From ce5aae379565b46360b0f43aea6180fb9a963c40 Mon Sep 17 00:00:00 2001 From: xiaojunnuo Date: Fri, 8 Jan 2021 13:01:35 +0800 Subject: [PATCH] =?UTF-8?q?refactor:=20tke=20ingress=20=E5=86=85=E7=BD=91?= =?UTF-8?q?=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- packages/plugins/package-lock.json | 190 +++++++++++++++++- .../tencent/deploy-to-tke-ingress/index.js | 9 +- packages/plugins/src/utils/util.k8s.client.js | 34 +++- .../tencent/deploy-to-tke-ingress.test.js | 27 +-- 4 files changed, 242 insertions(+), 18 deletions(-) diff --git a/packages/plugins/package-lock.json b/packages/plugins/package-lock.json index 598c6be2..83a0e008 100644 --- a/packages/plugins/package-lock.json +++ b/packages/plugins/package-lock.json @@ -131,6 +131,70 @@ "to-fast-properties": "^2.0.0" } }, + "@certd/acme-client": { + "version": "0.1.6", + "resolved": "https://registry.npmjs.org/@certd/acme-client/-/acme-client-0.1.6.tgz", + "integrity": "sha512-XffzB/QHRj61gUHXor1B8R2TVt7HnklJpjAbwQi8vHjBGloU8I3occJxIunoh1AShhc4wsxnc+h/D5yRIUp17A==", + "requires": { + "axios": "0.21.1", + "backo2": "^1.0.0", + "bluebird": "^3.5.0", + "debug": "^4.1.1", + "log4js": "^6.3.0", + "node-forge": "^0.10.0" + }, + "dependencies": { + "debug": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", + "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", + "requires": { + "ms": "2.1.2" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + } + } + }, + "@certd/api": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/@certd/api/-/api-0.1.7.tgz", + "integrity": "sha512-2spEdF9A6Tpe5KwkbWV1zE9Zwql04DrG5KlWRUsn8kLvwY6qfdDsdCsNoFf1+XDytn4OYH5nfrMGZBi8TpG84w==", + "requires": { + "axios": "^0.21.1", + "dayjs": "^1.9.7", + "lodash-es": "^4.17.20", + "log4js": "^6.3.0", + "qs": "^6.9.4" + } + }, + "@certd/certd": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/@certd/certd/-/certd-0.1.7.tgz", + "integrity": "sha512-h+YWlcXzdQk3dbhK7u0guwyzotKRtsIA9zTaHdViWlMDlT9/oO9QflFoo8x8wA1Xx/Vd90APT6EEBnizgOXxsQ==", + "requires": { + "@certd/acme-client": "^0.1.6", + "@certd/api": "^0.1.7", + "@certd/providers": "^0.1.7", + "dayjs": "^1.9.7", + "lodash-es": "^4.17.20", + "node-forge": "^0.10.0" + } + }, + "@certd/providers": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/@certd/providers/-/providers-0.1.7.tgz", + "integrity": "sha512-ACiFNhRBVWB5Nyui3RTuAX0oTVkuWi0zopO1qMzbA/2iOrtFAoNs3I5DSLpZxS3d1erKcOq+Lx7Rm0rZxiL6wg==", + "requires": { + "@alicloud/pop-core": "^1.7.10", + "@certd/api": "^0.1.7", + "lodash-es": "^4.17.20", + "tencentcloud-sdk-nodejs": "^4.0.44" + } + }, "@eslint/eslintrc": { "version": "0.2.2", "resolved": "https://registry.npm.taobao.org/@eslint/eslintrc/download/@eslint/eslintrc-0.2.2.tgz?cache=0&sync_timestamp=1607145629875&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2F%40eslint%2Feslintrc%2Fdownload%2F%40eslint%2Feslintrc-0.2.2.tgz", @@ -476,6 +540,14 @@ "resolved": "https://registry.npm.taobao.org/aws4/download/aws4-1.11.0.tgz?cache=0&sync_timestamp=1604101166484&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Faws4%2Fdownload%2Faws4-1.11.0.tgz", "integrity": "sha1-1h9G2DslGSUOJ4Ta9bCUeai0HFk=" }, + "axios": { + "version": "0.21.1", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.1.tgz", + "integrity": "sha512-dKQiRHxGD9PPRIUNIWvZhPTPpl1rf/OxTYKsqKUDjBwYylTvV7SjSHJb9ratfyzM6wCdLCOYLzs73qpg5c4iGA==", + "requires": { + "follow-redirects": "^1.10.0" + } + }, "babel-eslint": { "version": "10.1.0", "resolved": "https://registry.npm.taobao.org/babel-eslint/download/babel-eslint-10.1.0.tgz?cache=0&sync_timestamp=1599054223324&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Fbabel-eslint%2Fdownload%2Fbabel-eslint-10.1.0.tgz", @@ -489,6 +561,11 @@ "resolve": "^1.12.0" } }, + "backo2": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/backo2/-/backo2-1.0.2.tgz", + "integrity": "sha1-MasayLEpNjRj41s+u2n038+6eUc=" + }, "balanced-match": { "version": "1.0.0", "resolved": "https://registry.npm.taobao.org/balanced-match/download/balanced-match-1.0.0.tgz", @@ -518,6 +595,11 @@ "integrity": "sha1-MPpAyef+B9vIlWeM0ocCTeokHdk=", "dev": true }, + "bluebird": { + "version": "3.7.2", + "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.7.2.tgz", + "integrity": "sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==" + }, "brace-expansion": { "version": "1.1.11", "resolved": "https://registry.npm.taobao.org/brace-expansion/download/brace-expansion-1.1.11.tgz?cache=0&sync_timestamp=1601898189928&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Fbrace-expansion%2Fdownload%2Fbrace-expansion-1.1.11.tgz", @@ -762,6 +844,11 @@ "assert-plus": "^1.0.0" } }, + "date-format": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/date-format/-/date-format-3.0.0.tgz", + "integrity": "sha512-eyTcpKOcamdhWJXj56DpQMo1ylSQpcGtGKXcU0Tb97+K56/CF5amAqqqNj0+KvA0iw2ynxtHWFsPDSClCxe48w==" + }, "dayjs": { "version": "1.10.2", "resolved": "https://registry.npm.taobao.org/dayjs/download/dayjs-1.10.2.tgz?cache=0&sync_timestamp=1609889274763&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Fdayjs%2Fdownload%2Fdayjs-1.10.2.tgz", @@ -1406,6 +1493,16 @@ } } }, + "flatted": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-2.0.2.tgz", + "integrity": "sha512-r5wGx7YeOwNWNlCA0wQ86zKyDLMQr+/RB8xy74M4hTphfmjlijTSSXGuH8rnvKZnfT9i+75zmd8jcKdMR4O6jA==" + }, + "follow-redirects": { + "version": "1.13.1", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.13.1.tgz", + "integrity": "sha512-SSG5xmZh1mkPGyKzjZP8zLjltIfpW32Y5QpdNJyjcfGxK3qo3NDDkZOZSFiGn1A6SclQxY9GzEwAHQ3dmYRWpg==" + }, "forever-agent": { "version": "0.6.1", "resolved": "https://registry.npm.taobao.org/forever-agent/download/forever-agent-0.6.1.tgz", @@ -1421,6 +1518,16 @@ "mime-types": "^2.1.12" } }, + "fs-extra": { + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz", + "integrity": "sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==", + "requires": { + "graceful-fs": "^4.2.0", + "jsonfile": "^4.0.0", + "universalify": "^0.1.0" + } + }, "fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npm.taobao.org/fs.realpath/download/fs.realpath-1.0.0.tgz", @@ -1537,8 +1644,7 @@ "graceful-fs": { "version": "4.2.4", "resolved": "https://registry.npm.taobao.org/graceful-fs/download/graceful-fs-4.2.4.tgz", - "integrity": "sha1-Ila94U02MpWMRl68ltxGfKB6Kfs=", - "dev": true + "integrity": "sha1-Ila94U02MpWMRl68ltxGfKB6Kfs=" }, "growl": { "version": "1.10.5", @@ -1923,6 +2029,14 @@ "minimist": "^1.2.0" } }, + "jsonfile": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz", + "integrity": "sha1-h3Gq4HmbZAdrdmQPygWPnBDjPss=", + "requires": { + "graceful-fs": "^4.1.6" + } + }, "jsonpath-plus": { "version": "0.19.0", "resolved": "https://registry.npm.taobao.org/jsonpath-plus/download/jsonpath-plus-0.19.0.tgz", @@ -2083,6 +2197,33 @@ } } }, + "log4js": { + "version": "6.3.0", + "resolved": "https://registry.npmjs.org/log4js/-/log4js-6.3.0.tgz", + "integrity": "sha512-Mc8jNuSFImQUIateBFwdOQcmC6Q5maU0VVvdC2R6XMb66/VnT+7WS4D/0EeNMZu1YODmJe5NIn2XftCzEocUgw==", + "requires": { + "date-format": "^3.0.0", + "debug": "^4.1.1", + "flatted": "^2.0.1", + "rfdc": "^1.1.4", + "streamroller": "^2.2.4" + }, + "dependencies": { + "debug": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", + "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", + "requires": { + "ms": "2.1.2" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + } + } + }, "loose-envify": { "version": "1.4.0", "resolved": "https://registry.npm.taobao.org/loose-envify/download/loose-envify-1.4.0.tgz", @@ -2287,6 +2428,11 @@ "resolved": "https://registry.npm.taobao.org/node-fetch/download/node-fetch-2.6.1.tgz?cache=0&sync_timestamp=1599309179354&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Fnode-fetch%2Fdownload%2Fnode-fetch-2.6.1.tgz", "integrity": "sha1-BFvTI2Mfdu0uK1VXM5RBa2OaAFI=" }, + "node-forge": { + "version": "0.10.0", + "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.10.0.tgz", + "integrity": "sha512-PPmu8eEeG9saEUvI97fm4OYxXVB6bFvyNTyiUOBichBpFG8A1Ljw3bY62+5oOjDEMHRnd0Y7HQ+x7uzxOzC6JA==" + }, "normalize-package-data": { "version": "2.5.0", "resolved": "https://registry.npm.taobao.org/normalize-package-data/download/normalize-package-data-2.5.0.tgz?cache=0&sync_timestamp=1602547447569&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Fnormalize-package-data%2Fdownload%2Fnormalize-package-data-2.5.0.tgz", @@ -2795,6 +2941,11 @@ "lowercase-keys": "^1.0.0" } }, + "rfdc": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/rfdc/-/rfdc-1.1.4.tgz", + "integrity": "sha512-5C9HXdzK8EAqN7JDif30jqsBzavB7wLpaubisuQIGHWf2gUXSpzy6ArX/+Da8RjFpagWsCn+pIgxTMAmKw9Zug==" + }, "rimraf": { "version": "3.0.2", "resolved": "https://registry.npm.taobao.org/rimraf/download/rimraf-3.0.2.tgz?cache=0&sync_timestamp=1599054104695&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Frimraf%2Fdownload%2Frimraf-3.0.2.tgz", @@ -2991,6 +3142,36 @@ "tweetnacl": "~0.14.0" } }, + "streamroller": { + "version": "2.2.4", + "resolved": "https://registry.npmjs.org/streamroller/-/streamroller-2.2.4.tgz", + "integrity": "sha512-OG79qm3AujAM9ImoqgWEY1xG4HX+Lw+yY6qZj9R1K2mhF5bEmQ849wvrb+4vt4jLMLzwXttJlQbOdPOQVRv7DQ==", + "requires": { + "date-format": "^2.1.0", + "debug": "^4.1.1", + "fs-extra": "^8.1.0" + }, + "dependencies": { + "date-format": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/date-format/-/date-format-2.1.0.tgz", + "integrity": "sha512-bYQuGLeFxhkxNOF3rcMtiZxvCBAquGzZm6oWA1oZ0g2THUzivaRhv8uOhdr19LmoobSOLoIAxeUK2RdbM8IFTA==" + }, + "debug": { + "version": "4.3.1", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", + "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", + "requires": { + "ms": "2.1.2" + } + }, + "ms": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" + } + } + }, "streamsearch": { "version": "0.1.2", "resolved": "https://registry.npm.taobao.org/streamsearch/download/streamsearch-0.1.2.tgz", @@ -3215,6 +3396,11 @@ "resolved": "https://registry.npm.taobao.org/underscore/download/underscore-1.12.0.tgz?cache=0&sync_timestamp=1606179462980&other_urls=https%3A%2F%2Fregistry.npm.taobao.org%2Funderscore%2Fdownload%2Funderscore-1.12.0.tgz", "integrity": "sha1-SBSUBVH8gFh873hA0euw8WRTvpc=" }, + "universalify": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", + "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==" + }, "uri-js": { "version": "4.4.0", "resolved": "https://registry.npm.taobao.org/uri-js/download/uri-js-4.4.0.tgz", diff --git a/packages/plugins/src/tencent/deploy-to-tke-ingress/index.js b/packages/plugins/src/tencent/deploy-to-tke-ingress/index.js index 81c48864..ee3a0435 100644 --- a/packages/plugins/src/tencent/deploy-to-tke-ingress/index.js +++ b/packages/plugins/src/tencent/deploy-to-tke-ingress/index.js @@ -1,7 +1,7 @@ import { AbstractTencentPlugin } from '../../tencent/abstract-tencent.js' import tencentcloud from 'tencentcloud-sdk-nodejs' import { K8sClient } from '../../utils/util.k8s.client.js' - +import dns from 'dns' export class DeployCertToTencentTKEIngress extends AbstractTencentPlugin { /** * 插件定义 @@ -37,6 +37,10 @@ export class DeployCertToTencentTKEIngress extends AbstractTencentPlugin { label: 'ingress名称', desc: '支持多个(传入数组)' }, + innerIp: { + type: String, + label: '集群内网ip' + }, accessProvider: { label: 'Access提供者', type: [String, Object], @@ -58,6 +62,9 @@ export class DeployCertToTencentTKEIngress extends AbstractTencentPlugin { this.logger.info('kubeconfig已成功获取') const k8sClient = new K8sClient(kubeConfigStr) + if (props.innerIp != null) { + k8sClient.setLookup({ [`${props.clusterId}.ccs.tencent-cloud.com`]: { ip: props.innerIp } }) + } await this.patchCertSecret({ k8sClient, props, context }) await this.sleep(2000) // 停留2秒,等待secret部署完成 await this.restartIngress({ k8sClient, props }) diff --git a/packages/plugins/src/utils/util.k8s.client.js b/packages/plugins/src/utils/util.k8s.client.js index 0c558ca7..96fe8a3d 100644 --- a/packages/plugins/src/utils/util.k8s.client.js +++ b/packages/plugins/src/utils/util.k8s.client.js @@ -1,17 +1,45 @@ import kubernetesClient from 'kubernetes-client' import { util } from '@certd/api' import Request from 'kubernetes-client/backends/request/index.js' +import dns from 'dns' const { KubeConfig, Client } = kubernetesClient const logger = util.logger + export class K8sClient { constructor (kubeConfigStr) { - const kubeconfig = new KubeConfig() - kubeconfig.loadFromString(kubeConfigStr) + this.kubeConfigStr = kubeConfigStr + this.init() + } - const backend = new Request({ kubeconfig }) + init () { + const kubeconfig = new KubeConfig() + kubeconfig.loadFromString(this.kubeConfigStr) + const reqOpts = { kubeconfig, request: {} } + if (this.lookup) { + reqOpts.request.lookup = this.lookup + } + + const backend = new Request(reqOpts) this.client = new Client({ backend, version: '1.13' }) } + /** + * + * @param localRecords { [domain]:{ip:'xxx.xx.xxx'} } + */ + setLookup (localRecords) { + this.lookup = (hostnameReq, options, callback) => { + logger.info('custom lookup', hostnameReq, localRecords) + if (localRecords[hostnameReq]) { + logger.info('local record', hostnameReq, localRecords[hostnameReq]) + callback(null, localRecords[hostnameReq].ip, 4) + } else { + dns.lookup(hostnameReq, options, callback) + } + } + this.init() + } + /** * 查询 secret列表 * @param opts = {namespace:default} diff --git a/packages/plugins/test/tencent/deploy-to-tke-ingress.test.js b/packages/plugins/test/tencent/deploy-to-tke-ingress.test.js index fc315ca2..10cef0c1 100644 --- a/packages/plugins/test/tencent/deploy-to-tke-ingress.test.js +++ b/packages/plugins/test/tencent/deploy-to-tke-ingress.test.js @@ -36,18 +36,21 @@ describe('DeployCertToTencentTKEIngress', function () { // console.log('kubeConfig:', kubeConfig) // }) // - // it('#getTKESecrets', async function () { - // this.timeout(5000) - // const { options, deployOpts } = await getOptions() - // const plugin = new DeployCertToTencentTKEIngress() - // const tkeClient = plugin.getTkeClient(options.accessProviders[deployOpts.props.accessProvider], deployOpts.props.region) - // const kubeConfig = await plugin.getTkeKubeConfig(tkeClient, deployOpts.props) - // - // const k8sClient = new K8sClient(kubeConfig) - // const secrets = await k8sClient.getSecret() - // - // console.log('secrets:', secrets) - // }) + it('#getTKESecrets', async function () { + this.timeout(5000) + const { options, deployOpts } = await getOptions() + const plugin = new DeployCertToTencentTKEIngress(options) + const tkeClient = plugin.getTkeClient(options.accessProviders[deployOpts.props.accessProvider], deployOpts.props.region) + const kubeConfig = await plugin.getTkeKubeConfig(tkeClient, deployOpts.props.clusterId) + + const k8sClient = new K8sClient(kubeConfig) + k8sClient.setLookup({ + 'cls-6lbj1vee.ccs.tencent-cloud.com': { ip: '13.123.123.123' } + }) + const secrets = await k8sClient.getSecret() + + console.log('secrets:', secrets) + }) // // it('#patchTKECertSecrets', async function () { // this.timeout(5000)