You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@brooklyn.apache.org by ge...@apache.org on 2017/07/06 08:55:45 UTC
[1/4] brooklyn-server git commit: Add configuration to set current
context for kubeconfig
Repository: brooklyn-server
Updated Branches:
refs/heads/master 3dd0bbc38 -> be99f135f
Add configuration to set current context for kubeconfig
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/ff9e87b2
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/ff9e87b2
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/ff9e87b2
Branch: refs/heads/master
Commit: ff9e87b236fea1e65c33346727f2782644a22b55
Parents: 8b91608
Author: Andrew Donald Kennedy <an...@cloudsoftcorp.com>
Authored: Thu Jun 1 14:13:22 2017 +0100
Committer: Andrew Donald Kennedy <an...@cloudsoftcorp.com>
Committed: Thu Jun 29 16:50:43 2017 +0100
----------------------------------------------------------------------
.../location/kubernetes/KubernetesClientRegistryImpl.java | 2 +-
.../location/kubernetes/KubernetesLocationConfig.java | 7 ++++++-
2 files changed, 7 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/ff9e87b2/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
----------------------------------------------------------------------
diff --git a/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java b/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
index c21e1cb..8ac1c64 100644
--- a/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
+++ b/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
@@ -67,7 +67,7 @@ public class KubernetesClientRegistryImpl implements KubernetesClientRegistry {
Path configPath = Paths.get(configFile);
Path configFolder = configPath.normalize().getParent();
Config kubeconfig = KubeConfigUtils.parseConfig(configPath.toFile());
- String currentContext = kubeconfig.getCurrentContext();
+ String currentContext = Optional.fromNullable(conf.get(KubernetesLocationConfig.KUBECONFIG_CONTEXT)).or(kubeconfig.getCurrentContext());
Optional<NamedContext> foundContext = Iterables.tryFind(kubeconfig.getContexts(), c -> c.getName().equals(currentContext));
if (!foundContext.isPresent()) {
throw new IllegalStateException(String.format("Context %s not found", currentContext));
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/ff9e87b2/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesLocationConfig.java
----------------------------------------------------------------------
diff --git a/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesLocationConfig.java b/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesLocationConfig.java
index 8b5886c..0a6a38d 100644
--- a/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesLocationConfig.java
+++ b/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesLocationConfig.java
@@ -38,10 +38,15 @@ public interface KubernetesLocationConfig extends CloudLocationConfig {
ConfigKey<String> KUBECONFIG = ConfigKeys.builder(String.class)
.name("kubeconfig")
- .description("Kubernetes .kubeconfig file to use instead of individual Location configuration keys")
+ .description("Kubernetes .kubeconfig file to use for Location configuration keys")
.constraint(file -> Files.isReadable(Paths.get(file)))
.build();
+ ConfigKey<String> KUBECONFIG_CONTEXT = ConfigKeys.builder(String.class)
+ .name("kubeconfig.context")
+ .description("Kubernetes .kubeconfig context to use for Location configuration")
+ .build();
+
ConfigKey<String> CA_CERT_DATA = ConfigKeys.builder(String.class)
.name("caCertData")
.description("Data for CA certificate")
[2/4] brooklyn-server git commit: Updated oauth token to also accept
from auth provider section
Posted by ge...@apache.org.
Updated oauth token to also accept from auth provider section
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/8b916084
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/8b916084
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/8b916084
Branch: refs/heads/master
Commit: 8b916084cefbf66e18827bb5c4230f6749dfbb4a
Parents: ba90504
Author: Andrew Donald Kennedy <an...@cloudsoftcorp.com>
Authored: Mon Jun 5 17:05:56 2017 +0100
Committer: Andrew Donald Kennedy <an...@cloudsoftcorp.com>
Committed: Thu Jun 29 16:50:43 2017 +0100
----------------------------------------------------------------------
.../kubernetes/KubernetesClientRegistryImpl.java | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/8b916084/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
----------------------------------------------------------------------
diff --git a/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java b/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
index 6563fbf..c21e1cb 100644
--- a/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
+++ b/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
@@ -73,7 +73,7 @@ public class KubernetesClientRegistryImpl implements KubernetesClientRegistry {
throw new IllegalStateException(String.format("Context %s not found", currentContext));
}
Context context = foundContext.get().getContext();
- LOG.warn("Context {} additional properties: {}", currentContext, context.getAdditionalProperties());
+ LOG.debug("Context {} additional properties: {}", currentContext, context.getAdditionalProperties());
configBuilder.withNamespace(context.getNamespace());
String user = context.getUser();
@@ -82,10 +82,16 @@ public class KubernetesClientRegistryImpl implements KubernetesClientRegistry {
throw new IllegalStateException(String.format("Auth info %s not found", user));
}
AuthInfo auth = foundAuthInfo.get().getUser();
- LOG.warn("Auth info {} additional properties: {}", user, auth.getAdditionalProperties());
+ LOG.debug("Auth info {} additional properties: {}", user, auth.getAdditionalProperties());
configBuilder.withUsername(auth.getUsername());
configBuilder.withPassword(auth.getPassword());
- configBuilder.withOauthToken(auth.getToken());
+ if (auth.getToken() == null) {
+ if (auth.getAuthProvider() != null) {
+ configBuilder.withOauthToken(auth.getAuthProvider().getConfig().get("id-token"));
+ }
+ } else {
+ configBuilder.withOauthToken(auth.getToken());
+ }
configBuilder.withClientCertFile(getRelativeFile(auth.getClientCertificate(), configFolder));
configBuilder.withClientCertData(auth.getClientCertificateData());
configBuilder.withClientKeyFile(getRelativeFile(auth.getClientKey(), configFolder));
@@ -102,8 +108,8 @@ public class KubernetesClientRegistryImpl implements KubernetesClientRegistry {
configBuilder.withCaCertData(cluster.getCertificateAuthorityData());
configBuilder.withApiVersion(Optional.fromNullable(cluster.getApiVersion()).or("v1"));
configBuilder.withTrustCerts(Boolean.TRUE.equals(cluster.getInsecureSkipTlsVerify()));
- LOG.warn("Cluster {} server: {}", clusterName, cluster.getServer());
- LOG.warn("Cluster {} additional properties: {}", clusterName, cluster.getAdditionalProperties());
+ LOG.debug("Cluster {} server: {}", clusterName, cluster.getServer());
+ LOG.debug("Cluster {} additional properties: {}", clusterName, cluster.getAdditionalProperties());
} catch (IOException e) {
Exceptions.propagate(e);
}
[3/4] brooklyn-server git commit: Added client configuration for
location via kubeconfig file
Posted by ge...@apache.org.
Added client configuration for location via kubeconfig file
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/ba905048
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/ba905048
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/ba905048
Branch: refs/heads/master
Commit: ba905048204828b669c09fef0f8458241f2a1ad0
Parents: 8643806
Author: Andrew Donald Kennedy <an...@cloudsoftcorp.com>
Authored: Mon May 15 15:25:43 2017 +0100
Committer: Andrew Donald Kennedy <an...@cloudsoftcorp.com>
Committed: Thu Jun 29 16:50:43 2017 +0100
----------------------------------------------------------------------
.../KubernetesClientRegistryImpl.java | 141 +++++++++++++++----
.../kubernetes/KubernetesLocationConfig.java | 8 ++
2 files changed, 118 insertions(+), 31 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/ba905048/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
----------------------------------------------------------------------
diff --git a/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java b/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
index 0d2e184..6563fbf 100644
--- a/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
+++ b/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesClientRegistryImpl.java
@@ -20,58 +20,126 @@ package org.apache.brooklyn.container.location.kubernetes;
import static com.google.common.base.Preconditions.checkNotNull;
+import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
import org.apache.brooklyn.util.core.config.ConfigBag;
+import org.apache.brooklyn.util.exceptions.Exceptions;
import org.apache.brooklyn.util.text.Strings;
import org.apache.brooklyn.util.time.Duration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import com.google.common.base.Optional;
import com.google.common.base.Throwables;
+import com.google.common.collect.Iterables;
import com.google.common.io.BaseEncoding;
+import io.fabric8.kubernetes.api.model.AuthInfo;
+import io.fabric8.kubernetes.api.model.Cluster;
+import io.fabric8.kubernetes.api.model.Config;
+import io.fabric8.kubernetes.api.model.Context;
+import io.fabric8.kubernetes.api.model.NamedAuthInfo;
+import io.fabric8.kubernetes.api.model.NamedCluster;
+import io.fabric8.kubernetes.api.model.NamedContext;
import io.fabric8.kubernetes.client.ConfigBuilder;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
+import io.fabric8.kubernetes.client.internal.KubeConfigUtils;
public class KubernetesClientRegistryImpl implements KubernetesClientRegistry {
+ private static final Logger LOG = LoggerFactory.getLogger(KubernetesClientRegistryImpl.class);
+
public static final KubernetesClientRegistryImpl INSTANCE = new KubernetesClientRegistryImpl();
@Override
public KubernetesClient getKubernetesClient(ConfigBag conf) {
- String masterUrl = checkNotNull(conf.get(KubernetesLocationConfig.MASTER_URL), "master url must not be null");
-
- URL url;
- try {
- url = new URL(masterUrl);
- } catch (MalformedURLException e) {
- throw Throwables.propagate(e);
- }
-
- ConfigBuilder configBuilder = new ConfigBuilder()
- .withMasterUrl(masterUrl)
- .withTrustCerts(false);
-
- if (url.getProtocol().equals("https")) {
- KubernetesCerts certs = new KubernetesCerts(conf);
- if (certs.caCertData.isPresent()) configBuilder.withCaCertData(toBase64Encoding(certs.caCertData.get()));
- if (certs.clientCertData.isPresent()) configBuilder.withClientCertData(toBase64Encoding(certs.clientCertData.get()));
- if (certs.clientKeyData.isPresent()) configBuilder.withClientKeyData(toBase64Encoding(certs.clientKeyData.get()));
- if (certs.clientKeyAlgo.isPresent()) configBuilder.withClientKeyAlgo(certs.clientKeyAlgo.get());
- if (certs.clientKeyPassphrase.isPresent()) configBuilder.withClientKeyPassphrase(certs.clientKeyPassphrase.get());
- // TODO Should we also set configBuilder.withTrustCerts(true) here?
+ ConfigBuilder configBuilder = new ConfigBuilder();
+
+ String configFile = conf.get(KubernetesLocationConfig.KUBECONFIG);
+ if (Strings.isNonBlank(configFile)) {
+ try {
+ Path configPath = Paths.get(configFile);
+ Path configFolder = configPath.normalize().getParent();
+ Config kubeconfig = KubeConfigUtils.parseConfig(configPath.toFile());
+ String currentContext = kubeconfig.getCurrentContext();
+ Optional<NamedContext> foundContext = Iterables.tryFind(kubeconfig.getContexts(), c -> c.getName().equals(currentContext));
+ if (!foundContext.isPresent()) {
+ throw new IllegalStateException(String.format("Context %s not found", currentContext));
+ }
+ Context context = foundContext.get().getContext();
+ LOG.warn("Context {} additional properties: {}", currentContext, context.getAdditionalProperties());
+ configBuilder.withNamespace(context.getNamespace());
+
+ String user = context.getUser();
+ Optional<NamedAuthInfo> foundAuthInfo = Iterables.tryFind(kubeconfig.getUsers(), u -> u.getName().equals(user));
+ if (!foundAuthInfo.isPresent()) {
+ throw new IllegalStateException(String.format("Auth info %s not found", user));
+ }
+ AuthInfo auth = foundAuthInfo.get().getUser();
+ LOG.warn("Auth info {} additional properties: {}", user, auth.getAdditionalProperties());
+ configBuilder.withUsername(auth.getUsername());
+ configBuilder.withPassword(auth.getPassword());
+ configBuilder.withOauthToken(auth.getToken());
+ configBuilder.withClientCertFile(getRelativeFile(auth.getClientCertificate(), configFolder));
+ configBuilder.withClientCertData(auth.getClientCertificateData());
+ configBuilder.withClientKeyFile(getRelativeFile(auth.getClientKey(), configFolder));
+ configBuilder.withClientKeyData(auth.getClientKeyData());
+
+ String clusterName = context.getCluster();
+ Optional<NamedCluster> foundCluster = Iterables.tryFind(kubeconfig.getClusters(), c -> c.getName().equals(clusterName));
+ if (!foundCluster.isPresent()) {
+ throw new IllegalStateException(String.format("Cluster %s not found", clusterName));
+ }
+ Cluster cluster = foundCluster.get().getCluster();
+ configBuilder.withMasterUrl(cluster.getServer());
+ configBuilder.withCaCertFile(getRelativeFile(cluster.getCertificateAuthority(), configFolder));
+ configBuilder.withCaCertData(cluster.getCertificateAuthorityData());
+ configBuilder.withApiVersion(Optional.fromNullable(cluster.getApiVersion()).or("v1"));
+ configBuilder.withTrustCerts(Boolean.TRUE.equals(cluster.getInsecureSkipTlsVerify()));
+ LOG.warn("Cluster {} server: {}", clusterName, cluster.getServer());
+ LOG.warn("Cluster {} additional properties: {}", clusterName, cluster.getAdditionalProperties());
+ } catch (IOException e) {
+ Exceptions.propagate(e);
+ }
+ } else {
+ String masterUrl = checkNotNull(conf.get(KubernetesLocationConfig.MASTER_URL), "master url must not be null");
+
+ URL url;
+ try {
+ url = new URL(masterUrl);
+ } catch (MalformedURLException e) {
+ throw Throwables.propagate(e);
+ }
+
+ configBuilder.withMasterUrl(masterUrl)
+ .withTrustCerts(false);
+
+ if (url.getProtocol().equals("https")) {
+ KubernetesCerts certs = new KubernetesCerts(conf);
+ if (certs.caCertData.isPresent()) configBuilder.withCaCertData(toBase64Encoding(certs.caCertData.get()));
+ if (certs.clientCertData.isPresent()) configBuilder.withClientCertData(toBase64Encoding(certs.clientCertData.get()));
+ if (certs.clientKeyData.isPresent()) configBuilder.withClientKeyData(toBase64Encoding(certs.clientKeyData.get()));
+ if (certs.clientKeyAlgo.isPresent()) configBuilder.withClientKeyAlgo(certs.clientKeyAlgo.get());
+ if (certs.clientKeyPassphrase.isPresent()) configBuilder.withClientKeyPassphrase(certs.clientKeyPassphrase.get());
+ // TODO Should we also set configBuilder.withTrustCerts(true) here?
+ }
+
+ String username = conf.get(KubernetesLocationConfig.ACCESS_IDENTITY);
+ if (Strings.isNonBlank(username)) configBuilder.withUsername(username);
+
+ String password = conf.get(KubernetesLocationConfig.ACCESS_CREDENTIAL);
+ if (Strings.isNonBlank(password)) configBuilder.withPassword(password);
+
+ String token = conf.get(KubernetesLocationConfig.OAUTH_TOKEN);
+ if (Strings.isNonBlank(token)) configBuilder.withOauthToken(token);
}
- String username = conf.get(KubernetesLocationConfig.ACCESS_IDENTITY);
- if (Strings.isNonBlank(username)) configBuilder.withUsername(username);
-
- String password = conf.get(KubernetesLocationConfig.ACCESS_CREDENTIAL);
- if (Strings.isNonBlank(password)) configBuilder.withPassword(password);
-
- String token = conf.get(KubernetesLocationConfig.OAUTH_TOKEN);
- if (Strings.isNonBlank(token)) configBuilder.withOauthToken(token);
-
Duration clientTimeout = conf.get(KubernetesLocationConfig.CLIENT_TIMEOUT);
if (clientTimeout.isPositive()) {
configBuilder.withConnectionTimeout((int) clientTimeout.toMilliseconds());
@@ -90,7 +158,18 @@ public class KubernetesClientRegistryImpl implements KubernetesClientRegistry {
return new DefaultKubernetesClient(configBuilder.build());
}
- private String toBase64Encoding(String val) {
+ protected String toBase64Encoding(String val) {
return BaseEncoding.base64().encode(val.getBytes());
}
+
+ protected String getRelativeFile(String file, Path folder) {
+ if (Strings.isBlank(file)) {
+ return null;
+ }
+ Path path = Paths.get(file);
+ if (!Files.exists(path)) {
+ path = folder.resolve(file);
+ }
+ return path.toString();
+ }
}
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/ba905048/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesLocationConfig.java
----------------------------------------------------------------------
diff --git a/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesLocationConfig.java b/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesLocationConfig.java
index f8b75bf..8b5886c 100644
--- a/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesLocationConfig.java
+++ b/locations/container/src/main/java/org/apache/brooklyn/container/location/kubernetes/KubernetesLocationConfig.java
@@ -18,6 +18,8 @@
*/
package org.apache.brooklyn.container.location.kubernetes;
+import java.nio.file.Files;
+import java.nio.file.Paths;
import java.util.Map;
import org.apache.brooklyn.config.ConfigKey;
@@ -34,6 +36,12 @@ public interface KubernetesLocationConfig extends CloudLocationConfig {
ConfigKey<String> MASTER_URL = LocationConfigKeys.CLOUD_ENDPOINT;
+ ConfigKey<String> KUBECONFIG = ConfigKeys.builder(String.class)
+ .name("kubeconfig")
+ .description("Kubernetes .kubeconfig file to use instead of individual Location configuration keys")
+ .constraint(file -> Files.isReadable(Paths.get(file)))
+ .build();
+
ConfigKey<String> CA_CERT_DATA = ConfigKeys.builder(String.class)
.name("caCertData")
.description("Data for CA certificate")
[4/4] brooklyn-server git commit: Closes #749
Posted by ge...@apache.org.
Closes #749
Allow Kubernetes location configuration using kubeconfig
Adds a config key to the `KubernetesLocation` that accepts a `.kube/config` file location, and uses the contents to configure the location. Makes using provisioned Kubernetes clusters from providers like Bluemix or GKE easier.
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/be99f135
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/be99f135
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/be99f135
Branch: refs/heads/master
Commit: be99f135fe28e93d2cd534731f22289e86e1e89c
Parents: 3dd0bbc ff9e87b
Author: Geoff Macartney <ge...@cloudsoftcorp.com>
Authored: Thu Jul 6 09:55:36 2017 +0100
Committer: Geoff Macartney <ge...@cloudsoftcorp.com>
Committed: Thu Jul 6 09:55:36 2017 +0100
----------------------------------------------------------------------
.../KubernetesClientRegistryImpl.java | 147 +++++++++++++++----
.../kubernetes/KubernetesLocationConfig.java | 13 ++
2 files changed, 129 insertions(+), 31 deletions(-)
----------------------------------------------------------------------