def __configure_by_params(self):
""" Return API client from configuration file """
auth_args = AUTH_ARG_SPEC.keys()
core_configuration = Configuration()
for key, value in iteritems(self.params):
if key in auth_args and value is not None:
if key == 'api_key':
setattr(
sdk.configuration,
key, {'authorization': "Bearer {0}".format(value)})
setattr(
core_configuration,
key, {'authorization': "Bearer {0}".format(value)})
else:
setattr(sdk.configuration, key, value)
setattr(core_configuration, key, value)
if not self.params.get('verify_ssl'):
sdk.configuration.verify_ssl = False
core_configuration.verify_ssl = False
kube_config.load_kube_config(client_configuration=sdk.configuration)
Configuration.set_default(core_configuration)
return sdk.DefaultApi(), core_client.CoreV1Api()
def run_monitors(endpoint: int, verbose: bool, queue: Queue,
close_queue: Queue) -> List[Process]:
config.load_kube_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
api = core_v1_api.CoreV1Api()
namespace = 'kube-system'
try:
pods = api.list_namespaced_pod(namespace,
label_selector='k8s-app=cilium')
except APIException as e:
print('could not list Cilium pods: %s\n' % e)
sys.exit(1)
names = [pod.metadata.name for pod in pods.items]
processes = [Process(target=connect_monitor,
args=(name, namespace, queue, close_queue, api,
endpoint, verbose))
for name in names]
for p in processes:
p.start()
return processes
def _load_kube_config(self):
config.load_kube_config('/etc/kubernetes/admin.conf')
# Workaround: Turn off SSL/TLS verification
c = Configuration()
c.verify_ssl = False
Configuration.set_default(c)
def new(self):
config.load_kube_config(settings.K8S_CONFIG)
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
self.k8s = core_v1_api.CoreV1Api()
print('K8sclient init end')
def load_kube_config(config_file=None,
context=None,
client_configuration=None,
persist_config=True):
"""Loads authentication and cluster information from kube-config file
and stores them in kubernetes.client.configuration.
:param config_file: Name of the kube-config file.
:param context: set the active context. If is set to None, current_context
from config file will be used.
:param client_configuration: The kubernetes.client.Configuration to
set configs to.
:param persist_config: If True, config file will be updated when changed
(e.g GCP token refresh).
"""
if config_file is None:
config_file = KUBE_CONFIG_DEFAULT_LOCATION
loader = _get_kube_config_loader(filename=config_file,
active_context=context,
persist_config=persist_config)
if client_configuration is None:
config = type.__call__(Configuration)
loader.load_and_set(config)
Configuration.set_default(config)
else:
loader.load_and_set(client_configuration)
def _set_config(self):
configuration = Configuration()
configuration.host = CniService.config.host
configuration.ssl_ca_cert = CniService.ssl_ca_cert
configuration.api_key['authorization'] = CniService.config.api_key[
'authorization']
Configuration.set_default(configuration)
def _disable_verify_ssl() -> None:
if hasattr(Configuration, 'get_default_copy'):
configuration = Configuration.get_default_copy()
else:
configuration = Configuration()
configuration.verify_ssl = False
Configuration.set_default(configuration)
def load_kube_config(config_file=None, context=None,
client_configuration=None,
persist_config=True):
"""Loads authentication and cluster information from kube-config file
and stores them in kubernetes.client.configuration.
:param config_file: Name of the kube-config file.
:param context: set the active context. If is set to None, current_context
from config file will be used.
:param client_configuration: The kubernetes.client.Configuration to
set configs to.
:param persist_config: If True, config file will be updated when changed
(e.g GCP token refresh).
"""
if config_file is None:
config_file = os.path.expanduser(KUBE_CONFIG_DEFAULT_LOCATION)
config_persister = None
if persist_config:
def _save_kube_config(config_map):
with open(config_file, 'w') as f:
yaml.safe_dump(config_map, f, default_flow_style=False)
config_persister = _save_kube_config
loader = _get_kube_config_loader_for_yaml_file(
config_file, active_context=context,
config_persister=config_persister)
if client_configuration is None:
config = type.__call__(Configuration)
loader.load_and_set(config)
Configuration.set_default(config)
else:
loader.load_and_set(client_configuration)
def init_k8s_client():
# Configs can be set in Configuration class directly or using helper utility.
config.load_kube_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
return core_v1_api.CoreV1Api()
def get_kube_client(self, in_cluster=None):
from kubernetes import config, client
if in_cluster is None:
in_cluster = self.in_cluster
try:
if in_cluster:
config.load_incluster_config()
else:
config.load_kube_config(
config_file=self.config_file, context=self.cluster_context
)
except ConfigException as e:
raise friendly_error.executor_k8s.failed_to_connect_to_cluster(
self.in_cluster, e
)
if PY2:
# For connect_get_namespaced_pod_exec
from kubernetes.client import Configuration
configuration = Configuration()
configuration.assert_hostname = False
Configuration.set_default(configuration)
return client.CoreV1Api()
def load_kube_config(config_file=None, context=None,
client_configuration=None,
persist_config=True):
"""Loads authentication and cluster information from kube-config file
and stores them in kubernetes.client.configuration.
:param config_file: Name of the kube-config file.
:param context: set the active context. If is set to None, current_context
from config file will be used.
:param client_configuration: The kubernetes.client.Configuration to
set configs to.
:param persist_config: If True, config file will be updated when changed
(e.g GCP token refresh).
"""
if config_file is None:
config_file = os.path.expanduser(KUBE_CONFIG_DEFAULT_LOCATION)
config_persister = None
if persist_config:
def _save_kube_config(config_map):
with open(config_file, 'w') as f:
yaml.safe_dump(config_map, f, default_flow_style=False)
config_persister = _save_kube_config
loader = _get_kube_config_loader_for_yaml_file(
config_file, active_context=context,
config_persister=config_persister)
if client_configuration is None:
config = type.__call__(Configuration)
loader.load_and_set(config)
Configuration.set_default(config)
else:
loader.load_and_set(client_configuration)
def pytest_collection_modifyitems(config, items):
if not config.getoption(ENABLE_RECURRING_JOB_OPT):
skip_upgrade = pytest.mark.skip(reason="need " +
ENABLE_RECURRING_JOB_OPT +
" option to run")
for item in items:
if "recurring_job" in item.keywords:
item.add_marker(skip_upgrade)
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
k8sconfig.load_incluster_config()
api = k8sclient.CoreV1Api()
try:
api.read_namespaced_pod(
name='csi-provisioner-0', namespace='longhorn-system')
skip_upgrade = pytest.mark.skip(reason="environment is not using " +
"flexvolume")
for item in items:
if "flexvolume" in item.keywords:
item.add_marker(skip_upgrade)
except ApiException as e:
if (e.status == 404):
skip_upgrade = pytest.mark.skip(reason="environment is not " +
"using csi")
for item in items:
if "csi" in item.keywords:
item.add_marker(skip_upgrade)
all_nodes_support_mount_propagation = True
for node in get_longhorn_api_client().list_node():
node = wait_for_node_mountpropagation_condition(
get_longhorn_api_client(), node["name"])
if "conditions" not in node.keys():
all_nodes_support_mount_propagation = False
else:
conditions = node["conditions"]
for key, condition in conditions.iteritems():
if key == NODE_CONDITION_MOUNTPROPAGATION and \
condition["status"] != CONDITION_STATUS_TRUE:
all_nodes_support_mount_propagation = False
break
if not all_nodes_support_mount_propagation:
break
if not all_nodes_support_mount_propagation:
skip_upgrade = pytest.mark.skip(reason="environment does not " +
"support base image")
skip_node = pytest.mark.skip(reason="environment does not " +
"support mount disk")
for item in items:
if "baseimage" in item.keywords:
item.add_marker(skip_upgrade)
elif "mountdisk" in item.keywords:
item.add_marker(skip_node)
def __init__(self, **kw):
super(KubernetesRunner, self).__init__(**kw)
config.load_kube_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
self._kclient = core_v1_api.CoreV1Api()
_, active_context = config.list_kube_config_contexts()
self._namespace = self._config.resman_opts.get("namespace", "default")
self._base_pod_name = pu.sanitized_name(f"pod", self._config.wid)
self._base_pod_name = self._base_pod_name.replace("_", "-")
self._init_pod_name = pu.sanitized_name("init-pod", self._config.wid)
self._init_pod_name = self._init_pod_name.replace("_", "-")
self._vol_claim_name = f"{self._base_pod_name}-pvc"
self._vol_size = self._config.resman_opts.get("volume_size", "500Mi")
self._init_pod_created = False
self._vol_claim_created = False
def pytest_collection_modifyitems(config, items):
if not config.getoption(ENABLE_RECURRING_JOB_OPT):
skip_upgrade = pytest.mark.skip(reason="need " +
ENABLE_RECURRING_JOB_OPT +
" option to run")
for item in items:
if "recurring_job" in item.keywords:
item.add_marker(skip_upgrade)
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
k8sconfig.load_incluster_config()
api = k8sclient.CoreV1Api()
try:
api.read_namespaced_pod(
name='csi-provisioner-0', namespace='longhorn-system')
skip_upgrade = pytest.mark.skip(reason="environment is not using " +
"flexvolume")
for item in items:
if "flexvolume" in item.keywords:
item.add_marker(skip_upgrade)
except ApiException as e:
if (e.status == 404):
skip_upgrade = pytest.mark.skip(reason="environment is not " +
"using csi")
for item in items:
if "csi" in item.keywords:
item.add_marker(skip_upgrade)
def connect():
config_file = None
if os.environ.get('RD_CONFIG_ENV') == 'incluster':
config.load_incluster_config()
return
if os.environ.get('RD_CONFIG_CONFIG_FILE'):
config_file = os.environ.get('RD_CONFIG_CONFIG_FILE')
url = None
if os.environ.get('RD_CONFIG_URL'):
url = os.environ.get('RD_CONFIG_URL')
verify_ssl = None
if os.environ.get('RD_CONFIG_VERIFY_SSL'):
verify_ssl = os.environ.get('RD_CONFIG_VERIFY_SSL')
ssl_ca_cert = None
if os.environ.get('RD_CONFIG_SSL_CA_CERT'):
ssl_ca_cert = os.environ.get('RD_CONFIG_SSL_CA_CERT')
token = None
if os.environ.get('RD_CONFIG_TOKEN'):
token = os.environ.get('RD_CONFIG_TOKEN')
log.debug("config file")
log.debug(config_file)
log.debug("-------------------")
if config_file:
log.debug("getting settings from file %s" % config_file)
config.load_kube_config(config_file=config_file)
else:
if url:
log.debug("getting settings from pluing configuration")
configuration = Configuration()
configuration.host = url
if verify_ssl == 'true':
configuration.verify_ssl = verify_ssl
else:
configuration.verify_ssl = None
if ssl_ca_cert:
configuration.ssl_ca_cert = ssl_ca_cert
configuration.api_key['authorization'] = token
configuration.api_key_prefix['authorization'] = 'Bearer'
client.Configuration.set_default(configuration)
else:
log.debug("getting from default config file")
config.load_kube_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
def k8s_api():
config.load_kube_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
core_v1 = core_v1_api.CoreV1Api()
return core_v1
def load_kube_config_from_dict(config_dict,
context=None,
client_configuration=None,
persist_config=True):
"""Loads authentication and cluster information from config_dict file
and stores them in kubernetes.client.configuration.
:param config_dict: Takes the config file as a dict.
:param context: set the active context. If is set to None, current_context
from config file will be used.
:param client_configuration: The kubernetes.client.Configuration to
set configs to.
:param persist_config: If True, config file will be updated when changed
(e.g GCP token refresh).
"""
if config_dict is None:
raise ConfigException('Invalid kube-config dict. '
'No configuration found.')
loader = _get_kube_config_loader(config_dict=config_dict,
active_context=context,
persist_config=persist_config)
if client_configuration is None:
config = type.__call__(Configuration)
loader.load_and_set(config)
Configuration.set_default(config)
else:
loader.load_and_set(client_configuration)
def pytest_collection_modifyitems(config, items):
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
k8sconfig.load_incluster_config()
core_api = k8sclient.CoreV1Api()
check_longhorn(core_api)
if config.getoption(SKIP_RECURRING_JOB_OPT):
skip_upgrade = pytest.mark.skip(reason="remove " +
SKIP_RECURRING_JOB_OPT +
" option to run")
for item in items:
if "recurring_job" in item.keywords:
item.add_marker(skip_upgrade)
using_csi = check_csi(core_api)
if using_csi:
skip_upgrade = pytest.mark.skip(reason="environment is not using " +
"flexvolume")
for item in items:
if "flexvolume" in item.keywords:
item.add_marker(skip_upgrade)
else:
skip_upgrade = pytest.mark.skip(reason="environment is not " +
"using csi")
for item in items:
if "csi" in item.keywords:
item.add_marker(skip_upgrade)
all_nodes_support_mount_propagation = True
for node in get_longhorn_api_client().list_node():
node = wait_for_node_mountpropagation_condition(
get_longhorn_api_client(), node["name"])
if "conditions" not in node.keys():
all_nodes_support_mount_propagation = False
else:
conditions = node["conditions"]
for key, condition in conditions.iteritems():
if key == NODE_CONDITION_MOUNTPROPAGATION and \
condition["status"] != CONDITION_STATUS_TRUE:
all_nodes_support_mount_propagation = False
break
if not all_nodes_support_mount_propagation:
break
if not all_nodes_support_mount_propagation:
skip_upgrade = pytest.mark.skip(reason="environment does not " +
"support base image")
skip_node = pytest.mark.skip(reason="environment does not " +
"support mount disk")
for item in items:
if "baseimage" in item.keywords:
item.add_marker(skip_upgrade)
elif "mountdisk" in item.keywords:
item.add_marker(skip_node)
def set_config(self):
configuration = Configuration()
configuration.api_key["authorization"] = self.get_access_token()
configuration.api_key_prefix["authorization"] = "Bearer"
configuration.host = os.environ.get("GKE_MASTER_SERVER")
configuration.verify_ssl = False
configuration.assert_hostname = False
Configuration.set_default(configuration)
def main():
config.load_kube_config()
c = Configuration.get_default_copy()
c.assert_hostname = False
Configuration.set_default(c)
core_v1 = core_v1_api.CoreV1Api()
portforward_commands(core_v1)
def main():
config.load_kube_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
core_v1 = core_v1_api.CoreV1Api()
exec_commands(core_v1)
def load_and_set(self, client_configuration=None):
try_set_default = False
if client_configuration is None:
client_configuration = type.__call__(Configuration)
try_set_default = True
self._load_config()
self._set_config(client_configuration)
if try_set_default:
Configuration.set_default(client_configuration)
def __setup_kubernetes(self):
if settings.KUBE_CONFIG is not None or settings.KUBE_MASTER is not None:
Configuration.set_default(Configuration())
if settings.KUBE_CONFIG is not None:
config.load_kube_config(config_file=settings.KUBE_CONFIG)
if settings.KUBE_MASTER is not None:
Configuration._default.host = settings.KUBE_MASTER
else:
config.load_incluster_config()
def __init__(self,
cluster_spec,
cluster_conf=None,
kubeconfig=None,
kubeconfig_context=None,
production=False):
"""Initialise Kubernetes specific ReanaBackend-object.
:param cluster_spec: Dictionary representing complete REANA
cluster spec file.
:param cluster_conf: A generator/iterable of Kubernetes YAML manifests
of REANA components as Python objects. If set to `None`
cluster_conf will be generated from manifest templates in
`templates` folder specified in `_conf.templates_folder`
:param kubeconfig: Name of the kube-config file to use for configuring
reana-cluster. If set to `None` then `$HOME/.kube/config` will be
used.
Note: Might pickup a config-file defined in $KUBECONFIG as well.
:param kubeconfig_context: set the active context. If is set to `None`,
current_context from config file will be used.
:param production: Boolean which represents whether REANA is
is configured with production setup (using CEPH) or not.
"""
logging.debug('Creating a ReanaBackend object '
'for Kubernetes interaction.')
# Load Kubernetes cluster configuration. If reana-cluster.yaml
# doesn't specify this K8S Python API defaults to '$HOME/.kube/config'
self.kubeconfig = kubeconfig or \
cluster_spec['cluster'].get('config', None)
self.kubeconfig_context = kubeconfig_context or \
cluster_spec['cluster'].get('config_context', None)
k8s_api_client_config = Configuration()
k8s_config.load_kube_config(kubeconfig, self.kubeconfig_context,
k8s_api_client_config)
Configuration.set_default(k8s_api_client_config)
# Instantiate clients for various Kubernetes REST APIs
self._corev1api = k8s_client.CoreV1Api()
self._versionapi = k8s_client.VersionApi()
self._extbetav1api = k8s_client.ExtensionsV1beta1Api()
self._rbacauthorizationv1api = k8s_client.RbacAuthorizationV1Api()
self._storagev1api = k8s_client.StorageV1Api()
self.k8s_api_client_config = k8s_api_client_config
self.cluster_spec = cluster_spec
self.cluster_conf = cluster_conf or \
self.generate_configuration(cluster_spec, production=production)
def setUp(self):
log.setLevel("CRITICAL")
config.load_kube_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
self._kclient = core_v1_api.CoreV1Api()
_, active_context = config.list_kube_config_contexts()
def default_configuration_from_auth(**auth):
""" set Configuration class defaults based on provided auth """
configuration = Configuration()
if auth.get('api_key'):
configuration.api_key = {
'authorization': "Bearer %s" % auth.pop('api_key')
}
for k, v in auth.items():
setattr(configuration, k, v)
Configuration.set_default(configuration)
def _load_kube_config(self):
if not is_k8s_configured():
raise exception.KubeNotConfigured()
config.load_kube_config(KUBERNETES_ADMIN_CONF)
# Workaround: Turn off SSL/TLS verification
c = Configuration()
c.verify_ssl = False
Configuration.set_default(c)
def __create_core_client(self, config_file, verify_ssl, context):
configuration = Configuration()
configuration.verify_ssl = verify_ssl
Configuration.set_default(configuration)
kube_config.load_kube_config(config_file=config_file)
if context:
return core_client.CoreV1Api(
api_client=config.new_client_from_config(context=context))
return core_client.CoreV1Api()
def _get_kubernetesclient(self):
if not self._kube_client:
config.load_kube_config('/etc/kubernetes/admin.conf')
# Workaround: Turn off SSL/TLS verification
c = Configuration()
c.verify_ssl = False
Configuration.set_default(c)
self._kube_client = client.CoreV1Api()
return self._kube_client
def __init__(self):
"""Api-client environment initialization
Assumption is KUBERNETES env is set so that client has access to
oc cluster config.
"""
config.load_kube_config()
conf = Configuration()
conf.assert_hostname = False
Configuration.set_default(conf)
self.api = core_v1_api.CoreV1Api()
def main():
config.load_kube_config()
try:
c = Configuration().get_default_copy()
except AttributeError:
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
core_v1 = core_v1_api.CoreV1Api()
exec_commands(core_v1)
def _load_kube_config(in_cluster, cluster_context, config_file):
from kubernetes import config, client
if in_cluster:
config.load_incluster_config()
else:
config.load_kube_config(config_file=config_file, context=cluster_context)
if PY2:
# For connect_get_namespaced_pod_exec
from kubernetes.client import Configuration
configuration = Configuration()
configuration.assert_hostname = False
Configuration.set_default(configuration)
return client.CoreV1Api()
def _set_config(self):
configuration = Configuration()
configuration.host = self.host
configuration.ssl_ca_cert = self.ssl_ca_cert
configuration.api_key['authorization'] = "bearer " + self.token
Configuration.set_default(configuration)
import time
from kubernetes import config
from kubernetes.client import Configuration
from kubernetes.client.apis import core_v1_api
from kubernetes.client.rest import ApiException
from kubernetes.stream import stream
config.load_kube_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
api = core_v1_api.CoreV1Api()
name = 'busybox-test'
resp = None
try:
resp = api.read_namespaced_pod(name=name,
namespace='default')
except ApiException as e:
if e.status != 404:
print("Unknown error: %s" % e)
exit(1)
if not resp:
print("Pod %s does not exist. Creating it..." % name)
pod_manifest = {
'apiVersion': 'v1',
'kind': 'Pod',
'metadata': {
'name': name
