From 317ab12c508ec17c938f0b6e43ca2f378bf8c9c3 Mon Sep 17 00:00:00 2001 From: Francesco Ilario Date: Thu, 13 Jul 2023 18:15:10 +0200 Subject: [PATCH] Remove kind specific code (#37) Signed-off-by: Francesco Ilario --- README.md | 59 ++++++++++--------- .../primazactl/cmd/create/namespace/common.py | 15 ++++- scripts/src/primazactl/cmd/join/parser.py | 10 ++++ .../src/primazactl/primaza/primazacluster.py | 53 ++++++----------- .../src/primazactl/primazamain/maincluster.py | 6 +- .../primazactl/primazaworker/workercluster.py | 7 ++- .../primazaworker/workernamespace.py | 5 +- scripts/src/primazatest/runtest.py | 40 +++++++++++-- 8 files changed, 118 insertions(+), 77 deletions(-) diff --git a/README.md b/README.md index 8e2808b..aa0579c 100644 --- a/README.md +++ b/README.md @@ -123,7 +123,7 @@ Primazactl help is organized in a hierarchy with contextual help available for d - enables primaza tenant to access the namespace - creates two service accounts for the service-namespace to access kubernetes resources based on two different roles. - provides join cluster service account with access to the namespace - + ## Create tenant command ### Create tenant help @@ -187,7 +187,7 @@ options: - No output produced. - Use in conjunction with `--output--` to get output without creating resources. - Default: none - resources are persisted. - + ## Delete tenant command ### Delete tenant help @@ -222,8 +222,8 @@ Notes: ### Join cluster help ``` -usage: primazactl join cluster [-h] [-x] [-y {client,server,none}] [-o {yaml,none}] [-f CONFIG] [-v VERSION] [-c CONTEXT] [-k KUBECONFIG] -d - CLUSTER_ENVIRONMENT -e ENVIRONMENT [-l TENANT_KUBECONFIG] [-m TENANT_CONTEXT] [-t TENANT] +usage: primazactl join cluster [-h] [-x] [-y {client,server,none}] [-o {yaml,none}] [-f CONFIG] [-v VERSION] [-c CONTEXT] [-k KUBECONFIG] [-u INTERNAL_URL] -d CLUSTER_ENVIRONMENT -e ENVIRONMENT [-l TENANT_KUBECONFIG] [-m TENANT_CONTEXT] + [-t TENANT] options: -h, --help show this help message and exit @@ -240,13 +240,14 @@ options: name of cluster, as it appears in kubeconfig, to join, default: current kubeconfig context -k KUBECONFIG, --kubeconfig KUBECONFIG path to kubeconfig file, default: KUBECONFIG environment variable if set, otherwise //.kube/config + -u INTERNAL_URL, --internal-url INTERNAL_URL + the url used by Primaza's Control Plane to reach the joined cluster -d CLUSTER_ENVIRONMENT, --cluster-environment CLUSTER_ENVIRONMENT name to use for the ClusterEnvironment that will be created in Primaza -e ENVIRONMENT, --environment ENVIRONMENT the Environment that will be associated to the ClusterEnvironment -l TENANT_KUBECONFIG, --tenant-kubeconfig TENANT_KUBECONFIG - path to kubeconfig file for the tenant, default: KUBECONFIG environment variable if set, otherwise - //.kube/config + path to kubeconfig file for the tenant, default: KUBECONFIG environment variable if set, otherwise //.kube/config -m TENANT_CONTEXT, --tenant-context TENANT_CONTEXT name of cluster, as it appears in kubeconfig, on which primaza tenant was created. Default: current kubeconfig context -t TENANT, --tenant TENANT @@ -267,6 +268,8 @@ options: - Set the environment variable `KIND_CLUSTER_JOIN_NAME` before running make to overwrite the name of the cluster created. - If using kind, prepend `kind-` to the cluster name. - Can use the same cluster as used for main install. +- `-internal-url INTERNAL_URL` + - the url that will be used by the Control Plane to reach the joined cluster - `--kubeconfig KUBECONFIG` - The kubeconfig file is not modified by primazactl. - The cluster specified for worker join does not have to be the current context. @@ -302,7 +305,7 @@ options: - No output produced. - Use in conjunction with `--output--` to get output without creating resources. - Default: none - resources are persisted. - + ## Create application namespace command @@ -311,8 +314,8 @@ Notes: ### Create application-namespace help ``` -usage: primazactl create application-namespace [-h] [-x] [-y {client,server,none}] [-o {yaml,none}] -d CLUSTER_ENVIRONMENT [-c CONTEXT] - [-m TENANT_CONTEXT] [-f CONFIG] [-t TENANT] [-v VERSION] [-k KUBECONFIG] [-l TENANT_KUBECONFIG] +usage: primazactl create application-namespace [-h] [-x] [-y {client,server,none}] [-o {yaml,none}] -d CLUSTER_ENVIRONMENT [-c CONTEXT] [-m TENANT_CONTEXT] [-f CONFIG] [-t TENANT] [-u TENANT_INTERNAL_URL] [-v VERSION] [-k KUBECONFIG] + [-l TENANT_KUBECONFIG] namespace positional arguments: @@ -328,21 +331,21 @@ options: -d CLUSTER_ENVIRONMENT, --cluster-environment CLUSTER_ENVIRONMENT name to use for the ClusterEnvironment that will be created in Primaza -c CONTEXT, --context CONTEXT - name of cluster, as it appears in kubeconfig, on which to create the service or application namespace, default: current - kubeconfig context + name of cluster, as it appears in kubeconfig, on which to create the service or application namespace, default: current kubeconfig context -m TENANT_CONTEXT, --tenant-context TENANT_CONTEXT name of cluster, as it appears in kubeconfig, on which Primaza tenant was created. Default: current kubeconfig context -f CONFIG, --config CONFIG Config file containing agent roles -t TENANT, --tenant TENANT tenant to use. Default: primaza-system + -u TENANT_INTERNAL_URL, --tenant-internal-url TENANT_INTERNAL_URL + Internal URL for the cluster on which Primaza's Control Plane is running -v VERSION, --version VERSION Version of primaza to use, default: latest. Ignored if --config is set. -k KUBECONFIG, --kubeconfig KUBECONFIG path to kubeconfig file, default: KUBECONFIG environment variable if set, otherwise //.kube/config -l TENANT_KUBECONFIG, --tenant-kubeconfig TENANT_KUBECONFIG - path to kubeconfig file for the tenant, default: KUBECONFIG environment variable if set, otherwise - //.kube/config + path to kubeconfig file for the tenant, default: KUBECONFIG environment variable if set, otherwise //.kube/config ``` ### Create application-namespace options: @@ -362,8 +365,10 @@ options: - Run `make config` from the repository - The config will be created: `out/config/application_agent_config_latest.yaml` - `--tenant TENANT` - - tenant to use. - - Default is `primaza-system`. + - tenant to use. + - Default is `primaza-system`. +- `--tenant-internal-url TENANT_INTERNAL_URL` + - The URL the Application Agent will use to contact the cluster on which Primaza's Control Plane is running - `--version VERSION` - Specify the version of manifests to use. - see: [releases](https://github.com/primaza/primazactl/releases) for available versions. @@ -392,18 +397,17 @@ options: - Use in conjunction with `--output--` to get output without creating resources. - Default: none - resources are persisted. - ## Create service namespace command Notes: - requires join cluster to be completed. - + ### Create service-namespace help: ``` -usage: primazactl create service-namespace [-h] [-x] [-y {client,server,none}] [-o {yaml,none}] -d CLUSTER_ENVIRONMENT [-c CONTEXT] [-m TENANT_CONTEXT] - [-f CONFIG] [-t TENANT] [-v VERSION] [-k KUBECONFIG] [-l TENANT_KUBECONFIG] +usage: primazactl create service-namespace [-h] [-x] [-y {client,server,none}] [-o {yaml,none}] -d CLUSTER_ENVIRONMENT [-c CONTEXT] [-m TENANT_CONTEXT] [-f CONFIG] [-t TENANT] [-u TENANT_INTERNAL_URL] [-v VERSION] [-k KUBECONFIG] + [-l TENANT_KUBECONFIG] namespace positional arguments: @@ -416,28 +420,24 @@ options: Set for dry run (default: none) -o {yaml,none}, --output {yaml,none} Set to get output of resources which are created (default: none). - - - - -d CLUSTER_ENVIRONMENT, --cluster-environment CLUSTER_ENVIRONMENT name to use for the ClusterEnvironment that will be created in Primaza -c CONTEXT, --context CONTEXT - name of cluster, as it appears in kubeconfig, on which to create the service or application namespace, default: current - kubeconfig context + name of cluster, as it appears in kubeconfig, on which to create the service or application namespace, default: current kubeconfig context -m TENANT_CONTEXT, --tenant-context TENANT_CONTEXT name of cluster, as it appears in kubeconfig, on which Primaza tenant was created. Default: current kubeconfig context -f CONFIG, --config CONFIG Config file containing agent roles -t TENANT, --tenant TENANT tenant to use. Default: primaza-system + -u TENANT_INTERNAL_URL, --tenant-internal-url TENANT_INTERNAL_URL + Internal URL for the cluster on which Primaza's Control Plane is running -v VERSION, --version VERSION Version of primaza to use, default: latest. Ignored if --config is set. -k KUBECONFIG, --kubeconfig KUBECONFIG path to kubeconfig file, default: KUBECONFIG environment variable if set, otherwise //.kube/config -l TENANT_KUBECONFIG, --tenant-kubeconfig TENANT_KUBECONFIG - path to kubeconfig file for the tenant, default: KUBECONFIG environment variable if set, otherwise - //.kube/config + path to kubeconfig file for the tenant, default: KUBECONFIG environment variable if set, otherwise //.kube/config ``` ### Create service-namespace options: @@ -467,6 +467,11 @@ options: - `--kubeconfig KUBECONFIG` - The kubeconfig file is not modified by primazactl. - The cluster specified for worker join does not have to be the current context. +- `--tenant TENANT` + - tenant to use. + - Default is `primaza-system`. +- `--tenant-internal-url TENANT_INTERNAL_URL` + - The URL the Application Agent will use to contact the cluster on which Primaza's Control Plane is running - `--tenant-kubeconfig TENANT_KUBECONFIG` path to kubeconfig file for the tenant, default: KUBECONFIG environment variable if set, otherwise //.kube/config diff --git a/scripts/src/primazactl/cmd/create/namespace/common.py b/scripts/src/primazactl/cmd/create/namespace/common.py index a985c08..2874c8d 100644 --- a/scripts/src/primazactl/cmd/create/namespace/common.py +++ b/scripts/src/primazactl/cmd/create/namespace/common.py @@ -65,6 +65,15 @@ def add_args_namespace(parser: argparse.ArgumentParser, type): help=f"tenant to use. Default: {DEFAULT_TENANT}", default=DEFAULT_TENANT) + parser.add_argument( + "-u", "--tenant-internal-url", + dest="tenant_internal_url", + type=str, + required=False, + help="Internal URL for the cluster \ + on which Primaza's Control Plane is running", + default=None) + parser.add_argument( "-v", "--version", dest="version", @@ -102,7 +111,9 @@ def __create_namespace(args, type): namespace=args.tenant, kubeconfig_path=args.tenant_kubeconfig, config_file=None, - version=None,) + version=None, + internal_url=args.tenant_internal_url, + ) worker = WorkerCluster( primaza_main=main, @@ -117,7 +128,7 @@ def __create_namespace(args, type): main_user = main.create_primaza_identity( args.cluster_environment) - kcfg = main.get_kubeconfig(main_user, args.context) + kcfg = main.get_kubeconfig(main_user) namespace = WorkerNamespace(type, args.namespace, diff --git a/scripts/src/primazactl/cmd/join/parser.py b/scripts/src/primazactl/cmd/join/parser.py index a10fb50..c31d634 100644 --- a/scripts/src/primazactl/cmd/join/parser.py +++ b/scripts/src/primazactl/cmd/join/parser.py @@ -69,6 +69,15 @@ def add_args_join(parser: argparse.ArgumentParser): type=existing_file, default=from_env()) + parser.add_argument( + "-u", "--internal-url", + dest="internal_url", + required=False, + help="the url used by Primaza's Control Plane to \ + reach the joined cluster", + type=str, + default=None) + # main parser.add_argument( "-d", "--cluster-environment", @@ -137,6 +146,7 @@ def join_cluster(args): environment=args.environment, cluster_environment=args.cluster_environment, tenant=args.tenant, + internal_url=args.internal_url, ).install_worker() if settings.output_active(): diff --git a/scripts/src/primazactl/primaza/primazacluster.py b/scripts/src/primazactl/primaza/primazacluster.py index 5e6c5c6..a4459a3 100644 --- a/scripts/src/primazactl/primaza/primazacluster.py +++ b/scripts/src/primazactl/primaza/primazacluster.py @@ -1,9 +1,7 @@ -import yaml import uuid from typing import Dict from kubernetes import client from primazactl.utils import logger -from primazactl.utils.command import Command from primazactl.identity.kubeidentity import KubeIdentity from primazactl.kube.secret import Secret from primazactl.kube.role import Role @@ -25,12 +23,20 @@ class PrimazaCluster(object): config_file: str = None cluster_environment: str = None tenant: str = None + internal_url: str | None = None - def __init__(self, namespace, context, - user, user_type, - kubeconfig_path, config_file, - cluster_environment, - tenant): + def __init__( + self, + namespace: str, + context: str, + user: str, + user_type: str, + kubeconfig_path: str, + config_file: str, + cluster_environment: str, + tenant: str, + internal_url: str | None, + ): self.namespace = namespace self.context = context self.user = user @@ -38,6 +44,7 @@ def __init__(self, namespace, context, self.config_file = config_file self.cluster_environment = cluster_environment self.tenant = tenant + self.internal_url = internal_url self.kube_config_file = kubeconfig_path \ if kubeconfig_path is not None \ @@ -46,34 +53,10 @@ def __init__(self, namespace, context, kcw = KubeConfigWrapper(context, self.kube_config_file) self.kubeconfig = kcw.get_kube_config_for_cluster() - def get_updated_server_url(self): - logger.log_entry() - cluster = f'{self.context.replace("kind-","")}' - control_plane = f'{cluster}-control-plane' - out, err = Command().run(f"docker inspect {control_plane}") - if err != 0: - raise RuntimeError("\n[ERROR] error getting data from docker:" - f"{control_plane} : {err}") - - docker_data = yaml.safe_load(out) - try: - networks = docker_data[0]["NetworkSettings"]["Networks"] - ipaddr = networks["kind"]["IPAddress"] - logger.log_info(f"new cluster url: https://{ipaddr}:6443") - return f"https://{ipaddr}:6443" - except KeyError: - logger.log_info("new cluster url not found") - return "" - - def get_kubeconfig(self, identity: KubeIdentity, - other_context) -> Dict: - logger.log_entry(f"id: {identity.sa_name}, " - f"other_context: {other_context}") - server_url = self.get_updated_server_url() \ - if self.context != other_context \ - else None - - return identity.get_kubeconfig(self.kubeconfig, server_url) + def get_kubeconfig(self, identity: KubeIdentity) -> Dict: + logger.log_entry(f"id: {identity.sa_name}") + + return identity.get_kubeconfig(self.kubeconfig, self.internal_url) def create_identity(self, sa_name: str, key_name: str) -> KubeIdentity: logger.log_entry() diff --git a/scripts/src/primazactl/primazamain/maincluster.py b/scripts/src/primazactl/primazamain/maincluster.py index 08ba1e8..4e1e21a 100644 --- a/scripts/src/primazactl/primazamain/maincluster.py +++ b/scripts/src/primazactl/primazamain/maincluster.py @@ -21,7 +21,8 @@ def __init__( namespace: str | None, kubeconfig_path: str | None, config_file: str | None, - version: str | None): + version: str | None, + internal_url: str | None = None): self.kube_config_file = kubeconfig_path @@ -36,7 +37,8 @@ def __init__( kubeconfig_path, config_file, None, - namespace) + namespace, + internal_url) self.primaza_version = version diff --git a/scripts/src/primazactl/primazaworker/workercluster.py b/scripts/src/primazactl/primazaworker/workercluster.py index e24ad69..82ad133 100644 --- a/scripts/src/primazactl/primazaworker/workercluster.py +++ b/scripts/src/primazactl/primazaworker/workercluster.py @@ -28,6 +28,7 @@ def __init__( environment: str, cluster_environment: str, tenant: str, + internal_url: str | None = None, ): sa_name, _ = names.get_identity_names(tenant, cluster_environment) @@ -38,7 +39,8 @@ def __init__( kubeconfig_file, config_file, cluster_environment, - tenant) + tenant, + internal_url) self.primaza_main = primaza_main self.environment = environment @@ -75,8 +77,7 @@ def install_worker(self): identity = self.create_identity(sa_name, key_name) logger.log_info("Create cluster context secret in main") - cc_kubeconfig = self.get_kubeconfig(identity, - self.primaza_main.context) + cc_kubeconfig = self.get_kubeconfig(identity) logger.log_info("Create cluster environment in main") secret_name = names.get_kube_secret_name(self.cluster_environment) diff --git a/scripts/src/primazactl/primazaworker/workernamespace.py b/scripts/src/primazactl/primazaworker/workernamespace.py index 55cf9f5..c994d06 100644 --- a/scripts/src/primazactl/primazaworker/workernamespace.py +++ b/scripts/src/primazactl/primazaworker/workernamespace.py @@ -47,7 +47,8 @@ def __init__(self, type, kubeconfig_file, role_config, cluster_environment, - worker.tenant) + worker.tenant, + None) self.main = main self.worker = worker @@ -78,7 +79,7 @@ def create(self): self.namespace) # Get kubeconfig with secret from service accounf - kc = self.main.get_kubeconfig(main_identity, self.context) + kc = self.main.get_kubeconfig(main_identity) # - in the created namespace, create the Secret # 'primaza-auth-$CLUSTER_ENVIRONMENT' the Worker key diff --git a/scripts/src/primazatest/runtest.py b/scripts/src/primazatest/runtest.py index 59f8271..da842d7 100644 --- a/scripts/src/primazatest/runtest.py +++ b/scripts/src/primazatest/runtest.py @@ -4,6 +4,7 @@ import time import os import yaml +from primazactl.utils.command import Command PASS = '\033[92mPASS\033[0m' SUCCESS = '\033[92mSUCCESS\033[0m' @@ -240,11 +241,27 @@ def check_pods(cluster, namespace): return outcome +def get_cluster_internal_url(cluster_name: str) -> str: + control_plane = f'{cluster_name}-control-plane' + out, err = Command().run(f"docker inspect {control_plane}") + if err != 0: + raise RuntimeError("\n[ERROR] error getting data from docker:" + f"{control_plane} : {err}") + docker_data = yaml.safe_load(out) + networks = docker_data[0]["NetworkSettings"]["Networks"] + ipaddr = networks["kind"]["IPAddress"] + internal_url = f"https://{ipaddr}:6443" + return internal_url + + def test_worker_install(venv_dir, config, version, worker_cluster, main_cluster, tenant, kubeconfig=None, main_kubeconfig=None, expect_out=False, dry_run=None, output=None): + internal_url = get_cluster_internal_url( + worker_cluster.replace("kind-", "")) + if version: command = [f"{venv_dir}/bin/primazactl", "join", "cluster", @@ -253,7 +270,8 @@ def test_worker_install(venv_dir, config, version, worker_cluster, "-c", worker_cluster, "-m", main_cluster, "-t", tenant, - "-v", version] + "-v", version, + "-u", internal_url] else: command = [f"{venv_dir}/bin/primazactl", "join", "cluster", @@ -262,7 +280,8 @@ def test_worker_install(venv_dir, config, version, worker_cluster, "-c", worker_cluster, "-m", main_cluster, "-t", tenant, - "-f", config] + "-f", config, + "-u", internal_url] if kubeconfig: command.append("-k") @@ -303,6 +322,9 @@ def test_application_namespace_create(venv_dir, namespace, expect_out=False, dry_run=None, output=None): + + internal_url = get_cluster_internal_url(main_cluster.replace("kind-", "")) + if version: command = [f"{venv_dir}/bin/primazactl", "create", "application-namespace", @@ -311,7 +333,8 @@ def test_application_namespace_create(venv_dir, namespace, "-c", worker_cluster, "-m", main_cluster, "-t", tenant, - "-v", version] + "-v", version, + "-u", internal_url] else: command = [f"{venv_dir}/bin/primazactl", "create", "application-namespace", @@ -320,7 +343,8 @@ def test_application_namespace_create(venv_dir, namespace, "-c", worker_cluster, "-m", main_cluster, "-t", tenant, - "-f", config] + "-f", config, + "-u", internal_url] if kubeconfig: command.append("-k") @@ -366,6 +390,8 @@ def test_service_namespace_create(venv_dir, namespace, dry_run=None, output=None): + internal_url = get_cluster_internal_url(main_cluster.replace("kind-", "")) + if version: command = [f"{venv_dir}/bin/primazactl", "create", "service-namespace", @@ -374,7 +400,8 @@ def test_service_namespace_create(venv_dir, namespace, "-c", worker_cluster, "-m", main_cluster, "-t", tenant, - "-v", version] + "-v", version, + "-u", internal_url] else: command = [f"{venv_dir}/bin/primazactl", "create", "service-namespace", @@ -383,7 +410,8 @@ def test_service_namespace_create(venv_dir, namespace, "-c", worker_cluster, "-m", main_cluster, "-t", tenant, - "-f", config] + "-f", config, + "-u", internal_url] if kubeconfig: command.append("-k")