valitydev/salt
14
0
Fork 0
mirror of https://github.com/valitydev/salt.git synced 2024-11-07 08:58:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #43087 from rallytime/bp-42174

Browse Source 
Back-port #42174 to 2017.7
This commit is contained in:
Mike Place 2017-08-21 12:40:17 -06:00 committed by GitHub
commit 32f9ade4db
1 changed files with 141 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

148
salt/modules/kubernetes.py
View File

@ -9,9 +9,23 @@ Module for handling kubernetes calls.
kubernetes.user: admin
kubernetes.password: verybadpass
kubernetes.api_url: 'http://127.0.0.1:8080'
kubernetes.certificate-authority-data: '...'
kubernetes.client-certificate-data: '....n
kubernetes.client-key-data: '...'
kubernetes.certificate-authority-file: '/path/to/ca.crt'
kubernetes.client-certificate-file: '/path/to/client.crt'
kubernetes.client-key-file: '/path/to/client.key'
These settings can be also overrided by adding `api_url`, `api_user`,
or `api_password` parameters when calling a function:
`api_password`, `api_certificate_authority_file`, `api_client_certificate_file`
or `api_client_key_file` parameters when calling a function:
The data format for `kubernetes.*-data` values is the same as provided in `kubeconfig`.
It's base64 encoded certificates/keys in one line.
For an item only one field should be provided. Either a `data` or a `file` entry.
In case both are provided the `file` entry is prefered.
.. code-block:: bash
salt '*' kubernetes.nodes api_url=http://k8s-api-server:port api_user=myuser api_password=pass
@ -21,9 +35,11 @@ or `api_password` parameters when calling a function:
# Import Python Futures
from __future__ import absolute_import
import os.path
import base64
import logging
import yaml
import tempfile
from salt.exceptions import CommandExecutionError
from salt.ext.six import iteritems
@ -71,16 +87,31 @@ def _setup_conn(**kwargs):
'http://localhost:8080')
username = __salt__['config.option']('kubernetes.user')
password = __salt__['config.option']('kubernetes.password')
ca_cert = __salt__['config.option']('kubernetes.certificate-authority-data')
client_cert = __salt__['config.option']('kubernetes.client-certificate-data')
client_key = __salt__['config.option']('kubernetes.client-key-data')
ca_cert_file = __salt__['config.option']('kubernetes.certificate-authority-file')
client_cert_file = __salt__['config.option']('kubernetes.client-certificate-file')
client_key_file = __salt__['config.option']('kubernetes.client-key-file')
# Override default API settings when settings are provided
if kwargs.get('api_url'):
host = kwargs['api_url']
if 'api_url' in kwargs:
host = kwargs.get('api_url')
if kwargs.get('api_user'):
username = kwargs['api_user']
if 'api_user' in kwargs:
username = kwargs.get('api_user')
if kwargs.get('api_password'):
password = kwargs['api_password']
if 'api_password' in kwargs:
password = kwargs.get('api_password')
if 'api_certificate_authority_file' in kwargs:
ca_cert_file = kwargs.get('api_certificate_authority_file')
if 'api_client_certificate_file' in kwargs:
client_cert_file = kwargs.get('api_client_certificate_file')
if 'api_client_key_file' in kwargs:
client_key_file = kwargs.get('api_client_key_file')
if (
kubernetes.client.configuration.host != host or
@ -93,6 +124,45 @@ def _setup_conn(**kwargs):
kubernetes.client.configuration.user = username
kubernetes.client.configuration.passwd = password
if ca_cert_file:
kubernetes.client.configuration.ssl_ca_cert = ca_cert_file
elif ca_cert:
with tempfile.NamedTemporaryFile(prefix='salt-kube-', delete=False) as ca:
ca.write(base64.b64decode(ca_cert))
kubernetes.client.configuration.ssl_ca_cert = ca.name
else:
kubernetes.client.configuration.ssl_ca_cert = None
if client_cert_file:
kubernetes.client.configuration.cert_file = client_cert_file
elif client_cert:
with tempfile.NamedTemporaryFile(prefix='salt-kube-', delete=False) as c:
c.write(base64.b64decode(client_cert))
kubernetes.client.configuration.cert_file = c.name
else:
kubernetes.client.configuration.cert_file = None
if client_key_file:
kubernetes.client.configuration.key_file = client_key_file
if client_key:
with tempfile.NamedTemporaryFile(prefix='salt-kube-', delete=False) as k:
k.write(base64.b64decode(client_key))
kubernetes.client.configuration.key_file = k.name
else:
kubernetes.client.configuration.key_file = None
def _cleanup(**kwargs):
ca = kubernetes.client.configuration.ssl_ca_cert
cert = kubernetes.client.configuration.cert_file
key = kubernetes.client.configuration.key_file
if cert and os.path.exists(cert) and os.path.basename(cert).startswith('salt-kube-'):
salt.utils.safe_rm(cert)
if key and os.path.exists(key) and os.path.basename(key).startswith('salt-kube-'):
salt.utils.safe_rm(key)
if ca and os.path.exists(ca) and os.path.basename(ca).startswith('salt-kube-'):
salt.utils.safe_rm(ca)
def ping(**kwargs):
'''
@ -134,6 +204,8 @@ def nodes(**kwargs):
'Exception when calling CoreV1Api->list_node: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def node(name, **kwargs):
@ -156,6 +228,8 @@ def node(name, **kwargs):
'Exception when calling CoreV1Api->list_node: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
for k8s_node in api_response.items:
if k8s_node.metadata.name == name:
@ -210,6 +284,8 @@ def node_add_label(node_name, label_name, label_value, **kwargs):
'Exception when calling CoreV1Api->patch_node: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
return None
@ -243,6 +319,8 @@ def node_remove_label(node_name, label_name, **kwargs):
'Exception when calling CoreV1Api->patch_node: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
return None
@ -271,6 +349,8 @@ def namespaces(**kwargs):
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def deployments(namespace='default', **kwargs):
@ -298,6 +378,8 @@ def deployments(namespace='default', **kwargs):
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def services(namespace='default', **kwargs):
@ -324,6 +406,8 @@ def services(namespace='default', **kwargs):
'CoreV1Api->list_namespaced_service: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def pods(namespace='default', **kwargs):
@ -350,6 +434,8 @@ def pods(namespace='default', **kwargs):
'CoreV1Api->list_namespaced_pod: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def secrets(namespace='default', **kwargs):
@ -376,6 +462,8 @@ def secrets(namespace='default', **kwargs):
'CoreV1Api->list_namespaced_secret: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def configmaps(namespace='default', **kwargs):
@ -402,6 +490,8 @@ def configmaps(namespace='default', **kwargs):
'CoreV1Api->list_namespaced_config_map: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def show_deployment(name, namespace='default', **kwargs):
@ -429,6 +519,8 @@ def show_deployment(name, namespace='default', **kwargs):
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def show_service(name, namespace='default', **kwargs):
@ -455,6 +547,8 @@ def show_service(name, namespace='default', **kwargs):
'CoreV1Api->read_namespaced_service: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def show_pod(name, namespace='default', **kwargs):
@ -481,6 +575,8 @@ def show_pod(name, namespace='default', **kwargs):
'CoreV1Api->read_namespaced_pod: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def show_namespace(name, **kwargs):
@ -506,6 +602,8 @@ def show_namespace(name, **kwargs):
'CoreV1Api->read_namespace: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def show_secret(name, namespace='default', decode=False, **kwargs):
@ -541,6 +639,8 @@ def show_secret(name, namespace='default', decode=False, **kwargs):
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def show_configmap(name, namespace='default', **kwargs):
@ -570,6 +670,8 @@ def show_configmap(name, namespace='default', **kwargs):
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def delete_deployment(name, namespace='default', **kwargs):
@ -601,6 +703,8 @@ def delete_deployment(name, namespace='default', **kwargs):
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def delete_service(name, namespace='default', **kwargs):
@ -630,6 +734,8 @@ def delete_service(name, namespace='default', **kwargs):
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def delete_pod(name, namespace='default', **kwargs):
@ -661,6 +767,8 @@ def delete_pod(name, namespace='default', **kwargs):
'CoreV1Api->delete_namespaced_pod: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def delete_namespace(name, **kwargs):
@ -689,6 +797,8 @@ def delete_namespace(name, **kwargs):
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def delete_secret(name, namespace='default', **kwargs):
@ -720,6 +830,8 @@ def delete_secret(name, namespace='default', **kwargs):
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def delete_configmap(name, namespace='default', **kwargs):
@ -752,6 +864,8 @@ def delete_configmap(name, namespace='default', **kwargs):
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def create_deployment(
@ -796,6 +910,8 @@ def create_deployment(
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def create_pod(
@ -840,6 +956,8 @@ def create_pod(
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def create_service(
@ -883,6 +1001,8 @@ def create_service(
'CoreV1Api->create_namespaced_service: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def create_secret(
@ -928,6 +1048,8 @@ def create_secret(
'CoreV1Api->create_namespaced_secret: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def create_configmap(
@ -969,6 +1091,8 @@ def create_configmap(
'CoreV1Api->create_namespaced_config_map: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def create_namespace(
@ -1003,6 +1127,8 @@ def create_namespace(
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def replace_deployment(name,
@ -1047,6 +1173,8 @@ def replace_deployment(name,
'{0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def replace_service(name,
@ -1096,6 +1224,8 @@ def replace_service(name,
'CoreV1Api->replace_namespaced_service: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def replace_secret(name,
@ -1141,6 +1271,8 @@ def replace_secret(name,
'CoreV1Api->replace_namespaced_secret: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def replace_configmap(name,
@ -1180,6 +1312,8 @@ def replace_configmap(name,
'CoreV1Api->replace_namespaced_configmap: {0}'.format(exc)
)
raise CommandExecutionError(exc)
finally:
_cleanup()
def __create_object_body(kind,