_request:
on_the_fly_request_body = {'ovdc_id': ovdc_id}
broker = get_new_broker(body['headers'],
on_the_fly_request_body)
reply = broker.ovdc_info_for_kubernetes()
elif spec_request:
reply = self.get_spec(tokens[3])
elif config_request:
broker = get_new_broker(body['headers'], request_body)
reply = broker.get_cluster_config(cluster_name)
elif template_request:
result = {}
templates = []
server_config = get_server_runtime_config()
default_template_name = \
server_config['broker']['default_template']
for t in server_config['broker']['templates']:
is_default = t['name'] == default_template_name
templates.append({
'name':
t['name'],
'is_default':
is_default,
'catalog':
server_config['broker']['catalog'],
'catalog_item':
t['catalog_item'],
'description':
t['description']
})
result['body'] = templates
result['status_code'] = 200
reply = result
elif cluster_info_request:
broker = get_new_broker(body['headers'], request_body)
reply = broker.get_cluster_info(cluster_name)
elif node_info_request:
broker = get_new_broker(body['headers'], request_body)
reply = broker.get_node_info(cluster_name, node_name)
elif system_request:
result = {}
result['body'] = service.info(body['headers'])
result['status_code'] = OK
reply = result
elif cluster_name is None:
broker = get_new_broker(body['headers'], request_body)
reply = broker.list_clusters()
elif body['method'] == 'POST':
if cluster_name is None:
broker = get_new_broker(body['headers'], request_body)
reply = broker.create_cluster()
else:
if node_request:
broker = get_new_broker(body['headers'], request_body)
reply = broker.create_nodes()
elif body['method'] == 'PUT':
if ovdc_info_request:
broker = get_new_broker(body['headers'], request_body)
reply = broker.enable_ovdc_for_kubernetes()
elif system_request:
reply = service.update_status(body['headers'], request_body)
elif body['method'] == 'DELETE':
if node_request:
broker = get_new_broker(body['headers'], request_body)
reply = broker.delete_nodes()
else:
on_the_fly_request_body = {'name': cluster_name}
broker = get_new_broker(body['headers'],
on_the_fly_request_body)
reply = broker.delete_cluster()
LOGGER.debug('reply: %s' % str(reply))
return reply
def run(ctx, config, skip_check):
"""Run CSE service."""
service = Service(config, should_check_config=not skip_check)
service.run()
def get_vcd_sys_admin_client():
from container_service_extension.service import Service
return Service().get_sys_admin_client()
def process_request(self, body):
LOGGER.debug(f"body: {json.dumps(body)}")
reply = {}
# parse url
url_data = self._parse_request_url(method=body['method'],
url=body['requestUri'])
# check if server is disabled
# TODO request id mapping in Service
tenant_auth_token = body['headers']['x-vcloud-authorization']
operation = url_data['operation']
if operation not in (CseOperation.SYSTEM_INFO,
CseOperation.SYSTEM_UPDATE):
from container_service_extension.service import Service
if not Service().is_running():
raise CseRequestError(
status_code=requests.codes.bad_request,
error_message='CSE service is disabled. Contact the'
' System Administrator.')
# create request data dict from request body data
request_data = {}
if len(body['body']) > 0:
raw_body = base64.b64decode(body['body']).decode(
sys.getfilesystemencoding()) # noqa: E501
request_data = json.loads(raw_body)
LOGGER.debug(f"request body: {request_data}")
# update request data dict with query params data
if body['queryString']:
query_params = dict(parse_qsl(body['queryString']))
request_data.update(query_params)
LOGGER.debug(f"query parameters: {query_params}")
# update request spec with operation specific data in the url
if operation in (CseOperation.CLUSTER_CONFIG,
CseOperation.CLUSTER_DELETE,
CseOperation.CLUSTER_INFO,
CseOperation.CLUSTER_RESIZE):
request_data.update(
{RequestKey.CLUSTER_NAME: url_data[RequestKey.CLUSTER_NAME]})
elif operation == CseOperation.NODE_INFO:
request_data.update(
{RequestKey.NODE_NAME: url_data[RequestKey.NODE_NAME]})
elif operation in (CseOperation.OVDC_UPDATE, CseOperation.OVDC_INFO):
request_data.update(
{RequestKey.OVDC_ID: url_data[RequestKey.OVDC_ID]})
# process the request
reply['status_code'] = operation.ideal_response_code
if operation == CseOperation.SYSTEM_INFO:
from container_service_extension.service import Service
reply['body'] = Service().info(tenant_auth_token)
elif operation == CseOperation.SYSTEM_UPDATE:
from container_service_extension.service import Service
reply['body'] = {
'message': Service().update_status(tenant_auth_token,
request_data)
}
elif operation == CseOperation.TEMPLATE_LIST:
templates = []
server_config = utils.get_server_runtime_config()
default_template_name = \
server_config['broker']['default_template_name']
for t in server_config['broker']['templates']:
is_default = t['name'] == default_template_name
templates.append({
'name': t['name'],
'is_default': is_default,
'catalog': server_config['broker']['catalog'],
'catalog_item': t['catalog_item_name'],
'description': t['description']
})
reply['body'] = templates
elif operation in (CseOperation.OVDC_UPDATE, CseOperation.OVDC_INFO,
CseOperation.OVDC_LIST):
ovdc_request_handler = \
OvdcRequestHandler(tenant_auth_token, request_data)
reply['body'] = ovdc_request_handler.invoke(op=operation)
else:
broker_manager = BrokerManager(tenant_auth_token, request_data)
reply['body'] = broker_manager.invoke(op=operation)
LOGGER.debug(f"reply: {str(reply)}")
return reply
def get_registered_def_entity_type():
"""Fetch the native cluster entity type loaded during server startup."""
from container_service_extension.service import Service
return Service().get_native_cluster_entity_type()
def process_request(self, body):
LOGGER.debug(f"body: {json.dumps(body)}")
reply = {}
tokens = body['requestUri'].split('/')
cluster_name = None
node_name = None
spec_request = False
config_request = False
template_request = False
node_request = False
cluster_info_request = False
node_info_request = False
system_request = False
ovdc_request = False
ovdc_id = None
ovdc_info_request = False
if len(tokens) > 3:
if tokens[3] in ['swagger', 'swagger.json', 'swagger.yaml']:
spec_request = True
elif tokens[3] == 'template':
template_request = True
elif tokens[3] == 'system':
system_request = True
elif tokens[3] == 'ovdc':
ovdc_request = True
elif tokens[3] != '':
cluster_name = tokens[3]
if len(tokens) > 4:
if cluster_name is not None:
if tokens[4] == 'config':
config_request = True
elif tokens[4] == 'info':
cluster_info_request = True
elif tokens[4] == 'node':
node_request = True
elif tokens[4] != '':
node_name = tokens[4]
elif ovdc_request:
ovdc_id = tokens[4]
if len(tokens) > 5:
if node_name is not None:
if tokens[5] == 'info':
node_info_request = True
elif ovdc_request:
if tokens[5] == 'info':
ovdc_info_request = True
if len(body['body']) > 0:
try:
request_body = json.loads(
base64.b64decode(body['body']).decode(
sys.getfilesystemencoding()))
except Exception:
LOGGER.error(traceback.format_exc())
request_body = {}
else:
request_body = {}
LOGGER.debug(f"request body: {json.dumps(request_body)}")
query_params = {}
if body['queryString']:
query_params = dict(parse_qsl(body['queryString']))
from container_service_extension.service import Service
service = Service()
if not system_request and not service.is_enabled:
raise CseServerError('CSE service is disabled. '
'Contact the System Administrator.')
req_headers = deepcopy(body['headers'])
req_query_params = deepcopy(query_params)
req_spec = deepcopy(request_body)
from container_service_extension.broker_manager import BrokerManager
broker_manager = BrokerManager(req_headers, req_query_params, req_spec)
from container_service_extension.broker_manager import Operation
if body['method'] == 'GET':
if ovdc_info_request:
req_spec.update({'ovdc_id': ovdc_id})
reply = broker_manager.invoke(Operation.INFO_OVDC)
elif ovdc_request:
reply = broker_manager.invoke(op=Operation.LIST_OVDCS)
elif spec_request:
reply = self.get_spec(tokens[3])
elif config_request:
req_spec.update({'cluster_name': cluster_name})
reply = broker_manager.invoke(Operation.GET_CLUSTER_CONFIG)
elif template_request:
result = {}
templates = []
server_config = get_server_runtime_config()
default_template_name = \
server_config['broker']['default_template']
for t in server_config['broker']['templates']:
is_default = t['name'] == default_template_name
templates.append({
'name':
t['name'],
'is_default':
is_default,
'catalog':
server_config['broker']['catalog'],
'catalog_item':
t['catalog_item'],
'description':
t['description']
})
result['body'] = templates
result['status_code'] = 200
reply = result
elif cluster_info_request:
req_spec.update({'cluster_name': cluster_name})
reply = broker_manager.invoke(Operation.GET_CLUSTER)
elif node_info_request:
broker = broker_manager.get_broker_based_on_vdc()
reply = broker.get_node_info(cluster_name, node_name)
elif system_request:
result = {}
result['body'] = service.info(req_headers)
result['status_code'] = OK
reply = result
elif cluster_name is None:
reply = broker_manager.invoke(Operation.LIST_CLUSTERS)
elif body['method'] == 'POST':
if cluster_name is None:
reply = broker_manager.invoke(Operation.CREATE_CLUSTER)
else:
if node_request:
broker = broker_manager.get_broker_based_on_vdc()
reply = broker.create_nodes()
elif body['method'] == 'PUT':
if ovdc_info_request:
reply = broker_manager.invoke(Operation.ENABLE_OVDC)
elif system_request:
reply = service.update_status(req_headers, req_spec)
else:
req_spec.update({'cluster_name': cluster_name})
reply = broker_manager.invoke(Operation.RESIZE_CLUSTER)
elif body['method'] == 'DELETE':
if node_request:
broker = broker_manager.get_broker_based_on_vdc()
reply = broker.delete_nodes()
else:
req_spec.update({'cluster_name': cluster_name})
reply = broker_manager.invoke(Operation.DELETE_CLUSTER)
LOGGER.debug(f"reply: {str(reply)}")
return reply
def get_registered_def_interface():
"""Fetch the native cluster interface loaded during server startup."""
from container_service_extension.service import Service
return Service().get_kubernetes_interface()
