diff options
Diffstat (limited to 'app/services/clusters/gcp')
4 files changed, 0 insertions, 264 deletions
diff --git a/app/services/clusters/gcp/fetch_operation_service.rb b/app/services/clusters/gcp/fetch_operation_service.rb deleted file mode 100644 index 6c648b443a0..00000000000 --- a/app/services/clusters/gcp/fetch_operation_service.rb +++ /dev/null @@ -1,31 +0,0 @@ -# frozen_string_literal: true - -module Clusters - module Gcp - class FetchOperationService - def execute(provider) - operation = provider.api_client.projects_zones_operations( - provider.gcp_project_id, - provider.zone, - provider.operation_id) - - yield(operation) if block_given? - rescue Google::Apis::ServerError, Google::Apis::ClientError, Google::Apis::AuthorizationError => e - logger.error( - exception: e.class.name, - service: self.class.name, - provider_id: provider.id, - message: e.message - ) - - provider.make_errored!("Failed to request to CloudPlatform; #{e.message}") - end - - private - - def logger - @logger ||= Gitlab::Kubernetes::Logger.build - end - end - end -end diff --git a/app/services/clusters/gcp/finalize_creation_service.rb b/app/services/clusters/gcp/finalize_creation_service.rb deleted file mode 100644 index 73d6fc4dc8f..00000000000 --- a/app/services/clusters/gcp/finalize_creation_service.rb +++ /dev/null @@ -1,127 +0,0 @@ -# frozen_string_literal: true - -module Clusters - module Gcp - class FinalizeCreationService - attr_reader :provider - - def execute(provider) - @provider = provider - - configure_provider - create_gitlab_service_account! - configure_kubernetes - configure_pre_installed_knative if provider.knative_pre_installed? - cluster.save! - rescue Google::Apis::ServerError, Google::Apis::ClientError, Google::Apis::AuthorizationError => e - log_service_error(e.class.name, provider.id, e.message) - provider.make_errored!(s_('ClusterIntegration|Failed to request to Google Cloud Platform: %{message}') % { message: e.message }) - rescue Kubeclient::HttpError => e - log_service_error(e.class.name, provider.id, e.message) - provider.make_errored!(s_('ClusterIntegration|Failed to run Kubeclient: %{message}') % { message: e.message }) - rescue ActiveRecord::RecordInvalid => e - log_service_error(e.class.name, provider.id, e.message) - provider.make_errored!(s_('ClusterIntegration|Failed to configure Google Kubernetes Engine Cluster: %{message}') % { message: e.message }) - end - - private - - def create_gitlab_service_account! - Clusters::Kubernetes::CreateOrUpdateServiceAccountService.gitlab_creator( - kube_client, - rbac: create_rbac_cluster? - ).execute - end - - def configure_provider - provider.endpoint = gke_cluster.endpoint - provider.status_event = :make_created - end - - def configure_kubernetes - cluster.platform_type = :kubernetes - cluster.build_platform_kubernetes( - api_url: 'https://' + gke_cluster.endpoint, - ca_cert: Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate), - authorization_type: authorization_type, - token: request_kubernetes_token) - end - - def configure_pre_installed_knative - knative = cluster.build_application_knative( - hostname: 'example.com' - ) - knative.make_pre_installed! - end - - def request_kubernetes_token - Clusters::Kubernetes::FetchKubernetesTokenService.new( - kube_client, - Clusters::Kubernetes::GITLAB_ADMIN_TOKEN_NAME, - Clusters::Kubernetes::GITLAB_SERVICE_ACCOUNT_NAMESPACE - ).execute - end - - def authorization_type - create_rbac_cluster? ? 'rbac' : 'abac' - end - - def create_rbac_cluster? - !provider.legacy_abac? - end - - def kube_client - @kube_client ||= build_kube_client!( - 'https://' + gke_cluster.endpoint, - Base64.decode64(gke_cluster.master_auth.cluster_ca_certificate) - ) - end - - def build_kube_client!(api_url, ca_pem) - raise "Incomplete settings" unless api_url - - Gitlab::Kubernetes::KubeClient.new( - api_url, - auth_options: { bearer_token: provider.access_token }, - ssl_options: kubeclient_ssl_options(ca_pem), - http_proxy_uri: ENV['http_proxy'] - ) - end - - def kubeclient_ssl_options(ca_pem) - opts = { verify_ssl: OpenSSL::SSL::VERIFY_PEER } - - if ca_pem.present? - opts[:cert_store] = OpenSSL::X509::Store.new - opts[:cert_store].add_cert(OpenSSL::X509::Certificate.new(ca_pem)) - end - - opts - end - - def gke_cluster - @gke_cluster ||= provider.api_client.projects_zones_clusters_get( - provider.gcp_project_id, - provider.zone, - cluster.name) - end - - def cluster - @cluster ||= provider.cluster - end - - def logger - @logger ||= Gitlab::Kubernetes::Logger.build - end - - def log_service_error(exception, provider_id, message) - logger.error( - exception: exception.class.name, - service: self.class.name, - provider_id: provider_id, - message: message - ) - end - end - end -end diff --git a/app/services/clusters/gcp/provision_service.rb b/app/services/clusters/gcp/provision_service.rb deleted file mode 100644 index 7dc2d3c32f1..00000000000 --- a/app/services/clusters/gcp/provision_service.rb +++ /dev/null @@ -1,56 +0,0 @@ -# frozen_string_literal: true - -module Clusters - module Gcp - class ProvisionService - CLOUD_RUN_ADDONS = %i[http_load_balancing istio_config cloud_run_config].freeze - - attr_reader :provider - - def execute(provider) - @provider = provider - - get_operation_id do |operation_id| - if provider.make_creating(operation_id) - WaitForClusterCreationWorker.perform_in( - Clusters::Gcp::VerifyProvisionStatusService::INITIAL_INTERVAL, - provider.cluster_id) - else - provider.make_errored!("Failed to update provider record; #{provider.errors}") - end - end - end - - private - - def get_operation_id - enable_addons = provider.cloud_run? ? CLOUD_RUN_ADDONS : [] - - operation = provider.api_client.projects_zones_clusters_create( - provider.gcp_project_id, - provider.zone, - provider.cluster.name, - provider.num_nodes, - machine_type: provider.machine_type, - legacy_abac: provider.legacy_abac, - enable_addons: enable_addons - ) - - unless operation.status == 'PENDING' || operation.status == 'RUNNING' - return provider.make_errored!("Operation status is unexpected; #{operation.status_message}") - end - - operation_id = provider.api_client.parse_operation_id(operation.self_link) - - unless operation_id - return provider.make_errored!('Can not find operation_id from self_link') - end - - yield(operation_id) - - rescue Google::Apis::ServerError, Google::Apis::ClientError, Google::Apis::AuthorizationError => e - provider.make_errored!("Failed to request to CloudPlatform; #{e.message}") - end - end - end -end diff --git a/app/services/clusters/gcp/verify_provision_status_service.rb b/app/services/clusters/gcp/verify_provision_status_service.rb deleted file mode 100644 index ddb2832aae6..00000000000 --- a/app/services/clusters/gcp/verify_provision_status_service.rb +++ /dev/null @@ -1,50 +0,0 @@ -# frozen_string_literal: true - -module Clusters - module Gcp - class VerifyProvisionStatusService - attr_reader :provider - - INITIAL_INTERVAL = 2.minutes - EAGER_INTERVAL = 10.seconds - TIMEOUT = 20.minutes - - def execute(provider) - @provider = provider - - request_operation do |operation| - case operation.status - when 'PENDING', 'RUNNING' - continue_creation(operation) - when 'DONE' - finalize_creation - else - provider.make_errored!("Unexpected operation status; #{operation.status} #{operation.status_message}") - end - end - end - - private - - def continue_creation(operation) - if elapsed_time_from_creation(operation) < TIMEOUT - WaitForClusterCreationWorker.perform_in(EAGER_INTERVAL, provider.cluster_id) - else - provider.make_errored!(_('Kubernetes cluster creation time exceeds timeout; %{timeout}') % { timeout: TIMEOUT }) - end - end - - def elapsed_time_from_creation(operation) - Time.current.utc - operation.start_time.to_time.utc - end - - def finalize_creation - Clusters::Gcp::FinalizeCreationService.new.execute(provider) - end - - def request_operation(&blk) - Clusters::Gcp::FetchOperationService.new.execute(provider, &blk) - end - end - end -end |