def run(ctx, config, skip_check): """Run CSE service.""" try: check_python_version(ConsoleMessagePrinter()) except Exception as err: click.secho(str(err), fg='red') sys.exit(1) try: service = Service(config, should_check_config=not skip_check) service.run(msg_update_callback=ConsoleMessagePrinter()) except (NotAcceptableException, VcdException, ValueError, KeyError, TypeError) as err: click.secho(str(err), fg='red') except AmqpConnectionError as err: click.secho(str(err), fg='red') click.secho("check config file amqp section.", fg='red') except requests.exceptions.ConnectionError as err: click.secho(f"Cannot connect to {err.request.url}.", fg='red') except vim.fault.InvalidLogin: click.secho("vCenter login failed (check config file vCenter " "username/password).", fg='red') except Exception as err: click.secho(str(err), fg='red') click.secho("CSE Server failure. Please check the logs.", fg='red')
def run(ctx, config, skip_check): """Run CSE service.""" try: service = Service(config, should_check_config=not skip_check) service.run() except (KeyError, TypeError): click.secho( f"Config file '{config}' is invalid. Please " f"check the logs.", fg='red') except (NotAcceptableException, ValueError) as err: click.secho(str(err), fg='red') except AmqpConnectionError as err: click.secho(str(err), fg='red') click.secho("check config file amqp section.", fg='red') except requests.exceptions.ConnectionError: click.secho("Cannot connect to vCD host (check config file vCD host).", fg='red') except VcdException: click.secho( "vCD login failed (check config file vCD " "username/password).", fg='red') except vim.fault.InvalidLogin: click.secho( "vCenter login failed (check config file vCenter " "username/password).", fg='red') except Exception as err: click.secho(str(err), fg='red') click.secho("CSE Server failure. Please check the logs.", fg='red')
def version(ctx): """Display version of CSE plug-in.""" ver_obj = Service.version() ver_str = '%s, %s, version %s' % (ver_obj['product'], ver_obj['description'], ver_obj['version']) stdout(ver_obj, ctx, ver_str)
def version(ctx): """Show CSE version.""" ver_obj = Service.version() ver_str = '%s, %s, version %s' % (ver_obj['product'], ver_obj['description'], ver_obj['version']) stdout(ver_obj, ctx, ver_str)
def process_request(body): from container_service_extension.service import Service LOGGER.debug(f"Incoming request body: {json.dumps(body)}") url_data = _get_url_data(body['method'], body['requestUri']) operation = url_data[_OPERATION_KEY] # check if server is disabled if operation not in (CseOperation.SYSTEM_INFO, CseOperation.SYSTEM_UPDATE)\ and not Service().is_running(): raise e.BadRequestError(error_message='CSE service is disabled. ' 'Contact the System Administrator.') # create request data dict from request body data request_data = {} if len(body['body']) > 0: raw_body = base64.b64decode(body['body']).decode( sys.getfilesystemencoding()) # noqa: E501 request_data = json.loads(raw_body) LOGGER.debug(f"request body: {request_data}") # update request data dict with query params data if body['queryString']: query_params = dict(parse_qsl(body['queryString'])) request_data.update(query_params) LOGGER.debug(f"query parameters: {query_params}") # update request spec with operation specific data in the url request_data.update(url_data) # remove None values from request payload data = {k: v for k, v in request_data.items() if v is not None} # extract out the authorization token tenant_auth_token = body['headers'].get('x-vcloud-authorization') is_jwt_token = False auth_header = body['headers'].get('Authorization') if auth_header: tokens = auth_header.split(" ") if len(tokens) == 2 and tokens[0].lower() == 'bearer': tenant_auth_token = tokens[1] is_jwt_token = True # process the request context = ctx.RequestContext(tenant_auth_token, is_jwt=is_jwt_token, request_id=body['id']) try: body_content = OPERATION_TO_HANDLER[operation](data, context) finally: if not context.is_async: context.end() if not isinstance(body_content, (list, dict)): body_content = {RESPONSE_MESSAGE_KEY: str(body_content)} response = { 'status_code': operation.ideal_response_code, 'body': body_content, } LOGGER.debug(f"Outgoing response: {str(response)}") return response
def version(ctx): """Display version of CSE plug-in.""" CLIENT_LOGGER.debug(f'Executing command: {ctx.command_path}') ver_obj = Service.version() ver_str = '%s, %s, version %s' % (ver_obj['product'], ver_obj['description'], ver_obj['version']) stdout(ver_obj, ctx, ver_str) CLIENT_LOGGER.debug(ver_str)
def run(ctx, config, pks_config, skip_check, skip_config_decryption): """Run CSE service.""" if skip_config_decryption: password = None else: password = os.getenv('CSE_CONFIG_PASSWORD') or prompt_text( PASSWORD_FOR_CONFIG_DECRYPTION_MSG, color='green', hide_input=True) try: check_python_version(ConsoleMessagePrinter()) except Exception as err: click.secho(str(err), fg='red') sys.exit(1) try: service = Service(config, pks_config_file=pks_config, should_check_config=not skip_check, skip_config_decryption=skip_config_decryption, decryption_password=password) service.run(msg_update_callback=ConsoleMessagePrinter()) except (NotAcceptableException, VcdException, ValueError, KeyError, TypeError) as err: click.secho(str(err), fg='red') except AmqpConnectionError as err: click.secho(str(err), fg='red') click.secho("check config file amqp section.", fg='red') except requests.exceptions.ConnectionError as err: click.secho(f"Cannot connect to {err.request.url}.", fg='red') except vim.fault.InvalidLogin: click.secho( "vCenter login failed (check config file vCenter " "username/password).", fg='red') except cryptography.fernet.InvalidToken: click.secho(CONFIG_DECRYPTION_ERROR_MSG, fg='red') except Exception as err: click.secho(str(err), fg='red') click.secho("CSE Server failure. Please check the logs.", fg='red')
def process_request(body): from container_service_extension.service import Service LOGGER.debug(f"body: {json.dumps(body)}") url = body['requestUri'] # url_data = _parse_request_url(method=body['method'], url=body['requestUri']) # noqa: E501 url_data = _get_url_data(body['method'], url) operation = url_data[_OPERATION_KEY] # check if server is disabled if operation not in (CseOperation.SYSTEM_INFO, CseOperation.SYSTEM_UPDATE)\ and not Service().is_running(): raise BadRequestError(error_message='CSE service is disabled. Contact' ' the System Administrator.') # create request data dict from request body data request_data = {} if len(body['body']) > 0: raw_body = base64.b64decode(body['body']).decode(sys.getfilesystemencoding()) # noqa: E501 request_data = json.loads(raw_body) LOGGER.debug(f"request body: {request_data}") # update request data dict with query params data if body['queryString']: query_params = dict(parse_qsl(body['queryString'])) request_data.update(query_params) LOGGER.debug(f"query parameters: {query_params}") # update request spec with operation specific data in the url request_data.update(url_data) # remove None values from request payload data = {k: v for k, v in request_data.items() if v is not None} # process the request tenant_auth_token = body['headers']['x-vcloud-authorization'] body_content = \ OPERATION_TO_HANDLER[operation](data, tenant_auth_token) if not (isinstance(body_content, (list, dict))): body_content = {RESPONSE_MESSAGE_KEY: str(body_content)} reply = { 'status_code': operation.ideal_response_code, 'body': body_content } LOGGER.debug(f"reply: {str(reply)}") return reply
def is_pks_enabled(): from container_service_extension.service import Service return Service().is_pks_enabled()
def get_pks_cache(): from container_service_extension.service import Service return Service().get_pks_cache()
def get_server_runtime_config(): from container_service_extension.service import Service return Service().get_service_config()
def process_request(message): from container_service_extension.service import Service LOGGER.debug(f"Incoming request message: {json.dumps(message)}") api_version_header = _parse_accept_header( accept_header=message['headers'].get('Accept')) api_version = _get_api_version_from_accept_header( api_version_header=api_version_header) url_data = _get_url_data(method=message['method'], url=message['requestUri'], api_version=api_version) # noqa: E501 operation = url_data[_OPERATION_KEY] # Check api version and if server is disabled or not # /system operations are excluded from these checks if operation not in (CseOperation.SYSTEM_INFO, CseOperation.SYSTEM_UPDATE): if not Service().is_running(): raise cse_exception.BadRequestError( error_message='CSE service is disabled. ' 'Contact the System Administrator.') else: server_api_version = utils.get_server_api_version() if api_version != server_api_version: raise cse_exception.NotAcceptableRequestError( error_message="Invalid api version specified. Expected " f"api version '{server_api_version}'.") # create request data dict from incoming message data request_data = {} is_cse_3_0_request = _is_cse_3_0_endpoint(message['requestUri']) if len(message['body']) > 0: raw_body = base64.b64decode(message['body']).decode( sys.getfilesystemencoding()) # noqa: E501 request_body = json.loads(raw_body) if is_cse_3_0_request: request_data[shared_constants.RequestKey.V35_SPEC] = request_body else: request_data.update(request_body) LOGGER.debug(f"request body: {request_data}") # update request data dict with query params data if message['queryString']: query_params = dict(parse_qsl(message['queryString'])) if is_cse_3_0_request: request_data[shared_constants.RequestKey.V35_QUERY] = query_params else: request_data.update(query_params) LOGGER.debug(f"query parameters: {query_params}") # update request spec with operation specific data in the url request_data.update(url_data) # remove None values from request payload data = {k: v for k, v in request_data.items() if v is not None} # extract out the authorization token tenant_auth_token = message['headers'].get('x-vcloud-authorization') is_jwt_token = False auth_header = message['headers'].get('Authorization') if auth_header: tokens = auth_header.split(" ") if len(tokens) == 2 and tokens[0].lower() == 'bearer': tenant_auth_token = tokens[1] is_jwt_token = True # create operation context operation_ctx = ctx.OperationContext(tenant_auth_token, is_jwt=is_jwt_token, request_id=message['id']) try: body_content = OPERATION_TO_HANDLER[operation](data, operation_ctx) finally: if not operation_ctx.is_async: operation_ctx.end() if not isinstance(body_content, (list, dict)): body_content = \ {shared_constants.RESPONSE_MESSAGE_KEY: str(body_content)} response = { 'status_code': operation.ideal_response_code, 'body': body_content, } LOGGER.debug(f"Outgoing response: {str(response)}") return response
def process_request(self, body): LOGGER.debug('body: %s' % json.dumps(body)) reply = {} tokens = body['requestUri'].split('/') cluster_name = None node_name = None spec_request = False config_request = False template_request = False node_request = False cluster_info_request = False node_info_request = False system_request = False ovdc_request = False ovdc_id = None ovdc_info_request = False if len(tokens) > 3: if tokens[3] in ['swagger', 'swagger.json', 'swagger.yaml']: spec_request = True elif tokens[3] == 'template': template_request = True elif tokens[3] == 'system': system_request = True elif tokens[3] == 'ovdc': ovdc_request = True elif tokens[3] != '': cluster_name = tokens[3] if len(tokens) > 4: if cluster_name is not None: if tokens[4] == 'config': config_request = True elif tokens[4] == 'info': cluster_info_request = True elif tokens[4] == 'node': node_request = True elif tokens[4] != '': node_name = tokens[4] elif ovdc_request: ovdc_id = tokens[4] if len(tokens) > 5: if node_name is not None: if tokens[5] == 'info': node_info_request = True elif ovdc_request: if tokens[5] == 'info': ovdc_info_request = True if len(body['body']) > 0: try: request_body = json.loads( base64.b64decode(body['body']).decode( sys.getfilesystemencoding())) except Exception: LOGGER.error(traceback.format_exc()) request_body = None else: request_body = None LOGGER.debug('request body: %s' % json.dumps(request_body)) from container_service_extension.service import Service service = Service() if not system_request and not service.is_enabled: raise CseServerError('CSE service is disabled. ' 'Contact the System Administrator.') if body['method'] == 'GET': if ovdc_info_request: on_the_fly_request_body = {'ovdc_id': ovdc_id} broker = get_new_broker(body['headers'], on_the_fly_request_body) reply = broker.ovdc_info_for_kubernetes() elif spec_request: reply = self.get_spec(tokens[3]) elif config_request: broker = get_new_broker(body['headers'], request_body) reply = broker.get_cluster_config(cluster_name) elif template_request: result = {} templates = [] server_config = get_server_runtime_config() default_template_name = \ server_config['broker']['default_template'] for t in server_config['broker']['templates']: is_default = t['name'] == default_template_name templates.append({ 'name': t['name'], 'is_default': is_default, 'catalog': server_config['broker']['catalog'], 'catalog_item': t['catalog_item'], 'description': t['description'] }) result['body'] = templates result['status_code'] = 200 reply = result elif cluster_info_request: broker = get_new_broker(body['headers'], request_body) reply = broker.get_cluster_info(cluster_name) elif node_info_request: broker = get_new_broker(body['headers'], request_body) reply = broker.get_node_info(cluster_name, node_name) elif system_request: result = {} result['body'] = service.info(body['headers']) result['status_code'] = OK reply = result elif cluster_name is None: broker = get_new_broker(body['headers'], request_body) reply = broker.list_clusters() elif body['method'] == 'POST': if cluster_name is None: broker = get_new_broker(body['headers'], request_body) reply = broker.create_cluster() else: if node_request: broker = get_new_broker(body['headers'], request_body) reply = broker.create_nodes() elif body['method'] == 'PUT': if ovdc_info_request: broker = get_new_broker(body['headers'], request_body) reply = broker.enable_ovdc_for_kubernetes() elif system_request: reply = service.update_status(body['headers'], request_body) elif body['method'] == 'DELETE': if node_request: broker = get_new_broker(body['headers'], request_body) reply = broker.delete_nodes() else: on_the_fly_request_body = {'name': cluster_name} broker = get_new_broker(body['headers'], on_the_fly_request_body) reply = broker.delete_cluster() LOGGER.debug('reply: %s' % str(reply)) return reply
def run(ctx, config, skip_check): """Run CSE service.""" service = Service(config, should_check_config=not skip_check) service.run()
def get_vcd_sys_admin_client(): from container_service_extension.service import Service return Service().get_sys_admin_client()
def process_request(self, body): LOGGER.debug(f"body: {json.dumps(body)}") reply = {} # parse url url_data = self._parse_request_url(method=body['method'], url=body['requestUri']) # check if server is disabled # TODO request id mapping in Service tenant_auth_token = body['headers']['x-vcloud-authorization'] operation = url_data['operation'] if operation not in (CseOperation.SYSTEM_INFO, CseOperation.SYSTEM_UPDATE): from container_service_extension.service import Service if not Service().is_running(): raise CseRequestError( status_code=requests.codes.bad_request, error_message='CSE service is disabled. Contact the' ' System Administrator.') # create request data dict from request body data request_data = {} if len(body['body']) > 0: raw_body = base64.b64decode(body['body']).decode( sys.getfilesystemencoding()) # noqa: E501 request_data = json.loads(raw_body) LOGGER.debug(f"request body: {request_data}") # update request data dict with query params data if body['queryString']: query_params = dict(parse_qsl(body['queryString'])) request_data.update(query_params) LOGGER.debug(f"query parameters: {query_params}") # update request spec with operation specific data in the url if operation in (CseOperation.CLUSTER_CONFIG, CseOperation.CLUSTER_DELETE, CseOperation.CLUSTER_INFO, CseOperation.CLUSTER_RESIZE): request_data.update( {RequestKey.CLUSTER_NAME: url_data[RequestKey.CLUSTER_NAME]}) elif operation == CseOperation.NODE_INFO: request_data.update( {RequestKey.NODE_NAME: url_data[RequestKey.NODE_NAME]}) elif operation in (CseOperation.OVDC_UPDATE, CseOperation.OVDC_INFO): request_data.update( {RequestKey.OVDC_ID: url_data[RequestKey.OVDC_ID]}) # process the request reply['status_code'] = operation.ideal_response_code if operation == CseOperation.SYSTEM_INFO: from container_service_extension.service import Service reply['body'] = Service().info(tenant_auth_token) elif operation == CseOperation.SYSTEM_UPDATE: from container_service_extension.service import Service reply['body'] = { 'message': Service().update_status(tenant_auth_token, request_data) } elif operation == CseOperation.TEMPLATE_LIST: templates = [] server_config = utils.get_server_runtime_config() default_template_name = \ server_config['broker']['default_template_name'] for t in server_config['broker']['templates']: is_default = t['name'] == default_template_name templates.append({ 'name': t['name'], 'is_default': is_default, 'catalog': server_config['broker']['catalog'], 'catalog_item': t['catalog_item_name'], 'description': t['description'] }) reply['body'] = templates elif operation in (CseOperation.OVDC_UPDATE, CseOperation.OVDC_INFO, CseOperation.OVDC_LIST): ovdc_request_handler = \ OvdcRequestHandler(tenant_auth_token, request_data) reply['body'] = ovdc_request_handler.invoke(op=operation) else: broker_manager = BrokerManager(tenant_auth_token, request_data) reply['body'] = broker_manager.invoke(op=operation) LOGGER.debug(f"reply: {str(reply)}") return reply
def get_registered_def_entity_type(): """Fetch the native cluster entity type loaded during server startup.""" from container_service_extension.service import Service return Service().get_native_cluster_entity_type()
def process_request(self, body): LOGGER.debug(f"body: {json.dumps(body)}") reply = {} tokens = body['requestUri'].split('/') cluster_name = None node_name = None spec_request = False config_request = False template_request = False node_request = False cluster_info_request = False node_info_request = False system_request = False ovdc_request = False ovdc_id = None ovdc_info_request = False if len(tokens) > 3: if tokens[3] in ['swagger', 'swagger.json', 'swagger.yaml']: spec_request = True elif tokens[3] == 'template': template_request = True elif tokens[3] == 'system': system_request = True elif tokens[3] == 'ovdc': ovdc_request = True elif tokens[3] != '': cluster_name = tokens[3] if len(tokens) > 4: if cluster_name is not None: if tokens[4] == 'config': config_request = True elif tokens[4] == 'info': cluster_info_request = True elif tokens[4] == 'node': node_request = True elif tokens[4] != '': node_name = tokens[4] elif ovdc_request: ovdc_id = tokens[4] if len(tokens) > 5: if node_name is not None: if tokens[5] == 'info': node_info_request = True elif ovdc_request: if tokens[5] == 'info': ovdc_info_request = True if len(body['body']) > 0: try: request_body = json.loads( base64.b64decode(body['body']).decode( sys.getfilesystemencoding())) except Exception: LOGGER.error(traceback.format_exc()) request_body = {} else: request_body = {} LOGGER.debug(f"request body: {json.dumps(request_body)}") query_params = {} if body['queryString']: query_params = dict(parse_qsl(body['queryString'])) from container_service_extension.service import Service service = Service() if not system_request and not service.is_enabled: raise CseServerError('CSE service is disabled. ' 'Contact the System Administrator.') req_headers = deepcopy(body['headers']) req_query_params = deepcopy(query_params) req_spec = deepcopy(request_body) from container_service_extension.broker_manager import BrokerManager broker_manager = BrokerManager(req_headers, req_query_params, req_spec) from container_service_extension.broker_manager import Operation if body['method'] == 'GET': if ovdc_info_request: req_spec.update({'ovdc_id': ovdc_id}) reply = broker_manager.invoke(Operation.INFO_OVDC) elif ovdc_request: reply = broker_manager.invoke(op=Operation.LIST_OVDCS) elif spec_request: reply = self.get_spec(tokens[3]) elif config_request: req_spec.update({'cluster_name': cluster_name}) reply = broker_manager.invoke(Operation.GET_CLUSTER_CONFIG) elif template_request: result = {} templates = [] server_config = get_server_runtime_config() default_template_name = \ server_config['broker']['default_template'] for t in server_config['broker']['templates']: is_default = t['name'] == default_template_name templates.append({ 'name': t['name'], 'is_default': is_default, 'catalog': server_config['broker']['catalog'], 'catalog_item': t['catalog_item'], 'description': t['description'] }) result['body'] = templates result['status_code'] = 200 reply = result elif cluster_info_request: req_spec.update({'cluster_name': cluster_name}) reply = broker_manager.invoke(Operation.GET_CLUSTER) elif node_info_request: broker = broker_manager.get_broker_based_on_vdc() reply = broker.get_node_info(cluster_name, node_name) elif system_request: result = {} result['body'] = service.info(req_headers) result['status_code'] = OK reply = result elif cluster_name is None: reply = broker_manager.invoke(Operation.LIST_CLUSTERS) elif body['method'] == 'POST': if cluster_name is None: reply = broker_manager.invoke(Operation.CREATE_CLUSTER) else: if node_request: broker = broker_manager.get_broker_based_on_vdc() reply = broker.create_nodes() elif body['method'] == 'PUT': if ovdc_info_request: reply = broker_manager.invoke(Operation.ENABLE_OVDC) elif system_request: reply = service.update_status(req_headers, req_spec) else: req_spec.update({'cluster_name': cluster_name}) reply = broker_manager.invoke(Operation.RESIZE_CLUSTER) elif body['method'] == 'DELETE': if node_request: broker = broker_manager.get_broker_based_on_vdc() reply = broker.delete_nodes() else: req_spec.update({'cluster_name': cluster_name}) reply = broker_manager.invoke(Operation.DELETE_CLUSTER) LOGGER.debug(f"reply: {str(reply)}") return reply
def get_registered_def_interface(): """Fetch the native cluster interface loaded during server startup.""" from container_service_extension.service import Service return Service().get_kubernetes_interface()