Class: KubesGoogle::Gke
Instance Method Summary
collapse
Methods included from Services
#cluster_manager, #resource_manager, #secret_manager_service
Methods included from Logging
#logger
Constructor Details
#initialize(cluster_name:, enable_get_credentials: false, google_project: nil, google_region: "us-central1", whitelist_ip: nil) ⇒ Gke
Returns a new instance of Gke.
10
11
12
13
14
15
16
17
18
19
20
|
# File 'lib/kubes_google/gke.rb', line 10
def initialize(cluster_name:,
enable_get_credentials: false,
google_project: nil,
google_region: "us-central1",
whitelist_ip: nil)
@cluster_name = cluster_name
@enable_get_credentials = enable_get_credentials
@google_project = ENV['GOOGLE_PROJECT'] || google_project
@google_region = ENV['GOOGLE_REGION'] || google_region
@whitelist_ip = whitelist_ip
end
|
Instance Method Details
#allow ⇒ Object
22
23
24
25
|
# File 'lib/kubes_google/gke.rb', line 22
def allow
logger.debug "Updating cluster. Adding IP: #{ip}"
update_cluster(cidr_blocks(:with_whitelist))
end
|
#cidr_blocks(type) ⇒ Object
77
78
79
80
81
82
83
84
85
86
87
88
|
# File 'lib/kubes_google/gke.rb', line 77
def cidr_blocks(type)
old = old_cidrs.reject do |x|
x[:display_name] == new_cidr[:display_name] &&
x[:cidr_block] == new_cidr[:cidr_block]
end
if type == :with_whitelist
old + [new_cidr]
else
old
end
end
|
#current_ip ⇒ Object
109
110
111
112
113
114
115
116
117
|
# File 'lib/kubes_google/gke.rb', line 109
def current_ip
resp = URI.open("http://ifconfig.me")
ip = resp.read
"#{ip}/32"
rescue SocketError => e
logger.info "WARN: #{e.message}"
logger.info "Unable to detect current ip. Will use 0.0.0.0/0"
"0.0.0.0/0"
end
|
#deny ⇒ Object
27
28
29
30
|
# File 'lib/kubes_google/gke.rb', line 27
def deny
logger.debug "Updating cluster. Removing IP: #{ip}"
update_cluster(cidr_blocks(:without_whitelist))
end
|
#enabled? ⇒ Boolean
41
42
43
44
45
46
47
|
# File 'lib/kubes_google/gke.rb', line 41
def enabled?
enable = KubesGoogle.config.gke.enable_hooks
enable = enable.nil? ? true : enable
!!(enable && @cluster_name)
end
|
#full_name ⇒ Object
37
38
39
|
# File 'lib/kubes_google/gke.rb', line 37
def full_name
"projects/#{@google_project}/locations/#{@google_region}/clusters/#{@cluster_name}"
end
|
#get_credentials ⇒ Object
32
33
34
35
|
# File 'lib/kubes_google/gke.rb', line 32
def get_credentials
return unless get_credentials_enabled?
sh "gcloud container clusters get-credentials --project=#{@google_project} --region=#{@google_region} #{@cluster_name}"
end
|
#get_credentials_enabled? ⇒ Boolean
49
50
51
52
53
|
# File 'lib/kubes_google/gke.rb', line 49
def get_credentials_enabled?
enable = KubesGoogle.config.gke.enable_get_credentials
enable = enable.nil? ? false : enable
!!(enable && full_name)
end
|
#ip ⇒ Object
105
106
107
|
# File 'lib/kubes_google/gke.rb', line 105
def ip
@whitelist_ip || current_ip
end
|
#new_cidr ⇒ Object
97
98
99
100
101
102
|
# File 'lib/kubes_google/gke.rb', line 97
def new_cidr
{
display_name: "added-by-kubes-google",
cidr_block: ip,
}
end
|
#old_cidrs ⇒ Object
90
91
92
93
94
|
# File 'lib/kubes_google/gke.rb', line 90
def old_cidrs
resp = cluster_manager.get_cluster(name: full_name)
config = resp.master_authorized_networks_config.to_h
config[:cidr_blocks]
end
|
#update_cluster(cidr_blocks) ⇒ Object
55
56
57
58
59
60
61
62
63
64
65
66
67
|
# File 'lib/kubes_google/gke.rb', line 55
def update_cluster(cidr_blocks)
resp = cluster_manager.update_cluster(
name: full_name,
update: {
desired_master_authorized_networks_config: {
cidr_blocks: cidr_blocks,
enabled: true,
}
}
)
operation_name = resp.self_link.sub(/.*projects/,'projects')
wait_for(operation_name)
end
|
#wait_for(operation_name) ⇒ Object
69
70
71
72
73
74
75
|
# File 'lib/kubes_google/gke.rb', line 69
def wait_for(operation_name)
resp = cluster_manager.get_operation(name: operation_name)
until resp.status != :RUNNING do
sleep 5
resp = cluster_manager.get_operation(name: operation_name)
end
end
|