-
Notifications
You must be signed in to change notification settings - Fork 899
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for verifying the Kubernetes connection #2156
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,6 +3,9 @@ class EmsKubernetes < EmsContainer | |
has_many :container_groups, :foreign_key => :ems_id, :dependent => :destroy | ||
has_many :container_services, :foreign_key => :ems_id, :dependent => :destroy | ||
|
||
# TODO: support real authentication using certificates | ||
before_validation :ensure_authentications_record | ||
|
||
default_value_for :port, 6443 | ||
|
||
def self.ems_type | ||
|
@@ -13,6 +16,10 @@ def self.description | |
@description ||= "Kubernetes".freeze | ||
end | ||
|
||
def self.event_monitor_class | ||
MiqEventCatcherKubernetes | ||
end | ||
|
||
def self.raw_connect(hostname, port) | ||
require 'kubeclient' | ||
api_endpoint = raw_api_endpoint(hostname, port) | ||
|
@@ -23,7 +30,7 @@ def self.raw_connect(hostname, port) | |
end | ||
|
||
def self.raw_api_endpoint(hostname, port) | ||
URI::HTTPS.build(:host => hostname, :port => port.to_i) | ||
URI::HTTPS.build(:host => hostname, :port => port.presence.try(:to_i)) | ||
end | ||
|
||
# UI methods for determining availability of fields | ||
|
@@ -35,27 +42,33 @@ def api_endpoint | |
self.class.raw_api_endpoint(hostname, port) | ||
end | ||
|
||
def connect(_options = {}) | ||
self.class.raw_connect(hostname, port) | ||
end | ||
def connect(options = {}) | ||
hostname = options[:hostname] || self.address | ||
port = options[:port] || self.port | ||
|
||
def self.event_monitor_class | ||
MiqEventCatcherKubernetes | ||
self.class.raw_connect(hostname, port) | ||
end | ||
|
||
def authentication_check | ||
def verify_credentials(auth_type = nil, options = {}) | ||
# TODO: support real authentication using certificates | ||
[true, ""] | ||
end | ||
options = options.merge(:auth_type => auth_type) | ||
|
||
def verify_credentials(_auth_type = nil, _options = {}) | ||
# TODO: support real authentication using certificates | ||
true | ||
with_provider_connection(options, &:api_valid?) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Validation here should be a check that remote endpoint supports the API that we know about (v1beta3 / future v1.0). There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. isn't that the job of the api_valid? method on kubeclient? |
||
rescue SocketError, | ||
Errno::ECONNREFUSED, | ||
RestClient::ResourceNotFound, | ||
RestClient::InternalServerError => err | ||
raise MiqException::MiqUnreachableError, err.message, err.backtrace | ||
rescue RestClient::Unauthorized => err | ||
raise MiqException::MiqInvalidCredentialsError, err.message, err.backtrace | ||
end | ||
|
||
def authentication_status_ok?(_type = nil) | ||
private | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Adding private here you mask other public methods (all_computer_system_ids, aggregate_logical_cpus, aggregate_memory). There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Doh, must have happened when I rebased. |
||
|
||
def ensure_authentications_record | ||
# TODO: support real authentication using certificates | ||
true | ||
return if authentications.present? | ||
update_authentication(:default => {:userid => "_", :save => false}) | ||
end | ||
|
||
# required by aggregate_hardware | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
that's part of another patch that was already merged, right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just moved it up from below. It was mixed in with other "connection" related methods and didn't belong with the others.