def create_pod(self, name, containers):
"""
:param name: pod name(string)
:param containers: containers specification
(list[kubernetes.client.models.V1Container])
:return: API response
"""
if self.active is not True:
raise Exception("Namespace has been removed")
pod = k8s.get_pod_template()
pod["metadata"]["name"] = name
pod["spec"]["nodeName"] = None
pod["spec"]["nodeSelector"] = {"namespace": self.ns_name}
pod["spec"]["containers"] = containers
k8s.create_pod(self.configuration, pod, self.ns_name)
def deploy_webhook(namespace, conf_dir, install_dir, saname, cmk_img):
prefix = "cmk-webhook"
service_name = '-'.join([prefix, "service"])
cert, key = util.generate_secrets(service_name, namespace)
app_name = '-'.join([prefix, "app"])
secret_data = {"cert.pem": cert, "key.pem": key}
secret_name = '-'.join([prefix, "certs"])
secret = k8sclient.V1Secret()
update_secret(secret, secret_name, secret_data, "Opaque")
try:
k8s.create_secret(None, secret, namespace)
except K8sApiException as err:
logging.error("Exception when creating secret: {}".format(err))
logging.error("Aborting webhook deployment ...")
sys.exit(1)
configmap = k8sclient.V1ConfigMap()
configmap_name = '-'.join([prefix, "configmap"])
configmap_data = {
"server.yaml": yaml.dump(get_default_webhook_server_config()),
"mutations.yaml": yaml.dump(get_default_webhook_mutations_config()),
}
update_configmap(configmap, configmap_name, configmap_data)
try:
k8s.create_config_map(None, configmap, namespace)
except K8sApiException as err:
logging.error("Exception when creating config map: {}".format(err))
logging.error("Aborting webhook deployment ...")
sys.exit(1)
service = k8sclient.V1Service()
update_service(service, service_name, app_name, 443)
try:
k8s.create_service(None, service, namespace)
except K8sApiException as err:
logging.error("Exception when creating service: {}".format(err))
logging.error("Aborting webhook deployment ...")
sys.exit(1)
pod = k8s.get_pod_template()
pod_name = '-'.join([prefix, "pod"])
update_pod_with_metadata(pod, pod_name, app_name)
update_pod_with_webhook_container(pod, cmk_img, configmap_name,
secret_name)
update_pod_with_restart_policy(pod, "Always")
deployment = k8s.deployment_from(pod)
try:
k8s.create_deployment(None, deployment, namespace)
except K8sApiException as err:
logging.error("Exception when creating webhook deployment: {}"
.format(err))
logging.error("Aborting webhook deployment ...")
sys.exit(1)
config = k8sclient.V1beta1MutatingWebhookConfiguration()
config_name = '-'.join([prefix, "config"])
update_mutatingwebhookconfiguration(config,
config_name,
app_name,
"cmk.intel.com",
cert,
service_name,
"/mutate",
namespace,
"Ignore")
try:
k8s.create_mutating_webhook_configuration(None, config)
except K8sApiException as err:
logging.error("Exception when creating webhook configuration: {}"
.format(err))
logging.error("Aborting webhook deployment ...")
sys.exit(1)
def run_cmd_pods(cmd_list, cmd_init_list, cmk_img, cmk_img_pol, conf_dir,
install_dir, num_exclusive_cores, num_shared_cores,
cmk_node_list, pull_secret, serviceaccount, shared_mode,
exclusive_mode, namespace):
pod = k8s.get_pod_template()
if pull_secret:
update_pod_with_pull_secret(pod, pull_secret)
if cmd_list:
update_pod(pod, "Always", conf_dir, install_dir, serviceaccount)
version = util.parse_version(k8s.get_kubelet_version(None))
if version >= util.parse_version("v1.7.0"):
pod["spec"]["tolerations"] = [{
"operator": "Exists"}]
for cmd in cmd_list:
args = ""
if cmd == "reconcile":
args = "/cmk/cmk.py isolate --pool=infra /cmk/cmk.py -- reconcile --interval=5 --publish" # noqa: E501
elif cmd == "nodereport":
args = "/cmk/cmk.py isolate --pool=infra /cmk/cmk.py -- node-report --interval=5 --publish" # noqa: E501
update_pod_with_container(pod, cmd, cmk_img, cmk_img_pol, args)
elif cmd_init_list:
update_pod(pod, "Never", conf_dir, install_dir, serviceaccount)
for cmd in cmd_init_list:
args = ""
if cmd == "init":
args = ("/cmk/cmk.py init --num-exclusive-cores={} "
"--num-shared-cores={} --shared-mode={} "
"--exclusive-mode={}")\
.format(num_exclusive_cores, num_shared_cores, shared_mode,
exclusive_mode)
# If init is the only cmd in cmd_init_list, it should be run
# as regular container as spec.containers is a required field.
# Otherwise, it should be run as init-container.
if len(cmd_init_list) == 1:
update_pod_with_container(pod, cmd, cmk_img,
cmk_img_pol, args)
else:
update_pod_with_init_container(pod, cmd, cmk_img,
cmk_img_pol, args)
else:
if cmd == "discover":
args = "/cmk/cmk.py discover"
elif cmd == "install":
args = "/cmk/cmk.py install"
update_pod_with_container(pod, cmd, cmk_img, cmk_img_pol,
args)
for node_name in cmk_node_list:
if cmd_list:
update_pod_with_node_details(pod, node_name, cmd_list)
daemon_set = k8s.ds_from(pod=pod)
elif cmd_init_list:
update_pod_with_node_details(pod, node_name, cmd_init_list)
try:
if cmd_list:
cr_pod_resp = k8s.create_ds(None, daemon_set, namespace)
logging.debug("Response while creating ds for {} command(s): "
"{}".format(cmd_list, cr_pod_resp))
elif cmd_init_list:
cr_pod_resp = k8s.create_pod(None, pod, namespace)
logging.debug("Response while creating pod for {} command(s): "
"{}".format(cmd_init_list, cr_pod_resp))
except K8sApiException as err:
if cmd_list:
logging.error("Exception when creating pod for {} command(s): "
"{}".format(cmd_list, err))
elif cmd_init_list:
logging.error("Exception when creating pod for {} command(s): "
"{}".format(cmd_init_list, err))
logging.error("Aborting cluster-init ...")
sys.exit(1)
