diff options
Diffstat (limited to 'src/flufigut.py')
-rwxr-xr-x | src/flufigut.py | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/src/flufigut.py b/src/flufigut.py index 366c13e..0289abd 100755 --- a/src/flufigut.py +++ b/src/flufigut.py @@ -507,7 +507,7 @@ class Planet: def __generate_stream_mux_instance(self, stream_name, stream, mux, format, profile, idx, cnt, porter): muxer_feed = 'mux-%s-%s-%s' % (mux, format, profile) feeder = muxer_feed - if 'repeater' in stream: + if 'repeater' in stream and stream['repeater']: feeder = self.__generate_stream_mux_repeater(stream_name, mux, format, profile, muxer_feed) comp_name = '%s-%s%i-stream-%s-%s-%s' % (stream['type'], stream_name, idx + 1, mux, format, profile) @@ -545,6 +545,8 @@ class Planet: self.__add_worker_flag_exclusive(worker, "stream", stream_name) self.__add_worker_flag_exclusive(worker, "stream-hostname", hostname) self.__add_worker_flag_exclusive(worker, "stream-index", idx) + if 'onion-service' in stream and stream['onion-service']: + self.__add_worker_flag_exclusive(worker, "stream-onion", stream['onion-service']) if 'sfive' in self._desc.globals['stats']: self.__add_worker_flag_exclusive(worker, "sfive", self._desc.globals['stats']['sfive']['type']) @@ -673,6 +675,10 @@ class K8sDeployment: kubernetes.config.load_kube_config() kubernetes.client.user_agent = 'flufigut' + self.__has_onion_service = False + self.__has_sfive = False + self.__has_sfive_onion = False + def __create_namespace(self, v1): ns = kubernetes.client.V1Namespace() ns.metadata = kubernetes.client.V1ObjectMeta() @@ -742,13 +748,15 @@ class K8sDeployment: if 'sfive' not in worker['flags']: return + self.__has_sfive = True cm = self.__generate_object(tmpl_env, 'sfive-cm.yml', worker) if 'data' not in cm or not cm['data']: cm['data'] = {} if worker['flags']['sfive'] == 'proxy' and 'stream' in worker['flags']: cm['data']['proxy.json'] = json.dumps(self._planet.sfive_proxy_config(worker['name'])) - stream_name = worker['flags']['stream'] - if 'onion-service' in self._desc.streams[stream_name] and len(self._desc.streams[stream_name]['nginx-muxes']) > 0: + if 'stream-onion' in worker['flags']: + self.__has_onion_service = True + self.__has_sfive_onion = True cm['data']['proxy-onion.json'] = json.dumps(self._planet.sfive_proxy_config(worker['name'], True)) v1.create_namespaced_config_map(self._namespace, cm) @@ -759,6 +767,7 @@ class K8sDeployment: def deploy(self, template_dir): v1 = kubernetes.client.CoreV1Api() appsV1 = kubernetes.client.AppsV1Api() + rbacV1 = kubernetes.client.RbacAuthorizationV1Api() self.__create_namespace(v1) loader = jinja2.FileSystemLoader(os.path.join(template_dir, self._desc.globals['templates'], 'kubernetes')) @@ -775,6 +784,18 @@ class K8sDeployment: self._deploy_nginx_worker(template_dir, tmpl_env, v1, appsV1, worker) self._deploy_sfive_worker(template_dir, tmpl_env, v1, appsV1, worker) + if self.__has_onion_service: + role = self.__generate_object(tmpl_env, 'onion-service-role.yml', worker) + rbacV1.create_namespaced_role(self._namespace, role) + + if self.__has_sfive: + sa = self.__generate_object(tmpl_env, 'sfive-sa.yml', worker) + v1.create_namespaced_service_account(self._namespace, sa) + + if self.__has_sfive_onion: + rb = self.__generate_object(tmpl_env, 'sfive-onion-rolebinding.yml', worker) + rbacV1.create_namespaced_role_binding(self._namespace, rb) + def wipe(self): v1 = kubernetes.client.CoreV1Api() self.__delete_namespace(v1) |