Motofans
/
Charmed-Kubernetes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 3 Wiki Activity
Charmed-Kubernetes/kubernetes-control-plane/hooks/relations/kube-control
History
Ares 6d5242594f update bugfix/1.24-GA 2024-03-13 10:05:53 +08:00
..
.travis.yml update bugfix/1.24-GA 2024-03-13 10:05:53 +08:00
README.md update bugfix/1.24-GA 2024-03-13 10:05:53 +08:00
__init__.py update bugfix/1.24-GA 2024-03-13 10:05:53 +08:00
interface.yaml update bugfix/1.24-GA 2024-03-13 10:05:53 +08:00
provides.py update bugfix/1.24-GA 2024-03-13 10:05:53 +08:00
requires.py update bugfix/1.24-GA 2024-03-13 10:05:53 +08:00

README.md

kube-control interface

This interface provides communication between master and workers in a Kubernetes cluster.

Provides (kubernetes-master side)

States

  • kube-control.connected

    Enabled when a worker has joined the relation.

  • kube-control.gpu.available

    Enabled when any worker has indicated that it is running in gpu mode.

  • kube-control.departed

    Enabled when any worker has indicated that it is leaving the cluster.

  • kube-control.auth.requested

    Enabled when an authentication credential is requested. This state is temporary and will be removed once the units authentication request has been fulfilled.

Methods

  • kube_control.set_dns(port, domain, sdn_ip)

    Sends DNS info to the connected worker(s).

  • kube_control.auth_user()

    Returns a list of the requested username and group requested for authentication.

  • kube_control.sign_auth_request(scope, user, kubelet_token, proxy_token, client_token)

    Sends authentication tokens to the unit scope for the requested user and kube-proxy services.

  • kube_control.set_cluster_tag(cluster_tag)

    Sends a tag used to identify resources that are part of the cluster to the connected worker(s).

  • kube_control.flush_departed()

    Returns the unit departing the kube_control relationship so you can do any post removal cleanup. Such as removing authentication tokens for the unit. Invoking this method will also remove the kube-control.departed state

  • kube_control.set_registry_location(registry_location) Sends the container image registry location to the connected worker(s).

Examples


@when('kube-control.connected')
def send_dns(kube_control):
    # send port, domain, sdn_ip to the remote side
    kube_control.set_dns(53, "cluster.local", "10.1.0.10")

@when('kube-control.gpu.available')
def on_gpu_available(kube_control):
    # The remote side is gpu-enable, handle it somehow
    assert kube_control.get_gpu() == True


@when('kube-control.departed')
@when('leadership.is_leader')
def flush_auth_for_departed(kube_control):
    ''' Unit has left the cluster and needs to have its authentication
    tokens removed from the token registry '''
    departing_unit = kube_control.flush_departed()

Requires (kubernetes-worker side)

States

  • kube-control.connected

    Enabled when a master has joined the relation.

  • kube-control.dns.available

    Enabled when DNS info is available from the master.

  • kube-control.auth.available

    Enabled when authentication credentials are present from the master.

  • kube-control.cluster_tag.available

    Enabled when cluster tag is present from the master.

  • kube-control.registry_location.available

    Enabled when registry location is present from the master.

Methods

  • kube_control.get_dns()

    Returns a dictionary of DNS info sent by the master. The keys in the dict are: domain, private-address, sdn-ip, port.

  • kube_control.set_gpu(enabled=True)

    Tell the master that we are gpu-enabled.

  • kube_control.get_auth_credentials(user)

Returns a dict with the users authentication credentials.

  • set_auth_request(kubelet, group='system:nodes')

Issue an authentication request against the master to receive token based auth credentials in return.

  • kube_control.get_cluster_tag()

    Returns the cluster tag provided by the master.

  • kube_control.get_registry_location()

    Returns the container image registry location provided by the master.

Examples


@when('kube-control.dns.available')
def on_dns_available(kube_control):
    # Remote side has sent DNS info
    dns = kube_control.get_dns()
    print(context['domain'])
    print(context['private-address'])
    print(context['sdn-ip'])
    print(context['port'])

@when('kube-control.connected')
def send_gpu(kube_control):
    # Tell the master that we're gpu-enabled
    kube_control.set_gpu(True)

@when('kube-control.auth.available')
def display_auth_tokens(kube_control):
    # Remote side has sent auth info
    auth = kube_control.get_auth_credentials('root')
    print(auth['kubelet_token'])
    print(auth['proxy_token'])
    print(auth['client_token'])

@when('kube-control.connected')
@when_not('kube-control.auth.available')
def request_auth_credentials(kube_control):
    # Request an admin user with sudo level access named 'root'
    kube_control.set_auth_request('root', group='system:masters')