Skip to content

Commit

Permalink
Network_range support
Browse files Browse the repository at this point in the history 
- n-policy parsing mechanizm from UI into BE dictionary
- Set cluster 'UPDATING' state
- Saving metadata
  • Loading branch information
@naumvd95
naumvd95 committed May 3, 2018
1 parent 39c3e9e commit e9d982a
Show file tree
Hide file tree
Showing 5 changed files with 59 additions and 66 deletions.
11 changes: 4 additions & 7 deletions docker-compose.demo.yml
View file
@@ -1,15 +1,14 @@
version: '2'
services:
api:
# image: kqueen/api:v0.18
image: vnaumov/kqueen-api:mk1
image: kqueen/api:v0.18
ports:
- 127.0.0.1:5000:5000
depends_on:
- etcd
environment:
KQUEEN_CONFIG_FILE: config/demo.py
KQUEEN_DEBUG: 'True'
KQUEEN_DEBUG: 'False'
KQUEEN_LDAP_URI: 'ldap://ldap'
KQUEEN_LDAP_DN: 'cn=admin,dc=example,dc=org'
KQUEEN_LDAP_PASSWORD: 'heslo123'
Expand All @@ -24,16 +23,14 @@ services:
extra_hosts:
- "ci.mcp.mirantis.net:172.16.48.254"
ui:
# image: kqueen/ui:v0.9
# image: vnaumov/kqueen-ui:mk2
image: vnaumov/kqueen-ui:mk1
image: kqueen/ui:v0.9
ports:
- 127.0.0.1:5080:5080
depends_on:
- api
environment:
KQUEEN_UI_CONFIG_FILE: config/demo.py
KQUEENUI_DEBUG: 'True'
KQUEENUI_DEBUG: 'False'
KQUEENUI_SECRET_KEY: 'SecretSecretSecret123'
KQUEENUI_KQUEEN_API_URL: http://api:5000/api/v1/
KQUEENUI_KQUEEN_AUTH_URL: http://api:5000/api/v1/auth
Expand Down
2 changes: 1 addition & 1 deletion kqueen/blueprints/api/views.py
View file
Expand Up @@ -230,7 +230,7 @@ def cluster_set_network_policy(pk):

data = request.json
if not all(k in data for k in ('provider', 'enabled')):
msg = 'Failed to get network policy configuration'
msg = 'Incorrect network policy configuration {}'.format(data)
logger.error(msg)
abort(400, description=msg)

Expand Down
2 changes: 1 addition & 1 deletion kqueen/config/base.py
View file
Expand Up @@ -29,7 +29,7 @@ class BaseConfig:
CLUSTER_OK_STATE = 'OK'
CLUSTER_PROVISIONING_STATE = 'Deploying'
CLUSTER_DEPROVISIONING_STATE = 'Destroying'
CLUSTER_RESIZING_STATE = 'Resizing'
CLUSTER_UPDATING_STATE = 'Updating'
CLUSTER_UNKNOWN_STATE = 'Unknown'

CLUSTER_STATE_ON_LIST = True
Expand Down
2 changes: 1 addition & 1 deletion kqueen/engines/aks.py
View file
Expand Up @@ -20,7 +20,7 @@
'Succeeded': config.get('CLUSTER_OK_STATE'),
'Deleting': config.get('CLUSTER_DEPROVISIONING_STATE'),
'Failed': config.get('CLUSTER_ERROR_STATE'),
'Updating': config.get('CLUSTER_RESIZING_STATE')
'Updating': config.get('CLUSTER_UPDATING_STATE')
}


Expand Down
108 changes: 52 additions & 56 deletions kqueen/engines/gce.py
View file
Expand Up @@ -14,7 +14,7 @@
'PROVISIONING': config.get('CLUSTER_PROVISIONING_STATE'),
'RUNNING': config.get('CLUSTER_OK_STATE'),
'STOPPING': config.get('CLUSTER_DEPROVISIONING_STATE'),
'RECONCILING': config.get('CLUSTER_RESIZING_STATE')
'RECONCILING': config.get('CLUSTER_UPDATING_STATE')
}


Expand Down Expand Up @@ -103,31 +103,31 @@ class GceEngine(BaseEngine):
'required': True
}
},
'network_range': {
'type': 'text',
'label': 'Network range CIDR',
'order': 5,
'placeholder': '10.0.0.0/14',
'validators': {
'required': False,
'regexp': '(^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}'
'([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])'
'(/([0-9]|[1-9][0-9]|2[0-4]))?$)?'
}
},
'network_policy': {
'type': 'select',
'label': 'Network Policy',
'order': 4,
'choices': [
('none', '(None)'),
('PROVIDER_UNSPECIFIED', '(None)'),
('CALICO', 'Calico')
],
'default': 'none',
'default': 'PROVIDER_UNSPECIFIED',
'validators': {
'required': False
},
'class_name': 'network-policy'
},
'network_range': {
'type': 'text',
'label': 'Network range CIDR',
'order': 5,
'placeholder': '10.0.0.0/14',
'validators': {
'required': False,
'regexp': '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}'
'([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])'
'(/([0-9]|[1-9][0-9]|2[0-4]))?$'
}
}
}
}
Expand All @@ -143,26 +143,38 @@ def __init__(self, cluster, **kwargs):
self.project = self.service_account_info.get('project_id', '')
self.zone = kwargs.get('zone', '-')
self.cluster_id = 'a' + self.cluster.id.replace('-', '')

# Generate metadata for Network Policies if empty
if not isinstance(cluster.metadata.get('network_policy'), dict):
network_provider = kwargs.get('network_policy', 'PROVIDER_UNSPECIFIED')
self.cluster.metadata['network_policy'] = {
'provider': network_provider,
'enabled': network_provider != 'PROVIDER_UNSPECIFIED'
}
logger.debug('Generate metadata for network policies: {}'
.format(self.cluster.metadata['network_policy']))
self.cluster.save()

meta = self.cluster.metadata
self.cluster_config = {
'cluster': {
'name': self.cluster_id,
'initialNodeCount': kwargs.get('node_count', 1),
'nodeConfig': {
'machineType': kwargs.get('machine_type', 'n1-standard-1')
},
'addonsConfig': {},
'addonsConfig': {
'networkPolicyConfig': {
'disabled': meta['network_policy'].get('provider', 'PROVIDER_UNSPECIFIED') == 'PROVIDER_UNSPECIFIED'
}
},
'clusterIpv4Cidr': kwargs.get('network_range', ''),
'networkPolicy': {
'provider': kwargs.get('network_policy', 'PROVIDER_UNSPECIFIED'),
'enabled': bool(kwargs.get('network_policy', False))
'provider': meta['network_policy'].get('provider', 'PROVIDER_UNSPECIFIED'),
'enabled': meta['network_policy'].get('enabled', False)
}
}
}
if self.cluster_config['cluster']['networkPolicy']['enabled'] is True:
logger.debug('Network addon for GKE enabled')
self.cluster_config = self._set_addon_config(cluster_config=self.cluster_config,
addon='networkPolicyConfig',
disabled=False)

logger.debug('GKE cluster configuration: {}'.format(self.cluster_config))
self.client = self._get_client()
Expand All @@ -180,29 +192,6 @@ def _get_client(self):

return client

def _set_addon_config(self, cluster_config, addon, disabled):
"""Set addon configutation to the cluster.
Args:
cluster_config(dict): Current cluster configuration
addon(str): Name of supported addon
disabled(bool): Enable/Disable addon
Returns:
dict: Updated cluster configuration
"""
addons_body = {
addon: {
'disabled': disabled
}
}
addons_config = cluster_config['cluster'].get('addonsConfig', {})
addons_config[addon] = addons_body[addon]
logger.debug('Setting {} addon in cluster_config {}'.format(addon, cluster_config))

return cluster_config

def provision(self, **kwargs):
"""
Implementation of :func:`~kqueen.engines.base.BaseEngine.provision`
Expand All @@ -211,6 +200,16 @@ def provision(self, **kwargs):
request = self.client.projects().zones().clusters().create(projectId=self.project,
zone=self.zone,
body=self.cluster_config)
cluster_config = self.cluster_config['cluster']
network_meta = self.cluster.metadata['network_policy']
if network_meta['provider'] == 'CALICO' and int(cluster_config['initialNodeCount']) < 2:
msg = 'Setting {} Network Policy for the cluster {} denied due to '\
'unsupported configuration. The minimal size of the '\
'cluster to run network policy enforcement is 2 '\
'n1-standard-1 instances'.format(network_meta['provider'],
self.cluster_id)
logger.error(msg)
return False, msg
try:
request.execute()
# TODO: check if provisioning response is healthy
Expand All @@ -220,15 +219,13 @@ def provision(self, **kwargs):
logger.exception(msg)
return False, msg

cluster_config = self.cluster_config['cluster']
if cluster_config['networkPolicy']['provider'] is not None:
self.cluster.metadata['network_policy'] = cluster_config['networkPolicy']
logger.critical('Provisioning cluster {} started, updating metadata...{}'
.format(self.cluster_id, cluster_config['networkPolicy']))
if cluster_config['networkPolicy']['provider'] != 'PROVIDER_UNSPECIFIED':
network_meta['provider'] = cluster_config['networkPolicy']['provider']
network_meta['enabled'] = cluster_config['networkPolicy']['enabled']
logger.debug('Provisioning cluster {} started, updating metadata...{}'
.format(self.cluster_id, self.cluster.metadata))
self.cluster.save()

logger.critical(self.cluster.metadata)

return True, None

def deprovision(self, **kwargs):
Expand Down Expand Up @@ -339,11 +336,10 @@ def set_network_policy(self, network_provider='CALICO', enabled=False, **kwargs)
saving metadata...'.format(network_provider, self.cluster_id))

meta = self.cluster.metadata.get('network_policy', {})
logger.critical('current NETMETA..{}'.format(meta))
meta['provider'] = network_provider
meta['enabled'] = enabled
logger.critical('Updating NETWORK POLICY for cluster {} started, saving metadata...{}'
.format(self.cluster_id, self.cluster.metadata['network_policy']))
logger.debug('Updating network policy for cluster {} started, saving metadata...{}'
.format(self.cluster_id, self.cluster.metadata['network_policy']))
self.cluster.save()

return True, None
Expand Down

0 comments on commit e9d982a

Please sign in to comment.