Decouple Orc8r verification from terraform state inspection. (#6292)

We currently depend on terraform state only for getting the namespace. Modified to obtain it from user option (with default as orc8r) Enable orc8r cleanup without terraform state inspection. Provide default values when not provided Signed-off-by: Karthik Subraveti <ksubraveti@fb.com>
magma · Apr 23, 2021 · 7384af0 · 7384af0
1 parent a572cce
commit 7384af0
Show file tree

Hide file tree

Showing 10 changed files with 203 additions and 191 deletions.
diff --git a/orc8r/cloud/deploy/orc8r_deployer/docker/Dockerfile b/orc8r/cloud/deploy/orc8r_deployer/docker/Dockerfile
@@ -24,6 +24,7 @@ RUN apt-get update && \
 RUN pip3 install --no-cache-dir \
                         boto \
                         boto3 \
+                        kubernetes \
                         ansible==${ANSIBLE_VERSION} \
                         prettytable \
                         requests \

diff --git a/orc8r/cloud/deploy/orc8r_deployer/docker/root/scripts/cli/cleanup.py b/orc8r/cloud/deploy/orc8r_deployer/docker/root/scripts/cli/cleanup.py
@@ -17,17 +17,19 @@
 import click
 from boto3 import Session
 
-from .common import (
+from cli.common import (
     run_command,
     run_playbook,
     print_error_msg,
-    print_warning_msg,
     print_success_msg)
+from cli.configlib import get_input
 
-def setup_aws_creds():
+
+def setup_aws_environ():
+    """Set up aws configuration attributes in environment"""
     session = Session()
     creds = session.get_credentials()
-    if not creds:
+    if not creds or not session.region_name:
         print_error_msg('''
 AWS credentials not configured.
 configure through awscli or through orcl
@@ -40,7 +42,7 @@ def setup_aws_creds():
     frozen_creds = creds.get_frozen_credentials()
     os.environ["AWS_ACCESS_KEY_ID"] = frozen_creds.access_key
     os.environ["AWS_SECRET_ACCESS_KEY"] = frozen_creds.secret_key
-
+    os.environ["AWS_REGION"] = session.region_name
 
 @click.group(invoke_without_command=True)
 @click.pass_context
@@ -57,35 +59,65 @@ def cleanup(ctx):
         click.echo(f"Running {cmd}")
         rc = run_command(tf_destroy)
         if rc != 0:
-            print_error_msg("Destroy Failed!!! Attempt cleaning up individual resources using 'orcl cleanup raw' subcommand")
+            print_error_msg("Destroy Failed!!! Attempt cleaning up individual"
+                            "resources using 'orcl cleanup raw' subcommand")
             return
 
 @cleanup.command()
 @click.pass_context
-@click.option('--dryrun', default=False, is_flag=True, help='Show resources to be cleaned up during raw cleanup')
-@click.option('--state', help='Provide state file containing resource information e.g. terraform.tfstate or terraform.tfstate.backup')
-@click.option('--values', multiple=True, help='Key value pairs. for e.g. cluster_name,orc8r. Can be used multiple times')
-def raw(ctx, dryrun, state, values):
+@click.option('--dryrun', default=False, is_flag=True, help='Show resources '
+              'to be cleaned up during raw cleanup')
+@click.option('--state', help='Provide state file containing resource '
+              'information e.g. terraform.tfstate or '
+              'terraform.tfstate.backup')
+@click.option('--override', default=False, is_flag=True, help='Provide values'
+              'to cleanup the orc8r deployment')
+def raw(ctx, dryrun, state, override):
     """
     Individually cleans up resources deployed for orc8r
+    Attributes:
+    ctx: Click context
+    dryrun: knob to enable dryrun of the cleanup to be performed
+    state: location of the terraform state file
+    override: override any state information with custom values
     """
-    click.confirm(click.style('This is irreversable!! Do you want to continue with cleanup?', fg='red'), abort=True)
+    if not dryrun:
+        click.confirm(click.style('This is irreversable!! Do you want to '
+                      'continue with cleanup?', fg='red'), abort=True)
     if state:
         ctx.obj['cleanup_state'] = state
 
-    # add additional items
-    for config_items in values:
-        k, v = config_items.split(",")
-        ctx.obj[k] = v
+    # Few boto dependent modules in ansible require these values to be
+    # setup as environment variables. Hence setting these up.
+    setup_aws_environ()
+
+    default_values = {
+        'orc8r_namespace': 'orc8r',
+        'orc8r_secrets': 'orc8r-secrets',
+        'orc8r_es_domain': 'orc8r-es',
+        'orc8r_cluster_name': 'orc8r',
+        'orc8r_db_id': 'orc8rdb',
+        'orc8r_db_subnet': 'orc8r_vpc',
+        'vpc_name': 'orc8r_vpc',
+        'region_name': os.environ["AWS_REGION"],
+        'efs_fs_targets': '',
+        'efs_mount_targets': '',
+        'domain_name': '',
+    }
+    if override:
+        for k, v in default_values.items():
+            inp = get_input(k , v)
+            inp_entries = inp.split(',')
+            if len(inp_entries) > 1:
+                # mainly relevant for passing in list of mount and fs targets
+                ctx.obj[k] = inp_entries
+            else:
+                ctx.obj[k] = inp_entries[0]
 
     extra_vars = json.dumps(ctx.obj)
     cleanup_playbook = "%s/cleanup.yml" % ctx.obj["playbooks"]
     playbook_args = [ "ansible-playbook", "-v", "-e", extra_vars]
 
-    # Few boto dependent modules in ansible require these values to be
-    # setup as environment variables. Hence setting these up.
-    setup_aws_creds()
-
     if dryrun:
         tag_args = ["-t", "cleanup_dryrun"]
     else:

diff --git a/orc8r/cloud/deploy/orc8r_deployer/docker/root/scripts/cli/verify.py b/orc8r/cloud/deploy/orc8r_deployer/docker/root/scripts/cli/verify.py
@@ -13,6 +13,9 @@
 import os
 import sys
 import glob
+import json
+
+from kubernetes import client, config
 
 import click
 
@@ -30,8 +33,9 @@ def verify(ctx):
     pass
 
 @verify.command('sanity')
+@click.option('-n', '--namespace', default='orc8r')
 @click.pass_context
-def verify_sanity(ctx):
+def verify_sanity(ctx, namespace):
     # check if KUBECONFIG is set else find kubeconfig file and set the
     # environment variable
     constants = ctx.obj
@@ -51,11 +55,25 @@ def verify_sanity(ctx):
     os.environ["KUBECONFIG"] = kubeconfig
     os.environ["K8S_AUTH_KUBECONFIG"] = kubeconfig
 
+    # check if we have a valid namespace
+    config.load_kube_config(kubeconfig)
+    v1 = client.CoreV1Api()
+    response = v1.list_namespace()
+    all_namespaces = [item.metadata.name for item in response.items]
+    if namespace not in all_namespaces:
+        namespace = click.prompt('Provide orc8r namespace', abort=True)
+        if namespace not in all_namespaces:
+            print_error_msg(f"Orc8r namespace {namespace} not found")
+            sys.exit(1)
+
+    # add constants to the list of variables sent to ansible
+    constants['orc8r_namespace'] = namespace
+
     rc = run_playbook([
             "ansible-playbook",
             "-v",
             "-e",
-            "@/root/config.yml",
+            json.dumps(constants),
             "-t",
             "verify_sanity",
             "%s/main.yml" % constants["playbooks"]])