def detach(self, *args, **kwargs):
try:
# We raise an exception when a resource doesn't exist
self._scheduler.svcat.get_instance(self.app.id, self.name)
self._scheduler.svcat.delete_instance(self.app.id, self.name)
except KubeException as e:
raise ServiceUnavailable("Could not delete resource {} for application {}".format(self.name, self.app_id)) from e # noqa
def detach(self):
try:
# We raise an exception when a volume doesn't exist
self._scheduler.pvc.get(self.app.id, self.name)
self._scheduler.pvc.delete(self.app.id, self.name)
except KubeException as e:
raise ServiceUnavailable(
"Could not delete volume {} for application \
{}".format(self.name, self.app_id)) from e # noqa
def get(self, request):
try:
import django.db
with django.db.connection.cursor() as c:
c.execute("SELECT 0")
except django.db.Error as e:
raise ServiceUnavailable("Database health check failed") from e
return HttpResponse("OK")
def create(self, *args, **kwargs): # noqa
# create required minimum service in k8s for the application
namespace = self._namespace()
svc_name = self._svc_name()
self.log('creating Service: {}'.format(svc_name), level=logging.DEBUG)
try:
try:
self._scheduler.svc.get(namespace, svc_name)
except KubeException:
self._scheduler.svc.create(namespace, svc_name)
except KubeException as e:
raise ServiceUnavailable('Kubernetes service could not be created') from e
def unbind(self, *args, **kwargs):
if not self.binding:
raise DryccException("the resource is not binding")
try:
# We raise an exception when a resource doesn't exist
self._scheduler.svcat.get_binding(self.app.id, self.name)
self._scheduler.svcat.delete_binding(self.app.id, self.name)
self.binding = None
self.data = {}
self.save()
except KubeException as e:
raise ServiceUnavailable("Could not unbind resource {} for application {}".format(self.name, self.app_id)) from e # noqa
def _fetch_service_config(self, app):
try:
# Get the service from k8s to attach the domain correctly
svc = self._scheduler.get_service(app, app).json()
except KubeException as e:
raise ServiceUnavailable('Could not fetch Kubernetes Service {}'.format(app)) from e
# Get minimum structure going if it is missing on the service
if 'metadata' not in svc or 'annotations' not in svc['metadata']:
default = {'metadata': {'annotations': {}}}
svc = dict_merge(svc, default)
return svc
def _save_service_config(self, app, component, data):
# fetch setvice definition with minimum structure
svc = self._fetch_service_config(app)
# always assume a .deis.io ending
component = "%s.deis.io/" % component
# add component to data and flatten
data = {"%s%s" % (component, key): value for key, value in list(data.items())}
svc['metadata']['annotations'].update(morph.flatten(data))
# Update the k8s service for the application with new service information
try:
self._scheduler.update_service(app, app, svc)
except KubeException as e:
raise ServiceUnavailable('Could not update Kubernetes Service {}'.format(app)) from e
def attach(self):
try:
self._scheduler.pvc.get(self.app.id, self.name)
err = "Volume {} already exists in this namespace".format(
self.name) # noqa
self.log(err, logging.INFO)
raise AlreadyExists(err)
except KubeException as e:
logger.info(e)
try:
kwargs = {
"size": self._get_size(self.size),
"storage_class": settings.DRYCC_APP_STORAGE_CLASS,
}
self._scheduler.pvc.create(self.app.id, self.name, **kwargs)
except KubeException as e:
msg = 'There was a problem creating the volume ' \
'{} for {}'.format(self.name, self.app_id)
raise ServiceUnavailable(msg) from e
def detach(self, *args, **kwargs):
# remove the certificate from the domain
domain = get_object_or_404(Domain, domain=kwargs['domain'])
domain.certificate = None
domain.save()
name = '%s-certificate' % self.name
namespace = domain.app.id
# only delete if it exists and if no other domains depend on secret
if len(self.domains) == 0:
try:
# We raise an exception when a secret doesn't exist
self._scheduler.secret.get(namespace, name)
self._scheduler.secret.delete(namespace, name)
except KubeException as e:
raise ServiceUnavailable(
"Could not delete certificate secret {} for application {}"
.format(name, namespace)) from e # noqa
def attach_in_kubernetes(self, domain):
"""Creates the certificate as a kubernetes secret"""
# only create if it exists - We raise an exception when a secret doesn't exist
try:
name = '%s-certificate' % self.name
namespace = domain.app.id
data = {'tls.crt': self.certificate, 'tls.key': self.key}
secret = self._scheduler.secret.get(namespace, name).json()['data']
except KubeException:
self._scheduler.secret.create(namespace, name, data)
else:
# update cert secret to the TLS Ingress format if required
if secret != data:
try:
self._scheduler.secret.update(namespace, name, data)
except KubeException as e:
msg = 'There was a problem updating the certificate secret ' \
'{} for {}'.format(name, namespace)
raise ServiceUnavailable(msg) from e
def bind(self, *args, **kwargs):
if self.status != "Ready":
raise DryccException("the resource is not ready")
if self.binding == "Ready":
raise DryccException("the resource is binding")
self.binding = "Binding"
self.save()
try:
self._scheduler.svcat.get_binding(self.app.id, self.name)
err = "Resource {} is binding".format(self.name)
self.log(err, logging.INFO)
raise AlreadyExists(err)
except KubeException as e:
logger.info(e)
try:
self._scheduler.svcat.create_binding(self.app.id, self.name,
**kwargs)
except KubeException as e:
msg = 'There was a problem binding the resource ' \
'{} for {}'.format(self.name, self.app_id)
raise ServiceUnavailable(msg) from e
def attach(self, *args, **kwargs):
try:
self._scheduler.svcat.get_instance(self.app.id, self.name)
err = "Resource {} already exists in this namespace".format(
self.name) # noqa
self.log(err, logging.INFO)
raise AlreadyExists(err)
except KubeException as e:
logger.info(e)
try:
instance = self.plan.split(":")
kwargs = {
"instance_class": instance[0],
"instance_plan": ":".join(instance[1:]),
"parameters": self.options,
}
self._scheduler.svcat.create_instance(self.app.id, self.name,
**kwargs)
except KubeException as e:
msg = 'There was a problem creating the resource ' \
'{} for {}'.format(self.name, self.app_id)
raise ServiceUnavailable(msg) from e
def attach_update(self, *args, **kwargs):
try:
data = self._scheduler.svcat.get_instance(self.app.id,
self.name).json()
except KubeException as e:
logger.debug(e)
self.DryccException("resource {} does not exist".format(self.name))
try:
version = data["metadata"]["resourceVersion"]
instance = self.plan.split(":")
kwargs = {
"instance_class": instance[0],
"instance_plan": ":".join(instance[1:]),
"parameters": self.options,
"external_id": data["spec"]["externalID"]
}
self._scheduler.svcat.put_instance(self.app.id, self.name, version,
**kwargs)
except KubeException as e:
msg = 'There was a problem update the resource ' \
'{} for {}'.format(self.name, self.app_id)
raise ServiceUnavailable(msg) from e
def _check_system_update(request):
"""Only SuperAdmins can access the API during system update"""
from api.system.update.api_views import UpdateView
if UpdateView.is_task_running() and not request.user.is_staff:
raise ServiceUnavailable('System update in progress')