varnitgoyal95/deployment-portal-be
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8feb15470edb9a587085b880987f67f4236520c3
deployment-portal-be/scripts/migrate_from_shared_alb.py
Ashvin Sharma 78e4611382 INFRA-1847 | Ashvin | Fix sharedAlb migration script
2023-05-24 13:13:54 +05:30

109 lines
4.6 KiB
Python
Raw Blame History

import json
import shlex
import subprocess
import sys
import time
import requests
url = "https://deployment-portal.cmd.navi-tech.in"
s = requests.Session()
cookie = "" # FILL ME
x_xsrf_token = "" # FILL ME
s.headers.update({'cookie': cookie, 'x-xsrf-token': x_xsrf_token})
list_manifest_path = "/api/manifest/list"
product = "lending" # lending, gi, sa, navi-pay
certificate = ""
security_groups = "" # internal, office-ip
access_log_bucket = ""
subnets = ""
env = "dev"
ns = "dev"
r = s.get(url + list_manifest_path)
manifest_list = r.json()
env_manifest_list = [manifest for manifest in manifest_list if
manifest['environment'] == env]
def change_name(cluster, manifest_name, namespace, lb_name_by_user, lb_type):
group_name = f"{namespace}-internal"
attributes = f"idle_timeout.timeout_seconds=60,access_logs.s3.enabled=true,access_" \
f"logs.s3.bucket={access_log_bucket},access_logs.s3.prefix={group_name}"
tags = f"Name=shared-alb-{group_name},Ingress=shared-alb-{group_name},Owner=shared," \
f"Team=Shared,Product={product},Environment={env}"
annotations = {
"alb.ingress.kubernetes.io/actions.ssl-redirect": "{\"Type\": \"redirect\", "
"\"RedirectConfig\": { \"Protocol\": "
"\"HTTPS\", \"Port\": \"443\", "
"\"StatusCode\": \"HTTP_301\"}}",
"alb.ingress.kubernetes.io/certificate-arn": certificate,
"alb.ingress.kubernetes.io/group.name": group_name,
"alb.ingress.kubernetes.io/listen-ports": "[{ \"HTTPS\": 443 },{\"HTTP\": 80}]",
"alb.ingress.kubernetes.io/load-balancer-attributes": attributes,
"alb.ingress.kubernetes.io/scheme": "internal",
"alb.ingress.kubernetes.io/security-groups": security_groups,
"alb.ingress.kubernetes.io/ssl-policy": "ELBSecurityPolicy-TLS-1-2-2017-01",
"alb.ingress.kubernetes.io/subnets": subnets,
"alb.ingress.kubernetes.io/tags": tags,
"alb.ingress.kubernetes.io/target-type": "ip",
"kubernetes.io/ingress.class": "alb",
} if lb_type == "sharedAlb" else {}
lb_name = f"{manifest_name}-navi-service-{lb_type.lower()}"
new_lb_name = f"{manifest_name}-navi-service-sharedalb"
if lb_name_by_user != "":
lb_name = f"{lb_name}-{lb_name_by_user.lower()}"
new_lb_name = f"{new_lb_name}-{lb_name_by_user.lower()}"
with open(f"/tmp/annotations_{lb_name}.json", mode="w") as log_file:
log_file.write(json.dumps(annotations, indent=4))
print(f'running ./change_shared_alb_across_namespace_name.sh {cluster} {namespace} {lb_name} '
f'{new_lb_name}')
result = subprocess.run(shlex.split((f"./change_shared_alb_across_namespace_name.sh {cluster} "
f"{namespace} {lb_name} {new_lb_name}")),
shell=False, capture_output=True, text=True)
print(result.stdout)
whitelist1 = []
if result.stderr != "" and lb_name not in whitelist1:
print(result.stderr)
if result.stderr.find("not found") == -1:
sys.exit(1)
for i in env_manifest_list:
perform_post = False
r = s.get("{0}/api/manifest/{1}".format(url, str(i['id'])))
manifest = r.json()
if 'deployment' in manifest:
deployment = manifest['deployment']
if deployment['namespace'] != ns:
print(f"Deployment does not belong to {ns}. Skipping...")
continue
if 'loadBalancers' in deployment:
load_balancers = deployment['loadBalancers']
for lb in load_balancers:
if lb['type'] == 'sharedAlb' or lb['type'] == 'sharedAlbAcrossNamespace':
if 'name' not in lb:
lb['name'] = ''
change_name(deployment['cluster'], manifest['name'],
deployment['namespace'],
lb['name'], lb['type'])
if lb['type'] == 'sharedAlb':
perform_post = True
print(f"{manifest['environment']}/{manifest['name']} has a sharedAlb: "
f"{lb['endpoint']}")
lb['type'] = 'sharedAlbAcrossNamespace'
lb['groupName'] = f"{deployment['namespace']}-internal"
if perform_post:
response = s.post(f"{url}/api/manifest", json=manifest)
print(f"{i['id']} response of post is {response.json()}")
time.sleep(2)
else:
print(f"{i['id']} is not updated.")
Reference in New Issue View Git Blame Copy Permalink