Examples with InternalMachineConfig org.eclipse.che.api.workspace.server.spi.environment.InternalMachineConfig used on opensource projects

Example 66 with InternalMachineConfig

use of org.eclipse.che.api.workspace.server.spi.environment.InternalMachineConfig in project che-server by eclipse-che.

the class EnvVarsConverter method provision.

@Override
@Traced
public void provision(KubernetesEnvironment k8sEnv, RuntimeIdentity identity) throws InfrastructureException {
    TracingTags.WORKSPACE_ID.set(identity::getWorkspaceId);
    for (PodData pod : k8sEnv.getPodsData().values()) {
        for (Container container : pod.getSpec().getContainers()) {
            String machineName = Names.machineName(pod, container);
            InternalMachineConfig machineConf = k8sEnv.getMachines().get(machineName);
            // we need to combine the env vars from the machine config with the variables already
            // present in the container. Let's key the variables by name and use the map for merging
            Map<String, EnvVar> envVars = machineConf.getEnv().entrySet().stream().map(e -> new EnvVar(e.getKey(), e.getValue(), null)).collect(toMap(EnvVar::getName, identity()));
            // the env vars defined in our machine config take precedence over the ones already defined
            // in the container, if any
            container.getEnv().forEach(v -> envVars.putIfAbsent(v.getName(), v));
            // The environment variable expansion only works if a variable that is referenced
            // is already defined earlier in the list of environment variables.
            // We need to produce a list where variables that reference others always appear later
            // in the list.
            List<EnvVar> sorted = topoSort.sort(envVars.values());
            container.setEnv(sorted);
        }
    }
}

Example 67 with InternalMachineConfig

use of org.eclipse.che.api.workspace.server.spi.environment.InternalMachineConfig in project che-server by eclipse-che.

the class ContainerResourceProvisioner method provision.

@Override
@Traced
public void provision(KubernetesEnvironment k8sEnv, RuntimeIdentity identity) throws InfrastructureException {
    TracingTags.WORKSPACE_ID.set(identity::getWorkspaceId);
    final Map<String, InternalMachineConfig> machines = k8sEnv.getMachines();
    for (PodData pod : k8sEnv.getPodsData().values()) {
        for (Container container : pod.getSpec().getContainers()) {
            // make sure that machine configs have settings for RAM limit and request
            InternalMachineConfig machineConfig = machines.get(machineName(pod, container));
            ResourceLimitAttributesProvisioner.provisionMemory(machineConfig, Containers.getRamLimit(container), Containers.getRamRequest(container), defaultMachineMaxMemorySizeAttribute, defaultMachineRequestMemorySizeAttribute);
            // make sure that machine configs have settings for CPU limit and request
            ResourceLimitAttributesProvisioner.provisionCPU(machineConfig, Containers.getCpuLimit(container), Containers.getCpuRequest(container), defaultMachineCpuLimitAttribute, defaultMachineCpuRequestAttribute);
            // reapply memory and CPU settings to k8s container to make sure that provisioned
            // values above are set. Non-positive value means that limit is disabled, so just
            // ignoring them.
            final Map<String, String> attributes = machineConfig.getAttributes();
            long memLimit = Long.parseLong(attributes.get(MEMORY_LIMIT_ATTRIBUTE));
            if (memLimit > 0) {
                Containers.addRamLimit(container, memLimit);
            }
            long memRequest = Long.parseLong(attributes.get(MEMORY_REQUEST_ATTRIBUTE));
            if (memRequest > 0) {
                Containers.addRamRequest(container, memRequest);
            }
            float cpuLimit = Float.parseFloat(attributes.get(CPU_LIMIT_ATTRIBUTE));
            if (cpuLimit > 0) {
                Containers.addCpuLimit(container, cpuLimit);
            }
            float cpuRequest = Float.parseFloat(attributes.get(CPU_REQUEST_ATTRIBUTE));
            if (cpuRequest > 0)
                Containers.addCpuRequest(container, cpuRequest);
        }
    }
}

Example 68 with InternalMachineConfig

use of org.eclipse.che.api.workspace.server.spi.environment.InternalMachineConfig in project devspaces-images by redhat-developer.

the class EnvironmentVariableSecretApplierTest method shouldNotProvisionContainersWithAutomountOverrideFalse.

@Test
public void shouldNotProvisionContainersWithAutomountOverrideFalse() throws Exception {
    Container container_match1 = new ContainerBuilder().withName("maven").build();
    Container container_match2 = new ContainerBuilder().withName("other").build();
    DevfileImpl mock_defvile = mock(DevfileImpl.class);
    ComponentImpl component = new ComponentImpl();
    component.setAlias("maven");
    component.setAutomountWorkspaceSecrets(false);
    when(podSpec.getContainers()).thenReturn(ImmutableList.of(container_match1, container_match2));
    InternalMachineConfig internalMachineConfig = new InternalMachineConfig();
    internalMachineConfig.getAttributes().put(DEVFILE_COMPONENT_ALIAS_ATTRIBUTE, "maven");
    when(environment.getMachines()).thenReturn(ImmutableMap.of("maven", internalMachineConfig));
    when(environment.getDevfile()).thenReturn(mock_defvile);
    when(mock_defvile.getComponents()).thenReturn(singletonList(component));
    Secret secret = new SecretBuilder().withData(singletonMap("foo", "random")).withMetadata(new ObjectMetaBuilder().withName("test_secret").withAnnotations(ImmutableMap.of(ANNOTATION_ENV_NAME, "MY_FOO", ANNOTATION_MOUNT_AS, "env", ANNOTATION_AUTOMOUNT, "true")).withLabels(emptyMap()).build()).build();
    secretApplier.applySecret(environment, runtimeIdentity, secret);
    // only second container has env set
    assertEquals(container_match1.getEnv().size(), 0);
    assertEquals(container_match2.getEnv().size(), 1);
    EnvVar var2 = container_match2.getEnv().get(0);
    assertEquals(var2.getName(), "MY_FOO");
    assertEquals(var2.getValueFrom().getSecretKeyRef().getName(), "test_secret");
    assertEquals(var2.getValueFrom().getSecretKeyRef().getKey(), "foo");
}

Example 69 with InternalMachineConfig

use of org.eclipse.che.api.workspace.server.spi.environment.InternalMachineConfig in project devspaces-images by redhat-developer.

the class FileSecretApplierTest method shouldNotProvisionContainersWithAutomountOverrideFalse.

@Test
public void shouldNotProvisionContainersWithAutomountOverrideFalse() throws Exception {
    Container container_match1 = new ContainerBuilder().withName("maven").build();
    Container container_match2 = new ContainerBuilder().withName("other").build();
    DevfileImpl mock_defvile = mock(DevfileImpl.class);
    ComponentImpl component = new ComponentImpl();
    component.setAlias("maven");
    component.setAutomountWorkspaceSecrets(false);
    InternalMachineConfig internalMachineConfig = new InternalMachineConfig();
    internalMachineConfig.getAttributes().put(DEVFILE_COMPONENT_ALIAS_ATTRIBUTE, "maven");
    when(environment.getMachines()).thenReturn(ImmutableMap.of("maven", internalMachineConfig));
    when(environment.getDevfile()).thenReturn(mock_defvile);
    when(mock_defvile.getComponents()).thenReturn(singletonList(component));
    PodSpec localSpec = new PodSpecBuilder().withContainers(ImmutableList.of(container_match1, container_match2)).build();
    when(podData.getSpec()).thenReturn(localSpec);
    Secret secret = new SecretBuilder().withData(singletonMap("foo", "random")).withMetadata(new ObjectMetaBuilder().withName("test_secret").withAnnotations(ImmutableMap.of(ANNOTATION_MOUNT_AS, "file", ANNOTATION_MOUNT_PATH, "/home/user/.m2", ANNOTATION_AUTOMOUNT, "true")).withLabels(emptyMap()).build()).build();
    secretApplier.applySecret(environment, runtimeIdentity, secret);
    // only second container has mounts
    assertEquals(environment.getPodsData().get("pod1").getSpec().getVolumes().size(), 1);
    Volume volume = environment.getPodsData().get("pod1").getSpec().getVolumes().get(0);
    assertEquals(volume.getName(), "test_secret");
    assertEquals(volume.getSecret().getSecretName(), "test_secret");
    assertEquals(environment.getPodsData().get("pod1").getSpec().getContainers().get(0).getVolumeMounts().size(), 0);
    assertEquals(environment.getPodsData().get("pod1").getSpec().getContainers().get(1).getVolumeMounts().size(), 1);
    VolumeMount mount2 = environment.getPodsData().get("pod1").getSpec().getContainers().get(1).getVolumeMounts().get(0);
    assertEquals(mount2.getName(), "test_secret");
    assertEquals(mount2.getMountPath(), "/home/user/.m2/foo");
    assertTrue(mount2.getReadOnly());
}

Example 70 with InternalMachineConfig

use of org.eclipse.che.api.workspace.server.spi.environment.InternalMachineConfig in project devspaces-images by redhat-developer.

the class FileSecretApplierTest method shouldProvisionContainersWithAutomountOverrideTrue.

@Test
public void shouldProvisionContainersWithAutomountOverrideTrue() throws Exception {
    Container container_match1 = new ContainerBuilder().withName("maven").build();
    Container container_match2 = new ContainerBuilder().withName("other").build();
    DevfileImpl mock_defvile = mock(DevfileImpl.class);
    ComponentImpl component = new ComponentImpl();
    component.setAlias("maven");
    component.setAutomountWorkspaceSecrets(true);
    InternalMachineConfig internalMachineConfig = new InternalMachineConfig();
    internalMachineConfig.getAttributes().put(DEVFILE_COMPONENT_ALIAS_ATTRIBUTE, "maven");
    when(environment.getMachines()).thenReturn(ImmutableMap.of("maven", internalMachineConfig));
    when(environment.getDevfile()).thenReturn(mock_defvile);
    when(mock_defvile.getComponents()).thenReturn(singletonList(component));
    PodSpec localSpec = new PodSpecBuilder().withContainers(ImmutableList.of(container_match1, container_match2)).build();
    when(podData.getSpec()).thenReturn(localSpec);
    Secret secret = new SecretBuilder().withData(singletonMap("foo", "random")).withMetadata(new ObjectMetaBuilder().withName("test_secret").withAnnotations(ImmutableMap.of(ANNOTATION_MOUNT_AS, "file", ANNOTATION_MOUNT_PATH, "/home/user/.m2", ANNOTATION_AUTOMOUNT, "false")).withLabels(emptyMap()).build()).build();
    secretApplier.applySecret(environment, runtimeIdentity, secret);
    // pod has volume created
    assertEquals(environment.getPodsData().get("pod1").getSpec().getVolumes().size(), 1);
    Volume volume = environment.getPodsData().get("pod1").getSpec().getVolumes().get(0);
    assertEquals(volume.getName(), "test_secret");
    assertEquals(volume.getSecret().getSecretName(), "test_secret");
    // first container has mount set
    assertEquals(environment.getPodsData().get("pod1").getSpec().getContainers().get(0).getVolumeMounts().size(), 1);
    VolumeMount mount1 = environment.getPodsData().get("pod1").getSpec().getContainers().get(0).getVolumeMounts().get(0);
    assertEquals(mount1.getName(), "test_secret");
    assertEquals(mount1.getMountPath(), "/home/user/.m2/foo");
    assertTrue(mount1.getReadOnly());
    // second container has no mounts
    assertEquals(environment.getPodsData().get("pod1").getSpec().getContainers().get(1).getVolumeMounts().size(), 0);
}