def init_k8s_client():
config.load_kube_config()
api = core_v1_api.CoreV1Api()
return api
def main():
args = get_args()
# open config file and load test scenario
f = open("../%s" % args.configfile, "r")
data = yaml.load(f, Loader=yaml.FullLoader)
f.close()
config.load_kube_config()
# c = Configuration()
# c.assert_hostname = False
# Configuration.set_default(c)
api = core_v1_api.CoreV1Api()
# name = 'busybox-test'
# connect k8s and read test containers
#v1 = client.CoreV1Api()
#ret = v1.list_pod_for_all_namespaces(label_selector="app=iperf3", watch=False)
pods = api.list_pod_for_all_namespaces(label_selector="app=iperf3", watch=False)
# check if each pods are READY
# update scenario data with real container name
servers=[]
targets=[]
clients=[]
stypes=[]
ctypes=[]
snamespaces=[]
cnamespaces=[]
mode=data['mode']
proto=data['proto']
for i in data['flows']:
stypes.append(i['server']['type'])
ctypes.append(i['client']['type'])
targets.append(i['target'])
if i['server']['type'] == 'kubernetes':
for j in pods.items:
if j.spec.hostname == i['server']['name']:
servers.append(j.metadata.name)
snamespaces.append(j.metadata.namespace)
else:
servers.append(i['server']['name'])
snamespaces.append("")
if i['client']['type'] == 'kubernetes':
for j in pods.items:
if j.spec.hostname == i['client']['name']:
clients.append(j.metadata.name)
cnamespaces.append(j.metadata.namespace)
else:
clients.append(i['server']['name'])
cnamespaces.append("")
# print("%s\t%s\t%s" % (i.status.pod_ip, i.metadata.namespace, i.metadata.name))
f = open("/tmp/advlabtools-scenario-temp", "w")
test_str = ""
servers_str = ""
for s in servers: servers_str += '"' + s + '" '
test_str += 'servers=(' + servers_str + ')\n'
targets_str = ""
for s in targets: targets_str += '"' + s + '" '
test_str += 'targets=(' + targets_str + ')\n'
clients_str = ""
for s in clients: clients_str += '"' + s + '" '
test_str += "clients=(" + clients_str + ")\n"
stypes_str = ""
for s in stypes: stypes_str += '"' + s + '" '
test_str += "stypes=(" + stypes_str + ")\n"
ctypes_str = ""
for s in ctypes: ctypes_str += '"' + s + '" '
test_str += "ctypes=(" + ctypes_str + ")\n"
snamespaces_str = ""
for s in snamespaces: snamespaces_str += '"' + s + '" '
test_str += "snamespaces=(" + snamespaces_str + ")\n"
cnamespaces_str = ""
for s in cnamespaces: cnamespaces_str += '"' + s + '" '
test_str += "cnamespaces=(" + cnamespaces_str + ")\n"
test_str += 'mode="' + mode + '"\n' + 'proto="' + proto + '"'
# print test_str
f.write(test_str)
f.close()
# exec_command1 = ['iperf3', '-s']
# resp1 = stream(api.connect_get_namespaced_pod_exec, 'iperf3-dep1-7bb5958b8d-vjg6n', 'default', command=exec_command1, stderr=True, stdin=False, stdout=True, tty=False)
# exec_command2 = ['iperf3', '-J', '-c', 'iperf3-dep1', '-t', '10']
# resp2 = stream(api.connect_post_namespaced_pod_exec, 'iperf3-dep2-64b64896fb-msrxt', 'default', command=exec_command2, stderr=True, stdin=False, stdout=True, tty=False)
#
# while True:
# if not resp2.is_open():
# resp2.peek_stdout()
# resp1.close()
# break
cmd = "../scripts/k8s_iperf3_peer.bash "
cmd_options = get_option(args)
print('Testing, wait {} seconds... '.format(args.time), end=" ")
dirname = str(subprocess.check_output( cmd+cmd_options, shell=True, universal_newlines=True )).replace('\n','')
print('done')
json_files = glob.glob(dirname + "/*cl*.json")
print("[Test Result]")
print("| Number of peers: " + str(len(json_files)))
csv_files = glob.glob(dirname + "/*esxtop*.csv")
print("[Test Result]")
print("| Number of hosts: " + str(len(csv_files)))
print("")
x={}
y={}
t=np.zeros(int(args.time))
i=0
init_plt()
for file in json_files:
print(file)
f = open(file, 'r')
perf_dict = json.load(f)
if args.udp:
print("| Avg Bandwidth(Gbps): " + str(perf_dict["end"]["sum"]["bits_per_second"] / 1000000000), end=" ")
print("| Jitter(ms): " + str(perf_dict["end"]["sum"]["jitter_ms"]), end=" ")
print("| Lost Packets: " + str(perf_dict["end"]["sum"]["lost_packets"]), end=" ")
print("| Lost %: " + str(perf_dict["end"]["sum"]["lost_percent"]))
print("| Sender CPU%: " + str(perf_dict["end"]["cpu_utilization_percent"]["host_total"]), end=" ")
print("| Receiver CPU%: " + str(perf_dict["end"]["cpu_utilization_percent"]["remote_total"]))
else:
print("| Avg Bandwidth(Gbps): " + str(perf_dict["end"]["sum_received"]["bits_per_second"] / 1000000000), end=" ")
print("| Retransmits: " + str(perf_dict["end"]["sum_sent"]["retransmits"]))
print("| Sender CPU%: " + str(perf_dict["end"]["cpu_utilization_percent"]["host_total"]), end=" ")
print("| Receiver CPU%: " + str(perf_dict["end"]["cpu_utilization_percent"]["remote_total"]))
x[i] = np.array(range(len(perf_dict["intervals"])))
y[i] = np.array([])
for p in perf_dict["intervals"]:
y[i] = np.append(y[i], p["sum"]["bits_per_second"])
plt.plot(x[i], y[i], color[i],marker="o",markersize=3)
t=t+y[i]
i=i+1
plt.plot(x[0], t, "k", marker="X", markersize=5, linewidth=2)
plt.show()
# process esxtop CSV files
for file in csv_files:
init_plt_esxtop()
print(file)
print("| Red - CPU Total Util | Blue - CPU Total Core Util | Green - CPU Total Proc Time |")
with open(file) as cf:
reader = csv.DictReader(cf, delimiter=",")
perf_dict = []
for row in reader:
perf_dict.append(row)
# X-scale must be coordinated as ESXTOP will be executed per 5 secs.
x = (np.array(range(len(perf_dict)))+1)*5
y_util = np.array([])
y_core = np.array([])
y_proc = np.array([])
for p in perf_dict:
rd = rdict(p)
y_util = np.append(y_util, float(rd[key_util][0]))
y_core = np.append(y_core, float(rd[key_core][0]))
y_proc = np.append(y_proc, float(rd[key_proc][0]))
# print x, y_util, y_core, y_proc
plt.plot(x, y_util, "r", marker="o",markersize=3)
plt.plot(x, y_core, "b", marker="o",markersize=3)
plt.plot(x, y_proc, "g", marker="o",markersize=3)
plt.show()
def status(args):
try:
dp = deployment.get_deployment(args.namespace, args.name)
replicasets = deployment.get_replicasets(dp)
except Exception as e:
stderr.write('cannot load deployment {0}: {1}\n'.format(
args.name, kubeutil.get_error(e)))
exit(1)
try:
generation = dp['metadata']['annotations'][
'deployment.kubernetes.io/revision']
except KeyError:
generation = '?'
stdout.write("deployment {0}/{1}:\n".format(
dp['metadata']['namespace'],
dp['metadata']['name'],
))
stdout.write(
" current generation is {0}, {2} replicas configured, {1} active replica sets\n"
.format(
generation,
len(replicasets),
dp['spec']['replicas'],
))
stdout.write(
"\n active replicasets (status codes: * current, ! error):\n")
for rs in replicasets:
pods = deployment.get_rs_pods(rs)
error = ' '
try:
revision = rs['metadata']['annotations'][
'deployment.kubernetes.io/revision']
except KeyError:
revision = '?'
if str(revision) == str(generation):
active = '*'
else:
active = ' '
try:
nready = rs['status']['readyReplicas']
except KeyError:
error = '!'
nready = 0
errors = []
try:
for condition in rs['status']['conditions']:
if condition['type'] == 'ReplicaFailure' and condition[
'status'] == 'True':
errors.append(condition['message'])
error = '!'
except KeyError:
pass
stdout.write(
" {4}{5}generation {1} is replicaset {0}, {2} replicas configured, {3} ready\n"
.format(rs['metadata']['name'], revision, rs['spec']['replicas'],
nready, active, error))
for container in rs['spec']['template']['spec']['containers']:
stdout.write(" container {0}: image {1}\n".format(
container['name'],
container['image'],
))
for error in errors:
stdout.write(" {0}\n".format(error))
for pod in pods:
try:
phase = pod['status']['phase']
except KeyError:
phase = '?'
stdout.write(" pod {0}: {1}\n".format(
pod['metadata']['name'],
phase,
))
if 'status' in pod and 'containerStatuses' in pod['status']:
for cs in pod['status']['containerStatuses']:
if 'waiting' in cs['state']:
try:
message = cs['state']['waiting']['message']
except KeyError:
message = '(no reason)'
stdout.write(" {0}: {1}\n".format(
cs['state']['waiting']['reason'],
message,
))
resources = None
try:
resources = json.loads(dp['metadata']['annotations']
['kdtool.torchbox.com/attached-resources'])
except KeyError:
exit(0)
except ValueError as e:
stderr.write(
"warning: could not decode kdtool.torchbox.com/attached-resources annotation: {0}\n"
.format(str(e)))
exit(0)
if len(resources) == 0:
exit(0)
stdout.write("\nattached resources:\n")
client = kubeutil.get_client()
v1 = core_v1_api.CoreV1Api(client)
extv1beta1 = extensions_v1beta1_api.ExtensionsV1beta1Api(client)
services = [
resource['name'] for resource in resources
if resource['kind'] == 'service'
]
for svc_name in services:
service = v1.read_namespaced_service(svc_name, args.namespace)
stdout.write(" service {0}: selector is ({1})\n".format(
service.metadata.name,
", ".join([k + "=" + v for k, v in service.spec.selector.items()]),
))
for port in service.spec.ports:
stdout.write(" port {0}: {1}/{2} -> {3}\n".format(
port.name, port.port, port.protocol, port.target_port))
ingresses = [
resource['name'] for resource in resources
if resource['kind'] == 'ingress'
]
for ing_name in ingresses:
ingress = extv1beta1.read_namespaced_ingress(ing_name, args.namespace)
stdout.write(" ingress {0}:\n".format(ingress.metadata.name))
for rule in ingress.spec.rules:
stdout.write(" http[s]://{0} -> {1}/{2}:{3}\n".format(
rule.host,
ingress.metadata.namespace,
rule.http.paths[0].backend.service_name,
rule.http.paths[0].backend.service_port,
))
volumes = [
resource['name'] for resource in resources
if resource['kind'] == 'volume'
]
for vol_name in volumes:
volume = v1.read_namespaced_persistent_volume_claim(
vol_name, args.namespace)
if volume.status:
stdout.write(
" volume {0}: mode is {1}, size {2}, phase {3}\n".format(
volume.metadata.name,
",".join(volume.status.access_modes),
volume.status.capacity['storage'],
volume.status.phase,
))
else:
stdout.write(" volume {0} is unknown (not provisioned)\n".format(
volume.metadata.name, ))
databases = [
resource['name'] for resource in resources
if resource['kind'] == 'database'
]
for db_name in databases:
resource_path = ('/apis/torchbox.com/v1/namespaces/' +
dp['metadata']['namespace'] + '/databases/' + db_name)
header_params = {}
header_params['Accept'] = client.select_header_accept(
['application/json'])
header_params['Content-Type'] = client.select_header_content_type(
['*/*'])
header_params.update(kubeutil.config.api_key)
(resp, code, header) = client.call_api(resource_path,
'GET', {}, {},
header_params,
None, [],
_preload_content=False)
database = json.loads(resp.data.decode('utf-8'))
if 'status' in database:
stdout.write(
" database {0}: type {1}, phase {2} (on server {3})\n".format(
database['metadata']['name'],
database['spec']['type'],
database['status']['phase'],
database['status']['server'],
))
else:
stdout.write(
" database {0}: type {1}, unknown (not provisioned)\n".format(
database['metadata']['name'],
database['spec']['type'],
))
def create_users(cluster_object):
core_api = core_v1_api.CoreV1Api()
name = cluster_object['metadata']['name']
namespace = cluster_object['metadata']['namespace']
try:
replicas = cluster_object['spec']['mongodb']['replicas']
except KeyError:
replicas = 3
admin_credentials = read_secret('{}-admin-credentials'.format(name),
namespace)
admin_username = b64decode(
admin_credentials.data['username']).decode('utf-8')
admin_password = b64decode(
admin_credentials.data['password']).decode('utf-8')
monitoring_credentials = read_secret(
'{}-monitoring-credentials'.format(name), namespace)
monitoring_username = b64decode(
monitoring_credentials.data['username']).decode('utf-8')
monitoring_password = b64decode(
monitoring_credentials.data['password']).decode('utf-8')
mongo_command = '''
admin = db.getSiblingDB("admin")
admin.createUser(
{{
user: "******",
pwd: "{}",
roles: [ {{ role: "root", db: "admin" }} ]
}}
)
admin.auth(
"{}",
"{}"
)
admin.createUser(
{{
user: "******",
pwd: "{}",
roles: [ {{ role: "clusterMonitor", db: "admin" }} ]
}}
)
'''.format(admin_username, admin_password, admin_username, admin_password,
monitoring_username, monitoring_password)
for i in range(replicas):
pod_name = '{}-{}'.format(name, i)
exec_cmd = [
'mongo', 'localhost:27017/admin', '--ssl', '--sslCAFile',
'/etc/ssl/mongod/ca.pem', '--sslPEMKeyFile',
'/etc/ssl/mongod/mongod.pem', '--eval', '{}'.format(mongo_command)
]
exec_resp = stream(core_api.connect_get_namespaced_pod_exec,
pod_name,
namespace,
command=exec_cmd,
container='mongod',
stderr=True,
stdin=False,
stdout=True,
tty=False)
if 'Successfully added user: {' in exec_resp:
logging.info('created users for {} in ns/{}'.format(
name, namespace))
return True
elif "Error: couldn't add user: not master :" in exec_resp:
# most of the time member-0 is elected master
# if it is not we get this error and need to
# loop through members until we find the master
continue
else:
logging.error('error creating users for {} in ns/{}\n{}'.format(
name, namespace, exec_resp))
return False
def _get_pod(name, namespace):
pod = core_v1_api.CoreV1Api().read_namespaced_pod(name=name,
namespace=namespace)
return pod
CYAN = '\033[96m'
DARKCYAN = '\033[36m'
BLUE = '\033[94m'
GREEN = '\033[92m'
YELLOW = '\033[93m'
RED = '\033[91m'
BOLD = '\033[1m'
UNDERLINE = '\033[4m'
END = '\033[0m'
def get_numbers_from_filename(filename):
return re.search(r'\d+', filename).group(0)
config.load_kube_config()
api_instance = client.CoreV1Api()
api = core_v1_api.CoreV1Api()
app = Flask(__name__)
Swagger(app)
# Functions
def validate_ns(ns):
pretty = 'true'
namespace_lst = []
for i in api_instance.list_namespace(pretty=pretty).items:
inamespace = i.metadata.name
namespace_lst.append(inamespace)
if ns not in namespace_lst :
return "invalid namespace " + ns + ", valid namespace are: " + " , ".join(namespace_lst) , 500
@app.route("/")
def main():
common.connect()
api = core_v1_api.CoreV1Api()
name = args.pod
namespace = os.environ.get('RD_NODE_DEFAULT_NAMESPACE')
log.debug("--------------------------")
log.debug("Pod Name: %s" % name)
log.debug("Namespace: %s " % namespace)
log.debug("--------------------------")
resp = None
try:
resp = api.read_namespaced_pod(name=name, namespace=namespace)
except ApiException as e:
if e.status != 404:
print("Unknown error: %s" % e)
exit(1)
if not resp:
print("Pod %s does not exits." % name)
exit(1)
source_file = os.environ.get('RD_FILE_COPY_FILE')
destination_file = os.environ.get('RD_FILE_COPY_DESTINATION')
shell = os.environ.get('RD_CONFIG_SHELL')
log.debug("Copying file from %s to %s" % (source_file, destination_file))
# Calling exec interactively.
exec_command = [shell]
resp = stream(api.connect_get_namespaced_pod_exec,
name,
namespace,
command=exec_command,
stderr=True,
stdin=True,
stdout=True,
tty=False,
_preload_content=False)
file = open(source_file, "r")
commands = []
commands.append("cat <<'EOF' >" + destination_file + "\n")
commands.append(file.read())
commands.append("EOF\n")
while resp.is_open():
resp.update(timeout=1)
if resp.peek_stdout():
print("STDOUT: %s" % resp.read_stdout())
if resp.peek_stderr():
print("STDERR: %s" % resp.read_stderr())
if commands:
c = commands.pop(0)
resp.write_stdin(c)
else:
break
resp.close()
def __init__(self):
config.load_kube_config(config_file='/root/zcc/hello/config')
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
self.api = core_v1_api.CoreV1Api()
def __init__(self, datacenter, **kwargs):
"""
Initializes Kube context
:param datacenter: datacenter name
:param kwargs: Kube details
"""
self.logger = logging.get_logger(self.__class__.__name__)
self.datacenter = datacenter
self.image = kwargs['image']
self.name = kwargs['name']
try:
config.load_kube_config()
self.apiclient = api_client.ApiClient()
self.api = core_v1_api.CoreV1Api(self.apiclient)
self.k8s_beta = client.ExtensionsV1beta1Api()
except Exception as err:
self.logger.error(
"Error loading Kube config, Exception: {} ".format(err))
sys.exit(1)
if 'type' in kwargs and kwargs['type'] == "backend":
self.logger.info("Deploying backend {}".format(self.name))
self.version = kwargs['version']
user = kwargs["user"]
else:
if 'task' in kwargs and kwargs['task'] == "rollback":
self.version = kwargs["version"]
else:
img = Image(deploy=True, **kwargs)
self.version = img.current_version()
user = kwargs["cluster_config"]["APP_DATACENTER"]
attributes = {
"datacenter":
self.datacenter,
"version":
self.version,
"user":
user,
"env": {},
"cpu":
"250m",
"limitscpu":
"500m",
"lbport":
kwargs['port']
if 'type' in kwargs and kwargs['type'] == "backend" else 80,
"replicas":
kwargs['count']
if int(kwargs['count']) > 1 else self._getreplica(),
"name":
self.name,
"registry":
kwargs["app_docker_registry"],
"deploy_app":
deployment_app,
"service_app":
service_app,
"patch_app":
patch_app
}
attributes.update(kwargs)
self.attributes = attributes
self.replicas = int(self.attributes["replicas"])
self.deploy_app = render(attributes['deploy_app'], attributes)
self.service_app = render(attributes['service_app'], attributes)
self.patch_app = render(attributes['patch_app'], attributes)
self.logger.info(
"Image processing name:{image}, version:{version}".format(
image=self.image, version=self.version))
self.logger.warn(
"Image processing name:{image}, version:{version}".format(
image=self.image, version=self.version))
def main():
common.connect()
api = core_v1_api.CoreV1Api()
namespace = os.environ.get('RD_CONFIG_NAMESPACE')
name = os.environ.get('RD_CONFIG_NAME')
container = os.environ.get('RD_CONFIG_CONTAINER_NAME')
log.debug("--------------------------")
log.debug("Pod Name: %s" % name)
log.debug("Namespace: %s " % namespace)
log.debug("Container: %s " % container)
log.debug("--------------------------")
data = {}
data["api_version"] = os.environ.get('RD_CONFIG_API_VERSION')
data["name"] = os.environ.get('RD_CONFIG_NAME')
data["container_name"] = os.environ.get('RD_CONFIG_CONTAINER_NAME')
data["image"] = os.environ.get('RD_CONFIG_IMAGE')
data["ports"] = os.environ.get('RD_CONFIG_PORTS')
data["replicas"] = os.environ.get('RD_CONFIG_REPLICAS')
data["namespace"] = os.environ.get('RD_CONFIG_NAMESPACE')
data["labels"] = os.environ.get('RD_CONFIG_LABELS')
if os.environ.get('RD_CONFIG_ENVIRONMENTS'):
data["environments"] = os.environ.get('RD_CONFIG_ENVIRONMENTS')
if os.environ.get('RD_CONFIG_ENVIRONMENTS_SECRETS'):
evs = os.environ.get('RD_CONFIG_ENVIRONMENTS_SECRETS')
data["environments_secrets"] = evs
if os.environ.get('RD_CONFIG_LIVENESS_PROBE'):
data["liveness_probe"] = os.environ.get('RD_CONFIG_LIVENESS_PROBE')
if os.environ.get('RD_CONFIG_READINESS_PROBE'):
data["readiness_probe"] = os.environ.get('RD_CONFIG_READINESS_PROBE')
if os.environ.get('RD_CONFIG_VOLUME_MOUNTS'):
data["volume_mounts"] = os.environ.get('RD_CONFIG_VOLUME_MOUNTS')
if os.environ.get('RD_CONFIG_VOLUMES'):
data["volumes"] = os.environ.get('RD_CONFIG_VOLUMES')
if os.environ.get('RD_CONFIG_CONTAINER_COMMAND'):
cc = os.environ.get('RD_CONFIG_CONTAINER_COMMAND')
data["container_command"] = cc
if os.environ.get('RD_CONFIG_CONTAINER_ARGS'):
data["container_args"] = os.environ.get('RD_CONFIG_CONTAINER_ARGS')
if os.environ.get('RD_CONFIG_RESOURCES_REQUESTS'):
rr = os.environ.get('RD_CONFIG_RESOURCES_REQUESTS')
data["resources_requests"] = rr
if os.environ.get('RD_CONFIG_WAITREADY'):
data["waitready"] = os.environ.get('RD_CONFIG_WAITREADY')
pod = create_pod(data)
resp = None
try:
resp = api.create_namespaced_pod(namespace=namespace,
body=pod,
pretty="True")
print("Pod Created successfully")
except ApiException as e:
log.error("Exception creating pod: %s\n" % e)
exit(1)
if not resp:
print("Pod %s does not exits." % name)
exit(1)
def main():
common.connect()
api = core_v1_api.CoreV1Api()
name = os.environ.get('RD_NODE_DEFAULT_NAME')
namespace = os.environ.get('RD_NODE_DEFAULT_NAMESPACE')
container = os.environ.get('RD_NODE_DEFAULT_CONTAINER_NAME')
log.debug("--------------------------")
log.debug("Pod Name: %s" % name)
log.debug("Namespace: %s " % namespace)
log.debug("Container: %s " % container)
log.debug("--------------------------")
resp = None
try:
resp = api.read_namespaced_pod(name=name, namespace=namespace)
except ApiException as e:
if e.status != 404:
print("Unknown error: %s" % e)
exit(1)
if not resp:
print("Pod %s does not exits." % name)
exit(1)
source_file = os.environ.get('RD_FILE_COPY_FILE')
destination_file = os.environ.get('RD_FILE_COPY_DESTINATION')
#force print destination to avoid error with node-executor
print destination_file
log.debug("Copying file from %s to %s" % (source_file, destination_file))
destination_path = os.path.dirname(destination_file)
destination_file_name = os.path.basename(destination_file)
# Copying file client -> pod
exec_command = ['tar', 'xvf', '-', '-C', '/']
resp = stream(api.connect_get_namespaced_pod_exec,
name,
'default',
command=exec_command,
container=container,
stderr=True,
stdin=True,
stdout=True,
tty=False,
_preload_content=False)
with TemporaryFile() as tar_buffer:
with tarfile.open(fileobj=tar_buffer, mode='w') as tar:
tar.add(name=source_file,
arcname=destination_path + "/" + destination_file_name)
tar_buffer.seek(0)
commands = []
commands.append(tar_buffer.read())
while resp.is_open():
resp.update(timeout=1)
if resp.peek_stdout():
print("STDOUT: %s" % resp.read_stdout())
if resp.peek_stderr():
print("STDERR: %s" % resp.read_stderr())
if commands:
c = commands.pop(0)
# print("Running command... %s\n" % c)
resp.write_stdin(c)
else:
break
resp.close()
def handler(event, context):
if 'local_config' in os.environ and os.environ['local_config'].lower() == 'true':
config.load_kube_config()
else:
kube_config = {
"name": os.environ["kube_name"],
"server": os.environ["kube_server"],
"certificate-authority-data": os.environ["kube_cert_auth"].rstrip(),
"user": os.environ["kube_user"],
"pass": os.environ["kube_pass"]
}
kube_doc = """
apiVersion: v1
kind: Config
preferences: {{}}
clusters:
- cluster:
certificate-authority-data: {certificate-authority-data}
server: {server}
name: {name}
contexts:
- context:
cluster: {name}
user: {name}
name: {name}
current-context: {name}
users:
- name: {name}
user:
username: {user}
password: {pass}
""".format(**kube_config)
with open('/tmp/kube_config', 'w') as kube_config_file:
kube_config_file.write(kube_doc)
kube_config_file.close()
config.load_kube_config(config_file="/tmp/kube_config")
print('Loaded kube config')
configuration.assert_hostname = False
api = core_v1_api.CoreV1Api()
##########################################
# Reclaim weave IPs.
# Get master
node_selector = 'kubernetes.io/role=master'
master_name = None
try:
nodes = api.list_node(label_selector=node_selector, watch=False)
for n in nodes.items:
master_name = n.metadata.name
except ApiException as e:
if e.status != 404:
print("Unknown error: %s" % e)
exit(1)
if master_name is None:
print('No master node found in the cluster!')
exit(1)
else:
print('Found master node: %s' % master_name)
# Get the weave pod running on the master
pod_name = None
pod_ns = 'kube-system'
pod_container = 'weave'
pod_fselector = 'spec.nodeName=%s' % master_name
pod_lselector = 'name=weave-net'
try:
pods = api.list_namespaced_pod(namespace=pod_ns, field_selector=pod_fselector, label_selector=pod_lselector, watch=False)
for p in pods.items:
pod_name = p.metadata.name
except ApiException as e:
if e.status != 404:
print("Unknown error: %s" % e)
exit(1)
if pod_name is None:
print("Cannot find pod on master %s" % master_name)
exit(1)
else:
print('Found pod matching %s: %s' % (pod_lselector, pod_name))
# calling exec and wait for response.
ipam_status_cmd = [
'/home/weave/weave',
'--local',
'status',
'ipam'
]
mac_addrs = None
try:
ipam = api.connect_get_namespaced_pod_exec(pod_name, pod_ns, command=ipam_status_cmd, container=pod_container,
stderr=True, stdin=False, stdout=True, tty=False)
if ipam is not None:
ipam_lines = ipam.split('\n')
mac_addrs = [re.sub('\(.*', '', l) for l in ipam_lines if re.search('unreachable', l)]
except ApiException as e:
if e.status != 404:
print("Unknown error: %s" % e)
exit(1)
if mac_addrs:
for mac in mac_addrs:
rmpeer_cmd = [
'/home/weave/weave',
'--local',
'status',
'ipam',
mac
]
try:
print('Reclaiming from mac addr: %s' % mac)
ipam = api.connect_get_namespaced_pod_exec(pod_name, pod_ns, command=rmpeer_cmd, container=pod_container,
stderr=True, stdin=False, stdout=True, tty=False)
if ipam is not None:
ipam_lines = ipam.split('\n')
mac_addrs = [re.sub('\(.*', '', l) for l in ipam_lines]
except ApiException as e:
if e.status != 404:
print("Unknown error while remove mac addr %s: %s" % (mac, e))
break
def index(n):
for i in range(n):
name = randomword(10)
core_v1 = core_v1_api.CoreV1Api()
#service
service_manifest = {
"apiVersion": "v1",
"kind": "Service",
"metadata": {
"name": name + "-service"
},
"spec": {
"selector": {
"app": name
},
"ports": [{
"protocol": "TCP",
"port": 8003
}],
"type": "NodePort"
}
}
service = core_v1.create_namespaced_service(namespace="default",
body=service_manifest)
port = service.spec.ports[0].node_port
ip = get_node_cluster(os.environ['KUBECONFIG'])
print("name=", name)
print("address=", ip + ':' + str(port))
address = ip + ':' + str(port)
#pod
pod_manifest = {
"apiVersion": "v1",
"kind": "Pod",
"metadata": {
"name": name + "-storage",
"labels": {
"app": name
}
},
"spec": {
"containers": [{
"name":
name,
"image":
"ignacioschmid/pubsub:storage_test",
"ports": [{
"containerPort": 8003
}],
"env": [{
"name": "SENTINEL_HOST",
"value": "http://192.168.25.68"
}, {
"name": "SENTINEL_PORT",
"value": "8080"
}, {
"name": "SERVER_ADDRESS",
"value": ip
}, {
"name": "SERVER_PORT",
"value": str(port)
}, {
"name": "ID",
"value": name
}]
}]
}
}
pod = core_v1.create_namespaced_pod(body=pod_manifest,
namespace="default")
register_storage(address, name)
return address
def execute_module(module, k8s_ansible_mixin):
# Load kubernetes.client.Configuration
api = core_v1_api.CoreV1Api(k8s_ansible_mixin.client.client)
# hack because passing the container as None breaks things
optional_kwargs = {}
if module.params.get("container"):
optional_kwargs["container"] = module.params["container"]
else:
# default to the first container available on pod
resp = None
try:
resp = api.read_namespaced_pod(
name=module.params["pod"],
namespace=module.params["namespace"])
except ApiException:
pass
if resp and len(resp.spec.containers) >= 1:
optional_kwargs["container"] = resp.spec.containers[0].name
try:
resp = stream(api.connect_get_namespaced_pod_exec,
module.params["pod"],
module.params["namespace"],
command=shlex.split(module.params["command"]),
stdout=True,
stderr=True,
stdin=False,
tty=False,
_preload_content=False,
**optional_kwargs)
except Exception as e:
module.fail_json(msg="Failed to execute on pod %s"
" due to : %s" %
(module.params.get("pod"), to_native(e)))
stdout, stderr, rc = [], [], 0
while resp.is_open():
resp.update(timeout=1)
if resp.peek_stdout():
stdout.append(resp.read_stdout())
if resp.peek_stderr():
stderr.append(resp.read_stderr())
err = resp.read_channel(3)
err = yaml.safe_load(err)
if err["status"] == "Success":
rc = 0
else:
rc = int(err["details"]["causes"][0]["message"])
module.deprecate(
"The 'return_code' return key is deprecated. Please use 'rc' instead.",
version="4.0.0",
collection_name="kubernetes.core",
)
module.exit_json(
# Some command might change environment, but ultimately failing at end
changed=True,
stdout="".join(stdout),
stderr="".join(stderr),
rc=rc,
return_code=rc,
)
def undeploy(args):
try:
dp = deployment.get_deployment(args.namespace, args.name)
except Exception as e:
stderr.write('cannot load deployment {0}: {1}\n'.format(
args.name, kubeutil.get_error(e)))
exit(1)
resources = None
try:
resources = json.loads(dp['metadata']['annotations']
['kdtool.torchbox.com/attached-resources'])
except KeyError:
pass
except ValueError as e:
stderr.write(
"error: could not decode kdtool.torchbox.com/attached-resources annotation: {0}\n"
.format(str(e)))
exit(1)
stdout.write("\nthis deployment will be removed:\n")
stdout.write("- {0}/{1}\n".format(
dp['metadata']['namespace'],
dp['metadata']['name'],
))
if len(resources):
if args.all:
stdout.write(
"\nthe following attached resources will also be deleted:\n")
for res in resources:
extra = ''
if res['kind'] == 'database':
extra = ' (database will be dropped)'
elif res['kind'] == 'volume':
extra = ' (contents will be deleted)'
stdout.write("- {0}: {1}{2}\n".format(res['kind'], res['name'],
extra))
else:
stdout.write(
"\nthe following attached resources will NOT be deleted (use --all):\n"
)
for res in resources:
stdout.write("- {0}: {1}\n".format(
res['kind'],
res['name'],
))
stdout.write('\n')
if not args.force:
pr = input('continue [y/N]? ')
if pr.lower() not in ['yes', 'y']:
stdout.write("okay, aborting\n")
exit(0)
client = kubeutil.get_client()
extv1beta1 = extensions_v1beta1_api.ExtensionsV1beta1Api(client)
v1 = core_v1_api.CoreV1Api(client)
stdout.write('deleting deployment <{}/{}>: '.format(
args.namespace, args.name))
extv1beta1.delete_namespaced_deployment(args.name, args.namespace, body={})
stdout.write('ok\n')
if not args.all:
exit(0)
for res in resources:
stdout.write('deleting {} <{}>: '.format(res['kind'], res['name']))
if res['kind'] == 'volume':
v1.delete_namespaced_persistent_volume_claim(res['name'],
args.namespace,
body={})
elif res['kind'] == 'secret':
v1.delete_namespaced_secret(res['name'], args.namespace, body={})
elif res['kind'] == 'database':
resource_path = ('/apis/torchbox.com/v1/namespaces/' +
dp['metadata']['namespace'] + '/databases/' +
res['name'])
header_params = {}
header_params['Accept'] = client.select_header_accept(
['application/json'])
header_params['Content-Type'] = client.select_header_content_type(
['*/*'])
header_params.update(kubeutil.config.api_key)
(resp, code, header) = client.call_api(resource_path,
'DELETE', {}, {},
header_params,
None, [],
_preload_content=False)
elif res['kind'] == 'service':
v1.delete_namespaced_service(res['name'], args.namespace)
elif res['kind'] == 'ingress':
extv1beta1.delete_namespaced_ingress(res['name'],
args.namespace,
body={})
stdout.write('ok\n')
import kopf
import yaml
import kubernetes
from kubernetes import client
from factories import server, proxy
from kubernetes.client.apis import core_v1_api
from kubernetes.client.rest import ApiException
corev1 = core_v1_api.CoreV1Api()
@kopf.on.create("arc.com", "v1alpha1", "servers")
def create_server(meta, spec, logger, namespace, **kwargs):
to_own = []
name = meta.get('name')
body = server.create_server_body(name)
if not pod_exists(name, namespace):
obj = corev1.create_namespaced_pod(namespace=namespace, body=body)
logger.info(f"Successfully created server {name}")
to_own.append(obj)
else:
logger.info(f"Pod {name} already exists")
service = server.create_server_nodeport(name)
if spec.get('open', False) and not service_exists(name, namespace):
obj = corev1.create_namespaced_service(namespace=namespace, body=service)
logger.info(f"Successfully created service {name}")
to_own.append(obj)
else:
logger.info(f"Service {name} already exists")
def delete_pod(data):
# Delete pod
api = core_v1_api.CoreV1Api()
common.delete_pod(api, data)
print("Pod deleted successfully")
def main():
parser = argparse.ArgumentParser()
parser.add_argument('--timeout-monitors',
type=int,
default=0,
help='Will remove monitor output which did '
'not update in last `timeout` seconds. '
'Will not work on last monitor on screen.')
parser.add_argument('--verbose', action='store_true', default=False)
parser.add_argument('--hex', action='store_true', default=False)
# taken from github.com/cilium/cilium/cmd/monitor.go
type_choices = ['drop', 'debug', 'capture', 'trace', 'l7']
parser.add_argument('--type',
action='append',
default=[],
choices=type_choices)
parser.add_argument('--node',
action='append',
default=[],
help='Specify which nodes monitor will be run on. '
'Can match either by cilium pod names or k8s node '
'names. Can specify multiple.')
parser.add_argument('--selector',
action='append',
default=[],
help='k8s equality label selectors for pods which '
'monitor should listen to. each selector will '
'retrieve its own set of pods. '
'Format is "label-name=label-value" '
'Can specify multiple.')
parser.add_argument('--pod',
action='append',
default=[],
help='pod names in form of "namespace:pod-name", '
'if there is no namespace, default is assumed. '
'Can specify multiple.')
parser.add_argument('--endpoint',
action='append',
type=int,
default=[],
help='Cilium endpoint ids. Can specify multiple.')
parser.add_argument('--to-selector',
action='append',
default=[],
help='k8s equality label selectors for pods which '
'monitor should listen to. each selector will '
'retrieve its own set of pods. '
'Matches events that go to selected pods. '
'Format is "label-name=label-value" '
'Can specify multiple.')
parser.add_argument('--to-pod',
action='append',
default=[],
help='pod names in form of "namespace:pod-name", '
'if there is no namespace, default is assumed. '
'Matches events that go to specified pods. '
'Can specify multiple.')
parser.add_argument('--to-endpoint',
action='append',
type=int,
default=[],
help='Cilium endpoint ids. '
'Matches events that go to specified endpoints. '
'Can specify multiple.')
parser.add_argument('--from-selector',
action='append',
default=[],
help='k8s equality label selectors for pods which '
'monitor should listen to. each selector will '
'retrieve its own set of pods. '
'Matches events that come from selected pods. '
'Format is "label-name=label-value" '
'Can specify multiple.')
parser.add_argument('--from-pod',
action='append',
default=[],
help='pod names in form of "namespace:pod-name", '
'if there is no namespace, default is assumed. '
'Matches events that come from specified pods. '
'Can specify multiple.')
parser.add_argument('--from-endpoint',
action='append',
type=int,
default=[],
help='Cilium endpoint ids. '
'Matches events that come from specified endpoints. '
'Can specify multiple.')
parser.add_argument('--send-command',
type=str,
default="",
help='Execute command as-provided in argument on '
'all specified nodes and show output.')
parser.add_argument('--cilium-namespace',
type=str,
default="kube-system",
help='Specify namespace in which Cilium pods reside')
parser.add_argument('--clear-monitors',
action='store_true',
default=False,
help='Kill all `cilium monitor` on Cilium nodes. '
'Helpful for debugging')
parser.add_argument('--rich',
action='store_true',
default=False,
help='Opens rich ui version')
parser.add_argument('-n',
'--namespace',
type=str,
default='default',
help='Namespace to look for selected endpoints in')
args = parser.parse_args()
try:
config.load_kube_config()
except FileNotFoundError:
config.load_incluster_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
api = core_v1_api.CoreV1Api()
runner = MonitorRunner(args.cilium_namespace, api, args.namespace)
monitor_args = MonitorArgs(args.verbose, args.hex, args.selector, args.pod,
args.endpoint, args.to_selector, args.to_pod,
args.to_endpoint, args.from_selector,
args.from_pod, args.from_endpoint, args.type,
args.namespace)
try:
if args.clear_monitors:
cmd = "pkill -f \"cilium monitor\""
else:
cmd = args.send_command
runner.run(monitor_args, args.node, cmd)
if args.rich:
ui(runner, args.timeout_monitors)
elif not args.clear_monitors:
batch(runner, args.timeout_monitors)
except KeyboardInterrupt as e:
pass
except NoEndpointException as e:
print("Cilium endpoints matching pod names/label selectors not found.")
finally:
runner.finish()
def main():
common.connect()
api = core_v1_api.CoreV1Api()
namespace = os.environ.get('RD_CONFIG_NAMESPACE')
name = os.environ.get('RD_CONFIG_NAME')
log.debug("--------------------------")
log.debug("Pod Name: %s" % name)
log.debug("Namespace: %s " % namespace)
log.debug("--------------------------")
delete_on_fail = False
if os.environ.get('RD_CONFIG_DELETEONFAIL') == 'true':
delete_on_fail = True
resp = None
try:
resp = api.read_namespaced_pod(name=name,
namespace=namespace)
except ApiException as e:
if e.status != 404:
log.error("Unknown error: %s" % e)
exit(1)
if not resp:
log.error("Pod %s does not exits." % name)
exit(1)
core_v1 = client.CoreV1Api()
response = core_v1.read_namespaced_pod_status(
name=name,
namespace=namespace,
pretty="True"
)
if response.spec.containers:
container = response.spec.containers[0].name
else:
log.error("Container not found")
exit(1)
script = os.environ.get('RD_CONFIG_SCRIPT')
invocation = "/bin/bash"
if 'RD_CONFIG_INVOCATION' in os.environ:
invocation = os.environ.get('RD_CONFIG_INVOCATION')
destination_path = "/tmp"
if 'RD_NODE_FILE_COPY_DESTINATION_DIR' in os.environ:
destination_path = os.environ.get('RD_NODE_FILE_COPY_DESTINATION_DIR')
temp = tempfile.NamedTemporaryFile()
destination_file_name = os.path.basename(temp.name)
full_path = destination_path + "/" + destination_file_name
try:
temp.write(script)
temp.seek(0)
log.debug("coping script from %s to %s" % (temp.name,full_path))
common.copy_file(name=name,
container=container,
source_file=temp.name,
destination_path= destination_path,
destination_file_name=destination_file_name
)
finally:
temp.close()
permissions_command = ["chmod", "+x", full_path]
log.debug("setting permissions %s" % permissions_command)
resp = common.run_command(name=name,
namespace=namespace,
container=container,
command=permissions_command
)
if resp.peek_stdout():
print(resp.read_stdout())
if resp.peek_stderr():
print(resp.read_stderr())
sys.exit(1)
# calling exec and wait for response.
exec_command = invocation.split(" ")
exec_command.append(full_path)
if 'RD_CONFIG_ARGUMENTS' in os.environ:
arguments = os.environ.get('RD_CONFIG_ARGUMENTS')
exec_command.append(arguments)
log.debug("running script %s" % exec_command)
resp, error = common.run_interactive_command(name=name,
namespace=namespace,
container=container,
command=exec_command
)
if error:
log.error("error running script")
if delete_on_fail:
log.info("removing POD on fail")
data = {}
data["name"] = name
data["namespace"] = namespace
common.delete_pod(api, data)
log.info("POD deleted")
sys.exit(1)
rm_command = ["rm", full_path]
log.debug("removing file %s" % rm_command)
resp = common.run_command(name=name,
namespace=namespace,
container=container,
command=rm_command
)
if resp.peek_stdout():
log.debug(resp.read_stdout())
if resp.peek_stderr():
log.debug(resp.read_stderr())
sys.exit(1)
def test_pod_apis(self):
client = api_client.ApiClient(configuration=self.config)
api = core_v1_api.CoreV1Api(client)
name = 'busybox-test-' + short_uuid()
pod_manifest = {
'apiVersion': 'v1',
'kind': 'Pod',
'metadata': {
'name': name
},
'spec': {
'containers': [{
'image': 'busybox',
'name': 'sleep',
"args": [
"/bin/sh",
"-c",
"while true;do date;sleep 5; done"
]
}]
}
}
resp = api.create_namespaced_pod(body=pod_manifest,
namespace='default')
self.assertEqual(name, resp.metadata.name)
self.assertTrue(resp.status.phase)
while True:
resp = api.read_namespaced_pod(name=name,
namespace='default')
self.assertEqual(name, resp.metadata.name)
self.assertTrue(resp.status.phase)
if resp.status.phase != 'Pending':
break
time.sleep(1)
exec_command = ['/bin/sh',
'-c',
'for i in $(seq 1 3); do date; done']
resp = stream(api.connect_get_namespaced_pod_exec, name, 'default',
command=exec_command,
stderr=False, stdin=False,
stdout=True, tty=False)
print('EXEC response : %s' % resp)
self.assertEqual(3, len(resp.splitlines()))
exec_command = 'uptime'
resp = stream(api.connect_post_namespaced_pod_exec, name, 'default',
command=exec_command,
stderr=False, stdin=False,
stdout=True, tty=False)
print('EXEC response : %s' % resp)
self.assertEqual(1, len(resp.splitlines()))
resp = stream(api.connect_post_namespaced_pod_exec, name, 'default',
command='/bin/sh',
stderr=True, stdin=True,
stdout=True, tty=False,
_preload_content=False)
resp.write_stdin("echo test string 1\n")
line = resp.readline_stdout(timeout=5)
self.assertFalse(resp.peek_stderr())
self.assertEqual("test string 1", line)
resp.write_stdin("echo test string 2 >&2\n")
line = resp.readline_stderr(timeout=5)
self.assertFalse(resp.peek_stdout())
self.assertEqual("test string 2", line)
resp.write_stdin("exit\n")
resp.update(timeout=5)
line = resp.read_channel(ERROR_CHANNEL)
status = json.loads(line)
self.assertEqual(status['status'], 'Success')
resp.update(timeout=5)
self.assertFalse(resp.is_open())
number_of_pods = len(api.list_pod_for_all_namespaces().items)
self.assertTrue(number_of_pods > 0)
resp = api.delete_namespaced_pod(name=name, body={},
namespace='default')
def __init__(self, datacenter, **kwargs):
self.attributes = {'user': '******', 'registry_version': 'v2'}
self.logger = logging.get_logger(self.__class__.__name__)
self.attributes.update(kwargs)
self.attributes['user'] = self.attributes['cluster_config'][
'APP_DATACENTER']
self.app_main = self.attributes['cluster_config']['APP_MAIN']
self.datacenter = self.attributes['cluster_config']['APP_DATACENTER']
self.from_datacenter = self.attributes["from_datacenter"]
self.registry = kwargs["app_docker_registry"]
self.resource_group_prefix = self.attributes['cluster_config'][
'RESOURCE_GROUP_PREFIX']
self.resource_group = "{}-{}".format(self.resource_group_prefix,
self.datacenter)
try:
if ('AZURE_CLIENT_ID' in os.environ
and 'AZURE_CLIENT_SECRET' in os.environ
and 'AZURE_TENANT_ID' in os.environ
and 'AZURE_SUBSCRIPTION_ID' in os.environ):
self.__dict__.update({
'subscription_id':
os.environ['AZURE_SUBSCRIPTION_ID'],
'client_id':
os.environ['AZURE_CLIENT_ID'],
'client_secret':
os.environ['AZURE_CLIENT_SECRET'],
'tenant_id':
os.environ['AZURE_TENANT_ID']
})
else:
current_token_filename = os.path.join(
os.path.expanduser("~"), ".joara",
"{}.current_token_filename".format(self.resource_group))
read_from_cache = os.path.isfile(current_token_filename)
if (read_from_cache):
azure_credential = pickle.load(
open(current_token_filename, "rb"))
self.client_id = azure_credential['AZURE_CLIENT_ID']
self.client_secret = azure_credential[
'AZURE_CLIENT_SECRET']
self.tenant_id = azure_credential['AZURE_TENANT_ID']
self.subscription_id = azure_credential[
'AZURE_SUBSCRIPTION_ID']
os.environ['AZURE_CLIENT_ID'] = self.client_id
os.environ['AZURE_CLIENT_SECRET'] = self.client_secret
os.environ['AZURE_TENANT_ID'] = self.tenant_id
os.environ['AZURE_SUBSCRIPTION_ID'] = self.subscription_id
except Exception as e:
logs = "### Please update your azure credentials under clusters.ini or to environment variables ###, {}".format(
e)
self.logger.exception(logs)
raise RuntimeError(logs)
self.credentials = ServicePrincipalCredentials(
client_id=self.client_id,
secret=self.client_secret,
tenant=self.tenant_id)
storage_client = StorageManagementClient(
self.credentials, os.environ['AZURE_SUBSCRIPTION_ID'])
resource_group = "{}-{}".format(self.resource_group_prefix,
self.datacenter)
storage_name = "{}{}".format(self.resource_group_prefix,
self.datacenter)
storage_keys = storage_client.storage_accounts.list_keys(
resource_group, storage_name)
storage_keys = {v.key_name: v.value for v in storage_keys.keys}
if storage_keys:
os.environ['AZURE_STORAGE_KEY'] = storage_keys['key1']
os.environ['AZURE_STORAGE_ACCOUNT'] = storage_name
run("az storage container create -n {}".format("imagesversion"))
run("az login -u {} -p {} --tenant {} --service-principal".format(
os.environ['AZURE_CLIENT_ID'], os.environ['AZURE_CLIENT_SECRET'],
os.environ['AZURE_TENANT_ID']))
run("az acr login --name {}acr{}".format(self.resource_group_prefix,
self.from_datacenter))
try:
config.load_kube_config()
self.apiclient = api_client.ApiClient()
self.api = core_v1_api.CoreV1Api(self.apiclient)
self.k8s_beta = client.ExtensionsV1beta1Api()
except Exception as err:
self.logger.error()(
"Error copying Kube config, Exception: {}".format(err))
sys.exit(1)
self.version_manager = VersionManager(**self.__dict__)
def main():
parser = argparse.ArgumentParser()
parser.add_argument('--verbose', type=bool, default=False)
parser.add_argument('--node',
action='append',
default=[],
help='Cilium pod names. Can specify multiple.')
parser.add_argument('--selector',
action='append',
default=[],
help='k8s equality label selectors for pods which '
'monitor should listen to. each selector will '
'retrieve its own set of pods. '
'Format is "label-name=label-value" '
'Can specify multiple.')
parser.add_argument('--pod',
action='append',
default=[],
help='pod names in form of "namespace:pod-name", '
'if there is no namespace, default is assumed. '
'Can specify multiple.')
parser.add_argument('--endpoint',
action='append',
type=int,
default=[],
help='Cilium endpoint ids. Can specify multiple.')
parser.add_argument('--to-selector',
action='append',
default=[],
help='k8s equality label selectors for pods which '
'monitor should listen to. each selector will '
'retrieve its own set of pods. '
'Matches events that go to selected pods. '
'Format is "label-name=label-value" '
'Can specify multiple.')
parser.add_argument('--to-pod',
action='append',
default=[],
help='pod names in form of "namespace:pod-name", '
'if there is no namespace, default is assumed. '
'Matches events that go to specified pods. '
'Can specify multiple.')
parser.add_argument('--to-endpoint',
action='append',
type=int,
default=[],
help='Cilium endpoint ids. '
'Matches events that go to specified endpoints. '
'Can specify multiple.')
parser.add_argument('--from-selector',
action='append',
default=[],
help='k8s equality label selectors for pods which '
'monitor should listen to. each selector will '
'retrieve its own set of pods. '
'Matches events that come from selected pods. '
'Format is "label-name=label-value" '
'Can specify multiple.')
parser.add_argument('--from-pod',
action='append',
default=[],
help='pod names in form of "namespace:pod-name", '
'if there is no namespace, default is assumed. '
'Matches events that come from specified pods. '
'Can specify multiple.')
parser.add_argument('--from-endpoint',
action='append',
type=int,
default=[],
help='Cilium endpoint ids. '
'Matches events that come from specified endpoints. '
'Can specify multiple.')
args = parser.parse_args()
try:
config.load_kube_config()
except FileNotFoundError:
config.load_incluster_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
api = core_v1_api.CoreV1Api()
runner = MonitorRunner('kube-system', api)
monitor_args = MonitorArgs(args.verbose, args.selector, args.pod,
args.endpoint, args.to_selector, args.to_pod,
args.to_endpoint, args.from_selector,
args.from_pod, args.from_endpoint)
try:
runner.run(monitor_args, args.node)
ui(runner)
except KeyboardInterrupt as e:
pass
finally:
runner.finish()
