def register_default_ns(access_token, username, project_id, project_code, cluster_id): """注册默认的命名空间(针对k8s集群) 1. 创建存储镜像账号的secret 2. 将 default 命名空间注册到paas_cc 上 project_code = request.project.english_name """ # 组装创建ns的数据 data = {'env_type': 'dev', 'name': 'default', 'cluster_id': cluster_id} ns_base = NamespaceBase() # 1. 创建存储镜像账号的secret client = K8SClient(access_token, project_id, data['cluster_id'], env=None) ns_base.create_jfrog_secret(client, access_token, project_id, project_code, data) # 2. 将 default 命名空间注册到paas_cc 上 result = paas_cc.create_namespace(access_token, project_id, data['cluster_id'], data['name'], None, username, data['env_type']) if result.get('code') != 0: if 'Duplicate entry' in result.get('message', ''): message = _("创建失败,namespace名称已经在其他项目存在") else: message = result.get('message', '') return False, message # 注册资源到权限中心 request = RequestClass(username=username, access_token=access_token, project_code=project_code) perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES, data['cluster_id']) perm.register(str(result['data']['id']), result['data']['name']) return True, _("命名空间[default]注册成功")
def create_flow(self, request, project_id, data, perm): access_token = request.user.token.access_token project_kind = request.project.kind project_code = request.project.english_name ns_name = data['name'] cluster_id = data['cluster_id'] if ClusterType.get(project_kind) == 'Kubernetes': # k8s 集群需要调用 bcs api 初始化数据 self.init_namespace_by_bcs(access_token, project_id, project_code, data) has_image_secret = None else: self.init_mesos_ns_by_bcs(access_token, project_id, project_code, cluster_id, ns_name) has_image_secret = True result = paas_cc.create_namespace( access_token, project_id, cluster_id, ns_name, None, # description 现在没有用到 request.user.username, data['env_type'], has_image_secret, ) if result.get('code') != 0: if ClusterType.get(project_kind) != 'Kubernetes': self.delete_secret_for_mesos(access_token, project_id, cluster_id, ns_name) if 'Duplicate entry' in result.get('message', ''): message = _("创建失败,namespace名称已经在其他项目存在") else: message = result.get('message', '') return response.Response({ 'code': result['code'], 'data': None, 'message': message }) else: # 注册资源到权限中心 perm.register(result['data']['id'], f'{ns_name}({cluster_id})') # 创建成功后需要保存变量信息 result_data = result.get('data') if data.get('ns_vars') and result_data: ns_id = result_data.get('id') res, not_exist_vars = NameSpaceVariable.batch_save( ns_id, data['ns_vars']) if not_exist_vars: not_exist_show_msg = [ f'{i["key"]}[id:{i["id"]}]' for i in not_exist_vars ] result['message'] = _("以下变量不存在:{}").format( ';'.join(not_exist_show_msg)) result['data']['ns_vars'] = NameSpaceVariable.get_ns_vars( ns_id, project_id) return result
def create_cc_namespace(access_token, project_id, cluster_id, namespace, creator): resp = paas_cc.create_namespace(access_token, project_id, cluster_id, namespace, None, creator, 'prod', True) if resp.get('code') != ErrorCode.NoError: raise error_codes.APIError( f'create namespace error, {resp.get("message")}') return resp['data']
def create_cc_namespace(access_token, project_id, cluster_id, namespace, creator): resp = paas_cc.create_namespace(access_token, project_id, cluster_id, namespace, None, creator, "prod", False) if resp.get("code") != ErrorCode.NoError: raise error_codes.APIError( f"create cc namespace error, {resp.get('message')}") return resp["data"]
def create_flow(self, request, project_id, data): access_token = request.user.token.access_token project_code = request.project.english_name ns_name = data['name'] cluster_id = data['cluster_id'] # k8s 集群需要调用 bcs api 初始化数据 self.init_namespace_by_bcs(access_token, project_id, project_code, data) has_image_secret = None result = paas_cc.create_namespace( access_token, project_id, cluster_id, ns_name, None, # description 现在没有用到 request.user.username, data['env_type'], has_image_secret, ) if result.get('code') != 0: if 'Duplicate entry' in result.get('message', ''): message = _("创建失败,namespace名称已经在其他项目存在") else: message = result.get('message', '') return response.Response({ 'code': result['code'], 'data': None, 'message': message }) else: self.iam_perm.grant_resource_creator_actions( NamespaceCreatorAction(project_id=project_id, cluster_id=cluster_id, creator=request.user.username, name=ns_name), ) # 创建成功后需要保存变量信息 result_data = result.get('data') if data.get('ns_vars') and result_data: ns_id = result_data.get('id') res, not_exist_vars = NameSpaceVariable.batch_save( ns_id, data['ns_vars']) if not_exist_vars: not_exist_show_msg = [ f'{i["key"]}[id:{i["id"]}]' for i in not_exist_vars ] result['message'] = _("以下变量不存在:{}").format( ';'.join(not_exist_show_msg)) result['data']['ns_vars'] = NameSpaceVariable.get_ns_vars( ns_id, project_id) return result
def create_cc_namespace(access_token, project_id, cluster_id, namespace, creator): return paas_cc.create_namespace(access_token, project_id, cluster_id, namespace, None, creator, "prod", False)
def create(self, request, project_id, is_validate_perm=True): """新建命名空间 k8s 流程:新建namespace配置文件并下发 -> 新建包含仓库账号信息的sercret配置文件并下发 -> 在paas-cc上注册 mesos流程:新建包含仓库账号信息的sercret配置文件并下发 -> 在paas-cc上注册 """ serializer = NamespaceSLZ(data=request.data, context={ 'request': request, 'project_id': project_id }) serializer.is_valid(raise_exception=True) data = serializer.data # 判断权限 perm = bcs_perm.Namespace(request, project_id, bcs_perm.NO_RES, data['cluster_id']) perm.can_create(raise_exception=is_validate_perm) data = serializer.data access_token = request.user.token.access_token project_kind = request.project.kind project_code = request.project.english_name if ClusterType.get(project_kind) == 'Kubernetes': # k8s 集群需要调用 bcs api 初始化数据 self.init_namespace_by_bcs(access_token, project_id, project_code, data) has_image_secret = None else: ns_name = data['name'] cluster_id = data['cluster_id'] self.init_mesos_ns_by_bcs(access_token, project_id, project_code, cluster_id, ns_name) has_image_secret = True result = paas_cc.create_namespace( access_token, project_id, data['cluster_id'], data['name'], None, # description 现在没有用到 request.user.username, data['env_type'], has_image_secret) if result.get('code') != 0: if ClusterType.get(project_kind) != 'Kubernetes': self.delete_secret_for_mesos(access_token, project_id, cluster_id, ns_name) if 'Duplicate entry' in result.get('message', ''): message = "创建失败,namespace名称已经在其他项目存在" else: message = result.get('message', '') return response.Response({ 'code': result['code'], 'data': None, 'message': message }) else: # 注册资源到权限中心 perm.register(result['data']['id'], result['data']['name']) # 创建成功后需要保存变量信息 result_data = result.get('data') if data.get('ns_vars') and result_data: ns_id = result_data.get('id') res, not_exist_vars = NameSpaceVariable.batch_save( ns_id, data['ns_vars']) if not_exist_vars: not_exist_show_msg = [ '%s[id:%s]' % (i['key'], i['id']) for i in not_exist_vars ] result['message'] = u"以下变量不存在:%s" % ";".join( not_exist_show_msg) result['data']['ns_vars'] = NameSpaceVariable.get_ns_vars( ns_id, project_id) return response.Response(result)