def build_k8s_config(config_path):
cluster_path = os.path.join(config_path, "cluster.yaml")
if not os.path.isfile(cluster_path):
cluster_path = os.path.join(config_path, STATUS_YAML)
with open(cluster_path) as f:
cluster_config = yaml.full_load(f)
config = Configuration()
infra_host = find_infra_node_name(cluster_config["machines"])
if os.path.isfile(cluster_path):
config.host = "https://%s.%s:1443" % (
infra_host, cluster_config["network"]["domain"])
basic_auth = cluster_config["basic_auth"]
else:
config.host = cluster_config["machines"][infra_host]["fqdns"]
with open(os.path.join(config_path, "clusterID",
"k8s_basic_auth.yml")) as auf:
basic_auth = yaml.safe_load(auf)["basic_auth"]
config.username = basic_auth.split(",")[1]
config.password = basic_auth.split(",")[0]
bearer = "%s:%s" % (config.username, config.password)
encoded = base64.b64encode(bearer.encode("utf-8")).decode("utf-8")
config.api_key["authorization"] = "Basic " + encoded
config.ssl_ca_cert = os.path.join(config_path, "ssl/apiserver/ca.pem")
return config
def _get_api(cluster):
""" Get custom objects api associated with a cluster specifier.
"""
if cluster is None:
load_incluster_config()
api = CustomObjectsApi()
elif cluster == 'remote_transcode':
host = os.getenv('REMOTE_TRANSCODE_HOST')
port = os.getenv('REMOTE_TRANSCODE_PORT')
token = os.getenv('REMOTE_TRANSCODE_TOKEN')
cert = os.getenv('REMOTE_TRANSCODE_CERT')
conf = Configuration()
conf.api_key['authorization'] = token
conf.host = f'https://{host}:{port}'
conf.verify_ssl = True
conf.ssl_ca_cert = cert
api_client = ApiClient(conf)
api = CustomObjectsApi(api_client)
else:
cluster_obj = JobCluster.objects.get(pk=cluster)
host = cluster_obj.host
port = cluster_obj.port
token = cluster_obj.token
fd, cert = tempfile.mkstemp(text=True)
with open(fd, 'w') as f:
f.write(cluster_obj.cert)
conf = Configuration()
conf.api_key['authorization'] = token
conf.host = f'https://{host}:{port}'
conf.verify_ssl = True
conf.ssl_ca_cert = cert
api_client = ApiClient(conf)
api = CustomObjectsApi(api_client)
return api
def connect():
config_file = None
if os.environ.get('RD_CONFIG_ENV') == 'incluster':
config.load_incluster_config()
return
if os.environ.get('RD_CONFIG_CONFIG_FILE'):
config_file = os.environ.get('RD_CONFIG_CONFIG_FILE')
url = None
if os.environ.get('RD_CONFIG_URL'):
url = os.environ.get('RD_CONFIG_URL')
verify_ssl = None
if os.environ.get('RD_CONFIG_VERIFY_SSL'):
verify_ssl = os.environ.get('RD_CONFIG_VERIFY_SSL')
ssl_ca_cert = None
if os.environ.get('RD_CONFIG_SSL_CA_CERT'):
ssl_ca_cert = os.environ.get('RD_CONFIG_SSL_CA_CERT')
token = None
if os.environ.get('RD_CONFIG_TOKEN'):
token = os.environ.get('RD_CONFIG_TOKEN')
log.debug("config file")
log.debug(config_file)
log.debug("-------------------")
if config_file:
log.debug("getting settings from file %s" % config_file)
config.load_kube_config(config_file=config_file)
else:
if url:
log.debug("getting settings from pluing configuration")
configuration = Configuration()
configuration.host = url
if verify_ssl == 'true':
configuration.verify_ssl = verify_ssl
else:
configuration.verify_ssl = None
if ssl_ca_cert:
configuration.ssl_ca_cert = ssl_ca_cert
configuration.api_key['authorization'] = token
configuration.api_key_prefix['authorization'] = 'Bearer'
client.Configuration.set_default(configuration)
else:
log.debug("getting from default config file")
config.load_kube_config()
c = Configuration()
c.assert_hostname = False
Configuration.set_default(c)
def _set_config(self):
configuration = Configuration()
configuration.host = CniService.config.host
configuration.ssl_ca_cert = CniService.ssl_ca_cert
configuration.api_key['authorization'] = CniService.config.api_key[
'authorization']
Configuration.set_default(configuration)
def mock_kube_get_kubernetes_config(obj):
config = Configuration()
config.host = FAKE_API_ENDPOINT
config.ssl_ca_cert = self.ssl_ca_file.name
config.cert_file = self.cert_file.name
config.key_file = self.key_file.name
return config
def __init__(self):
""" Intializes the connection. If environment variables for
remote transcode are defined, connect to that cluster.
"""
host = os.getenv('REMOTE_TRANSCODE_HOST')
port = os.getenv('REMOTE_TRANSCODE_PORT')
token = os.getenv('REMOTE_TRANSCODE_TOKEN')
cert = os.getenv('REMOTE_TRANSCODE_CERT')
self.remote = host is not None
if self.remote:
conf = Configuration()
conf.api_key['authorization'] = token
conf.host = f'https://{host}:{port}'
conf.verify_ssl = True
conf.ssl_ca_cert = cert
api_client = ApiClient(conf)
self.corev1 = CoreV1Api(api_client)
self.custom = CustomObjectsApi(api_client)
else:
load_incluster_config()
self.corev1 = CoreV1Api()
self.custom = CustomObjectsApi()
self.setup_common_steps()
def build_client(self):
configuration = Configuration()
configuration.api_key['authorization'] = "Bearer {}".format(self.auth_info['K8S-Token'])
configuration.host = self.auth_info['K8S-Endpoint']
configuration.verify_ssl = self._verify_ssl
api_client = ApiClient(configuration)
return K8sClient(api_client)
def __init__(self, alg):
""" Intializes the connection. If algorithm object includes
a remote cluster, use that. Otherwise, use this cluster.
"""
if alg.cluster:
host = alg.cluster.host
port = alg.cluster.port
token = alg.cluster.token
fd, cert = tempfile.mkstemp(text=True)
with open(fd, 'w') as f:
f.write(alg.cluster.cert)
conf = Configuration()
conf.api_key['authorization'] = token
conf.host = f'{PROTO}{host}:{port}'
conf.verify_ssl = True
conf.ssl_ca_cert = cert
api_client = ApiClient(conf)
self.corev1 = CoreV1Api(api_client)
self.custom = CustomObjectsApi(api_client)
else:
load_incluster_config()
self.corev1 = CoreV1Api()
self.custom = CustomObjectsApi()
# Read in the manifest.
if alg.manifest:
self.manifest = yaml.safe_load(alg.manifest.open(mode='r'))
# Save off the algorithm.
self.alg = alg
def client(self):
configuration = Configuration()
configuration.api_key['authorization'] = "Bearer {}".format(
self.headers['K8S-Token'])
configuration.host = self.headers['K8S-Endpoint']
configuration.verify_ssl = self._verify_ssl
api_client = ApiClient(configuration)
return CoreV1Api(api_client)
def set_config(self):
configuration = Configuration()
configuration.api_key["authorization"] = self.get_access_token()
configuration.api_key_prefix["authorization"] = "Bearer"
configuration.host = os.environ.get("GKE_MASTER_SERVER")
configuration.verify_ssl = False
configuration.assert_hostname = False
Configuration.set_default(configuration)
def get_api_client(self):
configuration = Configuration()
configuration.verify_ssl = False
configuration.host = self.cluster.api
configuration.api_key['authorization'] = self.cluster.token
configuration.api_key_prefix['authorization'] = 'Bearer'
api_client = ApiClient(configuration)
return api_client
def get_rest_client(self):
configuration = Configuration()
configuration.verify_ssl = False
configuration.host = self.cluster.api
configuration.api_key['authorization'] = self.cluster.token
configuration.api_key_prefix['authorization'] = 'Bearer'
rest_client = RESTClientObject(configuration)
return rest_client
def get_config(cluster):
'''
:param cluster: k8s集群的配置对象
:return: 返回一个config对象
'''
configuration = Configuration()
configuration.verify_ssl = False
configuration.host = cluster.api
configuration.api_key['authorization'] = cluster.token
configuration.api_key_prefix['authorization'] = 'Bearer'
return configuration
def __init__(self, websocket, **kwargs):
self.websocket = websocket
self.cols = int(kwargs.get('cols', 80))
self.rows = int(kwargs.get('rows', 24))
self.need_auth = bool(kwargs.get('need_auth', True))
self.auth_ok = not self.need_auth
conf = Configuration()
conf.host = KUBERNETES_API_SERVER_URL
conf.verify_ssl = False
conf.api_key = {"authorization": "Bearer " + KUBERNETES_CLUSTER_TOKEN}
self.api_client = core_v1_api.CoreV1Api(ApiClient(conf))
self.api_response = None
def connect():
config_file = None
if os.environ.get('RD_CONFIG_ENV') == 'incluster':
config.load_incluster_config()
return
if os.environ.get('RD_CONFIG_CONFIG_FILE'):
config_file = os.environ.get('RD_CONFIG_CONFIG_FILE')
elif os.environ.get('RD_NODE_KUBERNETES_CONFIG_FILE'):
config_file = os.environ.get('RD_NODE_KUBERNETES_CONFIG_FILE')
verify_ssl = os.environ.get('RD_CONFIG_VERIFY_SSL')
ssl_ca_cert = os.environ.get('RD_CONFIG_SSL_CA_CERT')
url = os.environ.get('RD_CONFIG_URL')
token = os.environ.get('RD_CONFIG_TOKEN')
if not token:
token = os.environ.get('RD_CONFIG_TOKEN_STORAGE_PATH')
log.debug("config file")
log.debug(config_file)
log.debug("-------------------")
if config_file:
log.debug("getting settings from file %s", config_file)
config.load_kube_config(config_file=config_file)
else:
if url and token:
log.debug("getting settings from plugin configuration")
configuration = Configuration()
configuration.host = url
if verify_ssl == 'true':
configuration.verify_ssl = verify_ssl
else:
configuration.verify_ssl = None
configuration.assert_hostname = False
if ssl_ca_cert:
configuration.ssl_ca_cert = ssl_ca_cert
configuration.api_key['authorization'] = token
configuration.api_key_prefix['authorization'] = 'Bearer'
client.Configuration.set_default(configuration)
else:
log.debug(
"Either URL or Token is not defined. Fall back to getting settings from default config file [$home/.kube/config]"
)
config.load_kube_config()
def get_api_client():
proxy_url = os.getenv('HTTP_PROXY', None)
if proxy_url:
print("Setting proxy: {}".format(proxy_url))
my_api_config = Configuration()
my_api_config.host = proxy_url
my_api_config.proxy = proxy_url
my_api_config = client.ApiClient(my_api_config)
else:
config.load_kube_config()
my_api_config = client.ApiClient()
return my_api_config
def setup_collector():
kube_config = Configuration()
kube_config.host = "https://localhost:3000"
kube_config.verify_ssl = False
dyn_client = DynamicClient(ApiClient(configuration=kube_config))
username = "******"
token = "gittoken"
git_api = "localhost:3000"
namespaces = (
"basic-nginx-build,basic-nginx-dev,basic-nginx-stage,basic-nginx-prod".
split(","))
apps = None
tls_verify = False
return GitHubCommitCollector(dyn_client, username, token, namespaces, apps,
git_api, tls_verify)
def _set_config(self, refresh_token):
configuration = Configuration()
configuration.host = self.host
configuration.ssl_ca_cert = self.ssl_ca_cert
configuration.api_key['authorization'] = "bearer " + self.token
Configuration.set_default(configuration)
if not refresh_token:
return
def wrap(f):
in_cluster_config = self
def wrapped(self, identifier):
if identifier == 'authorization' and identifier in self.api_key and in_cluster_config.token_expires_at <= datetime.datetime.now():
in_cluster_config._read_token_file()
self.api_key[identifier] = "bearer " + in_cluster_config.token
return f(self, identifier)
return wrapped
Configuration.get_api_key_with_prefix = wrap(Configuration.get_api_key_with_prefix)
def init_k8s_client(kube_context: str) -> client.CoreV1Api:
env = os.environ
if kube_context:
# config.load_kube_config()
config.load_kube_config(kube_context)
configuration = Configuration()
configuration.verify_ssl = bool(
strtobool((env.get("KUBERNETES_VERIFY_SSL", "false"))))
api_client = client.ApiClient(configuration)
return client.CoreV1Api(api_client)
elif env.get("CHAOSTOOLKIT_IN_POD") == "true":
config.load_incluster_config()
proxy_url = os.getenv('HTTP_PROXY', None)
if proxy_url:
configuration = Configuration()
configuration.proxy = proxy_url
api_client = client.ApiClient(configuration)
return client.CoreV1Api(api_client)
else:
api = client.ApiClient()
return client.CoreV1Api(api)
else:
configuration = client.Configuration()
configuration.debug = True
configuration.host = os.environ.get("KUBERNETES_HOST",
"http://localhost")
configuration.verify_ssl = bool(
strtobool((env.get("KUBERNETES_VERIFY_SSL", "false"))))
configuration.cert_file = os.environ.get("KUBERNETES_CA_CERT_FILE")
if "KUBERNETES_CERT_FILE" in env:
configuration.cert_file = os.environ.get(
"KUBERNETES_CERT_FILE")
configuration.key_file = os.environ.get("KUBERNETES_KEY_FILE")
elif "KUBERNETES_USERNAME" in env:
configuration.username = os.environ.get("KUBERNETES_USERNAME")
configuration.password = os.environ.get(
"KUBERNETES_PASSWORD", "")
proxy_url = os.getenv('HTTP_PROXY', None)
if proxy_url:
configuration.proxy = proxy_url
api = client.ApiClient(configuration)
return client.CoreV1Api(api)
def __init__(self, alg):
""" Intializes the connection. If algorithm object includes
a remote cluster, use that. Otherwise, use this cluster.
"""
if alg.cluster:
host = alg.cluster.host
port = alg.cluster.port
token = alg.cluster.token
fd, cert = tempfile.mkstemp(text=True)
with open(fd, 'w') as f:
f.write(alg.cluster.cert)
conf = Configuration()
conf.api_key['authorization'] = token
conf.host = f'{PROTO}{host}:{port}'
conf.verify_ssl = True
conf.ssl_ca_cert = cert
api_client = ApiClient(conf)
self.corev1 = CoreV1Api(api_client)
self.custom = CustomObjectsApi(api_client)
else:
load_incluster_config()
self.corev1 = CoreV1Api()
self.custom = CustomObjectsApi()
# Read in the manifest.
if alg.manifest:
self.manifest = yaml.safe_load(alg.manifest.open(mode='r'))
if 'volumeClaimTemplates' in self.manifest['spec']:
for claim in self.manifest['spec']['volumeClaimTemplates']:
storage_class_name = claim['spec'].get(
'storageClassName', None)
if storage_class_name is None:
claim['storageClassName'] = os.getenv(
'WORKFLOW_STORAGE_CLASS')
logger.warning(
f"Implicitly sc to pvc of Algo:{alg.pk}")
# Save off the algorithm.
self.alg = alg
def load_kubernetes_config():
"""
dynamic load config file
:return:
"""
# use kube config default location while there are no ENVIRONMENTS about kubernetes config
try:
if KUBE_HOST is not None:
from kubernetes.client import Configuration
configuration = Configuration()
configuration.host = KUBE_HOST
configuration.verify_ssl = False
Configuration.set_default(configuration)
return
config.load_kube_config()
if KUBE_CONFIG_FILE is not None:
config.load_kube_config(KUBE_CONFIG_FILE)
except FileNotFoundError as e:
raise Exception(str(e), 500)
def create_pull_secrets():
if create_missing_pull_secrets_str.lower() != 'true':
return None
k8s_config = Configuration()
k8s_config.host = kubernetes_api_endpoint
k8s_api_client = ApiClient(configuration=k8s_config)
v1 = k8sclient.CoreV1Api(api_client=k8s_api_client)
namespaces = v1.list_namespace()
for namespace in namespaces.items:
ns_secrets = v1.list_namespaced_secret(namespace.metadata.name)
has_ecr_secret = [
x for x in ns_secrets.items if x.metadata.name == pull_secret_name
]
if not has_ecr_secret:
k8s_secret = {'server': {'username': '******', 'password': '******'}}
b64_k8s_secret = base64.b64encode(
json.dumps(k8s_secret).encode('utf-8')).decode('utf-8')
secret_body = {
'kind': 'Secret',
'apiVersion': 'v1',
'metadata': {
'name': pull_secret_name,
'creationTimestamp': None
},
'data': {
'.dockerconfigjson': b64_k8s_secret
},
'type': 'kubernetes.io/dockerconfigjson'
}
logger.info('Creating secret %s in namespace %s', pull_secret_name,
namespace.metadata.name)
try:
v1.create_namespaced_secret(namespace.metadata.name,
secret_body)
except ApiException:
logger.exception('Could not create secret %s in namespace %s',
pull_secret_name, namespace.metadata.name)
def _set_config(self):
configuration = Configuration()
configuration.host = self.host
configuration.ssl_ca_cert = self.ssl_ca_cert
configuration.api_key['authorization'] = "bearer " + self.token
Configuration.set_default(configuration)
def update_ecr():
print('starting update loop')
client = boto3.client('ecr')
response = client.get_authorization_token()
token = response['authorizationData'][0]['authorizationToken']
server = response['authorizationData'][0]['proxyEndpoint']
decoded_token = base64.b64decode(token)
registry_username = decoded_token.split(':')[0]
registry_password = decoded_token.split(':')[1]
k8sconfig = Configuration()
k8sconfig.host = "localhost:8001"
myapiclient = ApiClient(config=k8sconfig)
v1 = k8sclient.CoreV1Api(api_client=myapiclient)
secrets = v1.list_secret_for_all_namespaces()
registry_secrets = [
x for x in secrets._items if x.metadata.name == pull_secret_name
]
print('pull secret name to search for: ' + pull_secret_name)
print('found {} registry_secrets matching name'.format(
str(len(registry_secrets))))
for secret in registry_secrets:
secret_name = secret.metadata.name
if secret.type == 'kubernetes.io/dockercfg':
print('Updating secret {} (type kubernetes.io/dockercfg)'.format(
secret_name))
k8s_secret = {
server: {
"username": registry_username,
"password": registry_password
}
}
body = {
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
"name": "ecr",
"creationTimestamp": None
},
"data": {
".dockercfg":
base64.b64encode(bytes(json.dumps(k8s_secret)), 'utf-8')
},
"type": "kubernetes.io/dockercfg"
}
res = v1.patch_namespaced_secret(secret.metadata.name,
secret.metadata.namespace, body)
elif secret.type == 'kubernetes.io/dockerconfigjson':
print('Updating secret {} (type kubernetes.io/dockerconfigjson)'.
format(secret_name))
k8s_secret = {
'auths': {
server: {
"username": registry_username,
"password": registry_password
}
}
}
body = {
"kind": "Secret",
"apiVersion": "v1",
"metadata": {
"name": "ecr",
"creationTimestamp": None
},
"data": {
".dockerconfigjson":
base64.b64encode(bytes(json.dumps(k8s_secret)), 'utf-8')
},
"type": "kubernetes.io/dockerconfigjson"
}
res = v1.patch_namespaced_secret(secret.metadata.name,
secret.metadata.namespace, body)
else:
print('Unknown secret type for secret {}: {}'.format(
secret_name, secret.type))
def get_kubernetes_api_client():
conf = Configuration()
conf.host = KUBERNETES_API_SERVER_URL
conf.verify_ssl = False
conf.api_key = {"authorization": "Bearer " + KUBERNETES_CLUSTER_TOKEN}
return ApiClient(conf)
import time
from yaml import load as load_yaml
from flask import Flask
from json import dumps
from kubernetes import client
from kubernetes.client import Configuration, ApiClient
from kubernetes.client.rest import ApiException
app = Flask(__name__)
k8s_local_config = Configuration()
k8s_local_config.host = "localhost:8001"
k8s_local_client = ApiClient(config=k8s_local_config)
batch_api = client.BatchV1Api(api_client=k8s_local_client)
@app.route('/trigger-job', methods=['POST'])
def trigger_job():
print('trigger-job')
with open('job-template.yaml', 'r') as yaml_file:
job_spec = load_yaml(yaml_file)
job_spec['metadata']['name'] = 'job-%s' % int(time.time() * 1000)
try:
batch_api.create_namespaced_job('default', job_spec)
return dumps({'result': job_spec['metadata']['name']}), 200, {
"Content-Type": "application/json"
def update_ecr():
logger.info('Starting ECR secret update loop ..')
client = boto3.client('ecr')
response = client.get_authorization_token()
token = response['authorizationData'][0]['authorizationToken']
server = response['authorizationData'][0]['proxyEndpoint']
bare_server = server.replace('https://', '')
decoded_token = base64.b64decode(token).decode('utf-8')
registry_username = decoded_token.split(':')[0]
registry_password = decoded_token.split(':')[1]
k8s_config = Configuration()
k8s_config.host = kubernetes_api_endpoint
k8s_api_client = ApiClient(configuration=k8s_config)
v1 = k8sclient.CoreV1Api(api_client=k8s_api_client)
secrets = v1.list_secret_for_all_namespaces()
registry_secrets = [
x for x in secrets.items if x.metadata.name == pull_secret_name
]
logger.info('Found %s registry_secrets matching name %s',
len(registry_secrets), pull_secret_name)
for secret in registry_secrets:
secret_name = secret.metadata.name
if secret.type == 'kubernetes.io/dockercfg':
logger.info(
'Updating secret %s (type kubernetes.io/dockercfg) in namespace %s',
secret_name, secret.metadata.namespace)
k8s_secret = {
server: {
'username': registry_username,
'password': registry_password
}
}
b64_k8s_secret = base64.b64encode(
json.dumps(k8s_secret).encode('utf-8')).decode('utf-8')
body = {
'kind': 'Secret',
'apiVersion': 'v1',
'metadata': {
'name': pull_secret_name,
'creationTimestamp': None
},
'data': {
'.dockercfg': b64_k8s_secret
},
'type': 'kubernetes.io/dockercfg'
}
res = v1.patch_namespaced_secret(secret.metadata.name,
secret.metadata.namespace, body)
elif secret.type == 'kubernetes.io/dockerconfigjson':
logger.info(
'Updating secret %s (type kubernetes.io/dockerconfigjson) in namespace %s',
secret_name, secret.metadata.namespace)
k8s_secret = {
'auths': {
bare_server: {
'username': registry_username,
'password': registry_password
}
}
}
b64_k8s_secret = base64.b64encode(
json.dumps(k8s_secret).encode('utf-8')).decode('utf-8')
body = {
'kind': 'Secret',
'apiVersion': 'v1',
'metadata': {
'name': pull_secret_name,
'creationTimestamp': None
},
'data': {
'.dockerconfigjson': b64_k8s_secret
},
'type': 'kubernetes.io/dockerconfigjson'
}
res = v1.patch_namespaced_secret(secret.metadata.name,
secret.metadata.namespace, body)
else:
logger.warning('Unknown secret type for secret name %s: %s'.format(
secret_name, secret.type))
def __init__(self,
cluster_spec,
cluster_conf=None,
kubeconfig=None,
kubeconfig_context=None,
cephfs=False,
cephfs_volume_size=None,
cvmfs=False,
debug=False,
url=None):
"""Initialise Kubernetes specific ReanaBackend-object.
:param cluster_spec: Dictionary representing complete REANA
cluster spec file.
:param cluster_conf: A generator/iterable of Kubernetes YAML manifests
of REANA components as Python objects. If set to `None`
cluster_conf will be generated from manifest templates in
`templates` folder specified in `_conf.templates_folder`
:param kubeconfig: Name of the kube-config file to use for configuring
reana-cluster. If set to `None` then `$HOME/.kube/config` will be
used.
Note: Might pickup a config-file defined in $KUBECONFIG as well.
:param kubeconfig_context: set the active context. If is set to `None`,
current_context from config file will be used.
:param cephfs: Boolean flag toggling the usage of a cephfs volume as
storage backend.
:param cephfs_volume_size: Int number which represents cephfs volume
size (GB)
:param cvmfs: Boolean flag toggling the mounting of cvmfs volumes in
the cluster pods.
:param debug: Boolean flag setting debug mode.
:param url: REANA cluster url.
"""
logging.debug('Creating a ReanaBackend object '
'for Kubernetes interaction.')
# Load Kubernetes cluster configuration. If reana-cluster.yaml
# doesn't specify this K8S Python API defaults to '$HOME/.kube/config'
self.kubeconfig = kubeconfig or \
cluster_spec['cluster'].get('config', None)
self.kubeconfig_context = kubeconfig_context or \
cluster_spec['cluster'].get('config_context', None)
k8s_api_client_config = Configuration()
if cluster_spec['cluster'].get('kubeproxy', None):
k8s_api_client_config.host = cluster_spec['cluster'].get(
'kubeproxy')
else:
k8s_config.load_kube_config(kubeconfig, self.kubeconfig_context,
k8s_api_client_config)
Configuration.set_default(k8s_api_client_config)
# Instantiate clients for various Kubernetes REST APIs
self._corev1api = k8s_client.CoreV1Api()
self._versionapi = k8s_client.VersionApi()
self._extbetav1api = k8s_client.ExtensionsV1beta1Api()
self._rbacauthorizationv1api = k8s_client.RbacAuthorizationV1Api()
self._storagev1api = k8s_client.StorageV1Api()
self.k8s_api_client_config = k8s_api_client_config
self.cluster_spec = cluster_spec
self.cluster_conf = cluster_conf or \
self.generate_configuration(cluster_spec,
cephfs=cephfs,
cephfs_volume_size=cephfs_volume_size,
debug=debug,
url=url)
def _set_config(self):
configuration = Configuration()
configuration.host = self.host
configuration.ssl_ca_cert = self.ssl_ca_cert
configuration.api_key['authorization'] = "bearer " + self.token
Configuration.set_default(configuration)
