forked from Qihoo360/wayne
/
pre_deploy.go
84 lines (75 loc) · 3.01 KB
/
pre_deploy.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
package statefulset
import (
"strings"
"k8s.io/api/apps/v1beta1"
"k8s.io/api/core/v1"
"github.com/Qihoo360/wayne/src/backend/models"
"github.com/Qihoo360/wayne/src/backend/util"
)
func statefulsetPreDeploy(kubeStatefulSet *v1beta1.StatefulSet, statefulSet *models.Statefulset,
cluster *models.Cluster, namespace *models.Namespace) {
// step 1 add envs
for i := 0; i < len(kubeStatefulSet.Spec.Template.Spec.Containers); i++ {
preDefinedEnvMap := make(map[string]v1.EnvVar)
envResult := make([]v1.EnvVar, 0)
// user defined
for _, env := range kubeStatefulSet.Spec.Template.Spec.Containers[i].Env {
preDefinedEnvMap[env.Name] = env
}
// cluster defined, overwrite user defined
for _, env := range cluster.MetaDataObj.Env {
preDefinedEnvMap[env.Name] = env
}
// namespace defined, overwrite cluster and user defined
for _, env := range namespace.MetaDataObj.Env {
preDefinedEnvMap[env.Name] = env
}
for _, env := range preDefinedEnvMap {
envResult = append(envResult, env)
}
kubeStatefulSet.Spec.Template.Spec.Containers[i].Env = envResult
}
// step 2 add image pull secret
preDefinedImagePullSecretMap := make(map[string]v1.LocalObjectReference)
// user defined
for _, secret := range kubeStatefulSet.Spec.Template.Spec.ImagePullSecrets {
preDefinedImagePullSecretMap[secret.Name] = secret
}
// cluster defined, overwrite user defined
for _, secret := range cluster.MetaDataObj.ImagePullSecrets {
preDefinedImagePullSecretMap[secret.Name] = secret
}
// namespace defined, overwrite cluster and user defined
for _, secret := range namespace.MetaDataObj.ImagePullSecrets {
preDefinedImagePullSecretMap[secret.Name] = secret
}
imagePullSecretsResult := make([]v1.LocalObjectReference, 0)
for _, secret := range preDefinedImagePullSecretMap {
imagePullSecretsResult = append(imagePullSecretsResult, secret)
}
kubeStatefulSet.Spec.Template.Spec.ImagePullSecrets = imagePullSecretsResult
// step 3 add user defined affinity
if statefulSet.MetaDataObj.Affinity != nil {
kubeStatefulSet.Spec.Template.Spec.Affinity = statefulSet.MetaDataObj.Affinity
}
// step 4 is allow privilege
for i := 0; i < len(kubeStatefulSet.Spec.Template.Spec.Containers); i++ {
if kubeStatefulSet.Spec.Template.Spec.Containers[i].SecurityContext == nil {
kubeStatefulSet.Spec.Template.Spec.Containers[i].SecurityContext = &v1.SecurityContext{}
}
// 默认不允许特权模式
privileged, ok := statefulSet.MetaDataObj.Privileged[kubeStatefulSet.Spec.Template.Spec.Containers[i].Name]
if !ok {
falseVar := false
privileged = &falseVar
}
kubeStatefulSet.Spec.Template.Spec.Containers[i].SecurityContext.Privileged = privileged
}
// step 5 set namespace
kubeStatefulSet.Namespace = namespace.MetaDataObj.Namespace
// step 6
if kubeStatefulSet.Spec.Template.Annotations == nil {
kubeStatefulSet.Spec.Template.Annotations = make(map[string]string)
}
kubeStatefulSet.Spec.Template.Annotations[util.PodAnnotationControllerKindLabelKey] = strings.ToLower(string(models.KubeApiTypeStatefulSet))
}