def groom(_plugin, model):
setDefaultInMap(model[CLUSTER], K8S, {})
setDefaultInMap(model[CLUSTER][K8S], METALLB, {})
setDefaultInMap(model[CLUSTER][K8S][METALLB], DISABLED, False)
if model[CLUSTER][K8S][METALLB][DISABLED]:
return False
else:
if DASHBOARD_IP in model[CLUSTER][K8S][METALLB]:
model[CLUSTER][K8S][METALLB][DASHBOARD_IP] = resolveDnsAndCheck(
model[CLUSTER][K8S][METALLB][DASHBOARD_IP])
dashboard_ip = ipaddress.ip_address(
u"" + model[CLUSTER][K8S][METALLB][DASHBOARD_IP])
dashboardInRange = False
for rangeip in model[CLUSTER][K8S][METALLB][EXTERNAL_IP_RANGES]:
rangeip[FIRST] = resolveDnsAndCheck(rangeip[FIRST])
rangeip[LAST] = resolveDnsAndCheck(rangeip[LAST])
first_ip = ipaddress.ip_address(u"" + rangeip[FIRST])
last_ip = ipaddress.ip_address(u"" + rangeip[LAST])
if not last_ip > first_ip:
ERROR("Invalid metallb.external_ip_range (first >= last)")
if dashboard_ip >= first_ip and dashboard_ip <= last_ip:
dashboardInRange = True
if not dashboardInRange:
ERROR(
"metallb.dashboard_ip is not included in one of metallb.external_ip_ranges"
)
return True
def groom2(_plugin, model):
if LB_ADDRESS in model[CLUSTER][K8S][LOKI_STACK][GRAFANA]:
if METALLB not in model[CLUSTER][K8S] or model[CLUSTER][K8S][METALLB][
DISABLED]:
ERROR("A lb_address is defined while there is no metallb plugin")
model[CLUSTER][K8S][LOKI_STACK][GRAFANA][
LB_ADDRESS] = resolveDnsAndCheck(
model[CLUSTER][K8S][LOKI_STACK][GRAFANA][LB_ADDRESS])
lb_address = ipaddress.ip_address(
u"" + model[CLUSTER][K8S][LOKI_STACK][GRAFANA][LB_ADDRESS])
lbAddressInRange = False
for rangeip in model[CLUSTER][K8S][METALLB][EXTERNAL_IP_RANGES]:
first_ip = ipaddress.ip_address(u"" + rangeip[FIRST])
last_ip = ipaddress.ip_address(u"" + rangeip[LAST])
if lb_address >= first_ip and lb_address <= last_ip:
lbAddressInRange = True
if not lbAddressInRange:
ERROR(
"grafana.lb_address is not included in one of metallb.external_ip_ranges"
)
if LB_ADDRESS in model[CLUSTER][K8S][LOKI_STACK][LOKI]:
if METALLB not in model[CLUSTER][K8S] or model[CLUSTER][K8S][METALLB][
DISABLED]:
ERROR("A lb_address is defined while there is no metallb plugin")
model[CLUSTER][K8S][LOKI_STACK][LOKI][LB_ADDRESS] = resolveDnsAndCheck(
model[CLUSTER][K8S][LOKI_STACK][LOKI][LB_ADDRESS])
lb_address = ipaddress.ip_address(
u"" + model[CLUSTER][K8S][LOKI_STACK][LOKI][LB_ADDRESS])
lbAddressInRange = False
for rangeip in model[CLUSTER][K8S][METALLB][EXTERNAL_IP_RANGES]:
first_ip = ipaddress.ip_address(u"" + rangeip[FIRST])
last_ip = ipaddress.ip_address(u"" + rangeip[LAST])
if lb_address >= first_ip and lb_address <= last_ip:
lbAddressInRange = True
if not lbAddressInRange:
ERROR(
"loki.lb_address is not included in one of metallb.external_ip_ranges"
)
def groom(_plugin, model):
setDefaultInMap(model[CLUSTER], K8S, {})
setDefaultInMap(model[CLUSTER][K8S], ARGOCD, {})
setDefaultInMap(model[CLUSTER][K8S][ARGOCD], DISABLED, False)
if model[CLUSTER][K8S][ARGOCD][DISABLED]:
return False
else:
if LOAD_BALANCER_IP in model[CLUSTER][K8S][ARGOCD]:
model[CLUSTER][K8S][ARGOCD][LOAD_BALANCER_IP] = resolveDnsAndCheck(
model[CLUSTER][K8S][ARGOCD][LOAD_BALANCER_IP])
if INGRESS_NGINX_HOST in model[CLUSTER][K8S][ARGOCD]:
if INGRESS_NGINX in model[CLUSTER][K8S] and EXTERNAL_IP in model[
CLUSTER][K8S][INGRESS_NGINX]:
ingress_ip = resolveDnsAndCheck(
model[CLUSTER][K8S][INGRESS_NGINX][EXTERNAL_IP])
argocd_ip = resolveDnsAndCheck(
model[CLUSTER][K8S][ARGOCD]
[INGRESS_NGINX_HOST]) # error if it does not resolve.
if argocd_ip != ingress_ip:
ERROR(
"k8s.argocd: 'ingress_nginx_host' and 'ingress_nginx.external_ip' must resolve on same ip ({} != {})"
.format(argocd_ip, ingress_ip))
return True
def groom(_plugin, model):
setDefaultInMap(model[CLUSTER], K8S, {})
setDefaultInMap(model[CLUSTER][K8S], INGRESS_NGINX, {})
setDefaultInMap(model[CLUSTER][K8S][INGRESS_NGINX], DISABLED, False)
setDefaultInMap(model[CLUSTER][K8S][INGRESS_NGINX], ENABLE_SSL_PASSTHROUGH,
False)
if model[CLUSTER][K8S][INGRESS_NGINX][DISABLED]:
return False
else:
if EXTERNAL_IP in model[CLUSTER][K8S][INGRESS_NGINX]:
model[CLUSTER][K8S][INGRESS_NGINX][
EXTERNAL_IP] = resolveDnsAndCheck(
model[CLUSTER][K8S][INGRESS_NGINX][EXTERNAL_IP])
if DASHBOARD_HOST in model[CLUSTER][K8S][INGRESS_NGINX]:
dashboard_ip = resolveDns(
model[CLUSTER][K8S][INGRESS_NGINX][DASHBOARD_HOST])
if dashboard_ip is not None:
if EXTERNAL_IP in model[CLUSTER][K8S][
INGRESS_NGINX] and model[CLUSTER][K8S][INGRESS_NGINX][
EXTERNAL_IP] != dashboard_ip:
ERROR(
"k8s.ingress_nginx: 'external_ip' and 'dashboard_host' must resolve on same ip ({} != {})"
.format(
model[CLUSTER][K8S][INGRESS_NGINX][EXTERNAL_IP],
dashboard_ip))
else:
logger.warn(
"Unable to resolve '{}' for now. May be this DNS entry will be created later."
.format(
model[CLUSTER][K8S][INGRESS_NGINX][DASHBOARD_HOST]))
enableSslPassthrough = False
if COMMAND_LINE_ARGUMENTS in model[CLUSTER][K8S][INGRESS_NGINX]:
for cla in model[CLUSTER][K8S][INGRESS_NGINX][
COMMAND_LINE_ARGUMENTS]:
if cla == "--enable-ssl-passthrough":
enableSslPassthrough = True
if not enableSslPassthrough:
ERROR(
"k8s.ingress_nginx: Dashbaord access require '--enable-ssl-passthrough' command line argument to be defined"
)
return True