Example 36 with ServerConfig
use of org.eclipse.che.api.core.model.workspace.config.ServerConfig in project devspaces-images by redhat-developer.
the class MachineConfigsValidator method validateMachine.
private void validateMachine(String machineName, InternalMachineConfig machineConfig) throws ValidationException {
checkArgument(MACHINE_NAME_PATTERN.matcher(machineName).matches(), "Name of machine '%s' in environment is invalid", machineName);
if (machineConfig.getServers() != null) {
for (Map.Entry<String, ? extends ServerConfig> serverEntry : machineConfig.getServers().entrySet()) {
String serverName = serverEntry.getKey();
ServerConfig server = serverEntry.getValue();
checkArgument(server.getPort() != null && SERVER_PORT_PATTERN.matcher(server.getPort()).matches(), "Machine '%s' in environment contains server conf '%s' with invalid port '%s'", machineName, serverName, server.getPort());
checkArgument(server.getProtocol() == null || SERVER_PROTOCOL_PATTERN.matcher(server.getProtocol()).matches(), "Machine '%s' in environment contains server conf '%s' with invalid protocol '%s'", machineName, serverName, server.getProtocol());
}
}
if (machineConfig.getAttributes() != null) {
String memoryLimit = machineConfig.getAttributes().get(MEMORY_LIMIT_ATTRIBUTE);
String memoryRequest = machineConfig.getAttributes().get(MEMORY_REQUEST_ATTRIBUTE);
if (memoryLimit != null && memoryRequest != null) {
checkArgument(Long.parseLong(memoryLimit) >= Long.parseLong(memoryRequest), "Machine '%s' in environment contains inconsistent memory attributes: Memory limit: '%s', Memory request: '%s'", machineName, Long.parseLong(memoryLimit), Long.parseLong(memoryRequest));
}
}
}
Also used :
ServerConfig(org.eclipse.che.api.core.model.workspace.config.ServerConfig)
Map(java.util.Map)
Example 37 with ServerConfig
use of org.eclipse.che.api.core.model.workspace.config.ServerConfig in project che-server by eclipse-che.
the class AbstractJwtProxyProvisioner method expose.
/**
* Modifies Kubernetes environment to expose the specified service port via JWTProxy.
*
* @param k8sEnv Kubernetes environment to modify
* @param pod the pod that runs the server being exposed
* @param backendServiceName service name that will be exposed
* @param backendServicePort service port that will be exposed
* @param protocol protocol that will be used for exposed port
* @param secureServers secure servers to expose
* @return JWTProxy service port that expose the specified one
* @throws InfrastructureException if any exception occurs during port exposing
*/
@Override
public ServicePort expose(KubernetesEnvironment k8sEnv, PodData pod, String machineName, String backendServiceName, ServicePort backendServicePort, String protocol, boolean requireSubdomain, Map<String, ServerConfig> secureServers) throws InfrastructureException {
Preconditions.checkArgument(secureServers != null && !secureServers.isEmpty(), "Secure servers are missing");
ensureJwtProxyInjected(k8sEnv, machineName, pod);
Set<String> excludes = new HashSet<>();
Boolean cookiesAuthEnabled = null;
for (ServerConfig serverConfig : secureServers.values()) {
ExposureConfiguration config = getExposureConfiguration(serverConfig);
// accumulate unsecured paths
if (config.excludedPaths != null) {
excludes.addAll(config.excludedPaths);
}
// calculate `cookiesAuthEnabled` attributes
if (detectCookieAuth) {
if (cookiesAuthEnabled == null) {
cookiesAuthEnabled = config.cookiesAuthEnabled;
} else {
if (!cookiesAuthEnabled.equals(config.cookiesAuthEnabled)) {
throw new InfrastructureException("Secure servers which expose the same port should have the same `cookiesAuthEnabled` value.");
}
}
}
}
int listenPort = availablePort++;
ServicePort exposedPort = new ServicePortBuilder().withName("server-" + listenPort).withPort(listenPort).withProtocol(protocol).withNewTargetPort(listenPort).build();
k8sEnv.getServices().get(serviceName).getSpec().getPorts().add(exposedPort);
CookiePathStrategy actualCookiePathStrategy = requireSubdomain ? multihostCookiePathStrategy : cookiePathStrategy;
ExternalServiceExposureStrategy actualExposureStrategy = requireSubdomain ? multiHostExternalServiceExposureStrategy : externalServiceExposureStrategy;
// JwtProxySecureServerExposer creates no service for the exposed secure servers and
// assumes everything will be proxied from localhost, because JWT proxy is collocated
// with the workspace pod (because it is added to the environment as an injectable pod).
// This method historically supported proxying secure servers exposed through a service
// (which is not secure in absence of a appropriate network policy). The support for
// accessing the backend server through a service was kept here because it doesn't add
// any additional complexity to this method and keeps the door open for the
// JwtProxySecureServerExposer to be enhanced in the future with support for service-handled
// secure servers.
backendServiceName = backendServiceName == null ? "127.0.0.1" : backendServiceName;
proxyConfigBuilder.addVerifierProxy(listenPort, "http://" + backendServiceName + ":" + backendServicePort.getTargetPort().getIntVal(), excludes, cookiesAuthEnabled == null ? false : cookiesAuthEnabled, actualCookiePathStrategy.get(serviceName, exposedPort), actualExposureStrategy.getExternalPath(serviceName, exposedPort.getName()));
k8sEnv.getConfigMaps().get(getConfigMapName()).getData().put(JWT_PROXY_CONFIG_FILE, proxyConfigBuilder.build());
return exposedPort;
}
Also used :
ServerConfig(org.eclipse.che.api.core.model.workspace.config.ServerConfig)
ServicePort(io.fabric8.kubernetes.api.model.ServicePort)
ServicePortBuilder(io.fabric8.kubernetes.api.model.ServicePortBuilder)
ExternalServiceExposureStrategy(org.eclipse.che.workspace.infrastructure.kubernetes.server.external.ExternalServiceExposureStrategy)
InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException)
HashSet(java.util.HashSet)
Example 38 with ServerConfig
use of org.eclipse.che.api.core.model.workspace.config.ServerConfig in project che-server by eclipse-che.
the class KubernetesServerExposer method expose.
/**
* Exposes specified servers.
*
* <p>Note that created Kubernetes objects will select the corresponding pods by {@link
* Constants#CHE_ORIGINAL_NAME_LABEL} label. That should be added by {@link
* UniqueNamesProvisioner}.
*
* @param servers servers to expose
* @see ConfigurationProvisioner#provision(KubernetesEnvironment, RuntimeIdentity)
*/
public void expose(Map<String, ? extends ServerConfig> servers) throws InfrastructureException {
Map<String, ServerConfig> internalServers = new HashMap<>();
Map<String, ServerConfig> externalServers = new HashMap<>();
Map<String, ServerConfig> secureServers = new HashMap<>();
Map<String, ServicePort> unsecuredPorts = new HashMap<>();
Map<String, ServicePort> securedPorts = new HashMap<>();
splitServersAndPortsByExposureType(servers, internalServers, externalServers, secureServers, unsecuredPorts, securedPorts);
provisionServicesForDiscoverableServers(servers);
Optional<Service> serviceOpt = createService(internalServers, unsecuredPorts);
if (serviceOpt.isPresent()) {
Service service = serviceOpt.get();
String serviceName = service.getMetadata().getName();
k8sEnv.getServices().put(serviceName, service);
exposeNonSecureServers(serviceName, externalServers, unsecuredPorts);
}
exposeSecureServers(secureServers, securedPorts);
}
Also used :
ServerConfig(org.eclipse.che.api.core.model.workspace.config.ServerConfig)
ServicePort(io.fabric8.kubernetes.api.model.ServicePort)
HashMap(java.util.HashMap)
Service(io.fabric8.kubernetes.api.model.Service)
Example 39 with ServerConfig
use of org.eclipse.che.api.core.model.workspace.config.ServerConfig in project che-server by eclipse-che.
the class KubernetesServerExposer method provisionServicesForDiscoverableServers.
// TODO: this creates discoverable services as an extra services. Service for same {@link
// ServerConfig} is also created later in in {@link #exposeNonSecureServers(Map, Map, Map)} or
// {@link #exposeSecureServers(Map, Map)} as a non-discoverable one. This was added during
// working on adding endpoints for kubernetes/openshift components, to keep behavior consistent.
// However, this logic is probably broken and should be changed.
/**
* Creates services with defined names for discoverable {@link ServerConfig}s. The name is taken
* from {@link ServerConfig}'s attributes under {@link ServerConfig#SERVER_NAME_ATTRIBUTE} and
* must be set, otherwise service won't be created.
*/
private void provisionServicesForDiscoverableServers(Map<String, ? extends ServerConfig> servers) {
for (String serverName : servers.keySet()) {
ServerConfig server = servers.get(serverName);
if (server.getAttributes().containsKey(SERVER_NAME_ATTRIBUTE)) {
// remove the name from attributes so we don't send it to the client
String endpointName = server.getAttributes().remove(SERVER_NAME_ATTRIBUTE);
if (server.isDiscoverable()) {
Service service = new ServerServiceBuilder().withName(endpointName).withMachineName(machineName).withSelectorEntry(CHE_ORIGINAL_NAME_LABEL, pod.getMetadata().getName()).withPorts(Collections.singletonList(getServicePort(server))).withServers(Collections.singletonMap(serverName, server)).build();
k8sEnv.getServices().put(service.getMetadata().getName(), service);
}
}
}
}
Also used :
ServerConfig(org.eclipse.che.api.core.model.workspace.config.ServerConfig)
Service(io.fabric8.kubernetes.api.model.Service)
Example 40 with ServerConfig
use of org.eclipse.che.api.core.model.workspace.config.ServerConfig in project che-server by eclipse-che.
the class IngressServerExposerTest method shouldReplaceServerNamePlaceholders.
@Test
public void shouldReplaceServerNamePlaceholders() {
// given
Map<String, String> annotations = new HashMap<>();
annotations.put("ssl", "true");
annotations.put("websocket-service", SERVICE_NAME_PLACEHOLDER);
IngressServerExposer<KubernetesEnvironment> exposer = new IngressServerExposer<>(serviceExposureStrategy, annotations, null, "");
KubernetesEnvironment env = KubernetesEnvironment.builder().build();
Map<String, ServerConfig> externalServers = new HashMap<>();
externalServers.put("ide", new ServerConfigImpl("6543", "http", "/", emptyMap()));
// when
exposer.expose(env, "editor", "ide", "server123", new ServicePort(), externalServers);
// then
Collection<Ingress> ingresses = env.getIngresses().values();
assertEquals(ingresses.size(), 1);
Ingress ingress = ingresses.iterator().next();
assertEquals(ingress.getMetadata().getAnnotations().get("ssl"), "true");
assertEquals(ingress.getMetadata().getAnnotations().get("websocket-service"), "ide");
}
Also used :
ServerConfig(org.eclipse.che.api.core.model.workspace.config.ServerConfig)
ServicePort(io.fabric8.kubernetes.api.model.ServicePort)
HashMap(java.util.HashMap)
KubernetesEnvironment(org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment)
Ingress(io.fabric8.kubernetes.api.model.networking.v1.Ingress)
ServerConfigImpl(org.eclipse.che.api.workspace.server.model.impl.ServerConfigImpl)
Test(org.testng.annotations.Test)
Aggregations
ServerConfig (org.eclipse.che.api.core.model.workspace.config.ServerConfig)74
Test (org.testng.annotations.Test)54
ServerConfigImpl (org.eclipse.che.api.workspace.server.model.impl.ServerConfigImpl)42
ServicePort (io.fabric8.kubernetes.api.model.ServicePort)30
IntOrString (io.fabric8.kubernetes.api.model.IntOrString)28
EndpointImpl (org.eclipse.che.api.workspace.server.model.impl.devfile.EndpointImpl)20
ServicePortBuilder (io.fabric8.kubernetes.api.model.ServicePortBuilder)18
HashMap (java.util.HashMap)16
Annotations (org.eclipse.che.workspace.infrastructure.kubernetes.Annotations)16
Service (io.fabric8.kubernetes.api.model.Service)14
KubernetesEnvironment (org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment)12
Map (java.util.Map)10
ImmutableMap (com.google.common.collect.ImmutableMap)8
InfrastructureException (org.eclipse.che.api.workspace.server.spi.InfrastructureException)8
Container (io.fabric8.kubernetes.api.model.Container)6
ContainerPortBuilder (io.fabric8.kubernetes.api.model.ContainerPortBuilder)6
Ingress (io.fabric8.kubernetes.api.model.networking.v1.Ingress)6
ArrayList (java.util.ArrayList)6
Collections.singletonMap (java.util.Collections.singletonMap)6
Optional (java.util.Optional)6
