def _get_api(cluster): """ Get custom objects api associated with a cluster specifier. """ if cluster is None: load_incluster_config() api = CustomObjectsApi() elif cluster == 'remote_transcode': host = os.getenv('REMOTE_TRANSCODE_HOST') port = os.getenv('REMOTE_TRANSCODE_PORT') token = os.getenv('REMOTE_TRANSCODE_TOKEN') cert = os.getenv('REMOTE_TRANSCODE_CERT') conf = Configuration() conf.api_key['authorization'] = token conf.host = f'https://{host}:{port}' conf.verify_ssl = True conf.ssl_ca_cert = cert api_client = ApiClient(conf) api = CustomObjectsApi(api_client) else: cluster_obj = JobCluster.objects.get(pk=cluster) host = cluster_obj.host port = cluster_obj.port token = cluster_obj.token fd, cert = tempfile.mkstemp(text=True) with open(fd, 'w') as f: f.write(cluster_obj.cert) conf = Configuration() conf.api_key['authorization'] = token conf.host = f'https://{host}:{port}' conf.verify_ssl = True conf.ssl_ca_cert = cert api_client = ApiClient(conf) api = CustomObjectsApi(api_client) return api
def translate_marathon(self, key: str, value: str, full_path: str) -> None: if self.object is None: raise Exception("self.object is not set; this is a bug") labels = self.object.get('labels', {}) dcos_package_framework_name = labels.get("DCOS_PACKAGE_FRAMEWORK_NAME") if dcos_package_framework_name: logging.warning('Not translating app %s: it runs Mesos framework %s', value, dcos_package_framework_name) return settings = Settings( container_defaults=ContainerDefaults("alpine:latest", "/"), app_secret_mapping=self._secret_mapping, ) self.manifest = Manifest(pluginName="marathon", manifestName=self.dnsify(value)) assert self.object is not None translated = translate_app(self.object, settings) kc = ApiClient() if translated.deployment['kind'] == "StatefulSet": sleeper_stateful_set = make_sleeper_stateful_set(translated.deployment) dapp = kc._ApiClient__deserialize(sleeper_stateful_set, V1StatefulSetWithComment) try: configure_stateful_migrate(original_marathon_app=self.object, k8s_translate_result=translated.deployment) except: print("Unexpected error while preparing Marathon stateful migration:", sys.exc_info()[0]) raise else: dapp = kc._ApiClient__deserialize(translated.deployment, V1DeploymentWithComment) dapp.set_comment(translated.warnings) self.manifest.append(dapp) self._node_label_tracker.add_app_node_labels(self.object['id'], translated.required_node_labels) service, service_warnings = translate_service(dapp.metadata.labels['app'], self.object) if service: kc2 = ApiClient() dservice = kc2._ApiClient__deserialize(service, V1ServiceWithComment) dservice.set_comment(service_warnings) self.manifest.append(dservice) for remapping in self._secret_mapping.get_secrets_to_remap(): secret = _create_remapped_secret(self.manifest_list, remapping, self.object['id']) if secret is not None: self.manifest.append(secret)
def new_client_from_dict(conf: dict, context: str): client_config = type.__call__(Configuration) config.load_kube_config_from_dict(config_dict=conf, context=context, persist_config=False, client_configuration=client_config) return ApiClient(configuration=client_config)
def create_kube_api_client(kubeconfig_path: Optional[str] = None) -> ApiClient: kubeconfig_path = kubeconfig_path or "~/.kube/config" logger.info('creating kube client with config file: %s', kubeconfig_path) conf = Configuration() load_kube_config(config_file=kubeconfig_path, client_configuration=conf) return ApiClient(configuration=conf)
def load_kube_config( self, config_file: str = None, context: str = None, is_in_cluster: bool = False, extra_config_locations: List[str] = None, persist: bool = False, ): """Loads a kubernetes configuration from file. Args: config_file (str, optional): The configuration file path. Defaults to None = search for config. is_in_cluster (bool, optional): If true, the client will expect to run inside a cluster and to load the cluster config. Defaults to None = auto detect. extra_config_locations (List[str], optional): Extra locations to search for a configuration. Defaults to None. context (str, optional): The context name to run in. Defaults to None = active context. persist (bool, optional): If True, config file will be updated when changed (e.g GCP token refresh). """ self._kube_config: kube_config.Configuration = KubeApiConfiguration.load_kubernetes_configuration( config_file=config_file, is_in_cluster=is_in_cluster, extra_config_locations=extra_config_locations, context=context, persist=persist, ) assert self._kube_config is not None, KubeApiClientException( "Failed to load kubernetes configuration. Not found.") self._api_client: ApiClient = ApiClient(configuration=self.kube_config)
def get_clients(cluster): ''' :param cluster: k8s集群对象 :return: 一个apiclient对象,一个coreV1Api对象 ''' api_client = ApiClient( get_config( cluster ) ) return api_client, CoreV1Api( api_client )
def template_chart(args): current_dir = os.getcwd() chart_dir = os.path.join(current_dir, args.chart[0]) api = ApiClient() templates = [] fnames = [] try: templates_dir = os.path.join(chart_dir, 'templates') for fname in os.listdir(templates_dir): full_path = os.path.join(templates_dir, fname) if os.path.isfile(full_path): parts = os.path.splitext(fname) if parts[1] == '.py': tname = parts[0] spec = importlib.util.spec_from_file_location( tname, full_path) mod = importlib.util.module_from_spec(spec) spec.loader.exec_module(mod) t = mod.template() if not isinstance(t, (list, tuple)): t = [t] templates.extend(t) fnames += [full_path] * len(t) t_sanitized = api.sanitize_for_serialization(templates) output = '\n'.join([ '---\n{}\n{}'.format( '# Source: {}'.format(os.path.relpath(fname, current_dir)), yaml.dump(t, default_flow_style=False)) for t, fname in zip(t_sanitized, fnames) ]) print(output) except FileNotFoundError: print('No templates directory found')
def kubernetes_api_client(): config = client.Configuration() config.host = "http://dummy" config.api_key_prefix["authorization"] = "Bearer" config.api_key["authorization"] = "dummy" config.verify_ssl = False return ApiClient(config)
def build_client(self): configuration = Configuration() configuration.api_key['authorization'] = "Bearer {}".format(self.auth_info['K8S-Token']) configuration.host = self.auth_info['K8S-Endpoint'] configuration.verify_ssl = self._verify_ssl api_client = ApiClient(configuration) return K8sClient(api_client)
def __init__(self, alg): """ Intializes the connection. If algorithm object includes a remote cluster, use that. Otherwise, use this cluster. """ if alg.cluster: host = alg.cluster.host port = alg.cluster.port token = alg.cluster.token fd, cert = tempfile.mkstemp(text=True) with open(fd, 'w') as f: f.write(alg.cluster.cert) conf = Configuration() conf.api_key['authorization'] = token conf.host = f'{PROTO}{host}:{port}' conf.verify_ssl = True conf.ssl_ca_cert = cert api_client = ApiClient(conf) self.corev1 = CoreV1Api(api_client) self.custom = CustomObjectsApi(api_client) else: load_incluster_config() self.corev1 = CoreV1Api() self.custom = CustomObjectsApi() # Read in the manifest. if alg.manifest: self.manifest = yaml.safe_load(alg.manifest.open(mode='r')) # Save off the algorithm. self.alg = alg
def __init__(self): """ Intializes the connection. If environment variables for remote transcode are defined, connect to that cluster. """ host = os.getenv('REMOTE_TRANSCODE_HOST') port = os.getenv('REMOTE_TRANSCODE_PORT') token = os.getenv('REMOTE_TRANSCODE_TOKEN') cert = os.getenv('REMOTE_TRANSCODE_CERT') self.remote = host is not None if self.remote: conf = Configuration() conf.api_key['authorization'] = token conf.host = f'https://{host}:{port}' conf.verify_ssl = True conf.ssl_ca_cert = cert api_client = ApiClient(conf) self.corev1 = CoreV1Api(api_client) self.custom = CustomObjectsApi(api_client) else: load_incluster_config() self.corev1 = CoreV1Api() self.custom = CustomObjectsApi() self.setup_common_steps()
def objects_to_yaml(self): client = ApiClient() return '\n---\n'.join( # Use a generator here to avoid building an intermediate list. yaml.dump(client.sanitize_for_serialization(obj)) for obj in self.objects)
def _get_client(self, server, token): opts = dict( api_key={'authorization': f'Bearer {token}'}, host=server, verify_ssl=False, # default timeout seems to be 1+ minutes retries=5) if self.jump_host: # the ports could be parameterized, but at this point # we only have need of 1 tunnel for 1 service self.jump_host.create_ssh_tunnel() local_port = self.jump_host.local_port opts['proxy'] = f'http://localhost:{local_port}' configuration = Configuration() # the kubernetes client configuration takes a limited set # of parameters during initialization, but there are a lot # more options that can be set to tweak the behavior of the # client via instance variables. We define a set of options # above in the format of var_name:value then set them here # in the configuration object with setattr. for k, v in opts.items(): setattr(configuration, k, v) k8s_client = ApiClient(configuration) try: return DynamicClient(k8s_client) except urllib3.exceptions.MaxRetryError as e: raise StatusCodeError(f"[{self.server}]: {e}")
def _refresh_oidc(self, provider): config = Configuration() if 'idp-certificate-authority-data' in provider['config']: ca_cert = tempfile.NamedTemporaryFile(delete=True) if PY3: cert = base64.b64decode( provider['config']['idp-certificate-authority-data'] ).decode('utf-8') else: cert = base64.b64decode( provider['config']['idp-certificate-authority-data'] + "==" ) with open(ca_cert.name, 'w') as fh: fh.write(cert) config.ssl_ca_cert = ca_cert.name else: config.verify_ssl = False client = ApiClient(configuration=config) response = client.request( method="GET", url="%s/.well-known/openid-configuration" % provider['config']['idp-issuer-url'] ) if response.status != 200: return response = json.loads(response.data) request = OAuth2Session( client_id=provider['config']['client-id'], token=provider['config']['refresh-token'], auto_refresh_kwargs={ 'client_id': provider['config']['client-id'], 'client_secret': provider['config']['client-secret'] }, auto_refresh_url=response['token_endpoint'] ) try: refresh = request.refresh_token( token_url=response['token_endpoint'], refresh_token=provider['config']['refresh-token'], auth=(provider['config']['client-id'], provider['config']['client-secret']), verify=config.ssl_ca_cert if config.verify_ssl else None ) except oauthlib.oauth2.rfc6749.errors.InvalidClientIdError: return provider['config'].value['id-token'] = refresh['id_token'] provider['config'].value['refresh-token'] = refresh['refresh_token']
def __init__(self, name, version, values): super(HelmChart, self).__init__() self.name = name self.version = version self.values = values self.api = ApiClient() self.templates = {} self.init()
def get_api_client(self): configuration = Configuration() configuration.verify_ssl = False configuration.host = self.cluster.api configuration.api_key['authorization'] = self.cluster.token configuration.api_key_prefix['authorization'] = 'Bearer' api_client = ApiClient(configuration) return api_client
def client(self, group, version): client_config = Configuration() config.load_kube_config(self.config_file, client_configuration=client_config) client_config.proxy = self.http_proxy api_client = ApiClient(configuration=client_config) log.info('connecting to %s' % (api_client.configuration.host)) # e.g. client.CoreV1Api() return getattr(client, '%s%sApi' % (group, version))(api_client)
def getResourceYaml(self): logger.setLevel() k8s_client = ApiClient().apiclient() # type: ApiClient dyn_client = DynamicClient(k8s_client) v1_resources = dyn_client.resources.get(api_version='v1', kind=self.resource_type) resource = v1_resources.get(namespace=self.namespace, name=self.name) return resource
def __init__(self, host, token): configuration = client.Configuration() configuration.api_key_prefix['authorization'] = 'Bearer' configuration.api_key['authorization'] = token configuration.host = "https://{}:6443".format(host) configuration.verify_ssl = False configuration.debug = False self.client = ApiClient(configuration)
def _build_base_pod(self) -> k8s.V1Pod: from kubernetes.client import ApiClient basis_pod_yaml = target(self.pod_yaml).read() basis_pod_dict = yaml.safe_load(basis_pod_yaml) or {} api_client = ApiClient() return api_client._ApiClient__deserialize_model( basis_pod_dict, k8s.V1Pod)
def client(self): configuration = Configuration() configuration.api_key['authorization'] = "Bearer {}".format( self.headers['K8S-Token']) configuration.host = self.headers['K8S-Endpoint'] configuration.verify_ssl = self._verify_ssl api_client = ApiClient(configuration) return CoreV1Api(api_client)
def _convert_from_dict(obj, new_class): if isinstance(obj, new_class): return obj elif isinstance(obj, dict): api_client = ApiClient() return api_client._ApiClient__deserialize_model(obj, new_class) else: raise AirflowException(f"Expected dict or {new_class}, got {type(obj)}")
def kubernetes_api_client(rancher_client, cluster_name): c = rancher_client.by_id_cluster(cluster_name) kc = c.generateKubeconfig() loader = KubeConfigLoader(config_dict=yaml.load(kc.config)) client_configuration = type.__call__(Configuration) loader.load_and_set(client_configuration) k8s_client = ApiClient(configuration=client_configuration) return k8s_client
def new_client_from_config(config_file=None, context=None): """Loads configuration the same as load_kube_config but returns an ApiClient to be used with any API object. This will allow the caller to concurrently talk with multiple clusters.""" client_config = ConfigurationObject() load_kube_config(config_file=config_file, context=context, client_configuration=client_config) return ApiClient(config=client_config)
def test_node_selector(self): node_selector = {'beta.kubernetes.io/os': 'linux'} k = KubernetesPodOperator( namespace='default', image="ubuntu:16.04", cmds=["bash", "-cx"], arguments=["echo 10"], labels={"foo": "bar"}, name="name", task_id="task", in_cluster=False, do_xcom_push=False, cluster_context='default', node_selector=node_selector, ) result = k.create_pod_request_obj() client = ApiClient() self.assertEqual(type(result.spec.node_selector), dict) self.assertEqual( client.sanitize_for_serialization(result)['spec']['nodeSelector'], node_selector) # repeat tests using deprecated parameter k = KubernetesPodOperator( namespace='default', image="ubuntu:16.04", cmds=["bash", "-cx"], arguments=["echo 10"], labels={"foo": "bar"}, name="name", task_id="task", in_cluster=False, do_xcom_push=False, cluster_context='default', node_selectors=node_selector, ) result = k.create_pod_request_obj() client = ApiClient() self.assertEqual(type(result.spec.node_selector), dict) self.assertEqual( client.sanitize_for_serialization(result)['spec']['nodeSelector'], node_selector)
def create_kube_api_client(kubeconfig_path: Optional[str] = None) -> ApiClient: if not kubeconfig_path: kubeconfig_path = env_variables['installer_kubeconfig_path'] logger.info('creating kube client with config file: %s', kubeconfig_path) conf = Configuration() load_kube_config(config_file=kubeconfig_path, client_configuration=conf) return ApiClient(configuration=conf)
def getResourceName(self): logger.setLevel() k8s_client = ApiClient().apiclient() # type: ApiClient dyn_client = DynamicClient(k8s_client) v1_resources = dyn_client.resources.get(api_version='v1', kind=self.resource_type) resource = v1_resources.get(namespace=self.namespace, name=self.name) logging.info('Resource name is ' + resource.metadata.name) return resource.metadata.name
def test_ensure_config_loaded_proxy_prefers_https(self): with patch.dict( os.environ, { 'HTTPS_PROXY': 'http://localhost:12345', 'HTTP_PROXY': 'http://localhost:6789' }): ensure_config_loaded() self.assertEqual('http://localhost:12345', ApiClient().configuration.proxy)
def client_from_config(config_file, context): # TODO(fabianvf): probably want to break this branch out or refactor method names try: return config.new_client_from_config(config_file, context) except (IOError, config.ConfigException): if not config_file: return ApiClient(configuration=Configuration()) else: raise
def setUp(self): self.namespace = "default" self.yml_file = "{}/files/spark.yml".format(os.path.abspath('.')) self.group = 'sparkoperator.k8s.io' self.version = 'v1beta1' self.plural = 'sparkapplications' self.job_name = "{}-{}".format("spark-test-job", int(time.time())) config = kube_config.load_kube_config() self.api_instance = CustomObjectsApi(ApiClient(config))