use of org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment.PodData in project che-server by eclipse-che.
the class PVCProvisioner method convertCheVolumes.
/**
* Converts {@link Volume} specified in {@link MachineConfig#getVolumes()} to {@link
* PersistentVolumeClaim}s and provision them to {@link KubernetesEnvironment}. The machines
* corresponding pods and containers are updated in accordance.
*
* @param k8sEnv environment to provision
* @param workspaceId identifier of workspace to which the specified environment belongs to
*/
public void convertCheVolumes(KubernetesEnvironment k8sEnv, String workspaceId) {
Map<String, PersistentVolumeClaim> volumeName2PVC = groupByVolumeName(k8sEnv.getPersistentVolumeClaims().values());
for (PodData pod : k8sEnv.getPodsData().values()) {
final PodSpec podSpec = pod.getSpec();
List<Container> containers = new ArrayList<>();
containers.addAll(podSpec.getContainers());
containers.addAll(podSpec.getInitContainers());
for (Container container : containers) {
final String machineName = Names.machineName(pod, container);
InternalMachineConfig machineConfig = k8sEnv.getMachines().get(machineName);
if (machineConfig == null) {
continue;
}
Map<String, Volume> volumes = machineConfig.getVolumes();
addMachineVolumes(workspaceId, k8sEnv, volumeName2PVC, pod, container, volumes);
}
}
}
use of org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment.PodData in project che-server by eclipse-che.
the class SubPathPrefixes method prefixVolumeMountsSubpaths.
/**
* Prefixes volumes mounts of containers inside of the specified kubernetes environment.
*
* <p>Subpaths have the following format: '{workspaceId}/{Che Volume name|PVC name}'.<br>
* Where Che Volume is used if it is present in PVC labels, otherwise PVC name will be used.<br>
* Note that logs volume has the special format: '{workspaceId}/{volumeName}/{machineName}'. It is
* done in this way to avoid conflicts e.g. two identical agents inside different machines produce
* the same log file.
*
* @param k8sEnv environment to process
* @param workspaceId workspace id that should be used as prefix
*/
public void prefixVolumeMountsSubpaths(KubernetesEnvironment k8sEnv, String workspaceId) {
for (PodData pod : k8sEnv.getPodsData().values()) {
Map<String, String> volumeToCheVolumeName = new HashMap<>();
for (io.fabric8.kubernetes.api.model.Volume volume : pod.getSpec().getVolumes()) {
if (volume.getPersistentVolumeClaim() == null) {
continue;
}
PersistentVolumeClaim pvc = k8sEnv.getPersistentVolumeClaims().get(volume.getPersistentVolumeClaim().getClaimName());
String cheVolumeName = pvc.getMetadata().getLabels().get(CHE_VOLUME_NAME_LABEL);
if (cheVolumeName == null) {
cheVolumeName = pvc.getMetadata().getName();
pvc.getMetadata().getLabels().put(CHE_VOLUME_NAME_LABEL, cheVolumeName);
}
volumeToCheVolumeName.put(volume.getName(), cheVolumeName);
}
if (volumeToCheVolumeName.isEmpty()) {
// Pod does not have any volume that references PVC
continue;
}
Stream.concat(pod.getSpec().getContainers().stream(), pod.getSpec().getInitContainers().stream()).forEach(c -> {
for (VolumeMount volumeMount : c.getVolumeMounts()) {
String pvcName = volumeToCheVolumeName.get(volumeMount.getName());
if (pvcName == null) {
// validation
continue;
}
String volumeSubPath = getVolumeMountSubpath(volumeMount, pvcName, workspaceId, Names.machineName(pod, c));
volumeMount.setSubPath(volumeSubPath);
}
});
}
}
use of org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment.PodData in project che-server by eclipse-che.
the class VcsSslCertificateProvisioner method provision.
@Override
public void provision(KubernetesEnvironment k8sEnv, RuntimeIdentity identity) throws InfrastructureException {
if (!isConfigured()) {
return;
}
String selfSignedCertConfigMapName = identity.getWorkspaceId() + CHE_GIT_SELF_SIGNED_CERT_CONFIG_MAP_SUFFIX;
k8sEnv.getConfigMaps().put(selfSignedCertConfigMapName, new ConfigMapBuilder().withNewMetadata().withName(selfSignedCertConfigMapName).endMetadata().withData(singletonMap(CA_CERT_FILE, certificate)).build());
for (PodData pod : k8sEnv.getPodsData().values()) {
if (pod.getRole() != PodRole.INJECTABLE) {
if (pod.getSpec().getVolumes().stream().noneMatch(v -> v.getName().equals(CHE_GIT_SELF_SIGNED_VOLUME))) {
pod.getSpec().getVolumes().add(buildCertVolume(selfSignedCertConfigMapName));
}
}
for (Container container : pod.getSpec().getInitContainers()) {
provisionCertVolumeMountIfNeeded(container);
}
for (Container container : pod.getSpec().getContainers()) {
provisionCertVolumeMountIfNeeded(container);
}
}
}
use of org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment.PodData in project che-server by eclipse-che.
the class RestartPolicyRewriter method provision.
@Override
@Traced
public void provision(KubernetesEnvironment k8sEnv, RuntimeIdentity identity) throws InfrastructureException {
TracingTags.WORKSPACE_ID.set(identity::getWorkspaceId);
for (PodData podConfig : k8sEnv.getPodsData().values()) {
final String podName = podConfig.getMetadata().getName();
final PodSpec podSpec = podConfig.getSpec();
rewriteRestartPolicy(podSpec, podName, k8sEnv);
}
}
use of org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment.PodData in project che-server by eclipse-che.
the class EnvironmentVariableSecretApplier method applySecret.
/**
* Applies secret as environment variable into workspace containers, respecting automount
* attribute and optional devfile automount property override.
*
* @param env kubernetes environment with workspace containers configuration
* @param runtimeIdentity identity of current runtime
* @param secret source secret to apply
* @throws InfrastructureException on misconfigured secrets or other apply error
*/
@Override
public void applySecret(KubernetesEnvironment env, RuntimeIdentity runtimeIdentity, Secret secret) throws InfrastructureException {
boolean secretAutomount = Boolean.parseBoolean(secret.getMetadata().getAnnotations().get(ANNOTATION_AUTOMOUNT));
for (PodData podData : env.getPodsData().values()) {
if (!podData.getRole().equals(PodRole.DEPLOYMENT)) {
continue;
}
for (Container container : podData.getSpec().getContainers()) {
Optional<ComponentImpl> component = getComponent(env, container.getName());
// skip components that explicitly disable automount
if (component.isPresent() && isComponentAutomountFalse(component.get())) {
continue;
}
// if automount disabled globally and not overridden in component
if (!secretAutomount && (!component.isPresent() || !isComponentAutomountTrue(component.get()))) {
continue;
}
for (Entry<String, String> secretDataEntry : secret.getData().entrySet()) {
final String mountEnvName = envName(secret, secretDataEntry.getKey(), runtimeIdentity);
container.getEnv().add(new EnvVarBuilder().withName(mountEnvName).withValueFrom(new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelectorBuilder().withName(secret.getMetadata().getName()).withKey(secretDataEntry.getKey()).build()).build()).build());
}
}
}
}
Aggregations