def destroy(self, request, project_id, cluster_id, namespace, name): # 操作类接口统一检查集群操作权限 validate_cluster_perm(request, project_id, cluster_id) client = self.resource_client(request.ctx_cluster) request.audit_ctx.update_fields( resource_type=self.resource_client.kind.lower(), resource=f'{namespace}/{name}' ) try: response_data = client.delete(name=name, namespace=namespace).to_dict() except DynamicApiError as e: raise DeleteResourceError(_('删除资源失败: {}').format(e.summary())) return Response(response_data)
def destroy(self, request, project_id, cluster_id, crd_name, custom_obj_name): """ 删除自定义资源 """ validate_cluster_perm(request, project_id, cluster_id) params = self.params_validate(slzs.DestroyCustomObjectSLZ) namespace = params.get('namespace') or None self._update_audit_ctx(request, namespace, crd_name, custom_obj_name) client = get_cobj_client_by_crd(request.ctx_cluster, crd_name) try: response_data = client.delete(name=custom_obj_name, namespace=namespace).to_dict() except DynamicApiError as e: raise DeleteResourceError(_('删除资源失败: {}').format(e.summary())) return Response(response_data)
def create(self, request, project_id, cluster_id, crd_name): """ 创建自定义资源 """ validate_cluster_perm(request, project_id, cluster_id) params = self.params_validate(slzs.CreateCustomObjectSLZ) namespace = getitems(params, 'manifest.metadata.namespace') cus_obj_name = getitems(params, 'manifest.metadata.name') self._update_audit_ctx(request, namespace, crd_name, cus_obj_name) client = get_cobj_client_by_crd(request.ctx_cluster, crd_name) try: response_data = client.create(namespace=namespace, body=params['manifest'], is_format=False).data.to_dict() except DynamicApiError as e: raise CreateResourceError(_('创建资源失败: {}').format(e.summary())) except ValueError as e: raise CreateResourceError(_('创建资源失败: {}').format(str(e))) return Response(response_data)
def create(self, request, project_id, cluster_id, namespace=None): # 操作类接口统一检查集群操作权限 validate_cluster_perm(request, project_id, cluster_id) params = self.params_validate(CreateResourceSLZ) client = self.resource_client(request.ctx_cluster) namespace = namespace or getitems(params, 'manifest.metadata.namespace') request.audit_ctx.update_fields( resource_type=self.resource_client.kind.lower(), resource=f"{namespace}/{getitems(params, 'manifest.metadata.name')}", ) try: response_data = client.create(namespace=namespace, body=params['manifest'], is_format=False).data.to_dict() except DynamicApiError as e: raise CreateResourceError(_('创建资源失败: {}').format(e.summary())) except ValueError as e: raise CreateResourceError(_('创建资源失败: {}').format(str(e))) return Response(response_data)
def reschedule(self, request, project_id, cluster_id, namespace, name): """ 重新调度 Pod(仅对有父级资源的 Pod 有效) """ # 操作类接口统一检查集群操作权限 validate_cluster_perm(request, project_id, cluster_id) client = Pod(request.ctx_cluster) request.audit_ctx.update_fields( resource_type=self.resource_client.kind.lower(), resource=f'{namespace}/{name}') # 检查 Pod 配置,必须有父级资源才可以重新调度 pod_manifest = client.fetch_manifest(namespace, name) if not getitems(pod_manifest, 'metadata.ownerReferences'): raise OwnerReferencesNotExist( _('Pod {}/{} 不存在父级资源,无法被重新调度').format(namespace, name)) # 重新调度的原理是直接删除 Pod,利用父级资源重新拉起服务 try: response_data = client.delete(name=name, namespace=namespace).to_dict() except DynamicApiError as e: raise DeleteResourceError(_('重新调度 Pod 失败: {}').format(e.summary())) return Response(response_data)
def update(self, request, project_id, cluster_id, namespace, name): # 操作类接口统一检查集群操作权限 validate_cluster_perm(request, project_id, cluster_id) params = self.params_validate(UpdateResourceSLZ) client = self.resource_client(request.ctx_cluster) request.audit_ctx.update_fields( resource_type=self.resource_client.kind.lower(), resource=f'{namespace}/{name}' ) manifest = params['manifest'] # replace 模式下无需指定 resourceVersion manifest['metadata'].pop('resourceVersion', None) try: response_data = client.replace( body=manifest, namespace=namespace, name=name, is_format=False ).data.to_dict() except DynamicApiError as e: raise UpdateResourceError(_('更新资源失败: {}').format(e.summary())) except ValueError as e: raise UpdateResourceError(_('更新资源失败: {}').format(str(e))) return Response(response_data)
def update(self, request, project_id, cluster_id, crd_name, custom_obj_name): """ 更新自定义资源 """ validate_cluster_perm(request, project_id, cluster_id) params = self.params_validate(slzs.UpdateCustomObjectSLZ) namespace = getitems(params, 'manifest.metadata.namespace') self._update_audit_ctx(request, namespace, crd_name, custom_obj_name) client = get_cobj_client_by_crd(request.ctx_cluster, crd_name) manifest = params['manifest'] # 自定义资源 Replace 也需要指定 resourceVersion # 这里先 pop,通过在 replace 指定 auto_add_version=True 添加 manifest['metadata'].pop('resourceVersion', None) try: response_data = client.replace( body=manifest, namespace=namespace, name=custom_obj_name, is_format=False, auto_add_version=True ).data.to_dict() except DynamicApiError as e: raise UpdateResourceError(_('更新资源失败: {}').format(e.summary())) except ValueError as e: raise UpdateResourceError(_('更新资源失败: {}').format(str(e))) return Response(response_data)
def gen_base_web_annotations(request, project_id: str, cluster_id: str) -> Dict: """ 生成资源视图相关的页面控制信息,用于控制按钮展示等 """ has_cluster_perm = validate_cluster_perm(request, project_id, cluster_id, raise_exception=False) # 目前 创建 / 删除 / 更新 按钮权限 & 提示信息相同 tip = _('当前用户没有操作集群 {} 的权限').format( cluster_id) if not has_cluster_perm else '' btn_perm = {'clickable': has_cluster_perm, 'tip': tip} return { 'perms': { 'page': { 'create_btn': btn_perm, 'update_btn': btn_perm, 'delete_btn': btn_perm, 'reschedule_pod_btn': btn_perm, 'web_console_btn': btn_perm, } } }