commit 3374781800f52ea04e911bd5ce68e5a8e8d2a5ea
author Alex <osavatieiev@mirantis.com> Wed Apr 07 10:11:39 2021 -0500
committer Alex <osavatieiev@mirantis.com> Wed Apr 07 10:11:39 2021 -0500
tree 947cd55f1d74ad0cd27928b60d4a1d319e421689
parent 9d913534d14930f175308127d3fccea1355fefd2

Fixes for cfg-checker for proper handling of K8s env with SSL errors

  - SSL insecure option
  - Pod naming handling updates

  Related-PROD: PROD-35903

Change-Id: I61d85124ac9c89693d1d3f3a165912241d3e549d

cfg_checker/common/kube_utils.py

diff --git a/cfg_checker/common/kube_utils.py b/cfg_checker/common/kube_utils.py
index e72e7e9..5b791cd 100644
--- a/cfg_checker/common/kube_utils.py
+++ b/cfg_checker/common/kube_utils.py
@@ -22,6 +22,9 @@
     # Init kube library locally
     try:
         kconfig.load_kube_config()
+        if config.insecure:
+            kconfig.assert_hostname = False
+            kconfig.client_side_validation = False
         logger_cli.debug(
             "...found Kube env: core, {}". format(
                 ",".join(
@@ -119,6 +122,10 @@
     )
     _kube_conf.verify_ssl = False
     _kube_conf.debug = config.debug
+    if config.insecure:
+        _kube_conf.assert_hostname = False
+        _kube_conf.client_side_validation = False
+
     # Nevertheless if you want to do it
     # you can with these 2 parameters
     # configuration.verify_ssl=True
@@ -248,27 +255,36 @@
         _request_timeout=120,
         **kwargs
     ):
+        logger_cli.debug(
+            "...searching for pods with the name '{}'".format(pod_name)
+        )
         _pods = {}
         _pods = self._coreV1.list_namespaced_pod(namespace)
         _names = self._get_listed_attrs(_pods.items, "metadata.name")
 
         _pname = ""
         if not strict:
-            _pname = [n for n in _names if n.startswith(pod_name)]
-            if len(_pname) > 1:
+            _pnames = [n for n in _names if n.startswith(pod_name)]
+            if len(_pnames) > 1:
                 logger_cli.debug(
                     "...more than one pod found for '{}': {}\n"
                     "...using first one".format(
                         pod_name,
-                        ", ".join(_pname)
+                        ", ".join(_pnames)
                     )
                 )
-                _pname = _pname[0]
+                _pname = _pnames[0]
             elif len(_pname) < 1:
                 raise KubeException("No pods found for '{}'".format(pod_name))
         else:
             _pname = pod_name
-
+        logger_cli.debug(
+            "...cmd: [CoreV1] exec {} -n {} -- {}".format(
+                _pname,
+                namespace,
+                cmd
+            )
+        )
         _r = stream(
             self.CoreV1.connect_get_namespaced_pod_exec,
             _pname,

cfg_checker/common/settings.py

diff --git a/cfg_checker/common/settings.py b/cfg_checker/common/settings.py
index b01d684..4b7b3f5 100644
--- a/cfg_checker/common/settings.py
+++ b/cfg_checker/common/settings.py
@@ -330,6 +330,7 @@
         self.ssh_uses_sudo = args.sudo
         self.kube_config_path = args.kube_config
         self.debug = args.debug
+        self.insecure = args.insecure
         self.force_no_key = args.force_no_key
         # Make sure we running on Python 3
         if sys.version_info[0] < 3 and sys.version_info[1] < 5: