From c43b7aea5465d4cbe4d6e089532302a221956e28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karol=20St=C4=99pniewski?= Date: Tue, 10 Jul 2018 16:00:17 -0700 Subject: [PATCH] single-server-binary (#557) Changes: * All services are now executed from single binary, `dispatch-server`. This allows easier management of middlewares, and also allows `dispatch-server local` to exist (added earlier). * All images (but event-sidecar) have been merged into single image "dispatch-server". * Configuration has been unified: no more `pkg/config`, there is a single place that reads config file, flags and environment variables. * Services now only listen on HTTP port 80, since TLS is terminated at Ingress (But enabling it back will be easy). * Charts have been adjusted, and most importantly, cleaned up from unused volumes (e.g. API manager had volume with Docker socket mounted). * Config files in charts are slimmed down and are using YAML instead of JSON for better readability. * Application manager chart has been removed for now. We don't use it, and it's been broken for some time now (e2e tests for application manager have been gone for couple releases). * Some services have been "deglobalized" - the global flags are gone, and those services that were using global variables have been converted to use struct-level variables that are configured during initialization. --- Gopkg.lock | 2 +- Makefile | 5 +- .../api-manager/templates/config-map.yaml | 8 - .../api-manager/templates/deployment.yaml | 27 +- .../dispatch/charts/api-manager/values.yaml | 7 +- .../charts/application-manager/.helmignore | 21 -- .../charts/application-manager/Chart.yaml | 4 - .../application-manager/templates/NOTES.txt | 17 -- .../templates/_helpers.tpl | 16 -- .../templates/config-map.yaml | 7 - .../templates/deployment.yaml | 88 ------- .../templates/ingress.yaml | 1 - .../templates/service.yaml | 20 -- .../charts/application-manager/values.yaml | 39 --- .../event-manager/templates/cluster-role.yaml | 1 - .../event-manager/templates/config-map.yaml | 12 +- .../event-manager/templates/deployment.yaml | 33 +-- .../event-manager/templates/role-binding.yaml | 1 - .../templates/service-account.yaml | 1 - .../dispatch/charts/event-manager/values.yaml | 7 +- .../templates/cluster-role-binding.yaml | 1 - .../templates/cluster-role.yaml | 1 - .../templates/config-map.yaml | 46 ++-- .../templates/deployment.yaml | 32 +-- .../templates/service-account.yaml | 1 - .../charts/function-manager/values.yaml | 30 +-- .../templates/config-map.yaml | 7 - .../templates/deployment.yaml | 19 +- .../charts/identity-manager/values.yaml | 5 +- .../image-manager/templates/config-map.yaml | 13 +- .../image-manager/templates/deployment.yaml | 31 +-- .../dispatch/charts/image-manager/values.yaml | 4 +- .../secret-store/templates/cluster-role.yaml | 1 - .../secret-store/templates/config-map.yaml | 9 - .../secret-store/templates/deployment.yaml | 31 +-- .../secret-store/templates/role-binding.yaml | 1 - .../templates/service-account.yaml | 1 - .../dispatch/charts/secret-store/values.yaml | 4 +- .../templates/cluster-role-binding.yaml | 1 - .../templates/cluster-role.yaml | 1 - .../service-manager/templates/config-map.yaml | 15 +- .../service-manager/templates/deployment.yaml | 37 +-- .../charts/service-manager/values.yaml | 4 +- charts/dispatch/values.yaml | 4 +- ci/pipelines/e2e.yml | 94 +------ ci/pipelines/release.yml | 216 +--------------- cmd/api-manager/main.go | 145 ----------- cmd/application-manager/main.go | 125 ---------- cmd/event-manager/main.go | 195 --------------- cmd/function-manager/main.go | 236 ------------------ cmd/identity-manager/main.go | 132 ---------- cmd/image-manager/main.go | 151 ----------- cmd/secret-store/main.go | 149 ----------- cmd/service-manager/main.go | 157 ------------ images/api-manager/Dockerfile | 9 - images/application-manager/Dockerfile | 9 - images/dispatch-server/Dockerfile | 7 + images/event-manager/Dockerfile | 9 - images/function-manager/Dockerfile | 9 - images/identity-manager/Dockerfile | 10 - images/image-manager/Dockerfile | 9 - images/secret-store/Dockerfile | 9 - images/service-manager/Dockerfile | 9 - pkg/api-manager/handlers.go | 15 -- pkg/config/config.go | 133 ---------- pkg/config/config_test.go | 40 --- pkg/dispatchcli/cmd/install.go | 4 +- pkg/dispatchserver/apis.go | 22 +- pkg/dispatchserver/config.go | 54 ++-- pkg/dispatchserver/events.go | 101 ++++++-- pkg/dispatchserver/functions.go | 125 ++++++++-- pkg/dispatchserver/identity.go | 90 +++++++ pkg/dispatchserver/images.go | 11 +- pkg/dispatchserver/local.go | 44 +++- pkg/dispatchserver/main.go | 27 +- pkg/dispatchserver/secrets.go | 51 +++- pkg/dispatchserver/services.go | 104 ++++++++ pkg/event-manager/drivers/http_handlers.go | 17 +- pkg/event-manager/drivers/k8s_backend.go | 13 +- pkg/event-manager/handlers.go | 31 +-- pkg/function-manager/handlers.go | 24 +- pkg/functions/openfaas/driver.go | 7 +- pkg/functions/riff/driver.go | 5 +- pkg/functions/types.go | 6 + pkg/identity-manager/controller.go | 4 +- pkg/identity-manager/handlers.go | 55 ++-- pkg/identity-manager/handlers_test.go | 26 +- .../service_account_api_handler.go | 4 +- pkg/image-manager/handlers.go | 12 - pkg/secret-store/web/handlers.go | 12 - .../clients/k8s_service_catalog.go | 4 +- pkg/service-manager/flags/flags.go | 22 -- scripts/images.sh | 6 +- 93 files changed, 731 insertions(+), 2634 deletions(-) delete mode 100644 charts/dispatch/charts/api-manager/templates/config-map.yaml delete mode 100644 charts/dispatch/charts/application-manager/.helmignore delete mode 100644 charts/dispatch/charts/application-manager/Chart.yaml delete mode 100644 charts/dispatch/charts/application-manager/templates/NOTES.txt delete mode 100644 charts/dispatch/charts/application-manager/templates/_helpers.tpl delete mode 100644 charts/dispatch/charts/application-manager/templates/config-map.yaml delete mode 100644 charts/dispatch/charts/application-manager/templates/deployment.yaml delete mode 100644 charts/dispatch/charts/application-manager/templates/ingress.yaml delete mode 100644 charts/dispatch/charts/application-manager/templates/service.yaml delete mode 100644 charts/dispatch/charts/application-manager/values.yaml delete mode 100644 charts/dispatch/charts/identity-manager/templates/config-map.yaml delete mode 100644 charts/dispatch/charts/secret-store/templates/config-map.yaml delete mode 100644 cmd/api-manager/main.go delete mode 100644 cmd/application-manager/main.go delete mode 100644 cmd/event-manager/main.go delete mode 100644 cmd/function-manager/main.go delete mode 100644 cmd/identity-manager/main.go delete mode 100644 cmd/image-manager/main.go delete mode 100644 cmd/secret-store/main.go delete mode 100644 cmd/service-manager/main.go delete mode 100644 images/api-manager/Dockerfile delete mode 100644 images/application-manager/Dockerfile create mode 100644 images/dispatch-server/Dockerfile delete mode 100644 images/event-manager/Dockerfile delete mode 100644 images/function-manager/Dockerfile delete mode 100644 images/identity-manager/Dockerfile delete mode 100644 images/image-manager/Dockerfile delete mode 100644 images/secret-store/Dockerfile delete mode 100644 images/service-manager/Dockerfile delete mode 100644 pkg/config/config.go delete mode 100644 pkg/config/config_test.go create mode 100644 pkg/dispatchserver/identity.go create mode 100644 pkg/dispatchserver/services.go delete mode 100644 pkg/service-manager/flags/flags.go diff --git a/Gopkg.lock b/Gopkg.lock index 383cc8990..70ceebdb9 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -1083,6 +1083,6 @@ [solve-meta] analyzer-name = "dep" analyzer-version = 1 - inputs-digest = "f3c795c53299ea9217aaa7576a90de96ed85c6ea209528384ed2eb662c996527" + inputs-digest = "965ae015fbef525a2bbf4f458ecd46883a97f71dac47aa1e90e84cf11ef7f88b" solver-name = "gps-cdcl" solver-version = 1 diff --git a/Makefile b/Makefile index 466006696..a43c696bf 100644 --- a/Makefile +++ b/Makefile @@ -97,9 +97,8 @@ run-dev: ## run the dev server @./scripts/run-dev.sh CLI = dispatch -SERVICES = api-manager application-manager event-manager \ - function-manager identity-manager image-manager secret-store event-sidecar \ - service-manager + +SERVICES = dispatch-server event-sidecar DARWIN_BINS = $(foreach bin,$(SERVICES),$(bin)-darwin) LINUX_BINS = $(foreach bin,$(SERVICES),$(bin)-linux) diff --git a/charts/dispatch/charts/api-manager/templates/config-map.yaml b/charts/dispatch/charts/api-manager/templates/config-map.yaml deleted file mode 100644 index bc8fe4fb2..000000000 --- a/charts/dispatch/charts/api-manager/templates/config-map.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "fullname" . }} - namespace: {{ .Release.Namespace }} -data: - serverless.json: |- - {} diff --git a/charts/dispatch/charts/api-manager/templates/deployment.yaml b/charts/dispatch/charts/api-manager/templates/deployment.yaml index 8b690a009..ace0a6e45 100644 --- a/charts/dispatch/charts/api-manager/templates/deployment.yaml +++ b/charts/dispatch/charts/api-manager/templates/deployment.yaml @@ -23,9 +23,10 @@ spec: spec: containers: - name: {{ .Chart.Name }} - image: "{{ default .Values.global.image.host .Values.image.host }}/{{ .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" + image: "{{ default .Values.global.image.host .Values.image.host }}/{{ default .Values.global.image.repository .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" imagePullPolicy: {{ default .Values.global.pullPolicy .Values.image.pullPolicy }} args: + - "api-manager" - "--host=0.0.0.0" - "--port={{ .Values.service.internalPort }}" - "--db-file={{ default .Release.Name .Values.global.db.release }}-{{ .Values.global.db.host }}.{{ default .Release.Namespace .Values.global.db.namespace }}:{{ .Values.global.db.port }}" @@ -33,10 +34,6 @@ spec: - "--db-username={{ .Values.global.db.user }}" - "--db-password={{ .Values.global.db.password }}" - "--db-database={{ .Values.global.db.database }}" - - "--tls-port=443" - - "--tls-certificate=/data/tls/tls.crt" - - "--tls-key=/data/tls/tls.key" - - "--gateway={{ .Values.gateway.name }}" - "--gateway-host={{ .Values.gateway.host }}" - "--function-manager={{ .Release.Name }}-function-manager.{{ .Release.Namespace }}" - "--resync-period={{ .Values.resyncPeriod }}" @@ -64,28 +61,8 @@ spec: value: cookie initialDelaySeconds: 10 periodSeconds: 3 - volumeMounts: - - mountPath: "/data/{{ template "name" . }}" - name: {{ template "fullname" . }} - - mountPath: "/var/run/docker.sock" - name: {{ template "fullname" . }}-docker - - mountPath: "/data/tls" - name: tls - readOnly: true - env: - - name: DOCKER_API_VERSION - value: "1.24" resources: {{ .Values.resources | default .Values.global.resources | toYaml | indent 12 }} - volumes: - - name: {{ template "fullname" . }} - emptyDir: {} - - name: {{ template "fullname" . }}-docker - hostPath: - path: /var/run/docker.sock - - name: tls - secret: - secretName: {{ default .Values.global.tls.secretName .Values.ingress.tls.secretName }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/charts/dispatch/charts/api-manager/values.yaml b/charts/dispatch/charts/api-manager/values.yaml index 93ee8a265..4bb619d3f 100644 --- a/charts/dispatch/charts/api-manager/values.yaml +++ b/charts/dispatch/charts/api-manager/values.yaml @@ -4,14 +4,13 @@ replicaCount: 1 maxUnavailable: 0 maxSurge: 1 -image: +image: {} # host: vmware - repository: dispatch-api-manager + # repository: dispatch-server # tag: latest # pullPolicy: Always gateway: - name: kong host: "http://api-gateway-kongadmin.kong:8001" service: @@ -41,4 +40,4 @@ resources: {} #requests: # cpu: 100m # memory: 128Mi -resyncPeriod: 10 +resyncPeriod: 10s diff --git a/charts/dispatch/charts/application-manager/.helmignore b/charts/dispatch/charts/application-manager/.helmignore deleted file mode 100644 index f0c131944..000000000 --- a/charts/dispatch/charts/application-manager/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/charts/dispatch/charts/application-manager/Chart.yaml b/charts/dispatch/charts/application-manager/Chart.yaml deleted file mode 100644 index d176d2648..000000000 --- a/charts/dispatch/charts/application-manager/Chart.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -description: Dispatch Application manager -name: application-manager -version: 0.1.1 diff --git a/charts/dispatch/charts/application-manager/templates/NOTES.txt b/charts/dispatch/charts/application-manager/templates/NOTES.txt deleted file mode 100644 index d11f00e8a..000000000 --- a/charts/dispatch/charts/application-manager/templates/NOTES.txt +++ /dev/null @@ -1,17 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.hostname }} - http://{{- .Values.ingress.hostname }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ template "fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.externalPort }} -{{- end }} diff --git a/charts/dispatch/charts/application-manager/templates/_helpers.tpl b/charts/dispatch/charts/application-manager/templates/_helpers.tpl deleted file mode 100644 index f0d83d2ed..000000000 --- a/charts/dispatch/charts/application-manager/templates/_helpers.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/charts/dispatch/charts/application-manager/templates/config-map.yaml b/charts/dispatch/charts/application-manager/templates/config-map.yaml deleted file mode 100644 index 77f51d0d4..000000000 --- a/charts/dispatch/charts/application-manager/templates/config-map.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "fullname" . }} - namespace: {{ .Release.Namespace }} -data: - organization: {{ .Values.global.organization }} \ No newline at end of file diff --git a/charts/dispatch/charts/application-manager/templates/deployment.yaml b/charts/dispatch/charts/application-manager/templates/deployment.yaml deleted file mode 100644 index 8a4641ca6..000000000 --- a/charts/dispatch/charts/application-manager/templates/deployment.yaml +++ /dev/null @@ -1,88 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ template "fullname" . }} - namespace: {{ .Release.Namespace }} - labels: - app: {{ template "name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: {{ .Values.maxSurge }} - maxUnavailable: {{ .Values.maxUnavailable }} - template: - metadata: - labels: - app: {{ template "name" . }} - release: {{ .Release.Name }} - spec: - containers: - - name: {{ .Chart.Name }} - image: "{{ default .Values.global.image.host .Values.image.host }}/{{ .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" - imagePullPolicy: {{ default .Values.global.pullPolicy .Values.image.pullPolicy }} - args: - - "--host=0.0.0.0" - - "--port={{ .Values.service.internalPort }}" - - "--db-file={{ default .Release.Name .Values.global.db.release }}-{{ .Values.global.db.host }}.{{ default .Release.Namespace .Values.global.db.namespace }}:{{ .Values.global.db.port }}" - - "--db-backend={{ .Values.global.db.backend }}" - - "--db-username={{ .Values.global.db.user }}" - - "--db-password={{ .Values.global.db.password }}" - - "--db-database={{ .Values.global.db.database }}" - - "--tls-port=443" - - "--tls-certificate=/data/tls/tls.crt" - - "--tls-key=/data/tls/tls.key" - - "--tracer={{ .Values.global.tracer.endpoint }}" - {{- if .Values.global.debug }} - - "--debug" - {{- end }} - ports: - - containerPort: {{ .Values.service.internalPort }} - livenessProbe: - httpGet: - path: /healthz - port: {{ .Values.service.internalPort }} - httpHeaders: - - name: Cookie - value: cookie - initialDelaySeconds: 10 - periodSeconds: 3 - readinessProbe: - httpGet: - path: /healthz - port: {{ .Values.service.internalPort }} - httpHeaders: - - name: Cookie - value: cookie - initialDelaySeconds: 10 - periodSeconds: 3 - volumeMounts: - - mountPath: "/data/{{ template "name" . }}" - name: {{ template "fullname" . }} - - mountPath: "/var/run/docker.sock" - name: {{ template "fullname" . }}-docker - - mountPath: "/data/tls" - name: tls - readOnly: true - env: - - name: DOCKER_API_VERSION - value: "1.24" - resources: -{{ .Values.resources | default .Values.global.resources | toYaml | indent 12 }} - volumes: - - name: {{ template "fullname" . }} - emptyDir: {} - - name: {{ template "fullname" . }}-docker - hostPath: - path: /var/run/docker.sock - - name: tls - secret: - secretName: {{ default .Values.global.tls.secretName .Values.ingress.tls.secretName }} -{{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} -{{- end }} diff --git a/charts/dispatch/charts/application-manager/templates/ingress.yaml b/charts/dispatch/charts/application-manager/templates/ingress.yaml deleted file mode 100644 index 632846ef3..000000000 --- a/charts/dispatch/charts/application-manager/templates/ingress.yaml +++ /dev/null @@ -1 +0,0 @@ -{{ template "ingress_with_external_auth" . }} \ No newline at end of file diff --git a/charts/dispatch/charts/application-manager/templates/service.yaml b/charts/dispatch/charts/application-manager/templates/service.yaml deleted file mode 100644 index 918a99bc9..000000000 --- a/charts/dispatch/charts/application-manager/templates/service.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ template "fullname" . }} - namespace: {{ .Release.Namespace }} - labels: - app: {{ template "name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - protocol: TCP - name: {{ .Values.service.name }} - selector: - app: {{ template "name" . }} - release: {{ .Release.Name }} diff --git a/charts/dispatch/charts/application-manager/values.yaml b/charts/dispatch/charts/application-manager/values.yaml deleted file mode 100644 index 26589bf29..000000000 --- a/charts/dispatch/charts/application-manager/values.yaml +++ /dev/null @@ -1,39 +0,0 @@ -# Default values for image-manager. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -replicaCount: 1 -maxUnavailable: 0 -maxSurge: 1 -image: - # host: vmware - repository: dispatch-application-manager - # tag: latest - # pullPolicy: Always - -service: - name: application-manager - type: ClusterIP - externalPort: 80 - internalPort: 80 -ingress: - enabled: true - # Used to create Ingress record (should used with service.type: ClusterIP). - # host: dispatch.vmware.com - paths: - - /v1/application - annotations: - # kubernetes.io/tls-acme: "true" - tls: {} - # Secrets must be manually created in the namespace. - # secretName: dispatch-tls -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - #requests: - # cpu: 100m - # memory: 128Mi diff --git a/charts/dispatch/charts/event-manager/templates/cluster-role.yaml b/charts/dispatch/charts/event-manager/templates/cluster-role.yaml index c705d5eac..7aca6ab5f 100644 --- a/charts/dispatch/charts/event-manager/templates/cluster-role.yaml +++ b/charts/dispatch/charts/event-manager/templates/cluster-role.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# A cluster role for create/get/list/delete/update secrets apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: diff --git a/charts/dispatch/charts/event-manager/templates/config-map.yaml b/charts/dispatch/charts/event-manager/templates/config-map.yaml index 5e5cf5404..76d227f84 100644 --- a/charts/dispatch/charts/event-manager/templates/config-map.yaml +++ b/charts/dispatch/charts/event-manager/templates/config-map.yaml @@ -4,11 +4,7 @@ metadata: name: {{ template "fullname" . }} namespace: {{ .Release.Namespace }} data: - organization: {{ .Values.global.organization }} - config.json: |- - { - "rabbitmq": { - "url": "{{ .Values.queue.rabbitmq.url }}", - "exchangeName": "{{ .Values.queue.rabbitmq.exchangeName }}" - } - } + config.yaml: |- + --- + events: + rabbitmq-url: {{ .Values.queue.rabbitmq.url }} \ No newline at end of file diff --git a/charts/dispatch/charts/event-manager/templates/deployment.yaml b/charts/dispatch/charts/event-manager/templates/deployment.yaml index 92403523a..46cb6a4e1 100644 --- a/charts/dispatch/charts/event-manager/templates/deployment.yaml +++ b/charts/dispatch/charts/event-manager/templates/deployment.yaml @@ -24,10 +24,11 @@ spec: serviceAccountName: {{ if .Values.global.rbac.create }}{{ template "fullname" . }}-service-account{{ else }}"{{ .Values.global.rbac.serviceAccountName }}"{{ end }} containers: - name: {{ .Chart.Name }} - image: "{{ default .Values.global.image.host .Values.image.host }}/{{ .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" + image: "{{ default .Values.global.image.host .Values.image.host }}/{{ default .Values.global.image.repository .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" imagePullPolicy: {{ default .Values.global.pullPolicy .Values.image.pullPolicy }} args: - - "--config=/data/config/{{ template "name" . }}.json" + - "event-manager" + - "--config=/data/config/config.yaml" - "--host=0.0.0.0" - "--port={{ .Values.service.internalPort }}" - "--db-file={{ default .Release.Name .Values.global.db.release }}-{{ .Values.global.db.host }}.{{ default .Release.Namespace .Values.global.db.namespace }}:{{ .Values.global.db.port }}" @@ -39,14 +40,11 @@ spec: - "--secret-store={{ .Release.Name }}-secret-store" - "--transport={{ .Values.transport }}" {{- range .Values.global.kafka.brokers }} - - "--kafka-broker={{ . }}" + - "--kafka-brokers={{ . }}" {{- end }} - "--rabbitmq-url=amqp://{{ .Values.global.rabbitmq.username }}:{{ .Values.global.rabbitmq.password }}@{{ .Values.global.rabbitmq.host }}:{{ .Values.global.rabbitmq.port }}/" - "--namespace={{ .Release.Namespace }}" - "--event-sidecar-image={{ default .Values.global.image.host .Values.eventsidecar.host }}/{{ .Values.eventsidecar.repository }}:{{ default .Values.global.image.tag .Values.eventsidecar.tag }}" - - "--tls-port=443" - - "--tls-certificate=/data/tls/tls.crt" - - "--tls-key=/data/tls/tls.key" - "--tracer={{ .Values.global.tracer.endpoint }}" - "--ingress-host={{ default .Values.global.host .Values.ingress.host }}" {{- if .Values.global.debug }} @@ -74,33 +72,18 @@ spec: initialDelaySeconds: 10 periodSeconds: 3 volumeMounts: - - mountPath: "/data/{{ template "name" . }}" - name: {{ template "fullname" . }} - mountPath: /data/config - name: {{ template "fullname" . }}-config - readOnly: true - - mountPath: "/data/tls" - name: tls + name: config readOnly: true resources: {{ .Values.resources | default .Values.global.resources | toYaml | indent 12 }} volumes: - - name: {{ template "fullname" . }} -{{- if default .Values.global.data.persist .Values.data.persist }} - hostPath: - path: {{ .Values.data.hostPath }} -{{- else }} - emptyDir: {} -{{- end }} - - name: {{ template "fullname" . }}-config + - name: config configMap: name: {{ template "fullname" . }} items: - - key: config.json - path: {{ template "name" . }}.json - - name: tls - secret: - secretName: {{ default .Values.global.tls.secretName .Values.ingress.tls.secretName }} + - key: config.yaml + path: config.yaml {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/charts/dispatch/charts/event-manager/templates/role-binding.yaml b/charts/dispatch/charts/event-manager/templates/role-binding.yaml index 474dec5e5..991cb1328 100644 --- a/charts/dispatch/charts/event-manager/templates/role-binding.yaml +++ b/charts/dispatch/charts/event-manager/templates/role-binding.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# The role binding to combine the secret-access service account and role apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding metadata: diff --git a/charts/dispatch/charts/event-manager/templates/service-account.yaml b/charts/dispatch/charts/event-manager/templates/service-account.yaml index 60e353098..4d14cc4ac 100644 --- a/charts/dispatch/charts/event-manager/templates/service-account.yaml +++ b/charts/dispatch/charts/event-manager/templates/service-account.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# A service account for event-manager pod apiVersion: v1 kind: ServiceAccount metadata: diff --git a/charts/dispatch/charts/event-manager/values.yaml b/charts/dispatch/charts/event-manager/values.yaml index d14653334..0b1efb9e6 100644 --- a/charts/dispatch/charts/event-manager/values.yaml +++ b/charts/dispatch/charts/event-manager/values.yaml @@ -4,9 +4,9 @@ replicaCount: 1 maxUnavailable: 0 maxSurge: 1 -image: +image: {} # host: vmware - repository: dispatch-event-manager + # repository: dispatch-server # tag: latest # pullPolicy: Always service: @@ -40,9 +40,6 @@ queue: selected: rabbitmq rabbitmq: exchangeName: dispatch -data: - # persist: false - hostPath: /var/event-manager eventsidecar: # host: vmware repository: dispatch-event-sidecar diff --git a/charts/dispatch/charts/function-manager/templates/cluster-role-binding.yaml b/charts/dispatch/charts/function-manager/templates/cluster-role-binding.yaml index 0b8be5e12..3e93862e8 100644 --- a/charts/dispatch/charts/function-manager/templates/cluster-role-binding.yaml +++ b/charts/dispatch/charts/function-manager/templates/cluster-role-binding.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# The role binding to combine the secret-access service account and role kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: diff --git a/charts/dispatch/charts/function-manager/templates/cluster-role.yaml b/charts/dispatch/charts/function-manager/templates/cluster-role.yaml index 502106967..ae9f6af97 100644 --- a/charts/dispatch/charts/function-manager/templates/cluster-role.yaml +++ b/charts/dispatch/charts/function-manager/templates/cluster-role.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# A cluster role for create/get/list/delete/update secrets apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: diff --git a/charts/dispatch/charts/function-manager/templates/config-map.yaml b/charts/dispatch/charts/function-manager/templates/config-map.yaml index 6afa6bf88..cd5eae4d5 100644 --- a/charts/dispatch/charts/function-manager/templates/config-map.yaml +++ b/charts/dispatch/charts/function-manager/templates/config-map.yaml @@ -4,33 +4,19 @@ metadata: name: {{ template "fullname" . }} namespace: {{ .Release.Namespace }} data: - organization: {{ .Values.global.organization }} - # TODO(imikushin): just use YAML - config.json: |- - { - "organizationID": "{{ .Values.global.organization }}", - "function": { - "faas": "{{ .Values.faas.selected }}", - "resyncPeriod": {{ .Values.resyncPeriod }}, - "openwhisk": { - "host": "{{ .Values.faas.openwhisk.host }}" - }, - "openfaas": { - "gateway": "{{ .Values.faas.openfaas.gateway }}", - "funcNamespace": "{{ .Values.faas.openfaas.namespace }}", - "funcDefaultLimits": {{ toJson .Values.faas.openfaas.funcDefaultLimits }}, - "funcDefaultRequests": {{ toJson .Values.faas.openfaas.funcDefaultRequests }}, - "imagePullSecret": "{{ .Values.faas.openfaas.imagePullSecret }}" - }, - "riff": { - "kafkaBrokers": ["{{ join ", " .Values.global.kafka.brokers }}"], - "funcNamespace": "{{ .Values.faas.riff.namespace }}", - "funcDefaultLimits": {{ toJson .Values.faas.riff.funcDefaultLimits }}, - "funcDefaultRequests": {{ toJson .Values.faas.riff.funcDefaultRequests }} - } - }, - "registry": { - "uri": "{{ default .Values.global.registry.uri .Values.registry.uri }}", - "auth": "{{ default .Values.global.registry.auth .Values.registry.auth }}" - } - } + config.yaml: |- + --- + registry-auth: "{{ default .Values.global.registry.auth .Values.registry.auth }}" + image-registry: "{{ default .Values.global.registry.uri .Values.registry.uri }}" + + functions: + faas: "{{ .Values.faas.selected }}" + func-default-limits: {{ toJson .Values.faas.funcDefaultLimits }} + func-default-requests: {{ toJson .Values.faas.funcDefaultRequests }} + image-pull-secret: "{{ .Values.faas.imagePullSecret }}" + openfaas-gateway: "{{ .Values.faas.openfaas.gateway }}" + openfaas-namespace: "{{ .Values.faas.openfaas.namespace }}" + riff-namespace: "{{ .Values.faas.riff.namespace }}" + riff-kafka-brokers: ["{{ join ", " .Values.global.kafka.brokers }}"] + + diff --git a/charts/dispatch/charts/function-manager/templates/deployment.yaml b/charts/dispatch/charts/function-manager/templates/deployment.yaml index baf1349f6..d12206d25 100644 --- a/charts/dispatch/charts/function-manager/templates/deployment.yaml +++ b/charts/dispatch/charts/function-manager/templates/deployment.yaml @@ -24,10 +24,11 @@ spec: serviceAccountName: {{ if .Values.global.rbac.create }}{{ template "fullname" . }}-service-account{{ else }}"{{ .Values.global.rbac.serviceAccountName }}"{{ end }} containers: - name: {{ .Chart.Name }} - image: "{{ default .Values.global.image.host .Values.image.host }}/{{ .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" + image: "{{ default .Values.global.image.host .Values.image.host }}/{{ default .Values.global.image.repository .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" imagePullPolicy: {{ default .Values.global.pullPolicy .Values.image.pullPolicy }} args: - - "--config=/data/config/{{ template "name" . }}.json" + - "function-manager" + - "--config=/data/config/config.yaml" - "--host=0.0.0.0" - "--port={{ .Values.service.internalPort }}" - "--db-file={{ default .Release.Name .Values.global.db.release }}-{{ .Values.global.db.host }}.{{ default .Release.Namespace .Values.global.db.namespace }}:{{ .Values.global.db.port }}" @@ -38,16 +39,12 @@ spec: - "--image-manager={{ .Release.Name }}-image-manager" - "--service-manager={{ .Release.Name }}-service-manager" - "--secret-store={{ .Release.Name }}-secret-store" - - "--tls-port=443" - - "--tls-certificate=/data/tls/tls.crt" - - "--tls-key=/data/tls/tls.key" - "--tracer={{ .Values.global.tracer.endpoint }}" {{- if .Values.global.debug }} - "--debug" {{- end }} ports: - containerPort: {{ .Values.service.internalPort }} - - containerPort: 443 livenessProbe: httpGet: path: /healthz @@ -67,13 +64,8 @@ spec: initialDelaySeconds: 10 periodSeconds: 3 volumeMounts: - - mountPath: "/data/{{ template "name" . }}" - name: {{ template "fullname" . }} - mountPath: /data/config - name: {{ template "fullname" . }}-config - readOnly: true - - mountPath: "/data/tls" - name: tls + name: config readOnly: true env: - name: DOCKER_API_VERSION @@ -97,22 +89,12 @@ spec: resources: {{ .Values.dindResources | default .Values.global.resources | toYaml | indent 12 }} volumes: - - name: {{ template "fullname" . }} -{{- if default .Values.global.data.persist .Values.data.persist }} - hostPath: - path: {{ .Values.data.hostPath }} -{{- else }} - emptyDir: {} -{{- end }} - - name: {{ template "fullname" . }}-config + - name: config configMap: name: {{ template "fullname" . }} items: - - key: config.json - path: {{ template "name" . }}.json - - name: tls - secret: - secretName: {{ default .Values.global.tls.secretName .Values.ingress.tls.secretName }} + - key: config.yaml + path: config.yaml - name: docker-graph-storage emptyDir: {} {{- if .Values.nodeSelector }} diff --git a/charts/dispatch/charts/function-manager/templates/service-account.yaml b/charts/dispatch/charts/function-manager/templates/service-account.yaml index 60e353098..4d14cc4ac 100644 --- a/charts/dispatch/charts/function-manager/templates/service-account.yaml +++ b/charts/dispatch/charts/function-manager/templates/service-account.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# A service account for event-manager pod apiVersion: v1 kind: ServiceAccount metadata: diff --git a/charts/dispatch/charts/function-manager/values.yaml b/charts/dispatch/charts/function-manager/values.yaml index 161b21fad..331866a7f 100644 --- a/charts/dispatch/charts/function-manager/values.yaml +++ b/charts/dispatch/charts/function-manager/values.yaml @@ -4,9 +4,9 @@ replicaCount: 1 maxUnavailable: 0 maxSurge: 1 -image: +image: {} # host: vmware - repository: dispatch-function-manager + # repository: dispatch-server # tag: latest # pullPolicy: Always service: @@ -48,28 +48,20 @@ dindResources: {} faas: selected: openfaas templates: /images/function-manager/templates - openwhisk: - authToken: "23bc46b1-71f6-4ed5-8c54-816aa4f8c502:123zO3xZCLrMN6v2BKK1dXYFpXlPkccOFqm12CdAsMgRU4VrNZ9lyGVCGuMDGIwP" - host: "52.91.175.16" + imagePullSecret: + # Set the default resource limits for the function containers + funcDefaultLimits: + # CPU: 500m + # Memory: 256Mi + funcDefaultRequests: + # CPU: 100m + # Memory: 64Mi openfaas: gateway: "http://gateway.openfaas:8080/" namespace: openfaas - imagePullSecret: - # Set the default resource limits for the function containers - funcDefaultLimits: - # CPU: 500m - # Memory: 256Mi - funcDefaultRequests: - # CPU: 100m - # Memory: 64Mi + riff: namespace: riff - funcDefaultLimits: - # CPU: 500m - # Memory: 256Mi - funcDefaultRequests: - # CPU: 100m - # Memory: 64Mi registry: {} # insecure: false # uri: docker-docker-registry.docker.svc.cluster.local:5000 diff --git a/charts/dispatch/charts/identity-manager/templates/config-map.yaml b/charts/dispatch/charts/identity-manager/templates/config-map.yaml deleted file mode 100644 index 8f7eec39a..000000000 --- a/charts/dispatch/charts/identity-manager/templates/config-map.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "fullname" . }} - namespace: {{ .Release.Namespace }} -data: - organization: {{ .Values.global.organization }} diff --git a/charts/dispatch/charts/identity-manager/templates/deployment.yaml b/charts/dispatch/charts/identity-manager/templates/deployment.yaml index 7557ade89..236d254c8 100644 --- a/charts/dispatch/charts/identity-manager/templates/deployment.yaml +++ b/charts/dispatch/charts/identity-manager/templates/deployment.yaml @@ -24,9 +24,10 @@ spec: spec: containers: - name: {{ .Chart.Name }} - image: "{{ default .Values.global.image.host .Values.image.host }}/{{ .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" + image: "{{ default .Values.global.image.host .Values.image.host }}/{{ default .Values.global.image.repository .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" imagePullPolicy: {{ default .Values.global.pullPolicy .Values.image.pullPolicy }} args: + - "identity-manager" - "--cookie-name=_oauth2_proxy" - "--host=0.0.0.0" - "--port={{ .Values.service.internalPort }}" @@ -35,9 +36,6 @@ spec: - "--db-username={{ .Values.global.db.user }}" - "--db-password={{ .Values.global.db.password }}" - "--db-database={{ .Values.global.db.database }}" - - "--tls-port=443" - - "--tls-certificate=/data/tls/tls.crt" - - "--tls-key=/data/tls/tls.key" - "--oauth2-proxy-auth-url=http://localhost:{{ .Values.oauth2proxy.service.internalPort }}/v1/iam/oauth2/auth" - "--tracer={{ .Values.global.tracer.endpoint }}" {{- if .Values.global.skipAuth }} @@ -49,9 +47,6 @@ spec: ports: - containerPort: {{ .Values.service.internalPort }} volumeMounts: - - mountPath: "/data/tls" - name: tls - readOnly: true - mountPath: "/bootstrap" name: bootstrap readOnly: true @@ -143,16 +138,6 @@ spec: resources: {{ .Values.resources | default .Values.global.resources | toYaml | indent 12 }} volumes: - - name: {{ template "fullname" . }} -{{- if default .Values.global.data.persist .Values.data.persist }} - hostPath: - path: {{ .Values.data.hostPath }} -{{- else }} - emptyDir: {} -{{- end }} - - name: tls - secret: - secretName: {{ default .Values.global.tls.secretName .Values.ingress.tls.secretName }} - name: bootstrap secret: secretName: {{ template "fullname" . }}-bootstrap diff --git a/charts/dispatch/charts/identity-manager/values.yaml b/charts/dispatch/charts/identity-manager/values.yaml index 2804abb0e..3dbade777 100644 --- a/charts/dispatch/charts/identity-manager/values.yaml +++ b/charts/dispatch/charts/identity-manager/values.yaml @@ -4,10 +4,9 @@ replicaCount: 1 maxUnavailable: 0 maxSurge: 1 - -image: +image: {} # host: vmware - repository: dispatch-identity-manager + # repository: dispatch-server # tag: latest # pullPolicy: Always service: diff --git a/charts/dispatch/charts/image-manager/templates/config-map.yaml b/charts/dispatch/charts/image-manager/templates/config-map.yaml index fcea449e7..bc18fa483 100644 --- a/charts/dispatch/charts/image-manager/templates/config-map.yaml +++ b/charts/dispatch/charts/image-manager/templates/config-map.yaml @@ -4,11 +4,8 @@ metadata: name: {{ template "fullname" . }} namespace: {{ .Release.Namespace }} data: - organization: {{ .Values.global.organization }} - config.json: |- - { - "registry": { - "uri": "{{ default .Values.global.registry.uri .Values.registry.uri }}", - "auth": "{{ default .Values.global.registry.auth .Values.registry.auth }}" - } - } + config.yaml: |- + --- + registry-auth: {{ default .Values.global.registry.auth .Values.registry.auth }} + image-registry: {{ default .Values.global.registry.uri .Values.registry.uri }} + diff --git a/charts/dispatch/charts/image-manager/templates/deployment.yaml b/charts/dispatch/charts/image-manager/templates/deployment.yaml index b9c41e986..bca4d3804 100644 --- a/charts/dispatch/charts/image-manager/templates/deployment.yaml +++ b/charts/dispatch/charts/image-manager/templates/deployment.yaml @@ -23,10 +23,11 @@ spec: spec: containers: - name: {{ .Chart.Name }} - image: "{{ default .Values.global.image.host .Values.image.host }}/{{ .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" + image: "{{ default .Values.global.image.host .Values.image.host }}/{{ default .Values.global.image.repository .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" imagePullPolicy: {{ default .Values.global.pullPolicy .Values.image.pullPolicy }} args: - - "--config=/data/config/{{ template "name" . }}.json" + - "image-manager" + - "--config=/data/config/config.yaml" - "--host=0.0.0.0" - "--port={{ .Values.service.internalPort }}" - "--db-file={{ default .Release.Name .Values.global.db.release }}-{{ .Values.global.db.host }}.{{ default .Release.Namespace .Values.global.db.namespace }}:{{ .Values.global.db.port }}" @@ -34,9 +35,6 @@ spec: - "--db-username={{ .Values.global.db.user }}" - "--db-password={{ .Values.global.db.password }}" - "--db-database={{ .Values.global.db.database }}" - - "--tls-port=443" - - "--tls-certificate=/data/tls/tls.crt" - - "--tls-key=/data/tls/tls.key" - "--tracer={{ .Values.global.tracer.endpoint }}" {{- if default .Values.global.debug .Values.debug }} - "--debug" @@ -62,13 +60,8 @@ spec: initialDelaySeconds: 10 periodSeconds: 3 volumeMounts: - - mountPath: "/data/{{ template "name" . }}" - name: {{ template "fullname" . }} - mountPath: /data/config - name: {{ template "fullname" . }}-config - readOnly: true - - mountPath: "/data/tls" - name: tls + name: config readOnly: true env: - name: DOCKER_API_VERSION @@ -92,22 +85,12 @@ spec: resources: {{ .Values.dindResources | default .Values.global.resources | toYaml | indent 12 }} volumes: - - name: {{ template "fullname" . }} -{{- if default .Values.global.data.persist .Values.data.persist }} - hostPath: - path: {{ .Values.data.hostPath }} -{{- else }} - emptyDir: {} -{{- end }} - - name: {{ template "fullname" . }}-config + - name: config configMap: name: {{ template "fullname" . }} items: - - key: config.json - path: {{ template "name" . }}.json - - name: tls - secret: - secretName: {{ default .Values.global.tls.secretName .Values.ingress.tls.secretName }} + - key: config.yaml + path: config.yaml - name: docker-graph-storage emptyDir: {} {{- if .Values.nodeSelector }} diff --git a/charts/dispatch/charts/image-manager/values.yaml b/charts/dispatch/charts/image-manager/values.yaml index 2f4576764..bc89cb34d 100644 --- a/charts/dispatch/charts/image-manager/values.yaml +++ b/charts/dispatch/charts/image-manager/values.yaml @@ -4,8 +4,8 @@ replicaCount: 1 maxUnavailable: 0 maxSurge: 1 -image: - repository: dispatch-image-manager +image: {} + # repository: dispatch-server # host: vmware # tag: latest # pullPolicy: Always diff --git a/charts/dispatch/charts/secret-store/templates/cluster-role.yaml b/charts/dispatch/charts/secret-store/templates/cluster-role.yaml index b0dd3cb2e..25412f99f 100644 --- a/charts/dispatch/charts/secret-store/templates/cluster-role.yaml +++ b/charts/dispatch/charts/secret-store/templates/cluster-role.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# A cluster role for create/get/list/delete/update secrets apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: diff --git a/charts/dispatch/charts/secret-store/templates/config-map.yaml b/charts/dispatch/charts/secret-store/templates/config-map.yaml deleted file mode 100644 index b12e346e8..000000000 --- a/charts/dispatch/charts/secret-store/templates/config-map.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "fullname" . }} - namespace: {{ .Release.Namespace }} -data: - organization: {{ .Values.global.organization }} - serverless.json: |- - {} diff --git a/charts/dispatch/charts/secret-store/templates/deployment.yaml b/charts/dispatch/charts/secret-store/templates/deployment.yaml index 2ed751bd6..bbd92a092 100644 --- a/charts/dispatch/charts/secret-store/templates/deployment.yaml +++ b/charts/dispatch/charts/secret-store/templates/deployment.yaml @@ -24,14 +24,12 @@ spec: serviceAccountName: {{ if .Values.global.rbac.create }}{{ template "fullname" . }}-service-account{{ else }}"{{ .Values.global.rbac.serviceAccountName }}"{{ end }} containers: - name: {{ .Chart.Name }} - image: "{{ default .Values.global.image.host .Values.image.host }}/{{ .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" + image: "{{ default .Values.global.image.host .Values.image.host }}/{{ default .Values.global.image.repository .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" imagePullPolicy: {{ default .Values.global.pullPolicy .Values.image.pullPolicy }} args: + - "secret-store" - "--host=0.0.0.0" - "--port={{ .Values.service.internalPort }}" - - "--tls-port=443" - - "--tls-certificate=/data/tls/tls.crt" - - "--tls-key=/data/tls/tls.key" - "--namespace={{ .Release.Namespace }}" - "--db-file={{ default .Release.Name .Values.global.db.release }}-{{ .Values.global.db.host }}.{{ default .Release.Namespace .Values.global.db.namespace }}:{{ .Values.global.db.port }}" - "--db-backend={{ .Values.global.db.backend }}" @@ -62,33 +60,8 @@ spec: value: cookie initialDelaySeconds: 10 periodSeconds: 3 - volumeMounts: - - mountPath: "/data/{{ template "name" . }}" - name: {{ template "fullname" . }} - - mountPath: "/var/run/docker.sock" - name: {{ template "fullname" . }}-docker - - mountPath: "/data/tls" - name: tls - readOnly: true - env: - - name: DOCKER_API_VERSION - value: "1.23" resources: {{ .Values.resources | default .Values.global.resources | toYaml | indent 12 }} - volumes: - - name: {{ template "fullname" . }} -{{- if default .Values.global.data.persist .Values.data.persist }} - hostPath: - path: {{ .Values.data.hostPath }} -{{- else }} - emptyDir: {} -{{- end }} - - name: {{ template "fullname" . }}-docker - hostPath: - path: /var/run/docker.sock - - name: tls - secret: - secretName: {{ default .Values.global.tls.secretName .Values.ingress.tls.secretName }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/charts/dispatch/charts/secret-store/templates/role-binding.yaml b/charts/dispatch/charts/secret-store/templates/role-binding.yaml index c36cb03a8..ea1c31d88 100644 --- a/charts/dispatch/charts/secret-store/templates/role-binding.yaml +++ b/charts/dispatch/charts/secret-store/templates/role-binding.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# The role binding to combine the secret-access service account and role apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding metadata: diff --git a/charts/dispatch/charts/secret-store/templates/service-account.yaml b/charts/dispatch/charts/secret-store/templates/service-account.yaml index 4be429591..d25b0ac95 100644 --- a/charts/dispatch/charts/secret-store/templates/service-account.yaml +++ b/charts/dispatch/charts/secret-store/templates/service-account.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# A service account for secret-store pod apiVersion: v1 kind: ServiceAccount metadata: diff --git a/charts/dispatch/charts/secret-store/values.yaml b/charts/dispatch/charts/secret-store/values.yaml index 6aae837aa..606384574 100644 --- a/charts/dispatch/charts/secret-store/values.yaml +++ b/charts/dispatch/charts/secret-store/values.yaml @@ -4,9 +4,9 @@ replicaCount: 1 maxUnavailable: 0 maxSurge: 1 -image: +image: {} # host: vmware - repository: dispatch-secret-store + # repository: dispatch-server # tag: latest # pullPolicy: Always service: diff --git a/charts/dispatch/charts/service-manager/templates/cluster-role-binding.yaml b/charts/dispatch/charts/service-manager/templates/cluster-role-binding.yaml index 70ddb62fa..d44bc8245 100644 --- a/charts/dispatch/charts/service-manager/templates/cluster-role-binding.yaml +++ b/charts/dispatch/charts/service-manager/templates/cluster-role-binding.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# The role binding to combine the secret-access service account and role kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: diff --git a/charts/dispatch/charts/service-manager/templates/cluster-role.yaml b/charts/dispatch/charts/service-manager/templates/cluster-role.yaml index 9095a5e79..54f884211 100644 --- a/charts/dispatch/charts/service-manager/templates/cluster-role.yaml +++ b/charts/dispatch/charts/service-manager/templates/cluster-role.yaml @@ -1,5 +1,4 @@ {{- if .Values.global.rbac.create -}} -# A cluster role for create/get/list/delete/update secrets apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: diff --git a/charts/dispatch/charts/service-manager/templates/config-map.yaml b/charts/dispatch/charts/service-manager/templates/config-map.yaml index ba4df9f82..3f3aa8b23 100644 --- a/charts/dispatch/charts/service-manager/templates/config-map.yaml +++ b/charts/dispatch/charts/service-manager/templates/config-map.yaml @@ -4,13 +4,8 @@ metadata: name: {{ template "fullname" . }} namespace: {{ .Release.Namespace }} data: - organization: {{ .Values.global.organization }} - config.json: |- - { - "service": { - "catalog": "{{ .Values.catalog.selected }}", - "k8sServiceCatalog": { - "catalogNamespace": "{{ .Values.catalog.k8sservicecatalog.namespace }}" - } - } - } + config.yaml: |- + --- + services: + catalog: {{ .Values.catalog.selected }} + namespace: {{ .Values.catalog.k8sservicecatalog.namespace }} diff --git a/charts/dispatch/charts/service-manager/templates/deployment.yaml b/charts/dispatch/charts/service-manager/templates/deployment.yaml index d68583cff..0eb6c7a1a 100644 --- a/charts/dispatch/charts/service-manager/templates/deployment.yaml +++ b/charts/dispatch/charts/service-manager/templates/deployment.yaml @@ -24,15 +24,13 @@ spec: serviceAccountName: {{ if .Values.global.rbac.create }}{{ template "fullname" . }}-service-account{{ else }}"{{ .Values.global.rbac.serviceAccountName }}"{{ end }} containers: - name: {{ .Chart.Name }} - image: "{{ default .Values.global.image.host .Values.image.host }}/{{ .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" + image: "{{ default .Values.global.image.host .Values.image.host }}/{{ default .Values.global.image.repository .Values.image.repository }}:{{ default .Values.global.image.tag .Values.image.tag }}" imagePullPolicy: {{ default .Values.global.pullPolicy .Values.image.pullPolicy }} args: - - "--config=/data/config/{{ template "name" . }}.json" + - "service-manager" + - "--config=/data/config/config.yaml" - "--host=0.0.0.0" - "--port={{ .Values.service.internalPort }}" - - "--tls-port=443" - - "--tls-certificate=/data/tls/tls.crt" - - "--tls-key=/data/tls/tls.key" - "--db-file={{ default .Release.Name .Values.global.db.release }}-{{ .Values.global.db.host }}.{{ default .Release.Namespace .Values.global.db.namespace }}:{{ .Values.global.db.port }}" - "--db-backend={{ .Values.global.db.backend }}" - "--db-username={{ .Values.global.db.user }}" @@ -64,39 +62,18 @@ spec: initialDelaySeconds: 10 periodSeconds: 3 volumeMounts: - - mountPath: "/data/{{ template "name" . }}" - name: {{ template "fullname" . }} - mountPath: /data/config - name: {{ template "fullname" . }}-config + name: config readOnly: true - - mountPath: "/data/tls" - name: tls - readOnly: true - env: - - name: ORGANIZATION - valueFrom: - configMapKeyRef: - name: {{ template "fullname" . }} - key: organization resources: {{ .Values.resources | default .Values.global.resources | toYaml | indent 12 }} volumes: - - name: {{ template "fullname" . }} -{{- if default .Values.global.data.persist .Values.data.persist }} - hostPath: - path: {{ .Values.data.hostPath }} -{{- else }} - emptyDir: {} -{{- end }} - - name: {{ template "fullname" . }}-config + - name: config configMap: name: {{ template "fullname" . }} items: - - key: config.json - path: {{ template "name" . }}.json - - name: tls - secret: - secretName: {{ default .Values.global.tls.secretName .Values.ingress.tls.secretName }} + - key: config.yaml + path: config.yaml {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} diff --git a/charts/dispatch/charts/service-manager/values.yaml b/charts/dispatch/charts/service-manager/values.yaml index bddf37b2d..c6054d581 100644 --- a/charts/dispatch/charts/service-manager/values.yaml +++ b/charts/dispatch/charts/service-manager/values.yaml @@ -4,9 +4,9 @@ replicaCount: 1 maxUnavailable: 0 maxSurge: 1 -image: +image: {} # host: vmware - repository: dispatch-service-manager + # repository: dispatch-server # tag: latest # pullPolicy: Always service: diff --git a/charts/dispatch/values.yaml b/charts/dispatch/values.yaml index aceb2b6ba..07dcd3277 100644 --- a/charts/dispatch/values.yaml +++ b/charts/dispatch/values.yaml @@ -5,16 +5,14 @@ global: pullPolicy: IfNotPresent # NOTE: replace with your client id & secret with helm install skipAuth: false - organization: dispatch #host_ip: #host: dispatch.vmware.com port: 443 debug: true image: + repository: dispatch-server tag: v0.1.15 host: vmware - data: - persist: false db: backend: postgres host: postgresql diff --git a/ci/pipelines/e2e.yml b/ci/pipelines/e2e.yml index 4789c4bb0..99eb608d7 100644 --- a/ci/pipelines/e2e.yml +++ b/ci/pipelines/e2e.yml @@ -51,20 +51,6 @@ resources: - name: keyval type: keyval -- name: api-manager-image - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-api-manager - -- name: event-manager-image - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-event-manager - - name: event-sidecar-image type: docker-image source: @@ -72,47 +58,12 @@ resources: password: ((ci-registry-password.gcr)) repository: ((ci-registry-org.gcr))/dispatch-event-sidecar -- name: function-manager-image - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-function-manager - -- name: identity-manager-image - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-identity-manager - -- name: image-manager-image - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-image-manager - -- name: secret-store-image +- name: dispatch-server-image type: docker-image source: username: ((ci-registry-username.gcr)) password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-secret-store - -- name: application-manager-image - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-application-manager - -- name: service-manager-image - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-service-manager + repository: ((ci-registry-org.gcr))/dispatch-server jobs: - name: build-images @@ -136,50 +87,15 @@ jobs: params: file: build-context/keyval.properties - aggregate: - - put: api-manager-image - params: - build: build-context/api-manager - dockerfile: build-context/api-manager/Dockerfile - tag: build-context/tag - - put: event-manager-image - params: - build: build-context/event-manager - dockerfile: build-context/event-manager/Dockerfile - tag: build-context/tag - put: event-sidecar-image params: build: build-context/event-sidecar dockerfile: build-context/event-sidecar/Dockerfile tag: build-context/tag - - put: function-manager-image - params: - build: build-context/function-manager - dockerfile: build-context/function-manager/Dockerfile - tag: build-context/tag - - put: identity-manager-image - params: - build: build-context/identity-manager - dockerfile: build-context/identity-manager/Dockerfile - tag: build-context/tag - - put: image-manager-image - params: - build: build-context/image-manager - dockerfile: build-context/image-manager/Dockerfile - tag: build-context/tag - - put: secret-store-image - params: - build: build-context/secret-store - dockerfile: build-context/secret-store/Dockerfile - tag: build-context/tag - - put: application-manager-image - params: - build: build-context/application-manager - dockerfile: build-context/application-manager/Dockerfile - tag: build-context/tag - - put: service-manager-image + - put: dispatch-server-image params: - build: build-context/service-manager - dockerfile: build-context/service-manager/Dockerfile + build: build-context/dispatch-server + dockerfile: build-context/dispatch-server/Dockerfile tag: build-context/tag - put: time-trigger - put: dispatch-pr diff --git a/ci/pipelines/release.yml b/ci/pipelines/release.yml index 5439ea7aa..537766497 100644 --- a/ci/pipelines/release.yml +++ b/ci/pipelines/release.yml @@ -19,27 +19,6 @@ resources: - name: keyval type: keyval -- name: api-manager-e2e - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-api-manager - -- name: event-driver-e2e - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-event-driver - -- name: event-manager-e2e - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-event-manager - - name: event-sidecar-e2e type: docker-image source: @@ -47,71 +26,12 @@ resources: password: ((ci-registry-password.gcr)) repository: ((ci-registry-org.gcr))/dispatch-event-sidecar -- name: function-manager-e2e - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-function-manager - -- name: identity-manager-e2e - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-identity-manager - -- name: image-manager-e2e - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-image-manager - -- name: secret-store-e2e +- name: dispatch-server-e2e type: docker-image source: username: ((ci-registry-username.gcr)) password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-secret-store - -- name: application-manager-e2e - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-application-manager - -- name: service-manager-e2e - type: docker-image - source: - username: ((ci-registry-username.gcr)) - password: ((ci-registry-password.gcr)) - repository: ((ci-registry-org.gcr))/dispatch-service-manager - -- name: api-manager-release - type: docker-image - source: - email: ((docker-hub-email)) - username: ((docker-hub-username)) - password: ((docker-hub-password)) - repository: ((docker-hub-org))/dispatch-api-manager - -- name: event-driver-release - type: docker-image - source: - email: ((docker-hub-email)) - username: ((docker-hub-username)) - password: ((docker-hub-password)) - repository: ((docker-hub-org))/dispatch-event-driver - -- name: event-manager-release - type: docker-image - source: - email: ((docker-hub-email)) - username: ((docker-hub-username)) - password: ((docker-hub-password)) - repository: ((docker-hub-org))/dispatch-event-manager + repository: ((ci-registry-org.gcr))/dispatch-server - name: event-sidecar-release type: docker-image @@ -121,53 +41,13 @@ resources: password: ((docker-hub-password)) repository: ((docker-hub-org))/dispatch-event-sidecar -- name: function-manager-release - type: docker-image - source: - email: ((docker-hub-email)) - username: ((docker-hub-username)) - password: ((docker-hub-password)) - repository: ((docker-hub-org))/dispatch-function-manager - -- name: identity-manager-release - type: docker-image - source: - email: ((docker-hub-email)) - username: ((docker-hub-username)) - password: ((docker-hub-password)) - repository: ((docker-hub-org))/dispatch-identity-manager - -- name: image-manager-release - type: docker-image - source: - email: ((docker-hub-email)) - username: ((docker-hub-username)) - password: ((docker-hub-password)) - repository: ((docker-hub-org))/dispatch-image-manager - -- name: secret-store-release - type: docker-image - source: - email: ((docker-hub-email)) - username: ((docker-hub-username)) - password: ((docker-hub-password)) - repository: ((docker-hub-org))/dispatch-secret-store - -- name: application-manager-release +- name: dispatch-server-release type: docker-image source: email: ((docker-hub-email)) username: ((docker-hub-username)) password: ((docker-hub-password)) - repository: ((docker-hub-org))/dispatch-application-manager - -- name: service-manager-release - type: docker-image - source: - email: ((docker-hub-email)) - username: ((docker-hub-username)) - password: ((docker-hub-password)) - repository: ((docker-hub-org))/dispatch-service-manager + repository: ((docker-hub-org))/dispatch-server - name: dispatch-master type: git @@ -235,55 +115,15 @@ jobs: params: file: build-context/keyval.properties - aggregate: - - put: api-manager-e2e - params: - build: build-context/api-manager - dockerfile: build-context/api-manager/Dockerfile - tag: build-context/tag - - put: event-driver-e2e - params: - build: build-context/event-driver - dockerfile: build-context/event-driver/Dockerfile - tag: build-context/tag - - put: event-manager-e2e - params: - build: build-context/event-manager - dockerfile: build-context/event-manager/Dockerfile - tag: build-context/tag - put: event-sidecar-e2e params: build: build-context/event-sidecar dockerfile: build-context/event-sidecar/Dockerfile tag: build-context/tag - - put: function-manager-e2e + - put: dispatch-server-e2e params: build: build-context/function-manager - dockerfile: build-context/function-manager/Dockerfile - tag: build-context/tag - - put: identity-manager-e2e - params: - build: build-context/identity-manager - dockerfile: build-context/identity-manager/Dockerfile - tag: build-context/tag - - put: image-manager-e2e - params: - build: build-context/image-manager - dockerfile: build-context/image-manager/Dockerfile - tag: build-context/tag - - put: secret-store-e2e - params: - build: build-context/secret-store - dockerfile: build-context/secret-store/Dockerfile - tag: build-context/tag - - put: application-manager-e2e - params: - build: build-context/application-manager - dockerfile: build-context/application-manager/Dockerfile - tag: build-context/tag - - put: service-manager-e2e - params: - build: build-context/service-manager - dockerfile: build-context/service-manager/Dockerfile + dockerfile: build-context/dispatch-server/Dockerfile tag: build-context/tag - name: tests-openfaas @@ -396,55 +236,15 @@ jobs: - task: prepare-images file: dispatch/ci/release/release-images.yml - aggregate: - - put: api-manager-release - params: - build: build-context/api-manager - dockerfile: build-context/api-manager/Dockerfile - tag: build-context/tag - - put: event-driver-release - params: - build: build-context/event-driver - dockerfile: build-context/event-driver/Dockerfile - tag: build-context/tag - put: event-sidecar-release params: build: build-context/event-sidecar dockerfile: build-context/event-sidecar/Dockerfile tag: build-context/tag - - put: event-manager-release + - put: dispatch-server-release params: build: build-context/event-manager - dockerfile: build-context/event-manager/Dockerfile - tag: build-context/tag - - put: function-manager-release - params: - build: build-context/function-manager - dockerfile: build-context/function-manager/Dockerfile - tag: build-context/tag - - put: identity-manager-release - params: - build: build-context/identity-manager - dockerfile: build-context/identity-manager/Dockerfile - tag: build-context/tag - - put: image-manager-release - params: - build: build-context/image-manager - dockerfile: build-context/image-manager/Dockerfile - tag: build-context/tag - - put: secret-store-release - params: - build: build-context/secret-store - dockerfile: build-context/secret-store/Dockerfile - tag: build-context/tag - - put: application-manager-release - params: - build: build-context/application-manager - dockerfile: build-context/application-manager/Dockerfile - tag: build-context/tag - - put: service-manager-release - params: - build: build-context/service-manager - dockerfile: build-context/service-manager/Dockerfile + dockerfile: build-context/dispatch-server/Dockerfile tag: build-context/tag - task: push-charts file: dispatch/ci/release/push-charts.yml diff --git a/cmd/api-manager/main.go b/cmd/api-manager/main.go deleted file mode 100644 index 24a3449f0..000000000 --- a/cmd/api-manager/main.go +++ /dev/null @@ -1,145 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// - -package main - -import ( - "os" - "time" - - "github.com/go-openapi/loads" - "github.com/go-openapi/loads/fmts" - "github.com/go-openapi/swag" - "github.com/jessevdk/go-flags" - "github.com/justinas/alice" - "github.com/opentracing/opentracing-go" - log "github.com/sirupsen/logrus" - - "github.com/vmware/dispatch/pkg/api-manager" - "github.com/vmware/dispatch/pkg/api-manager/gateway/kong" - "github.com/vmware/dispatch/pkg/api-manager/gen/restapi" - "github.com/vmware/dispatch/pkg/api-manager/gen/restapi/operations" - "github.com/vmware/dispatch/pkg/entity-store" - "github.com/vmware/dispatch/pkg/middleware" - "github.com/vmware/dispatch/pkg/utils" -) - -func init() { - loads.AddLoader(fmts.YAMLMatcher, fmts.YAMLDoc) -} - -var debugFlags = struct { - DebugEnabled bool `long:"debug" description:"Enable debugging messages"` -}{} - -func configureFlags() []swag.CommandLineOptionsGroup { - return []swag.CommandLineOptionsGroup{ - swag.CommandLineOptionsGroup{ - ShortDescription: "API Manager Flags", - LongDescription: "", - Options: &apimanager.APIManagerFlags, - }, - swag.CommandLineOptionsGroup{ - ShortDescription: "Debug options", - LongDescription: "", - Options: &debugFlags, - }, - } -} - -func main() { - - swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "2.0") - if err != nil { - log.Fatalln(err) - } - - api := operations.NewAPIManagerAPI(swaggerSpec) - server := restapi.NewServer(api) - - parser := flags.NewParser(server, flags.Default) - parser.ShortDescription = "API Manager" - parser.LongDescription = "This is the API server for the Dispatch API Manager service.\n" - - optsGroups := configureFlags() - for _, optsGroup := range optsGroups { - _, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options) - if err != nil { - log.Fatalln(err) - } - } - - if _, err := parser.Parse(); err != nil { - code := 1 - if fe, ok := err.(*flags.Error); ok { - if fe.Type == flags.ErrHelp { - code = 0 - } - } - os.Exit(code) - } - - if debugFlags.DebugEnabled { - log.SetLevel(log.DebugLevel) - } - - // entity store - es, err := entitystore.NewFromBackend( - entitystore.BackendConfig{ - Backend: apimanager.APIManagerFlags.DbBackend, - Address: apimanager.APIManagerFlags.DbFile, - Bucket: apimanager.APIManagerFlags.DbDatabase, - Username: apimanager.APIManagerFlags.DbUser, - Password: apimanager.APIManagerFlags.DbPassword, - }) - if err != nil { - log.Fatalln(err) - } - - // api gateway - gateway, err := kong.NewClient(&kong.Config{ - Host: apimanager.APIManagerFlags.GatewayHost, - Upstream: apimanager.APIManagerFlags.FunctionManager, - }) - if err != nil { - log.Fatalf("Error creating an api gateway client: %v", err) - } - - // controller - config := &apimanager.ControllerConfig{ - ResyncPeriod: time.Duration(apimanager.APIManagerFlags.ResyncPeriod) * time.Second, - } - controller := apimanager.NewController(config, es, gateway) - defer controller.Shutdown() - controller.Start() - - // handlers - handlers := apimanager.NewHandlers(controller.Watcher(), es) - handlers.ConfigureHandlers(api) - - healthChecker := func() error { - // TODO: implement service-specific healthchecking - return nil - } - - tracer, tracingCloser, err := utils.CreateTracer("APIManager", apimanager.APIManagerFlags.Tracer) - if err != nil { - log.Fatalf("Error creating a tracer: %+v", err) - } - defer tracingCloser.Close() - opentracing.SetGlobalTracer(tracer) - - handler := alice.New( - middleware.NewHealthCheckMW("", healthChecker), - middleware.NewTracingMW(tracer), - ).Then(api.Serve(nil)) - - server.SetHandler(handler) - - defer server.Shutdown() - if err := server.Serve(); err != nil { - log.Fatalln(err) - } -} diff --git a/cmd/application-manager/main.go b/cmd/application-manager/main.go deleted file mode 100644 index f13e7e0b4..000000000 --- a/cmd/application-manager/main.go +++ /dev/null @@ -1,125 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// - -package main - -import ( - "os" - - "github.com/go-openapi/loads" - "github.com/go-openapi/loads/fmts" - "github.com/go-openapi/swag" - "github.com/jessevdk/go-flags" - "github.com/justinas/alice" - "github.com/opentracing/opentracing-go" - log "github.com/sirupsen/logrus" - - "github.com/vmware/dispatch/pkg/application-manager" - "github.com/vmware/dispatch/pkg/application-manager/gen/restapi" - "github.com/vmware/dispatch/pkg/application-manager/gen/restapi/operations" - "github.com/vmware/dispatch/pkg/entity-store" - "github.com/vmware/dispatch/pkg/middleware" - "github.com/vmware/dispatch/pkg/utils" -) - -func init() { - loads.AddLoader(fmts.YAMLMatcher, fmts.YAMLDoc) -} - -var debugFlags = struct { - DebugEnabled bool `long:"debug" description:"Enable debugging messages"` -}{} - -func configureFlags() []swag.CommandLineOptionsGroup { - return []swag.CommandLineOptionsGroup{ - swag.CommandLineOptionsGroup{ - ShortDescription: "Application Manager Flags", - LongDescription: "", - Options: &applicationmanager.ApplicationManagerFlags, - }, - swag.CommandLineOptionsGroup{ - ShortDescription: "Debug options", - LongDescription: "", - Options: &debugFlags, - }, - } -} - -func main() { - - swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "2.0") - if err != nil { - log.Fatalln(err) - } - - app := operations.NewApplicationManagerAPI(swaggerSpec) - server := restapi.NewServer(app) - - parser := flags.NewParser(server, flags.Default) - parser.ShortDescription = "Application Manager" - parser.LongDescription = "This is the API server for the Dispatch Application Manager service.\n" - - optsGroups := configureFlags() - for _, optsGroup := range optsGroups { - _, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options) - if err != nil { - log.Fatalln(err) - } - } - - if _, err := parser.Parse(); err != nil { - code := 1 - if fe, ok := err.(*flags.Error); ok { - if fe.Type == flags.ErrHelp { - code = 0 - } - } - os.Exit(code) - } - - if debugFlags.DebugEnabled { - log.SetLevel(log.DebugLevel) - } - - // entity store - es, err := entitystore.NewFromBackend( - entitystore.BackendConfig{ - Backend: applicationmanager.ApplicationManagerFlags.DbBackend, - Address: applicationmanager.ApplicationManagerFlags.DbFile, - Bucket: applicationmanager.ApplicationManagerFlags.DbDatabase, - Username: applicationmanager.ApplicationManagerFlags.DbUser, - Password: applicationmanager.ApplicationManagerFlags.DbPassword, - }) - if err != nil { - log.Fatalln(err) - } - // handlers - handlers := applicationmanager.NewHandlers(nil, es) - handlers.ConfigureHandlers(app) - - healthChecker := func() error { - // TODO: implement service-specific healthchecking - return nil - } - - tracer, tracingCloser, err := utils.CreateTracer("ApplicationManager", applicationmanager.ApplicationManagerFlags.Tracer) - if err != nil { - log.Fatalf("Error creating a tracer: %+v", err) - } - defer tracingCloser.Close() - opentracing.SetGlobalTracer(tracer) - - handler := alice.New( - middleware.NewHealthCheckMW("", healthChecker), - middleware.NewTracingMW(tracer), - ).Then(app.Serve(nil)) - - server.SetHandler(handler) - - defer server.Shutdown() - if err := server.Serve(); err != nil { - log.Fatalln(err) - } -} diff --git a/cmd/event-manager/main.go b/cmd/event-manager/main.go deleted file mode 100644 index f51d20bb9..000000000 --- a/cmd/event-manager/main.go +++ /dev/null @@ -1,195 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// - -package main - -import ( - "os" - - "github.com/go-openapi/loads" - "github.com/go-openapi/loads/fmts" - "github.com/go-openapi/swag" - "github.com/jessevdk/go-flags" - "github.com/justinas/alice" - "github.com/opentracing/opentracing-go" - log "github.com/sirupsen/logrus" - - "github.com/vmware/dispatch/pkg/client" - "github.com/vmware/dispatch/pkg/config" - "github.com/vmware/dispatch/pkg/entity-store" - "github.com/vmware/dispatch/pkg/event-manager" - "github.com/vmware/dispatch/pkg/event-manager/drivers" - "github.com/vmware/dispatch/pkg/event-manager/gen/restapi" - "github.com/vmware/dispatch/pkg/event-manager/gen/restapi/operations" - "github.com/vmware/dispatch/pkg/event-manager/subscriptions" - "github.com/vmware/dispatch/pkg/events" - "github.com/vmware/dispatch/pkg/events/transport" - "github.com/vmware/dispatch/pkg/middleware" - "github.com/vmware/dispatch/pkg/utils" -) - -func init() { - loads.AddLoader(fmts.YAMLMatcher, fmts.YAMLDoc) -} - -var debugFlags = struct { - DebugEnabled bool `long:"debug" description:"Enable debugging messages"` -}{} - -func configureFlags() []swag.CommandLineOptionsGroup { - return []swag.CommandLineOptionsGroup{ - { - ShortDescription: "Event manager Flags", - LongDescription: "", - Options: &eventmanager.Flags, - }, - { - ShortDescription: "Debug options", - LongDescription: "", - Options: &debugFlags, - }, - } -} - -func main() { - swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "2.0") - if err != nil { - log.Fatalln(err) - } - - api := operations.NewEventManagerAPI(swaggerSpec) - server := restapi.NewServer(api) - - parser := flags.NewParser(server, flags.Default) - parser.ShortDescription = "Event Manager" - parser.LongDescription = "This is the API server for the Dispatch Event Manager service.\n" - - optsGroups := configureFlags() - for _, optsGroup := range optsGroups { - _, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options) - if err != nil { - log.Fatalln(err) - } - } - - if _, err := parser.Parse(); err != nil { - code := 1 - if fe, ok := err.(*flags.Error); ok { - if fe.Type == flags.ErrHelp { - code = 0 - } - } - os.Exit(code) - } - - if debugFlags.DebugEnabled { - log.SetLevel(log.DebugLevel) - } - - config.Global = config.LoadConfiguration(eventmanager.Flags.Config) - - store, err := entitystore.NewFromBackend( - entitystore.BackendConfig{ - Backend: eventmanager.Flags.DbBackend, - Address: eventmanager.Flags.DbFile, - Bucket: eventmanager.Flags.DbDatabase, - Username: eventmanager.Flags.DbUser, - Password: eventmanager.Flags.DbPassword, - }) - if err != nil { - log.Fatalln(err) - } - - var eventTransport events.Transport - - switch eventmanager.Flags.Transport { - // TODO: make transport types constants/iota - case "kafka": - eventTransport, err = transport.NewKafka(eventmanager.Flags.KafkaBrokers) - if err != nil { - log.Fatalf("Error creating Kafka event transport: %+v", err) - } - case "rabbitmq": - eventTransport, err = transport.NewRabbitMQ( - eventmanager.Flags.RabbitMQURL, - ) - if err != nil { - log.Fatalf("Error creating RabbitMQ event transport: %+v", err) - } - default: - log.Fatalf("Transport %s is not supported. pick one of [kafka,rabbitmq]", eventmanager.Flags.Transport) - } - defer eventTransport.Close() - - fnClient := client.NewFunctionsClient(eventmanager.Flags.FunctionManager, client.AuthWithToken("cookie"), "") - secretsClient := client.NewSecretsClient(eventmanager.Flags.SecretStore, client.AuthWithToken("cookie"), "") - - subManager, err := subscriptions.NewManager(eventTransport, fnClient) - if err != nil { - log.Fatalf("Error creating SubscriptionManager: %v", err) - } - - k8sBackend, err := drivers.NewK8sBackend( - secretsClient, - drivers.ConfigOpts{ - SidecarImage: eventmanager.Flags.EventSidecarImage, - TransportType: eventmanager.Flags.Transport, - KafkaBrokers: eventmanager.Flags.KafkaBrokers, - RabbitMQURL: eventmanager.Flags.RabbitMQURL, - Tracer: eventmanager.Flags.Tracer, - K8sConfig: eventmanager.Flags.K8sConfig, - DriverNamespace: eventmanager.Flags.K8sNamespace, - Host: eventmanager.Flags.IngressHost, - }, - ) - if err != nil { - log.Fatalf("Error creating k8sBackend: %v", err) - } - // event controller - eventController := eventmanager.NewEventController( - subManager, - k8sBackend, - store, - eventmanager.EventControllerConfig{}, - ) - - defer eventController.Shutdown() - eventController.Start() - - // handler - handlers := &eventmanager.Handlers{ - Store: store, - Transport: eventTransport, - Watcher: eventController.Watcher(), - SecretsClient: secretsClient, - } - - handlers.ConfigureHandlers(api) - - healthChecker := func() error { - // TODO: implement service-specific healthchecking - return nil - } - - tracer, tracingCloser, err := utils.CreateTracer("EventManager", eventmanager.Flags.Tracer) - if err != nil { - log.Fatalf("Error creating a tracer: %+v", err) - } - defer tracingCloser.Close() - opentracing.SetGlobalTracer(tracer) - - handler := alice.New( - middleware.NewHealthCheckMW("", healthChecker), - middleware.NewTracingMW(tracer), - ).Then(api.Serve(nil)) - - server.SetHandler(handler) - - defer server.Shutdown() - if err := server.Serve(); err != nil { - log.Fatalln(err) - } - -} diff --git a/cmd/function-manager/main.go b/cmd/function-manager/main.go deleted file mode 100644 index c291363e1..000000000 --- a/cmd/function-manager/main.go +++ /dev/null @@ -1,236 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// - -package main - -import ( - "os" - "time" - - docker "github.com/docker/docker/client" - "github.com/go-openapi/loads" - "github.com/go-openapi/loads/fmts" - "github.com/go-openapi/swag" - "github.com/jessevdk/go-flags" - "github.com/justinas/alice" - "github.com/opentracing/opentracing-go" - "github.com/pkg/errors" - log "github.com/sirupsen/logrus" - "github.com/vmware/dispatch/pkg/client" - - "github.com/vmware/dispatch/pkg/config" - "github.com/vmware/dispatch/pkg/entity-store" - "github.com/vmware/dispatch/pkg/function-manager" - "github.com/vmware/dispatch/pkg/function-manager/gen/restapi" - "github.com/vmware/dispatch/pkg/function-manager/gen/restapi/operations" - "github.com/vmware/dispatch/pkg/functions" - "github.com/vmware/dispatch/pkg/functions/injectors" - "github.com/vmware/dispatch/pkg/functions/kubeless" - "github.com/vmware/dispatch/pkg/functions/noop" - "github.com/vmware/dispatch/pkg/functions/openfaas" - "github.com/vmware/dispatch/pkg/functions/openwhisk" - "github.com/vmware/dispatch/pkg/functions/riff" - "github.com/vmware/dispatch/pkg/functions/runner" - "github.com/vmware/dispatch/pkg/functions/validator" - "github.com/vmware/dispatch/pkg/middleware" - "github.com/vmware/dispatch/pkg/utils" -) - -var drivers = map[string]func() functions.FaaSDriver{ - "openfaas": func() functions.FaaSDriver { - faas, err := openfaas.New(&openfaas.Config{ - Gateway: config.Global.Function.OpenFaas.Gateway, - K8sConfig: config.Global.Function.OpenFaas.K8sConfig, - FuncNamespace: config.Global.Function.OpenFaas.FuncNamespace, - FuncDefaultRequests: config.Global.Function.OpenFaas.FuncDefaultRequests, - FuncDefaultLimits: config.Global.Function.OpenFaas.FuncDefaultLimits, - ImagePullSecret: config.Global.Function.OpenFaas.ImagePullSecret, - }) - if err != nil { - log.Fatalf("Error starting OpenFaaS driver: %+v", err) - } - return faas - }, - "riff": func() functions.FaaSDriver { - faas, err := riff.New(&riff.Config{ - KafkaBrokers: config.Global.Function.Riff.KafkaBrokers, - K8sConfig: config.Global.Function.Riff.K8sConfig, - FuncNamespace: config.Global.Function.Riff.FuncNamespace, - FuncDefaultRequests: config.Global.Function.Riff.FuncDefaultRequests, - FuncDefaultLimits: config.Global.Function.Riff.FuncDefaultLimits, - }) - if err != nil { - log.Fatalf("Error starting riff driver: %+v", err) - } - return faas - }, - "openwhisk": func() functions.FaaSDriver { - faas, err := openwhisk.New(&openwhisk.Config{ - AuthToken: config.Global.Function.Openwhisk.AuthToken, - Host: config.Global.Function.Openwhisk.Host, - Insecure: true, - }) - if err != nil { - log.Fatalf("Error getting OpenWhisk client: %+v", err) - } - return faas - }, - "kubeless": func() functions.FaaSDriver { - faas, err := kubeless.New(&kubeless.Config{ - K8sConfig: config.Global.Function.Kubeless.K8sConfig, - FuncNamespace: config.Global.Function.Kubeless.FuncNamespace, - ImagePullSecret: config.Global.Function.Kubeless.ImagePullSecret, - }) - if err != nil { - log.Fatalf("Error starting Kubeless driver: %+v", err) - } - return faas - }, - "noop": func() functions.FaaSDriver { - faas, err := noop.New(&noop.Config{}) - if err != nil { - log.Fatalf("Error starting noop driver: %+v", err) - } - return faas - }, -} - -func init() { - loads.AddLoader(fmts.YAMLMatcher, fmts.YAMLDoc) -} - -var debugFlags = struct { - DebugEnabled bool `long:"debug" description:"Enable debugging messages"` -}{} - -func configureFlags() []swag.CommandLineOptionsGroup { - return []swag.CommandLineOptionsGroup{{ - ShortDescription: "Function manager Flags", - LongDescription: "", - Options: &functionmanager.FunctionManagerFlags, - }, { - ShortDescription: "Debug options", - LongDescription: "", - Options: &debugFlags, - }} -} - -func main() { - swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "2.0") - if err != nil { - log.Fatalln(err) - } - - api := operations.NewFunctionManagerAPI(swaggerSpec) - server := restapi.NewServer(api) - - parser := flags.NewParser(server, flags.Default) - parser.ShortDescription = "Function Manager" - parser.LongDescription = "This is the API server for the Dispatch Function Manager service.\n" - - optsGroups := configureFlags() - for _, optsGroup := range optsGroups { - _, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options) - if err != nil { - log.Fatalln(err) - } - } - - if _, err := parser.Parse(); err != nil { - code := 1 - if fe, ok := err.(*flags.Error); ok { - if fe.Type == flags.ErrHelp { - code = 0 - } - } - os.Exit(code) - } - - if debugFlags.DebugEnabled { - log.SetLevel(log.DebugLevel) - } - - config.Global = config.LoadConfiguration(functionmanager.FunctionManagerFlags.Config) - log.Debugln("config.Global:") - log.Debugf("%+v", config.Global) - - registryAuth := config.Global.Registry.RegistryAuth - if config.Global.Registry.RegistryAuth == "" { - registryAuth = config.EmptyRegistryAuth - } - - es, err := entitystore.NewFromBackend( - entitystore.BackendConfig{ - Backend: functionmanager.FunctionManagerFlags.DbBackend, - Address: functionmanager.FunctionManagerFlags.DbFile, - Bucket: functionmanager.FunctionManagerFlags.DbDatabase, - Username: functionmanager.FunctionManagerFlags.DbUser, - Password: functionmanager.FunctionManagerFlags.DbPassword, - }) - if err != nil { - log.Fatalln(err) - } - - faas := drivers[config.Global.Function.Faas]() - defer utils.Close(faas) - - c := &functionmanager.ControllerConfig{ - ResyncPeriod: time.Duration(config.Global.Function.ResyncPeriod) * time.Second, - } - - secretsClient := client.NewSecretsClient(functionmanager.FunctionManagerFlags.SecretStore, client.AuthWithToken("cookie"), "") - servicesClient := client.NewServicesClient(functionmanager.FunctionManagerFlags.ServiceManager, client.AuthWithToken("cookie"), "") - - r := runner.New(&runner.Config{ - Faas: faas, - Validator: validator.New(), - SecretInjector: injectors.NewSecretInjector(secretsClient), - ServiceInjector: injectors.NewServiceInjector(secretsClient, servicesClient), - }) - - var imageGetter functionmanager.ImageGetter - imageGetter = client.NewImagesClient(functionmanager.FunctionManagerFlags.ImageManager, client.AuthWithToken("cookie"), "") - if config.Global.Function.FileImageManager != "" { - imageGetter = functionmanager.FileImageManagerClient() - } - - dc, err := docker.NewEnvClient() - if err != nil { - log.Fatalln(errors.Wrap(err, "could not get docker client")) - } - imageBuilder := functions.NewDockerImageBuilder(config.Global.Registry.RegistryURI, registryAuth, dc) - - controller := functionmanager.NewController(c, es, faas, r, imageGetter, imageBuilder) - defer controller.Shutdown() - controller.Start() - - handlers := functionmanager.NewHandlers(controller.Watcher(), es) - handlers.ConfigureHandlers(api) - - healthChecker := func() error { - // TODO: implement service-specific healthchecking - return nil - } - - tracer, tracingCloser, err := utils.CreateTracer("FunctionManager", functionmanager.FunctionManagerFlags.Tracer) - if err != nil { - log.Fatalf("Error creating a tracer: %+v", err) - } - defer tracingCloser.Close() - opentracing.SetGlobalTracer(tracer) - - handler := alice.New( - middleware.NewHealthCheckMW("", healthChecker), - middleware.NewTracingMW(tracer), - ).Then(api.Serve(nil)) - - server.SetHandler(handler) - - defer server.Shutdown() - if err := server.Serve(); err != nil { - log.Fatalln(err) - } - -} diff --git a/cmd/identity-manager/main.go b/cmd/identity-manager/main.go deleted file mode 100644 index f96b68fc3..000000000 --- a/cmd/identity-manager/main.go +++ /dev/null @@ -1,132 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// - -package main - -import ( - "os" - - "github.com/go-openapi/loads" - rtMiddleware "github.com/go-openapi/runtime/middleware" - "github.com/go-openapi/swag" - "github.com/jessevdk/go-flags" - "github.com/justinas/alice" - "github.com/opentracing/opentracing-go" - log "github.com/sirupsen/logrus" - - "github.com/vmware/dispatch/pkg/entity-store" - "github.com/vmware/dispatch/pkg/identity-manager" - iam "github.com/vmware/dispatch/pkg/identity-manager" - "github.com/vmware/dispatch/pkg/identity-manager/gen/restapi" - "github.com/vmware/dispatch/pkg/identity-manager/gen/restapi/operations" - "github.com/vmware/dispatch/pkg/middleware" - "github.com/vmware/dispatch/pkg/utils" -) - -var debugFlags = struct { - DebugEnabled bool `long:"debug" description:"Enable debugging messages"` -}{} - -func configureFlags() []swag.CommandLineOptionsGroup { - return []swag.CommandLineOptionsGroup{ - swag.CommandLineOptionsGroup{ - ShortDescription: "Identity Manager Flags", - LongDescription: "", - Options: &iam.IdentityManagerFlags, - }, - swag.CommandLineOptionsGroup{ - ShortDescription: "Debug options", - LongDescription: "", - Options: &debugFlags, - }, - } -} - -func main() { - - swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "") - if err != nil { - log.Fatalln(err) - } - - api := operations.NewIdentityManagerAPI(swaggerSpec) - api.Logger = log.Printf - server := restapi.NewServer(api) - defer server.Shutdown() - - parser := flags.NewParser(server, flags.Default) - parser.ShortDescription = "Identity Manager" - parser.LongDescription = "This is the API server for the Dispatch Identity Manager service.\n" - - optsGroups := configureFlags() - for _, optsGroup := range optsGroups { - _, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options) - if err != nil { - log.Fatalln(err) - } - } - - if _, err := parser.Parse(); err != nil { - code := 1 - if fe, ok := err.(*flags.Error); ok { - if fe.Type == flags.ErrHelp { - code = 0 - } - } - os.Exit(code) - } - - if debugFlags.DebugEnabled { - rtMiddleware.Logger = log.StandardLogger() - rtMiddleware.Debug = true - log.SetLevel(log.DebugLevel) - } - // entity store - es, err := entitystore.NewFromBackend( - entitystore.BackendConfig{ - Backend: identitymanager.IdentityManagerFlags.DbBackend, - Address: identitymanager.IdentityManagerFlags.DbFile, - Bucket: identitymanager.IdentityManagerFlags.DbDatabase, - Username: identitymanager.IdentityManagerFlags.DbUser, - Password: identitymanager.IdentityManagerFlags.DbPassword, - }) - if err != nil { - log.Fatalln(err) - } - - // Setup the policy enforcer - enforcer := identitymanager.SetupEnforcer(es) - - // Create the identity controller - controller := identitymanager.NewIdentityController(es, enforcer) - defer controller.Shutdown() - controller.Start() - - handlers := identitymanager.NewHandlers(controller.Watcher(), es, enforcer) - handlers.ConfigureHandlers(api) - - healthChecker := func() error { - // TODO: implement service-specific healthchecking - return nil - } - - tracer, tracingCloser, err := utils.CreateTracer("IdentityManager", identitymanager.IdentityManagerFlags.Tracer) - if err != nil { - log.Fatalf("Error creating a tracer: %+v", err) - } - defer tracingCloser.Close() - opentracing.SetGlobalTracer(tracer) - - handler := alice.New( - middleware.NewHealthCheckMW("", healthChecker), - middleware.NewTracingMW(tracer), - ).Then(api.Serve(nil)) - - server.SetHandler(handler) - - if err := server.Serve(); err != nil { - log.Fatalln(err) - } -} diff --git a/cmd/image-manager/main.go b/cmd/image-manager/main.go deleted file mode 100644 index 6181bfe15..000000000 --- a/cmd/image-manager/main.go +++ /dev/null @@ -1,151 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// - -package main - -import ( - "os" - "time" - - "github.com/go-openapi/loads" - "github.com/go-openapi/loads/fmts" - "github.com/go-openapi/swag" - "github.com/jessevdk/go-flags" - "github.com/justinas/alice" - "github.com/opentracing/opentracing-go" - log "github.com/sirupsen/logrus" - - "github.com/vmware/dispatch/pkg/config" - "github.com/vmware/dispatch/pkg/entity-store" - "github.com/vmware/dispatch/pkg/image-manager" - "github.com/vmware/dispatch/pkg/image-manager/gen/restapi" - "github.com/vmware/dispatch/pkg/image-manager/gen/restapi/operations" - "github.com/vmware/dispatch/pkg/middleware" - "github.com/vmware/dispatch/pkg/utils" -) - -func init() { - loads.AddLoader(fmts.YAMLMatcher, fmts.YAMLDoc) -} - -var debugFlags = struct { - DebugEnabled bool `long:"debug" description:"Enable debugging messages"` -}{} - -func configureFlags() []swag.CommandLineOptionsGroup { - return []swag.CommandLineOptionsGroup{ - swag.CommandLineOptionsGroup{ - ShortDescription: "Image Manager Flags", - LongDescription: "", - Options: &imagemanager.ImageManagerFlags, - }, - swag.CommandLineOptionsGroup{ - ShortDescription: "Debug options", - LongDescription: "", - Options: &debugFlags, - }, - } -} - -func main() { - - swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "2.0") - if err != nil { - log.Fatalln(err) - } - - api := operations.NewImageManagerAPI(swaggerSpec) - server := restapi.NewServer(api) - defer server.Shutdown() - - parser := flags.NewParser(server, flags.Default) - parser.ShortDescription = "Image Manager" - parser.LongDescription = "This is the API server for the Dispatch Image Manager service.\n" - - optsGroups := configureFlags() - for _, optsGroup := range optsGroups { - _, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options) - if err != nil { - log.Fatalln(err) - } - } - - if _, err := parser.Parse(); err != nil { - code := 1 - if fe, ok := err.(*flags.Error); ok { - if fe.Type == flags.ErrHelp { - code = 0 - } - } - os.Exit(code) - } - - if debugFlags.DebugEnabled { - log.SetLevel(log.DebugLevel) - } - - config.Global = config.LoadConfiguration(imagemanager.ImageManagerFlags.Config) - - es, err := entitystore.NewFromBackend( - entitystore.BackendConfig{ - Backend: imagemanager.ImageManagerFlags.DbBackend, - Address: imagemanager.ImageManagerFlags.DbFile, - Bucket: imagemanager.ImageManagerFlags.DbDatabase, - Username: imagemanager.ImageManagerFlags.DbUser, - Password: imagemanager.ImageManagerFlags.DbPassword, - }) - if err != nil { - log.Fatalln(err) - } - - c := &imagemanager.ControllerConfig{ - ResyncPeriod: time.Duration(imagemanager.ImageManagerFlags.ResyncPeriod) * time.Second, - } - - registryAuth := config.Global.Registry.RegistryAuth - if config.Global.Registry.RegistryAuth == "" { - registryAuth = config.EmptyRegistryAuth - } - - ib, err := imagemanager.NewImageBuilder(es, config.Global.Registry.RegistryURI, registryAuth) - if err != nil { - log.Fatalln(err) - } - bib, err := imagemanager.NewBaseImageBuilder(es) - if err != nil { - log.Fatalln(err) - } - - controller := imagemanager.NewController(c, es, bib, ib) - defer controller.Shutdown() - controller.Start() - - handlers := imagemanager.NewHandlers(ib, bib, controller.Watcher(), es) - handlers.ConfigureHandlers(api) - - healthChecker := func() error { - // TODO: implement service-specific healthchecking - return nil - } - - tracer, tracingCloser, err := utils.CreateTracer("ImageManager", imagemanager.ImageManagerFlags.Tracer) - if err != nil { - log.Fatalf("Error creating a tracer: %+v", err) - } - defer tracingCloser.Close() - opentracing.SetGlobalTracer(tracer) - - handler := alice.New( - middleware.NewHealthCheckMW("", healthChecker), - middleware.NewTracingMW(tracer), - ).Then(api.Serve(nil)) - - server.SetHandler(handler) - - defer server.Shutdown() - if err := server.Serve(); err != nil { - log.Fatalln(err) - } -} diff --git a/cmd/secret-store/main.go b/cmd/secret-store/main.go deleted file mode 100644 index d28195e56..000000000 --- a/cmd/secret-store/main.go +++ /dev/null @@ -1,149 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// - -package main - -import ( - "os" - - "k8s.io/client-go/kubernetes" - "k8s.io/client-go/rest" - "k8s.io/client-go/tools/clientcmd" - - "github.com/go-openapi/loads" - "github.com/go-openapi/loads/fmts" - "github.com/go-openapi/swag" - "github.com/jessevdk/go-flags" - "github.com/justinas/alice" - "github.com/opentracing/opentracing-go" - log "github.com/sirupsen/logrus" - - "github.com/vmware/dispatch/pkg/entity-store" - "github.com/vmware/dispatch/pkg/middleware" - "github.com/vmware/dispatch/pkg/secret-store/gen/restapi" - "github.com/vmware/dispatch/pkg/secret-store/gen/restapi/operations" - "github.com/vmware/dispatch/pkg/secret-store/service" - "github.com/vmware/dispatch/pkg/secret-store/web" - "github.com/vmware/dispatch/pkg/utils" -) - -func init() { - loads.AddLoader(fmts.YAMLMatcher, fmts.YAMLDoc) -} - -var debugFlags = struct { - DebugEnabled bool `long:"debug" description:"Enable debugging messages"` -}{} - -func configureFlags() []swag.CommandLineOptionsGroup { - return []swag.CommandLineOptionsGroup{ - swag.CommandLineOptionsGroup{ - ShortDescription: "Secret Store Flags", - LongDescription: "", - Options: &web.SecretStoreFlags, - }, - swag.CommandLineOptionsGroup{ - ShortDescription: "Debug options", - LongDescription: "", - Options: &debugFlags, - }, - } -} - -func main() { - - swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "") - if err != nil { - log.Fatalln(err) - } - - api := operations.NewSecretStoreAPI(swaggerSpec) - server := restapi.NewServer(api) - defer server.Shutdown() - - parser := flags.NewParser(server, flags.Default) - parser.ShortDescription = "Secret Store" - parser.LongDescription = "An API for managing secrets for Dispatch." - - optsGroups := configureFlags() - for _, optsGroup := range optsGroups { - _, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options) - if err != nil { - log.Fatalln(err) - } - } - - if debugFlags.DebugEnabled { - log.SetLevel(log.DebugLevel) - } - - if _, err := parser.Parse(); err != nil { - code := 1 - if fe, ok := err.(*flags.Error); ok { - if fe.Type == flags.ErrHelp { - code = 0 - } - } - os.Exit(code) - } - - entityStore, err := entitystore.NewFromBackend( - entitystore.BackendConfig{ - Backend: web.SecretStoreFlags.DbBackend, - Address: web.SecretStoreFlags.DbFile, - Bucket: web.SecretStoreFlags.DbDatabase, - Username: web.SecretStoreFlags.DbUser, - Password: web.SecretStoreFlags.DbPassword, - }) - if err != nil { - log.Fatalln(err) - } - - var config *rest.Config - if web.SecretStoreFlags.K8sConfig == "" { - // creates the in-cluster config - config, err = rest.InClusterConfig() - } else { - config, err = clientcmd.BuildConfigFromFlags("", web.SecretStoreFlags.K8sConfig) - } - if err != nil { - log.Fatalf("Error getting kubernetes config: %+v", err) - } - // creates the clientset - clientset, err := kubernetes.NewForConfig(config) - if err != nil { - log.Fatalf("Error creating Kubernetes client: %+v", err) - } - - handlers := web.NewHandlers(&service.K8sSecretsService{ - EntityStore: entityStore, - SecretsAPI: clientset.CoreV1().Secrets(web.SecretStoreFlags.K8sNamespace), - }) - - web.ConfigureHandlers(api, handlers) - - healthChecker := func() error { - // TODO: implement service-specific healthchecking - return nil - } - - tracer, tracingCloser, err := utils.CreateTracer("SecretStore", web.SecretStoreFlags.Tracer) - if err != nil { - log.Fatalf("Error creating a tracer: %+v", err) - } - defer tracingCloser.Close() - opentracing.SetGlobalTracer(tracer) - - handler := alice.New( - middleware.NewHealthCheckMW("", healthChecker), - middleware.NewTracingMW(tracer), - ).Then(api.Serve(nil)) - - server.SetHandler(handler) - - if err := server.Serve(); err != nil { - log.Fatalln(err) - } -} diff --git a/cmd/service-manager/main.go b/cmd/service-manager/main.go deleted file mode 100644 index 481392a73..000000000 --- a/cmd/service-manager/main.go +++ /dev/null @@ -1,157 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// - -package main - -import ( - "os" - "time" - - "github.com/go-openapi/loads" - "github.com/go-openapi/loads/fmts" - "github.com/go-openapi/swag" - "github.com/jessevdk/go-flags" - "github.com/justinas/alice" - "github.com/opentracing/opentracing-go" - log "github.com/sirupsen/logrus" - "github.com/vmware/dispatch/pkg/utils" - - "github.com/vmware/dispatch/pkg/config" - "github.com/vmware/dispatch/pkg/entity-store" - "github.com/vmware/dispatch/pkg/middleware" - "github.com/vmware/dispatch/pkg/service-manager" - "github.com/vmware/dispatch/pkg/service-manager/clients" - servicemanagerflags "github.com/vmware/dispatch/pkg/service-manager/flags" - "github.com/vmware/dispatch/pkg/service-manager/gen/restapi" - "github.com/vmware/dispatch/pkg/service-manager/gen/restapi/operations" -) - -func init() { - loads.AddLoader(fmts.YAMLMatcher, fmts.YAMLDoc) -} - -var debugFlags = struct { - DebugEnabled bool `long:"debug" description:"Enable debugging messages"` -}{} - -func configureFlags() []swag.CommandLineOptionsGroup { - return []swag.CommandLineOptionsGroup{ - { - ShortDescription: "Service manager Flags", - LongDescription: "", - Options: &servicemanagerflags.ServiceManagerFlags, - }, - { - ShortDescription: "Debug options", - LongDescription: "", - Options: &debugFlags, - }, - } -} - -func main() { - swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "2.0") - if err != nil { - log.Fatalln(err) - } - - api := operations.NewServiceManagerAPI(swaggerSpec) - server := restapi.NewServer(api) - - parser := flags.NewParser(server, flags.Default) - parser.ShortDescription = "Service Manager" - parser.LongDescription = "This is the API server for the Dispatch Service Manager service.\n" - - optsGroups := configureFlags() - for _, optsGroup := range optsGroups { - _, err := parser.AddGroup(optsGroup.ShortDescription, optsGroup.LongDescription, optsGroup.Options) - if err != nil { - log.Fatalln(err) - } - } - - if _, err := parser.Parse(); err != nil { - code := 1 - if fe, ok := err.(*flags.Error); ok { - if fe.Type == flags.ErrHelp { - code = 0 - } - } - os.Exit(code) - } - - if debugFlags.DebugEnabled { - log.SetLevel(log.DebugLevel) - } - - config.Global = config.LoadConfiguration(servicemanagerflags.ServiceManagerFlags.Config) - - store, err := entitystore.NewFromBackend( - entitystore.BackendConfig{ - Backend: servicemanagerflags.ServiceManagerFlags.DbBackend, - Address: servicemanagerflags.ServiceManagerFlags.DbFile, - Bucket: servicemanagerflags.ServiceManagerFlags.DbDatabase, - Username: servicemanagerflags.ServiceManagerFlags.DbUser, - Password: servicemanagerflags.ServiceManagerFlags.DbPassword, - }) - if err != nil { - log.Fatalln(err) - } - - k8sClient, err := clients.NewK8sBrokerClient( - clients.K8sBrokerConfigOpts{ - K8sConfig: servicemanagerflags.ServiceManagerFlags.K8sConfig, - CatalogNamespace: config.Global.Service.K8sServiceCatalog.CatalogNamespace, - SecretStoreURL: servicemanagerflags.ServiceManagerFlags.SecretStore, - }, - ) - if err != nil { - log.Fatalf("Error creating k8sClient: %v", err) - } - // service controller - serviceController := servicemanager.NewController( - &servicemanager.ControllerConfig{ - ResyncPeriod: time.Second * time.Duration(servicemanagerflags.ServiceManagerFlags.ResyncPeriod), - }, - store, - k8sClient, - ) - - defer serviceController.Shutdown() - serviceController.Start() - - // handler - handlers := &servicemanager.Handlers{ - Store: store, - Watcher: serviceController.Watcher(), - } - - handlers.ConfigureHandlers(api) - - healthChecker := func() error { - // TODO: implement service-specific healthchecking - return nil - } - - tracer, tracingCloser, err := utils.CreateTracer("ServiceManager", servicemanagerflags.ServiceManagerFlags.Tracer) - if err != nil { - log.Fatalf("Error creating a tracer: %+v", err) - } - defer tracingCloser.Close() - opentracing.SetGlobalTracer(tracer) - - handler := alice.New( - middleware.NewHealthCheckMW("", healthChecker), - middleware.NewTracingMW(tracer), - ).Then(api.Serve(nil)) - - server.SetHandler(handler) - - defer server.Shutdown() - if err := server.Serve(); err != nil { - log.Fatalln(err) - } - -} diff --git a/images/api-manager/Dockerfile b/images/api-manager/Dockerfile deleted file mode 100644 index 10ee1e7ae..000000000 --- a/images/api-manager/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM vmware/photon:2.0 - -ADD bin/api-manager-linux /api-manager -RUN chmod +x /api-manager - -VOLUME ["/data/api-manager"] - -ENTRYPOINT ["/api-manager"] -CMD ["--host=0.0.0.0", "--port=8080"] diff --git a/images/application-manager/Dockerfile b/images/application-manager/Dockerfile deleted file mode 100644 index ef4c6c758..000000000 --- a/images/application-manager/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM vmware/photon:2.0 - -ADD bin/application-manager-linux /application-manager -RUN chmod +x /application-manager - -VOLUME ["/data/application-manager"] - -ENTRYPOINT ["/application-manager"] -CMD ["--host=0.0.0.0", "--port=8080"] diff --git a/images/dispatch-server/Dockerfile b/images/dispatch-server/Dockerfile new file mode 100644 index 000000000..9171d0091 --- /dev/null +++ b/images/dispatch-server/Dockerfile @@ -0,0 +1,7 @@ +FROM vmware/photon:2.0 + +ADD bin/dispatch-server-linux /dispatch-server +RUN chmod +x /dispatch-server + +ENTRYPOINT ["/dispatch-server"] +CMD ["local", "--host=0.0.0.0"] diff --git a/images/event-manager/Dockerfile b/images/event-manager/Dockerfile deleted file mode 100644 index c1287aa16..000000000 --- a/images/event-manager/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM vmware/photon:2.0 - -ADD bin/event-manager-linux /event-manager -RUN chmod +x /event-manager - -VOLUME ["/data/event-manager"] - -ENTRYPOINT ["/event-manager"] -CMD ["--db-file=/data/event-manager/db.bolt", "--host=0.0.0.0", "--port=8000"] \ No newline at end of file diff --git a/images/function-manager/Dockerfile b/images/function-manager/Dockerfile deleted file mode 100644 index 5dafe483f..000000000 --- a/images/function-manager/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM vmware/photon:2.0 - -COPY bin/function-manager-linux /function-manager -RUN chmod +x /function-manager - -VOLUME ["/data/function-manager"] - -ENTRYPOINT ["/function-manager"] -CMD ["--db-file=/data/function-manager/db.bolt", "--host=0.0.0.0", "--port=8000"] \ No newline at end of file diff --git a/images/identity-manager/Dockerfile b/images/identity-manager/Dockerfile deleted file mode 100644 index 7ad7b6669..000000000 --- a/images/identity-manager/Dockerfile +++ /dev/null @@ -1,10 +0,0 @@ -FROM vmware/photon:2.0 - -ADD bin/identity-manager-linux /identity-manager -RUN chmod +x /identity-manager - -VOLUME ["/data/identity-manager"] - -ENTRYPOINT ["/identity-manager"] -CMD ["--config=/data/config/serverless.json", "--static-users=/data/config/user.dev.json", \ -"--db-file=/data/identity-manager/db.bolt", "--host=0.0.0.0", "--port=8080"] diff --git a/images/image-manager/Dockerfile b/images/image-manager/Dockerfile deleted file mode 100644 index 8fe9369cc..000000000 --- a/images/image-manager/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM vmware/photon:2.0 - -ADD bin/image-manager-linux /image-manager -RUN chmod +x /image-manager - -VOLUME ["/data/image-manager"] - -ENTRYPOINT ["/image-manager"] -CMD ["--db-file=/data/image-manager/db.bolt", "--host=0.0.0.0", "--port=8000"] \ No newline at end of file diff --git a/images/secret-store/Dockerfile b/images/secret-store/Dockerfile deleted file mode 100644 index 0ab1c1ac7..000000000 --- a/images/secret-store/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM vmware/photon:2.0 - -ADD bin/secret-store-linux /secret-store -RUN chmod +x /secret-store - -VOLUME ["/data/secret-store"] - -ENTRYPOINT ["/secret-store"] -CMD ["--host=0.0.0.0", "--port=8080"] diff --git a/images/service-manager/Dockerfile b/images/service-manager/Dockerfile deleted file mode 100644 index b9e898485..000000000 --- a/images/service-manager/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM vmware/photon:2.0 - -ADD bin/service-manager-linux /service-manager -RUN chmod +x /service-manager - -VOLUME ["/data/service-manager"] - -ENTRYPOINT ["/service-manager"] -CMD ["--db-file=/data/service-manager/db.bolt", "--host=0.0.0.0", "--port=8000"] \ No newline at end of file diff --git a/pkg/api-manager/handlers.go b/pkg/api-manager/handlers.go index 2e2091580..7ed07fbe0 100644 --- a/pkg/api-manager/handlers.go +++ b/pkg/api-manager/handlers.go @@ -26,21 +26,6 @@ import ( "github.com/vmware/dispatch/pkg/utils" ) -// APIManagerFlags are configuration flags for the function manager -var APIManagerFlags = struct { - Config string `long:"config" description:"Path to Config file" default:"./config.dev.json"` - DbFile string `long:"db-file" description:"Backend DB URL/Path" default:"./db.bolt"` - DbBackend string `long:"db-backend" description:"Backend DB Name" default:"boltdb"` - DbUser string `long:"db-username" description:"Backend DB Username" default:"dispatch"` - DbPassword string `long:"db-password" description:"Backend DB Password" default:"dispatch"` - DbDatabase string `long:"db-database" description:"Backend DB Name" default:"dispatch"` - GatewayHost string `long:"gateway-host" description:"API Gateway server host" default:"gateway-kong"` - Gateway string `long:"gateway" description:"API Gateway Implementation" default:"kong"` - FunctionManager string `long:"function-manager" description:"Function Manager Host" default:"function-manager"` - ResyncPeriod int `long:"resync-period" description:"The time period (in seconds) to sync with api gateway" default:"10"` - Tracer string `long:"tracer" description:"Open Tracing Tracer endpoint" default:""` -}{} - // Handlers define a set of handlers for API Manager type Handlers struct { Store entitystore.EntityStore diff --git a/pkg/config/config.go b/pkg/config/config.go deleted file mode 100644 index b48270ee6..000000000 --- a/pkg/config/config.go +++ /dev/null @@ -1,133 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// - -package config - -// NO TESTS - -import ( - "encoding/json" - "io" - "log" - "os" -) - -// Global contains global configuration variables -var Global Config - -// EmptyRegistryAuth == echo -n '{"username":"","password":"","email":""}' | base64 -var EmptyRegistryAuth = "eyJ1c2VybmFtZSI6IiIsInBhc3N3b3JkIjoiIiwiZW1haWwiOiIifQ==" - -// Identity defines the identity manager specific config -type Identity struct { - OIDCProvider string `json:"oidcProvider"` - ClientID string `json:"clientId"` - ClientSecret string `json:"clientSecret"` - RedirectURL string `json:"redirectUrl"` - Scopes []string `json:"scopes"` -} - -// Openwhisk defines the OpenWhisk faas specific config -type Openwhisk struct { - AuthToken string `json:"authToken"` - Host string `json:"host"` -} - -// FunctionResources Memory and CPU -type FunctionResources struct { - Memory string `json:"memory"` - CPU string `json:"cpu"` -} - -// OpenFaas defines the OpenFaaS faas specific config -type OpenFaas struct { - Gateway string `json:"gateway"` - K8sConfig string `json:"k8sConfig"` - FuncNamespace string `json:"funcNamespace"` - ImagePullSecret string `json:"imagePullSecret"` - FuncDefaultLimits *FunctionResources `json:"funcDefaultLimits"` - FuncDefaultRequests *FunctionResources `json:"funcDefaultRequests"` -} - -// Riff defines the Riff faas specific config -type Riff struct { - KafkaBrokers []string `json:"kafkaBrokers"` - K8sConfig string `json:"k8sConfig"` - FuncNamespace string `json:"funcNamespace"` - FuncDefaultLimits *FunctionResources `json:"funcDefaultLimits"` - FuncDefaultRequests *FunctionResources `json:"funcDefaultRequests"` -} - -// Kubeless defines the Kubeless faas specific config -type Kubeless struct { - K8sConfig string `json:"k8sConfig"` - FuncNamespace string `json:"funcNamespace"` - ImagePullSecret string `json:"imagePullSecret"` -} - -// Function defines the function manager specific config -type Function struct { - Openwhisk `json:"openwhisk"` - OpenFaas `json:"openFaas"` - Kubeless `json:"kubeless"` - Riff `json:"riff"` - Faas string `json:"faas"` - ResyncPeriod int `json:"resyncPeriod"` - FileImageManager string `json:"fileImageManager"` -} - -// K8sServiceCatalog defines the kubernetes service catalog specific config -type K8sServiceCatalog struct { - CatalogNamespace string `json:"catalogNamespace"` -} - -// Service defines the service manager specific config -type Service struct { - K8sServiceCatalog `json:"k8sServiceCatalog"` - Catalog string `json:"catalog"` -} - -// Registry defines the image registry specific config -type Registry struct { - RegistryURI string `json:"uri"` - RegistryAuth string `json:"auth"` -} - -// Config defines global configurations used in Dispatch -type Config struct { - Identity `json:"identity"` - Function `json:"function"` - Registry `json:"registry"` - Service `json:"service"` - OrganizationID string `json:"organizationID"` -} - -var defaultConfig = Config{ - Function: Function{ - Faas: "openfaas", - ResyncPeriod: 10, - }, - OrganizationID: "dispatch", -} - -// LoadConfiguration loads configurations from a local json file -func LoadConfiguration(file string) Config { - configFile, err := os.Open(file) - if err != nil { - log.Fatal(err) - } - defer configFile.Close() - config, err := loadConfig(configFile) - if err != nil { - log.Fatal(err) - } - return config -} - -func loadConfig(reader io.Reader) (Config, error) { - jsonParser := json.NewDecoder(reader) - err := jsonParser.Decode(&defaultConfig) - return defaultConfig, err -} diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go deleted file mode 100644 index b4f2bdfea..000000000 --- a/pkg/config/config_test.go +++ /dev/null @@ -1,40 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// -package config - -import ( - "strings" - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -func Test_loadConfig(t *testing.T) { - conf := `{ - "function": { - "openwhisk": { - "authToken": "", - "host": "10.0.10.3" - }, - "openfaas": { - "gateway": "http://gateway.openfaas:8080/" - }, - "riff": { - "kafkaBrokers": ["transport-kafka.riff-system:9092"], - "funcNamespace": "default" - } - }, - "registry": { - "uri": "some-docker-user", - "auth": "" - } -}` - config, err := loadConfig(strings.NewReader(conf)) - require.NoError(t, err) - assert.Equal(t, "some-docker-user", config.Registry.RegistryURI) - assert.Equal(t, []string{"transport-kafka.riff-system:9092"}, config.Function.Riff.KafkaBrokers) - assert.Equal(t, "default", config.Function.Riff.FuncNamespace) -} diff --git a/pkg/dispatchcli/cmd/install.go b/pkg/dispatchcli/cmd/install.go index bf89d4657..abefd6135 100644 --- a/pkg/dispatchcli/cmd/install.go +++ b/pkg/dispatchcli/cmd/install.go @@ -1084,7 +1084,6 @@ func runInstall(out, errOut io.Writer, cmd *cobra.Command, args []string) error dockerAuthEncoded := base64.StdEncoding.EncodeToString(dockerAuthJSON) apiGatewayURL := fmt.Sprintf("http://%s-kongadmin.%s:8001", config.APIGateway.Chart.Release, config.APIGateway.Chart.Namespace) openfaasGatewayURL := fmt.Sprintf("http://gateway.%s:8080/", config.OpenFaas.Chart.Namespace) - riffGatewayURL := fmt.Sprintf("http://%s-riff-http-gateway.%s/", config.Riff.Chart.Release, config.Riff.Chart.Namespace) rabbitMQHost := fmt.Sprintf("%s.%s", config.RabbitMQ.Chart.Release, config.RabbitMQ.Chart.Namespace) if config.RabbitMQ.Host != "" { rabbitMQHost = config.RabbitMQ.Host @@ -1126,10 +1125,9 @@ func runInstall(out, errOut io.Writer, cmd *cobra.Command, args []string) error "global.tracer.endpoint": jaegerAgent, "api-manager.gateway.host": apiGatewayURL, "function-manager.faas.selected": config.DispatchConfig.Faas, + "function-manager.faas.imagePullSecret": config.DispatchConfig.ImagePullSecret, "function-manager.faas.openfaas.gateway": openfaasGatewayURL, "function-manager.faas.openfaas.namespace": config.OpenFaas.Chart.Namespace, - "function-manager.faas.openfaas.imagePullSecret": config.DispatchConfig.ImagePullSecret, - "function-manager.faas.riff.gateway": riffGatewayURL, "function-manager.faas.riff.namespace": config.Riff.Chart.Namespace, "event-manager.transport": config.DispatchConfig.EventTransport, "service-manager.catalog.selected": config.DispatchConfig.Service.Catalog, diff --git a/pkg/dispatchserver/apis.go b/pkg/dispatchserver/apis.go index 4e7c194df..21b4f4421 100644 --- a/pkg/dispatchserver/apis.go +++ b/pkg/dispatchserver/apis.go @@ -21,26 +21,38 @@ import ( "github.com/vmware/dispatch/pkg/entity-store" ) +type apisConfig struct { + // API Manager config option + GatewayHost string `mapstructure:"gateway-host" json:"gateway-host,omitempty"` +} + // NewCmdAPIs creates a subcommand to run api manager func NewCmdAPIs(out io.Writer, config *serverConfig) *cobra.Command { cmd := &cobra.Command{ - Use: "apis", - Short: i18n.T("Run Dispatch API Manager"), - Args: cobra.NoArgs, + Use: "api-manager", + Short: i18n.T("Run Dispatch API Manager"), + Args: cobra.NoArgs, + PreRun: bindLocalFlags(&config.APIs), Run: func(cmd *cobra.Command, args []string) { runAPIs(config) }, } cmd.SetOutput(out) + + cmd.Flags().String("gateway-host", "gateway-kong", "Admin Endpoint for API Gateway backend.") + return cmd } func runAPIs(config *serverConfig) { store := entityStore(config) - gw, err := kong.NewClient(nil) + gw, err := kong.NewClient(&kong.Config{ + Host: config.APIs.GatewayHost, + Upstream: config.FunctionManager, + }) if err != nil { - log.Fatalf("Error creating Kong client: %v", err) + log.Fatalf("Error creating an api gateway client: %v", err) } apisHandler, shutdown := initAPIs(config, store, gw) diff --git a/pkg/dispatchserver/config.go b/pkg/dispatchserver/config.go index 37c9b5dfc..4c92e410a 100644 --- a/pkg/dispatchserver/config.go +++ b/pkg/dispatchserver/config.go @@ -16,21 +16,21 @@ const emptyRegistryAuth = "eyJ1c2VybmFtZSI6IiIsInBhc3N3b3JkIjoiIiwiZW1haWwiOiIif type serverConfig struct { // TODO: Refactor into Database connection string - DatabaseBackend string `mapstructure:"database-backend" json:"database-backend"` - DatabaseAddress string `mapstructure:"database-address" json:"database-address"` - DatabaseBucket string `mapstructure:"database-bucket" json:"database-bucket"` - DatabaseUsername string `mapstructure:"database-username" json:"database-username"` - DatabasePassword string `mapstructure:"database-password" json:"database-password"` + DatabaseBackend string `mapstructure:"db-backend" json:"db-backend"` + DatabaseAddress string `mapstructure:"db-file" json:"db-file"` + DatabaseBucket string `mapstructure:"db-database" json:"db-database"` + DatabaseUsername string `mapstructure:"db-username" json:"db-username"` + DatabasePassword string `mapstructure:"db-password" json:"db-password"` - ResyncPeriod time.Duration `mapstructure:"resync-period" json:"resync-period"` - RegistryAuth string `mapstructure:"registry-auth" json:"registry-auth"` - ImageRegistry string `mapstructure:"image-registry" json:"image-registry"` - PushImages bool `mapstructure:"push-images" json:"push-images"` + ResyncPeriod time.Duration `mapstructure:"resync-period" json:"resync-period"` + RegistryAuth string `mapstructure:"registry-auth" json:"registry-auth"` + ImageRegistry string `mapstructure:"image-registry" json:"image-registry"` + DisableRegistry bool `mapstructure:"disable-registry" json:"disable-registry"` ImageManager string `mapstructure:"image-manager" json:"image-manager"` FunctionManager string `mapstructure:"function-manager" json:"function-manager"` ServiceManager string `mapstructure:"service-manager" json:"service-manager"` - SecretsStore string `mapstructure:"secrets-store" json:"secrets-store"` + SecretsStore string `mapstructure:"secret-store" json:"secret-store"` Host string `mapstructure:"host" json:"host"` Port int `mapstructure:"port" json:"port"` @@ -43,7 +43,25 @@ type serverConfig struct { Tracer string `mapstructure:"tracer" json:"tracer"` Debug bool `mapstructure:"debug" json:"debug"` - Local localServer `mapstructure:"local" json:"local"` + // Local server config options + Local localConfig `mapstructure:"local" json:"local"` + + APIs apisConfig `mapstructure:"apis" json:"apis"` + + // Secret Store cofnig options + Secrets secretsConfig `mapstructure:"secrets" json:"secrets"` + + // Event Manager config options + Events eventsConfig `mapstructure:"events" json:"events"` + + // Function Manager config options + Functions functionsConfig `mapstructure:"functions" json:"functions"` + + // Identity Manager config options + Identity identityConfig `mapstructure:"identity" json:"identity"` + + // Service Manager config options + Services servicesConfig `mapstructure:"services" json:"services"` } var defaultConfig = &serverConfig{} @@ -51,21 +69,21 @@ var defaultConfig = &serverConfig{} func configGlobalFlags(flags *pflag.FlagSet) { flags.StringVar(&dispatchConfigPath, "config", "", "config file to use") - flags.String("database-address", "./dispatch.db", "Database address, or database file path") - flags.String("database-backend", "boltdb", "Database type to use") - flags.String("database-bucket", "dispatch", "Database bucket or schema") - flags.String("database-username", "dispatch", "Database username") - flags.String("database-password", "dispatch", "Database password") + flags.String("db-file", "./dispatch.db", "Database address, or database file path") + flags.String("db-backend", "boltdb", "Database type to use") + flags.String("db-database", "dispatch", "Database bucket or schema") + flags.String("db-username", "dispatch", "Database username") + flags.String("db-password", "dispatch", "Database password") flags.Duration("resync-period", 20*time.Second, "How often services should sync their state") flags.String("registry-auth", emptyRegistryAuth, "base64-encoded docker registry credentials") flags.String("image-registry", "dispatch", "Image registry host or docker hub org/username") - flags.Bool("push-images", false, "Push/pull images to/from image registry") + flags.Bool("disable-registry", false, "Do not use image registry (do not push/pull images)") flags.String("image-manager", "", "URL to Image Manager") flags.String("function-manager", "", "URL to Function Manager") flags.String("service-manager", "", "URL to Service Manager") - flags.String("secrets-store", "", "URL to Secrets Store") + flags.String("secret-store", "", "URL to Secrets Store") flags.String("host", "127.0.0.1", "Host/IP to listen on") flags.Int("port", 8080, "HTTP port to listen on") diff --git a/pkg/dispatchserver/events.go b/pkg/dispatchserver/events.go index d330625a5..cfc03927b 100644 --- a/pkg/dispatchserver/events.go +++ b/pkg/dispatchserver/events.go @@ -13,27 +13,48 @@ import ( log "github.com/sirupsen/logrus" "github.com/spf13/cobra" "github.com/vmware/dispatch/pkg/client" + "github.com/vmware/dispatch/pkg/events" + "github.com/vmware/dispatch/pkg/events/transport" "github.com/vmware/dispatch/pkg/dispatchcli/i18n" "github.com/vmware/dispatch/pkg/entity-store" "github.com/vmware/dispatch/pkg/event-manager" + "github.com/vmware/dispatch/pkg/event-manager/drivers" "github.com/vmware/dispatch/pkg/event-manager/gen/restapi" "github.com/vmware/dispatch/pkg/event-manager/gen/restapi/operations" "github.com/vmware/dispatch/pkg/event-manager/subscriptions" - "github.com/vmware/dispatch/pkg/events/transport" ) +type eventsConfig struct { + Transport string `mapstructure:"transport" json:"transport,omitempty"` + KafkaBrokers []string `mapstructure:"kafka-brokers" json:"kafka-brokers,omitempty"` + RabbitMQURL string `mapstructure:"rabbitmq-url" json:"rabbitmq-url,omitempty"` + EventSidecarImage string `mapstructure:"event-sidecar-image" json:"event-sidecar-image,omitempty"` + K8sConfig string `mapstructure:"kubeconfig" json:"kubeconfig,omitempty"` + K8sNamespace string `mapstructure:"namespace" json:"namespace,omitempty"` + IngressHost string `mapstructure:"ingress-host" json:"ingress-host,omitempty"` +} + // NewCmdEvents creates a subcommand to run event manager func NewCmdEvents(out io.Writer, config *serverConfig) *cobra.Command { cmd := &cobra.Command{ - Use: "events", - Short: i18n.T("Run Dispatch Event Manager"), - Args: cobra.NoArgs, + Use: "event-manager", + Short: i18n.T("Run Dispatch Event Manager"), + Args: cobra.NoArgs, + PreRun: bindLocalFlags(&config.Events), Run: func(cmd *cobra.Command, args []string) { runEvents(config) }, } cmd.SetOutput(out) + + cmd.Flags().String("transport", "kafka", "Event transport to use") + cmd.Flags().StringSlice("kafka-brokers", []string{"localhost:9092"}, "host:port of Kafka broker(s)") + cmd.Flags().String("rabbitmq-url", "amqp://guest:guest@localhost:5672/", "URL to RabbitMQ broker") + cmd.Flags().String("event-sidecar-image", "", "Event sidecar image") + cmd.Flags().String("kubeconfig", "", "Path to kubernetes config file") + cmd.Flags().String("namespace", "default", "Kubernetes namespace") + cmd.Flags().String("ingress-host", "", "Dispatch ingress hostname") return cmd } @@ -41,7 +62,50 @@ func runEvents(config *serverConfig) { store := entityStore(config) functions := functionsClient(config) secrets := secretsClient(config) - eventsHandler, shutdown := initEvents(config, store, functions, secrets) + + var tr events.Transport + var err error + switch config.Events.Transport { + case "kafka": + tr, err = transport.NewKafka(config.Events.KafkaBrokers) + if err != nil { + log.Fatalf("Error creating Kafka event transport: %+v", err) + } + case "rabbitmq": + tr, err = transport.NewRabbitMQ(config.Events.RabbitMQURL) + if err != nil { + log.Fatalf("Error creating RabbitMQ event transport: %+v", err) + } + default: + log.Fatalf("Transport %s is not supported. pick one of [kafka,rabbitmq]", config.Events.Transport) + } + + driverBackend, err := drivers.NewK8sBackend( + secrets, + drivers.ConfigOpts{ + SidecarImage: config.Events.EventSidecarImage, + TransportType: config.Events.Transport, + KafkaBrokers: config.Events.KafkaBrokers, + RabbitMQURL: config.Events.RabbitMQURL, + Tracer: config.Tracer, + K8sConfig: config.Events.K8sConfig, + DriverNamespace: config.Events.K8sNamespace, + Host: config.Events.IngressHost, + }, + ) + if err != nil { + log.Fatalf("Error creating k8sBackend: %v", err) + } + + eventsDeps := eventsDependencies{ + store: store, + transport: tr, + driversBackend: driverBackend, + functionsClient: functions, + secretsClient: secrets, + } + + eventsHandler, shutdown := initEvents(config, eventsDeps) defer shutdown() handler := addMiddleware(eventsHandler) @@ -53,25 +117,30 @@ func runEvents(config *serverConfig) { } } -func initEvents(config *serverConfig, store entitystore.EntityStore, fnClient client.FunctionsClient, secretsClient client.SecretsClient) (http.Handler, func()) { +type eventsDependencies struct { + store entitystore.EntityStore + transport events.Transport + driversBackend drivers.Backend + functionsClient client.FunctionsClient + secretsClient client.SecretsClient +} + +func initEvents(config *serverConfig, deps eventsDependencies) (http.Handler, func()) { swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "2.0") if err != nil { log.Fatalln(err) } api := operations.NewEventManagerAPI(swaggerSpec) - eventTransport := transport.NewInMemory() - - subManager, err := subscriptions.NewManager(eventTransport, fnClient) + subManager, err := subscriptions.NewManager(deps.transport, deps.functionsClient) if err != nil { log.Fatalf("Error creating Event Subscription Manager: %v", err) } // event controller eventController := eventmanager.NewEventController( subManager, - // TODO: add backend for event drivers in docker - nil, - store, + deps.driversBackend, + deps.store, eventmanager.EventControllerConfig{ ResyncPeriod: config.ResyncPeriod, }, @@ -80,16 +149,16 @@ func initEvents(config *serverConfig, store entitystore.EntityStore, fnClient cl eventController.Start() // handler handlers := &eventmanager.Handlers{ - Store: store, - Transport: eventTransport, + Store: deps.store, + Transport: deps.transport, Watcher: eventController.Watcher(), - SecretsClient: secretsClient, + SecretsClient: deps.secretsClient, } handlers.ConfigureHandlers(api) return api.Serve(nil), func() { eventController.Shutdown() - eventTransport.Close() + deps.transport.Close() } } diff --git a/pkg/dispatchserver/functions.go b/pkg/dispatchserver/functions.go index ff8f7153b..143b793ce 100644 --- a/pkg/dispatchserver/functions.go +++ b/pkg/dispatchserver/functions.go @@ -6,6 +6,7 @@ package dispatchserver import ( + "fmt" "io" "net/http" @@ -22,13 +23,68 @@ import ( "github.com/vmware/dispatch/pkg/function-manager/gen/restapi" "github.com/vmware/dispatch/pkg/function-manager/gen/restapi/operations" "github.com/vmware/dispatch/pkg/functions" - "github.com/vmware/dispatch/pkg/functions/docker" "github.com/vmware/dispatch/pkg/functions/injectors" + "github.com/vmware/dispatch/pkg/functions/kubeless" + "github.com/vmware/dispatch/pkg/functions/noop" + "github.com/vmware/dispatch/pkg/functions/openfaas" + "github.com/vmware/dispatch/pkg/functions/riff" "github.com/vmware/dispatch/pkg/functions/runner" "github.com/vmware/dispatch/pkg/functions/validator" "github.com/vmware/dispatch/pkg/utils" ) +type functionsConfig struct { + FaaS string `mapstructure:"faas" json:"faas,omitempty"` + ImagePullSecret string `mapstructure:"image-pull-secret" json:"image-pull-secret,omitempty"` + K8sConfig string `mapstructure:"kubeconfig" json:"kubeconfig,omitempty"` + FuncDefaultLimits *functions.FunctionResources `mapstructure:"func-default-limits" json:"func-default-limits,omitempty"` + FuncDefaultRequests *functions.FunctionResources `mapstructure:"func-default-requests" json:"func-default-requests,omitempty"` + OpenFaaSNamespace string `mapstructure:"openfaas-namespace" json:"openfaas-namespace,omitempty"` + OpenFaaSGateway string `mapstructure:"openfaas-gateway" json:"openfaas-gateway,omitempty"` + RiffKafkaBrokers []string `mapstructure:"riff-kafka-brokers" json:"riff-kafka-brokers,omitempty"` + RiffNamespace string `mapstructure:"riff-namespace" json:"riff-namespace,omitempty"` + KubelessNamespace string `mapstructure:"kubeless-namespace" json:"kubeless-namespace,omitempty"` + FileImageManager string `mapstructure:"file-image-manager" json:"file-image-manager,omitempty"` +} + +func faasDriver(config functionsConfig) functions.FaaSDriver { + var faas functions.FaaSDriver + var err error + switch config.FaaS { + case "openfaas": + faas, err = openfaas.New(&openfaas.Config{ + Gateway: config.OpenFaaSGateway, + K8sConfig: config.K8sConfig, + FuncNamespace: config.OpenFaaSNamespace, + FuncDefaultRequests: config.FuncDefaultRequests, + FuncDefaultLimits: config.FuncDefaultLimits, + ImagePullSecret: config.ImagePullSecret, + }) + case "riff": + faas, err = riff.New(&riff.Config{ + KafkaBrokers: config.RiffKafkaBrokers, + K8sConfig: config.K8sConfig, + FuncNamespace: config.RiffNamespace, + FuncDefaultRequests: config.FuncDefaultRequests, + FuncDefaultLimits: config.FuncDefaultLimits, + }) + case "kubeless": + faas, err = kubeless.New(&kubeless.Config{ + K8sConfig: config.K8sConfig, + FuncNamespace: config.KubelessNamespace, + ImagePullSecret: config.ImagePullSecret, + }) + case "noop": + faas, err = noop.New(&noop.Config{}) + default: + err = fmt.Errorf("FaaS %s not supported", config.FaaS) + } + if err != nil { + log.Fatalf("Error starting %s driver: %+v", config.FaaS, err) + } + return faas +} + func init() { loads.AddLoader(fmts.YAMLMatcher, fmts.YAMLDoc) } @@ -36,13 +92,25 @@ func init() { // NewCmdFunctions creates a subcommand to create functions manager func NewCmdFunctions(out io.Writer, config *serverConfig) *cobra.Command { cmd := &cobra.Command{ - Use: "functions", - Short: i18n.T("Run Dispatch Functions Manager"), - Args: cobra.NoArgs, + Use: "function-manager", + Short: i18n.T("Run Dispatch Functions Manager"), + Args: cobra.NoArgs, + PreRun: bindLocalFlags(&config.Functions), Run: func(cmd *cobra.Command, args []string) { runFunctions(config) }, } + + cmd.Flags().String("faas", "openfaas", "FaaS backend to use (openfaas|kubeless|riff|noop)") + cmd.Flags().String("image-pull-secret", "", "Base64-encoded docker secrets used when pulling images") + cmd.Flags().String("kubeconfig", "", "Path to kubeconfig") + cmd.Flags().String("openfaas-namespace", "", "Namespace to use when deploying openfaas functions") + cmd.Flags().String("openfaas-gateway", "", "OpenFaas gateway URL") + cmd.Flags().String("riff-namespace", "", "Namespace to use when deploying riff functions") + cmd.Flags().StringSlice("riff-kafka-brokers", []string{}, "Kafka brokers to use when communicating with Riff") + cmd.Flags().String("kubeless-namespace", "", "Namespace to use when deploying Kubeless functions") + cmd.Flags().String("file-image-manager", "", "Path to file image manager, useful for testing") + cmd.SetOutput(out) return cmd } @@ -52,9 +120,23 @@ func runFunctions(config *serverConfig) { docker := dockerClient(config) secrets := secretsClient(config) services := servicesClient(config) - images := imagesClient(config) - fnHandler, shutdown := initFunctions(config, store, docker, images, secrets, services) + var images functionmanager.ImageGetter + images = imagesClient(config) + if config.Functions.FileImageManager != "" { + images = functionmanager.FileImageManagerClient(config.Functions.FileImageManager) + } + + functionsDeps := functionsDependencies{ + store: store, + faas: faasDriver(config.Functions), + dockerclient: docker, + imagesClient: images, + secretsClient: secrets, + servicesClient: services, + } + + fnHandler, shutdown := initFunctions(config, functionsDeps) defer shutdown() handler := addMiddleware(fnHandler) @@ -66,9 +148,16 @@ func runFunctions(config *serverConfig) { } } -func initFunctions( - config *serverConfig, store entitystore.EntityStore, dockerclient dockerclient.CommonAPIClient, imagesClient client.ImagesClient, - secretsClient client.SecretsClient, servicesClient client.ServicesClient) (http.Handler, func()) { +type functionsDependencies struct { + store entitystore.EntityStore + faas functions.FaaSDriver + dockerclient dockerclient.CommonAPIClient + imagesClient functionmanager.ImageGetter + secretsClient client.SecretsClient + servicesClient client.ServicesClient +} + +func initFunctions(config *serverConfig, deps functionsDependencies) (http.Handler, func()) { swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "2.0") if err != nil { log.Fatalln(err) @@ -76,33 +165,31 @@ func initFunctions( api := operations.NewFunctionManagerAPI(swaggerSpec) - faas := docker.New(dockerclient) - c := &functionmanager.ControllerConfig{ ResyncPeriod: config.ResyncPeriod, } r := runner.New(&runner.Config{ - Faas: faas, + Faas: deps.faas, Validator: validator.New(), - SecretInjector: injectors.NewSecretInjector(secretsClient), - ServiceInjector: injectors.NewServiceInjector(secretsClient, servicesClient), + SecretInjector: injectors.NewSecretInjector(deps.secretsClient), + ServiceInjector: injectors.NewServiceInjector(deps.secretsClient, deps.servicesClient), }) - imageBuilder := functions.NewDockerImageBuilder(config.ImageRegistry, config.RegistryAuth, dockerclient) - if !config.PushImages { + imageBuilder := functions.NewDockerImageBuilder(config.ImageRegistry, config.RegistryAuth, deps.dockerclient) + if config.DisableRegistry { imageBuilder.PushImages = false imageBuilder.PullImages = false } - controller := functionmanager.NewController(c, store, faas, r, imagesClient, imageBuilder) + controller := functionmanager.NewController(c, deps.store, deps.faas, r, deps.imagesClient, imageBuilder) controller.Start() - handlers := functionmanager.NewHandlers(controller.Watcher(), store) + handlers := functionmanager.NewHandlers(controller.Watcher(), deps.store) handlers.ConfigureHandlers(api) return api.Serve(nil), func() { controller.Shutdown() - utils.Close(faas) + utils.Close(deps.faas) } } diff --git a/pkg/dispatchserver/identity.go b/pkg/dispatchserver/identity.go new file mode 100644 index 000000000..0624e6c76 --- /dev/null +++ b/pkg/dispatchserver/identity.go @@ -0,0 +1,90 @@ +/////////////////////////////////////////////////////////////////////// +// Copyright (c) 2017 VMware, Inc. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +/////////////////////////////////////////////////////////////////////// + +package dispatchserver + +import ( + "io" + "net/http" + + "github.com/go-openapi/loads" + log "github.com/sirupsen/logrus" + "github.com/spf13/cobra" + + "github.com/vmware/dispatch/pkg/dispatchcli/i18n" + "github.com/vmware/dispatch/pkg/entity-store" + "github.com/vmware/dispatch/pkg/identity-manager" + "github.com/vmware/dispatch/pkg/identity-manager/gen/restapi" + "github.com/vmware/dispatch/pkg/identity-manager/gen/restapi/operations" +) + +type identityConfig struct { + CookieName string `mapstructure:"cookie-name" json:"cookie-name,omitempty"` + SkipAuth bool `mapstructure:"skip-auth" json:"skip-auth,omitempty"` + BootstrapConfigPath string `mapstructure:"bootstrap-config-path" json:"bootstrap-config-path,omitempty"` + OAuth2ProxyAuthURL string `mapstructure:"oauth2-proxy-auth-url" json:"oauth2-proxy-auth-url,omitempty"` +} + +// NewCmdIdentity creates a subcommand to run identity manager +func NewCmdIdentity(out io.Writer, config *serverConfig) *cobra.Command { + cmd := &cobra.Command{ + Use: "identity-manager", + Short: i18n.T("Run Dispatch Identity Manager"), + Args: cobra.NoArgs, + PreRun: bindLocalFlags(&config.Identity), + Run: func(cmd *cobra.Command, args []string) { + runIdentity(config) + }, + } + cmd.SetOutput(out) + + cmd.Flags().String("cookie-name", "_oauth2_proxy", "The cookie name used to identify users") + cmd.Flags().Bool("skip-auth", false, "Skips authorization, not to be used in production env") + cmd.Flags().String("bootstrap-config-path", "/bootstrap", "The path that contains the bootstrap keys") + cmd.Flags().String("oauth2-proxy-auth-url", "http://localhost:4180/v1/iam/oauth2/auth", "The localhost url for oauth2proxy service's auth endpoint") + + return cmd +} + +func runIdentity(config *serverConfig) { + store := entityStore(config) + identityHandler, shutdown := initIdentity(config, store) + defer shutdown() + + handler := addMiddleware(identityHandler) + server := httpServer(config) + server.SetHandler(handler) + defer server.Shutdown() + if err := server.Serve(); err != nil { + log.Error(err) + } +} + +func initIdentity(config *serverConfig, store entitystore.EntityStore) (http.Handler, func()) { + swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "2.0") + if err != nil { + log.Fatalln(err) + } + + api := operations.NewIdentityManagerAPI(swaggerSpec) + + // Setup the policy enforcer + enforcer := identitymanager.SetupEnforcer(store) + + // Create the identity controller + controller := identitymanager.NewIdentityController(store, enforcer, config.ResyncPeriod) + controller.Start() + + handlers := identitymanager.NewHandlers(controller.Watcher(), store, enforcer) + handlers.ConfigureHandlers(api) + handlers.CookieName = config.Identity.CookieName + handlers.BootstrapConfigPath = config.Identity.BootstrapConfigPath + handlers.OAuth2ProxyAuthURL = config.Identity.OAuth2ProxyAuthURL + handlers.SkipAuth = config.Identity.SkipAuth + + return api.Serve(nil), func() { + controller.Shutdown() + } +} diff --git a/pkg/dispatchserver/images.go b/pkg/dispatchserver/images.go index 97d11ab4e..b6d110f39 100644 --- a/pkg/dispatchserver/images.go +++ b/pkg/dispatchserver/images.go @@ -23,7 +23,7 @@ import ( // NewCmdImages creates a subcommand to run image manager func NewCmdImages(out io.Writer, config *serverConfig) *cobra.Command { cmd := &cobra.Command{ - Use: "images", + Use: "image-manager", Short: i18n.T("Run Dispatch Image Manager"), Args: cobra.NoArgs, Run: func(cmd *cobra.Command, args []string) { @@ -60,11 +60,16 @@ func initImages(config *serverConfig, store entitystore.EntityStore) (http.Handl ResyncPeriod: config.ResyncPeriod, } - ib, err := imagemanager.NewImageBuilder(store, config.ImageRegistry, config.RegistryAuth) + registryAuth := config.RegistryAuth + if registryAuth == "" { + registryAuth = emptyRegistryAuth + } + + ib, err := imagemanager.NewImageBuilder(store, config.ImageRegistry, registryAuth) if err != nil { log.Fatalln(err) } - if !config.PushImages { + if config.DisableRegistry { ib.PushImages = false } bib, err := imagemanager.NewBaseImageBuilder(store) diff --git a/pkg/dispatchserver/local.go b/pkg/dispatchserver/local.go index cf342b5b9..f6bd44d15 100644 --- a/pkg/dispatchserver/local.go +++ b/pkg/dispatchserver/local.go @@ -14,13 +14,16 @@ import ( "github.com/vmware/dispatch/pkg/api-manager/gateway/local" "github.com/vmware/dispatch/pkg/dispatchcli/i18n" + "github.com/vmware/dispatch/pkg/events/transport" + dockerfaas "github.com/vmware/dispatch/pkg/functions/docker" "github.com/vmware/dispatch/pkg/http" + "github.com/vmware/dispatch/pkg/secret-store/service" ) -type localServer struct { - DockerHost string `mapstructure:"docker-host" json:"docker-host"` - GatewayPort int `mapstructure:"gateway-port" json:"gateway-port"` - GatewayTLSPort int `mapstructure:"gateway-tls-port" json:"gateway-tls-port"` +type localConfig struct { + DockerHost string `mapstructure:"docker-host" json:"docker-host,omitempty"` + GatewayPort int `mapstructure:"gateway-port" json:"gateway-port,omitempty"` + GatewayTLSPort int `mapstructure:"gateway-tls-port" json:"gateway-tls-port,omitempty"` } // NewCmdLocal creates a subcommand to run Dispatch Local server @@ -36,14 +39,16 @@ func NewCmdLocal(out io.Writer, config *serverConfig) *cobra.Command { } cmd.SetOutput(out) - cmd.LocalFlags().String("docker-host", "127.0.0.1", "Docker host/IP. It must be reachable from Dispatch Server.") - cmd.LocalFlags().Int("gateway-port", 8081, "Port for local API Gateway") - cmd.LocalFlags().Int("gateway-tls-port", 8444, "TLS port for local API Gateway (only when TLS Enabled in global flags)") + cmd.Flags().String("docker-host", "127.0.0.1", "Docker host/IP. It must be reachable from Dispatch Server.") + cmd.Flags().Int("gateway-port", 8081, "Port for local API Gateway") + cmd.Flags().Int("gateway-tls-port", 8444, "TLS port for local API Gateway (only when TLS Enabled in global flags)") return cmd } func runLocal(config *serverConfig) { + config.DisableRegistry = true + store := entityStore(config) docker := dockerClient(config) functions := functionsClient(config) @@ -51,12 +56,22 @@ func runLocal(config *serverConfig) { services := servicesClient(config) images := imagesClient(config) - secretsHandler := initSecrets(config, store) + secretsService := &service.DBSecretsService{EntityStore: store} + secretsHandler := initSecrets(config, secretsService) imagesHandler, imagesShutdown := initImages(config, store) defer imagesShutdown() - functionsHandler, functionsShutdown := initFunctions(config, store, docker, images, secrets, services) + faas := dockerfaas.New(docker) + functionsDeps := functionsDependencies{ + store: store, + faas: faas, + dockerclient: docker, + imagesClient: images, + secretsClient: secrets, + servicesClient: services, + } + functionsHandler, functionsShutdown := initFunctions(config, functionsDeps) defer functionsShutdown() gw, err := local.NewGateway(functions) @@ -78,7 +93,16 @@ func runLocal(config *serverConfig) { apisHandler, apisShutdown := initAPIs(config, store, gw) defer apisShutdown() - eventsHandler, eventsShutdown := initEvents(config, store, functions, secrets) + eventTransport := transport.NewInMemory() + eventsDeps := eventsDependencies{ + store: store, + transport: eventTransport, + // TODO: add backend for event drivers in docker + driversBackend: nil, + functionsClient: functions, + secretsClient: secrets, + } + eventsHandler, eventsShutdown := initEvents(config, eventsDeps) defer eventsShutdown() dispatchHandler := &http.AllInOneRouter{ diff --git a/pkg/dispatchserver/main.go b/pkg/dispatchserver/main.go index 90ff56e96..bd91e9f4e 100644 --- a/pkg/dispatchserver/main.go +++ b/pkg/dispatchserver/main.go @@ -6,6 +6,7 @@ package dispatchserver import ( + "encoding/json" "io" "os" "strings" @@ -37,7 +38,11 @@ func NewCLI(out io.Writer) *cobra.Command { cmd.AddCommand(NewCmdLocal(out, defaultConfig)) cmd.AddCommand(NewCmdFunctions(out, defaultConfig)) cmd.AddCommand(NewCmdImages(out, defaultConfig)) + cmd.AddCommand(NewCmdSecrets(out, defaultConfig)) cmd.AddCommand(NewCmdEvents(out, defaultConfig)) + cmd.AddCommand(NewCmdAPIs(out, defaultConfig)) + cmd.AddCommand(NewCmdIdentity(out, defaultConfig)) + cmd.AddCommand(NewCmdServices(out, defaultConfig)) return cmd } @@ -70,17 +75,25 @@ func initConfig(cmd *cobra.Command, targetConfig *serverConfig) { } } -func bindLocalFlags(target interface{}) func(cmd *cobra.Command, args []string) { +func bindLocalFlags(targetStruct interface{}) func(cmd *cobra.Command, args []string) { return func(cmd *cobra.Command, args []string) { + v := viper.New() + // We use separate viper instance to read service-specific flags, and we must "preload" this instance + // with values we read from config file, otherwise v.Unmarshal will overwrite them with values from flags + // even if flags were not used. + var fromConfig map[string]interface{} + inrec, _ := json.Marshal(targetStruct) + json.Unmarshal(inrec, &fromConfig) + for key, val := range fromConfig { + v.Set(key, val) + } cmd.LocalFlags().VisitAll(func(f *pflag.Flag) { - v := viper.New() v.BindPFlag(f.Name, f) v.BindEnv(f.Name, "DISPATCH_"+strings.ToUpper(strings.Replace(f.Name, "-", "_", -1))) - - err := v.Unmarshal(target) - if err != nil { - log.Fatalf("Unable to create configuration: %s", err) - } }) + err := v.Unmarshal(targetStruct) + if err != nil { + log.Fatalf("Unable to create configuration: %s", err) + } } } diff --git a/pkg/dispatchserver/secrets.go b/pkg/dispatchserver/secrets.go index 6c9eb21e3..b5d62ef10 100644 --- a/pkg/dispatchserver/secrets.go +++ b/pkg/dispatchserver/secrets.go @@ -9,35 +9,68 @@ import ( "io" "net/http" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/rest" + "k8s.io/client-go/tools/clientcmd" + "github.com/go-openapi/loads" log "github.com/sirupsen/logrus" "github.com/spf13/cobra" "github.com/vmware/dispatch/pkg/dispatchcli/i18n" - "github.com/vmware/dispatch/pkg/entity-store" "github.com/vmware/dispatch/pkg/secret-store/gen/restapi" "github.com/vmware/dispatch/pkg/secret-store/gen/restapi/operations" "github.com/vmware/dispatch/pkg/secret-store/service" "github.com/vmware/dispatch/pkg/secret-store/web" ) -// NewCmdSecrets creates a subcommand to run secrets store +type secretsConfig struct { + K8sConfig string `mapstructure:"kubeconfig" json:"kubeconfig,omitempty,omitempty"` + K8sNamespace string `mapstructure:"namespace" json:"namespace,omitempty,omitempty"` +} + +// NewCmdSecrets creates a subcommand to run secret store func NewCmdSecrets(out io.Writer, config *serverConfig) *cobra.Command { cmd := &cobra.Command{ - Use: "secrets", - Short: i18n.T("Run Dispatch Secrets Store"), - Args: cobra.NoArgs, + Use: "secret-store", + Short: i18n.T("Run Dispatch Secret Store"), + Args: cobra.NoArgs, + PreRun: bindLocalFlags(&config.Secrets), Run: func(cmd *cobra.Command, args []string) { runSecrets(config) }, } cmd.SetOutput(out) + + cmd.Flags().String("kubeconfig", "", "Path to kubernetes config file") + cmd.Flags().String("namespace", "default", "Kubernetes namespace") return cmd } func runSecrets(config *serverConfig) { store := entityStore(config) - secretsHandler := initSecrets(config, store) + + var k8sConfig *rest.Config + var err error + if config.Secrets.K8sConfig == "" { + k8sConfig, err = rest.InClusterConfig() + } else { + k8sConfig, err = clientcmd.BuildConfigFromFlags("", config.Secrets.K8sConfig) + } + if err != nil { + log.Fatalf("Error getting kubernetes config: %+v", err) + } + clientset, err := kubernetes.NewForConfig(k8sConfig) + if err != nil { + log.Fatalf("Error creating Kubernetes client: %+v", err) + } + + secretsService := &service.K8sSecretsService{ + EntityStore: store, + SecretsAPI: clientset.CoreV1().Secrets(config.Secrets.K8sNamespace), + } + + secretsHandler := initSecrets(config, secretsService) handler := addMiddleware(secretsHandler) server := httpServer(config) @@ -48,7 +81,7 @@ func runSecrets(config *serverConfig) { } } -func initSecrets(config *serverConfig, store entitystore.EntityStore) http.Handler { +func initSecrets(config *serverConfig, secretsService service.SecretsService) http.Handler { swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "") if err != nil { log.Fatalln(err) @@ -56,9 +89,7 @@ func initSecrets(config *serverConfig, store entitystore.EntityStore) http.Handl api := operations.NewSecretStoreAPI(swaggerSpec) - handlers := web.NewHandlers(&service.DBSecretsService{ - EntityStore: store, - }) + handlers := web.NewHandlers(secretsService) web.ConfigureHandlers(api, handlers) diff --git a/pkg/dispatchserver/services.go b/pkg/dispatchserver/services.go new file mode 100644 index 000000000..848f81581 --- /dev/null +++ b/pkg/dispatchserver/services.go @@ -0,0 +1,104 @@ +/////////////////////////////////////////////////////////////////////// +// Copyright (c) 2017 VMware, Inc. All Rights Reserved. +// SPDX-License-Identifier: Apache-2.0 +/////////////////////////////////////////////////////////////////////// + +package dispatchserver + +import ( + "io" + "net/http" + + "github.com/go-openapi/loads" + log "github.com/sirupsen/logrus" + "github.com/spf13/cobra" + "github.com/vmware/dispatch/pkg/client" + + "github.com/vmware/dispatch/pkg/dispatchcli/i18n" + "github.com/vmware/dispatch/pkg/entity-store" + "github.com/vmware/dispatch/pkg/service-manager" + "github.com/vmware/dispatch/pkg/service-manager/clients" + "github.com/vmware/dispatch/pkg/service-manager/gen/restapi" + "github.com/vmware/dispatch/pkg/service-manager/gen/restapi/operations" +) + +type servicesConfig struct { + Catalog string `mapstructure:"catalog" json:"catalog"` + K8sConfig string `mapstructure:"kubeconfig" json:"kubeconfig"` + K8sNamespace string `mapstructure:"namespace" json:"namespace"` +} + +// NewCmdServices creates a subcommand to run service manager +func NewCmdServices(out io.Writer, config *serverConfig) *cobra.Command { + cmd := &cobra.Command{ + Use: "service-manager", + Short: i18n.T("Run Dispatch Service Manager"), + Args: cobra.NoArgs, + PreRun: bindLocalFlags(&config.Services), + Run: func(cmd *cobra.Command, args []string) { + runServices(config) + }, + } + cmd.SetOutput(out) + + cmd.Flags().String("kubeconfig", "", "Path to kubernetes config file") + cmd.Flags().String("namespace", "default", "Kubernetes namespace") + return cmd +} + +func runServices(config *serverConfig) { + store := entityStore(config) + secrets := secretsClient(config) + + servicesHandler, servicesShutdown := initServices(config, store, secrets) + defer servicesShutdown() + + handler := addMiddleware(servicesHandler) + server := httpServer(config) + server.SetHandler(handler) + defer server.Shutdown() + if err := server.Serve(); err != nil { + log.Error(err) + } +} + +func initServices(config *serverConfig, store entitystore.EntityStore, secretsClient client.SecretsClient) (http.Handler, func()) { + swaggerSpec, err := loads.Analyzed(restapi.FlatSwaggerJSON, "2.0") + if err != nil { + log.Fatalln(err) + } + + api := operations.NewServiceManagerAPI(swaggerSpec) + + k8sClient, err := clients.NewK8sBrokerClient( + clients.K8sBrokerConfigOpts{ + K8sConfig: config.Services.K8sConfig, + CatalogNamespace: config.Services.K8sNamespace, + SecretsClient: secretsClient, + }, + ) + if err != nil { + log.Fatalf("Error creating k8sClient: %v", err) + } + + controller := servicemanager.NewController( + &servicemanager.ControllerConfig{ + ResyncPeriod: config.ResyncPeriod, + }, + store, + k8sClient, + ) + controller.Start() + + // handler + handlers := &servicemanager.Handlers{ + Store: store, + Watcher: controller.Watcher(), + } + + handlers.ConfigureHandlers(api) + + return api.Serve(nil), func() { + controller.Shutdown() + } +} diff --git a/pkg/event-manager/drivers/http_handlers.go b/pkg/event-manager/drivers/http_handlers.go index eb8522a78..14a9d28d8 100644 --- a/pkg/event-manager/drivers/http_handlers.go +++ b/pkg/event-manager/drivers/http_handlers.go @@ -30,28 +30,14 @@ import ( type Handlers struct { store entitystore.EntityStore watcher controller.Watcher - config ConfigOpts secretsClient client.SecretsClient } -// ConfigOpts configures driver Handlers -type ConfigOpts struct { - SidecarImage string - TransportType string - RabbitMQURL string - KafkaBrokers []string - Tracer string - K8sConfig string - DriverNamespace string - Host string -} - // NewHandlers Creates new instance of driver handlers -func NewHandlers(store entitystore.EntityStore, watcher controller.Watcher, secretsClient client.SecretsClient, config ConfigOpts) *Handlers { +func NewHandlers(store entitystore.EntityStore, watcher controller.Watcher, secretsClient client.SecretsClient) *Handlers { return &Handlers{ watcher: watcher, store: store, - config: config, secretsClient: secretsClient, } } @@ -302,7 +288,6 @@ func (h *Handlers) addDriverType(params driverapi.AddDriverTypeParams, principal } name := *params.Body.Name - dt := &entities.DriverType{} dt.FromModel(params.Body, params.XDispatchOrg) dt.Status = entitystore.StatusREADY diff --git a/pkg/event-manager/drivers/k8s_backend.go b/pkg/event-manager/drivers/k8s_backend.go index ffffce786..512edd608 100644 --- a/pkg/event-manager/drivers/k8s_backend.go +++ b/pkg/event-manager/drivers/k8s_backend.go @@ -41,6 +41,18 @@ const ( defaultDeployTimeout = 10 // seconds ) +// ConfigOpts configures K8s driver backend +type ConfigOpts struct { + SidecarImage string + TransportType string + RabbitMQURL string + KafkaBrokers []string + Tracer string + K8sConfig string + DriverNamespace string + Host string +} + type k8sBackend struct { clientset *kubernetes.Clientset config ConfigOpts @@ -572,7 +584,6 @@ func (k *k8sBackend) buildSidecarEnv(d *entities.Driver) []corev1.EnvVar { Value: d.Type, }, } - return vars } diff --git a/pkg/event-manager/handlers.go b/pkg/event-manager/handlers.go index e97924d38..486c59b0b 100644 --- a/pkg/event-manager/handlers.go +++ b/pkg/event-manager/handlers.go @@ -28,27 +28,6 @@ import ( "github.com/vmware/dispatch/pkg/trace" ) -// Flags are configuration flags for the event manager -var Flags = struct { - Config string `long:"config" description:"Path to Config file" default:"./config.dev.json"` - DbFile string `long:"db-file" description:"Backend DB URL/Path" default:"./db.bolt"` - DbBackend string `long:"db-backend" description:"Backend DB Name" default:"boltdb"` - DbUser string `long:"db-username" description:"Backend DB Username" default:"dispatch"` - DbPassword string `long:"db-password" description:"Backend DB Password" default:"dispatch"` - DbDatabase string `long:"db-database" description:"Backend DB Name" default:"dispatch"` - FunctionManager string `long:"function-manager" description:"Function manager endpoint" default:"localhost:8001"` - Transport string `long:"transport" description:"Event transport to use" default:"kafka"` - KafkaBrokers []string `long:"kafka-broker" description:"host:port of Kafka broker(s)" default:"localhost:9092"` - RabbitMQURL string `long:"rabbitmq-url" description:"URL to RabbitMQ broker" default:"amqp://guest:guest@localhost:5672/"` - ResyncPeriod int `long:"resync-period" description:"The time period (in seconds) to sync with underlying k8s" default:"60"` - K8sConfig string `long:"kubeconfig" description:"Path to kubernetes config file" default:""` - K8sNamespace string `long:"namespace" description:"Kubernetes namespace" default:"default"` - EventSidecarImage string `long:"event-sidecar-image" description:"Event sidecar image"` - SecretStore string `long:"secret-store" description:"Secret store endpoint" default:"localhost:8003"` - Tracer string `long:"tracer" description:"Open Tracing Tracer endpoint" default:""` - IngressHost string `long:"ingress-host" description:"Dispatch ingress hostname" default:""` -}{} - // Handlers is a base struct for event manager API handlers. type Handlers struct { Store entitystore.EntityStore @@ -83,15 +62,7 @@ func (h *Handlers) ConfigureHandlers(api middleware.RoutableAPI) { h.subscriptions = subscriptions.NewHandlers(h.Store, h.Watcher) h.subscriptions.ConfigureHandlers(api) - h.drivers = drivers.NewHandlers(h.Store, h.Watcher, h.SecretsClient, drivers.ConfigOpts{ - SidecarImage: Flags.EventSidecarImage, - TransportType: Flags.Transport, - RabbitMQURL: Flags.RabbitMQURL, - KafkaBrokers: Flags.KafkaBrokers, - Tracer: Flags.Tracer, - K8sConfig: Flags.K8sConfig, - DriverNamespace: Flags.K8sNamespace, - }) + h.drivers = drivers.NewHandlers(h.Store, h.Watcher, h.SecretsClient) h.drivers.ConfigureHandlers(api) a.EventsEmitEventHandler = eventsapi.EmitEventHandlerFunc(h.emitEvent) diff --git a/pkg/function-manager/handlers.go b/pkg/function-manager/handlers.go index df96e2162..5eba3e87d 100644 --- a/pkg/function-manager/handlers.go +++ b/pkg/function-manager/handlers.go @@ -34,22 +34,6 @@ import ( "github.com/vmware/dispatch/pkg/utils" ) -// FunctionManagerFlags are configuration flags for the function manager -var FunctionManagerFlags = struct { - Config string `long:"config" description:"Path to Config file" default:"./config.dev.json"` - DbFile string `long:"db-file" description:"Backend DB URL/Path" default:"./db.bolt"` - DbBackend string `long:"db-backend" description:"Backend DB Name" default:"boltdb"` - DbUser string `long:"db-username" description:"Backend DB Username" default:"dispatch"` - DbPassword string `long:"db-password" description:"Backend DB Password" default:"dispatch"` - DbDatabase string `long:"db-database" description:"Backend DB Name" default:"dispatch"` - ImageManager string `long:"image-manager" description:"Image manager endpoint" default:"localhost:8002"` - SecretStore string `long:"secret-store" description:"Secret store endpoint" default:"localhost:8003"` - ServiceManager string `long:"service-manager" description:"Service manager endpoint" default:"localhost:8004"` - K8sConfig string `long:"kubeconfig" description:"Path to kubernetes config file" default:""` - FileImageManager string `long:"file-image-manager" description:"Path to file containing images (useful for testing)"` - Tracer string `long:"tracer" description:"Open Tracing Tracer endpoint" default:""` -}{} - func functionEntityToModel(f *functions.Function) *v1.Function { var tags []*v1.Tag for k, v := range f.Tags { @@ -231,14 +215,14 @@ func (m *FileImageManager) GetImage(ctx context.Context, organizationID string, if image, ok := m.Images[organizationID][imageName]; ok { return image, nil } - return nil, fmt.Errorf("Missing image %s", imageName) + return nil, fmt.Errorf("missing image %s", imageName) } // FileImageManagerClient returns a FileImageManager after populating the map with a JSON file -func FileImageManagerClient() *FileImageManager { - b, err := ioutil.ReadFile(FunctionManagerFlags.FileImageManager) +func FileImageManagerClient(imageFilePath string) *FileImageManager { + b, err := ioutil.ReadFile(imageFilePath) if err != nil { - panic(fmt.Sprintf("Failed to read image file %s", FunctionManagerFlags.FileImageManager)) + panic(fmt.Sprintf("Failed to read image file %s", imageFilePath)) } images := make(map[string]map[string]*v1.Image) json.Unmarshal(b, &images) diff --git a/pkg/functions/openfaas/driver.go b/pkg/functions/openfaas/driver.go index dd8dc3ad6..64cca2e5c 100644 --- a/pkg/functions/openfaas/driver.go +++ b/pkg/functions/openfaas/driver.go @@ -20,16 +20,15 @@ import ( "github.com/openfaas/faas/gateway/requests" "github.com/pkg/errors" log "github.com/sirupsen/logrus" - "github.com/vmware/dispatch/pkg/utils" "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" "k8s.io/client-go/kubernetes/typed/apps/v1beta1" "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" - "github.com/vmware/dispatch/pkg/config" "github.com/vmware/dispatch/pkg/functions" "github.com/vmware/dispatch/pkg/trace" + "github.com/vmware/dispatch/pkg/utils" ) const ( @@ -43,8 +42,8 @@ type Config struct { Gateway string K8sConfig string FuncNamespace string - FuncDefaultLimits *config.FunctionResources - FuncDefaultRequests *config.FunctionResources + FuncDefaultLimits *functions.FunctionResources + FuncDefaultRequests *functions.FunctionResources CreateTimeout *int ImagePullSecret string } diff --git a/pkg/functions/riff/driver.go b/pkg/functions/riff/driver.go index 793a7d9f7..a0f51d6e2 100644 --- a/pkg/functions/riff/driver.go +++ b/pkg/functions/riff/driver.go @@ -15,7 +15,6 @@ import ( "k8s.io/apimachinery/pkg/api/resource" "github.com/vmware/dispatch/lib/riff" - "github.com/vmware/dispatch/pkg/config" "github.com/vmware/dispatch/pkg/functions" "github.com/vmware/dispatch/pkg/trace" ) @@ -28,8 +27,8 @@ type Config struct { KafkaBrokers []string K8sConfig string FuncNamespace string - FuncDefaultLimits *config.FunctionResources - FuncDefaultRequests *config.FunctionResources + FuncDefaultLimits *functions.FunctionResources + FuncDefaultRequests *functions.FunctionResources } type riffDriver struct { diff --git a/pkg/functions/types.go b/pkg/functions/types.go index f7bf97290..47555af6d 100644 --- a/pkg/functions/types.go +++ b/pkg/functions/types.go @@ -70,6 +70,12 @@ type FaaSDriver interface { GetRunnable(e *FunctionExecution) Runnable } +// FunctionResources Memory and CPU +type FunctionResources struct { + Memory string `json:"memory"` + CPU string `json:"cpu"` +} + //go:generate mockery -name ImageBuilder -case underscore -dir . -note "CLOSE THIS FILE AS QUICKLY AS POSSIBLE" // ImageBuilder builds a docker image for a serverless function. diff --git a/pkg/identity-manager/controller.go b/pkg/identity-manager/controller.go index 05c995f06..26162a137 100644 --- a/pkg/identity-manager/controller.go +++ b/pkg/identity-manager/controller.go @@ -15,9 +15,9 @@ import ( ) // NewIdentityController creates a new controller to manage the reconciliation of policy entities -func NewIdentityController(store entitystore.EntityStore, enforcer *casbin.SyncedEnforcer) controller.Controller { +func NewIdentityController(store entitystore.EntityStore, enforcer *casbin.SyncedEnforcer, resync time.Duration) controller.Controller { c := controller.NewController(controller.Options{ - ResyncPeriod: time.Duration(IdentityManagerFlags.ResyncPeriod) * time.Second, + ResyncPeriod: resync, Workers: 5, // TODO: make this configurable }) diff --git a/pkg/identity-manager/handlers.go b/pkg/identity-manager/handlers.go index c146bec00..4973a6414 100644 --- a/pkg/identity-manager/handlers.go +++ b/pkg/identity-manager/handlers.go @@ -35,22 +35,6 @@ import ( "github.com/vmware/dispatch/pkg/trace" ) -// IdentityManagerFlags are configuration flags for the identity manager -var IdentityManagerFlags = struct { - CookieName string `long:"cookie-name" description:"The cookie name used to identify users" default:"_oauth2_proxy"` - SkipAuth bool `long:"skip-auth" description:"Skips authorization, not to be used in production env"` - BootstrapConfigPath string `long:"bootstrap-config-path" description:"The path that contains the bootstrap keys" default:"/bootstrap"` - DbFile string `long:"db-file" description:"Backend DB URL/Path" default:"./db.bolt"` - DbBackend string `long:"db-backend" description:"Backend DB Name" default:"boltdb"` - DbUser string `long:"db-username" description:"Backend DB Username" default:"dispatch"` - DbPassword string `long:"db-password" description:"Backend DB Password" default:"dispatch"` - DbDatabase string `long:"db-database" description:"Backend DB Name" default:"dispatch"` - ResyncPeriod int `long:"resync-period" description:"The time period (in seconds) to refresh policies" default:"30"` - OAuth2ProxyAuthURL string `long:"oauth2-proxy-auth-url" description:"The localhost url for oauth2proxy service's auth endpoint'" default:"http://localhost:4180/v1/iam/oauth2/auth"` - ServiceAccountDomain string `long:"service-account-domain" description:"The default domain name to use for service accounts" default:"svc.dispatch.local"` - Tracer string `long:"tracer" description:"Open Tracing Tracer endpoint" default:""` -}{} - const ( // Policy Model - Use an ACL model that matches request attributes // Request Definition - @@ -96,6 +80,11 @@ type Resource string // Handlers defines the interface for the identity manager handlers type Handlers struct { + SkipAuth bool + OAuth2ProxyAuthURL string + BootstrapConfigPath string + CookieName string + watcher controller.Watcher store entitystore.EntityStore enforcer *casbin.SyncedEnforcer @@ -120,12 +109,12 @@ func SetupEnforcer(store entitystore.EntityStore) *casbin.SyncedEnforcer { func (h *Handlers) authenticateCookie(token string) (interface{}, error) { // For testing/dev environments only - if IdentityManagerFlags.SkipAuth { + if h.SkipAuth { log.Warn("Skipping authentication. This is not recommended in production environments.") return "", nil } // Make a request to Oauth2Proxy to validate the cookie. Oauth2Proxy must be setup locally - proxyReq, err := http.NewRequest(http.MethodGet, IdentityManagerFlags.OAuth2ProxyAuthURL, nil) + proxyReq, err := http.NewRequest(http.MethodGet, h.OAuth2ProxyAuthURL, nil) if err != nil { msg := "error creating forwarding request to oauth2proxy: %s" log.Debugf(msg, err) @@ -164,7 +153,7 @@ func (h *Handlers) authenticateCookie(token string) (interface{}, error) { func (h *Handlers) authenticateBearer(token string) (interface{}, error) { // For testing/dev environments only - if IdentityManagerFlags.SkipAuth { + if h.SkipAuth { log.Warn("Skipping authentication. This is not recommended in production environments.") return "", nil } @@ -202,9 +191,9 @@ func (h *Handlers) getAuthAccountFromToken(token string) (*authAccount, error) { var account *authAccount var pubBase64Encoded string // Get Public Key from secret if bootstrap mode is enabled - if bootstrapUser := getBootstrapKey("bootstrap_user"); bootstrapUser == unverifiedIssuer { + if bootstrapUser := h.getBootstrapKey("bootstrap_user"); bootstrapUser == unverifiedIssuer { log.Warn("Bootstrap mode is enabled. Please ensure it is turned off in a production environment.") - if bootstrapPubKey := getBootstrapKey("bootstrap_public_key"); bootstrapPubKey != "" { + if bootstrapPubKey := h.getBootstrapKey("bootstrap_public_key"); bootstrapPubKey != "" { pubBase64Encoded = bootstrapPubKey account = &authAccount{ organizationID: "", @@ -331,7 +320,7 @@ func (h *Handlers) auth(params operations.AuthParams, principal interface{}) mid defer span.Finish() // For development use cases, not recommended in production env. - if IdentityManagerFlags.SkipAuth { + if h.SkipAuth { log.Warn("Skipping authorization. This is not recommended in production environments.") if params.XDispatchOrg == nil { return operations.NewAuthAccepted().WithXDispatchOrg("") @@ -405,7 +394,7 @@ func (h *Handlers) auth(params operations.AuthParams, principal interface{}) mid func (h *Handlers) redirect(params operations.RedirectParams, principal interface{}) middleware.Responder { redirect := *params.Redirect - cookie, err := params.HTTPRequest.Cookie(IdentityManagerFlags.CookieName) + cookie, err := params.HTTPRequest.Cookie(h.CookieName) if err != nil { return operations.NewRedirectDefault(http.StatusInternalServerError).WithPayload( &v1.Error{Code: http.StatusInternalServerError, @@ -423,6 +412,16 @@ func (h *Handlers) getVersion(params operations.GetVersionParams) middleware.Res return operations.NewGetVersionOK().WithPayload(version.Get()) } +func (h *Handlers) getBootstrapKey(key string) string { + bootstrapUserFile := filepath.Join(h.BootstrapConfigPath, key) + value, err := ioutil.ReadFile(bootstrapUserFile) + if err != nil { + log.Debugf("unable to read bootstrap key %s file: %s", bootstrapUserFile, err) + return "" + } + return string(value) +} + func checkOrgExists(ctx context.Context, store entitystore.EntityStore, orgName string) bool { opts := entitystore.Options{ Filter: entitystore.FilterExists(), @@ -492,13 +491,3 @@ func getRequestAttributes(request *http.Request, subject string) (*attributesRec action: action, }, nil } - -func getBootstrapKey(key string) string { - bootstrapUserFile := filepath.Join(IdentityManagerFlags.BootstrapConfigPath, key) - value, err := ioutil.ReadFile(bootstrapUserFile) - if err != nil { - log.Debugf("unable to read bootstrap key %s file: %s", bootstrapUserFile, err) - return "" - } - return string(value) -} diff --git a/pkg/identity-manager/handlers_test.go b/pkg/identity-manager/handlers_test.go index ec84eea8b..729754121 100644 --- a/pkg/identity-manager/handlers_test.go +++ b/pkg/identity-manager/handlers_test.go @@ -705,13 +705,13 @@ func TestBootstrapModeBearerToken(t *testing.T) { enforcer := SetupEnforcer(es) h := NewHandlers(nil, es, enforcer) // Set bootstrap mode and public key - IdentityManagerFlags.BootstrapConfigPath = "testdata" + h.BootstrapConfigPath = "testdata" token := createTestJWT("bootstrap-user@example.com") principal, err := h.authenticateBearer("bearer " + token) assert.Equal(t, "bootstrap-user@example.com", principal.(*authAccount).subject) assert.NoError(t, err) // Reset flag - IdentityManagerFlags.BootstrapConfigPath = "/bootstrap" + h.BootstrapConfigPath = "/bootstrap" } func TestBootstrapModeBearerInvalidToken(t *testing.T) { @@ -722,7 +722,7 @@ func TestBootstrapModeBearerInvalidToken(t *testing.T) { // Set bootstrap mode and public key bootstrapDir, err := ioutil.TempDir("", "test") defer os.RemoveAll(bootstrapDir) - IdentityManagerFlags.BootstrapConfigPath = bootstrapDir + h.BootstrapConfigPath = bootstrapDir ioutil.WriteFile(bootstrapDir+"/bootstrap_user", []byte("test_user"), 0600) pubKey, _ := ioutil.ReadFile("testdata/test_key2.pub") ioutil.WriteFile(bootstrapDir+"/bootstrap_public_key", []byte(base64.StdEncoding.EncodeToString(pubKey)), 0600) @@ -731,7 +731,7 @@ func TestBootstrapModeBearerInvalidToken(t *testing.T) { assert.Nil(t, principal) assert.EqualError(t, err, "unable to validate bearer token: error validating token: crypto/rsa: verification error") // Reset flag - IdentityManagerFlags.BootstrapConfigPath = "/bootstrap" + h.BootstrapConfigPath = "/bootstrap" } func TestBootstrapModeBearerNoPubKey(t *testing.T) { @@ -742,14 +742,14 @@ func TestBootstrapModeBearerNoPubKey(t *testing.T) { // Set bootstrap mode and public key bootstrapDir, err := ioutil.TempDir("", "non_bootstrap_dir") defer os.RemoveAll(bootstrapDir) - IdentityManagerFlags.BootstrapConfigPath = bootstrapDir + h.BootstrapConfigPath = bootstrapDir ioutil.WriteFile(bootstrapDir+"/bootstrap_user", []byte("test_user"), 0600) token := createTestJWT("test_user") principal, err := h.authenticateBearer("bearer " + token) assert.Nil(t, principal) assert.EqualError(t, err, "unable to validate bearer token: missing public key in bootstrap mode") // Reset flag - IdentityManagerFlags.BootstrapConfigPath = "/bootstrap" + h.BootstrapConfigPath = "/bootstrap" } func TestAuthenticateCookiePass(t *testing.T) { @@ -759,13 +759,13 @@ func TestAuthenticateCookiePass(t *testing.T) { testHttpserver := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { cookieString := r.Header.Get("Cookie") - assert.Equal(t, IdentityManagerFlags.CookieName+"=testing", cookieString) + assert.Equal(t, h.CookieName+"=testing", cookieString) w.Header().Add(HTTPHeaderEmail, "test-user1@example.com") w.WriteHeader(http.StatusAccepted) })) - IdentityManagerFlags.OAuth2ProxyAuthURL = testHttpserver.URL - cookieString := IdentityManagerFlags.CookieName + "=testing" + h.OAuth2ProxyAuthURL = testHttpserver.URL + cookieString := h.CookieName + "=testing" principal, err := h.authenticateCookie(cookieString) assert.Equal(t, "test-user1@example.com", principal.(*authAccount).subject) assert.NoError(t, err) @@ -780,8 +780,8 @@ func TestAuthenticateCookieUnauthenticated(t *testing.T) { w.WriteHeader(http.StatusForbidden) })) - IdentityManagerFlags.OAuth2ProxyAuthURL = testHttpserver.URL - cookieString := IdentityManagerFlags.CookieName + "=testing" + h.OAuth2ProxyAuthURL = testHttpserver.URL + cookieString := h.CookieName + "=testing" principal, err := h.authenticateCookie(cookieString) assert.Nil(t, principal) assert.EqualError(t, err, "authentication failed with oauth2proxy: error code 403") @@ -796,8 +796,8 @@ func TestAuthenticateCookieMissingEmailHeader(t *testing.T) { w.WriteHeader(http.StatusAccepted) })) - IdentityManagerFlags.OAuth2ProxyAuthURL = testHttpserver.URL - cookieString := IdentityManagerFlags.CookieName + "=testing" + h.OAuth2ProxyAuthURL = testHttpserver.URL + cookieString := h.CookieName + "=testing" principal, err := h.authenticateCookie(cookieString) assert.Nil(t, principal) assert.EqualError(t, err, "authentication failed: missing X-Auth-Request-Email header in response from oauth2proxy") diff --git a/pkg/identity-manager/service_account_api_handler.go b/pkg/identity-manager/service_account_api_handler.go index 48a3dc667..f3d4768f7 100644 --- a/pkg/identity-manager/service_account_api_handler.go +++ b/pkg/identity-manager/service_account_api_handler.go @@ -25,6 +25,8 @@ import ( "github.com/vmware/dispatch/pkg/utils" ) +const serviceAccountDomain = "svc.dispatch.local" + func serviceAccountModelToEntity(m *v1.ServiceAccount) *ServiceAccount { e := ServiceAccount{ BaseEntity: entitystore.BaseEntity{ @@ -35,7 +37,7 @@ func serviceAccountModelToEntity(m *v1.ServiceAccount) *ServiceAccount { // We don't allow users to change the algorithm for now. e.JWTAlgorithm = "RS256" // TODO: set the domain from user - e.Domain = IdentityManagerFlags.ServiceAccountDomain + e.Domain = serviceAccountDomain return &e } diff --git a/pkg/image-manager/handlers.go b/pkg/image-manager/handlers.go index 5c5068c07..eece79fb3 100644 --- a/pkg/image-manager/handlers.go +++ b/pkg/image-manager/handlers.go @@ -25,18 +25,6 @@ import ( "github.com/vmware/dispatch/pkg/trace" ) -// ImageManagerFlags are configuration flags for the image manager -var ImageManagerFlags = struct { - Config string `long:"config" description:"Path to Config file" default:"./config.dev.json"` - DbFile string `long:"db-file" description:"Backend DB URL/Path" default:"./db.bolt"` - DbBackend string `long:"db-backend" description:"Backend DB Name" default:"boltdb"` - DbUser string `long:"db-username" description:"Backend DB Username" default:"dispatch"` - DbPassword string `long:"db-password" description:"Backend DB Password" default:"dispatch"` - DbDatabase string `long:"db-database" description:"Backend DB Name" default:"dispatch"` - ResyncPeriod int `long:"resync-period" description:"The time period (in seconds) to sync with image repository" default:"10"` - Tracer string `long:"tracer" description:"Open Tracing Tracer endpoint" default:""` -}{} - var statusMap = map[v1.Status]entitystore.Status{ v1.StatusCREATING: StatusCREATING, v1.StatusUPDATING: StatusUPDATING, diff --git a/pkg/secret-store/web/handlers.go b/pkg/secret-store/web/handlers.go index 224cbacd5..63e3f1b46 100644 --- a/pkg/secret-store/web/handlers.go +++ b/pkg/secret-store/web/handlers.go @@ -24,18 +24,6 @@ import ( "github.com/vmware/dispatch/pkg/utils" ) -// SecretStoreFlags are configuration flags for the secret store -var SecretStoreFlags = struct { - K8sConfig string `long:"kubeconfig" description:"Path to kubernetes config file"` - K8sNamespace string `long:"namespace" description:"Kubernetes namespace" default:"default"` - DbFile string `long:"db-file" description:"Backend DB URL/Path" default:"./db.bolt"` - DbBackend string `long:"db-backend" description:"Backend DB Name" default:"boltdb"` - DbUser string `long:"db-username" description:"Backend DB Username" default:"dispatch"` - DbPassword string `long:"db-password" description:"Backend DB Password" default:"dispatch"` - DbDatabase string `long:"db-database" description:"Backend DB Name" default:"dispatch"` - Tracer string `long:"tracer" description:"Open Tracing Tracer endpoint" default:""` -}{} - // Handlers encapsulates the secret store handlers type Handlers struct { secretsService service.SecretsService diff --git a/pkg/service-manager/clients/k8s_service_catalog.go b/pkg/service-manager/clients/k8s_service_catalog.go index eec7a9765..ff94fbfd6 100644 --- a/pkg/service-manager/clients/k8s_service_catalog.go +++ b/pkg/service-manager/clients/k8s_service_catalog.go @@ -39,7 +39,7 @@ import ( type K8sBrokerConfigOpts struct { K8sConfig string CatalogNamespace string - SecretStoreURL string + SecretsClient client.SecretsClient } type k8sServiceCatalogClient struct { @@ -81,7 +81,7 @@ func NewK8sBrokerClient(config K8sBrokerConfigOpts) (BrokerClient, error) { clientset: c, sdk: sdk, config: config, - secretsClient: client.NewSecretsClient(config.SecretStoreURL, client.AuthWithToken("cookie"), ""), + secretsClient: config.SecretsClient, }, nil } diff --git a/pkg/service-manager/flags/flags.go b/pkg/service-manager/flags/flags.go deleted file mode 100644 index 4dd74a9a4..000000000 --- a/pkg/service-manager/flags/flags.go +++ /dev/null @@ -1,22 +0,0 @@ -/////////////////////////////////////////////////////////////////////// -// Copyright (c) 2017 VMware, Inc. All Rights Reserved. -// SPDX-License-Identifier: Apache-2.0 -/////////////////////////////////////////////////////////////////////// - -package flags - -// NO TEST - -// ServiceManagerFlags are configuration flags for the service manager -var ServiceManagerFlags = struct { - Config string `long:"config" description:"Path to Config file" default:"./config.dev.json"` - DbFile string `long:"db-file" description:"Backend DB URL/Path" default:"./db.bolt"` - DbBackend string `long:"db-backend" description:"Backend DB Name" default:"boltdb"` - DbUser string `long:"db-username" description:"Backend DB Username" default:"dispatch"` - DbPassword string `long:"db-password" description:"Backend DB Password" default:"dispatch"` - DbDatabase string `long:"db-database" description:"Backend DB Name" default:"dispatch"` - ResyncPeriod int `long:"resync-period" description:"The time period (in seconds) to sync with image repository" default:"10"` - K8sConfig string `long:"kubeconfig" description:"Path to kubernetes config file" default:""` - SecretStore string `long:"secret-store" description:"Secret store endpoint" default:"localhost:8003"` - Tracer string `long:"tracer" description:"Open Tracing Tracer endpoint" default:""` -}{} diff --git a/scripts/images.sh b/scripts/images.sh index bc1556d3c..47784de42 100755 --- a/scripts/images.sh +++ b/scripts/images.sh @@ -8,7 +8,11 @@ if [ -n "$CI" ]; then TAG=$IMAGE_TAG fi -image=${DOCKER_REGISTRY}/dispatch-${PACKAGE}:${TAG} +if [[ ${PACKAGE} == dispatch-* ]]; then + image=${DOCKER_REGISTRY}/${PACKAGE}:${TAG} +else + image=${DOCKER_REGISTRY}/dispatch-${PACKAGE}:${TAG} +fi echo $image docker build -t $image -f images/${PACKAGE}/Dockerfile .