diff options
Diffstat (limited to 'old/moon_orchestrator/moon_orchestrator')
9 files changed, 1022 insertions, 0 deletions
diff --git a/old/moon_orchestrator/moon_orchestrator/__init__.py b/old/moon_orchestrator/moon_orchestrator/__init__.py new file mode 100644 index 00000000..31d40184 --- /dev/null +++ b/old/moon_orchestrator/moon_orchestrator/__init__.py @@ -0,0 +1,6 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +__version__ = "4.4.3" diff --git a/old/moon_orchestrator/moon_orchestrator/__main__.py b/old/moon_orchestrator/moon_orchestrator/__main__.py new file mode 100644 index 00000000..df051f26 --- /dev/null +++ b/old/moon_orchestrator/moon_orchestrator/__main__.py @@ -0,0 +1,4 @@ +from moon_orchestrator.server import create_server + +server = create_server() +server.run() diff --git a/old/moon_orchestrator/moon_orchestrator/api/__init__.py b/old/moon_orchestrator/moon_orchestrator/api/__init__.py new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/old/moon_orchestrator/moon_orchestrator/api/__init__.py diff --git a/old/moon_orchestrator/moon_orchestrator/api/generic.py b/old/moon_orchestrator/moon_orchestrator/api/generic.py new file mode 100644 index 00000000..9128140a --- /dev/null +++ b/old/moon_orchestrator/moon_orchestrator/api/generic.py @@ -0,0 +1,99 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. +""" +Those API are helping API used to manage the Moon platform. +""" + +from flask_restful import Resource, request +import logging +import moon_orchestrator.api +from python_moonutilities.security_functions import check_auth + +__version__ = "4.3.1" + +logger = logging.getLogger("moon.orchestrator.api." + __name__) + + +class Status(Resource): + """ + Endpoint for status requests + """ + + __urls__ = ("/status", "/status/", "/status/<string:component_id>") + + def get(self, component_id=None): + """Retrieve status of all components + + :return: { + "orchestrator": { + "status": "Running" + }, + "security_router": { + "status": "Running" + } + } + """ + raise NotImplemented + + +class API(Resource): + """ + Endpoint for API requests + """ + + __urls__ = ( + "/api", + "/api/", + "/api/<string:group_id>", + "/api/<string:group_id>/", + "/api/<string:group_id>/<string:endpoint_id>") + + @check_auth + def get(self, group_id="", endpoint_id="", user_id=""): + """Retrieve all API endpoints or a specific endpoint if endpoint_id is given + + :param group_id: the name of one existing group (ie generic, ...) + :param endpoint_id: the name of one existing component (ie Logs, Status, ...) + :return: { + "group_name": { + "endpoint_name": { + "description": "a description", + "methods": { + "get": "description of the HTTP method" + }, + "urls": ('/api', '/api/', '/api/<string:endpoint_id>') + } + } + """ + __methods = ("get", "post", "put", "delete", "options", "patch") + api_list = filter(lambda x: "__" not in x, dir(moon_orchestrator.api)) + api_desc = dict() + for api_name in api_list: + api_desc[api_name] = {} + group_api_obj = eval("moon_interface.api.{}".format(api_name)) + api_desc[api_name]["description"] = group_api_obj.__doc__ + if "__version__" in dir(group_api_obj): + api_desc[api_name]["version"] = group_api_obj.__version__ + object_list = list(filter(lambda x: "__" not in x, dir(group_api_obj))) + for obj in map(lambda x: eval("moon_interface.api.{}.{}".format(api_name, x)), + object_list): + if "__urls__" in dir(obj): + api_desc[api_name][obj.__name__] = dict() + api_desc[api_name][obj.__name__]["urls"] = obj.__urls__ + api_desc[api_name][obj.__name__]["methods"] = dict() + for _method in filter(lambda x: x in __methods, dir(obj)): + docstring = eval( + "moon_interface.api.{}.{}.{}.__doc__".format(api_name, obj.__name__, + _method)) + api_desc[api_name][obj.__name__]["methods"][_method] = docstring + api_desc[api_name][obj.__name__]["description"] = str(obj.__doc__) + if group_id in api_desc: + if endpoint_id in api_desc[group_id]: + return {group_id: {endpoint_id: api_desc[group_id][endpoint_id]}} + elif len(endpoint_id) > 0: + logger.error("Unknown endpoint_id {}".format(endpoint_id)) + return {"error": "Unknown endpoint_id {}".format(endpoint_id)} + return {group_id: api_desc[group_id]} + return api_desc diff --git a/old/moon_orchestrator/moon_orchestrator/api/pods.py b/old/moon_orchestrator/moon_orchestrator/api/pods.py new file mode 100644 index 00000000..8943e018 --- /dev/null +++ b/old/moon_orchestrator/moon_orchestrator/api/pods.py @@ -0,0 +1,174 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +from flask import request +from flask_restful import Resource +from python_moonutilities.security_functions import check_auth +from python_moonutilities import exceptions +import logging + +logger = logging.getLogger("moon.orchestrator.api.pods") + + +class Pods(Resource): + """ + Endpoint for pdp requests + """ + + __version__ = "4.3.1" + POD_TYPES = ("authz", "wrapper") + + __urls__ = ( + "/pods", + "/pods/", + "/pods/<string:uuid>", + "/pods/<string:uuid>/", + ) + + def __init__(self, **kwargs): + self.driver = kwargs.get("driver") + + @check_auth + def get(self, uuid=None, user_id=None): + """Retrieve all pods + + :param uuid: uuid of the pod + :param user_id: user ID who do the request + :return: { + "pod_id1": { + "name": "...", + "replicas": "...", + "description": "...", + } + } + :internal_api: get_pdp + """ + pods = {} + try: + if uuid: + return {"pods": self.driver.get_pods(uuid)} + for _pod_key, _pod_values in self.driver.get_pods().items(): + pods[_pod_key] = [] + for _pod_value in _pod_values: + if "namespace" in _pod_value and _pod_value['namespace'] != "moon": + continue + pods[_pod_key].append(_pod_value) + return {"pods": pods} + except Exception as e: + return {"result": False, "message": str(e)}, 500 + + def __validate_pod_with_keystone_pid(self, keystone_pid): + for pod_key, pod_values in self.driver.get_pods().items(): + if pod_values and "keystone_project_id" in pod_values[0] \ + and pod_values[0]['keystone_project_id'] == keystone_pid: + return True + + def __is_slave_exist(self, slave_name): + for slave in self.driver.get_slaves(): + if "name" in slave and "configured" in slave \ + and slave_name == slave["name"] and slave["configured"]: + return True + + def __get_slave_names(self): + for slave in self.driver.get_slaves(): + if "name" in slave: + yield slave["name"] + + @check_auth + def post(self, uuid=None, user_id=None): + """Create a new pod. + + :param uuid: uuid of the pod (not used here) + :param user_id: user ID who do the request + :request body: { + "pdp_id": "fa2323f7055d4a88b1b85d31fe5e8369", + "name": "pdp_rbac3", + "keystone_project_id": "ceacbb5564cc48ad929dd4f00e52bf63", + "models": {...}, + "policies": {...}, + "description": "test", + "security_pipeline": [...], + "slave_name": "" + } + :return: { + "pdp_id1": { + "name": "...", + "replicas": "...", + "description": "...", + } + } + """ + if "security_pipeline" in request.json: + if self.__validate_pod_with_keystone_pid(request.json.get("keystone_project_id")): + raise exceptions.PipelineConflict + if not request.json.get("pdp_id"): + raise exceptions.PdpUnknown + if not request.json.get("security_pipeline"): + raise exceptions.PolicyUnknown + self.driver.create_pipeline( + request.json.get("keystone_project_id"), + request.json.get("pdp_id"), + request.json.get("security_pipeline"), + manager_data=request.json, + slave_name=request.json.get("slave_name")) + else: + logger.info("------------------------------------") + logger.info(list(self.__get_slave_names())) + logger.info("------------------------------------") + if self.__is_slave_exist(request.json.get("slave_name")): + raise exceptions.WrapperConflict + if request.json.get("slave_name") not in self.__get_slave_names(): + raise exceptions.SlaveNameUnknown + slave_name = request.json.get("slave_name") + if not slave_name: + slave_name = self.driver.get_slaves(active=True) + self.driver.create_wrappers(slave_name) + return {"pods": self.driver.get_pods()} + + @check_auth + def delete(self, uuid=None, user_id=None): + """Delete a pod + + :param uuid: uuid of the pod to delete + :param user_id: user ID who do the request + :return: { + "result": "True or False", + "message": "optional message" + } + """ + try: + self.driver.delete_pipeline(uuid) + return {'result': True} + except exceptions.PipelineUnknown: + for slave in self.driver.get_slaves(): + if "name" in slave and "wrapper_name" in slave: + if uuid in (slave['name'], slave["wrapper_name"]): + self.driver.delete_wrapper(name=slave["wrapper_name"]) + else: + raise exceptions.SlaveNameUnknown + except Exception as e: + return {"result": False, "message": str(e)}, 500 + + # @check_auth + # def patch(self, uuid=None, user_id=None): + # """Update a pod + # + # :param uuid: uuid of the pdp to update + # :param user_id: user ID who do the request + # :request body: { + # "name": "...", + # "replicas": "...", + # "description": "...", + # } + # :return: { + # "pod_id1": { + # "name": "...", + # "replicas": "...", + # "description": "...", + # } + # } + # :internal_api: update_pdp + # """ + # return {"pods": None} diff --git a/old/moon_orchestrator/moon_orchestrator/api/slaves.py b/old/moon_orchestrator/moon_orchestrator/api/slaves.py new file mode 100644 index 00000000..7453d305 --- /dev/null +++ b/old/moon_orchestrator/moon_orchestrator/api/slaves.py @@ -0,0 +1,46 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +from flask import request +from flask_restful import Resource +from python_moonutilities.security_functions import check_auth +import logging + +logger = logging.getLogger("moon.orchestrator.api.slaves") + + +class Slaves(Resource): + """ + Endpoint for slaves requests + """ + + __version__ = "4.3.1" + + __urls__ = ( + "/slaves", + "/slaves/", + "/slaves/<string:uuid>", + "/slaves/<string:uuid>/", + ) + + def __init__(self, **kwargs): + self.driver = kwargs.get("driver") + + @check_auth + def get(self, uuid=None, user_id=None): + """Retrieve all pods + + :param uuid: uuid of the pod + :param user_id: user ID who do the request + :return: { + "pod_id1": { + "name": "...", + "replicas": "...", + "description": "...", + } + } + """ + slaves = self.driver.get_slaves() + return {"slaves": slaves} diff --git a/old/moon_orchestrator/moon_orchestrator/drivers.py b/old/moon_orchestrator/moon_orchestrator/drivers.py new file mode 100644 index 00000000..233d389e --- /dev/null +++ b/old/moon_orchestrator/moon_orchestrator/drivers.py @@ -0,0 +1,487 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +from kubernetes import client, config +import logging +import requests +import urllib3.exceptions +from python_moonutilities import configuration, exceptions +from python_moonutilities.misc import get_random_name + +logger = logging.getLogger("moon.orchestrator.drivers") + + +def get_driver(): + try: + return K8S() + except urllib3.exceptions.MaxRetryError as e: + logger.exception(e) + return Docker() + + +class Driver: + + def __init__(self): + self.cache = {} + # example of cache: + # { + # "uuid_of_pod": { + # "ip": "", + # "hostname": "", + # "port": 30001, + # "pdp": "", + # "keystone_project_id": "", + # "plugin_name": "", + # "namespace": "" + # } + # } + + def get_slaves(self): + raise NotImplementedError + + def create_wrappers(self): + raise NotImplementedError + + def delete_wrapper(self, name): + raise NotImplementedError + + def create_pipeline(self, keystone_project_id, + pdp_id, policy_ids, manager_data=None, + active_context=None, + active_context_name=None): + raise NotImplementedError + + def delete_pipeline(self, uuid=None, name=None, namespace="moon", + active_context=None, + active_context_name=None): + raise NotImplementedError + + +class K8S(Driver): + + def __init__(self): + super(K8S, self).__init__() + config.load_kube_config() + self.client = client.CoreV1Api() + conf = configuration.get_configuration("components/orchestrator") + self.orchestrator_hostname = conf["components/orchestrator"].get("hostname", "orchestrator") + self.orchestrator_port = conf["components/orchestrator"].get("port", 80) + conf = configuration.get_configuration("components/manager") + self.manager_hostname = conf["components/manager"].get("hostname", "manager") + self.manager_port = conf["components/manager"].get("port", 80) + + def get_pods(self, name=None): + if name: + pods = self.client.list_pod_for_all_namespaces(watch=False) + for pod in pods.items: + logger.debug("get_pods {}".format(pod.metadata.name)) + if name in pod.metadata.name: + return pod + else: + return None + logger.debug("get_pods cache={}".format(self.cache)) + return self.cache + + @staticmethod + def __create_deployment(client, data): + pod_manifest = { + 'apiVersion': 'extensions/v1beta1', + 'kind': 'Deployment', + 'metadata': { + 'name': data[0].get('name') + }, + 'spec': { + 'replicas': 1, + 'template': { + 'metadata': {'labels': {'app': data[0].get('name')}}, + 'hostname': data[0].get('name'), + 'spec': { + 'containers': [] + } + }, + } + } + for _data in data: + pod_manifest['spec']['template']['spec']['containers'].append( + { + 'image': _data.get('container', "busybox"), + 'name': _data.get('name'), + 'hostname': _data.get('name'), + 'ports': [ + {"containerPort": _data.get('port', 80)}, + ], + 'env': [ + {'name': "UUID", "value": _data.get('name', "None")}, + {'name': "TYPE", "value": _data.get('genre', "None")}, + {'name': "PORT", "value": str(_data.get('port', 80))}, + {'name': "PDP_ID", "value": _data.get('pdp_id', "None")}, + {'name': "META_RULE_ID", "value": _data.get('meta_rule_id', "None")}, + {'name': "KEYSTONE_PROJECT_ID", + "value": _data.get('keystone_project_id', "None")}, + ] + } + ) + resp = client.create_namespaced_deployment(body=pod_manifest, + namespace='moon') + logger.info("Pod {} created!".format(data[0].get('name'))) + return resp + + @staticmethod + def __create_service(client, data, expose=False): + service_manifest = { + 'apiVersion': 'v1', + 'kind': 'Service', + 'metadata': { + 'name': data.get('name'), + 'namespace': 'moon' + }, + 'spec': { + 'ports': [{ + 'port': data.get('port', 80), + 'targetPort': data.get('port', 80) + }], + 'selector': { + 'app': data.get('name') + }, + # 'type': 'NodePort', + 'endpoints': [{ + 'port': data.get('port', 80), + 'protocol': 'TCP', + }], + } + } + if expose: + service_manifest['spec']['ports'][0]['nodePort'] = \ + configuration.increment_port() + service_manifest['spec']['type'] = "NodePort" + resp = client.create_namespaced_service(namespace="moon", + body=service_manifest) + logger.info("Service {} created!".format(data.get('name'))) + return service_manifest + + def load_deployment_and_service(self, data, api_client=None, ext_client=None, expose=False): + _client = api_client if api_client else self.client + manifest = self.__create_service(client=_client, data=data[0], + expose=expose) + data[0]["external_port"] = manifest['spec']['ports'][0].get('nodePort') + pod = self.__create_deployment(client=ext_client, data=data) + self.cache[pod.metadata.uid] = data + + def delete_deployment(self, name=None, namespace="moon", ext_client=None): + logger.info("Deleting deployment {}".format(name)) + body = client.V1DeleteOptions(propagation_policy='Foreground') + ret = ext_client.delete_namespaced_deployment( + name=name, + namespace=namespace, + body=body + ) + logger.debug(ret) + _uid = None + for uid, value in self.cache.items(): + if value[0]['name'] == name: + _uid = uid + break + if _uid: + self.cache.pop(_uid) + else: + raise exceptions.DockerError("Cannot find and delete pod named {}".format(name)) + + def delete_service(self, name, namespace="moon", api_client=None): + if not api_client: + api_client = self.client + ret = api_client.delete_namespaced_service(name=name, namespace=namespace) + logger.debug("delete_service {}".format(ret)) + + def get_slaves(self, active=False): + contexts, active_context = self.get_contexts() + pods = self.get_pods() + # logger.info("pods = {}".format(pods)) + slaves = [] + if active: + for key, value in pods.items(): + # logger.info("ctx={}".format(active_context)) + # logger.info("value={}".format(value)) + if "name" in active_context and value and "name" in value[0]: + if active_context["name"] == value[0].get('slave_name'): + data = dict(active_context) + data["wrapper_name"] = value[0]['name'] + data["ip"] = value[0].get("ip", "NC") + data["port"] = value[0].get("external_port", "NC") + data["internal_port"] = value[0].get("port", "NC") + slaves.append(data) + break + return slaves + for ctx in contexts: + data = dict(ctx) + data["configured"] = False + for key, value in pods.items(): + # logger.info("ctx={}".format(ctx)) + # logger.info("value={}".format(value)) + if "name" in ctx and value and "name" in value[0]: + if ctx["name"] == value[0].get('slave_name'): + data["wrapper_name"] = value[0]['name'] + data["ip"] = value[0].get("ip", "NC") + data["port"] = value[0].get("external_port", "NC") + data["internal_port"] = value[0].get("port", "NC") + data["configured"] = True + break + slaves.append(data) + return slaves + + @staticmethod + def get_contexts(): + contexts, active_context = config.list_kube_config_contexts() + return contexts, active_context + + def create_wrappers(self, slave_name=None): + contexts, active_context = self.get_contexts() + logger.debug("contexts: {}".format(contexts)) + logger.debug("active_context: {}".format(active_context)) + conf = configuration.get_configuration("components/wrapper") + hostname = conf["components/wrapper"].get( + "hostname", "wrapper") + port = conf["components/wrapper"].get("port", 80) + container = conf["components/wrapper"].get( + "container", + "wukongsun/moon_wrapper:v4.3") + for _ctx in contexts: + if slave_name and slave_name != _ctx['name']: + continue + _config = config.new_client_from_config(context=_ctx['name']) + logger.debug("_config={}".format(_config)) + api_client = client.CoreV1Api(_config) + ext_client = client.ExtensionsV1beta1Api(_config) + data = [{ + "name": hostname + "-" + get_random_name(), + "container": container, + "port": port, + "namespace": "moon", + "slave_name": _ctx['name'] + }, ] + self.load_deployment_and_service(data, api_client, ext_client, expose=True) + + def delete_wrapper(self, uuid=None, name=None, namespace="moon", + active_context=None, + active_context_name=None): + name_to_delete = None + if uuid and uuid in self.get_pods(): + name_to_delete = self.get_pods()[uuid][0]['name'] + elif name: + for pod_key, pod_list in self.get_pods().items(): + for pod_value in pod_list: + if pod_value.get("name") == name: + name_to_delete = pod_value.get("name") + break + if not name_to_delete: + raise exceptions.WrapperUnknown + contexts, _active_context = self.get_contexts() + if active_context_name: + for _context in contexts: + if _context["name"] == active_context_name: + active_context = _context + break + if active_context: + active_context = _active_context + _config = config.new_client_from_config( + context=active_context['name']) + logger.debug("_config={}".format(_config)) + api_client = client.CoreV1Api(_config) + ext_client = client.ExtensionsV1beta1Api(_config) + self.delete_deployment(name=name_to_delete, namespace=namespace, + ext_client=ext_client) + self.delete_service(name=name_to_delete, api_client=api_client) + return + logger.debug("contexts={}".format(contexts)) + for _ctx in contexts: + _config = config.new_client_from_config(context=_ctx['name']) + logger.debug("_config={}".format(_config)) + api_client = client.CoreV1Api(_config) + ext_client = client.ExtensionsV1beta1Api(_config) + self.delete_deployment(name=name_to_delete, namespace=namespace, + ext_client=ext_client) + self.delete_service(name=name_to_delete, api_client=api_client) + + def create_pipeline(self, keystone_project_id, + pdp_id, policy_ids, manager_data=None, + active_context=None, + slave_name=None): + """ Create security functions + + :param keystone_project_id: the Keystone project id + :param pdp_id: the PDP ID mapped to this pipeline + :param policy_ids: the policy IDs mapped to this pipeline + :param manager_data: data needed to create pods + :param active_context: if present, add the security function in this + context + :param slave_name: if present, add the security function in + this context name + if active_context_name and active_context are not present, add the + security function in all context (ie, in all slaves) + :return: None + """ + if not manager_data: + manager_data = dict() + for key, value in self.get_pods().items(): + for _pod in value: + if _pod.get('keystone_project_id') == keystone_project_id: + logger.warning("A pod for this Keystone project {} " + "already exists.".format(keystone_project_id)) + return + + plugins = configuration.get_plugins() + conf = configuration.get_configuration("components/pipeline") + # i_hostname = conf["components/pipeline"].get("interface").get("hostname", "interface") + i_port = conf["components/pipeline"].get("interface").get("port", 80) + i_container = conf["components/pipeline"].get("interface").get( + "container", + "wukongsun/moon_interface:v4.3") + data = [ + { + "name": "pipeline-" + get_random_name(), + "container": i_container, + "port": i_port, + 'pdp_id': pdp_id, + 'genre': "interface", + 'keystone_project_id': keystone_project_id, + "namespace": "moon" + }, + ] + logger.debug("data={}".format(data)) + # When policies and models are empty, is it right that it returns 200 ? + # Should it return no found policies or models ? + policies = manager_data.get('policies') + if not policies: + logger.info("No policy data from Manager, trying to get them") + policies = requests.get("http://{}:{}/policies".format( + self.manager_hostname, self.manager_port)).json().get( + "policies", dict()) + logger.debug("policies={}".format(policies)) + models = manager_data.get('models') + if not models: + logger.info("No models data from Manager, trying to get them") + models = requests.get("http://{}:{}/models".format( + self.manager_hostname, self.manager_port)).json().get( + "models", dict()) + logger.debug("models={}".format(models)) + + if not policy_ids: + raise exceptions.PolicyUnknown + for policy_id in policy_ids: + if policy_id in policies: + genre = policies[policy_id].get("genre", "authz") + if genre in plugins: + for meta_rule in models[policies[policy_id]['model_id']]['meta_rules']: + data.append({ + "name": genre + "-" + get_random_name(), + "container": plugins[genre]['container'], + 'pdp_id': pdp_id, + "port": plugins[genre].get('port', 8080), + 'genre': genre, + 'policy_id': policy_id, + 'meta_rule_id': meta_rule, + 'keystone_project_id': keystone_project_id, + "namespace": "moon" + }) + logger.debug("data={}".format(data)) + contexts, _active_context = self.get_contexts() + logger.debug("active_context_name={}".format(slave_name)) + logger.debug("active_context={}".format(active_context)) + if slave_name: + for _context in contexts: + if _context["name"] == slave_name: + active_context = _context + break + if active_context: + active_context = _active_context + _config = config.new_client_from_config( + context=active_context['name']) + logger.debug("_config={}".format(_config)) + api_client = client.CoreV1Api(_config) + ext_client = client.ExtensionsV1beta1Api(_config) + self.load_deployment_and_service(data, api_client, ext_client, expose=False) + return + logger.debug("contexts={}".format(contexts)) + for _ctx in contexts: + if slave_name and slave_name != _ctx['name']: + continue + _config = config.new_client_from_config(context=_ctx['name']) + logger.debug("_config={}".format(_config)) + api_client = client.CoreV1Api(_config) + ext_client = client.ExtensionsV1beta1Api(_config) + self.load_deployment_and_service(data, api_client, ext_client, expose=False) + + def delete_pipeline(self, uuid=None, name=None, namespace="moon", + active_context=None, + active_context_name=None): + """Delete a pipeline + + :param uuid: + :param name: + :param namespace: + :param active_context: + :param active_context_name: + :return: + """ + name_to_delete = None + if uuid and uuid in self.get_pods(): + name_to_delete = self.get_pods()[uuid][0]['name'] + elif name: + for pod_key, pod_list in self.get_pods().items(): + for pod_value in pod_list: + if pod_value.get("name") == name: + name_to_delete = pod_value.get("name") + break + if not name_to_delete: + raise exceptions.PipelineUnknown + logger.info("Will delete deployment and service named {}".format(name_to_delete)) + contexts, _active_context = self.get_contexts() + if active_context_name: + for _context in contexts: + if _context["name"] == active_context_name: + active_context = _context + break + if active_context: + active_context = _active_context + _config = config.new_client_from_config( + context=active_context['name']) + logger.debug("_config={}".format(_config)) + api_client = client.CoreV1Api(_config) + ext_client = client.ExtensionsV1beta1Api(_config) + self.delete_deployment(name=name_to_delete, namespace=namespace, + ext_client=ext_client) + self.delete_service(name=name_to_delete, api_client=api_client) + return + logger.debug("contexts={}".format(contexts)) + for _ctx in contexts: + _config = config.new_client_from_config(context=_ctx['name']) + logger.debug("_config={}".format(_config)) + api_client = client.CoreV1Api(_config) + ext_client = client.ExtensionsV1beta1Api(_config) + self.delete_deployment(name=name_to_delete, namespace=namespace, + ext_client=ext_client) + self.delete_service(name=name_to_delete, api_client=api_client) + + +class Docker(Driver): + + def get_slaves(self): + raise NotImplementedError + + def create_wrappers(self): + raise NotImplementedError + + def delete_wrapper(self, name): + raise NotImplementedError + + def create_pipeline(self, keystone_project_id, + pdp_id, policy_ids, manager_data=None, + active_context=None, + active_context_name=None): + raise NotImplementedError + + def delete_pipeline(self, uuid=None, name=None, namespace="moon", + active_context=None, + active_context_name=None): + raise NotImplementedError diff --git a/old/moon_orchestrator/moon_orchestrator/http_server.py b/old/moon_orchestrator/moon_orchestrator/http_server.py new file mode 100644 index 00000000..72e12358 --- /dev/null +++ b/old/moon_orchestrator/moon_orchestrator/http_server.py @@ -0,0 +1,167 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +from flask import Flask, jsonify +from flask_restful import Resource, Api +import logging +import requests +import time +from moon_orchestrator import __version__ +from moon_orchestrator.api.pods import Pods +from moon_orchestrator.api.slaves import Slaves +from moon_orchestrator.api.generic import Status +from moon_orchestrator.drivers import get_driver +from python_moonutilities import configuration, exceptions + +logger = logging.getLogger("moon.orchestrator.http_server") + +__API__ = ( + Status, +) + + +class Server: + """Base class for HTTP server""" + + def __init__(self, host="localhost", port=80, api=None, **kwargs): + """Run a server + + :param host: hostname of the server + :param port: port for the running server + :param kwargs: optional parameters + :return: a running server + """ + self._host = host + self._port = port + self._api = api + self._extra = kwargs + + @property + def host(self): + return self._host + + @host.setter + def host(self, name): + self._host = name + + @host.deleter + def host(self): + self._host = "" + + @property + def port(self): + return self._port + + @port.setter + def port(self, number): + self._port = number + + @port.deleter + def port(self): + self._port = 80 + + def run(self): + raise NotImplementedError() + + +class Root(Resource): + """ + The root of the web service + """ + __urls__ = ("/",) + __methods = ("get", "post", "put", "delete", "options") + + def get(self): + tree = {"/": {"methods": ("get",), "description": "List all methods for that service."}} + for item in __API__: + tree[item.__name__] = {"urls": item.__urls__} + _methods = [] + for _method in self.__methods: + if _method in dir(item): + _methods.append(_method) + tree[item.__name__]["methods"] = _methods + tree[item.__name__]["description"] = item.__doc__.strip() + return { + "version": __version__, + "tree": tree + } + + +class HTTPServer(Server): + + def __init__(self, host="localhost", port=80, **kwargs): + super(HTTPServer, self).__init__(host=host, port=port, **kwargs) + self.app = Flask(__name__) + conf = configuration.get_configuration("components/orchestrator") + self.orchestrator_hostname = conf["components/orchestrator"].get("hostname", "orchestrator") + self.orchestrator_port = conf["components/orchestrator"].get("port", 80) + conf = configuration.get_configuration("components/manager") + self.manager_hostname = conf["components/manager"].get("hostname", "manager") + self.manager_port = conf["components/manager"].get("port", 80) + # TODO : specify only few urls instead of * + # CORS(self.app) + self.api = Api(self.app) + self.driver = get_driver() + logger.info("Driver = {}".format(self.driver.__class__)) + self.__set_route() + self.__hook_errors() + pdp = None + while True: + try: + pdp = requests.get( + "http://{}:{}/pdp".format(self.manager_hostname, + self.manager_port)) + except requests.exceptions.ConnectionError: + logger.warning("Manager is not ready, standby...") + time.sleep(1) + except KeyError: + logger.warning("Manager is not ready, standby...") + time.sleep(1) + else: + if "pdps" in pdp.json(): + break + logger.debug("pdp={}".format(pdp)) + # self.driver.create_wrappers() + for _pdp_key, _pdp_value in pdp.json()['pdps'].items(): + if _pdp_value.get('keystone_project_id'): + # TODO: select context to add security function + self.driver.create_pipeline( + keystone_project_id=_pdp_value.get('keystone_project_id'), + pdp_id=_pdp_key, + policy_ids=_pdp_value.get('security_pipeline', [])) + + def __hook_errors(self): + + def get_404_json(e): + return jsonify({"result": False, "code": 404, "description": str(e)}), 404 + + self.app.register_error_handler(404, get_404_json) + + def get_400_json(e): + return jsonify({"result": False, "code": 400, "description": str(e)}), 400 + + self.app.register_error_handler(400, lambda e: get_400_json) + self.app.register_error_handler(403, exceptions.AuthException) + + def __set_route(self): + self.api.add_resource(Root, '/') + + for api in __API__: + self.api.add_resource(api, *api.__urls__) + self.api.add_resource(Pods, *Pods.__urls__, + resource_class_kwargs={ + "driver": self.driver + }) + self.api.add_resource(Slaves, *Slaves.__urls__, + resource_class_kwargs={ + "driver": self.driver + }) + + def run(self): + self.app.run(host=self._host, port=self._port, threaded=True) # nosec + + @staticmethod + def __filter_str(data): + return data.replace("@", "-") diff --git a/old/moon_orchestrator/moon_orchestrator/server.py b/old/moon_orchestrator/moon_orchestrator/server.py new file mode 100644 index 00000000..88d56e3a --- /dev/null +++ b/old/moon_orchestrator/moon_orchestrator/server.py @@ -0,0 +1,39 @@ +# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors +# This software is distributed under the terms and conditions of the 'Apache-2.0' +# license which can be found in the file 'LICENSE' in this package distribution +# or at 'http://www.apache.org/licenses/LICENSE-2.0'. + +import logging +from python_moonutilities import configuration, exceptions +from moon_orchestrator.http_server import HTTPServer + +logger = logging.getLogger("moon.orchestrator.server") + + +def create_server(): + configuration.init_logging() + try: + conf = configuration.get_configuration("components/orchestrator") + hostname = conf["components/orchestrator"].get("hostname", + "orchestrator") + port = conf["components/orchestrator"].get("port", 80) + bind = conf["components/orchestrator"].get("bind", "127.0.0.1") + except exceptions.ConsulComponentNotFound: + hostname = "orchestrator" + bind = "127.0.0.1" + port = 80 + configuration.add_component(uuid="orchestrator", name=hostname, + port=port, bind=bind) + logger.info("Starting server with IP {} on port {} bind to {}".format( + hostname, port, bind)) + return HTTPServer(host=bind, port=port) + + +def run(): + server = create_server() + server.run() + + +if __name__ == '__main__': + server = create_server() + server.run() |