def get_ovdc(operation_context: ctx.OperationContext, ovdc_id: str) -> dict:
"""Get ovdc info for a particular ovdc.
:param ctx.OperationContext operation_context: context for the request
:param str ovdc_id: ID of the ovdc
:return: dictionary containing the ovdc information
:rtype: dict
"""
# NOTE: For CSE 3.0, if `enable_tkg_plus` flag in config is set to false,
# Prevent showing information about TKG+ by skipping TKG+ from the result.
cse_params = {
RequestKey.OVDC_ID: ovdc_id
}
telemetry_handler.record_user_action_details(cse_operation=CseOperation.OVDC_INFO, # noqa: E501
cse_params=cse_params)
config = utils.get_server_runtime_config()
log_wire = utils.str_to_bool(config.get('service', {}).get('log_wire'))
result = asdict(get_ovdc_k8s_runtime_details(operation_context.sysadmin_client, # noqa: E501
ovdc_id=ovdc_id,
log_wire=log_wire))
# TODO: Find a better way to avoid sending remove_cp_from_vms_on_disable
# flag
if ClusterEntityKind.TKG_PLUS.value in result['k8s_runtime'] \
and not utils.is_tkg_plus_enabled():
result['k8s_runtime'].remove(ClusterEntityKind.TKG_PLUS.value)
del result['remove_cp_from_vms_on_disable']
return result
def list_ovdc(operation_context: ctx.OperationContext) -> List[dict]:
"""List all ovdc and their k8s runtimes.
:param ctx.OperationContext operation_context: context for the request
:return: list of dictionary containing details about the ovdc
:rtype: List[dict]
"""
# NOTE: For CSE 3.0, if `enable_tkg_plus` flag in config is set to false,
# Prevent showing information about TKG+ by skipping TKG+ from the result.
# Record telemetry
telemetry_handler.record_user_action_details(cse_operation=CseOperation.OVDC_LIST, # noqa: E501
cse_params={})
ovdcs = []
org_vdcs = vcd_utils.get_all_ovdcs(operation_context.client)
for ovdc in org_vdcs:
ovdc_name = ovdc.get('name')
config = utils.get_server_runtime_config()
log_wire = utils.str_to_bool(config.get('service', {}).get('log_wire'))
ovdc_id = vcd_utils.extract_id(ovdc.get('id'))
ovdc_details = asdict(
get_ovdc_k8s_runtime_details(operation_context.sysadmin_client,
ovdc_id=ovdc_id,
ovdc_name=ovdc_name,
log_wire=log_wire))
if ClusterEntityKind.TKG_PLUS.value in ovdc_details['k8s_runtime'] \
and not utils.is_tkg_plus_enabled(): # noqa: E501
ovdc_details['k8s_runtime'].remove(ClusterEntityKind.TKG_PLUS.value) # noqa: E501
# TODO: Find a better way to remove remove_cp_from_vms_on_disable
del ovdc_details['remove_cp_from_vms_on_disable']
ovdcs.append(ovdc_details)
return ovdcs
def ovdc_info(request_data, op_ctx: ctx.OperationContext):
"""Request handler for ovdc info operation.
Required data: org_name, ovdc_name
:return: Dictionary with org VDC k8s provider metadata.
"""
required = [RequestKey.OVDC_ID]
req_utils.validate_payload(request_data, required)
# Record telemetry data
cse_params = copy.deepcopy(request_data)
record_user_action_details(cse_operation=CseOperation.OVDC_INFO,
cse_params=cse_params)
return ovdc_utils.get_ovdc_k8s_provider_metadata(
op_ctx.sysadmin_client, ovdc_id=request_data[RequestKey.OVDC_ID])
def ovdc_info(request_data, tenant_auth_token, is_jwt_token):
"""Request handler for ovdc info operation.
Required data: org_name, ovdc_name
:return: Dictionary with org VDC k8s provider metadata.
"""
required = [
RequestKey.OVDC_ID
]
req_utils.validate_payload(request_data, required)
# Record telemetry data
cse_params = copy.deepcopy(request_data)
record_user_action_details(cse_operation=CseOperation.OVDC_INFO, cse_params=cse_params) # noqa: E501
return ovdc_utils.get_ovdc_k8s_provider_metadata(
ovdc_id=request_data[RequestKey.OVDC_ID])
def nfs_node_delete(data, op_ctx: ctx.OperationContext):
"""Request handler for node delete operation.
Required data: cluster_name, node_names_list
Optional data and default values: org_name=None, ovdc_name=None
(data validation handled in broker)
:return: Dict
"""
svc = cluster_svc.ClusterService(op_ctx)
cluster_id = data[RequestKey.CLUSTER_ID]
node_name = data[RequestKey.NODE_NAME]
telemetry_handler.record_user_action_details(
cse_operation=telemetry_constants.CseOperation.V35_NODE_DELETE,
cse_params={
telemetry_constants.PayloadKey.CLUSTER_ID: cluster_id,
telemetry_constants.PayloadKey.NODE_NAME: node_name
})
return asdict(svc.delete_nodes(cluster_id, [node_name]))
def ovdc_list(request_data, tenant_auth_token, is_jwt_token):
"""Request handler for ovdc list operation.
:return: List of dictionaries with org VDC k8s provider metadata.
"""
defaults = {
RequestKey.LIST_PKS_PLANS: False
}
validated_data = {**defaults, **request_data}
client = vcd_utils.connect_vcd_user_via_token(
tenant_auth_token, is_jwt_token)
# TODO check if this is needed
list_pks_plans = utils.str_to_bool(validated_data[RequestKey.LIST_PKS_PLANS]) # noqa: E501
# Record telemetry data
cse_params = copy.deepcopy(validated_data)
cse_params[RequestKey.LIST_PKS_PLANS] = list_pks_plans
record_user_action_details(cse_operation=CseOperation.OVDC_LIST, cse_params=cse_params) # noqa: E501
return ovdc_utils.get_ovdc_list(client, list_pks_plans=list_pks_plans,
tenant_auth_token=tenant_auth_token,
is_jwt_token=is_jwt_token)
def _update_ovdc_using_placement_policy_async(operation_context: ctx.OperationContext, # noqa: E501
task: vcd_task.Task,
task_href,
user_href,
policy_list,
ovdc_id,
vdc,
remove_cp_from_vms_on_disable=False): # noqa: E501
"""Enable ovdc using placement policies.
:param ctx.OperationContext operation_context: operation context object
:param vcd_task.Task task: Task resource to track progress
:param str task_href: href of the task
:param str user_href:
:param List[str] policy_list: The new list of policies associated with
the ovdc
:param str ovdc_id:
:param pyvcloud.vcd.vdc.VDC vdc: VDC object
:param bool remove_cp_from_vms_on_disable: Set to true if placement
policies need to be removed from the vms before removing from the VDC.
"""
operation_name = "Update OVDC with placement policies"
k8s_runtimes_added = ''
k8s_runtimes_deleted = ''
try:
config = utils.get_server_runtime_config()
log_wire = utils.str_to_bool(config.get('service', {}).get('log_wire'))
cpm = compute_policy_manager.ComputePolicyManager(
operation_context.sysadmin_client, log_wire=log_wire)
existing_policies = []
for cse_policy in \
compute_policy_manager.list_cse_placement_policies_on_vdc(cpm, ovdc_id): # noqa: E501
existing_policies.append(cse_policy['display_name'])
logger.SERVER_LOGGER.debug(policy_list)
logger.SERVER_LOGGER.debug(existing_policies)
policies_to_add = set(policy_list) - set(existing_policies)
policies_to_delete = set(existing_policies) - set(policy_list)
# Telemetry for 'vcd cse ovdc enable' command
# TODO: Update telemetry request to handle 'k8s_runtime' array
k8s_runtimes_added = ','.join(policies_to_add)
if k8s_runtimes_added:
cse_params = {
RequestKey.K8S_PROVIDER: k8s_runtimes_added,
RequestKey.OVDC_ID: ovdc_id,
}
telemetry_handler.record_user_action_details(cse_operation=CseOperation.OVDC_ENABLE, # noqa: E501
cse_params=cse_params)
# Telemetry for 'vcd cse ovdc enable' command
# TODO: Update telemetry request to handle 'k8s_runtime' array
k8s_runtimes_deleted = '.'.join(policies_to_delete)
if k8s_runtimes_deleted:
cse_params = {
RequestKey.K8S_PROVIDER: k8s_runtimes_deleted,
RequestKey.OVDC_ID: ovdc_id,
RequestKey.REMOVE_COMPUTE_POLICY_FROM_VMS: remove_cp_from_vms_on_disable # noqa: E501
}
telemetry_handler.record_user_action_details(cse_operation=CseOperation.OVDC_DISABLE, # noqa: E501
cse_params=cse_params)
for cp_name in policies_to_add:
msg = f"Adding k8s provider {cp_name} to OVDC {vdc.name}"
logger.SERVER_LOGGER.debug(msg)
task.update(status=vcd_client.TaskStatus.RUNNING.value,
namespace='vcloud.cse',
operation=msg,
operation_name=operation_name,
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=vcd_client.EntityType.VDC.value,
user_href=user_href,
user_name=operation_context.user.name,
task_href=task_href,
org_href=operation_context.user.org_href)
policy = compute_policy_manager.get_cse_vdc_compute_policy(
cpm,
cp_name,
is_placement_policy=True)
cpm.add_compute_policy_to_vdc(vdc_id=ovdc_id,
compute_policy_href=policy['href'])
for cp_name in policies_to_delete:
msg = f"Removing k8s provider {RUNTIME_INTERNAL_NAME_TO_DISPLAY_NAME_MAP[cp_name]} from OVDC {ovdc_id}" # noqa: E501
logger.SERVER_LOGGER.debug(msg)
task_resource = \
task.update(status=vcd_client.TaskStatus.RUNNING.value,
namespace='vcloud.cse',
operation=msg,
operation_name=operation_name,
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=vcd_client.EntityType.VDC.value,
user_href=user_href,
user_name=operation_context.user.name,
task_href=task_href,
org_href=operation_context.user.org_href)
policy = compute_policy_manager.get_cse_vdc_compute_policy(cpm,
cp_name,
is_placement_policy=True) # noqa: E501
cpm.remove_compute_policy_from_vdc_sync(vdc=vdc,
compute_policy_href=policy['href'], # noqa: E501
force=remove_cp_from_vms_on_disable, # noqa: E501
is_placement_policy=True,
task_resource=task_resource) # noqa: E501
msg = f"Successfully updated OVDC: {vdc.name}"
logger.SERVER_LOGGER.debug(msg)
task.update(status=vcd_client.TaskStatus.SUCCESS.value,
namespace='vcloud.cse',
operation="Operation success",
operation_name=operation_name,
details=msg,
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=vcd_client.EntityType.VDC.value,
user_href=user_href,
user_name=operation_context.user.name,
task_href=task_href,
org_href=operation_context.user.org_href)
# Record telemetry
if k8s_runtimes_added:
telemetry_handler.record_user_action(CseOperation.OVDC_ENABLE,
status=OperationStatus.SUCCESS) # noqa: E501
if k8s_runtimes_deleted:
telemetry_handler.record_user_action(CseOperation.OVDC_DISABLE,
status=OperationStatus.SUCCESS) # noqa: E501
except Exception as err:
# Record telemetry
if k8s_runtimes_added:
telemetry_handler.record_user_action(CseOperation.OVDC_ENABLE,
status=OperationStatus.FAILED)
if k8s_runtimes_deleted:
telemetry_handler.record_user_action(CseOperation.OVDC_DISABLE,
status=OperationStatus.FAILED)
logger.SERVER_LOGGER.error(err)
task.update(status=vcd_client.TaskStatus.ERROR.value,
namespace='vcloud.cse',
operation='Failed to update OVDC',
operation_name=operation_name,
details=f'Failed with error: {err}',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=vcd_client.EntityType.VDC.value,
user_href=user_href,
user_name=operation_context.user.name,
task_href=task_href,
org_href=operation_context.user.org_href,
error_message=f"{err}")
finally:
if operation_context.sysadmin_client:
operation_context.end()
def run(self, msg_update_callback=utils.NullPrinter()):
self.config = get_validated_config(
self.config_file,
pks_config_file_name=self.pks_config_file,
skip_config_decryption=self.skip_config_decryption,
decryption_password=self.decryption_password,
log_wire_file=logger.SERVER_DEBUG_WIRELOG_FILEPATH,
logger_debug=logger.SERVER_LOGGER,
msg_update_callback=msg_update_callback)
populate_vsphere_list(self.config['vcs'])
# Load def entity-type and interface
self._load_def_schema(msg_update_callback=msg_update_callback)
# Read k8s catalog definition from catalog item metadata and append
# the same to to server run-time config
self._load_template_definition_from_catalog(
msg_update_callback=msg_update_callback)
if float(self.config['vcd']['api_version']) < float(
vCDApiVersion.VERSION_35.value): # noqa: E501
# Read templates rules from config and update template deinfition
# in server run-time config
self._process_template_rules(
msg_update_callback=msg_update_callback)
# Make sure that all vms in templates are compliant with the
# compute policy specified in template definition (can be affected
# by rules).
self._process_template_compute_policy_compliance(
msg_update_callback=msg_update_callback)
else:
msg = "Template rules are not supported by CSE for vCD api " \
"version 35.0 or above. Skipping template rule processing."
msg_update_callback.info(msg)
logger.SERVER_LOGGER.debug(msg)
if self.should_check_config:
check_cse_installation(self.config,
msg_update_callback=msg_update_callback)
if self.config.get('pks_config'):
pks_config = self.config.get('pks_config')
self.pks_cache = PksCache(
pks_servers=pks_config.get('pks_api_servers', []),
pks_accounts=pks_config.get('pks_accounts', []),
pvdcs=pks_config.get('pvdcs', []),
orgs=pks_config.get('orgs', []),
nsxt_servers=pks_config.get('nsxt_servers', []))
amqp = self.config['amqp']
num_consumers = self.config['service']['listeners']
for n in range(num_consumers):
try:
c = MessageConsumer(amqp['host'], amqp['port'], amqp['ssl'],
amqp['vhost'], amqp['username'],
amqp['password'], amqp['exchange'],
amqp['routing_key'])
name = 'MessageConsumer-%s' % n
t = Thread(name=name, target=consumer_thread, args=(c, ))
t.daemon = True
t.start()
msg = f"Started thread '{name} ({t.ident})'"
msg_update_callback.general(msg)
logger.SERVER_LOGGER.info(msg)
self.threads.append(t)
self.consumers.append(c)
time.sleep(0.25)
except KeyboardInterrupt:
break
except Exception:
logger.SERVER_LOGGER.error(traceback.format_exc())
logger.SERVER_LOGGER.info(
f"Number of threads started: {len(self.threads)}") # noqa: E501
self._state = ServerState.RUNNING
message = f"Container Service Extension for vCloud Director" \
f"\nServer running using config file: {self.config_file}" \
f"\nLog files: {logger.SERVER_INFO_LOG_FILEPATH}, " \
f"{logger.SERVER_DEBUG_LOG_FILEPATH}" \
f"\nwaiting for requests (ctrl+c to close)"
signal.signal(signal.SIGINT, signal_handler)
msg_update_callback.general_no_color(message)
logger.SERVER_LOGGER.info(message)
# Record telemetry on user action and details of operation.
cse_params = {
PayloadKey.WAS_DECRYPTION_SKIPPED:
bool(self.skip_config_decryption), # noqa: E501
PayloadKey.WAS_PKS_CONFIG_FILE_PROVIDED:
bool(self.pks_config_file), # noqa: E501
PayloadKey.WAS_INSTALLATION_CHECK_SKIPPED:
bool(self.should_check_config) # noqa: E501
}
record_user_action_details(cse_operation=CseOperation.SERVICE_RUN,
cse_params=cse_params)
record_user_action(cse_operation=CseOperation.SERVICE_RUN)
while True:
try:
time.sleep(1)
if self._state == ServerState.STOPPING and \
self.active_requests_count() == 0:
break
except KeyboardInterrupt:
break
except Exception:
msg_update_callback.general_no_color(traceback.format_exc())
logger.SERVER_LOGGER.error(traceback.format_exc())
sys.exit(1)
logger.SERVER_LOGGER.info("Stop detected")
logger.SERVER_LOGGER.info("Closing connections...")
for c in self.consumers:
try:
c.stop()
except Exception:
logger.SERVER_LOGGER.error(traceback.format_exc())
self._state = ServerState.STOPPED
logger.SERVER_LOGGER.info("Done")
def install_template(template_name,
template_revision,
config_file_name,
force_create,
retain_temp_vapp,
ssh_key,
skip_config_decryption=False,
decryption_password=None,
msg_update_callback=utils.NullPrinter()):
"""Install a particular template in CSE.
If template_name and revision are wild carded to *, all templates defined
in remote template cookbook will be installed.
:param str template_name:
:param str template_revision:
:param str config_file_name: config file name.
:param bool force_create: if True and template already exists in vCD,
overwrites existing template.
:param str ssh_key: public ssh key to place into template vApp(s).
:param bool retain_temp_vapp: if True, temporary vApp will not destroyed,
so the user can ssh into and debug the vm.
:param bool skip_config_decryption: do not decrypt the config file.
:param str decryption_password: password to decrypt the config file.
:param utils.ConsoleMessagePrinter msg_update_callback: Callback object.
"""
config = get_validated_config(
config_file_name,
skip_config_decryption=skip_config_decryption,
decryption_password=decryption_password,
log_wire_file=INSTALL_WIRELOG_FILEPATH,
logger_debug=INSTALL_LOGGER,
msg_update_callback=msg_update_callback)
populate_vsphere_list(config['vcs'])
msg = f"Installing template '{template_name}' at revision " \
f"'{template_revision}' on vCloud Director using config file " \
f"'{config_file_name}'"
msg_update_callback.info(msg)
INSTALL_LOGGER.info(msg)
client = None
try:
# Telemetry data construction
cse_params = {
PayloadKey.TEMPLATE_NAME: template_name,
PayloadKey.TEMPLATE_REVISION: template_revision,
PayloadKey.WAS_DECRYPTION_SKIPPED: bool(skip_config_decryption),
PayloadKey.WERE_TEMPLATES_FORCE_UPDATED: bool(force_create),
PayloadKey.WAS_TEMP_VAPP_RETAINED: bool(retain_temp_vapp),
PayloadKey.WAS_SSH_KEY_SPECIFIED: bool(ssh_key)
}
# Record telemetry data
record_user_action_details(
cse_operation=CseOperation.TEMPLATE_INSTALL,
cse_params=cse_params,
telemetry_settings=config['service']['telemetry'])
log_filename = None
log_wire = utils.str_to_bool(config['service'].get('log_wire'))
if log_wire:
log_filename = INSTALL_WIRELOG_FILEPATH
client = Client(config['vcd']['host'],
api_version=config['vcd']['api_version'],
verify_ssl_certs=config['vcd']['verify'],
log_file=log_filename,
log_requests=log_wire,
log_headers=log_wire,
log_bodies=log_wire)
credentials = BasicLoginCredentials(config['vcd']['username'],
server_constants.SYSTEM_ORG_NAME,
config['vcd']['password'])
client.set_credentials(credentials)
msg = f"Connected to vCD as system administrator: " \
f"{config['vcd']['host']}:{config['vcd']['port']}"
msg_update_callback.general(msg)
INSTALL_LOGGER.info(msg)
# read remote template cookbook
rtm = RemoteTemplateManager(
remote_template_cookbook_url=config['broker']
['remote_template_cookbook_url'], # noqa: E501
logger=INSTALL_LOGGER,
msg_update_callback=msg_update_callback)
remote_template_cookbook = rtm.get_remote_template_cookbook()
found_template = False
for template in remote_template_cookbook['templates']:
template_name_matched = template_name in (
template[server_constants.RemoteTemplateKey.NAME], '*'
) # noqa: E501
template_revision_matched = \
str(template_revision) in (str(template[server_constants.RemoteTemplateKey.REVISION]), '*') # noqa: E501
if template_name_matched and template_revision_matched:
found_template = True
_install_template(
client=client,
remote_template_manager=rtm,
template=template,
org_name=config['broker']['org'],
vdc_name=config['broker']['vdc'],
catalog_name=config['broker']['catalog'],
network_name=config['broker']['network'],
ip_allocation_mode=config['broker']['ip_allocation_mode'],
storage_profile=config['broker']['storage_profile'],
force_update=force_create,
retain_temp_vapp=retain_temp_vapp,
ssh_key=ssh_key,
msg_update_callback=msg_update_callback)
if not found_template:
msg = f"Template '{template_name}' at revision " \
f"'{template_revision}' not found in remote template " \
"cookbook."
msg_update_callback.error(msg)
INSTALL_LOGGER.error(msg, exc_info=True)
raise Exception(msg)
# Record telemetry data on successful template install
record_user_action(
cse_operation=CseOperation.TEMPLATE_INSTALL,
status=OperationStatus.SUCCESS,
telemetry_settings=config['service']['telemetry']) # noqa: E501
except Exception:
msg_update_callback.error(
"Template Installation Error. Check CSE install logs")
INSTALL_LOGGER.error("Template Installation Error", exc_info=True)
# Record telemetry data on template install failure
record_user_action(cse_operation=CseOperation.TEMPLATE_INSTALL,
status=OperationStatus.FAILED,
telemetry_settings=config['service']['telemetry'])
finally:
if client is not None:
client.logout()
def install_cse(config_file_name,
skip_template_creation,
force_update,
ssh_key,
retain_temp_vapp,
pks_config_file_name=None,
skip_config_decryption=False,
decryption_password=None,
msg_update_callback=utils.NullPrinter()):
"""Handle logistics for CSE installation.
Handles decision making for configuring AMQP exchange/settings,
defined entity schema registration for vCD api version >= 35,
extension registration, catalog setup and template creation.
Also records telemetry data on installation details.
:param str config_file_name: config file name.
:param bool skip_template_creation: If True, skip creating the templates.
:param bool force_update: if True and templates already exist in vCD,
overwrites existing templates.
:param str ssh_key: public ssh key to place into template vApp(s).
:param bool retain_temp_vapp: if True, temporary vApp will not destroyed,
so the user can ssh into and debug the vm.
:param str pks_config_file_name: pks config file name.
:param bool skip_config_decryption: do not decrypt the config file.
:param str decryption_password: password to decrypt the config file.
:param utils.ConsoleMessagePrinter msg_update_callback: Callback object.
:raises cse_exception.AmqpError: if AMQP exchange could not be created.
"""
config = get_validated_config(
config_file_name,
pks_config_file_name=pks_config_file_name,
skip_config_decryption=skip_config_decryption,
decryption_password=decryption_password,
log_wire_file=INSTALL_WIRELOG_FILEPATH,
logger_debug=INSTALL_LOGGER,
msg_update_callback=msg_update_callback)
populate_vsphere_list(config['vcs'])
msg = f"Installing CSE on vCloud Director using config file " \
f"'{config_file_name}'"
msg_update_callback.info(msg)
INSTALL_LOGGER.info(msg)
client = None
try:
# Telemetry - Construct telemetry data
telemetry_data = {
PayloadKey.WAS_DECRYPTION_SKIPPED:
bool(skip_config_decryption), # noqa: E501
PayloadKey.WAS_PKS_CONFIG_FILE_PROVIDED:
bool(pks_config_file_name), # noqa: E501
PayloadKey.WERE_TEMPLATES_SKIPPED:
bool(skip_template_creation), # noqa: E501
PayloadKey.WERE_TEMPLATES_FORCE_UPDATED:
bool(force_update), # noqa: E501
PayloadKey.WAS_TEMP_VAPP_RETAINED:
bool(retain_temp_vapp), # noqa: E501
PayloadKey.WAS_SSH_KEY_SPECIFIED: bool(ssh_key) # noqa: E501
}
# Telemetry - Record detailed telemetry data on install
record_user_action_details(
CseOperation.SERVICE_INSTALL,
telemetry_data,
telemetry_settings=config['service']['telemetry']) # noqa: E501
log_filename = None
log_wire = utils.str_to_bool(config['service'].get('log_wire'))
if log_wire:
log_filename = INSTALL_WIRELOG_FILEPATH
client = Client(config['vcd']['host'],
api_version=config['vcd']['api_version'],
verify_ssl_certs=config['vcd']['verify'],
log_file=log_filename,
log_requests=log_wire,
log_headers=log_wire,
log_bodies=log_wire)
credentials = BasicLoginCredentials(config['vcd']['username'],
server_constants.SYSTEM_ORG_NAME,
config['vcd']['password'])
client.set_credentials(credentials)
msg = f"Connected to vCD as system administrator: " \
f"{config['vcd']['host']}:{config['vcd']['port']}"
msg_update_callback.general(msg)
INSTALL_LOGGER.info(msg)
# create amqp exchange if it doesn't exist
amqp = config['amqp']
_create_amqp_exchange(amqp['exchange'],
amqp['host'],
amqp['port'],
amqp['vhost'],
amqp['ssl'],
amqp['username'],
amqp['password'],
msg_update_callback=msg_update_callback)
# register or update cse on vCD
_register_cse(client,
amqp['routing_key'],
amqp['exchange'],
msg_update_callback=msg_update_callback)
# register cse def schema on VCD
# schema should be located at
# ~/.cse-schema/api-v<API VERSION>/schema.json
_register_def_schema(client,
msg_update_callback=msg_update_callback,
log_wire=log_wire)
# Since we use CSE extension id as our telemetry instance_id, the
# validated config won't have the instance_id yet. Now that CSE has
# been registered as an extension, we should update the telemetry
# config with the correct instance_id
if config['service']['telemetry']['enable']:
store_telemetry_settings(config)
# register rights to vCD
# TODO() should also remove rights when unregistering CSE
_register_right(
client,
right_name=server_constants.
CSE_NATIVE_DEPLOY_RIGHT_NAME, # noqa: E501
description=server_constants.
CSE_NATIVE_DEPLOY_RIGHT_DESCRIPTION, # noqa: E501
category=server_constants.
CSE_NATIVE_DEPLOY_RIGHT_CATEGORY, # noqa: E501
bundle_key=server_constants.
CSE_NATIVE_DEPLOY_RIGHT_BUNDLE_KEY, # noqa: E501
msg_update_callback=msg_update_callback)
_register_right(
client,
right_name=server_constants.
CSE_PKS_DEPLOY_RIGHT_NAME, # noqa: E501
description=server_constants.
CSE_PKS_DEPLOY_RIGHT_DESCRIPTION, # noqa: E501
category=server_constants.
CSE_PKS_DEPLOY_RIGHT_CATEGORY, # noqa: E501
bundle_key=server_constants.
CSE_PKS_DEPLOY_RIGHT_BUNDLE_KEY, # noqa: E501
msg_update_callback=msg_update_callback)
# set up placement policies for all types of clusters
_setup_placement_policies(
client,
policy_list=server_constants.
CLUSTER_PLACEMENT_POLICIES, # noqa: E501
msg_update_callback=msg_update_callback,
log_wire=log_wire)
# set up cse catalog
org = vcd_utils.get_org(client, org_name=config['broker']['org'])
vcd_utils.create_and_share_catalog(
org,
config['broker']['catalog'],
catalog_desc='CSE templates',
logger=INSTALL_LOGGER,
msg_update_callback=msg_update_callback)
if skip_template_creation:
msg = "Skipping creation of templates."
msg_update_callback.info(msg)
INSTALL_LOGGER.warning(msg)
else:
# read remote template cookbook, download all scripts
rtm = RemoteTemplateManager(
remote_template_cookbook_url=config['broker']
['remote_template_cookbook_url'], # noqa: E501
logger=INSTALL_LOGGER,
msg_update_callback=msg_update_callback)
remote_template_cookbook = rtm.get_remote_template_cookbook()
# create all templates defined in cookbook
for template in remote_template_cookbook['templates']:
# TODO tag created templates with placement policies
_install_template(
client=client,
remote_template_manager=rtm,
template=template,
org_name=config['broker']['org'],
vdc_name=config['broker']['vdc'],
catalog_name=config['broker']['catalog'],
network_name=config['broker']['network'],
ip_allocation_mode=config['broker']['ip_allocation_mode'],
storage_profile=config['broker']['storage_profile'],
force_update=force_update,
retain_temp_vapp=retain_temp_vapp,
ssh_key=ssh_key,
msg_update_callback=msg_update_callback)
# if it's a PKS setup, setup NSX-T constructs
if config.get('pks_config'):
nsxt_servers = config['pks_config']['nsxt_servers']
wire_logger = NULL_LOGGER
if log_wire:
wire_logger = SERVER_NSXT_WIRE_LOGGER
for nsxt_server in nsxt_servers:
msg = f"Configuring NSX-T server ({nsxt_server.get('name')})" \
" for CSE. Please check install logs for details."
msg_update_callback.general(msg)
INSTALL_LOGGER.info(msg)
nsxt_client = NSXTClient(host=nsxt_server.get('host'),
username=nsxt_server.get('username'),
password=nsxt_server.get('password'),
logger_debug=INSTALL_LOGGER,
logger_wire=wire_logger,
http_proxy=nsxt_server.get('proxy'),
https_proxy=nsxt_server.get('proxy'),
verify_ssl=nsxt_server.get('verify'))
setup_nsxt_constructs(
nsxt_client=nsxt_client,
nodes_ip_block_id=nsxt_server.get('nodes_ip_block_ids'),
pods_ip_block_id=nsxt_server.get('pods_ip_block_ids'),
ncp_boundary_firewall_section_anchor_id=nsxt_server.get(
'distributed_firewall_section_anchor_id')
) # noqa: E501
# Telemetry - Record successful install action
record_user_action(CseOperation.SERVICE_INSTALL,
telemetry_settings=config['service']['telemetry'])
except Exception:
msg_update_callback.error(
"CSE Installation Error. Check CSE install logs")
INSTALL_LOGGER.error("CSE Installation Error", exc_info=True)
# Telemetry - Record failed install action
record_user_action(CseOperation.SERVICE_INSTALL,
status=OperationStatus.FAILED,
telemetry_settings=config['service']['telemetry'])
raise # TODO() need installation relevant exceptions for rollback
finally:
if client is not None:
client.logout()
def ovdc_update(request_data, op_ctx: ctx.OperationContext):
"""Request handler for ovdc enable, disable operations.
Required data: org_name, ovdc_name, k8s_provider
Conditional data:
if k8s_provider is 'ent-pks': pks_plan_name, pks_cluster_domain
:return: Dictionary with org VDC update task href.
"""
# TODO the data flow here should be better understood.
# org_name and ovdc_name seem redundant if we already have ovdc_id
required = [
RequestKey.ORG_NAME, RequestKey.OVDC_NAME, RequestKey.K8S_PROVIDER,
RequestKey.OVDC_ID
]
validated_data = request_data
req_utils.validate_payload(validated_data, required)
k8s_provider = validated_data[RequestKey.K8S_PROVIDER]
k8s_provider_info = {K8S_PROVIDER_KEY: k8s_provider}
# Record the telemetry data
cse_params = copy.deepcopy(validated_data)
cse_operation = CseOperation.OVDC_DISABLE if k8s_provider == K8sProvider.NONE else CseOperation.OVDC_ENABLE # noqa: E501
record_user_action_details(cse_operation=cse_operation,
cse_params=cse_params) # noqa: E501
try:
if k8s_provider == K8sProvider.PKS:
if not utils.is_pks_enabled():
raise e.CseServerError('CSE server is not '
'configured to work with PKS.')
required = [
RequestKey.PKS_PLAN_NAME, RequestKey.PKS_CLUSTER_DOMAIN
]
req_utils.validate_payload(validated_data, required)
# Check if target ovdc is not already enabled for other non PKS k8 providers # noqa: E501
ovdc_metadata = ovdc_utils.get_ovdc_k8s_provider_metadata(
op_ctx.sysadmin_client,
ovdc_id=validated_data[RequestKey.OVDC_ID])
ovdc_k8_provider = ovdc_metadata.get(K8S_PROVIDER_KEY)
if ovdc_k8_provider != K8sProvider.NONE and \
ovdc_k8_provider != k8s_provider:
raise e.CseServerError(
"Ovdc already enabled for different K8 provider"
) # noqa: E501
k8s_provider_info = ovdc_utils.construct_k8s_metadata_from_pks_cache( # noqa: E501
op_ctx.sysadmin_client,
ovdc_id=validated_data[RequestKey.OVDC_ID],
org_name=validated_data[RequestKey.ORG_NAME],
pks_plans=validated_data[RequestKey.PKS_PLAN_NAME],
pks_cluster_domain=validated_data[
RequestKey.PKS_CLUSTER_DOMAIN], # noqa: E501
k8s_provider=k8s_provider)
ovdc_utils.create_pks_compute_profile(validated_data, op_ctx,
k8s_provider_info)
task = ovdc_utils.update_ovdc_k8s_provider_metadata(
op_ctx.sysadmin_client,
validated_data[RequestKey.OVDC_ID],
k8s_provider_data=k8s_provider_info,
k8s_provider=k8s_provider)
# Telemetry - Record successful enabling/disabling of ovdc
record_user_action(cse_operation, status=OperationStatus.SUCCESS)
return {'task_href': task.get('href')}
except Exception as err:
# Telemetry - Record failed enabling/disabling of ovdc
record_user_action(cse_operation, status=OperationStatus.FAILED)
raise err
def ovdc_list(request_data, op_ctx: ctx.OperationContext):
"""Request handler for ovdc list operation.
:return: List of dictionaries with org VDC k8s provider metadata.
"""
defaults = {RequestKey.LIST_PKS_PLANS: False}
validated_data = {**defaults, **request_data}
list_pks_plans = utils.str_to_bool(
validated_data[RequestKey.LIST_PKS_PLANS]) # noqa: E501
# Record telemetry data
cse_params = copy.deepcopy(validated_data)
cse_params[RequestKey.LIST_PKS_PLANS] = list_pks_plans
record_user_action_details(cse_operation=CseOperation.OVDC_LIST,
cse_params=cse_params)
if list_pks_plans and not op_ctx.client.is_sysadmin():
raise e.UnauthorizedRequestError(
'Operation denied. Enterprise PKS plans visible only '
'to System Administrators.')
# Ideally this should be extracted out to ovdc_utils, but the mandatory
# usage of sysadmin client along with a potentially non-sysadmin client
# means that the function signature require both tenant client and
# sysadmin client, which is very awkward
if op_ctx.client.is_sysadmin():
org_resource_list = op_ctx.client.get_org_list()
else:
org_resource_list = list(op_ctx.client.get_org())
ovdcs = []
for org_resource in org_resource_list:
org = vcd_org.Org(op_ctx.client, resource=org_resource)
for vdc_sparse in org.list_vdcs():
ovdc_name = vdc_sparse['name']
org_name = org.get_name()
k8s_metadata = ovdc_utils.get_ovdc_k8s_provider_metadata(
op_ctx.sysadmin_client, ovdc_name=ovdc_name, org_name=org_name)
k8s_provider = k8s_metadata[K8S_PROVIDER_KEY]
ovdc_dict = {
'name': ovdc_name,
'org': org_name,
'k8s provider': k8s_provider
}
if list_pks_plans:
pks_plans = ''
pks_server = ''
if k8s_provider == K8sProvider.PKS:
# vc name for vdc can only be found using typed query
q = op_ctx.client.get_typed_query(
vcd_client.ResourceType.ADMIN_ORG_VDC.value,
query_result_format=vcd_client.QueryResultFormat.
RECORDS, # noqa: E501
qfilter=f"name=={ovdc_name};orgName=={org_name}")
# should only ever be one element in the generator
ovdc_records = list(q.execute())
if len(ovdc_records) == 0:
raise vcd_e.EntityNotFoundException(
f"Org VDC {ovdc_name} not found in org {org_name}")
ovdc_record = None
for record in ovdc_records:
ovdc_record = pyvcd_utils.to_dict(
record,
resource_type=vcd_client.ResourceType.
ADMIN_ORG_VDC.value) # noqa: E501
break
vc_to_pks_plans_map = {}
pks_contexts = pksbroker_manager.create_pks_context_for_all_accounts_in_org(
op_ctx) # noqa: E501
for pks_context in pks_contexts:
if pks_context['vc'] in vc_to_pks_plans_map:
continue
pks_broker = pksbroker.PksBroker(pks_context, op_ctx)
plans = pks_broker.list_plans()
plan_names = [plan.get('name') for plan in plans]
vc_to_pks_plans_map[pks_context['vc']] = \
[plan_names, pks_context['host']]
pks_plan_and_server_info = vc_to_pks_plans_map.get(
ovdc_record['vcName'], [])
if len(pks_plan_and_server_info) > 0:
pks_plans = pks_plan_and_server_info[0]
pks_server = pks_plan_and_server_info[1]
ovdc_dict['pks api server'] = pks_server
ovdc_dict['available pks plans'] = pks_plans
ovdcs.append(ovdc_dict)
return ovdcs
def run(self, msg_update_callback=utils.NullPrinter()):
sysadmin_client = None
try:
sysadmin_client = vcd_utils.get_sys_admin_client()
verify_version_compatibility(sysadmin_client,
self.config['vcd']['api_version'],
utils.should_use_mqtt_protocol(self.config)) # noqa: E501
except Exception as err:
logger.SERVER_LOGGER.info(err)
raise
finally:
if sysadmin_client:
sysadmin_client.logout()
if utils.should_use_mqtt_protocol(self.config):
# Store/setup MQTT extension, api filter, and token info
try:
sysadmin_client = vcd_utils.get_sys_admin_client()
mqtt_ext_manager = MQTTExtensionManager(sysadmin_client)
ext_info = mqtt_ext_manager.get_extension_info(
ext_name=server_constants.CSE_SERVICE_NAME,
ext_version=server_constants.MQTT_EXTENSION_VERSION,
ext_vendor=server_constants.MQTT_EXTENSION_VENDOR)
ext_urn_id = ext_info[MQTTExtKey.EXT_URN_ID]
ext_uuid = mqtt_ext_manager.get_extension_uuid(ext_urn_id)
api_filters_status = mqtt_ext_manager.check_api_filters_setup(
ext_uuid, configure_cse.API_FILTER_PATTERNS)
if not api_filters_status:
msg = 'MQTT Api filter is not set up'
logger.SERVER_LOGGER.error(msg)
raise cse_exception.MQTTExtensionError(msg)
token_info = mqtt_ext_manager.create_extension_token(
token_name=server_constants.MQTT_TOKEN_NAME,
ext_urn_id=ext_urn_id)
self.config['mqtt'].update(ext_info)
self.config['mqtt'].update(token_info)
self.config['mqtt'][MQTTExtKey.EXT_UUID] = ext_uuid
except Exception as err:
msg = f'MQTT extension setup error: {err}'
logger.SERVER_LOGGER.error(msg)
raise err
finally:
if sysadmin_client:
sysadmin_client.logout()
populate_vsphere_list(self.config['vcs'])
# Load def entity-type and interface
self._load_def_schema(msg_update_callback=msg_update_callback)
# Read k8s catalog definition from catalog item metadata and append
# the same to to server run-time config
self._load_template_definition_from_catalog(
msg_update_callback=msg_update_callback)
self._load_placement_policy_details(
msg_update_callback=msg_update_callback)
if float(self.config['vcd']['api_version']) < float(vCDApiVersion.VERSION_35.value): # noqa: E501
# Read templates rules from config and update template deinfition
# in server run-time config
self._process_template_rules(
msg_update_callback=msg_update_callback)
# Make sure that all vms in templates are compliant with the
# compute policy specified in template definition (can be affected
# by rules).
self._process_template_compute_policy_compliance(
msg_update_callback=msg_update_callback)
else:
msg = "Template rules are not supported by CSE for vCD api " \
"version 35.0 or above. Skipping template rule processing."
msg_update_callback.info(msg)
logger.SERVER_LOGGER.debug(msg)
if self.should_check_config:
configure_cse.check_cse_installation(
self.config,
msg_update_callback=msg_update_callback)
if self.config.get('pks_config'):
pks_config = self.config.get('pks_config')
self.pks_cache = PksCache(
pks_servers=pks_config.get('pks_api_servers', []),
pks_accounts=pks_config.get('pks_accounts', []),
pvdcs=pks_config.get('pvdcs', []),
orgs=pks_config.get('orgs', []),
nsxt_servers=pks_config.get('nsxt_servers', []))
num_processors = self.config['service']['processors']
try:
self.consumer = MessageConsumer(self.config, num_processors)
name = server_constants.MESSAGE_CONSUMER_THREAD
consumer_thread = Thread(name=name, target=consumer_thread_run,
args=(self.consumer, ))
consumer_thread.daemon = True
consumer_thread.start()
self.consumer_thread = consumer_thread
msg = f"Started thread '{name}' ({consumer_thread.ident})"
msg_update_callback.general(msg)
logger.SERVER_LOGGER.info(msg)
except KeyboardInterrupt:
if self.consumer:
self.consumer.stop()
interrupt_msg = f"\nKeyboard interrupt when starting thread " \
f"'{name}'"
logger.SERVER_LOGGER.debug(interrupt_msg)
raise Exception(interrupt_msg)
except Exception:
if self.consumer:
self.consumer.stop()
logger.SERVER_LOGGER.error(traceback.format_exc())
# Updating state to Running before starting watchdog because watchdog
# exits when server is not Running
self._state = ServerState.RUNNING
# Start consumer watchdog
name = server_constants.WATCHDOG_THREAD
consumer_watchdog = Thread(name=name,
target=watchdog_thread_run,
args=(self, num_processors))
consumer_watchdog.daemon = True
consumer_watchdog.start()
self._consumer_watchdog = consumer_watchdog
msg = f"Started thread '{name}' ({consumer_watchdog.ident})"
msg_update_callback.general(msg)
logger.SERVER_LOGGER.info(msg)
message = f"Container Service Extension for vCloud Director" \
f"\nServer running using config file: {self.config_file}" \
f"\nLog files: {logger.SERVER_INFO_LOG_FILEPATH}, " \
f"{logger.SERVER_DEBUG_LOG_FILEPATH}" \
f"\nwaiting for requests (ctrl+c to close)"
signal.signal(signal.SIGINT, signal_handler)
msg_update_callback.general_no_color(message)
logger.SERVER_LOGGER.info(message)
# Record telemetry on user action and details of operation.
cse_params = {
PayloadKey.WAS_DECRYPTION_SKIPPED: bool(self.skip_config_decryption), # noqa: E501
PayloadKey.WAS_PKS_CONFIG_FILE_PROVIDED: bool(self.pks_config_file), # noqa: E501
PayloadKey.WAS_INSTALLATION_CHECK_SKIPPED: bool(self.should_check_config) # noqa: E501
}
record_user_action_details(cse_operation=CseOperation.SERVICE_RUN,
cse_params=cse_params)
record_user_action(cse_operation=CseOperation.SERVICE_RUN)
while True:
try:
time.sleep(1)
if self._state == ServerState.STOPPING and \
self.active_requests_count() == 0:
break
except KeyboardInterrupt:
break
except Exception:
msg_update_callback.general_no_color(
traceback.format_exc())
logger.SERVER_LOGGER.error(traceback.format_exc())
sys.exit(1)
logger.SERVER_LOGGER.info("Stop detected")
logger.SERVER_LOGGER.info("Closing connections...")
self._state = ServerState.STOPPING
try:
self.consumer.stop()
except Exception:
logger.SERVER_LOGGER.error(traceback.format_exc())
self._state = ServerState.STOPPED
logger.SERVER_LOGGER.info("Done")
