def create(router):
router_name = router['metadata']['name']
router_spec = router['spec']
cloudflare_spec = router_spec.get('cloudflare', {})
cloudflare_email = cloudflare_spec.get('email')
cloudflare_api_key = cloudflare_spec.get('api-key')
default_root_domain = router_spec.get('default-root-domain')
dns_provider = router_spec.get('dns-provider')
from ckan_cloud_operator.providers.cluster import manager as cluster_manager
default_dns_provider = 'route53' if cluster_manager.get_provider_id(
) == 'aws' else 'cloudflare'
logs.info(dns_provider=dns_provider,
default_dns_provider=default_dns_provider)
if not dns_provider:
dns_provider = default_dns_provider
router_spec['dns-provider'] = dns_provider
assert all([default_root_domain,
dns_provider]), f'invalid traefik router spec: {router_spec}'
if dns_provider == 'cloudflare':
assert cloudflare_email and cloudflare_api_key, 'invalid traefik router spec for cloudflare dns provider'
# cloudflare credentials are stored in a secret, not in the spec
if 'cloudflare' in router_spec:
del router_spec['cloudflare']
kubectl.apply(router)
annotations = CkanRoutersAnnotations(router_name, router)
if dns_provider == 'cloudflare':
annotations.update_flag(
'letsencryptCloudflareEnabled',
lambda: annotations.set_secrets(
{
'LETSENCRYPT_CLOUDFLARE_EMAIL': cloudflare_email,
'LETSENCRYPT_CLOUDFLARE_API_KEY': cloudflare_api_key
}),
force_update=True)
return router
def create(router):
router_name = router['metadata']['name']
router_spec = router['spec']
cloudflare_spec = router_spec.get('cloudflare', {})
cloudflare_email = cloudflare_spec.get('email')
cloudflare_api_key = cloudflare_spec.get('api-key')
default_root_domain = router_spec.get('default-root-domain')
dns_provider = router_spec.get('dns-provider')
assert dns_provider == 'cloudflare'
router_spec['dns-provider'] = dns_provider
assert all([default_root_domain,
dns_provider]), f'invalid nginx router spec: {router_spec}'
assert cloudflare_email and cloudflare_api_key, 'invalid nginx router spec, missing cloudflare email or api key'
# cloudflare credentials are stored in a secret, not in the spec
if 'cloudflare' in router_spec:
del router_spec['cloudflare']
kubectl.apply(router)
annotations = CkanRoutersAnnotations(router_name, router)
annotations.update_flag(
'letsencryptCloudflareEnabled',
lambda: annotations.set_secrets(
{
'LETSENCRYPT_CLOUDFLARE_EMAIL': cloudflare_email,
'LETSENCRYPT_CLOUDFLARE_API_KEY': cloudflare_api_key
}),
force_update=True)
return router
def create(router_name, router_spec):
router_type = router_spec.get('type')
default_root_domain = router_spec.get('default-root-domain')
assert router_type in ROUTER_TYPES and default_root_domain, f'Invalid router spec: {router_spec}'
get(router_name, only_dns=True, failfast=True)
print(f'Creating CkanCloudRouter {router_name} {router_spec}')
labels = _get_labels(router_name, router_type)
router = kubectl.get_resource('stable.viderum.com/v1', 'CkanCloudRouter', router_name, labels,
spec=dict(router_spec, **{'type': router_type}))
router_manager = ROUTER_TYPES[router_type]['manager']
router = router_manager.create(router)
annotations = CkanRoutersAnnotations(router_name, router)
annotations.json_annotate('default-root-domain', default_root_domain)
def create(router_name, router_spec):
from ckan_cloud_operator.providers.cluster.manager import get_or_create_multi_user_volume_claim
from ckan_cloud_operator.routers.traefik.deployment import get_label_suffixes
router_type = router_spec.get('type')
default_root_domain = router_spec.get('default-root-domain')
assert router_type in ROUTER_TYPES and default_root_domain, f'Invalid router spec: {router_spec}'
get(router_name, only_dns=True, failfast=True)
print(f'Creating CkanCloudRouter {router_name} {router_spec}')
labels = _get_labels(router_name, router_type)
router = kubectl.get_resource('stable.viderum.com/v1', 'CkanCloudRouter', router_name, labels,
spec=dict(router_spec, **{'type': router_type}))
router_manager = ROUTER_TYPES[router_type]['manager']
router = router_manager.create(router)
get_or_create_multi_user_volume_claim(get_label_suffixes(router_name, router_type))
annotations = CkanRoutersAnnotations(router_name, router)
annotations.json_annotate('default-root-domain', default_root_domain)
def create(router):
router_name = router['metadata']['name']
router_spec = router['spec']
cloudflare_spec = router_spec.get('cloudflare', {})
cloudflare_email = cloudflare_spec.get('email')
cloudflare_api_key = cloudflare_spec.get('api-key')
default_root_domain = router_spec.get('default-root-domain')
assert all([cloudflare_email, cloudflare_api_key, default_root_domain]), f'invalid traefik router spec: {router_spec}'
# cloudflare credentials are stored in a secret, not in the spec
del router_spec['cloudflare']
kubectl.apply(router)
annotations = CkanRoutersAnnotations(router_name, router)
annotations.update_flag('letsencryptCloudflareEnabled', lambda: annotations.set_secrets({
'LETSENCRYPT_CLOUDFLARE_EMAIL': cloudflare_email,
'LETSENCRYPT_CLOUDFLARE_API_KEY': cloudflare_api_key
}), force_update=True)
return router
def _init_router(router_name, router_values=None, required=False):
router = kubectl.get(f'CkanCloudRouter {router_name}', required=required) if not router_values else router_values
if router:
spec = router['spec']
router_type = spec['type']
assert router_type in ROUTER_TYPES, f'Unsupported router type: {router_type}'
router_type_config = ROUTER_TYPES[router_type]
annotations = CkanRoutersAnnotations(router_name, router)
labels = _get_labels(router_name, router_type)
logs.debug_verbose('_init_router', router=router, router_type_config=router_type_config, labels=labels)
return router, spec, router_type, annotations, labels, router_type_config
else:
logs.debug_verbose('_init_router', router=router, router_type_config=None, labels=None)
return None, None, None, None, None, None
def _init_router(router_name):
router = kubectl.get(f'CkanCloudRouter {router_name}')
assert router['spec']['type'] == 'nginx'
annotations = CkanRoutersAnnotations(router_name, router)
ckan_infra = CkanInfra()
return router, annotations, ckan_infra