def _get_k8s_api_client(self): cluster_uuid = self.context["tenant"]["cluster"] cluster = self._get_cluster(cluster_uuid) cluster_template = self._get_cluster_template( cluster.cluster_template_id) key_file = None cert_file = None ca_certs = None if not cluster_template.tls_disabled: dir = self.context["ca_certs_directory"] key_file = cluster_uuid + ".key" key_file = os.path.join(dir, key_file) cert_file = cluster_uuid + ".crt" cert_file = os.path.join(dir, cert_file) ca_certs = cluster_uuid + "_ca.crt" ca_certs = os.path.join(dir, ca_certs) if hasattr(k8s_config, "ConfigurationObject"): # k8sclient < 4.0.0 config = k8s_config.ConfigurationObject() else: config = k8s_config.Configuration() config.host = cluster.api_address config.ssl_ca_cert = ca_certs config.cert_file = cert_file config.key_file = key_file client = api_client.ApiClient(config=config) return core_v1_api.CoreV1Api(client)
def setUpClass(cls): super(BaseK8sTest, cls).setUpClass() cls.kube_api_url = cls.cs.clusters.get(cls.cluster.uuid).api_address config = k8s_config.ConfigurationObject() config.host = cls.kube_api_url config.ssl_ca_cert = cls.ca_file config.cert_file = cls.cert_file config.key_file = cls.key_file k8s_client = api_client.ApiClient(config=config) cls.k8s_api = core_v1_api.CoreV1Api(k8s_client)
def setUp(self): super(BaseK8sTest, self).setUp() self.kube_api_url = self.cs.clusters.get(self.cluster.uuid).api_address config = k8s_config.ConfigurationObject() config.host = self.kube_api_url config.ssl_ca_cert = self.ca_file config.cert_file = self.cert_file config.key_file = self.key_file k8s_client = api_client.ApiClient(config=config) self.k8s_api = core_v1_api.CoreV1Api(k8s_client) # TODO(coreypobrien) https://bugs.launchpad.net/magnum/+bug/1551824 utils.wait_for_condition(self._is_api_ready, 5, 600)
def get_k8sClient(self, auth_plugin): config = client.ConfigurationObject() config.host = auth_plugin['auth_url'] if ('username' in auth_plugin) and ('password' in auth_plugin): config.username = auth_plugin['username'] config.password = auth_plugin['password'] else: config.api_key_prefix['authorization'] = 'Bearer' config.api_key['authorization'] = auth_plugin['bearer_token'] if auth_plugin['ssl_ca_cert'] is not None: config.ssl_ca_cert = auth_plugin['ssl_ca_cert'] config.verify_ssl = True else: config.verify_ssl = False k8s_client = api_client.ApiClient(config=config) return k8s_client
def __init__(self, spec, name_generator=None, atomic_inst=None): super(Kubernetes, self).__init__(None, name_generator=name_generator, atomic_inst=atomic_inst) self._spec = spec # NOTE(andreykurilin): KubernetesClient doesn't provide any __version__ # property to identify the client version (you are welcome to fix # this code if I'm wrong). Let's check for some backward incompatible # changes to identify the way to communicate with it. if hasattr(k8s_config, "ConfigurationObject"): # Actually, it is `k8sclient < 4.0.0`, so it can be # kubernetesclient 2.0 or even less, but it doesn't make any # difference for us self._k8s_client_version = 3 else: self._k8s_client_version = 4 if self._k8s_client_version == 3: config = k8s_config.ConfigurationObject() else: config = k8s_config.Configuration() config.host = self._spec["server"] config.ssl_ca_cert = self._spec["certificate-authority"] if self._spec.get("api_key"): config.api_key = {"authorization": self._spec["api_key"]} if self._spec.get("api_key_prefix"): config.api_key_prefix = { "authorization": self._spec["api_key_prefix"] } else: config.cert_file = self._spec["client-certificate"] config.key_file = self._spec["client-key"] if self._spec.get("tls_insecure", False): config.verify_ssl = False if self._k8s_client_version == 3: api = api_client.ApiClient(config=config) else: api = api_client.ApiClient(configuration=config) self.api = api self.v1_client = core_v1_api.CoreV1Api(api)
def __init__(self, context, cluster): self.ca_file = None self.cert_file = None self.key_file = None if cluster.magnum_cert_ref: (self.ca_file, self.key_file, self.cert_file) = create_client_files(cluster, context) config = k8s_config.ConfigurationObject() config.host = cluster.api_address config.ssl_ca_cert = self.ca_file.name config.cert_file = self.cert_file.name config.key_file = self.key_file.name # build a connection with Kubernetes master client = api_client.ApiClient(config=config) super(K8sAPI, self).__init__(client)
def get_k8sClient(self, auth_plugin): config = client.ConfigurationObject() config.host = auth_plugin['auth_url'] if ('username' in auth_plugin) and ('password' in auth_plugin)\ and (auth_plugin['password'] is not None): config.username = auth_plugin['username'] config.password = auth_plugin['password'] basic_token = config.get_basic_auth_token() config.api_key['authorization'] = basic_token if 'bearer_token' in auth_plugin: config.api_key_prefix['authorization'] = 'Bearer' config.api_key['authorization'] = auth_plugin['bearer_token'] ca_cert_file = auth_plugin.get('ca_cert_file') if ca_cert_file is not None: config.ssl_ca_cert = ca_cert_file config.verify_ssl = True else: config.verify_ssl = False k8s_client = api_client.ApiClient(config=config) return k8s_client
def __init__(self, k8sAPI_url=None, username=None, password=None, bearer_token=None, ca_cert=None): print("bearer token:", bearer_token) config = client.ConfigurationObject() config.host = k8sAPI_url if username and password: config.username = username config.password = password else: config.api_key_prefix['authorization'] = 'Bearer' config.api_key['authorization'] = bearer_token if ca_cert: config.ssl_ca_cert = ca_cert config.verify_ssl = True else: config.verify_ssl = False self.k8s_client = api_client.ApiClient(config=config)
def test_client_config(self): ''' test kubernetes client config is set ''' config = client.ConfigurationObject() watcher = hostess.Watcher(config=config) self.assertEqual(watcher.v1_api.api_client.config.host, 'https://localhost')