Search in sources :

Example 71 with InfrastructureException

use of org.eclipse.che.api.workspace.server.spi.InfrastructureException in project devspaces-images by redhat-developer.

the class KubernetesServerExposer method exposeSecureServers.

private void exposeSecureServers(Map<String, ServerConfig> securedServers, Map<String, ServicePort> securedPorts) throws InfrastructureException {
    if (securedPorts.isEmpty()) {
        return;
    }
    Optional<Service> secureService = secureServerExposer.createService(securedPorts.values(), pod, machineName, securedServers);
    String secureServiceName = secureService.map(s -> {
        String n = s.getMetadata().getName();
        k8sEnv.getServices().put(n, s);
        return n;
    }).orElse(null);
    for (ServicePort servicePort : securedPorts.values()) {
        // expose service port related secure servers if exist
        Map<String, ServerConfig> matchedSecureServers = match(securedServers, servicePort);
        if (!matchedSecureServers.isEmpty()) {
            onEachExposableServerSet(matchedSecureServers, (serverId, srvrs) -> {
                secureServerExposer.expose(k8sEnv, pod, machineName, secureServiceName, serverId, servicePort, srvrs);
            });
        }
    }
}
Also used : NameGenerator.generate(org.eclipse.che.commons.lang.NameGenerator.generate) Container(io.fabric8.kubernetes.api.model.Container) ConfigurationProvisioner(org.eclipse.che.workspace.infrastructure.kubernetes.provision.ConfigurationProvisioner) ExternalServerExposer(org.eclipse.che.workspace.infrastructure.kubernetes.server.external.ExternalServerExposer) LoggerFactory(org.slf4j.LoggerFactory) ServicePort(io.fabric8.kubernetes.api.model.ServicePort) KubernetesEnvironment(org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment) ServicePortBuilder(io.fabric8.kubernetes.api.model.ServicePortBuilder) HashMap(java.util.HashMap) SERVER_NAME_ATTRIBUTE(org.eclipse.che.api.core.model.workspace.config.ServerConfig.SERVER_NAME_ATTRIBUTE) ArrayList(java.util.ArrayList) Collectors.toMap(java.util.stream.Collectors.toMap) Map(java.util.Map) Service(io.fabric8.kubernetes.api.model.Service) UniqueNamesProvisioner(org.eclipse.che.workspace.infrastructure.kubernetes.provision.UniqueNamesProvisioner) Constants(org.eclipse.che.workspace.infrastructure.kubernetes.Constants) Logger(org.slf4j.Logger) ImmutableMap(com.google.common.collect.ImmutableMap) SecureServerExposer(org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.SecureServerExposer) Integer.parseInt(java.lang.Integer.parseInt) ServerConfig(org.eclipse.che.api.core.model.workspace.config.ServerConfig) Annotations(org.eclipse.che.workspace.infrastructure.kubernetes.Annotations) ContainerPort(io.fabric8.kubernetes.api.model.ContainerPort) InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException) CHE_ORIGINAL_NAME_LABEL(org.eclipse.che.workspace.infrastructure.kubernetes.Constants.CHE_ORIGINAL_NAME_LABEL) Ingress(io.fabric8.kubernetes.api.model.networking.v1.Ingress) RuntimeIdentity(org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity) PodData(org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment.PodData) Optional(java.util.Optional) ContainerPortBuilder(io.fabric8.kubernetes.api.model.ContainerPortBuilder) Collections(java.util.Collections) ServicePort(io.fabric8.kubernetes.api.model.ServicePort) ServerConfig(org.eclipse.che.api.core.model.workspace.config.ServerConfig) Service(io.fabric8.kubernetes.api.model.Service)

Example 72 with InfrastructureException

use of org.eclipse.che.api.workspace.server.spi.InfrastructureException in project devspaces-images by redhat-developer.

the class AbstractJwtProxyProvisioner method expose.

/**
 * Modifies Kubernetes environment to expose the specified service port via JWTProxy.
 *
 * @param k8sEnv Kubernetes environment to modify
 * @param pod the pod that runs the server being exposed
 * @param backendServiceName service name that will be exposed
 * @param backendServicePort service port that will be exposed
 * @param protocol protocol that will be used for exposed port
 * @param secureServers secure servers to expose
 * @return JWTProxy service port that expose the specified one
 * @throws InfrastructureException if any exception occurs during port exposing
 */
@Override
public ServicePort expose(KubernetesEnvironment k8sEnv, PodData pod, String machineName, String backendServiceName, ServicePort backendServicePort, String protocol, boolean requireSubdomain, Map<String, ServerConfig> secureServers) throws InfrastructureException {
    Preconditions.checkArgument(secureServers != null && !secureServers.isEmpty(), "Secure servers are missing");
    ensureJwtProxyInjected(k8sEnv, machineName, pod);
    Set<String> excludes = new HashSet<>();
    Boolean cookiesAuthEnabled = null;
    for (ServerConfig serverConfig : secureServers.values()) {
        ExposureConfiguration config = getExposureConfiguration(serverConfig);
        // accumulate unsecured paths
        if (config.excludedPaths != null) {
            excludes.addAll(config.excludedPaths);
        }
        // calculate `cookiesAuthEnabled` attributes
        if (detectCookieAuth) {
            if (cookiesAuthEnabled == null) {
                cookiesAuthEnabled = config.cookiesAuthEnabled;
            } else {
                if (!cookiesAuthEnabled.equals(config.cookiesAuthEnabled)) {
                    throw new InfrastructureException("Secure servers which expose the same port should have the same `cookiesAuthEnabled` value.");
                }
            }
        }
    }
    int listenPort = availablePort++;
    ServicePort exposedPort = new ServicePortBuilder().withName("server-" + listenPort).withPort(listenPort).withProtocol(protocol).withNewTargetPort(listenPort).build();
    k8sEnv.getServices().get(serviceName).getSpec().getPorts().add(exposedPort);
    CookiePathStrategy actualCookiePathStrategy = requireSubdomain ? multihostCookiePathStrategy : cookiePathStrategy;
    ExternalServiceExposureStrategy actualExposureStrategy = requireSubdomain ? multiHostExternalServiceExposureStrategy : externalServiceExposureStrategy;
    // JwtProxySecureServerExposer creates no service for the exposed secure servers and
    // assumes everything will be proxied from localhost, because JWT proxy is collocated
    // with the workspace pod (because it is added to the environment as an injectable pod).
    // This method historically supported proxying secure servers exposed through a service
    // (which is not secure in absence of a appropriate network policy). The support for
    // accessing the backend server through a service was kept here because it doesn't add
    // any additional complexity to this method and keeps the door open for the
    // JwtProxySecureServerExposer to be enhanced in the future with support for service-handled
    // secure servers.
    backendServiceName = backendServiceName == null ? "127.0.0.1" : backendServiceName;
    proxyConfigBuilder.addVerifierProxy(listenPort, "http://" + backendServiceName + ":" + backendServicePort.getTargetPort().getIntVal(), excludes, cookiesAuthEnabled == null ? false : cookiesAuthEnabled, actualCookiePathStrategy.get(serviceName, exposedPort), actualExposureStrategy.getExternalPath(serviceName, exposedPort.getName()));
    k8sEnv.getConfigMaps().get(getConfigMapName()).getData().put(JWT_PROXY_CONFIG_FILE, proxyConfigBuilder.build());
    return exposedPort;
}
Also used : ServerConfig(org.eclipse.che.api.core.model.workspace.config.ServerConfig) ServicePort(io.fabric8.kubernetes.api.model.ServicePort) ServicePortBuilder(io.fabric8.kubernetes.api.model.ServicePortBuilder) ExternalServiceExposureStrategy(org.eclipse.che.workspace.infrastructure.kubernetes.server.external.ExternalServiceExposureStrategy) InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException) HashSet(java.util.HashSet)

Example 73 with InfrastructureException

use of org.eclipse.che.api.workspace.server.spi.InfrastructureException in project devspaces-images by redhat-developer.

the class TraefikGatewayRouteConfigGenerator method generate.

/**
 * Generates Traefik specific configuration for single service.
 *
 * @param name name of the service
 * @param serviceUrl url of service we want to route to
 * @param path path to route and strip
 * @return traefik service route config
 */
private String generate(String name, String serviceUrl, String path) throws InfrastructureException {
    StringWriter sw = new StringWriter();
    try {
        YAMLGenerator generator = YAMLFactory.builder().disable(WRITE_DOC_START_MARKER).build().createGenerator(sw);
        generator.writeStartObject();
        generator.writeFieldName("http");
        generator.writeStartObject();
        generator.writeFieldName("routers");
        generateRouters(generator, name, path);
        generator.writeFieldName("services");
        generateServices(generator, name, serviceUrl);
        generator.writeFieldName("middlewares");
        generateMiddlewares(generator, name, path);
        generator.writeEndObject();
        generator.writeEndObject();
        generator.flush();
        return sw.toString();
    } catch (IOException e) {
        throw new InfrastructureException(e);
    }
}
Also used : YAMLGenerator(com.fasterxml.jackson.dataformat.yaml.YAMLGenerator) StringWriter(java.io.StringWriter) IOException(java.io.IOException) InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException)

Example 74 with InfrastructureException

use of org.eclipse.che.api.workspace.server.spi.InfrastructureException in project devspaces-images by redhat-developer.

the class PVCSubPathHelperTest method testLogErrorWhenKubernetesProjectCreationFailed.

@Test
public void testLogErrorWhenKubernetesProjectCreationFailed() throws Exception {
    when(osDeployments.create(any())).thenThrow(new InfrastructureException("Kubernetes namespace creation failed"));
    pvcSubPathHelper.execute(WORKSPACE_ID, NAMESPACE, PVC_NAME, MKDIR_COMMAND_BASE, WORKSPACE_ID + PROJECTS_PATH);
    verify(k8sNamespaceFactory).access(WORKSPACE_ID, NAMESPACE);
    verify(osDeployments).create(any());
    verify(osDeployments, never()).waitAsync(anyString(), any());
}
Also used : InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException) Test(org.testng.annotations.Test)

Example 75 with InfrastructureException

use of org.eclipse.che.api.workspace.server.spi.InfrastructureException in project devspaces-images by redhat-developer.

the class KeycloakProviderConfigFactoryTest method testRethrowOnInvalidTokenBadRequestException.

@Test
public void testRethrowOnInvalidTokenBadRequestException() throws Exception {
    doThrow(new BadRequestException(DtoFactory.newDto(ServiceError.class).withMessage("Invalid token."))).when(keycloakServiceClient).getIdentityProviderToken(anyString());
    try {
        configBuilder.buildConfig(defaultConfig, A_WORKSPACE_ID);
    } catch (InfrastructureException e) {
        assertEquals(e.getMessage(), SESSION_EXPIRED_MESSAGE, "The exception message is wrong");
        return;
    }
    fail("Should have thrown an exception with the following message: " + SESSION_EXPIRED_MESSAGE);
}
Also used : ServiceError(org.eclipse.che.api.core.rest.shared.dto.ServiceError) BadRequestException(org.eclipse.che.api.core.BadRequestException) InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException) Test(org.testng.annotations.Test)

Aggregations

InfrastructureException (org.eclipse.che.api.workspace.server.spi.InfrastructureException)242 InternalInfrastructureException (org.eclipse.che.api.workspace.server.spi.InternalInfrastructureException)64 Test (org.testng.annotations.Test)56 KubernetesInfrastructureException (org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesInfrastructureException)44 RuntimeIdentity (org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity)42 KubernetesClientException (io.fabric8.kubernetes.client.KubernetesClientException)38 CompletableFuture (java.util.concurrent.CompletableFuture)36 ExecutionException (java.util.concurrent.ExecutionException)36 TimeoutException (java.util.concurrent.TimeoutException)32 ServerException (org.eclipse.che.api.core.ServerException)32 Pod (io.fabric8.kubernetes.api.model.Pod)30 Map (java.util.Map)26 ValidationException (org.eclipse.che.api.core.ValidationException)22 Traced (org.eclipse.che.commons.annotation.Traced)20 Container (io.fabric8.kubernetes.api.model.Container)18 List (java.util.List)18 Set (java.util.Set)18 Inject (javax.inject.Inject)18 RuntimeStartInterruptedException (org.eclipse.che.api.workspace.server.spi.RuntimeStartInterruptedException)18 KubernetesEnvironment (org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment)18