in eksupdate/src/preflight_module.py [0:0]
def check_addons_params(log_details,config,name,cluster_details,config_map,yaml_data,report,customer_report,cluster_name,region,errors):
# loading_config(cluster_name,region)
s3_config = yaml_data[name]
log_pusher(log_details,cluster_name,region,'************* Parameter check for '+name + ' *************')
print('************* Parameter check for '+name + ' *************')
# Compare image name
image_part_1 = config['image'].split('.ecr.')[0] == s3_config['image'].split('.ecr.')[0]
image_part_2 = config['image'].split('amazonaws.com/')[1].split(':v')[0] == s3_config['image'].split('amazonaws.com/')[1].split(':v')[0]
if image_part_1 and image_part_2:
report['addon_params'][name] = {'image':config['image']}
customer_report['addons'][name]["image"] = "Image Verified"
log_pusher(log_details,cluster_name,region,'Image verified')
print('Image verified')
else :
customer_report['addons'][name]["image"] = "Image Verification Failed"
log_pusher(log_details,cluster_name,region,'Image verification failed')
print('Image verification failed')
# Compare Volume Mounts
mount_paths = []
customer_report['addons'][name]["mount_paths"] = {}
report['addon_params'][name]['mount_paths'] = {}
remaining = []
for i in range(len(s3_config['volumeMount'])):
mount_paths.append(s3_config['volumeMount'][i]['mountPath'])
for i in range(len(config['volumeMount'])):
if config['volumeMount'][i].mount_path in mount_paths:
mount_paths.remove(config['volumeMount'][i].mount_path)
else :
remaining.append(config['volumeMount'][i].mount_path)
if len(mount_paths) > 0 :
customer_report['addons'][name]["mount_paths"]['message'] = 'Default mount paths are missing'
report['addon_params'][name]['mount_paths']['custom'] = True
report['addon_params'][name]['mount_paths']['default'] = ' '.join(map(str, mount_paths))
customer_report['addons'][name]["mount_paths"]['default-mountpaths'] = ' '.join(map(str, mount_paths))
log_pusher(log_details,cluster_name,region,'These mount paths are not present ' + ' '.join(map(str, mount_paths)))
print('These mount paths are not present',' '.join(map(str, mount_paths)))
if len(remaining) > 0 :
customer_report['addons'][name]["mount_paths"]['message'] = 'There are additional mount paths present'
report['addon_params'][name]['mount_paths']['custom'] = True
report['addon_params'][name]['mount_paths']['user-defined'] = ' '.join(map(str, mount_paths))
customer_report['addons'][name]["mount_paths"]['userdefined-mountpaths'] = ' '.join(map(str, mount_paths))
log_pusher(log_details,cluster_name,region,'These user defined mount paths are present' + ' '.join(map(str, mount_paths)) )
print('These user defined mount paths are present',' '.join(map(str, mount_paths)) )
if len(mount_paths) == 0 and len(remaining) == 0:
report['addon_params'][name]["mount_paths"]['custom'] = False
customer_report['addons'][name]["mount_paths"]['message'] = 'Mount paths verified successfully'
log_pusher(log_details,cluster_name,region,'Mount path verification successful')
print('Mount path verification successful')
# Compare env
if name == 'vpc-cni':
customer_report['addons'][name]["env"] = {}
report['addon_params'][name]["envs"] = {}
envs = []
extra_envs = []
for i in range(len(s3_config['env'])):
#print(s3_config['env'][i]['name'])
envs.append(s3_config['env'][i]['name'])
for i in range(len(config['env'])):
if config['env'][i].name in envs :
envs.remove(config['env'][i].name)
else :
extra_envs.append(config['env'][i].name)
if len(envs) > 0 :
#customer_report['addons'][name]["mount_paths"].append('These mount paths are not present',mount_paths)
customer_report['addons'][name]["env"]['message'] = 'Default envs are missing'
report['addon_params'][name]['envs']['custom'] = True
report['addon_params'][name]['envs']['default'] = ' '.join(map(str, envs))
customer_report['addons'][name]["env"]['default-envs'] = ' '.join(map(str, envs))
log_pusher(log_details,cluster_name,region,'These envs are not present' + ' '.join(map(str, envs)) )
print('These envs are not present' + ' '.join(map(str, envs)) )
if len(extra_envs) > 0 :
#customer_report['addons'][name]["mount_paths"].append('these user defined mount paths are not present',remaining)
report['addon_params'][name]['envs']['custom'] = True
report['addon_params'][name]['envs']['user-defined'] = ' '.join(map(str, extra_envs))
customer_report['addons'][name]["env"]['message'] = 'There are additional envs present'
log_pusher(log_details,cluster_name,region,'These user defined envs are present'+' '.join(map(str, extra_envs)) )
print('These user defined envs are present',' '.join(map(str, extra_envs)) )
customer_report['addons'][name]["env"]['userdefined-envs'] =' '.join(map(str, extra_envs))
if len(envs) == 0 and len(extra_envs) == 0:
report['addon_params'][name]["envs"]['custom'] = False
customer_report['addons'][name]["env"]['message'] = 'Envs verified successfully'
log_pusher(log_details,cluster_name,region,'Envs verification successful')
print('Envs verification successful')
if name == 'coredns':
customer_report['addons'][name]["corefile"] = {}
report['addon_params'][name]["corefile"] = {}
arr = ['errors','health','kubernetes cluster.local in-addr.arpa ip6.arpa { pods insecure fallthrough in-addr.arpa ip6.arpa }','prometheus :9153','forward . /etc/resolv.conf','cache 30','loop','reload','loadbalance','{','}']
v1 = client.CoreV1Api()
default = []
ret = v1.list_config_map_for_all_namespaces(field_selector = 'metadata.name=coredns')
corefile = yaml.safe_load(ret.items[0].data['Corefile']).split('.:53')[1]
for i in arr:
if corefile.find(i) == -1 :
default.append(i)
log_pusher(log_details,cluster_name,region,i + 'doesnt exist in corefile')
print(i + 'doesnt exist in corefile')
else:
corefile = corefile.replace(i,'')
corefile = corefile.replace(' ','')
if(len(default) > 0):
customer_report['addons'][name]["corefile"]['message'] = 'Default corefile fields are not present'
report['addon_params'][name]["corefile"]['custom'] = True
report['addon_params'][name]["corefile"]['default'] = ' '.join(map(str, default))
customer_report['addons'][name]["corefile"]['default-corefile-fields'] = ' '.join(map(str, default))
print('Default corefile fields are not present',' '.join(map(str, default)) )
if len(corefile) > 0:
customer_report['addons'][name]["corefile"]['message'] = 'There are additional fields present in corefile'
report['addon_params'][name]["corefile"]['custom'] = True
report['addon_params'][name]["corefile"]['userdefined'] = ' '.join(map(str, corefile))
customer_report['addons'][name]["corefile"]['userdefined-corefile-fields'] = ' '.join(map(str, corefile))
log_pusher(log_details,cluster_name,region,'Additional fields in corefile '+' '.join(map(str, corefile)))
print('Additional fields in corefile ',' '.join(map(str, corefile)))
if len(corefile) == 0 and len(default) == 0 :
report['addon_params'][name]["corefile"]['custom'] = False
customer_report['addons'][name]["corefile"]['message'] = 'Corefile fields verified successfully'
log_pusher(log_details,cluster_name,region,'Corefile verified successfully')
print('Corefile verified successfully')
if name == 'kube-proxy' :
report['addon_params'][name]["certificate-authority"] = {}
report['addon_params'][name]["server-endpoint"] = {}
customer_report['addons'][name]["certificate-authority"] = {}
customer_report['addons'][name]["server-endpoint"] = {}
v1 = client.CoreV1Api()
ret = v1.list_config_map_for_all_namespaces(field_selector = 'metadata.name=kube-proxy')
if yaml.safe_load(ret.items[0].data['kubeconfig'])['clusters'][0]['cluster']['certificate-authority'] == config_map['certificate-authority'] :
report['addon_params'][name]["certificate-authority"]['verified'] = True
customer_report['addons'][name]["certificate-authority"]['message'] = 'Certificate Authority Verified in kube config'
report['addon_params'][name]["certificate-authority"]['certificate'] = config_map['certificate-authority']
log_pusher(log_details,cluster_name,region,'Certificate Authority Verified in kube config')
print('Certificate Authority Verified in kube config')
else :
customer_report['addons'][name]["certificate-authority"]['message'] = 'Certificate Verification failed in kube config'
report['addon_params'][name]["certificate-authority"]['verified'] = False
report['addon_params'][name]["certificate-authority"]['certificate'] = yaml.safe_load(ret.items[0].data['kubeconfig'])['clusters'][0]['cluster']['certificate-authority']
log_pusher(log_details,cluster_name,region,'Certificate Verification failed in kube config')
print('Certificate Verification failed in kube config')
# pprint(yaml.load(ret.items[0].data['kubeconfig'])['clusters'][0]['cluster']['server'])
# pprint(yaml.load(ret.items[0].data['kubeconfig'])['clusters'][0]['cluster']['certificate-authority'])
# pprint(config_map['certificate-authority'])
server_endpoint = cluster_details['cluster']['endpoint']
if yaml.safe_load(ret.items[0].data['kubeconfig'])['clusters'][0]['cluster']['server'] == cluster_details['cluster']['endpoint'].lower():
customer_report['addons'][name]["server-endpoint"]['message'] = 'Server end point verified'
report['addon_params'][name]["server-endpoint"]['verified'] = True
report['addon_params'][name]["server-endpoint"]['server-endpoint'] = cluster_details['cluster']['endpoint'].lower()
log_pusher(log_details,cluster_name,region,'Server end point verified')
print('Server end point verified')
else :
customer_report['addons'][name]["server-endpoint"]['message'] = 'Server end point verification failed'
report['addon_params'][name]["certificate-authority"]['verified'] = False
report['addon_params'][name]["certificate-authority"]['server-endpoint'] = yaml.safe_load(ret.items[0].data['kubeconfig'])['clusters'][0]['cluster']['server']
log_pusher(log_details,cluster_name,region,' Server end point verification failed')
print(' Server end point verification failed')