def init_environment(config_filepath=BASE_CONFIG_FILEPATH):
"""Set up module variables according to config dict.
:param str config_filepath:
"""
global AMQP_USERNAME, AMQP_PASSWORD, CLIENT, ORG_HREF, VDC_HREF, \
CATALOG_NAME, TEARDOWN_INSTALLATION, TEARDOWN_CLUSTERS, \
TEMPLATE_DEFINITIONS, TEST_ALL_TEMPLATES, SYS_ADMIN_LOGIN_CMD, \
ORG_ADMIN_LOGIN_CMD, VAPP_AUTHOR_LOGIN_CMD, USER_LOGIN_CMD_MAP
config = testutils.yaml_to_dict(config_filepath)
rtm = RemoteTemplateManager(
config['broker']['remote_template_cookbook_url'])
template_cookbook = rtm.get_remote_template_cookbook()
TEMPLATE_DEFINITIONS = template_cookbook['templates']
rtm.download_all_template_scripts(force_overwrite=True)
CLIENT = Client(config['vcd']['host'],
api_version=config['vcd']['api_version'],
verify_ssl_certs=config['vcd']['verify'])
credentials = BasicLoginCredentials(config['vcd']['username'],
SYSTEM_ORG_NAME,
config['vcd']['password'])
CLIENT.set_credentials(credentials)
org = pyvcloud_utils.get_org(CLIENT, org_name=config['broker']['org'])
vdc = pyvcloud_utils.get_vdc(CLIENT,
vdc_name=config['broker']['vdc'],
org=org)
ORG_HREF = org.href
VDC_HREF = vdc.href
CATALOG_NAME = config['broker']['catalog']
AMQP_USERNAME = config['amqp']['username']
AMQP_PASSWORD = config['amqp']['password']
SYS_ADMIN_LOGIN_CMD = f"login {config['vcd']['host']} system " \
f"{config['vcd']['username']} " \
f"-iwp {config['vcd']['password']} " \
f"-V {config['vcd']['api_version']}"
ORG_ADMIN_LOGIN_CMD = f"login {config['vcd']['host']} " \
f"{config['broker']['org']}" \
f" {ORG_ADMIN_NAME} -iwp {ORG_ADMIN_PASSWORD} " \
f"-V {config['vcd']['api_version']}"
VAPP_AUTHOR_LOGIN_CMD = f"login {config['vcd']['host']} " \
f"{config['broker']['org']} " \
f"{VAPP_AUTHOR_NAME} -iwp {VAPP_AUTHOR_PASSWORD}" \
f" -V {config['vcd']['api_version']}"
USER_LOGIN_CMD_MAP = {
'sys_admin': SYS_ADMIN_LOGIN_CMD,
'org_admin': ORG_ADMIN_LOGIN_CMD,
'vapp_author': VAPP_AUTHOR_LOGIN_CMD
}
test_config = config.get('test')
if test_config is not None:
TEARDOWN_INSTALLATION = test_config.get('teardown_installation', True)
TEARDOWN_CLUSTERS = test_config.get('teardown_clusters', True)
TEST_ALL_TEMPLATES = test_config.get('test_all_templates', False)
def list_compute_policies_on_vdc(self,
vdc_id=None,
org_name=None,
vdc_name=None):
"""List compute policy currently assigned to a given vdc.
Atleast one of vdc_id or (org_name, vdc_name) should be provided, so
that the target vdc can be located.
:param str vdc_id: id of the vdc for which policies need to be
retrieved.
:param str org_name: name of the organization to look for the vdc.
:param str vdc_name: name of the vdc for which policies need to be
retrieved.
:return: A list of dictionaries with the 'name' and 'href' key
:rtype: List
"""
vdc = get_vdc(self._vcd_client,
org_name=org_name,
vdc_name=vdc_name,
vdc_id=vdc_id,
is_admin_operation=True)
result = []
cp_list = vdc.list_compute_policies()
for cp in cp_list:
result.append({
'name':
self._get_original_policy_name(cp.get('name')),
'href':
cp.get('href')
})
return result
def update_ovdc_k8s_provider_metadata(sysadmin_client: vcd_client.Client,
ovdc_id,
k8s_provider_data=None,
k8s_provider=None):
"""Set the k8s provider metadata for given ovdc.
:param pyvcloud.vcd.client.Client sysadmin_client:
:param str ovdc_id:
:param dict k8s_provider_data: k8s provider context details
:param K8sProvider k8s_provider:
:return:
"""
vcd_utils.raise_error_if_not_sysadmin(sysadmin_client)
ovdc = vcd_utils.get_vdc(sysadmin_client, vdc_id=ovdc_id)
ovdc_name = ovdc.get_resource().get('name')
metadata = {K8S_PROVIDER_KEY: k8s_provider or K8sProvider.NONE}
if k8s_provider != K8sProvider.PKS:
LOGGER.debug(f"Remove existing metadata for ovdc:{ovdc_name}")
_remove_metadata_from_ovdc(ovdc, PksCache.get_pks_keys())
LOGGER.debug(f"Updated metadata for {k8s_provider}:" f"{metadata}")
else:
k8s_provider_data.pop('username')
k8s_provider_data.pop('secret')
k8s_provider_data.pop('nsxt')
metadata.update(k8s_provider_data)
# set ovdc metadata into Vcd
LOGGER.debug(f"On ovdc:{ovdc_name}, setting metadata:{metadata}")
return ovdc.set_multiple_metadata(metadata,
vcd_client.MetadataDomain.SYSTEM,
vcd_client.MetadataVisibility.PRIVATE)
def update_ovdc(self, enable, ovdc_name, org_name=None,
pks_plan=None, pks_cluster_domain=None):
"""Enable/Disable ovdc for k8s for the given container provider.
:param bool enable: If set to True will enable the vdc for the
paricular k8s_provider else if set to False, K8 support on
the vdc will be disabled.
:param str ovdc_name: Name of org VDC to update
:param str org_name: Name of org that @ovdc_name belongs to
:param str pks_plan: PKS plan
:param str pks_cluster_domain: Suffix of the domain name, which will be
used to construct FQDN of the clusters.
:rtype: dict
"""
ovdc = get_vdc(self.client, vdc_name=ovdc_name, org_name=org_name,
is_admin_operation=True)
ovdc_id = utils.extract_id(ovdc.get_resource().get('id'))
k8s_provider = server_constants.K8sProvider.PKS
if not enable:
k8s_provider = server_constants.K8sProvider.NONE
pks_plan = None
pks_cluster_domain = None
return self._pks_ovdc_api.update_ovdc_by_ovdc_id(ovdc_id,
k8s_provider,
ovdc_name=ovdc_name,
org_name=org_name,
pks_plan=pks_plan,
pks_cluster_domain=pks_cluster_domain) # noqa: E501
def update_ovdc_compute_policies(self, ovdc_name, org_name,
compute_policy_name, action):
"""Update an ovdc's compute policies.
:param str ovdc_name: Name of org VDC to update
:param str org_name: Name of org that @ovdc_name belongs to
:param str compute_policy_name: Name of compute policy to add or remove
:param ComputePolicyAction action:
:rtype: dict
"""
method = RequestMethod.PUT
ovdc = get_vdc(self.client,
vdc_name=ovdc_name,
org_name=org_name,
is_admin_operation=True)
ovdc_id = utils.extract_id(ovdc.get_resource().get('id'))
uri = f'{self._uri}/ovdc/{ovdc_id}/compute-policies'
data = {
RequestKey.OVDC_ID: ovdc_id, # also exists in url
RequestKey.COMPUTE_POLICY_NAME: compute_policy_name,
RequestKey.COMPUTE_POLICY_ACTION: action
}
response = self.client._do_request_prim(method,
uri,
self.client._session,
contents=data,
media_type='application/json',
accept_type='application/json')
return process_response(response)
def _follow_task(op_ctx: ctx.OperationContext, task_href: str, ovdc_id: str):
try:
task = vcd_task.Task(client=op_ctx.sysadmin_client)
session = op_ctx.sysadmin_client.get_vcloud_session()
vdc = vcd_utils.get_vdc(op_ctx.sysadmin_client, vdc_id=ovdc_id)
org = vcd_utils.get_org(op_ctx.sysadmin_client)
user_name = session.get('user')
user_href = org.get_user(user_name).get('href')
msg = "Remove ovdc compute policy"
# TODO(pyvcloud): Add method to retireve task from task href
t = task.update(status=vcd_task.TaskStatus.RUNNING.value,
namespace='vcloud.cse',
operation=msg,
operation_name=msg,
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=vcd_client.EntityType.VDC.value,
user_href=user_href,
user_name=user_name,
org_href=op_ctx.user.org_href,
task_href=task_href)
op_ctx.sysadmin_client.get_task_monitor().wait_for_status(t)
except Exception as err:
logger.SERVER_LOGGER.error(f"{err}")
finally:
if op_ctx.sysadmin_client:
op_ctx.end()
def remove_compute_policy_from_vdc(self,
policy_href,
vdc_id=None,
org_name=None,
vdc_name=None):
"""Delete the compute policy from the specified vdc.
Atleast one of vdc_id or (org_name, vdc_name) should be provided,
so that the target vdc can be located.
:param policy_href: policy href that is created using cloudapi
:param str vdc_id: id of the vdc to assign the policy
:param str org_name: name of the organization to look for the vdc
:param str vdc_name: name of the vdc to assign the policy
:return: an object containing VdcComputePolicyReferences XML element
that refers to individual VdcComputePolicies.
:rtype: lxml.objectify.ObjectifiedElement
"""
vdc = get_vdc(self._vcd_client,
org_name=org_name,
vdc_name=vdc_name,
vdc_id=vdc_id,
is_admin_operation=True)
return vdc.remove_compute_policy(policy_href)
def update_ovdc(operation_context: ctx.OperationContext,
ovdc_id: str, ovdc_spec: def_models.Ovdc) -> dict: # noqa: 501
"""Update ovdc with the updated k8s runtimes list.
:param ctx.OperationContext operation_context: context for the request
:param def_models.Ovdc ovdc_spec: Ovdc object having the updated
k8s runtime list
:return: dictionary containing the task href for the update operation
:rtype: dict
"""
# NOTE: For CSE 3.0, if `enable_tkg_plus` flag in config is set to false,
# Prevent enable/disable of OVDC for TKG+ k8s runtime by throwing an
# exception
msg = "Updating OVDC placement policies"
task = vcd_task.Task(operation_context.sysadmin_client)
org = vcd_utils.get_org(operation_context.client)
user_href = org.get_user(operation_context.user.name).get('href')
vdc = vcd_utils.get_vdc(operation_context.sysadmin_client, vdc_id=ovdc_id, # noqa: E501
is_admin_operation=True)
logger.SERVER_LOGGER.debug(msg)
task_resource = task.update(
status=vcd_client.TaskStatus.RUNNING.value,
namespace='vcloud.cse',
operation=msg,
operation_name='OVDC Update',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=vcd_client.EntityType.VDC.value,
user_href=user_href,
user_name=operation_context.user.name,
org_href=operation_context.user.org_href,
task_href=None,
error_message=None,
stack_trace=None)
task_href = task_resource.get('href')
operation_context.is_async = True
# NOTE: Telemetry is currently handled in the async function as it is not
# possible to know the operation (enable/disable) without comparing it to
# current k8s runtimes.
if ClusterEntityKind.TKG_PLUS.value in ovdc_spec.k8s_runtime and \
not utils.is_tkg_plus_enabled():
msg = "TKG+ is not enabled on CSE server. Please enable TKG+ in the " \
"server and try again."
logger.SERVER_LOGGER.debug(msg)
raise Exception(msg)
policy_list = [RUNTIME_DISPLAY_NAME_TO_INTERNAL_NAME_MAP[p] for p in ovdc_spec.k8s_runtime] # noqa: E501
_update_ovdc_using_placement_policy_async(operation_context=operation_context, # noqa:E501
task=task,
task_href=task_href,
user_href=user_href,
policy_list=policy_list, # noqa:E501
ovdc_id=ovdc_id,
vdc=vdc,
remove_cp_from_vms_on_disable=ovdc_spec.remove_cp_from_vms_on_disable) # noqa:E501
return {'task_href': task_href}
def remove_vdc_compute_policy_from_vdc(
self,
request_context: ctx.RequestContext, # noqa: E501
ovdc_id,
compute_policy_href,
remove_compute_policy_from_vms=False): # noqa: E501
"""Delete the compute policy from the specified vdc.
Note: The VDC compute policy need not be created by CSE.
:param request_context: request context of remove compute policy
request
:param str ovdc_id: id of the vdc to assign the policy
:param compute_policy_href: policy href to remove
:param bool remove_compute_policy_from_vms: If True, will set affected
VMs' compute policy to 'System Default'
:return: dictionary containing 'task_href'.
"""
# TODO find an efficient way without passing in request context
vdc = vcd_utils.get_vdc(self._sysadmin_client, vdc_id=ovdc_id)
org = vcd_utils.get_org(self._sysadmin_client)
org.reload()
user_name = self._session.get('user')
user_href = org.get_user(user_name).get('href')
task = Task(self._sysadmin_client)
task_resource = task.update(
status=vcd_client.TaskStatus.RUNNING.value,
namespace='vcloud.cse',
operation=f"Removing compute policy (href: {compute_policy_href})"
f" from org VDC (vdc id: {ovdc_id})",
operation_name='Remove org VDC compute policy',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=vcd_client.EntityType.VDC.value,
user_href=user_href,
user_name=user_name,
org_href=org.href)
task_href = task_resource.get('href')
request_context.is_async = True
self._remove_compute_policy_from_vdc_async(
request_context=request_context,
task=task,
task_href=task_href,
user_href=user_href,
org_href=org.href,
ovdc_id=ovdc_id,
compute_policy_href=compute_policy_href,
remove_compute_policy_from_vms=remove_compute_policy_from_vms)
return {'task_href': task_href}
def _remove_compute_policy_from_vdc_async(self,
*args,
ovdc_id,
compute_policy_href,
task_resource,
force=False):
vdc = vcd_utils.get_vdc(self._sysadmin_client,
vdc_id=ovdc_id,
is_admin_operation=True)
task_href = task_resource.get('href')
user_href = task_resource.User.get('href')
org_href = task_resource.Organization.get('href')
task = Task(client=self._sysadmin_client)
try:
self.remove_compute_policy_from_vdc_sync(
vdc=vdc,
compute_policy_href=compute_policy_href,
task_resource=task_resource,
force=force)
task.update(
status=vcd_client.TaskStatus.SUCCESS.value,
namespace='vcloud.cse',
operation=f"Removed compute policy (href: "
f"{compute_policy_href}) from org VDC '{vdc.name}'", # noqa: E501
operation_name='Updating VDC',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=vcd_client.EntityType.VDC.value,
user_href=user_href,
user_name=self._session.get('user'),
task_href=task_href,
org_href=org_href,
)
except Exception as err:
msg = f'Failed to remove compute policy: {compute_policy_href} ' \
f'from the OVDC: {vdc.name}'
logger.SERVER_LOGGER.error(msg) # noqa: E501
task.update(status=vcd_client.TaskStatus.ERROR.value,
namespace='vcloud.cse',
operation=msg,
operation_name='Remove org VDC compute policy',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=vcd_client.EntityType.VDC.value,
user_href=user_href,
user_name=self._session.get('user'),
task_href=task_href,
org_href=org_href,
error_message=f"{err}",
stack_trace='')
def get_ovdc_k8s_provider_metadata(org_name=None,
ovdc_name=None,
ovdc_id=None,
include_credentials=False,
include_nsxt_info=False):
"""Get k8s provider metadata for an org VDC.
:param str org_name:
:param str ovdc_name:
:param str ovdc_id:
:param bool include_credentials:
:param bool include_nsxt_info:
:return: Dictionary with k8s provider metadata
:rtype: Dict
"""
client = None
try:
client = vcd_utils.get_sys_admin_client()
ovdc = vcd_utils.get_vdc(client=client,
vdc_name=ovdc_name,
vdc_id=ovdc_id,
org_name=org_name,
is_admin_operation=True)
all_metadata = pyvcd_utils.metadata_to_dict(ovdc.get_all_metadata())
k8s_provider = all_metadata.get(K8S_PROVIDER_KEY, K8sProvider.NONE)
result = {K8S_PROVIDER_KEY: k8s_provider}
if k8s_provider == K8sProvider.PKS:
result.update(
{k: all_metadata[k]
for k in PksCache.get_pks_keys()}) # noqa: E501
result[PKS_PLANS_KEY] = result[PKS_PLANS_KEY].split(',')
# Get the credentials from PksCache
if include_credentials or include_nsxt_info:
pks_cache = utils.get_pks_cache()
pvdc_info = \
pks_cache.get_pvdc_info(vcd_utils.get_pvdc_id(ovdc))
if include_credentials:
# noqa: E501 TODO in case only ovdc_id is provided, we need a way to get org_name
pks_info = \
pks_cache.get_pks_account_info(org_name, pvdc_info.vc)
result.update(pks_info.credentials._asdict())
if include_nsxt_info:
nsxt_info = pks_cache.get_nsxt_info(pvdc_info.vc)
result['nsxt'] = nsxt_info
return result
finally:
if client is not None:
client.logout()
def info_ovdc(self, ovdc_name, org_name):
"""Disable ovdc for k8s for the given container provider.
:param str ovdc_name: Name of the org VDC to be enabled
:param str org_name: Name of org that @ovdc_name belongs to
:rtype: dict
"""
ovdc = get_vdc(self.client, vdc_name=ovdc_name, org_name=org_name,
is_admin_operation=True)
ovdc_id = utils.extract_id(ovdc.get_resource().get('id'))
return self._pks_ovdc_api.get_ovdc(ovdc_id)
def update_ovdc_for_k8s(self,
enable,
ovdc_name,
org_name=None,
container_provider=None,
pks_plan=None,
pks_cluster_domain=None):
"""Enable/Disable ovdc for k8s for the given container provider.
:param bool enable: If set to True will enable the vdc for the
paricular container_provider else if set to False, K8 support on
the vdc will be disabled.
:param str ovdc_name: Name of the ovdc to be enabled
:param str k8s_provider: Name of the container provider
:param str pks_plan: PKS plan
:param str pks_cluster_domain: Suffix of the domain name, which will be
used to construct FQDN of the clusters.
:param str org_name: Name of organization that belongs to ovdc_name
:return: response object
:rtype: dict
"""
method = RequestMethod.PUT
ovdc = get_vdc(self.client, vdc_name=ovdc_name, org_name=org_name,
is_admin_operation=True)
ovdc_id = utils.extract_id(ovdc.get_resource().get('id'))
uri = f'{self._uri}/ovdc/{ovdc_id}'
if not enable:
container_provider = K8sProviders.NONE
pks_plan = None
pks_cluster_domain = None
data = {
RequestKey.OVDC_ID: ovdc_id,
RequestKey.OVDC_NAME: ovdc_name,
RequestKey.ORG_NAME: org_name,
RequestKey.K8S_PROVIDER: container_provider,
RequestKey.PKS_PLAN_NAME: pks_plan,
RequestKey.PKS_CLUSTER_DOMAIN: pks_cluster_domain,
}
response = self.client._do_request_prim(
method,
uri,
self.client._session,
contents=data,
media_type='application/json',
accept_type='application/json')
return process_response(response)
def _get_pks_plans_and_server_for_vdc(self, client, vdc_sparse,
org_resource, vc_to_pks_plans_map):
pks_server = ''
pks_plans = []
vdc = get_vdc(client,
vdc_name=vdc_sparse['name'],
org_name=org_resource.get('name'))
vc_backing_vdc = vdc.get_resource().ComputeProviderScope
pks_plan_and_server_info = vc_to_pks_plans_map.get(vc_backing_vdc, [])
if len(pks_plan_and_server_info) > 0:
pks_plans = pks_plan_and_server_info[0]
pks_server = pks_plan_and_server_info[1]
return pks_plans, pks_server
def _construct_pks_compute_profile_name(sysadmin_client: vcd_client.Client,
vdc_id):
"""Construct pks compute profile name.
:param pyvcloud.vcd.client.Client sysadmin_client:
:param str vdc_id: UUID of the vdc in vcd
:return: pks compute profile name
:rtype: str
"""
vcd_utils.raise_error_if_not_sysadmin(sysadmin_client)
vdc = vcd_utils.get_vdc(client=sysadmin_client, vdc_id=vdc_id)
return f"cp--{vdc_id}--{vdc.name}"
def add_compute_policy_to_vdc(self, vdc_id, compute_policy_href):
"""Add compute policy to the given vdc.
:param str vdc_id: id of the vdc to assign the policy
:param compute_policy_href: policy href that is created using cloudapi
:return: an object containing VdcComputePolicyReferences XML element
that refers to individual VdcComputePolicies.
:rtype: lxml.objectify.ObjectifiedElement
"""
vdc = pyvcd_utils.get_vdc(self._vcd_client,
vdc_id=vdc_id,
is_admin_operation=True)
return vdc.add_compute_policy(compute_policy_href)
def remove_compute_policy_from_vdc(self, ovdc_id, compute_policy_href,
remove_compute_policy_from_vms=False):
"""Delete the compute policy from the specified vdc.
:param str ovdc_id: id of the vdc to assign the policy
:param compute_policy_href: policy href to remove
:param bool remove_compute_policy_from_vms: If True, will set affected
VMs' compute policy to 'System Default'
:return: dictionary containing 'task_href'.
"""
vdc = pyvcd_utils.get_vdc(self._vcd_client, vdc_id=ovdc_id)
# TODO is there no better way to get the client href?
org = pyvcd_utils.get_org(self._vcd_client)
org.reload()
user_name = self._session.get('user')
user_href = org.get_user(user_name).get('href')
task = Task(self._vcd_client)
task_resource = task.update(
status=TaskStatus.RUNNING.value,
namespace='vcloud.cse',
operation=f"Removing compute policy (href: {compute_policy_href})"
f" from org VDC (vdc id: {ovdc_id})",
operation_name='Remove org VDC compute policy',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=EntityType.VDC.value,
user_href=user_href,
user_name=user_name,
org_href=org.href)
task_href = task_resource.get('href')
self._remove_compute_policy_from_vdc_async(
task=task,
task_href=task_href,
user_href=user_href,
org_href=org.href,
ovdc_id=ovdc_id,
compute_policy_href=compute_policy_href,
remove_compute_policy_from_vms=remove_compute_policy_from_vms)
return {
'task_href': task_href
}
def remove_vdc_compute_policy_from_vdc(
self, # noqa: E501
ovdc_id,
compute_policy_href,
force=False): # noqa: E501
"""Delete the compute policy from the specified vdc.
:param str ovdc_id: id of the vdc to assign the policy
:param compute_policy_href: policy href to remove
:param bool force: If True, will set affected
VMs' compute policy to 'System Default'
:return: dictionary containing 'task_href'.
"""
vdc = vcd_utils.get_vdc(self._sysadmin_client, vdc_id=ovdc_id)
# TODO the following org will be associated with 'System' org.
# task created should be associated with the corresponding org of the
# vdc object.
org = vcd_utils.get_org(self._sysadmin_client)
org.reload()
user_name = self._session.get('user')
user_href = org.get_user(user_name).get('href')
task = Task(self._sysadmin_client)
task_resource = task.update(
status=vcd_client.TaskStatus.RUNNING.value,
namespace='vcloud.cse',
operation=f"Removing compute policy (href: {compute_policy_href})"
f" from org VDC (vdc id: {ovdc_id})",
operation_name='Remove org VDC compute policy',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=vcd_client.EntityType.VDC.value,
user_href=user_href,
user_name=user_name,
org_href=org.href)
task_href = task_resource.get('href')
self._remove_compute_policy_from_vdc_async(
ovdc_id=ovdc_id,
compute_policy_href=compute_policy_href,
task_resource=task_resource,
force=force)
return {'task_href': task_href}
def remove_compute_policy_from_vdc(self,
vdc_id,
compute_policy_href,
remove_compute_policy_from_vms=False):
"""Delete the compute policy from the specified vdc.
:param str vdc_id: id of the vdc to assign the policy
:param compute_policy_href: policy href that is created using cloudapi
:param bool remove_compute_policy_from_vms: If True, will set affected
VMs' compute policy to 'System Default'
:return: an object containing VdcComputePolicyReferences XML element
that refers to individual VdcComputePolicies.
:rtype: lxml.objectify.ObjectifiedElement
"""
if remove_compute_policy_from_vms:
cp_list = self.list_compute_policies_on_vdc(vdc_id)
system_default_href = None
system_default_id = None
for cp_dict in cp_list:
if cp_dict['name'] == _SYSTEM_DEFAULT_COMPUTE_POLICY:
system_default_href = cp_dict['href']
system_default_id = cp_dict['id']
if system_default_href is None:
raise EntityNotFoundException(
f"Error: {_SYSTEM_DEFAULT_COMPUTE_POLICY} "
f"compute policy not found.")
compute_policy_id = retrieve_compute_policy_id_from_href(
compute_policy_href) # noqa: E501
vapps = pyvcd_utils.get_all_vapps_in_ovdc(self._vcd_client, vdc_id)
for vapp in vapps:
vm_resources = vapp.get_all_vms()
for vm_resource in vm_resources:
if vm_resource.VdcComputePolicy.get(
'id') == compute_policy_id: # noqa: E501
vm = VM(self._vcd_client, resource=vm_resource)
task = vm.update_compute_policy(
system_default_href, system_default_id)
self._vcd_client.get_task_monitor().wait_for_status(
task) # noqa: E501
vdc = pyvcd_utils.get_vdc(self._vcd_client,
vdc_id=vdc_id,
is_admin_operation=True)
return vdc.remove_compute_policy(compute_policy_href)
def _construct_pks_compute_profile_name(vdc_id):
"""Construct pks compute profile name.
:param str vdc_id: UUID of the vdc in vcd
:return: pks compute profile name
:rtype: str
"""
client = None
try:
client = get_sys_admin_client()
vdc = get_vdc(client=client, vdc_id=vdc_id)
return f"cp--{vdc_id}--{vdc.name}"
finally:
if client:
client.logout()
def update_ovdc(self,
ovdc_name,
k8s_runtime,
enable=True,
org_name=None,
remove_cp_from_vms_on_disable=False):
"""Enable/Disable ovdc for k8s for the given k8s provider.
:param str ovdc_name: Name of org VDC to update
:param List[str] k8s_runtime: k8s_runtime of the k8s provider to
enable / disable for the ovdc
:param bool enable: If set to True will enable the vdc for the
paricular k8s_runtime else if set to False, K8 support on
the vdc will be disabled.
:param str org_name: Name of org that @ovdc_name belongs to
:param bool remove_cp_from_vms_on_disable: If set to True and
enable is False, then all the vms in the ovdc having policies for
the k8s_runtime is deleted.
:rtype: dict
"""
ovdc = get_vdc(self.client,
vdc_name=ovdc_name,
org_name=org_name,
is_admin_operation=True)
ovdc_id = utils.extract_id(ovdc.get_resource().get('id'))
curr_ovdc = self._ovdc_api.get_ovdc(ovdc_id)
runtimes = curr_ovdc.k8s_runtime
for k in k8s_runtime:
if enable:
if k in runtimes:
raise Exception(
f"OVDC {ovdc_name} already enabled for {k8s_runtime}"
) # noqa: E501
runtimes.append(k)
else:
if k not in runtimes:
raise Exception(
f"OVDC {ovdc_name} already disabled for {k8s_runtime}"
) # noqa: E501
runtimes.remove(k)
updated_ovdc = def_models.Ovdc(
k8s_runtime=runtimes,
remove_cp_from_vms_on_disable=remove_cp_from_vms_on_disable)
return self._ovdc_api.update_ovdc(ovdc_id, updated_ovdc)
def add_compute_policy_to_vdc(self, vdc_id, compute_policy_href):
"""Add compute policy to the given vdc.
Note: The VDC compute policy need not be created by CSE.
:param str vdc_id: id of the vdc to assign the policy
:param compute_policy_href: policy href that is created using cloudapi
:return: an object containing VdcComputePolicyReferences XML element
that refers to individual VdcComputePolicies.
:rtype: lxml.objectify.ObjectifiedElement
"""
self._raise_error_if_not_supported()
vdc = vcd_utils.get_vdc(self._sysadmin_client,
vdc_id=vdc_id,
is_admin_operation=True)
return vdc.add_compute_policy(compute_policy_href)
def get_ovdc_k8s_runtime_details(sysadmin_client: vcd_client.Client,
ovdc_id=None,
ovdc_name=None,
org_name=None,
log_wire=False) -> def_models.Ovdc:
"""Get k8s runtime details for an ovdc.
Atleast ovdc_id and ovdc_name or org_name and ovdc_name should be provided.
Additional call to get ovdc details can be avoided by providing ovdc_id and
ovdc_name.
:param sysadmin_client vcd_client.Client: vcd sysadmin client
:param str org_name:
:param str ovdc_name:
:param str ovdc_id:
:param bool log_wire:
:return: Ovdc object with k8s runtimes
:rtype: def_models.Ovdc
"""
vcd_utils.raise_error_if_user_not_from_system_org(sysadmin_client)
cpm = compute_policy_manager.ComputePolicyManager(sysadmin_client,
log_wire=log_wire)
if not (org_name and ovdc_name) and not ovdc_id:
msg = "Unable to fetch OVDC k8 runtime details with the " \
"provided parameters"
logger.SERVER_LOGGER.error(msg)
raise Exception(msg)
if not ovdc_id or not ovdc_name:
# populate ovdc_id and ovdc_name
ovdc = vcd_utils.get_vdc(client=sysadmin_client,
vdc_id=ovdc_id,
vdc_name=ovdc_name,
org_name=org_name,
is_admin_operation=True)
ovdc_id = vcd_utils.extract_id(ovdc.get_resource().get('id'))
ovdc_name = ovdc.get_resource().get('name')
policies = []
for cse_policy in \
compute_policy_manager.list_cse_placement_policies_on_vdc(cpm, ovdc_id): # noqa: E501
policies.append(RUNTIME_INTERNAL_NAME_TO_DISPLAY_NAME_MAP[
cse_policy['display_name']]) # noqa: E501
return def_models.Ovdc(ovdc_name=ovdc_name,
ovdc_id=ovdc_id,
k8s_runtime=policies) # noqa: E501
def construct_ctr_prov_ctx_from_pks_cache(ovdc_id, org_name, pks_plans,
pks_cluster_domain,
container_provider):
client = None
try:
ctr_prov_context = {}
ctr_prov_context[K8S_PROVIDER_KEY] = container_provider
if container_provider == K8sProviders.PKS:
if not is_pks_enabled():
raise CseServerError('CSE is not configured to work with PKS.')
client = get_sys_admin_client()
ovdc = get_vdc(client=client, vdc_id=ovdc_id,
is_admin_operation=True)
pks_cache = get_pks_cache()
pvdc_id = get_pvdc_id(ovdc)
pvdc_info = pks_cache.get_pvdc_info(pvdc_id)
if not pvdc_info:
LOGGER.debug(f"pvdc '{pvdc_id}' is not backed "
f"by PKS-managed-vSphere resources")
raise CseServerError(f"VDC '{ovdc.get_resource().get('name')}'"
" is not eligible to provide resources"
" for PKS clusters.")
pks_account_info = pks_cache.get_pks_account_info(
org_name, pvdc_info.vc)
nsxt_info = pks_cache.get_nsxt_info(pvdc_info.vc)
pks_compute_profile_name = \
_construct_pks_compute_profile_name(ovdc_id)
ctr_prov_context = construct_pks_context(
pks_account_info=pks_account_info,
pvdc_info=pvdc_info,
nsxt_info=nsxt_info,
pks_compute_profile_name=pks_compute_profile_name,
pks_plans=pks_plans,
pks_cluster_domain=pks_cluster_domain,
credentials_required=True)
return ctr_prov_context
finally:
if client:
client.logout()
def list_ovdc_compute_policies(self, ovdc_name, org_name):
"""List an ovdc's compute policies.
:param str ovdc_name: Name of org VDC to update
:param str org_name: Name of org that @ovdc_name belongs to
:rtype: dict
"""
method = RequestMethod.GET
ovdc = get_vdc(self.client,
vdc_name=ovdc_name,
org_name=org_name,
is_admin_operation=True)
ovdc_id = utils.extract_id(ovdc.get_resource().get('id'))
uri = f'{self._uri}/ovdc/{ovdc_id}/compute-policies'
response = self.client._do_request_prim(method,
uri,
self.client._session,
accept_type='application/json')
return process_response(response)
def info_ovdc_for_k8s(self, ovdc_name, org_name):
"""Disable ovdc for k8s for the given container provider.
:param str ovdc_name: Name of the org VDC to be enabled
:param str org_name: Name of org that @ovdc_name belongs to
:rtype: dict
"""
method = RequestMethod.GET
ovdc = get_vdc(self.client,
vdc_name=ovdc_name,
org_name=org_name,
is_admin_operation=True)
ovdc_id = utils.extract_id(ovdc.get_resource().get('id'))
uri = f'{self._uri}/ovdc/{ovdc_id}'
response = self.client._do_request_prim(method,
uri,
self.client._session,
accept_type='application/json')
return process_response(response)
def set_ovdc_container_provider_metadata(self,
ovdc_id,
container_prov_data=None,
container_provider=None):
"""Set the container provider metadata of given ovdc.
:param resource ovdc: vdc resource
:param dict container_prov_data: container provider context details
:param str container_provider: name of container provider for which
the ovdc is being enabled to deploy k8 clusters on.
"""
client = None
try:
client = get_sys_admin_client()
ovdc = get_vdc(client, vdc_id=ovdc_id)
ovdc_name = ovdc.get_resource().get('name')
metadata = {}
metadata[K8S_PROVIDER_KEY] = container_provider or \
K8sProviders.NONE
if container_provider != K8sProviders.PKS:
LOGGER.debug(f"Remove existing metadata for ovdc:{ovdc_name}")
self._remove_metadata_from_ovdc(ovdc, PksCache.get_pks_keys())
LOGGER.debug(f"Updated metadata for {container_provider}:"
f"{metadata}")
else:
container_prov_data.pop('username')
container_prov_data.pop('secret')
container_prov_data.pop('nsxt')
metadata.update(container_prov_data)
# set ovdc metadata into Vcd
LOGGER.debug(f"On ovdc:{ovdc_name}, setting metadata:{metadata}")
return ovdc.set_multiple_metadata(metadata, MetadataDomain.SYSTEM,
MetadataVisibility.PRIVATE)
finally:
if client:
client.logout()
def construct_k8s_metadata_from_pks_cache(sysadmin_client: vcd_client.Client,
ovdc_id, org_name, pks_plans,
pks_cluster_domain, k8s_provider):
vcd_utils.raise_error_if_not_sysadmin(sysadmin_client)
ctr_prov_context = {
K8S_PROVIDER_KEY: k8s_provider,
}
if k8s_provider == K8sProvider.PKS:
if not utils.is_pks_enabled():
raise e.CseServerError('CSE is not configured to work with PKS.')
ovdc = vcd_utils.get_vdc(client=sysadmin_client,
vdc_id=ovdc_id,
is_admin_operation=True)
pks_cache = utils.get_pks_cache()
pvdc_id = vcd_utils.get_pvdc_id(sysadmin_client, ovdc)
pvdc_info = pks_cache.get_pvdc_info(pvdc_id)
if not pvdc_info:
LOGGER.debug(f"pvdc '{pvdc_id}' is not backed "
f"by PKS-managed-vSphere resources")
raise e.CseServerError(f"VDC '{ovdc.get_resource().get('name')}'"
" is not eligible to provide resources"
" for PKS clusters.")
pks_account_info = pks_cache.get_pks_account_info(
org_name, pvdc_info.vc)
nsxt_info = pks_cache.get_nsxt_info(pvdc_info.vc)
pks_compute_profile_name = _construct_pks_compute_profile_name(
sysadmin_client, ovdc_id)
ctr_prov_context = construct_pks_context(
pks_account_info=pks_account_info,
pvdc_info=pvdc_info,
nsxt_info=nsxt_info,
pks_compute_profile_name=pks_compute_profile_name,
pks_plans=pks_plans,
pks_cluster_domain=pks_cluster_domain,
credentials_required=True)
return ctr_prov_context
def list_compute_policies_on_vdc(self, vdc_id):
"""List compute policy currently assigned to a given vdc.
:param str vdc_id: id of the vdc for which policies need to be
retrieved.
:return: A list of dictionaries with the keys 'name', 'href', and 'id'
:rtype: List
"""
vdc = pyvcd_utils.get_vdc(self._vcd_client,
vdc_id=vdc_id,
is_admin_operation=True)
result = []
cp_list = vdc.list_compute_policies()
for cp in cp_list:
result.append({
'name': self._get_policy_display_name(cp.get('name')),
'href': cp.get('href'),
'id': cp.get('id')
})
return result
def _remove_compute_policy_from_vdc_async(self, *args,
task,
task_href,
user_href,
org_href,
ovdc_id,
compute_policy_href,
remove_compute_policy_from_vms):
user_name = self._session.get('user')
vdc = pyvcd_utils.get_vdc(self._vcd_client,
vdc_id=ovdc_id,
is_admin_operation=True)
try:
if remove_compute_policy_from_vms:
cp_list = self.list_compute_policies_on_vdc(ovdc_id)
system_default_href = None
for cp_dict in cp_list:
if cp_dict['name'] == _SYSTEM_DEFAULT_COMPUTE_POLICY:
system_default_href = cp_dict['href']
if system_default_href is None:
raise EntityNotFoundException(
f"Error: {_SYSTEM_DEFAULT_COMPUTE_POLICY} "
f"compute policy not found")
compute_policy_id = retrieve_compute_policy_id_from_href(compute_policy_href) # noqa: E501
vapps = pyvcd_utils.get_all_vapps_in_ovdc(self._vcd_client,
ovdc_id)
target_vms = []
for vapp in vapps:
vm_resources = vapp.get_all_vms()
for vm_resource in vm_resources:
if vm_resource.VdcComputePolicy.get('id') == compute_policy_id: # noqa: E501
target_vms.append(vm_resource)
vm_names = [vm.get('name') for vm in target_vms]
task.update(
status=TaskStatus.RUNNING.value,
namespace='vcloud.cse',
operation=f"Setting compute policy to "
f"'{_SYSTEM_DEFAULT_COMPUTE_POLICY}' on "
f"{len(vm_names)} affected VMs: {vm_names}",
operation_name='Remove org VDC compute policy',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=EntityType.VDC.value,
user_href=user_href,
user_name=user_name,
task_href=task_href,
org_href=org_href,
)
task_monitor = self._vcd_client.get_task_monitor()
for vm_resource in target_vms:
vm = VM(self._vcd_client, href=vm_resource.get('href'))
_task = vm.update_compute_policy(system_default_href)
task.update(
status=TaskStatus.RUNNING.value,
namespace='vcloud.cse',
operation=f"Setting compute policy to "
f"'{_SYSTEM_DEFAULT_COMPUTE_POLICY}' on VM "
f"'{vm_resource.get('name')}'",
operation_name='Remove org VDC compute policy',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=EntityType.VDC.value,
user_href=user_href,
user_name=user_name,
task_href=task_href,
org_href=org_href,
)
task_monitor.wait_for_success(_task)
task.update(
status=TaskStatus.RUNNING.value,
namespace='vcloud.cse',
operation=f"Removing compute policy (href:"
f"{compute_policy_href}) from org VDC '{vdc.name}'",
operation_name='Remove org VDC compute policy',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=EntityType.VDC.value,
user_href=user_href,
user_name=user_name,
task_href=task_href,
org_href=org_href,
)
vdc.remove_compute_policy(compute_policy_href)
task.update(
status=TaskStatus.SUCCESS.value,
namespace='vcloud.cse',
operation=f"Removed compute policy (href: "
f"{compute_policy_href}) from org VDC '{vdc.name}'",
operation_name='Updating VDC',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=EntityType.VDC.value,
user_href=user_href,
user_name=user_name,
task_href=task_href,
org_href=org_href,
)
except Exception as err:
LOGGER.error(err, exc_info=True)
task.update(
status=TaskStatus.ERROR.value,
namespace='vcloud.cse',
operation='',
operation_name='Remove org VDC compute policy',
details='',
progress=None,
owner_href=vdc.href,
owner_name=vdc.name,
owner_type=EntityType.VDC.value,
user_href=user_href,
user_name=user_name,
task_href=task_href,
org_href=org_href,
error_message=f"{err}"
)
