cluster auth

deploy/deployment.yaml

@@ -18,7 +18,10 @@ spec:
     spec:
       containers:
       - name: service
-        image: hjacobs/kube-ops-view
+        image: hjacobs/kube-ops-view:2017.0.dev1-d9a1e2b-dirty
+        args:
+        - --redis-url=redis://kube-ops-view-redis:6379
+        - --debug
         ports:
         - containerPort: 8080
           protocol: TCP
@@ -28,9 +31,6 @@ spec:
             port: 8080
           initialDelaySeconds: 5
           timeoutSeconds: 1
-        env:
-        - name: REDIS_URL
-          value: "redis://kube-ops-view-redis:6379"
         resources:
           limits:
             cpu: 200m
@@ -38,17 +38,3 @@ spec:
           requests:
             cpu: 50m
             memory: 50Mi
-      - name: kubectl
-        image: registry.opensource.zalan.do/teapot/hyperkube:v1.4.7_zalando.0
-        command:
-        - /hyperkube
-        args:
-        - kubectl
-        - proxy
-        resources:
-          limits:
-            cpu: 100m
-            memory: 100Mi
-          requests:
-            cpu: 25m
-            memory: 25Mi

kube_ops_view/cluster_discovery.py

@@ -14,6 +14,7 @@ class StaticTokenAuth(AuthBase):
 
     def __call__(self, request):
         request.headers['Authorization'] = 'Bearer {}'.format(self.token)
+        return request
 
 
 class OAuthTokenAuth(AuthBase):
@@ -24,6 +25,7 @@ class OAuthTokenAuth(AuthBase):
     def __call__(self, request):
         token = tokens.get(self.token_name)
         request.headers['Authorization'] = 'Bearer {}'.format(token)
+        return request
 
 
 class Cluster:

kube_ops_view/kubernetes.py

@@ -53,11 +53,18 @@ def map_container(cont: dict, pod: dict):
     return obj
 
 
+def request(cluster, path, **kwargs):
+    if 'timeout' not in kwargs:
+        # sane default timeout
+        kwargs['time'] = 5
+    return session.get(urljoin(cluster.api_server_url, path), auth=cluster.auth, verify=cluster.ssl_ca_cert, **kwargs)
+
+
 def get_kubernetes_clusters(cluster_discoverer):
     for cluster in cluster_discoverer.get_clusters():
         api_server_url = cluster.api_server_url
         cluster_id = generate_cluster_id(api_server_url)
-        response = session.get(urljoin(api_server_url, '/api/v1/nodes'), timeout=5, auth=cluster.auth, verify=cluster.ssl_ca_cert)
+        response = request(cluster, '/api/v1/nodes')
         response.raise_for_status()
         nodes = {}
         pods_by_namespace_name = {}
@@ -65,7 +72,7 @@ def get_kubernetes_clusters(cluster_discoverer):
         for node in response.json()['items']:
             obj = map_node(node)
             nodes[obj['name']] = obj
-        response = session.get(urljoin(api_server_url, '/api/v1/pods'), timeout=5)
+        response = request(cluster, '/api/v1/pods')
         response.raise_for_status()
         for pod in response.json()['items']:
             obj = map_pod(pod)
@@ -83,7 +90,7 @@ def get_kubernetes_clusters(cluster_discoverer):
                 unassigned_pods[pod_key] = obj
 
         try:
-            response = session.get(urljoin(api_server_url, '/api/v1/namespaces/kube-system/services/heapster/proxy/apis/metrics/v1alpha1/nodes'), timeout=5)
+            response = request(cluster, '/api/v1/namespaces/kube-system/services/heapster/proxy/apis/metrics/v1alpha1/nodes')
             response.raise_for_status()
             data = response.json()
             if not data.get('items'):
@@ -94,9 +101,7 @@ def get_kubernetes_clusters(cluster_discoverer):
         except:
             logging.exception('Failed to get node metrics')
         try:
-            response = session.get(urljoin(api_server_url,
-                                           '/api/v1/namespaces/kube-system/services/heapster/proxy/apis/metrics/v1alpha1/pods'),
-                                   timeout=5)
+            response = request(cluster, '/api/v1/namespaces/kube-system/services/heapster/proxy/apis/metrics/v1alpha1/pods')
             response.raise_for_status()
             data = response.json()
             if not data.get('items'):