aboutsummaryrefslogtreecommitdiffstats
path: root/moonv4/moon_orchestrator
diff options
context:
space:
mode:
authorThomas Duval <thomas.duval@orange.com>2017-11-06 14:02:18 +0100
committerThomas Duval <thomas.duval@orange.com>2017-11-06 14:06:10 +0100
commit9519d179cda8734fa0890d136c4bd2019bb7ddc4 (patch)
tree48b0c8b882f574e0f93ae5e087878e2700e40c0d /moonv4/moon_orchestrator
parentb372140e577ca5d850875139fde6e36ae0e868d4 (diff)
Fix the bug on the connection between interface and authz.
Change-Id: Iea2f763fb2cfb90250be76d91cb2fe0e9b481716
Diffstat (limited to 'moonv4/moon_orchestrator')
-rw-r--r--moonv4/moon_orchestrator/moon_orchestrator/api/pods.py11
-rw-r--r--moonv4/moon_orchestrator/moon_orchestrator/drivers.py24
-rw-r--r--moonv4/moon_orchestrator/moon_orchestrator/http_server.py37
3 files changed, 49 insertions, 23 deletions
diff --git a/moonv4/moon_orchestrator/moon_orchestrator/api/pods.py b/moonv4/moon_orchestrator/moon_orchestrator/api/pods.py
index a7ca1cbc..c5c5b2c4 100644
--- a/moonv4/moon_orchestrator/moon_orchestrator/api/pods.py
+++ b/moonv4/moon_orchestrator/moon_orchestrator/api/pods.py
@@ -25,6 +25,7 @@ class Pods(Resource):
def __init__(self, **kwargs):
self.driver = kwargs.get("driver")
+ self.create_security_function = kwargs.get("create_security_function_hook")
@check_auth
def get(self, uuid=None, user_id=None):
@@ -72,7 +73,15 @@ class Pods(Resource):
}
}
"""
- return {"pods": None}
+ LOG.info("POST param={}".format(request.json))
+ self.create_security_function(
+ request.json.get("keystone_project_id"),
+ request.json.get("pdp_id"),
+ request.json.get("security_pipeline"),
+ manager_data=request.json,
+ active_context=None,
+ active_context_name=None)
+ return {"pods": self.driver.get_pods(request.json.get("pdp_id"))}
@check_auth
def delete(self, uuid=None, user_id=None):
diff --git a/moonv4/moon_orchestrator/moon_orchestrator/drivers.py b/moonv4/moon_orchestrator/moon_orchestrator/drivers.py
index 63631c00..63ca8f3c 100644
--- a/moonv4/moon_orchestrator/moon_orchestrator/drivers.py
+++ b/moonv4/moon_orchestrator/moon_orchestrator/drivers.py
@@ -8,14 +8,14 @@ import logging
import urllib3.exceptions
from moon_utilities import configuration
-logger = logging.getLogger("moon.orchestrator.drivers")
+LOG = logging.getLogger("moon.orchestrator.drivers")
def get_driver():
try:
return K8S()
except urllib3.exceptions.MaxRetryError as e:
- logger.exception(e)
+ LOG.exception(e)
return Docker()
@@ -60,12 +60,12 @@ class K8S(Driver):
if name:
pods = self.client.list_pod_for_all_namespaces(watch=False)
for pod in pods.items:
- logger.info("get_pods {}".format(pod.metadata.name))
+ LOG.info("get_pods {}".format(pod.metadata.name))
if name in pod.metadata.name:
return pod
else:
return None
- logger.info("get_pods cache={}".format(self.cache))
+ LOG.info("get_pods cache={}".format(self.cache))
return self.cache
@staticmethod
@@ -101,7 +101,7 @@ class K8S(Driver):
{'name': "TYPE", "value": _data.get('genre', "None")},
{'name': "PORT", "value": str(_data.get('port', 80))},
{'name': "PDP_ID", "value": _data.get('pdp_id', "None")},
- {'name': "META_RULE_ID", "value": "None"},
+ {'name': "META_RULE_ID", "value": _data.get('meta_rule_id', "None")},
{'name': "KEYSTONE_PROJECT_ID",
"value": _data.get('keystone_project_id', "None")},
]
@@ -109,7 +109,7 @@ class K8S(Driver):
)
resp = client.create_namespaced_deployment(body=pod_manifest,
namespace='moon')
- logger.info("Pod {} created!".format(data[0].get('name')))
+ LOG.info("Pod {} created!".format(data[0].get('name')))
# logger.info(yaml.dump(pod_manifest, sys.stdout))
# logger.info(resp)
return resp
@@ -131,7 +131,7 @@ class K8S(Driver):
'selector': {
'app': data.get('name')
},
- 'type': 'NodePort',
+ # 'type': 'NodePort',
'endpoints': [{
'port': data.get('port', 80),
'protocol': 'TCP',
@@ -144,7 +144,7 @@ class K8S(Driver):
service_manifest['spec']['type'] = "NodePort"
resp = client.create_namespaced_service(namespace="moon",
body=service_manifest)
- logger.info("Service {} created!".format(data.get('name')))
+ LOG.info("Service {} created!".format(data.get('name')))
return resp
def load_pod(self, data, api_client=None, ext_client=None, expose=False):
@@ -152,12 +152,12 @@ class K8S(Driver):
pod = self.__create_pod(client=ext_client, data=data)
service = self.__create_service(client=_client, data=data[0],
expose=expose)
- # logger.info("load_poad data={}".format(data))
+ # logger.info("load_pod data={}".format(data))
# logger.info("pod.metadata.uid={}".format(pod.metadata.uid))
self.cache[pod.metadata.uid] = data
def delete_pod(self, uuid=None, name=None):
- logger.info("Deleting pod {}".format(uuid))
+ LOG.info("Deleting pod {}".format(uuid))
# TODO: delete_namespaced_deployment
# https://github.com/kubernetes-incubator/client-python/blob/master/kubernetes/client/apis/extensions_v1beta1_api.py
@@ -169,9 +169,9 @@ class K8S(Driver):
class Docker(Driver):
def load_pod(self, data, api_client=None, ext_client=None):
- logger.info("Creating pod {}".format(data[0].get('name')))
+ LOG.info("Creating pod {}".format(data[0].get('name')))
raise NotImplementedError
def delete_pod(self, uuid=None, name=None):
- logger.info("Deleting pod {}".format(uuid))
+ LOG.info("Deleting pod {}".format(uuid))
raise NotImplementedError
diff --git a/moonv4/moon_orchestrator/moon_orchestrator/http_server.py b/moonv4/moon_orchestrator/moon_orchestrator/http_server.py
index 70c5e2d2..c9816f5b 100644
--- a/moonv4/moon_orchestrator/moon_orchestrator/http_server.py
+++ b/moonv4/moon_orchestrator/moon_orchestrator/http_server.py
@@ -154,6 +154,8 @@ class HTTPServer(Server):
self.api.add_resource(Pods, *Pods.__urls__,
resource_class_kwargs={
"driver": self.driver,
+ "create_security_function_hook":
+ self.create_security_function,
})
def run(self):
@@ -190,7 +192,8 @@ class HTTPServer(Server):
LOG.debug('wrapper pod={}'.format(pod))
def create_security_function(self, keystone_project_id,
- pdp_id, policy_ids, active_context=None,
+ pdp_id, policy_ids, manager_data={},
+ active_context=None,
active_context_name=None):
""" Create security functions
@@ -203,13 +206,14 @@ class HTTPServer(Server):
security function in all context (ie, in all slaves)
:return: None
"""
- LOG.debug(self.driver.get_pods())
+ # LOG.info(self.driver.get_pods())
for key, value in self.driver.get_pods().items():
for _pod in value:
if _pod.get('keystone_project_id') == keystone_project_id:
LOG.warning("A pod for this Keystone project {} "
"already exists.".format(keystone_project_id))
return
+
plugins = configuration.get_plugins()
conf = configuration.get_configuration("components/interface")
i_hostname = conf["components/interface"].get("hostname", "interface")
@@ -228,12 +232,21 @@ class HTTPServer(Server):
"namespace": "moon"
},
]
- policies = requests.get("http://{}:{}/policies".format(
- self.manager_hostname, self.manager_port)).json().get(
- "policies", dict())
- models = requests.get("http://{}:{}/models".format(
- self.manager_hostname, self.manager_port)).json().get(
- "models", dict())
+ LOG.info("data={}".format(data))
+ policies = manager_data.get('policies')
+ if not policies:
+ LOG.info("No policy data from Manager, trying to get them")
+ policies = requests.get("http://{}:{}/policies".format(
+ self.manager_hostname, self.manager_port)).json().get(
+ "policies", dict())
+ LOG.info("policies={}".format(policies))
+ models = manager_data.get('models')
+ if not models:
+ LOG.info("No models data from Manager, trying to get them")
+ models = requests.get("http://{}:{}/models".format(
+ self.manager_hostname, self.manager_port)).json().get(
+ "models", dict())
+ LOG.info("models={}".format(models))
for policy_id in policy_ids:
if policy_id in policies:
@@ -251,7 +264,10 @@ class HTTPServer(Server):
'keystone_project_id': keystone_project_id,
"namespace": "moon"
})
+ LOG.info("data={}".format(data))
contexts, _active_context = self.driver.get_slaves()
+ LOG.info("active_context_name={}".format(active_context_name))
+ LOG.info("active_context={}".format(active_context))
if active_context_name:
for _context in contexts:
if _context["name"] == active_context_name:
@@ -264,13 +280,14 @@ class HTTPServer(Server):
LOG.debug("_config={}".format(_config))
api_client = client.CoreV1Api(_config)
ext_client = client.ExtensionsV1beta1Api(_config)
- self.driver.load_pod(data, api_client, ext_client)
+ self.driver.load_pod(data, api_client, ext_client, expose=False)
return
+ LOG.info("contexts={}".format(contexts))
for _ctx in contexts:
_config = config.new_client_from_config(context=_ctx['name'])
LOG.debug("_config={}".format(_config))
api_client = client.CoreV1Api(_config)
ext_client = client.ExtensionsV1beta1Api(_config)
- self.driver.load_pod(data, api_client, ext_client)
+ self.driver.load_pod(data, api_client, ext_client, expose=False)