xos/synchronizer/steps/sync_kubernetesserviceinstance.py

# Copyright 2017-present Open Networking Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

"""
    sync_kubernetesserviceinstance.py

    Synchronize KubernetesServiceInstance. See also the related pull_step.

    This sync_step is intended to handle the case where callers are creating pods directly, as opposed to using
    a controller to manage pods for them. It makes some simplifying assumptions, such as each pod has one
    container and uses one image.
"""

from synchronizers.new_base.syncstep import SyncStep
from synchronizers.new_base.modelaccessor import KubernetesServiceInstance

from xosconfig import Config
from multistructlog import create_logger

from kubernetes.client.rest import ApiException
from kubernetes import client as kubernetes_client, config as kubernetes_config

log = create_logger(Config().get('logging'))

class SyncKubernetesServiceInstance(SyncStep):

    """
        SyncKubernetesServiceInstance

        Implements sync step for syncing kubernetes service instances.
    """

    provides = [KubernetesServiceInstance]
    observes = KubernetesServiceInstance
    requested_interval = 0

    def __init__(self, *args, **kwargs):
        super(SyncKubernetesServiceInstance, self).__init__(*args, **kwargs)
        kubernetes_config.load_incluster_config()
        self.v1 = kubernetes_client.CoreV1Api()

    def get_pod(self, o):
        """ Given a KubernetesServiceInstance, read the pod from Kubernetes.
            Return None if the pod does not exist.
        """
        try:
            pod = self.v1.read_namespaced_pod(o.name, o.slice.trust_domain.name)
        except ApiException, e:
            if e.status == 404:
                return None
            raise
        return pod

    def generate_pod_spec(self, o):
        pod = kubernetes_client.V1Pod()
        pod.metadata = kubernetes_client.V1ObjectMeta(name=o.name)

        if o.slice.trust_domain:
            pod.metadata.namespace = o.slice.trust_domain.name

        if o.image.tag:
            imageName = o.image.name + ":" + o.image.tag
        else:
            # TODO(smbaker): Is this case possible?
            imageName = o.image.name

        volumes = []
        volume_mounts = []

        # Attach and mount the configmaps
        for xos_vol in o.kubernetes_config_volume_mounts.all():
            k8s_vol = kubernetes_client.V1Volume(name=xos_vol.config.name)
            k8s_vol.config_map = kubernetes_client.V1ConfigMapVolumeSource(name=xos_vol.config.name)
            volumes.append(k8s_vol)

            k8s_vol_m = kubernetes_client.V1VolumeMount(name=xos_vol.config.name,
                                                        mount_path=xos_vol.mount_path,
                                                        sub_path=xos_vol.sub_path)
            volume_mounts.append(k8s_vol_m)

        # Attach and mount the secrets
        for xos_vol in o.kubernetes_secret_volume_mounts.all():
            k8s_vol = kubernetes_client.V1Volume(name=xos_vol.secret.name)
            k8s_vol.secret = kubernetes_client.V1SecretVolumeSource(secret_name=xos_vol.secret.name)
            volumes.append(k8s_vol)

            k8s_vol_m = kubernetes_client.V1VolumeMount(name=xos_vol.secret.name,
                                                        mount_path=xos_vol.mount_path,
                                                        sub_path=xos_vol.sub_path)
            volume_mounts.append(k8s_vol_m)

        container = kubernetes_client.V1Container(name=o.name,
                                                  image=imageName,
                                                  volume_mounts=volume_mounts)

        spec = kubernetes_client.V1PodSpec(containers=[container], volumes=volumes)
        pod.spec = spec

        if o.slice.principal:
            pod.spec.service_account = o.slice.principal.name

        return pod

    def sync_record(self, o):
        if o.xos_managed:
            if (not o.slice) or (not o.slice.trust_domain):
                raise Exception("No trust domain for service instance", o=o)

            if (not o.name):
                raise Exception("No name for service instance")

            pod = self.get_pod(o)
            if not pod:
                pod = self.generate_pod_spec(o)

                log.info("Creating pod", o=o, pod=pod)

                pod = self.v1.create_namespaced_pod(o.slice.trust_domain.name, pod)
            else:
                log.info("Replacing pod", o=o, pod=pod)

                # TODO: apply changes, perhaps by calling self.generate_pod_spec() and copying in the differences,
                # to accomodate new volumes that might have been attached, or other changes.

                # If we don't apply any changes to the pod, it's still the case that Kubernetes will pull in new
                # mounts of existing configmaps during the replace operation, if the configmap contents have changed.

                pod = self.v1.replace_namespaced_pod(o.name, o.slice.trust_domain.name, pod)

            if (not o.backend_handle):
                o.backend_handle = pod.metadata.self_link
                o.save(update_fields=["backend_handle"])

    def delete_record(self, port):
        # TODO(smbaker): Implement delete step
        pass