async def project_name():
# We still want to validate that the REST API access is also enabled.
client = endpoints.AsyncClient()
projects = await client.oapi.v1.projects.get()
# If REST API access is not enabled the list of projects will be empty
# as we should at least see our own project.
if not projects.items:
logging.fatal('OpenShift REST API access not enabled. To enable '
'access, run the command "oc policy add-role-to-user '
'view -z default"')
return
# We also need to check though that our project is in the list which is
# returned because wrong permissions on other projects in the cluster
# could expose them to us even if REST API access is enabled.
with open('/run/secrets/kubernetes.io/serviceaccount/namespace') as fp:
name = fp.read()
for project in projects.items:
if project.metadata.name == name:
return name
logging.fatal('OpenShift REST API access not enabled. To enable '
'access, run the command "oc policy add-role-to-user '
'view -z default"')
async def run_query():
namespace = sys.argv[1]
print('namespace=%r' % namespace)
client = endpoints.AsyncClient()
pods = await client.api.v1.namespaces(namespace=namespace).pods.get()
for pod in pods.items:
print(' OBJECT %s pod=%r' %
(pod.metadata.resource_version, pod.metadata.name))
resource_version = pods.metadata.resource_version
while True:
try:
async with client.api.v1.namespaces(namespace=namespace).pods.get(
watch='',
resource_version=resource_version,
timeout_seconds=10) as items:
async for item in items:
action = item['type']
pod = item['object']
print(' %s %s pod=%r' %
(action, pod.metadata.resource_version,
pod.metadata.name))
resource_version = pod.metadata.resource_version
except Exception:
pass
async def get_pods(namespace=None):
if namespace is None:
namespace = await project_name()
client = endpoints.AsyncClient()
pods = await client.api.v1.namespaces(namespace=namespace).pods.get()
return pods.items
async def get_routes(namespace=None):
if namespace is None:
namespace = await project_name()
client = endpoints.AsyncClient()
routes = await client.oapi.v1.namespaces(namespace=namespace).routes.get()
return routes.items
async def get_services(namespace=None):
if namespace is None:
namespace = await project_name()
if namespace is None:
return None
client = endpoints.AsyncClient()
services = await client.api.v1.namespaces(namespace=namespace
).services.get()
return services
async def project_name():
# Can look up name of project from service account secrets.
with open('/run/secrets/kubernetes.io/serviceaccount/namespace') as fp:
project = fp.read()
# We still want to validate that the REST API access is also enabled.
client = endpoints.AsyncClient()
projects = await client.oapi.v1.projects.get()
# If REST API access is not enabled the list of projects will be empty
# as we should at least see our own project.
if not projects.items:
logging.fatal('OpenShift REST API access not enabled. To enable '
'access, run the command "oc adm policy add-role-to-group '
'view system:serviceaccounts:%s"' % project)
return project
import asyncio
import powershift.endpoints as endpoints
import powershift.resources as resources
client = endpoints.AsyncClient()
async def run_query():
projects = await client.oapi.v1.projects.get()
#print(projects)
#print(resources.dumps(projects, indent=4, sort_keys=True))
#print()
for project in projects.items:
namespace = project.metadata.name
print('namespace=%r' % namespace)
pods = await client.api.v1.namespaces(namespace=namespace).pods.get()
for pod in pods.items:
names.append(pod.metadata.name)
print(' pod=%r' % pod.metadata.name)
# We are given the pod definition already, but this is just to
# show how you can also query by the name of the pod.
pod = await client.api.v1.namespaces(namespace=namespace).pods(name=pod.metadata.name).get()
print(' resource_version=%r' % pod.metadata.resource_version)