def build_ingress(services, dns_suffix, dual_dns_prefix_annotation_name, ingress_info): ingress = client.NetworkingV1beta1Ingress() # init metadata ingress.metadata = client.V1ObjectMeta() ingress.metadata.name = ingress_info["ingress_name"] # init spec ingress.spec = client.NetworkingV1beta1IngressSpec() ingress.spec.rules = [] service_tuples = _create_ingress_service_tuples( services, dual_dns_prefix_annotation_name) # A little bit of a hack to have the ingress put the port:443 entries before the port:80 entries, # so that the port:80 entries take precedence if the service name is the same. Without this # we get ssl errors when accessing services behind the ingress locally because of k3d internals service_tuples = sorted(service_tuples, key=lambda x: x[1], reverse=True) for dns_prefix, port, service in service_tuples: ingress_rule = client.NetworkingV1beta1IngressRule() ingress_rule.host = "%s.%s" % (dns_prefix, dns_suffix) backend = client.NetworkingV1beta1IngressBackend( service_name=service.metadata.name, service_port=port) ingress_path = [ client.NetworkingV1beta1HTTPIngressPath(path="/", backend=backend) ] ingress_rule.http = client.NetworkingV1beta1HTTPIngressRuleValue( ingress_path) ingress.spec.rules.append(ingress_rule) if not ingress.spec.rules: ingress_dummy_backend = client.NetworkingV1beta1IngressBackend( service_name=ingress_info["ingress_controller_service_name"], service_port=80) ingress.spec.backend = ingress_dummy_backend return ingress
def _build_ingress(self, metadata): """Build ingress Kubernetes object. :param metadata: Common Kubernetes metadata for the interactive deployment. """ ingress_backend = client.NetworkingV1beta1IngressBackend( service_name=self.deployment_name, service_port=InteractiveDeploymentK8sBuilder.internal_service_port, ) ingress_rule_value = client.NetworkingV1beta1HTTPIngressRuleValue( [ client.NetworkingV1beta1HTTPIngressPath( path=self.path, backend=ingress_backend ) ] ) spec = client.NetworkingV1beta1IngressSpec( rules=[client.NetworkingV1beta1IngressRule(http=ingress_rule_value)] ) ingress = client.NetworkingV1beta1Ingress( api_version="networking.k8s.io/v1beta1", kind="Ingress", spec=spec, metadata=metadata, ) return ingress
def build_ingress(services, dns_suffix, dual_dns_prefix_annotation_name, ingress_info): ingress = client.NetworkingV1beta1Ingress() # init metadata ingress.metadata = client.V1ObjectMeta() ingress.metadata.name = ingress_info["ingress_name"] # init spec ingress.spec = client.NetworkingV1beta1IngressSpec() ingress.spec.rules = [] service_tuples = _create_ingress_service_tuples( services, dual_dns_prefix_annotation_name) for dns_prefix, port, service in service_tuples: ingress_rule = client.NetworkingV1beta1IngressRule() ingress_rule.host = "%s.%s" % (dns_prefix, dns_suffix) backend = client.NetworkingV1beta1IngressBackend( service_name=service.metadata.name, service_port=port) ingress_path = [ client.NetworkingV1beta1HTTPIngressPath(path="/", backend=backend) ] ingress_rule.http = client.NetworkingV1beta1HTTPIngressRuleValue( ingress_path) ingress.spec.rules.append(ingress_rule) if not ingress.spec.rules: ingress_dummy_backend = client.NetworkingV1beta1IngressBackend( service_name=ingress_info["ingress_controller_service_name"], service_port=80) ingress.spec.backend = ingress_dummy_backend return ingress
def create_ingress(networking_v1_beta1_api): body = client.NetworkingV1beta1Ingress( api_version="networking.k8s.io/v1beta1", kind="Ingress", metadata=client.V1ObjectMeta(name="ingress-example", annotations={ "nginx.ingress.kubernetes.io/rewrite-target": "/" }), spec=client.NetworkingV1beta1IngressSpec( rules=[client.NetworkingV1beta1IngressRule( host="example.com", http=client.NetworkingV1beta1HTTPIngressRuleValue( paths=[client.NetworkingV1beta1HTTPIngressPath( path="/", backend=client.NetworkingV1beta1IngressBackend( service_port=5678, service_name="service-example") )] ) ) ] ) ) # Creation of the Deployment in specified namespace # (Can replace "default" with a namespace you may have created) networking_v1_beta1_api.create_namespaced_ingress( namespace="default", body=body )
def get_obj(self): """ :description: Generate ingress obj. """ return client.NetworkingV1beta1Ingress( api_version=self.api_version, kind=self.kind, metadata=client.V1ObjectMeta(name=self.slug, annotations=self.annotations), spec=client.NetworkingV1beta1IngressSpec( selector=client.V1LabelSelector(match_labels=self.selector), rules=[ client.NetworkingV1beta1IngressRule( host=self.hostname, http=client. NetworkingV1beta1HTTPIngressRuleValue(paths=[ client.NetworkingV1beta1HTTPIngressPath( path=self.path, backend=client.NetworkingV1beta1IngressBackend( service_port=self.target_service.port, service_name=self.target_service.slug), ) ]), ) ], ), )
def create_ingress(api_instance, namespacename, resourceendpoint,resourceurl,resourceid): try: body = client.NetworkingV1beta1Ingress( api_version="networking.k8s.io/v1beta1", kind="Ingress", metadata=client.V1ObjectMeta(name=resourceid, annotations={ "nginx.ingress.kubernetes.io/rewrite-target": resourceurl }), spec=client.NetworkingV1beta1IngressSpec( rules=[client.NetworkingV1beta1IngressRule( http=client.NetworkingV1beta1HTTPIngressRuleValue( paths=[client.NetworkingV1beta1HTTPIngressPath( path=resourceendpoint, backend=client.NetworkingV1beta1IngressBackend( service_port=80, service_name=resourceid) )] ) ) ] ) ) # Creation of the Deployment in specified namespace # (Can replace "default" with a namespace you may have created) api_response = api_instance.create_namespaced_ingress( namespace=namespacename, body=body ) return("success", "Ingress_Intiated", api_response) except Exception as Error: return("error", "Ingress_Intiation_Failed", str(Error))
def create_ingress(self, metadata: dict, spec: dict): request = client.NetworkingV1beta1Ingress( api_version='networking.k8s.io/v1beta1', kind='Ingress', metadata=metadata, spec=spec) try: self._networking.create_namespaced_ingress(namespace='default', body=request) except ApiException as e: self._raise_runtime_error(e)
def deploy_ingress( self, target_service, port=None, title=None, ingress_labels=None, rewrite_path=True, ): ingress = self.get_ingress(ingress_labels) if not ingress: path = self.get_ingress_path(title) annotations = {} ingress_path = path if self.environment.ingress_class: annotations[ "kubernetes.io/ingress.class"] = self.environment.ingress_class if rewrite_path and self.environment.ingress_class: if self.environment.ingress_class == "nginx": annotations[ "nginx.ingress.kubernetes.io/rewrite-target"] = "/$1" ingress_path += "(.*)" elif self.environment.ingress_class == "haproxy": # annotations["ingress.kubernetes.io/path-rewrite"] = "%s(.*) /\\1" % path annotations["ingress.kubernetes.io/rewrite-target"] = "/" ingress = self.networking_api.create_namespaced_ingress( namespace=self.environment.namespace, body=kubernetes_client.NetworkingV1beta1Ingress( api_version="networking.k8s.io/v1beta1", kind="Ingress", metadata=kubernetes_client.V1ObjectMeta( name=self.generate_object_name(title), namespace=self.environment.namespace, labels=self.generate_object_labels(ingress_labels), annotations=annotations), spec=kubernetes_client.NetworkingV1beta1IngressSpec(rules=[ kubernetes_client.NetworkingV1beta1IngressRule( http=kubernetes_client. NetworkingV1beta1HTTPIngressRuleValue(paths=[ kubernetes_client. NetworkingV1beta1HTTPIngressPath( path=ingress_path, backend=kubernetes_client. NetworkingV1beta1IngressBackend( service_name=target_service.metadata. name, service_port=port, )) ])), ], ), ), ) return ingress
def create_k8s_ingress(namespace: str, name: str, annotations: dict, tls: bool, rules: dict, user): """ Create a Kubernetes ingress in the cluster. The Kubeportal API makes some simplifying assumptions: - TLS is a global configuration for an Ingress. - The necessary annotations come from the portal settings, not from the ingress definition. """ net_v1 = get_user_net_v1(user) logger.info(f"Creating Kubernetes ingress '{name}'") k8s_annotations = {item['key']: item['value'] for item in annotations} k8s_ing = client.NetworkingV1beta1Ingress( metadata=client.V1ObjectMeta(name=name, annotations=k8s_annotations)) k8s_rules = [] k8s_hosts = [] for rule in rules: host = rule["host"] k8s_hosts.append(host) paths = rule["paths"] k8s_rule = client.NetworkingV1beta1IngressRule(host=host) k8s_paths = [] for path_config in paths: k8s_backend = client.NetworkingV1beta1IngressBackend( service_name=path_config['service_name'], service_port=path_config['service_port']) k8s_paths.append( client.NetworkingV1beta1HTTPIngressPath(path=path_config.get( "path", None), backend=k8s_backend)) k8s_http = client.NetworkingV1beta1HTTPIngressRuleValue( paths=k8s_paths) k8s_rule.http = k8s_http k8s_rules.append(k8s_rule) k8s_spec = client.NetworkingV1beta1IngressSpec(rules=k8s_rules) if tls: k8s_ing.metadata.annotations[ 'cert-manager.io/cluster-issuer'] = settings.INGRESS_TLS_ISSUER k8s_spec.tls = [ client.NetworkingV1beta1IngressTLS(hosts=k8s_hosts, secret_name=f'{name}_tls') ] k8s_ing.spec = k8s_spec net_v1.create_namespaced_ingress(namespace, k8s_ing)
def test_create_ingress(self): self._networking_api.create_namespaced_ingress = Mock( side_effect=ApiException(500, 'Test')) ingress = client.NetworkingV1beta1Ingress( metadata=V1ObjectMeta(name='ingress'), ) with self.assertRaises(api.ApiError) as e: create_ingress(ingress=ingress, namespace='test', core_api=self._networking_api) expected = ("Error when creating the ingress ingress: (500)\n" "Reason: Test\n") self.assertEqual(expected, str(e.exception)) self.assertEqual(400, e.exception.status_code)
def get(self): return client.NetworkingV1beta1Ingress( api_version='networking.k8s.io/v1beta1', kind='Ingress', metadata=client.V1ObjectMeta( name='ingress-django-app', annotations={'kubernetes.io/ingress.class': 'nginx'}), spec=client.NetworkingV1beta1IngressSpec(rules=[ client.NetworkingV1beta1IngressRule( host='local.kangox.com', http=client.NetworkingV1beta1HTTPIngressRuleValue(paths=[ client.NetworkingV1beta1HTTPIngressPath( path='/', backend=client.NetworkingV1beta1IngressBackend( service_name='django-app', service_port=8080)) ])) ]))
def create_ingress(networking_v1_beta1_api, username): name = 'jlab-{}'.format(username) try: # TODO: Improve this parameterization so that no cluster-specific details are hard-coded body = client.NetworkingV1beta1Ingress( api_version="networking.k8s.io/v1beta1", kind="Ingress", metadata=client.V1ObjectMeta(name=name, annotations={ 'kubernetes.io/ingress.class': envvars.INGRESS_CLASS_JLAB_SERVER }), spec=client.NetworkingV1beta1IngressSpec( tls=[ client.ExtensionsV1beta1IngressTLS( hosts=[ envvars.BASE_DOMAIN ], secret_name=envvars.TLS_SECRET ) ], rules=[client.NetworkingV1beta1IngressRule( host=envvars.BASE_DOMAIN, http=client.NetworkingV1beta1HTTPIngressRuleValue( paths=[client.NetworkingV1beta1HTTPIngressPath( path="{}/jlab/{}".format(envvars.FRONTEND_BASE_PATH, username), backend=client.NetworkingV1beta1IngressBackend( service_port=8888, service_name=name) )] ) ) ] ) ) # Creation of the Ingress in specified namespace networking_v1_beta1_api.create_namespaced_ingress( namespace=namespace, body=body ) except ApiException as e: error_msg = str(e).strip() logger.error(error_msg)
def create_k8s_ingress(namespace, name, urls, annotations={}, wait_for_seconds=DEFAULT_WAIT_TIME): networking_api.create_namespaced_ingress( namespace, k8s_client.NetworkingV1beta1Ingress( api_version='networking.k8s.io/v1beta1', kind='Ingress', metadata=k8s_client.V1ObjectMeta( name=name, annotations={f'{GROUP}/{k}': v for k,v in annotations.items()} ), spec=k8s_client.NetworkingV1beta1IngressSpec( rules=[ k8s_client.NetworkingV1beta1IngressRule( host=url ) for url in urls ] ) ) ) time.sleep(wait_for_seconds)
def create_ingress(networking_v1_beta1_api): body = client.NetworkingV1beta1Ingress( api_version="networking.k8s.io/v1beta1", kind="Ingress", metadata=client.V1ObjectMeta( name="minio-ingress", labels={"app": "minio"}, annotations={"nginx.ingress.kubernetes.io/rewrite-target": "/"}), spec=client.NetworkingV1beta1IngressSpec(rules=[ client.NetworkingV1beta1IngressRule( host="minio.kubernetes.local", http=client.NetworkingV1beta1HTTPIngressRuleValue(paths=[ client.NetworkingV1beta1HTTPIngressPath( path="/", backend=client.NetworkingV1beta1IngressBackend( service_port=9000, service_name="minio-service")) ])) ])) networking_v1_beta1_api.create_namespaced_ingress(namespace="default", body=body)
def create_ingress(namespace, ingress_name, host, path, service_name, service_port): body = client.NetworkingV1beta1Ingress( api_version="networking.k8s.io/v1beta1", kind="Ingress", metadata=client.V1ObjectMeta( name=ingress_name, annotations='{"kubernetes.io/ingress.class": "nginx"}'), spec=client.NetworkingV1beta1IngressSpec(rules=[ client.NetworkingV1beta1IngressRule( host=host, http=client.NetworkingV1beta1HTTPIngressRuleValue(paths=[ client.NetworkingV1beta1HTTPIngressPath( path=path, backend=client.NetworkingV1beta1IngressBackend( service_port=servcie_port, service_name=service_name)) ])) ])) myclient = client.AppsV1Api().NetworkingV1beta1Api() myclient.create_namespaced_ingress(namespace=namespace, body=body)
def create_ingress_object(name: str, service_name: str, service_port: int, user_id: str, host_uri: str) -> client.NetworkingV1beta1Ingress: webapi_host = host_uri body = client.NetworkingV1beta1Ingress( api_version="networking.k8s.io/v1beta1", kind="Ingress", metadata=client.V1ObjectMeta(name=name, annotations={ "proxy_set_header": "Upgrade $http_upgrade; Connection \"upgrade\"", "nginx.ingress.kubernetes.io/proxy-connect-timeout": "86400", "nginx.ingress.kubernetes.io/proxy-read-timeout": "86400", "nginx.ingress.kubernetes.io/proxy-send-timeout": "86400", "nginx.ingress.kubernetes.io/send-timeout": "86400", "nginx.ingress.kubernetes.io/proxy-body-size": "2000m", "nginx.ingress.kubernetes.io/enable-cors": "true", "nginx.ingress.kubernetes.io/websocket-services": service_name }), spec=client.NetworkingV1beta1IngressSpec( rules=[client.NetworkingV1beta1IngressRule( host=webapi_host, http=client.NetworkingV1beta1HTTPIngressRuleValue( paths=[client.NetworkingV1beta1HTTPIngressPath( path="/" + user_id + "/.*", backend=client.NetworkingV1beta1IngressBackend( service_port=service_port, service_name=service_name) )] ) ) ] ) ) return body
def create_or_update_ingress(self, metadata, spec, name, namespace='default'): request = client.NetworkingV1beta1Ingress( api_version='networking.k8s.io/v1beta1', kind='Ingress', metadata=metadata, spec=spec) try: self._networking.read_namespaced_ingress(name, namespace) # If the ingress already exists, then we use patch to replace it. # We don't use replace method because it requires `resourceVersion`. self._networking.patch_namespaced_ingress(name, namespace, request) return except ApiException as e: # 404 is expected if the ingress does not exist if e.status != HTTPStatus.NOT_FOUND: self._raise_runtime_error(e) try: self._networking.create_namespaced_ingress(namespace, request) except ApiException as e: self._raise_runtime_error(e)
def update_ingress(self, ingress_name: str, ingress_body: dict): paths = self._update_ingress_paths(ingress_body) body = client.NetworkingV1beta1Ingress( api_version="networking.k8s.io/v1beta1", kind="Ingress", metadata=client.V1ObjectMeta( name=ingress_name, annotations={ "nginx.ingress.kubernetes.io/rewrite-target": "/" }), spec=client.NetworkingV1beta1IngressSpec(rules=[ client.NetworkingV1beta1IngressRule( http=client.NetworkingV1beta1HTTPIngressRuleValue( paths=paths)) ])) # check the current ingress list ingress_list = self.api_instance.list_namespaced_ingress_with_http_info( namespace='default') if ingress_list[1] != 200: raise ServiceRequestError("ingress response code is not 200") # get the ingress name of each ingress ingress_names = [ele.metadata.name for ele in ingress_list[0].items] # check if the ingress_name in the list if ingress_name in ingress_names: # if the ingress is exist, update it self.api_instance.replace_namespaced_ingress_with_http_info( name=ingress_name, namespace='default', body=body) else: # otherwise, create new one self.api_instance.create_namespaced_ingress_with_http_info( namespace='default', body=body)
def get_ingress(self, name, namespace='default'): return client.NetworkingV1beta1Ingress( api_version='networking.k8s.io/v1beta1', kind='Ingress', metadata=client.V1ObjectMeta(name=name, namespace=namespace), spec=client.NetworkingV1beta1IngressSpec())
def create_site_ingress(site_name): k8s_settings = frappe.get_single("K8s Bench Settings") if ( not k8s_settings.namespace or not k8s_settings.wildcard_domain or not k8s_settings.wildcard_tls_secret_name or not k8s_settings.cert_manager_cluster_issuer ): not_set = "NOT_SET" out = { "namespace": k8s_settings.namespace or not_set, "wildcard_domain": k8s_settings.wildcard_domain or not_set, "wildcard_tls_secret_name": k8s_settings.wildcard_tls_secret_name or not_set, "cert_manager_cluster_issuer": k8s_settings.cert_manager_cluster_issuer or not_set, } frappe.local.response["http_status_code"] = 501 return out load_config() networking_v1_api = client.NetworkingV1beta1Api() body = client.NetworkingV1beta1Ingress() body.metadata = client.V1ObjectMeta( namespace=k8s_settings.namespace, name=site_name, annotations={ "cert-manager.io/cluster-issuer": k8s_settings.cert_manager_cluster_issuer }, ) body.status = client.V1JobStatus() body.spec = client.NetworkingV1beta1IngressSpec( rules=[ client.NetworkingV1beta1IngressRule( host=site_name, http=client.NetworkingV1beta1HTTPIngressRuleValue( paths=[ client.NetworkingV1beta1HTTPIngressPath( backend=client.NetworkingV1beta1IngressBackend( service_name=k8s_settings.service_name, service_port=80 ) ) ] ), ), ], tls=[ client.NetworkingV1beta1IngressTLS( hosts=[f"*.{k8s_settings.wildcard_domain}"], secret_name=k8s_settings.wildcard_tls_secret_name, ), ], ) try: ingress = networking_v1_api.create_namespaced_ingress( k8s_settings.namespace, body ) return to_dict(ingress) except (ApiException, Exception) as e: status_code = getattr(e, "status", 500) out = {"error": e, "params": {"site_name": site_name}} reason = getattr(e, "reason") if reason: out["reason"] = reason frappe.log_error( out, "Exception: NetworkingV1beta1Api->create_namespaced_ingress" ) frappe.local.response["http_status_code"] = status_code return out