Juju Charms Collection
kubernetes-master package

Merge lp:~mbruzek/charms/trusty/kubernetes-master/trunk into lp:~kubernetes/charms/trusty/kubernetes-master/trunk

Trusty Tahr (14.04)
trunk
Merge into trunk

Proposed by Matt Bruzek on 2015-10-09

Status:	Merged
Merged at revision:	14
Proposed branch:	lp:~mbruzek/charms/trusty/kubernetes-master/trunk
Merge into:	lp:~kubernetes/charms/trusty/kubernetes-master/trunk
Diff against target:	979 lines (+383/-164) 16 files modified Makefile (+2/-1) README.md (+42/-17) config.yaml (+24/-0) copyright (+1/-1) files/apiserver.upstart.tmpl (+8/-9) files/controller-manager.upstart.tmpl (+1/-8) files/distribution.conf.tmpl (+5/-1) files/nginx.conf.tmpl (+25/-37) files/scheduler.upstart.tmpl (+1/-8) hooks/__init__.py (+16/-0) hooks/hooks.py (+118/-26) hooks/install.py (+35/-10) hooks/kubernetes_installer.py (+17/-3) hooks/setup.py (+14/-0) unit_tests/kubernetes_installer_test.py (+25/-13) unit_tests/test_install.py (+49/-30)
To merge this branch:	bzr merge lp:~mbruzek/charms/trusty/kubernetes-master/trunk
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Charles Butler (community)		2015-10-09	Approve on 2015-10-09
Review via email: mp+273994@code.launchpad.net

Description of the change

Synched this charm with the content on github. Then ran the lint and CI tests against the code.

Had to clean up quite a few failures to get here, but this charm passes all tests in CI and is synchronized with the content in github.

http://reports.vapour.ws/charm-test-details/charm-bundle-test-parent-1122

lp:~mbruzek/charms/trusty/kubernetes-master/trunk updated on 2015-10-09

19. By Matt Bruzek on 2015-10-09: Changing the flake8 rules to avoid conflict with verify-boilerplate k8s tool.

Revision history for this message

Charles Butler (lazypower) wrote on 2015-10-09:

+1 lGTM

Thanks for the hard work Matt.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Kubernetes Charmers

Matt Bruzek

 === modified file 'Makefile'
 --- Makefile	2015-09-24 19:50:43 +0000
 +++ Makefile	2015-10-09 16:18:58 +0000
@@ -6,7 +6,7 @@
  	.venv/bin/pip install -q -r requirements.txt
  lint: virtualenv
--	@.venv/bin/flake8 hooks --exclude=charmhelpers
++	@.venv/bin/flake8 hooks --exclude=charmhelpers --ignore=W391
  	@.venv/bin/charm proof
  test: virtualenv
@@ -27,3 +27,4 @@
  clean:
  	rm -rf .venv
  	find -name *.pyc -delete
++	rm -rf unit_tests/.cache
 === modified file 'README.md'
 --- README.md	2015-04-10 21:42:42 +0000
 +++ README.md	2015-10-09 16:18:58 +0000
@@ -1,6 +1,6 @@
  # Kubernetes Master Charm
--[Kubernetes](https://github.com/googlecloudplatform/kubernetes) is an open
++[Kubernetes](https://github.com/kubernetes/kubernetes) is an open
  source  system for managing containerized applications across multiple hosts.
  Kubernetes uses [Docker](http://www.docker.io/) to package, instantiate and run
  containerized applications.
@@ -56,22 +56,44 @@
  #### Deploying the recommended configuration
--A bundle can be used to deploy Kubernetes onto any cloud it can be
--orchestrated directly in the Juju Graphical User Interface, when using
--`juju quickstart`:
--
--    juju quickstart https://raw.githubusercontent.com/whitmo/bundle-kubernetes/master/bundles.yaml
--
--
--For more information on the recommended bundle deployment, see the
--[Kubernetes bundle documentation](https://github.com/whitmo/bundle-kubernetes)
++Use the 'juju quickstart' command to deploy a Kubernetes cluster to any cloud
++supported by Juju.
++
++The charm store version of the Kubernetes bundle can be deployed as follows:
++
++    juju quickstart u/kubernetes/kubernetes-cluster
++
++> Note: The charm store bundle may be locked to a specific Kubernetes release.
++
++Alternately you could deploy a Kubernetes bundle straight from github or a file:
++
++    juju quickstart https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/juju/bundles/local.yaml
++
++The command above does few things for you:
++
++- Starts a curses based gui for managing your cloud or MAAS credentials
++- Looks for a bootstrapped deployment environment, and bootstraps if
++  required. This will launch a bootstrap node in your chosen
++  deployment environment (machine 0).
++- Deploys the Juju GUI to your environment onto the bootstrap node.
++- Provisions 4 machines, and deploys the Kubernetes services on top of
++  them (Kubernetes-master, two Kubernetes minions using flannel, and etcd).
++- Orchestrates the relations among the services, and exits.
++
++Now you should have a running Kubernetes. Run `juju status
++--format=oneline` to see the address of your kubernetes-master unit.
++
++For further reading on [Juju Quickstart](https://pypi.python.org/pypi/juju-quickstart)
++
++Go to the [Getting started with Juju guide](https://github.com/kubernetes/kubernetes/blob/master/docs/getting-started-guides/juju.md)
++for more information about deploying a development Kubernetes cluster.
  #### Post Deployment
  To interact with the kubernetes environment, either build or
--[download](https://github.com/GoogleCloudPlatform/kubernetes/releases) the
--[kubectl](https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/kubectl.md)
++[download](https://github.com/kubernetes/kubernetes/releases) the
++[kubectl](https://github.com/kubernetes/kubernetes/blob/master/docs/user-guide/kubectl/kubectl.md)
  binary (available in the releases binary tarball) and point it to the master with :
@@ -90,12 +112,15 @@
  command.
  Congratulations you know have deployed a Kubernetes environment! Use the
--[kubectl](https://github.com/GoogleCloudPlatform/kubernetes/blob/master/docs/kubectl.md)
++[kubectl](https://github.com/kubernetes/kubernetes/blob/master/docs/user-guide/kubectl/kubectl.md)
  to interact with the environment.
  # Kubernetes information
--- [Kubernetes github project](https://github.com/GoogleCloudPlatform/kubernetes)
--- [Kubernetes issue tracker](https://github.com/GoogleCloudPlatform/kubernetes/issues)
--- [Kubernetes Documenation](https://github.com/GoogleCloudPlatform/kubernetes/tree/master/docs)
--- [Kubernetes releases](https://github.com/GoogleCloudPlatform/kubernetes/releases)
++- [Kubernetes github project](https://github.com/kubernetes/kubernetes)
++- [Kubernetes issue tracker](https://github.com/kubernetes/kubernetes/issues)
++- [Kubernetes Documenation](https://github.com/kubernetes/kubernetes/tree/master/docs)
++- [Kubernetes releases](https://github.com/kubernetes/kubernetes/releases)
++
++
++[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/cluster/juju/charms/trusty/kubernetes-master/README.md?pixel)]()
 === modified file 'config.yaml'
 --- config.yaml	2015-07-17 20:01:20 +0000
 +++ config.yaml	2015-10-09 16:18:58 +0000
@@ -7,3 +7,27 @@
          compiled from the source identified by this tag in github. Using the
          value of "source" will use the master kubernetes branch when compiling
          the binaries.
++  username:
++    type: string
++    default: "admin"
++    description: |
++        The initial user for the kubernetes basic authentication file.
++  password:
++    type: string
++    default: ""
++    description: |
++        The password for the kubernetes basic authentication.  If this value is
++        empty, a password will be generated at random for the username.
++  apiserver-cert:
++    type: string
++    default: ""
++    description: |
++        The ssl certificate to use for tls communication to the Kubernetes api
++        server.  If this value is empty a self signed certificate and key will
++        be generated.
++  apiserver-key:
++    type: string
++    default: ""
++    description: |
++        The private key to use for tls communication to the Kubernetes api
++        server.  If this value is empty a key and certificate will be generated.
 === modified file 'copyright'
 --- copyright	2015-07-17 20:01:20 +0000
 +++ copyright	2015-10-09 16:18:58 +0000
@@ -1,4 +1,4 @@
--Copyright 2015 Canonical Ltd.
++Copyright 2015 Google Inc. All rights reserved.
  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
 === modified file 'files/apiserver.upstart.tmpl'
 --- files/apiserver.upstart.tmpl	2015-07-17 20:01:20 +0000
 +++ files/apiserver.upstart.tmpl	2015-10-09 16:18:58 +0000
@@ -8,13 +8,12 @@
  kill timeout 30 # wait 30s between SIGTERM and SIGKILL.
  exec /usr/local/bin/apiserver \
--     --address=%(api_bind_address)s \
--     --etcd_servers=%(etcd_servers)s \
++     --basic-auth-file=/srv/kubernetes/basic-auth.csv \
++     --bind-address=%(api_private_address)s \
++     --etcd-servers=%(etcd_servers)s \
++     --insecure-bind-address=%(api_private_address)s \
       --logtostderr=true \
--     --service-cluster-ip-range=10.244.240.0/20
--
--
--
--
--
--
++     --secure-port=6443 \
++     --service-cluster-ip-range=10.244.240.0/20 \
++     --tls-cert-file=/srv/kubernetes/apiserver.crt \
++     --tls-private-key-file=/srv/kubernetes/apiserver.key
 === modified file 'files/controller-manager.upstart.tmpl'
 --- files/controller-manager.upstart.tmpl	2015-04-10 21:12:25 +0000
 +++ files/controller-manager.upstart.tmpl	2015-10-09 16:18:58 +0000
@@ -10,11 +10,4 @@
  exec /usr/local/bin/controller-manager \
       --address=%(bind_address)s \
       --logtostderr=true \
--     --master=%(api_server_address)s
--
--
--
--
--
--
--
++     --master=%(api_http_uri)s
 === modified file 'files/distribution.conf.tmpl'
 --- files/distribution.conf.tmpl	2015-07-17 20:01:20 +0000
 +++ files/distribution.conf.tmpl	2015-10-09 16:18:58 +0000
@@ -1,5 +1,9 @@
++# This file configures ngnix to serve Kubernetes binaries using http.
++# The charms find the location path from the api relation to the charm.
  server {
--    listen %(api_bind_address)s:80;
++    listen 80 default_server;
++    root %(alias)s;
++
      location %(web_uri)s {
          alias %(alias)s;
+     }
 === modified file 'files/nginx.conf.tmpl'
 --- files/nginx.conf.tmpl	2015-01-27 17:59:40 +0000
 +++ files/nginx.conf.tmpl	2015-10-09 16:18:58 +0000
@@ -1,39 +1,27 @@
--# HTTP/HTTPS server
--#
++# Proxy HTTPS from the public address to the kube-apiserver running at 6443.
  server {
--        listen 80;
--        server_name localhost;
--
--        root html;
--        index index.html index.htm;
--
--#        ssl on;
--#        ssl_certificate /usr/share/nginx/server.cert;
--#        ssl_certificate_key /usr/share/nginx/server.key;
--
--#        ssl_session_timeout 5m;
--#        ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
--#        ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
--#        ssl_prefer_server_ciphers on;
--
--        location / {
--#          auth_basic            "Restricted";
--#          auth_basic_user_file  /usr/share/nginx/htpasswd;
--
--          # Proxy settings
--          # disable buffering so that watch works
--          proxy_buffering off;
--          proxy_pass %(api_server_address)s;
--          proxy_connect_timeout 159s;
--          proxy_send_timeout   600s;
--          proxy_read_timeout   600s;
--
--          # Disable retry
--          proxy_next_upstream off;
--
--          # Support web sockets
--          proxy_http_version 1.1;
--          proxy_set_header Upgrade $http_upgrade;
--          proxy_set_header Connection "upgrade";
--        }
++    listen 443;
++    server_name localhost;
++
++    root html;
++    index index.html index.htm;
++
++    ssl on;
++    ssl_certificate /srv/kubernetes/apiserver.crt;
++    ssl_certificate_key /srv/kubernetes/apiserver.key;
++    ssl_session_timeout 5m;
++
++    # don't use SSLv3 because of POODLE
++    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
++    ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
++    ssl_prefer_server_ciphers on;
++
++    location / {
++        proxy_buffering off;
++        proxy_pass %(api_https_uri)s;
++        proxy_connect_timeout 159s;
++        proxy_send_timeout   600s;
++        proxy_read_timeout   600s;
++        proxy_redirect off;
++    }
+ }
 === modified file 'files/scheduler.upstart.tmpl'
 --- files/scheduler.upstart.tmpl	2015-04-10 21:12:25 +0000
 +++ files/scheduler.upstart.tmpl	2015-10-09 16:18:58 +0000
@@ -10,11 +10,4 @@
  exec /usr/local/bin/scheduler \
       --address=%(bind_address)s \
       --logtostderr=true \
--     --master=%(api_server_address)s
--
--
--
--
--
--
--
++     --master=%(api_http_uri)s
 === modified file 'hooks/__init__.py'
 --- hooks/__init__.py	2015-09-24 19:50:43 +0000
 +++ hooks/__init__.py	2015-10-09 16:18:58 +0000
@@ -0,0 +1,16 @@
++#!/usr/bin/env python
++
++# Copyright 2015 The Kubernetes Authors All rights reserved.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#     http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
 === modified file 'hooks/hooks.py'
 --- hooks/hooks.py	2015-09-24 19:50:43 +0000
 +++ hooks/hooks.py	2015-10-09 16:18:58 +0000
@@ -1,5 +1,19 @@
  #!/usr/bin/env python
++# Copyright 2015 The Kubernetes Authors All rights reserved.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#     http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
  """
  The main hook file is called by Juju.
  """
@@ -9,8 +23,9 @@
  import subprocess
  import sys
  from charmhelpers.core import hookenv, host
++from charmhelpers.contrib import ssl
  from kubernetes_installer import KubernetesInstaller
--from path import path
++from path import Path
  hooks = hookenv.Hooks()
@@ -41,10 +56,14 @@
      create kubernetes binary files.
      """
      hookenv.log('Starting config-changed')
--    charm_dir = path(hookenv.charm_dir())
++    charm_dir = Path(hookenv.charm_dir())
      config = hookenv.config()
      # Get the version of kubernetes to install.
      version = config['version']
++    username = config['username']
++    password = config['password']
++    certificate = config['apiserver-cert']
++    key = config['apiserver-key']
      if version == 'master':
          # The 'master' branch of kuberentes is used when master is configured.
@@ -56,32 +75,59 @@
          # Create a branch to a tag to get the release version.
          branch = 'tags/{0}'.format(version)
--    # Get the package architecture
++    cert_file = '/srv/kubernetes/apiserver.crt'
++    key_file = '/srv/kubernetes/apiserver.key'
++    # When the cert or key changes we need to restart the apiserver.
++    if config.changed('apiserver-cert') or config.changed('apiserver-key'):
++        hookenv.log('Certificate or key has changed.')
++        if not certificate or not key:
++            generate_cert(key=key_file, cert=cert_file)
++        else:
++            hookenv.log('Writing new certificate and key to server.')
++            with open(key_file, 'w') as file:
++                file.write(key)
++            with open(cert_file, 'w') as file:
++                file.write(certificate)
++        # Restart apiserver as the certificate or key has changed.
++        if host.service_running('apiserver'):
++            host.service_restart('apiserver')
++        # Reload nginx because it proxies https to apiserver.
++        if host.service_running('nginx'):
++            host.service_reload('nginx')
++
++    if config.changed('username') or config.changed('password'):
++        hookenv.log('Username or password changed, creating authentication.')
++        basic_auth(username, username, password)
++        if host.service_running('apiserver'):
++            host.service_restart('apiserver')
++
++    # Get package architecture, rather than arch from the kernel (uname -m).
      arch = subprocess.check_output(['dpkg', '--print-architecture']).strip()
      if not branch:
          output_path = charm_dir / 'files/output'
--        installer = KubernetesInstaller(arch, version, output_path)
++        kube_installer = KubernetesInstaller(arch, version, output_path)
      else:
          # Build the kuberentes binaries from source on the units.
--        kubernetes_dir = path('/opt/kubernetes')
++        kubernetes_dir = Path('/opt/kubernetes')
          # Construct the path to the binaries using the arch.
          output_path = kubernetes_dir / '_output/local/bin/linux' / arch
--        installer = KubernetesInstaller(arch, version, output_path)
++        kube_installer = KubernetesInstaller(arch, version, output_path)
          if not kubernetes_dir.exists():
--            print('The source dir {0} does not exist'.format(kubernetes_dir))
--            print('Was the kubernetes code cloned during install?')
++            message = 'The kubernetes source directory {0} does not exist. ' \
++                'Was the kubernetes repository cloned during the install?'
++            print(message.format(kubernetes_dir))
              exit(1)
          # Change to the kubernetes directory (git repository).
          with kubernetes_dir:
--
              # Create a command to get the current branch.
              git_branch = 'git branch | grep "\*" | cut -d" " -f2'
--            current_branch = subprocess.check_output(git_branch, shell=True).strip()  # noqa
++            current_branch = subprocess.check_output(git_branch, shell=True)
++            current_branch = current_branch.strip()
              print('Current branch: ', current_branch)
              # Create the path to a file to indicate if the build was broken.
              broken_build = charm_dir / '.broken_build'
@@ -90,12 +136,12 @@
                  print('Last build failed: ', last_build_failed)
                  # Rebuild if current version is different or last build failed.
                  if current_branch != version or last_build_failed:
--                    installer.build(branch)
++                    kube_installer.build(branch)
              if not output_path.isdir():
                  broken_build.touch()
      # Create the symoblic links to the right directories.
--    installer.install()
++    kube_installer.install()
      relation_changed()
@@ -109,10 +155,10 @@
      # Check required keys
      for k in ('etcd_servers',):
          if not template_data.get(k):
--            print "Missing data for", k, template_data
++            print 'Missing data for', k, template_data
              return
--    print "Running with\n", template_data
++    print 'Running with\n', template_data
      # Render and restart as needed
      for n in ('apiserver', 'controller-manager', 'scheduler'):
@@ -143,7 +189,7 @@
  def notify_minions():
--    print("Notify minions.")
++    print('Notify minions.')
      config = hookenv.config()
      for r in hookenv.relation_ids('minions-api'):
          hookenv.relation_set(
@@ -151,7 +197,49 @@
              hostname=hookenv.unit_private_ip(),
              port=8080,
              version=config['version'])
--    print("Notified minions of version " + config['version'])
++    print('Notified minions of version ' + config['version'])
++
++
++def basic_auth(name, id, pwd=None, file='/srv/kubernetes/basic-auth.csv'):
++    """
++    Create a basic authentication file for kubernetes. The file is a csv file
++    with 3 columns: password, user name, user id. From the Kubernetes docs:
++    The basic auth credentials last indefinitely, and the password cannot be
++    changed without restarting apiserver.
++    """
++    if not pwd:
++        import random
++        import string
++        alphanumeric = string.ascii_letters + string.digits
++        pwd = ''.join(random.choice(alphanumeric) for _ in range(16))
++    lines = []
++    auth_file = Path(file)
++    if auth_file.isfile():
++        lines = auth_file.lines()
++        for line in lines:
++            target = ',{0},{1}'.format(name, id)
++            if target in line:
++                lines.remove(line)
++    auth_line = '{0},{1},{2}'.format(pwd, name, id)
++    lines.append(auth_line)
++    auth_file.write_lines(lines)
++
++
++def generate_cert(common_name=None,
++                  key='/srv/kubernetes/apiserver.key',
++                  cert='/srv/kubernetes/apiserver.crt'):
++    """
++    Create the certificate and key for the Kubernetes tls enablement.
++    """
++    hookenv.log('Generating new self signed certificate and key', 'INFO')
++    if not common_name:
++        common_name = hookenv.unit_get('public-address')
++    if os.path.isfile(key) or os.path.isfile(cert):
++        hookenv.log('Overwriting the existing certificate or key', 'WARNING')
++    hookenv.log('Generating certificate for {0}'.format(common_name), 'INFO')
++    # Generate the self signed certificate with the public address as CN.
++    # https://pythonhosted.org/charmhelpers/api/charmhelpers.contrib.ssl.html
++    ssl.generate_selfsigned(key, cert, cn=common_name)
  def get_template_data():
@@ -159,18 +247,21 @@
      config = hookenv.config()
      version = config['version']
      template_data = {}
--    template_data['etcd_servers'] = ",".join([
--        "http://%s:%s" % (s[0], s[1]) for s in sorted(
++    template_data['etcd_servers'] = ','.join([
++        'http://%s:%s' % (s[0], s[1]) for s in sorted(
              get_rel_hosts('etcd', rels, ('hostname', 'port')))])
--    template_data['minions'] = ",".join(get_rel_hosts('minions-api', rels))
++    template_data['minions'] = ','.join(get_rel_hosts('minions-api', rels))
++    private_ip = hookenv.unit_private_ip()
++    public_ip = hookenv.unit_public_ip()
++    template_data['api_public_address'] = _bind_addr(public_ip)
++    template_data['api_private_address'] = _bind_addr(private_ip)
++    template_data['bind_address'] = '127.0.0.1'
++    template_data['api_http_uri'] = 'http://%s:%s' % (private_ip, 8080)
++    template_data['api_https_uri'] = 'https://%s:%s' % (private_ip, 6443)
--    template_data['api_bind_address'] = _bind_addr(hookenv.unit_private_ip())
--    template_data['bind_address'] = "127.0.0.1"
--    template_data['api_server_address'] = "http://%s:%s" % (
--        hookenv.unit_private_ip(), 8080)
      arch = subprocess.check_output(['dpkg', '--print-architecture']).strip()
--    template_data['web_uri'] = "/kubernetes/%s/local/bin/linux/%s/" % (version,
++    template_data['web_uri'] = '/kubernetes/%s/local/bin/linux/%s/' % (version,
                                                                         arch)
      if version == 'local':
          template_data['alias'] = hookenv.charm_dir() + '/files/output/'
@@ -187,7 +278,7 @@
      try:
          return socket.gethostbyname(addr)
      except socket.error:
--            raise ValueError("Could not resolve private address")
++            raise ValueError('Could not resolve address %s' % addr)
  def _encode(d):
@@ -209,7 +300,7 @@
      return hosts
--def render_file(name, data, src_suffix="upstart.tmpl", tgt_path=None):
++def render_file(name, data, src_suffix='upstart.tmpl', tgt_path=None):
      tmpl_path = os.path.join(
          os.environ.get('CHARM_DIR'), 'files', '%s.%s' % (name, src_suffix))
@@ -230,5 +321,6 @@
          fh.write(rendered)
      return True
++
  if __name__ == '__main__':
      hooks.execute(sys.argv)
 === modified file 'hooks/install.py'
 --- hooks/install.py	2015-09-28 15:23:30 +0000
 +++ hooks/install.py	2015-10-09 16:18:58 +0000
@@ -1,13 +1,27 @@
  #!/usr/bin/env python
++# Copyright 2015 The Kubernetes Authors All rights reserved.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#     http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
  import setup
  setup.pre_install()
  import subprocess
++from charmhelpers import fetch
  from charmhelpers.core import hookenv
--from charmhelpers import fetch
  from charmhelpers.fetch import archiveurl
--from path import path
++from path import Path
  def install():
@@ -16,18 +30,24 @@
      download_go()
      hookenv.log('Adding kubernetes and go to the path')
--
++    address = hookenv.unit_private_ip()
      strings = [
          'export GOROOT=/usr/local/go\n',
          'export PATH=$PATH:$GOROOT/bin\n',
--        'export KUBE_MASTER_IP=0.0.0.0\n',
--        'export KUBERNETES_MASTER=http://$KUBE_MASTER_IP\n',
--        ]
++        'export KUBERNETES_MASTER=http://{0}:8080\n'.format(address),
++    ]
      update_rc_files(strings)
      hookenv.log('Downloading kubernetes code')
      clone_repository()
++    # Create the directory to store the keys and auth files.
++    srv = Path('/srv/kubernetes')
++    if not srv.isdir():
++        srv.makedirs_p()
++
      hookenv.open_port(8080)
++    hookenv.open_port(6443)
++    hookenv.open_port(443)
      hookenv.log('Install complete')
@@ -51,7 +71,7 @@
      """
      repository = 'https://github.com/kubernetes/kubernetes.git'
--    kubernetes_directory = path('/opt/kubernetes')
++    kubernetes_directory = Path('/opt/kubernetes')
      # Since we can not clone twice, check for the directory and remove it.
      if kubernetes_directory.isdir():
          kubernetes_directory.rmtree_p()
@@ -69,8 +89,13 @@
      """
      hookenv.log('Installing Debian packages')
      # Create the list of packages to install.
--    apt_packages = ['build-essential', 'git', 'make', 'nginx', 'python-pip',
--                    'docker.io']
++    apt_packages = ['apache2-utils',
++                    'build-essential',
++                    'docker.io',
++                    'git',
++                    'make',
++                    'nginx',
++                    'python-pip', ]
      fetch.apt_install(fetch.filter_installed_packages(apt_packages))
@@ -80,7 +105,7 @@
      make interfacing with the api easier. (see: kubectrl docs)
      """
      if not rc_files:
--        rc_files = [path('/home/ubuntu/.bashrc'), path('/root/.bashrc')]
++        rc_files = [Path('/home/ubuntu/.bashrc'), Path('/root/.bashrc')]
      for rc_file in rc_files:
          lines = rc_file.lines()
 === modified file 'hooks/kubernetes_installer.py'
 --- hooks/kubernetes_installer.py	2015-07-17 20:01:20 +0000
 +++ hooks/kubernetes_installer.py	2015-10-09 16:18:58 +0000
@@ -1,9 +1,23 @@
  #!/usr/bin/env python
++# Copyright 2015 The Kubernetes Authors All rights reserved.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#     http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
  import os
  import shlex
  import subprocess
--from path import path
++from path import Path
  def run(command, shell=False):
@@ -32,7 +46,7 @@
                          'kubelet': 'kubelet'}
          self.arch = arch
          self.version = version
--        self.output_dir = path(output_dir)
++        self.output_dir = Path(output_dir)
      def build(self, branch):
          """ Build kubernetes from a github repository using the Makefile. """
@@ -74,7 +88,7 @@
          print(make_what)
          rc = subprocess.call(shlex.split(make_what), env=go_env)
--    def install(self, install_dir=path('/usr/local/bin')):
++    def install(self, install_dir=Path('/usr/local/bin')):
          """ Install kubernetes binary files from the output directory. """
          if not install_dir.isdir():
 === modified file 'hooks/setup.py'
 --- hooks/setup.py	2015-09-24 19:50:43 +0000
 +++ hooks/setup.py	2015-10-09 16:18:58 +0000
@@ -1,5 +1,19 @@
  #!/usr/bin/env python
++# Copyright 2015 The Kubernetes Authors All rights reserved.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#     http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
  def pre_install():
      """
 === modified file 'unit_tests/kubernetes_installer_test.py'
 --- unit_tests/kubernetes_installer_test.py	2015-09-24 19:50:43 +0000
 +++ unit_tests/kubernetes_installer_test.py	2015-10-09 16:18:58 +0000
@@ -1,8 +1,21 @@
  #!/usr/bin/env python
++# Copyright 2015 The Kubernetes Authors All rights reserved.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#     http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
  from mock import patch
  from mock import ANY
--from path import path
  from path import Path
  import pytest
  import subprocess
@@ -25,7 +38,7 @@
      assert output
      assert 'kubernetes_installer.py' in output
--    invalid_directory = path('/not/a/real/directory')
++    invalid_directory = Path('/not/a/real/directory')
      assert not invalid_directory.exists()
      invalid_command = 'ls {0}'.format(invalid_directory)
      with pytest.raises(subprocess.CalledProcessError) as error:
@@ -54,24 +67,24 @@
          assert 'kubelet' in ki.aliases
          assert ki.arch == 'i386'
          assert ki.version == '3.0.1'
--        assert ki.output_dir == path('/tmp/does_not_exist')
++        assert ki.output_dir == Path('/tmp/does_not_exist')
      @patch('kubernetes_installer.run')
      @patch('kubernetes_installer.subprocess.call')
      def test_build(self, cmock, rmock):
          """ Test the build method with master and non-master branches. """
--        directory = path('/tmp/kubernetes_installer_test/build')
++        directory = Path('/tmp/kubernetes_installer_test/build')
          ki = self.makeone('amd64', 'v99.00.11', directory)
          assert not directory.exists(), 'The %s directory exists!' % directory
          # Call the build method with "master" branch.
          ki.build("master")
          # TODO: run is called many times but mock only remembers last one.
          rmock.assert_called_with('git reset --hard origin/master')
--
--	# TODO: call is complex and hard to verify with mock, fix that.
--	# this isn't oding what we think it should b edoing, magic mock
--	# makes this tricky.
--	# list['foo', 'baz'], env = ANY
++
++        # TODO: call is complex and hard to verify with mock, fix that.
++        # this is not doing what we think it should be doing, magic mock
++        # makes this tricky.
++        # list['foo', 'baz'], env = ANY
          make_args = ['make', 'all', 'WHAT=cmd/kube-apiserver cmd/kubectl cmd/kube-controller-manager plugin/cmd/kube-scheduler cmd/kubelet cmd/kube-proxy']  # noqa
          cmock.assert_called_once_with(make_args, env=ANY)
@@ -79,7 +92,7 @@
      @patch('kubernetes_installer.subprocess.call')
      def test_schenanigans(self, cmock, rmock):
          """ Test the build method with master and non-master branches. """
--        directory = path('/tmp/kubernetes_installer_test/build')
++        directory = Path('/tmp/kubernetes_installer_test/build')
          ki = self.makeone('amd64', 'v99.00.11', directory)
          assert not directory.exists(), 'The %s directory exists!' % directory
@@ -88,14 +101,13 @@
          # TODO: run is called many times, but mock only remembers last one.
          rmock.assert_called_with('git checkout -b v99.00.11 branch')
          # TODO: call is complex and hard to verify with mock, fix that.
--	assert cmock.called
--
++        assert cmock.called
          directory.rmtree_p()
      def test_install(self):
          """ Test the install method that it creates the correct links. """
--        directory = path('/tmp/kubernetes_installer_test/install')
++        directory = Path('/tmp/kubernetes_installer_test/install')
          ki = self.makeone('ppc64le', '1.2.3', directory)
          assert not directory.exists(), 'The %s directory exits!' % directory
          directory.makedirs_p()
 === modified file 'unit_tests/test_install.py'
 --- unit_tests/test_install.py	2015-09-28 15:23:30 +0000
 +++ unit_tests/test_install.py	2015-10-09 16:18:58 +0000
@@ -1,5 +1,19 @@
  #!/usr/bin/env python
++# Copyright 2015 The Kubernetes Authors All rights reserved.
++#
++# Licensed under the Apache License, Version 2.0 (the "License");
++# you may not use this file except in compliance with the License.
++# You may obtain a copy of the License at
++#
++#     http://www.apache.org/licenses/LICENSE-2.0
++#
++# Unless required by applicable law or agreed to in writing, software
++# distributed under the License is distributed on an "AS IS" BASIS,
++# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++# See the License for the specific language governing permissions and
++# limitations under the License.
++
  from mock import patch, Mock, MagicMock
  from path import Path
  import pytest
@@ -12,26 +26,27 @@
  # Import the modules from the hook
  import install
++
  class TestInstallHook():
--    @patch('install.path')
++    @patch('install.Path')
      def test_update_rc_files(self, pmock):
          """
          Test happy path on updating env files. Assuming everything
          exists and is in place.
          """
--        pmock.return_value.lines.return_value =  ['line1', 'line2']
++        pmock.return_value.lines.return_value = ['line1', 'line2']
          install.update_rc_files(['test1', 'test2'])
          pmock.return_value.write_lines.assert_called_with(['line1', 'line2',
                                                             'test1', 'test2'])
--    def test_update_rc_files_with_nonexistant_path(self):
++    def test_update_rc_files_with_nonexistent_path(self):
          """
          Test an unhappy path if the bashrc/users do not exist.
          """
--	p = [Path('/home/deadbeefdoesnotexist/.bashrc')]
++        p = [Path('/home/deadbeefdoesnotexist/.bashrc')]
          with pytest.raises(OSError) as exinfo:
--            install.update_rc_files(['test1','test2'], rc_files=p)
++            install.update_rc_files(['test1', 'test2'], rc_files=p)
      @patch('install.fetch')
      @patch('install.hookenv')
@@ -40,8 +55,13 @@
          Verify we are calling the known essentials to build and syndicate
          kubes.
          """
--        pkgs = ['build-essential', 'git',
--                'make', 'nginx', 'python-pip', 'docker.io']
++        pkgs = ['apache2-utils',
++                'build-essential',
++                'docker.io',
++                'git',
++                'make',
++                'nginx',
++                'python-pip',]
          install.install_packages()
          hemock.log.assert_called_with('Installing Debian packages')
          ftmock.filter_installed_packages.assert_called_with(pkgs)
@@ -49,22 +69,22 @@
      @patch('install.archiveurl.ArchiveUrlFetchHandler')
      def test_go_download(self, aumock):
          """
--            Test that we are actually handing off to charm-helpers to
--            download a specific archive of Go. This is non-configurable so
--            its reasonably safe to assume we're going to always do this,
--            and when it changes we shall curse the brittleness of this test.
++        Test that we are actually handing off to charm-helpers to
++        download a specific archive of Go. This is non-configurable so
++        its reasonably safe to assume we're going to always do this,
++        and when it changes we shall curse the brittleness of this test.
          """
          ins_mock = aumock.return_value.install
          install.download_go()
--        url = 'https://storage.googleapis.com/golang/go1.4.2.linux-amd64.tar.gz'
--        sha1='5020af94b52b65cc9b6f11d50a67e4bae07b0aff'
++        url = 'https://storage.googleapis.com/golang/go1.4.2.linux-amd64.tar.gz'  # noqa
++        sha1 = '5020af94b52b65cc9b6f11d50a67e4bae07b0aff'
          ins_mock.assert_called_with(url, '/usr/local', sha1, 'sha1')
      @patch('install.subprocess')
      def test_clone_repository(self, spmock):
          """
--         We're not using a unit-tested git library - so ensure our subprocess
--         call is consistent. If we change this, we want to know we've broken it.
++        We're not using a unit-tested git library - so ensure our subprocess
++        call is consistent. If we change this, we want to know we've broken it.
          """
          install.clone_repository()
          repo = 'https://github.com/kubernetes/kubernetes.git'
@@ -75,23 +95,22 @@
      @patch('install.download_go')
      @patch('install.clone_repository')
      @patch('install.update_rc_files')
++    @patch('install.Path')
      @patch('install.hookenv')
--    def test_install_main(self, hemock, urmock, crmock, dgmock, ipmock):
++    def test_install_main(self, hemock, pmock, urmock, crmock, dgmock, ipmock):
          """
          Ensure the driver/main method is calling all the supporting methods.
          """
--        strings = [
--        'export GOROOT=/usr/local/go\n',
--        'export PATH=$PATH:$GOROOT/bin\n',
--        'export KUBE_MASTER_IP=0.0.0.0\n',
--        'export KUBERNETES_MASTER=http://$KUBE_MASTER_IP\n',
--        ]
--
          install.install()
--	# magic mock overwrites method signatures, this isn't doing what
--	# we think it should be doing
--        # crmock.assert_called_once()
--        # dgmock.assert_called_once()
--        # crmock.assert_called_once()
--        urmock.assert_called_with(strings)
--        hemock.open_port.assert_called_with(8080)
++
++        assert(ipmock.called)
++        assert(dgmock.called)
++        assert(crmock.called)
++        assert(urmock.called)
++
++        assert(pmock.called)
++        pmock.assert_called_with('/srv/kubernetes')
++
++        hemock.open_port.assert_any_call(443)
++        hemock.open_port.assert_any_call(8080)
++        hemock.open_port.assert_any_call(6443)

Juju Charms Collectionkubernetes-master package

Merge lp:~mbruzek/charms/trusty/kubernetes-master/trunk into lp:~kubernetes/charms/trusty/kubernetes-master/trunk

Commit message

Description of the change

Preview Diff

Subscribers

Juju Charms Collection
kubernetes-master package