blob: 8f9a931d4146539d281bf71b771d7e0c615cc6f7 [file] [log] [blame]
Milan Verespej1a230472019-03-20 13:51:40 +01001#!/usr/bin/env python
2# -*- coding: utf-8 -*-
3
4# COPYRIGHT NOTICE STARTS HERE
5
6# Copyright 2019 © Samsung Electronics Co., Ltd.
7#
8# Licensed under the Apache License, Version 2.0 (the "License");
9# you may not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS,
16# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19
20# COPYRIGHT NOTICE ENDS HERE
21
22
23from __future__ import print_function
24import sys
25import argparse
26import yaml
27import requests
Bartek Grzybowskibca84352019-05-30 10:12:36 +020028from subprocess import Popen,STDOUT,PIPE
Milan Verespej1a230472019-03-20 13:51:40 +010029import datetime
30from time import sleep
31from os.path import expanduser
32from itertools import chain
33import csv
34from requests.packages.urllib3.exceptions import InsecureRequestWarning
Bartek Grzybowski929f0902019-05-27 14:57:55 +020035from base64 import b64decode
36from tempfile import NamedTemporaryFile
Milan Verespej1a230472019-03-20 13:51:40 +010037
Milan Verespej1a230472019-03-20 13:51:40 +010038def add_resource_kind(resources, kind):
39 for item in resources:
40 item['kind'] = kind
41 return resources
42
Milan Verespej1a230472019-03-20 13:51:40 +010043def pods_by_parent(pods, parent):
44 for pod in pods:
45 if pod['metadata']['labels']['app'] == parent:
46 yield pod
47
48def k8s_controller_ready(k8s_controller):
49 if k8s_controller['kind'] == 'Job':
50 return k8s_controller['status'].get('succeeded', 0) == k8s_controller['spec']['completions']
51 return k8s_controller['status'].get('readyReplicas', 0) == k8s_controller['spec']['replicas']
52
53def get_not_ready(data):
54 return [x for x in data if not k8s_controller_ready(x)]
55
56def get_apps(data):
57 return [x['metadata']['labels']['app'] for x in data]
58
59def get_names(data):
60 return [x['metadata']['name'] for x in data]
61
62def pod_ready(pod):
63 try:
64 return [x['status'] for x in pod['status']['conditions']
65 if x['type'] == 'Ready'][0] == 'True'
66 except (KeyError, IndexError):
67 return False
68
69def not_ready_pods(pods):
70 for pod in pods:
71 if not pod_ready(pod):
72 yield pod
73
74def analyze_k8s_controllers(resources_data):
75 resources = {'total_count': len(resources_data)}
76 resources['not_ready_list'] = get_apps(get_not_ready(resources_data))
77 resources['ready_count'] = resources['total_count'] - len(resources['not_ready_list'])
78
79 return resources
80
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +020081def get_k8s_controllers(k8s):
Milan Verespej1a230472019-03-20 13:51:40 +010082 k8s_controllers = {}
83
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +020084 k8s_controllers['deployments'] = {'data': k8s.get_resources(
Milan Verespej1a230472019-03-20 13:51:40 +010085 'apis/apps/v1', 'deployments')}
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +020086 k8s_controllers['deployments'].update(analyze_k8s_controllers(
87 k8s_controllers['deployments']['data']))
Milan Verespej1a230472019-03-20 13:51:40 +010088
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +020089 k8s_controllers['statefulsets'] = {'data': k8s.get_resources(
Milan Verespej1a230472019-03-20 13:51:40 +010090 'apis/apps/v1', 'statefulsets')}
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +020091 k8s_controllers['statefulsets'].update(analyze_k8s_controllers(
92 k8s_controllers['statefulsets']['data']))
Milan Verespej1a230472019-03-20 13:51:40 +010093
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +020094 k8s_controllers['jobs'] = {'data': k8s.get_resources(
Milan Verespej1a230472019-03-20 13:51:40 +010095 'apis/batch/v1', 'jobs')}
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +020096 k8s_controllers['jobs'].update(analyze_k8s_controllers(
97 k8s_controllers['jobs']['data']))
Milan Verespej1a230472019-03-20 13:51:40 +010098
99 not_ready_controllers = chain.from_iterable(
100 k8s_controllers[x]['not_ready_list'] for x in k8s_controllers)
101
102 return k8s_controllers, list(not_ready_controllers)
103
Bartek Grzybowski8e9812a2019-05-28 15:59:05 +0200104def exec_healthcheck(hp_script, namespace, hp_mode):
Bartek Grzybowskibca84352019-05-30 10:12:36 +0200105 # spawn healthcheck script and redirect it's stderr to stdout
106 hc = Popen(['sh',hp_script,namespace,hp_mode],stdout=PIPE,stderr=STDOUT)
107 # Trace the output of subprocess until it has finished
108 for line in iter(hc.stdout.readline, ''):
109 print(line.strip())
110 hc.poll() # set returncode in Popen object
111 return hc.returncode
Milan Verespej1a230472019-03-20 13:51:40 +0100112
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200113def check_readiness(k8s, verbosity):
114 k8s_controllers, not_ready_controllers = get_k8s_controllers(k8s)
Milan Verespej1a230472019-03-20 13:51:40 +0100115
116 # check pods only when it is explicitly wanted (judging readiness by deployment status)
117 if verbosity > 1:
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200118 pods = k8s.get_resources('api/v1', 'pods')
Milan Verespej1a230472019-03-20 13:51:40 +0100119 unready_pods = chain.from_iterable(
120 get_names(not_ready_pods(
121 pods_by_parent(pods, x)))
122 for x in not_ready_controllers)
123 else:
124 unready_pods = []
125
126 print_status(verbosity, k8s_controllers, unready_pods)
127 return not not_ready_controllers
128
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200129def check_in_loop(k8s, max_time, sleep_time, verbosity):
Milan Verespej1a230472019-03-20 13:51:40 +0100130 max_end_time = datetime.datetime.now() + datetime.timedelta(minutes=max_time)
131 ready = False
132 while datetime.datetime.now() < max_end_time:
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200133 ready = check_readiness(k8s, verbosity)
Milan Verespej1a230472019-03-20 13:51:40 +0100134 if ready:
135 return ready
136 sleep(sleep_time)
137 return ready
138
139def check_helm_releases():
140 helm = subprocess.check_output(['helm', 'ls'])
141 if helm == '':
142 sys.exit('No Helm releases detected.')
143 helm_releases = csv.DictReader(
144 map(lambda x: x.replace(' ', ''), helm.split('\n')),
145 delimiter='\t')
146 failed_releases = [release['NAME'] for release in helm_releases
147 if release['STATUS'] == 'FAILED']
148 return helm, failed_releases
149
150
151def create_ready_string(ready, total, prefix):
152 return '{:12} {}/{}'.format(prefix, ready, total)
153
154def print_status(verbosity, resources, not_ready_pods):
155 ready_strings = []
156 ready = {k: v['ready_count'] for k,v in resources.items()}
157 count = {k: v['total_count'] for k,v in resources.items()}
158 if verbosity > 0:
159 ready_strings += [
160 create_ready_string(ready[k], count[k], k.capitalize()) for k in ready
161 ]
162 total_ready = sum(ready.values())
163 total_count = sum(count.values())
164 ready_strings.append(create_ready_string(total_ready, total_count, 'Ready'))
165 status_strings = ['\n'.join(ready_strings)]
166 if verbosity > 1:
167 if not_ready_pods:
168 status_strings.append('\nWaiting for pods:\n{}'.format('\n'.join(not_ready_pods)))
169 else:
170 status_strings.append('\nAll pods are ready!')
171 print('\n'.join(status_strings), '\n')
172
173def parse_args():
Bartek Grzybowski8e9812a2019-05-28 15:59:05 +0200174 parser = argparse.ArgumentParser(description='Monitor ONAP deployment progress',
175 formatter_class=argparse.ArgumentDefaultsHelpFormatter)
Milan Verespej1a230472019-03-20 13:51:40 +0100176 parser.add_argument('--namespace', '-n', default='onap',
177 help='Kubernetes namespace of ONAP')
178 parser.add_argument('--server', '-s', help='address of Kubernetes cluster')
179 parser.add_argument('--kubeconfig', '-c',
180 default=expanduser('~') + '/.kube/config',
181 help='path to .kube/config file')
182 parser.add_argument('--health-path', '-hp', help='path to ONAP robot ete-k8s.sh')
Bartek Grzybowski8e9812a2019-05-28 15:59:05 +0200183 parser.add_argument('--health-mode', default='health', help='healthcheck mode',
184 choices=('health','healthdist','distribute','instantiate','instantiateVFWCL',
185 'instantiateDemoVFWCL','portal'))
Milan Verespej1a230472019-03-20 13:51:40 +0100186 parser.add_argument('--no-helm', action='store_true', help='Do not check Helm')
187 parser.add_argument('--check-frequency', '-w', default=300, type=int,
188 help='time between readiness checks in seconds')
189 parser.add_argument('--max-time', '-t', default=120, type=int,
190 help='max time to run readiness checks in minutes')
191 parser.add_argument('--single-run', '-1', action='store_true',
192 help='run check loop only once')
193 parser.add_argument('-v', dest='verbosity', action='count', default=0,
194 help='increase output verbosity, e.g. -vv is more verbose than -v')
Bartek Grzybowski929f0902019-05-27 14:57:55 +0200195 parser.add_argument('--no-ssl-auth', action='store_true',
196 help='Disable SSL certificate based authentication while connecting to server')
Milan Verespej1a230472019-03-20 13:51:40 +0100197
198 return parser.parse_args()
199
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200200class Kubernetes:
201 '''Class exposing get_resources() routine for connecting to kube API.
202 It keeps all attributes required by that call as an internal
203 object state.'''
204
205 requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
206
207 def __init__(self,args):
208
209 self.config = args.kubeconfig
210 self.url = args.server if args.server is not None else \
211 self._get_k8s_url()
Bartek Grzybowski929f0902019-05-27 14:57:55 +0200212 self.no_ssl_auth = args.no_ssl_auth
213 self.certs = self._get_k8s_certs() if not self.no_ssl_auth else {}
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200214 self.namespace = args.namespace
215
Bartek Grzybowski929f0902019-05-27 14:57:55 +0200216 # Setup tmp file with ca chain only if certs were gathered successfully
217 # and --no-ssl-auth wasn't set
218 if self.certs and not self.no_ssl_auth:
219 self._setup_cert_files()
220
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200221 def get_resources(self, api, kind):
222 '''Performs actual API call'''
223 url = '/'.join([self.url, api, 'namespaces', self.namespace, kind])
224 try:
Bartek Grzybowski929f0902019-05-27 14:57:55 +0200225 if self.no_ssl_auth:
226 req = requests.get(url, verify=False)
227 else:
228 req = requests.get(url, verify=self.crt_tmp_file.name, cert=self.crt_tmp_file.name)
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200229 except requests.exceptions.ConnectionError as err:
230 sys.exit('Error: Could not connect to {}'.format(self.url))
231 if req.status_code == 200:
232 json = req.json()
233 # kind is <resource>List in response so [:-4] removes 'List' from value
234 return add_resource_kind(json['items'], json['kind'][:-4])
235 elif (req.status_code == 401):
236 sys.exit('Error: Server replied with "401 Unauthorized" while making connection')
237 else:
238 sys.exit("Error: There's been an unspecified issue while making a request to the API")
239
Bartek Grzybowski929f0902019-05-27 14:57:55 +0200240 def _setup_cert_files(self):
241 '''Helper funtion to setup named file for requests.get() call
242 in self.get_resources() which is able read certificate only
243 from file'''
244 ca_chain = NamedTemporaryFile()
245 for crt in self.certs.values():
246 ca_chain.write(crt)
247 ca_chain.read() # flush the file buffer
248 self.crt_tmp_file = ca_chain
249
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200250 def _get_k8s_url(self):
251 # TODO: Get login info
252 with open(self.config) as f:
253 config = yaml.load(f)
254 # TODO: Support cluster by name
255 return config['clusters'][0]['cluster']['server']
256
Bartek Grzybowski929f0902019-05-27 14:57:55 +0200257 def _get_k8s_certs(self):
258 '''Helper function to read and decode certificates from kube config'''
259 with open(self.config) as f:
260 config = yaml.load(f)
261 certs = {}
262 try:
263 certs.update(dict(ca_cert=b64decode(
264 config['clusters'][0]['cluster']['certificate-authority-data'])))
265 certs.update(dict(client_cert=b64decode(
266 config['users'][0]['user']['client-certificate-data'])))
267 certs.update(dict(client_key=b64decode(
268 config['users'][0]['user']['client-key-data'])))
269 except KeyError as err:
270 print('Warning: could not get Kubernetes config for certificates. ' \
271 'Turning off SSL authentication.')
272 self.no_ssl_auth = True
273 return certs
274
Milan Verespej1a230472019-03-20 13:51:40 +0100275def main():
276 args = parse_args()
277
278 if not args.no_helm:
279 try:
280 helm_output, failed_releases = check_helm_releases()
281 if failed_releases:
282 print('Deployment of {} failed.'.format(','.join(failed_releases)))
283 sys.exit(1)
284 elif args.verbosity > 1:
285 print(helm_output)
286 except IOError as err:
287 sys.exit(err.strerror)
288
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200289 k8s = Kubernetes(args)
Milan Verespej1a230472019-03-20 13:51:40 +0100290
291 ready = False
292 if args.single_run:
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200293 ready = check_readiness(k8s, args.verbosity)
Milan Verespej1a230472019-03-20 13:51:40 +0100294 else:
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200295 if not check_in_loop(k8s, args.max_time, args.check_frequency, args.verbosity):
Milan Verespej1a230472019-03-20 13:51:40 +0100296 # Double-check last 5 minutes and write verbosely in case it is not ready
Bartek Grzybowskic2b38a52019-05-27 14:39:26 +0200297 ready = check_readiness(k8s, 2)
Milan Verespej1a230472019-03-20 13:51:40 +0100298
299 if args.health_path is not None:
Bartek Grzybowskibca84352019-05-30 10:12:36 +0200300 hc_rc = exec_healthcheck(args.health_path, args.namespace, args.health_mode)
301 if hc_rc:
302 sys.exit(hc_rc)
Milan Verespej1a230472019-03-20 13:51:40 +0100303
304 if not ready:
305 sys.exit('Deployment is not ready')
306
307if __name__ == '__main__':
308 main()