forked from cerc-io/stack-orchestrator
Thomas E Lackey
b22c72e715
In kind, when we bind-mount a host directory it is first mounted into the kind container at /mnt, then into the pod at the desired location. We accidentally picked this up for full-blown k8s, and were creating volumes at /mnt. This changes the behavior for both kind and regular k8s so that bind mounts are only allowed if a fully-qualified path is specified. If no path is specified at all, a default storageClass is assumed to be present, and the volume managed by a provisioner. Eg, for kind, the default provisioner is: https://github.com/rancher/local-path-provisioner ``` stack: test deploy-to: k8s-kind config: test-variable-1: test-value-1 network: ports: test: - '80' volumes: # this will be bind-mounted to a host-path test-data-bind: /srv/data # this will be managed by the k8s node test-data-auto: configmaps: test-config: ./configmap/test-config ``` Reviewed-on: cerc-io/stack-orchestrator#741 Co-authored-by: Thomas E Lackey <telackey@bozemanpass.com> Co-committed-by: Thomas E Lackey <telackey@bozemanpass.com>
143 lines
4.2 KiB
Python
143 lines
4.2 KiB
Python
# Copyright © 2022, 2023 Vulcanize
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU Affero General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU Affero General Public License for more details.
|
|
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
# along with this program. If not, see <http:#www.gnu.org/licenses/>.
|
|
|
|
import typing
|
|
import humanfriendly
|
|
|
|
from pathlib import Path
|
|
|
|
from stack_orchestrator.util import get_yaml
|
|
from stack_orchestrator import constants
|
|
|
|
|
|
class ResourceLimits:
|
|
cpus: float = None
|
|
memory: int = None
|
|
storage: int = None
|
|
|
|
def __init__(self, obj={}):
|
|
if "cpus" in obj:
|
|
self.cpus = float(obj["cpus"])
|
|
if "memory" in obj:
|
|
self.memory = humanfriendly.parse_size(obj["memory"])
|
|
if "storage" in obj:
|
|
self.storage = humanfriendly.parse_size(obj["storage"])
|
|
|
|
def __len__(self):
|
|
return len(self.__dict__)
|
|
|
|
def __iter__(self):
|
|
for k in self.__dict__:
|
|
yield k, self.__dict__[k]
|
|
|
|
def __repr__(self):
|
|
return str(self.__dict__)
|
|
|
|
|
|
class Resources:
|
|
limits: ResourceLimits = None
|
|
reservations: ResourceLimits = None
|
|
|
|
def __init__(self, obj={}):
|
|
if "reservations" in obj:
|
|
self.reservations = ResourceLimits(obj["reservations"])
|
|
if "limits" in obj:
|
|
self.limits = ResourceLimits(obj["limits"])
|
|
|
|
def __len__(self):
|
|
return len(self.__dict__)
|
|
|
|
def __iter__(self):
|
|
for k in self.__dict__:
|
|
yield k, self.__dict__[k]
|
|
|
|
def __repr__(self):
|
|
return str(self.__dict__)
|
|
|
|
|
|
class Spec:
|
|
|
|
obj: typing.Any
|
|
file_path: Path
|
|
|
|
def __init__(self, file_path: Path = None, obj={}) -> None:
|
|
self.file_path = file_path
|
|
self.obj = obj
|
|
|
|
def __getitem__(self, item):
|
|
return self.obj[item]
|
|
|
|
def __contains__(self, item):
|
|
return item in self.obj
|
|
|
|
def get(self, item, default=None):
|
|
return self.obj.get(item, default)
|
|
|
|
def init_from_file(self, file_path: Path):
|
|
with file_path:
|
|
self.obj = get_yaml().load(open(file_path, "r"))
|
|
self.file_path = file_path
|
|
|
|
def get_image_registry(self):
|
|
return (self.obj[constants.image_registry_key]
|
|
if self.obj and constants.image_registry_key in self.obj
|
|
else None)
|
|
|
|
def get_volumes(self):
|
|
return (self.obj["volumes"]
|
|
if self.obj and "volumes" in self.obj
|
|
else {})
|
|
|
|
def get_configmaps(self):
|
|
return (self.obj["configmaps"]
|
|
if self.obj and "configmaps" in self.obj
|
|
else {})
|
|
|
|
def get_container_resources(self):
|
|
return Resources(self.obj.get("resources", {}).get("containers", {}))
|
|
|
|
def get_volume_resources(self):
|
|
return Resources(self.obj.get("resources", {}).get("volumes", {}))
|
|
|
|
def get_http_proxy(self):
|
|
return (self.obj[constants.network_key][constants.http_proxy_key]
|
|
if self.obj and constants.network_key in self.obj
|
|
and constants.http_proxy_key in self.obj[constants.network_key]
|
|
else None)
|
|
|
|
def get_annotations(self):
|
|
return self.obj.get("annotations", {})
|
|
|
|
def get_labels(self):
|
|
return self.obj.get("labels", {})
|
|
|
|
def get_privileged(self):
|
|
return "true" == str(self.obj.get("security", {}).get("privileged", "false")).lower()
|
|
|
|
def get_capabilities(self):
|
|
return self.obj.get("security", {}).get("capabilities", [])
|
|
|
|
def get_deployment_type(self):
|
|
return self.obj[constants.deploy_to_key]
|
|
|
|
def is_kubernetes_deployment(self):
|
|
return self.get_deployment_type() in [constants.k8s_kind_deploy_type, constants.k8s_deploy_type]
|
|
|
|
def is_kind_deployment(self):
|
|
return self.get_deployment_type() in [constants.k8s_kind_deploy_type]
|
|
|
|
def is_docker_deployment(self):
|
|
return self.get_deployment_type() in [constants.compose_deploy_type]
|