kops-arm64/kube_ops_view/stores.py

import json
import logging
import random
import string
import redis
import time

from redlock import Redlock
from queue import Queue

logger = logging.getLogger(__name__)

ONE_YEAR = 3600 * 24 * 365


def generate_token(n: int):
    '''Generate a random ASCII token of length n'''
    # uses os.urandom()
    rng = random.SystemRandom()
    return ''.join([rng.choice(string.ascii_letters + string.digits) for i in range(n)])


def generate_token_data():
    '''Generate screen token data for storing'''
    token = generate_token(10)
    now = time.time()
    return {'token': token, 'created': now, 'expires': now + ONE_YEAR}


def check_token(token: str, remote_addr: str, data: dict):
    '''Check whether the given screen token is valid, raises exception if not'''
    now = time.time()
    if data and now < data['expires'] and data.get('remote_addr', remote_addr) == remote_addr:
        data['remote_addr'] = remote_addr
        return data
    else:
        raise ValueError('Invalid token')


class AbstractStore:

    def get_cluster_ids(self):
        return self.get('cluster-ids') or []

    def set_cluster_ids(self, cluster_ids: set):
        self.set('cluster-ids', list(sorted(cluster_ids)))

    def get_cluster_status(self, cluster_id: str) -> dict:
        return self.get('clusters:{}:status'.format(cluster_id)) or {}

    def set_cluster_status(self, cluster_id: str, status: dict):
        self.set('clusters:{}:status'.format(cluster_id), status)

    def get_cluster_data(self, cluster_id: str) -> dict:
        return self.get('clusters:{}:data'.format(cluster_id)) or {}

    def set_cluster_data(self, cluster_id: str, data: dict):
        self.set('clusters:{}:data'.format(cluster_id), data)


class MemoryStore(AbstractStore):
    '''Memory-only backend, mostly useful for local debugging'''

    def __init__(self):
        self._data = {}
        self._queues = []
        self._screen_tokens = {}

    def set(self, key, value):
        self._data[key] = value

    def get(self, key):
        return self._data.get(key)

    def acquire_lock(self):
        # no-op for memory store
        return 'fake-lock'

    def release_lock(self, lock):
        # no op for memory store
        pass

    def publish(self, event_type, event_data):
        for queue in self._queues:
            queue.put((event_type, event_data))

    def listen(self):
        queue = Queue()
        self._queues.append(queue)
        try:
            while True:
                item = queue.get()
                yield item
        finally:
            self._queues.remove(queue)

    def create_screen_token(self):
        data = generate_token_data()
        token = data['token']
        self._screen_tokens[token] = data
        return token

    def redeem_screen_token(self, token: str, remote_addr: str):
        data = self._screen_tokens.get(token)
        data = check_token(token, remote_addr, data)
        self._screen_tokens[token] = data


class RedisStore(AbstractStore):
    '''Redis-based backend for deployments with replicas > 1'''

    def __init__(self, url: str):
        logger.info('Connecting to Redis on {}..'.format(url))
        self._redis = redis.StrictRedis.from_url(url)
        self._redlock = Redlock([url])

    def set(self, key, value):
        self._redis.set(key, json.dumps(value, separators=(',', ':')))

    def get(self, key):
        value = self._redis.get(key)
        if value:
            return json.loads(value.decode('utf-8'))

    def acquire_lock(self):
        return self._redlock.lock('update', 10000)

    def release_lock(self, lock):
        self._redlock.unlock(lock)

    def publish(self, event_type, event_data):
        self._redis.publish('default', '{}:{}'.format(event_type, json.dumps(event_data, separators=(',', ':'))))

    def listen(self):
        p = self._redis.pubsub()
        p.subscribe('default')
        for message in p.listen():
            if message['type'] == 'message':
                event_type, data = message['data'].decode('utf-8').split(':', 1)
                yield (event_type, json.loads(data))

    def create_screen_token(self):
        '''Generate a new screen token and store it in Redis'''
        data = generate_token_data()
        token = data['token']
        self._redis.set('screen-tokens:{}'.format(token), json.dumps(data))
        return token

    def redeem_screen_token(self, token: str, remote_addr: str):
        '''Validate the given token and bind it to the IP'''
        redis_key = 'screen-tokens:{}'.format(token)
        data = self._redis.get(redis_key)
        if not data:
            raise ValueError('Invalid token')
        data = json.loads(data.decode('utf-8'))
        data = check_token(token, remote_addr, data)
        self._redis.set(redis_key, json.dumps(data))