Deploying the autoscaler

Author: davidjumani

api/src/main/java/com/cloud/user/AccountService.java

@@ -121,4 +121,6 @@ UserAccount createUserAccount(String userName, String password, String firstName
     UserAccount getUserAccountById(Long userId);
 
     public Map<String, String> getKeys(GetUserKeysCmd cmd);
+
+    public Map<String, String> getKeys(Long userId);
 }

api/src/main/java/org/apache/cloudstack/api/ApiConstants.java

@@ -822,6 +822,9 @@ public class ApiConstants {
     public static final String MIN_KUBERNETES_VERSION_ID = "minimumkubernetesversionid";
     public static final String NODE_ROOT_DISK_SIZE = "noderootdisksize";
     public static final String SUPPORTS_HA = "supportsha";
+    public static final String AUTOSCALING_ENABLED = "autoscaling_enabled";
+    public static final String MIN_SIZE = "minsize";
+    public static final String MAX_SIZE = "maxsize";
 
     public static final String BOOT_TYPE = "boottype";
     public static final String BOOT_MODE = "bootmode";

engine/schema/src/main/resources/META-INF/db/schema-41400to41500.sql

@@ -222,4 +222,8 @@ ALTER VIEW `cloud`.`image_store_view` AS
         `cloud`.`image_store_details` ON image_store_details.store_id = image_store.id;
 
 -- TODO : Move to 416
+ALTER TABLE `cloud`.`kubernetes_cluster` ADD COLUMN `autoscaling_enabled` tinyint(1) NOT NULL DEFAULT '0';
+ALTER TABLE `cloud`.`kubernetes_cluster` ADD COLUMN `minsize` bigint;
+ALTER TABLE `cloud`.`kubernetes_cluster` ADD COLUMN `maxsize` bigint;
+
 ALTER TABLE `cloud`.`kubernetes_cluster_vm_map` ADD COLUMN `is_master` tinyint(1) NOT NULL DEFAULT '0';

plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImpl.java

@@ -26,18 +26,25 @@
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.UUID;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.TimeUnit;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
+import java.util.stream.Collectors;
 
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
 import org.apache.cloudstack.acl.ControlledEntity;
+import org.apache.cloudstack.acl.Role;
+import org.apache.cloudstack.acl.RoleService;
+import org.apache.cloudstack.acl.RoleType;
+import org.apache.cloudstack.acl.Rule;
 import org.apache.cloudstack.acl.SecurityChecker;
+import org.apache.cloudstack.acl.RolePermissionEntity.Permission;
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.api.ApiConstants.VMDetails;
 import org.apache.cloudstack.api.ResponseObject.ResponseView;
@@ -53,6 +60,7 @@
 import org.apache.cloudstack.api.response.KubernetesClusterResponse;
 import org.apache.cloudstack.api.response.ListResponse;
 import org.apache.cloudstack.api.response.UserVmResponse;
+import org.apache.cloudstack.config.ApiServiceConfiguration;
 import org.apache.cloudstack.context.CallContext;
 import org.apache.cloudstack.engine.orchestration.service.NetworkOrchestrationService;
 import org.apache.cloudstack.framework.config.ConfigKey;
@@ -131,7 +139,11 @@
 import com.cloud.user.Account;
 import com.cloud.user.AccountManager;
 import com.cloud.user.AccountService;
+import com.cloud.user.AccountVO;
 import com.cloud.user.SSHKeyPairVO;
+import com.cloud.user.User;
+import com.cloud.user.UserAccount;
+import com.cloud.user.dao.AccountDao;
 import com.cloud.user.dao.SSHKeyPairDao;
 import com.cloud.utils.Pair;
 import com.cloud.utils.Ternary;
@@ -167,6 +179,8 @@ public class KubernetesClusterManagerImpl extends ManagerBase implements Kuberne
     ScheduledExecutorService _gcExecutor;
     ScheduledExecutorService _stateScanner;
 
+    Account kubeadmin;
+
     @Inject
     public KubernetesClusterDao kubernetesClusterDao;
     @Inject
@@ -192,6 +206,10 @@ public class KubernetesClusterManagerImpl extends ManagerBase implements Kuberne
     @Inject
     protected TemplateJoinDao templateJoinDao;
     @Inject
+    protected AccountDao accountDao;
+    @Inject
+    protected RoleService roleService;
+    @Inject
     protected AccountService accountService;
     @Inject
     protected AccountManager accountManager;
@@ -222,6 +240,45 @@ public class KubernetesClusterManagerImpl extends ManagerBase implements Kuberne
     @Inject
     protected FirewallRulesDao firewallRulesDao;
 
+    private Role createKubeadminRole() {
+        Role kubeadminRole = roleService.createRole(KUBEADMIN_ACCOUNT_NAME, RoleType.Admin, "Default Kubeadmin role");
+        roleService.createRolePermission(kubeadminRole, new Rule("listKubernetesClusters"), Permission.ALLOW, "");
+        roleService.createRolePermission(kubeadminRole, new Rule("scaleKubernetesCluster"), Permission.ALLOW, "");
+        roleService.createRolePermission(kubeadminRole, new Rule("*"), Permission.DENY, "");
+        return kubeadminRole;
+    }
+
+    private void init() {
+
+        // Check and create Kubeadmin role
+        Role kubeadminRole = null;
+        List<Role> roles = roleService.findRolesByName(KUBEADMIN_ACCOUNT_NAME);
+        if (roles == null) {
+            kubeadminRole = createKubeadminRole();
+        } else {
+            roles = roles.stream().filter(x -> x.getDescription() == "Default Kubeadmin role").collect(Collectors.toList());
+            if (roles.size() != 1 ) {
+                kubeadminRole = createKubeadminRole();
+            } else {
+                kubeadminRole = roles.get(0);
+            }
+        }
+
+        // Check and create Kubeadmin account
+        if (accountManager.getActiveAccountByName(KUBEADMIN_ACCOUNT_NAME, 1L) != null) {
+            return;
+        }
+
+        AccountVO kubeadmin = new AccountVO();
+        kubeadmin.setAccountName(KUBEADMIN_ACCOUNT_NAME);
+        kubeadmin.setUuid(UUID.randomUUID().toString());
+        kubeadmin.setState(Account.State.enabled);
+        kubeadmin.setDomainId(1);
+        kubeadmin.setType(RoleType.Admin.getAccountType());
+        kubeadmin.setRoleId(kubeadminRole.getId());
+        kubeadmin = accountDao.persist(kubeadmin);
+    }
+
     private void logMessage(final Level logLevel, final String message, final Exception e) {
         if (logLevel == Level.WARN) {
             if (e != null) {
@@ -628,6 +685,13 @@ public KubernetesClusterResponse createKubernetesClusterResponse(long kubernetes
             }
         }
         response.setVirtualMachineIds(vmIds);
+        Boolean isAutoscalingEnabled = kubernetesCluster.isAutoscalingEnabled();
+        LOGGER.warn("Autoscaling enabled : " + isAutoscalingEnabled);
+        if (isAutoscalingEnabled != null) {
+            response.setAutoscalingEnabled(isAutoscalingEnabled);
+        }
+        response.setMinSize(kubernetesCluster.getMinSize());
+        response.setMaxSize(kubernetesCluster.getMaxSize());
         return response;
     }
 
@@ -834,17 +898,59 @@ private void validateKubernetesClusterScaleParameters(ScaleKubernetesClusterCmd
         final Long serviceOfferingId = cmd.getServiceOfferingId();
         final Long clusterSize = cmd.getClusterSize();
         final List<Long> nodeIds = cmd.getNodeIds();
-        if (kubernetesClusterId == null || kubernetesClusterId < 1L) {
-            throw new InvalidParameterValueException("Invalid Kubernetes cluster ID");
-        }
+        final Boolean isAutoscalingEnabled = cmd.isAutoscalingEnabled();
+        final Long minSize = cmd.getMinSize();
+        final Long maxSize = cmd.getMaxSize();
+
         KubernetesClusterVO kubernetesCluster = kubernetesClusterDao.findById(kubernetesClusterId);
         if (kubernetesCluster == null || kubernetesCluster.getRemoved() != null) {
             throw new InvalidParameterValueException("Invalid Kubernetes cluster ID");
         }
+
         final DataCenter zone = dataCenterDao.findById(kubernetesCluster.getZoneId());
         if (zone == null) {
             logAndThrow(Level.WARN, String.format("Unable to find zone for Kubernetes cluster ID: %s", kubernetesCluster.getUuid()));
         }
+
+        if (serviceOfferingId == null && clusterSize == null && nodeIds == null && isAutoscalingEnabled == null) {
+            throw new InvalidParameterValueException(String.format("Kubernetes cluster ID: %s cannot be scaled, either a new service offering or a new cluster size or nodeids to be removed or autoscaling must be passed", kubernetesCluster.getUuid()));
+        }
+
+        Account caller = CallContext.current().getCallingAccount();
+        accountManager.checkAccess(caller, SecurityChecker.AccessType.OperateEntry, false, kubernetesCluster);
+
+        final KubernetesSupportedVersion clusterVersion = kubernetesSupportedVersionDao.findById(kubernetesCluster.getKubernetesVersionId());
+        if (clusterVersion == null) {
+            throw new CloudRuntimeException(String.format("Invalid Kubernetes version associated with Kubernetes cluster ID: %s", kubernetesCluster.getUuid()));
+        }
+
+        if (!(kubernetesCluster.getState().equals(KubernetesCluster.State.Created) ||
+                kubernetesCluster.getState().equals(KubernetesCluster.State.Running) ||
+                kubernetesCluster.getState().equals(KubernetesCluster.State.Stopped))) {
+            throw new PermissionDeniedException(String.format("Kubernetes cluster ID: %s is in %s state", kubernetesCluster.getUuid(), kubernetesCluster.getState().toString()));
+        }
+
+        if (isAutoscalingEnabled != null && isAutoscalingEnabled) {
+            if (clusterSize != null || serviceOfferingId != null || nodeIds != null) {
+                throw new InvalidParameterValueException("autoscaling can not be passed along with nodeids or clustersize or service offering");
+            }
+
+            String csUrl = ApiServiceConfiguration.ApiServletPath.value();
+            if (csUrl == null || csUrl.contains("localhost")) {
+                throw new InvalidParameterValueException("Global setting endpointe.url has to be set to the Management Server's API end point");
+            }
+
+            if (minSize == null || maxSize == null) {
+                throw new InvalidParameterValueException("autoscaling requires minsize and maxsize to be passed");
+            }
+            if (minSize < 1) {
+                throw new InvalidParameterValueException("minsize must be more than 1");
+            }
+            if (maxSize <= minSize) {
+                throw new InvalidParameterValueException("maxsize must be greater than minsize");
+            }
+        }
+
         if (nodeIds != null) {
             if (clusterSize != null || serviceOfferingId != null) {
                 throw new InvalidParameterValueException("nodeids can not be passed along with clustersize or service offering");
@@ -859,19 +965,6 @@ private void validateKubernetesClusterScaleParameters(ScaleKubernetesClusterCmd
             if (mastersToRemove >= kubernetesCluster.getMasterNodeCount()) {
                 throw new InvalidParameterValueException("Can not remove all masters from a cluster");
             }
-
-        } else {
-            if (serviceOfferingId == null && clusterSize == null) {
-                throw new InvalidParameterValueException(String.format("Kubernetes cluster ID: %s cannot be scaled, either a new service offering or a new cluster size or nodeids to be removed must be passed", kubernetesCluster.getUuid()));
-            }
-        }
-
-        Account caller = CallContext.current().getCallingAccount();
-        accountManager.checkAccess(caller, SecurityChecker.AccessType.OperateEntry, false, kubernetesCluster);
-
-        final KubernetesSupportedVersion clusterVersion = kubernetesSupportedVersionDao.findById(kubernetesCluster.getKubernetesVersionId());
-        if (clusterVersion == null) {
-            throw new CloudRuntimeException(String.format("Invalid Kubernetes version associated with Kubernetes cluster ID: %s", kubernetesCluster.getUuid()));
         }
 
         ServiceOffering serviceOffering = null;
@@ -904,12 +997,6 @@ private void validateKubernetesClusterScaleParameters(ScaleKubernetesClusterCmd
             }
         }
 
-        if (!(kubernetesCluster.getState().equals(KubernetesCluster.State.Created) ||
-                kubernetesCluster.getState().equals(KubernetesCluster.State.Running) ||
-                kubernetesCluster.getState().equals(KubernetesCluster.State.Stopped))) {
-            throw new PermissionDeniedException(String.format("Kubernetes cluster ID: %s is in %s state", kubernetesCluster.getUuid(), kubernetesCluster.getState().toString()));
-        }
-
         if (clusterSize != null) {
             if (kubernetesCluster.getState().equals(KubernetesCluster.State.Stopped)) { // Cannot scale stopped cluster currently for cluster size
                 throw new PermissionDeniedException(String.format("Kubernetes cluster ID: %s is in %s state", kubernetesCluster.getUuid(), kubernetesCluster.getState().toString()));
@@ -1226,16 +1313,50 @@ public KubernetesClusterConfigResponse getKubernetesClusterConfig(GetKubernetesC
         return response;
     }
 
+    private String[] createServiceAccount() {
+        // TODO : Maybe create a service account kubeadmin with restricted permissions and add the user to that instead
+        Account caller = CallContext.current().getCallingAccount();
+        String username = caller.getAccountName() + "-kubeadmin";
+        UserAccount kubeadmin = accountService.getActiveUserAccount(username, caller.getDomainId());
+        String[] keys = null;
+        if (kubeadmin == null) {
+            User kube = accountService.createUser(username, "password", "kube", "admin", "kubeadmin", null, caller.getAccountName(), caller.getDomainId(), null);
+            keys = accountService.createApiKeyAndSecretKey(kube.getId());
+        } else {
+            String apiKey = kubeadmin.getApiKey();
+            String secretKey = kubeadmin.getSecretKey();
+            if (Strings.isNullOrEmpty(apiKey) || Strings.isNullOrEmpty(secretKey)) {
+                keys = accountService.createApiKeyAndSecretKey(kubeadmin.getId());
+            } else {
+                keys = new String[]{apiKey, secretKey};
+            }
+        }
+        return keys;
+    }
+
     @Override
     public boolean scaleKubernetesCluster(ScaleKubernetesClusterCmd cmd) throws CloudRuntimeException {
         if (!KubernetesServiceEnabled.value()) {
             logAndThrow(Level.ERROR, "Kubernetes Service plugin is disabled");
         }
         validateKubernetesClusterScaleParameters(cmd);
+
+        Boolean isAutoscalingEnabled = cmd.isAutoscalingEnabled();
+        String[] keys = null;
+        if (isAutoscalingEnabled != null && isAutoscalingEnabled) {
+            keys = createServiceAccount();
+        }
+
         KubernetesClusterScaleWorker scaleWorker =
             new KubernetesClusterScaleWorker(kubernetesClusterDao.findById(cmd.getId()),
-                serviceOfferingDao.findById(cmd.getServiceOfferingId()), cmd.getClusterSize(),
-                cmd.getNodeIds(), this);
+                serviceOfferingDao.findById(cmd.getServiceOfferingId()),
+                cmd.getClusterSize(),
+                cmd.getNodeIds(),
+                cmd.isAutoscalingEnabled(),
+                cmd.getMinSize(),
+                cmd.getMaxSize(),
+                keys,
+                this);
         scaleWorker = ComponentContext.inject(scaleWorker);
         return scaleWorker.scaleCluster();
     }

plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/KubernetesClusterService.java

@@ -34,6 +34,7 @@ public interface KubernetesClusterService extends PluggableService, Configurable
     static final String MIN_KUBERNETES_VERSION_HA_SUPPORT = "1.16.0";
     static final int MIN_KUBERNETES_CLUSTER_NODE_CPU = 2;
     static final int MIN_KUBERNETES_CLUSTER_NODE_RAM_SIZE = 2048;
+    static final String KUBEADMIN_ACCOUNT_NAME = "kubeadmin";
 
     static final ConfigKey<Boolean> KubernetesServiceEnabled = new ConfigKey<Boolean>("Advanced", Boolean.class,
             "cloud.kubernetes.service.enabled",

plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/KubernetesClusterVO.java

@@ -93,6 +93,15 @@ public class KubernetesClusterVO implements KubernetesCluster {
     @Column(name = "endpoint")
     private String endpoint;
 
+    @Column(name = "autoscaling_enabled")
+    private boolean isAutoscalingEnabled;
+
+    @Column(name = "minsize")
+    private Long minSize;
+
+    @Column(name = "maxsize")
+    private Long maxSize;
+
     @Column(name = GenericDao.CREATED_COLUMN)
     private Date created;
 
@@ -303,6 +312,30 @@ public Date getCreated() {
         return created;
     }
 
+    public boolean isAutoscalingEnabled() {
+        return isAutoscalingEnabled;
+    }
+
+    public void setAutoscalingEnabled(boolean isAutoscalingEnabled) {
+        this.isAutoscalingEnabled = isAutoscalingEnabled;
+    }
+
+    public Long getMinSize() {
+        return minSize;
+    }
+
+    public void setMinSize(Long minSize) {
+        this.minSize = minSize;
+    }
+
+    public Long getMaxSize() {
+        return maxSize;
+    }
+
+    public void setMaxSize(Long maxSize) {
+        this.maxSize = maxSize;
+    }
+
     public KubernetesClusterVO() {
         this.uuid = UUID.randomUUID().toString();
     }