From d2297d913d8d7e79fa5828904402606c916514a5 Mon Sep 17 00:00:00 2001 From: Joe Talerico Date: Mon, 19 Feb 2024 16:25:06 -0500 Subject: [PATCH] Create namespace/sa/rolebinding Caving and finally adding the code to create the namespace, service account and role binding to allow for `hostNetwork`. Signed-off-by: Joe Talerico --- cmd/k8s-netperf/k8s-netperf.go | 13 ++++++- pkg/k8s/kubernetes.go | 64 ++++++++++++++++++++++++++++++++++ 2 files changed, 76 insertions(+), 1 deletion(-) diff --git a/cmd/k8s-netperf/k8s-netperf.go b/cmd/k8s-netperf/k8s-netperf.go index 5c83a3a7..756a3f00 100644 --- a/cmd/k8s-netperf/k8s-netperf.go +++ b/cmd/k8s-netperf/k8s-netperf.go @@ -138,6 +138,13 @@ var rootCmd = &cobra.Command{ log.Warn("😥 Prometheus is not available") } + // Build the namespace and create the sa account + err = k8s.BuildInfra(client) + if err != nil { + log.Error(err) + os.Exit(1) + } + // Build the SUT (Deployments) err = k8s.BuildSUT(client, &s) if err != nil { @@ -345,7 +352,11 @@ func cleanup(client *kubernetes.Clientset) { os.Exit(1) } } - + err = k8s.DestroyNamespace(client) + if err != nil { + log.Error(err) + os.Exit(1) + } } func executeWorkload(nc config.Config, s config.PerfScenarios, hostNet bool, iperf3 bool, uperf bool) result.Data { diff --git a/pkg/k8s/kubernetes.go b/pkg/k8s/kubernetes.go index 615614be..338a4791 100644 --- a/pkg/k8s/kubernetes.go +++ b/pkg/k8s/kubernetes.go @@ -9,6 +9,7 @@ import ( "github.com/cloud-bulldozer/k8s-netperf/pkg/metrics" appsv1 "k8s.io/api/apps/v1" apiv1 "k8s.io/api/core/v1" + v1 "k8s.io/api/rbac/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/apimachinery/pkg/watch" @@ -41,6 +42,7 @@ type ServiceParams struct { } const sa string = "netperf" +const namespace string = "netperf" // NetperfServerCtlPort control port for the service const NetperfServerCtlPort = 12865 @@ -67,6 +69,56 @@ const clientAcrossRole = "client-across" const hostNetServerRole = "host-server" const hostNetClientRole = "host-client" +func BuildInfra(client *kubernetes.Clientset) error { + _, err := client.CoreV1().Namespaces().Get(context.TODO(), namespace, metav1.GetOptions{}) + if err == nil { + log.Infof("♻️ Namespace already exists, reusing it") + } else { + log.Infof("🔨 Creating namespace : %s", namespace) + _, err := client.CoreV1().Namespaces().Create(context.TODO(), &apiv1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: namespace}}, metav1.CreateOptions{}) + if err != nil { + return fmt.Errorf("😥 Unable to create namespace - %s", err) + } + } + _, err = client.CoreV1().ServiceAccounts(namespace).Get(context.TODO(), sa, metav1.GetOptions{}) + if err == nil { + log.Infof("♻️ Service account already exists, reusing it") + } else { + log.Infof("🔨 Creating service account : %s", sa) + _, err = client.CoreV1().ServiceAccounts(namespace).Create(context.TODO(), &apiv1.ServiceAccount{ObjectMeta: metav1.ObjectMeta{Name: sa}}, metav1.CreateOptions{}) + if err != nil { + return fmt.Errorf("😥 Unable to create service account") + } + } + rBinding := &v1.RoleBinding{ + ObjectMeta: metav1.ObjectMeta{ + Name: sa, + Namespace: namespace, + }, + RoleRef: v1.RoleRef{ + Kind: "ClusterRole", + Name: "system:openshift:scc:hostnetwork", + }, + Subjects: []v1.Subject{ + { + Namespace: namespace, + Name: sa, + Kind: "ServiceAccount", + }, + }, + } + _, err = client.RbacV1().RoleBindings(namespace).Get(context.TODO(), sa, metav1.GetOptions{}) + if err == nil { + log.Infof("♻️ Role binding already exists, reusing it") + } else { + _, err = client.RbacV1().RoleBindings(namespace).Create(context.TODO(), rBinding, metav1.CreateOptions{}) + if err != nil { + return fmt.Errorf("😥 Unable to create role-binding") + } + } + return nil +} + // BuildSUT Build the k8s env to run network performance tests func BuildSUT(client *kubernetes.Clientset, s *config.PerfScenarios) error { // Check if nodes have the zone label to keep the netperf test @@ -654,6 +706,18 @@ func DestroyService(client *kubernetes.Clientset, serv apiv1.Service) error { }) } +// DestroyNamespace cleans up the namespace k8s-netperf created +func DestroyNamespace(client *kubernetes.Clientset) error { + _, err := client.CoreV1().Namespaces().Get(context.TODO(), namespace, metav1.GetOptions{}) + if err == nil { + deletePolicy := metav1.DeletePropagationForeground + return client.CoreV1().Namespaces().Delete(context.TODO(), namespace, metav1.DeleteOptions{ + PropagationPolicy: &deletePolicy, + }) + } + return nil +} + // DestroyDeployment cleans up a specific deployment from a namespace func DestroyDeployment(client *kubernetes.Clientset, dp appsv1.Deployment) error { deletePolicy := metav1.DeletePropagationForeground