From c2ca1c746d3c3a3a289da5e8c7f5ea830b07f589 Mon Sep 17 00:00:00 2001 From: okozachenko Date: Tue, 4 Aug 2020 21:15:15 +0300 Subject: [PATCH] Add identity manifest to the operator - Change the scope of identity CRs as namespaced - Add identity CRs to objects - Create templates for identity service and endpoints Change-Id: Ibefa07d4431089d3bcce20b81d5d48194ad0e56d --- openstack_operator/identity.py | 46 +++++++++++++++++++ openstack_operator/objects.py | 21 +++++++++ .../templates/identity/endpoint.yml.j2 | 23 ++++++++++ .../templates/identity/service.yml.j2 | 22 +++++++++ 4 files changed, 112 insertions(+) create mode 100644 openstack_operator/identity.py create mode 100644 openstack_operator/templates/identity/endpoint.yml.j2 create mode 100644 openstack_operator/templates/identity/service.yml.j2 diff --git a/openstack_operator/identity.py b/openstack_operator/identity.py new file mode 100644 index 00000000..cacb770c --- /dev/null +++ b/openstack_operator/identity.py @@ -0,0 +1,46 @@ +# Copyright 2020 VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""identity Operator + +This module contains a few common functions for identity management +""" + +import kopf + +from openstack_operator import utils + + +def ensure_service(name, service, desc, url=None): + """Create or update service and endpoints + """ + + try: + # Create or resume service + utils.create_or_update('identity/service.yml.j2', name=name, + type=service, description=desc) + + # Create or resume endpoints + internal_url = "http://" + name + ".openstack.svc.cluster.local" + public_url = internal_url + if url is not None: + public_url = "http://" + url + utils.create_or_update('identity/endpoint.yml.j2', + service=service, interface='internal', + url=internal_url) + utils.create_or_update('identity/endpoint.yml.j2', + service=service, interface='public', + url=public_url) + except Exception as ex: + raise kopf.TemporaryError(str(ex), delay=5) diff --git a/openstack_operator/objects.py b/openstack_operator/objects.py index 74ed1e42..172d3162 100644 --- a/openstack_operator/objects.py +++ b/openstack_operator/objects.py @@ -22,6 +22,7 @@ It also inclues a ``dict`` with mappings which allows doing reverse-lookups from combinations of apiVersion and kind to the exact model. """ +from pykube.objects import APIObject from pykube.objects import ConfigMap from pykube.objects import CronJob from pykube.objects import DaemonSet @@ -36,6 +37,22 @@ from pykube.objects import Service from pykube.objects import StatefulSet +class IdentityService(APIObject): + """Service Kubernetes object""" + + version = "identity.openstack.org/v1alpha1" + endpoint = "services" + kind = "Service" + + +class IdentityEndpoint(APIObject): + """Endpoint Kubernetes object""" + + version = "identity.openstack.org/v1alpha1" + endpoint = "endpoints" + kind = "Endpoint" + + class Mcrouter(NamespacedAPIObject): """Mcrouter Kubernetes object""" @@ -106,6 +123,10 @@ MAPPING = { "extensions/v1beta1": { "Ingress": Ingress }, + "identity.openstack.org/v1alpha1": { + "Service": IdentityService, + "Endpoint": IdentityEndpoint + }, "infrastructure.vexxhost.cloud/v1alpha1": { "Mcrouter": Mcrouter, "Memcached": Memcached, diff --git a/openstack_operator/templates/identity/endpoint.yml.j2 b/openstack_operator/templates/identity/endpoint.yml.j2 new file mode 100644 index 00000000..cb6c3559 --- /dev/null +++ b/openstack_operator/templates/identity/endpoint.yml.j2 @@ -0,0 +1,23 @@ +--- +# Copyright 2020 VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: identity.openstack.org/v1alpha1 +kind: Endpoint +metadata: + name: {{ service }}-{{ interface }} +spec: + service: {{ service }} + interface: {{ interface }} + url: {{ url }} diff --git a/openstack_operator/templates/identity/service.yml.j2 b/openstack_operator/templates/identity/service.yml.j2 new file mode 100644 index 00000000..b22058da --- /dev/null +++ b/openstack_operator/templates/identity/service.yml.j2 @@ -0,0 +1,22 @@ +--- +# Copyright 2020 VEXXHOST, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: identity.openstack.org/v1alpha1 +kind: Service +metadata: + name: {{ name }} +spec: + type: {{ type }} + description: {{ description }}