From d1b66907f3cc9a10085cca98294a1e1596d18d53 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=BD=95=E5=85=A8?= Date: Mon, 10 Jun 2019 10:40:19 +0800 Subject: [PATCH] =?UTF-8?q?v0.3.2=20=20=20k8s=20=20=E7=AE=A1=E7=90=86?= =?UTF-8?q?=E6=A8=A1=E5=9D=97=20=20=E5=BC=80=E5=A7=8B=E5=86=99=20=20=20pod?= =?UTF-8?q?=E5=88=97=E8=A1=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 7 ++ k8s/__init__.py | 1 + k8s/k8sApi/__init__.py | 1 + k8s/k8sApi/core.py | 15 +++ k8s/k8sApi/获取k8s admin token的方法.md | 52 +++++++++ k8s/models.py | 3 + k8s/tests.py | 21 ++++ k8s/urls.py | 7 ++ k8s/views.py | 27 +++++ seal/settings.py | 5 + seal/urls.py | 1 + templates/assets/ecs-list.html | 2 +- templates/base/_nav.html | 13 +++ templates/k8s/k8s-pod-list.html | 141 ++++++++++++++++++++++++ 14 files changed, 295 insertions(+), 1 deletion(-) create mode 100644 k8s/__init__.py create mode 100644 k8s/k8sApi/__init__.py create mode 100644 k8s/k8sApi/core.py create mode 100644 k8s/k8sApi/获取k8s admin token的方法.md create mode 100644 k8s/models.py create mode 100644 k8s/tests.py create mode 100644 k8s/urls.py create mode 100644 k8s/views.py create mode 100644 templates/k8s/k8s-pod-list.html diff --git a/README.md b/README.md index e8bedff..78dde99 100644 --- a/README.md +++ b/README.md @@ -26,11 +26,13 @@ * drf RESTful api 例子 * 前端 Vue版本 * GraphQL +* k8s管理 ## 开发计划 * 一期: 基础模板 (已完成) * 二期: k8s管理平台 (开发中) + * pod 列表 (已完成) ## DEMO @@ -130,6 +132,11 @@ nohup python36 manage.py runserver 0.0.0.0:8001 >> /tmp/http.log 2>&1 & ``` +## k8s模块 + +> 修改settings Token 及 APISERVER。 + + ## 异步任务 * redis diff --git a/k8s/__init__.py b/k8s/__init__.py new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/k8s/__init__.py @@ -0,0 +1 @@ + diff --git a/k8s/k8sApi/__init__.py b/k8s/k8sApi/__init__.py new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/k8s/k8sApi/__init__.py @@ -0,0 +1 @@ + diff --git a/k8s/k8sApi/core.py b/k8s/k8sApi/core.py new file mode 100644 index 0000000..24e8d41 --- /dev/null +++ b/k8s/k8sApi/core.py @@ -0,0 +1,15 @@ +from kubernetes import client, config +from seal import settings +import urllib3 + + +def K8sApi(): + urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) + configuration = client.Configuration() + configuration.host = getattr(settings, 'APISERVER') + configuration.verify_ssl = False + configuration.api_key = {"authorization": "Bearer " + getattr(settings, 'Token'), } + client.Configuration.set_default(configuration) + v1 = client.CoreV1Api() + + return v1 diff --git a/k8s/k8sApi/获取k8s admin token的方法.md b/k8s/k8sApi/获取k8s admin token的方法.md new file mode 100644 index 0000000..a459a80 --- /dev/null +++ b/k8s/k8sApi/获取k8s admin token的方法.md @@ -0,0 +1,52 @@ + +## 1.先创建 + +``` +vim k8s-admin.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: dashboard-admin + namespace: kube-system +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1beta1 +metadata: + name: dashboard-admin +subjects: + - kind: ServiceAccount + name: dashboard-admin + namespace: kube-system +roleRef: + kind: ClusterRole + name: cluster-admin + apiGroup: rbac.authorization.k8s.io + +kubectl apply -f k8s-admin.yaml +``` +## 2.获取name +``` +kubectl get secret -n kube-system +NAME TYPE DATA AGE +dashboard-admin-token-dhhmc kubernetes.io/service-account-token 3 69s +``` + +## 3.查询token +``` +[root@k8s-master ~]# kubectl describe secret dashboard-admin-token-dhhmc -n kube-system +Name: dashboard-admin-token-dhhmc +Namespace: kube-system +Labels: +Annotations: kubernetes.io/service-account.name: dashboard-admin + kubernetes.io/service-account.uid: 98d070eb-875c-11e9-a538-000c297b4fe7 + + +Type: kubernetes.io/service-account-token + + +Data +==== +ca.crt: 1025 bytes +namespace: 11 bytes +token: eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tZGhobWMiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiOThkMDcwZWItODc1Yy0xMWU5LWE1MzgtMDAwYzI5N2I0ZmU3Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.XDFpez2E84R_zlopt_uEHPvVGUtSavypyix6UcYJO3J4imHdJy7MEkfV-wltBA1H8x0TT2AW64rLlXaRJ8OkFWJ0myedfKdjnf7i0oLQ8j-7lw6rT3A0e2pKmpnOaBQfgzRm83-t2I5MMp3Iu9VNUiAbqQpjql4AKwRuJEEGCs99tKStUxzIsJKusmUHh9KAK4BAxySn9h16T2URZ7czLP4mty2crYWNV4KwSwFPthGhFPsl8mnet_hiV5k4me5a8frmXytOy64MmGW8w3TBgiM-7hBYSxt84QGGnyi84LU0EFgtLwBWEOTZeUKKQ6IkoAprMmNcSxX8WUJFlx_uJg +``` \ No newline at end of file diff --git a/k8s/models.py b/k8s/models.py new file mode 100644 index 0000000..4167352 --- /dev/null +++ b/k8s/models.py @@ -0,0 +1,3 @@ +from django.db import models + + diff --git a/k8s/tests.py b/k8s/tests.py new file mode 100644 index 0000000..3d29e55 --- /dev/null +++ b/k8s/tests.py @@ -0,0 +1,21 @@ + +from kubernetes import client, config + + +def main(): + Token = "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tZGhobWMiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiOThkMDcwZWItODc1Yy0xMWU5LWE1MzgtMDAwYzI5N2I0ZmU3Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.XDFpez2E84R_zlopt_uEHPvVGUtSavypyix6UcYJO3J4imHdJy7MEkfV-wltBA1H8x0TT2AW64rLlXaRJ8OkFWJ0myedfKdjnf7i0oLQ8j-7lw6rT3A0e2pKmpnOaBQfgzRm83-t2I5MMp3Iu9VNUiAbqQpjql4AKwRuJEEGCs99tKStUxzIsJKusmUHh9KAK4BAxySn9h16T2URZ7czLP4mty2crYWNV4KwSwFPthGhFPsl8mnet_hiV5k4me5a8frmXytOy64MmGW8w3TBgiM-7hBYSxt84QGGnyi84LU0EFgtLwBWEOTZeUKKQ6IkoAprMmNcSxX8WUJFlx_uJg" + APISERVER = 'https://192.168.100.111:6443' + configuration = client.Configuration() + configuration.host = APISERVER + configuration.verify_ssl = False + configuration.api_key = {"authorization": "Bearer " + Token} + client.Configuration.set_default(configuration) + v1 = client.CoreV1Api() + ret = v1.list_pod_for_all_namespaces(watch=False) + for i in ret.items: + print("%s\t%s\t%s" % + (i.status.pod_ip, i.metadata.namespace, i.metadata.name)) + + +if __name__ == '__main__': + main() \ No newline at end of file diff --git a/k8s/urls.py b/k8s/urls.py new file mode 100644 index 0000000..872c771 --- /dev/null +++ b/k8s/urls.py @@ -0,0 +1,7 @@ +from django.urls import path +from k8s import views +app_name = "k8s" + +urlpatterns = [ + path('k8s-pod-list', views.K8sPodListView.as_view(), name='k8s-pod-list'), +] diff --git a/k8s/views.py b/k8s/views.py new file mode 100644 index 0000000..fd37ba1 --- /dev/null +++ b/k8s/views.py @@ -0,0 +1,27 @@ +import logging +import json +from django.urls import reverse_lazy +from django.db.models import Q +from django.conf import settings +from pure_pagination import PageNotAnInteger +from pure_pagination import Paginator +from django.shortcuts import render, HttpResponse +from system.decorator.get_list import get_list +from django.contrib.auth.mixins import LoginRequiredMixin, PermissionRequiredMixin +from django.views.generic import ListView, View, DetailView, CreateView, UpdateView +from assets.models import Ecs +from k8s.k8sApi.core import K8sApi + +logger = logging.getLogger('k8s') + + +class K8sPodListView(LoginRequiredMixin, PermissionRequiredMixin, View): + permission_required = ('k8s.view_ecs',) + template_name = 'k8s/k8s-pod-list.html' + + def get(self, request): + ret = K8sApi().list_pod_for_all_namespaces(watch=False) + data = {} + for i in ret.items: + data[i.metadata.name] = {"ip": i.status.pod_ip, "namespace": i.metadata.namespace} + return render(request, "k8s/k8s-pod-list.html", {"data": data}) diff --git a/seal/settings.py b/seal/settings.py index 7911a1b..0f865f5 100644 --- a/seal/settings.py +++ b/seal/settings.py @@ -247,3 +247,8 @@ CORS_ORIGIN_WHITELIST = ( '*', ) MIDDLEWARE_CLASSES = ('system.views.DisableCSRFCheck',) + + +## K8S +Token = "eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJkYXNoYm9hcmQtYWRtaW4tdG9rZW4tZGhobWMiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGFzaGJvYXJkLWFkbWluIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiOThkMDcwZWItODc1Yy0xMWU5LWE1MzgtMDAwYzI5N2I0ZmU3Iiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmRhc2hib2FyZC1hZG1pbiJ9.XDFpez2E84R_zlopt_uEHPvVGUtSavypyix6UcYJO3J4imHdJy7MEkfV-wltBA1H8x0TT2AW64rLlXaRJ8OkFWJ0myedfKdjnf7i0oLQ8j-7lw6rT3A0e2pKmpnOaBQfgzRm83-t2I5MMp3Iu9VNUiAbqQpjql4AKwRuJEEGCs99tKStUxzIsJKusmUHh9KAK4BAxySn9h16T2URZ7czLP4mty2crYWNV4KwSwFPthGhFPsl8mnet_hiV5k4me5a8frmXytOy64MmGW8w3TBgiM-7hBYSxt84QGGnyi84LU0EFgtLwBWEOTZeUKKQ6IkoAprMmNcSxX8WUJFlx_uJg" +APISERVER = 'https://192.168.100.111:6443' \ No newline at end of file diff --git a/seal/urls.py b/seal/urls.py index 314b297..41d8515 100644 --- a/seal/urls.py +++ b/seal/urls.py @@ -15,6 +15,7 @@ urlpatterns = [ path('index', index, name="index"), path('system/', include('system.urls', namespace='system')), path('assets/', include('assets.urls', namespace='assets')), + path('k8s/', include('k8s.urls', namespace='k8s')), path('admin/', admin.site.urls, ), path('api/token', views.obtain_auth_token), path('api/docs/', include_docs_urls(title=API_TITLE, description=API_DESCRIPTION, authentication_classes=[], diff --git a/templates/assets/ecs-list.html b/templates/assets/ecs-list.html index f28b2e8..b39edeb 100644 --- a/templates/assets/ecs-list.html +++ b/templates/assets/ecs-list.html @@ -90,7 +90,7 @@
{% csrf_token %} - +
diff --git a/templates/base/_nav.html b/templates/base/_nav.html index 9f4469b..5121aa8 100644 --- a/templates/base/_nav.html +++ b/templates/base/_nav.html @@ -53,6 +53,19 @@ {% endif %} + + +
  • + k8s管理 + + +
      + {% if perms.k8s.view_ecs %} +
    • + Pod列表 +
      • + {% endif %} +
    • diff --git a/templates/k8s/k8s-pod-list.html b/templates/k8s/k8s-pod-list.html new file mode 100644 index 0000000..b8d004e --- /dev/null +++ b/templates/k8s/k8s-pod-list.html @@ -0,0 +1,141 @@ +{% extends "base/base.html" %} +{% load asset_filter %} +{% load bootstrap4 %} +{% load static %} +{% block header-css %} + + + + + +{% endblock %} + +{% block title %}K8S{% endblock %} + + + +{% block page-content %} + + +
    +
    +
    + +
    + +
    +
    Pod列表
    +
    + + + + + + +
    +
    +
    + + + +
    + + + + {% csrf_token %} +
    + + + + + + + + + + + + {% for k,v in data.items %} + + + + + + + + + +{# {% if perms.assets.view_ecs %}#} +{# 详情#} +{# {% endif %}#} +{# {% if perms.assets.change_ecs %}#} +{# 编辑#} +{# {% endif %}#} +{# {% if perms.assets.delete_ecs %}#} +{# 删除#} +{# {% endif %}#} + + + {% endfor %} + + +
    主机名ip命名空间操作
    +
    {{ k }}
    +     		+
    {{ v.ip }}
    +     		+
    {{ v.namespace}}
    +     		+ +
    + +
    + + + + + + + + + + + + + + + + + {% block footer-js %} + + + {% endblock %} + +{% endblock %}