public async Task <IEnumerable <string> > Get()
{
var inClusterConfig = KubernetesClientConfiguration.InClusterConfig();
var client = new Kubernetes(inClusterConfig);
var pods = await client.ListNamespacedPodAsync("gpe");
var httpClient = _clientFactory.CreateClient();
var resultList = new List <string>();
foreach (var pod in pods.Items)
{
pod.Metadata.Labels.TryGetValue("app", out var deploymentName);
if (deploymentName != null && deploymentName == "gpe-price")
{
var result = await httpClient.GetAsync($"http://{pod.Status.PodIP}:8080/health");
var responseString = await result.Content.ReadAsStringAsync();
resultList.Add($"Pod {pod.Metadata.Name} response: {responseString}");
}
}
return(resultList);
}
public void ConfigureServices(IServiceCollection services)
{
KubernetesClientConfiguration config;
if (KubernetesClientConfiguration.IsInCluster())
{
config = KubernetesClientConfiguration.InClusterConfig();
services.AddSingleton <ILeaderSelector, KubernetesLeaderSelector>();
}
else
{
config = new KubernetesClientConfiguration {
Host = "http://localhost:8001"
};
services.AddSingleton <ILeaderSelector, DummyLeaderSelector>();
}
services.AddHttpClient("K8s")
.AddTypedClient <IKubernetes>((httpClient, serviceProvider) => new Kubernetes(config, httpClient))
.ConfigurePrimaryHttpMessageHandler(config.CreateDefaultHttpClientHandler)
.AddHttpMessageHandler(KubernetesClientConfiguration.CreateWatchHandler);
services.AddSingleton <ConcurrentDictionary <string, AzureDnsCredentialSpec> >();
services.AddSingleton <IDnsClientFactory, AzureDnsClientFactory>();
services.AddHostedService <AzureDnsCredentialsController>();
services.AddHostedService <DnsRecordsetController>();
}
public static IKubeClient ForInCluster(KubernetesVersion kubernetesVersion)
{
var config = KubernetesClientConfiguration.InClusterConfig();
var kubernetes = new Kubernetes(config);
return(Create(kubernetesVersion, kubernetes));
}
public ActionResult <IDictionary <string, IEnumerable <string> > > GetPods()
{
// Load from the default kubeconfig on the machine.
KubernetesClientConfiguration config = null;
if (!useKubeConfig)
{
config = KubernetesClientConfiguration.InClusterConfig();
}
else
{
config = KubernetesClientConfiguration.BuildConfigFromConfigFile();
}
// Use the config object to create a client.
var client = new Kubernetes(config);
var namespaces = client.ListNamespace();
var result = new Dictionary <string, IEnumerable <string> >();
foreach (var ns in namespaces.Items)
{
Console.WriteLine(ns.Metadata.Name);
var pods = new List <string>();
var list = client.ListNamespacedPod(ns.Metadata.Name);
foreach (var item in list.Items)
{
pods.Add(item.Metadata.Name);
}
result.Add(ns.Metadata.Name, pods);
}
return(result);
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().AddMetrics();
services.AddSwaggerGen(swagger => {
swagger.SwaggerDoc("v1", new Swashbuckle.AspNetCore.Swagger.Info {
Title = "Kamus Swagger"
});
});
services.AddSingleton <IKubernetes>(s =>
{
KubernetesClientConfiguration config;
config = string.IsNullOrEmpty(Configuration["Kubernetes:ProxyUrl"])
? KubernetesClientConfiguration.InClusterConfig()
: new KubernetesClientConfiguration {
Host = Configuration["Kubernetes:ProxyUrl"]
};
return(new Kubernetes(config));
});
services.AddKeyManagement(Configuration, Log.Logger);
services.AddAuthentication().AddScheme <KubernetesAuthenticationOptions, KubernetesAuthenticationHandler>("kubernetes", null);
services.AddAuthorization(options => {
options.AddPolicy("KubernetesPolicy", policyBuilder => policyBuilder.RequireAssertion(
context => context.Resource as string == context.User.Claims.FirstOrDefault(claim => claim.Type == "sub").Value)
);
});
services.AddSingleton <IConfiguration>(Configuration);
services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>();
}
public SecretConfigurationProvider(string?namespaceSelector, string?labelSelector, string?separator, bool reloadOnChange, bool decodeData = true)
{
_namespaceSelector = namespaceSelector ?? string.Empty;
_labelSelector = labelSelector ?? string.Empty;
_separator = separator ?? "__";
_decodeData = decodeData;
KubernetesClientConfiguration config;
try
{
config = KubernetesClientConfiguration.InClusterConfig();
}
catch
{
config = KubernetesClientConfiguration.BuildConfigFromConfigFile();
}
_client = new k8s.Kubernetes(config);
if (!reloadOnChange)
{
return;
}
var secretResponse = _client.ListNamespacedSecretWithHttpMessagesAsync(_namespaceSelector, labelSelector: _labelSelector, watch: true).Result;
secretResponse.Watch <V1Secret, V1SecretList>((type, item) =>
{
if (type.Equals(WatchEventType.Modified))
{
Load(true);
}
});
}
static async Task Main(string[] args)
{
var config = new ConfigurationBuilder()
.AddJsonFile("config/appsettings.json", optional: true)
.Build();
var kubeConfig = KubernetesClientConfiguration.IsInCluster() ?
KubernetesClientConfiguration.InClusterConfig() :
new KubernetesClientConfiguration {
Host = "http://localhost:8001"
};
var kubernetes = new Kubernetes(kubeConfig);
var serviceProvider = new ServiceCollection()
.AddSingleton(config)
.AddSingleton(kubernetes)
.AddTransient <IInstaller, WebPingerInstaller>()
.AddTransient <IInstaller, WebPingerArchiveInstaller>()
.BuildServiceProvider();
var installers = serviceProvider.GetServices <IInstaller>();
foreach (var installer in installers)
{
await installer.InstallAsync();
}
Console.WriteLine("* Done.");
}
public string GetInstanceCount()
{
KubernetesClientConfiguration config;
if (Configuration["ASPNETCORE_ENVIRONMENT"] == "Debug")
{
config = KubernetesClientConfiguration.BuildConfigFromConfigFile();
}
else
{
config = KubernetesClientConfiguration.InClusterConfig();
}
IKubernetes client = new Kubernetes(config);
var list = client.ListNamespacedPod("default");
var output = new List <MineCraftInstance>();
int count = 0;
foreach (var item in list.Items)
{
if (item.Metadata.Name.StartsWith(Configuration["MCPodPrefix"]))
{
count++;
}
}
return(count.ToString());
}
public string Put(int count)
{
string output = "";
if (count > 0 && count < 10)
{
KubernetesClientConfiguration config;
if (Configuration["ASPNETCORE_ENVIRONMENT"] == "Debug")
{
config = KubernetesClientConfiguration.BuildConfigFromConfigFile();
}
else
{
config = KubernetesClientConfiguration.InClusterConfig();
}
IKubernetes client = new Kubernetes(config);
JsonPatchDocument <V1StatefulSet> jsonDoc = new JsonPatchDocument <V1StatefulSet>();
jsonDoc.Replace(p => p.Spec.Replicas, count);
Console.WriteLine(JsonConvert.SerializeObject(jsonDoc));
V1Patch patch = new V1Patch(jsonDoc);
client.PatchNamespacedStatefulSetScale(patch, Configuration["MCStafefulSetName"], "default");
}
//This is where we update the count.
return(output);
}
public static async Task Main()
{
/*
* docker build . -t rogeralsing/kubdiagg
* kubectl apply --filename service.yaml
* kubectl get pods -l app=kubdiag
* kubectl logs -l app=kubdiag --all-containers
*
*/
var l = LoggerFactory.Create(c => c.AddConsole().SetMinimumLevel(LogLevel.Error));
Log.SetLoggerFactory(l);
var log = Log.CreateLogger("main");
var db = GetMongo();
var identity = new IdentityStorageLookup(new MongoIdentityStorage("mycluster", db.GetCollection <PidLookupEntity>("pids"), 200));
var kubernetes = new Kubernetes(KubernetesClientConfiguration.InClusterConfig());
var clusterprovider = new KubernetesProvider(kubernetes);
var port = int.Parse(Environment.GetEnvironmentVariable("PROTOPORT") !);
var host = Environment.GetEnvironmentVariable("PROTOHOST");
var advertisedHost = Environment.GetEnvironmentVariable("PROTOHOSTPUBLIC");
log.LogInformation("Host {host}", host);
log.LogInformation("Port {port}", port);
log.LogInformation("Advertised Host {advertisedHost}", advertisedHost);
var system = new ActorSystem()
.WithRemote(GrpcNetRemoteConfig
.BindTo(host, port)
.WithAdvertisedHost(advertisedHost)
)
.WithCluster(ClusterConfig
.Setup("mycluster", clusterprovider, identity)
.WithClusterKind("empty", Props.Empty)
);
system.EventStream.Subscribe <ClusterTopology>(e => {
var members = e.Members;
var x = members.Select(m => m.Id).OrderBy(i => i).ToArray();
var key = string.Join("", x);
var hash = MurmurHash2.Hash(key);
Console.WriteLine("My members " + hash);
foreach (var member in members.OrderBy(m => m.Id))
{
Console.WriteLine(member.Id + "\t" + member.Address + "\t" + member.Kinds);
}
}
);
await system
.Cluster()
.StartMemberAsync();
Thread.Sleep(Timeout.Infinite);
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.Configure <ForwardedHeadersOptions>(options =>
{
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
});
services.Configure <CookiePolicyOptions>(options =>
{
// This lambda determines whether user consent for non-essential cookies is needed for a given request.
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddTransient(x => Configuration);
services.AddTransient <IAPIService, APIService>();
services.AddTransient <IServiceLocator, DNSServiceLocator>();
if (this.Configuration["ASPNETCORE_ENVIRONMENT"] == "Development")
{
services.AddSingleton <IKubernetes>(new Kubernetes(KubernetesClientConfiguration.BuildConfigFromConfigFile()));
}
else
{
services.AddSingleton <IKubernetes>(new Kubernetes(KubernetesClientConfiguration.InClusterConfig()));
}
services.AddCookieTempData();
}
public async Task <int> GetConsumerCountAsync()
{
try
{
KubernetesClientConfiguration config = null;
if (IsHostedInKubernetes)
{
config = KubernetesClientConfiguration.InClusterConfig();
}
else
{
// don't forget to run 'kubectl proxy'
config = new KubernetesClientConfiguration {
Host = "http://127.0.0.1:8001"
};
}
using (var client = new Kubernetes(config))
{
var scale = await client.ReadNamespacedStatefulSetScaleAsync(_statefulSetName, _statefulSetNamespace);
return(scale.Spec.Replicas ?? 1);
}
}
catch (Exception ex)
{
throw;
}
}
/// <summary>
/// Generate the kubernetes client.
/// </summary>
public Kubernetes CreateClient()
{
// var config = KubernetesClientConfiguration.BuildConfigFromConfigFile();
var config = KubernetesClientConfiguration.InClusterConfig();
return(new Kubernetes(config));
}
static async Task Program(Options options)
{
KubernetesClientConfiguration config;
// Try to load kubeconfig file, if running locally,
// otherwise try in cluster config (running in k8s container)
try
{
config = KubernetesClientConfiguration.BuildConfigFromConfigFile();
}
catch (Exception)
{
config = KubernetesClientConfiguration.InClusterConfig();
}
var client = new Kubernetes(config);
var chaosClient = new GenericChaosClient(config);
DotEnv.Load(options: new DotEnvOptions(envFilePaths: new[] { "/mnt/outputs/.env" }));
var subscriptionId = Environment.GetEnvironmentVariable("AZURE_SUBSCRIPTION_ID");
// Default to 'Azure SDK Developer Playground' subscription when testing locally outside of the stress cluster.
subscriptionId = subscriptionId ?? "faa080af-c1d8-40ad-9cce-e1a450ca5b57";
ArmClient armClient = new ArmClient(subscriptionId, new DefaultAzureCredential());
var podEventHandler = new PodEventHandler(client, chaosClient, armClient, options.Namespace);
var cts = new CancellationTokenSource();
await podEventHandler.Watch(cts.Token);
}
static IServiceCollection AddKubernetesDiscoveryService(this IServiceCollection services, KubernetesDiscoverySettings kubernetesDiscoverySettings)
{
KubernetesClientConfiguration kubernetesConfig;
if (!string.IsNullOrEmpty(kubernetesDiscoverySettings.ClusterHost) && !string.IsNullOrEmpty(kubernetesDiscoverySettings.Token))
{
kubernetesConfig = new KubernetesClientConfiguration {
Host = kubernetesDiscoverySettings.ClusterHost,
AccessToken = kubernetesDiscoverySettings.Token,
// Some cloud services like Azure AKS use self-signed certificates not valid for httpclient.
// With this method we allow invalid certificates
SkipTlsVerify = true
};
}
else if (KubernetesClientConfiguration.IsInCluster())
{
kubernetesConfig = KubernetesClientConfiguration.InClusterConfig();
}
else
{
kubernetesConfig = KubernetesClientConfiguration.BuildConfigFromConfigFile();
}
services.AddSingleton(kubernetesDiscoverySettings)
.AddHostedService <KubernetesDiscoveryHostedService>()
.AddSingleton <IKubernetes>(new Kubernetes(kubernetesConfig))
.AddHttpClient(Keys.K8S_CLUSTER_SERVICE_HTTP_CLIENT_NAME);
return(services);
}
public List <MineCraftInstance> GetInstance()
{
KubernetesClientConfiguration config;
if (Configuration["ASPNETCORE_ENVIRONMENT"] == "Debug")
{
config = KubernetesClientConfiguration.BuildConfigFromConfigFile();
}
else
{
config = KubernetesClientConfiguration.InClusterConfig();
}
IKubernetes client = new Kubernetes(config);
var list = client.ListNamespacedPod("default");
var output = new List <MineCraftInstance>();
foreach (var item in list.Items)
{
if (item.Metadata.Name.StartsWith(Configuration["MCPodPrefix"]))
{
MineCraftInstance instance = new MineCraftInstance();
instance.name = item.Metadata.Name;
instance.endpoints = new MineCraftEndpoint();
instance.endpoints.minecraft = item.Status.PodIP.ToString() + ":25565";
instance.endpoints.rcon = item.Status.PodIP.ToString() + ":25565";
instance.endpoints.monitor = item.Status.PodIP.ToString() + ":5000";
output.Add(instance);
}
}
return(output);
}
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.UseSerilog(Log.Logger)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup <Startup>();
})
.ConfigureServices(services =>
{
KubernetesClientConfiguration kubeConfig = null;
if (Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT") == "production")
{
kubeConfig = KubernetesClientConfiguration.InClusterConfig();
}
else
{
kubeConfig = KubernetesClientConfiguration.BuildDefaultConfig();
}
services.AddSingleton(kubeConfig);
// Setup the http client
services.AddHttpClient("K8s")
.AddTypedClient <IKubernetes>((httpClient, serviceProvider) => new Kubernetes(
serviceProvider.GetRequiredService <KubernetesClientConfiguration>(),
httpClient))
.ConfigurePrimaryHttpMessageHandler(kubeConfig.CreateDefaultHttpClientHandler);
// Controller Watching service
services.AddHostedService <AcmeHttpChallengeService>();
});
private void AddProcessors(IServiceCollection services)
{
switch (Configuration["Pi:Processor"])
{
case nameof(AciProcessor):
services.AddSingleton <IProcessor, AciProcessor>();
break;
case nameof(DockerProcessor):
services.AddSingleton <IProcessor, DockerProcessor>();
break;
case nameof(KubernetesProcessor):
switch (Configuration["Pi:Processors:Kubernetes:Configuration"])
{
case "InCluster":
services.AddTransient(c => new Kubernetes(KubernetesClientConfiguration.InClusterConfig()));
break;
default:
services.AddTransient(c => new Kubernetes(KubernetesClientConfiguration.BuildConfigFromConfigFile()));
break;
}
services.AddTransient <IProcessor, KubernetesProcessor>();
break;
default:
throw new Exception($"Unknown processor type: {Configuration["Pi:Processor"]}");
}
}
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
services.AddSingleton(s =>
{
var logger = s.GetRequiredService <ILogger <Startup> >();
var inCluster = KubernetesClientConfiguration.IsInCluster();
logger.LogDebug("Building client configuration. Client is in cluster: '{inCluster}'", inCluster);
return(inCluster
? KubernetesClientConfiguration.InClusterConfig()
: KubernetesClientConfiguration.BuildConfigFromConfigFile());
});
services.AddSingleton <IKubernetes>(s =>
{
var logger = s.GetRequiredService <ILogger <Startup> >();
logger.LogDebug("Initializing Kubernetes client");
return(new k8s.Kubernetes(s.GetRequiredService <KubernetesClientConfiguration>())
{
HttpClient = { Timeout = TimeSpan.FromMinutes(60) }
});
});
services.AddTransient <SecretsMonitor>();
services.AddTransient <ConfigMapMonitor>();
services.AddTransient <CustomResourceDefinitionMonitor>();
services.AddTransient <CertManagerCertificatesMonitor>();
services.AddHostedService <SecretsMirror>();
services.AddHostedService <ConfigMapMirror>();
services.AddHostedService <CertManagerMirror>();
}
public void ConfigureServices(IServiceCollection services)
{
KubernetesClientConfiguration config;
if (KubernetesClientConfiguration.IsInCluster())
{
config = KubernetesClientConfiguration.InClusterConfig();
services.AddSingleton <ILeaderSelector, KubernetesLeaderSelector>();
}
else
{
config = new KubernetesClientConfiguration {
Host = "http://localhost:8001"
};
services.AddSingleton <ILeaderSelector, DummyLeaderSelector>();
}
services.AddHttpClient("K8s")
.AddTypedClient <IKubernetes>((httpClient, serviceProvider) => new Kubernetes(config, httpClient))
.ConfigurePrimaryHttpMessageHandler(config.CreateDefaultHttpClientHandler)
.AddHttpMessageHandler(KubernetesClientConfiguration.CreateWatchHandler);
services.AddSingleton <ResourceSet <Foo> >();
services.AddHostedService <CrdControllerService>();
}
private static IKubernetes CreateKubernetesClient(KubernetesSettings settings)
{
var k8sClientConfig = KubernetesClientConfiguration.InClusterConfig();
k8sClientConfig.Namespace = settings.KubernetesNamespace;
return(new Kubernetes(k8sClientConfig));
}
private static IClusterProvider UseKubernetes(ILogger logger)
{
var kubernetes = new Kubernetes(KubernetesClientConfiguration.InClusterConfig());
logger.LogDebug("Running with Kubernetes Provider", kubernetes.BaseUri);
return(new KubernetesProvider(kubernetes));
}
private IKubernetes InitializeKubernetesClient()
{
KubernetesClientConfiguration kubernetesConfig;
if (!string.IsNullOrEmpty(_discoveryOptions.ClusterHost) && !string.IsNullOrEmpty(_discoveryOptions.Token))
{
kubernetesConfig = new KubernetesClientConfiguration
{
Host = _discoveryOptions.ClusterHost,
AccessToken = _discoveryOptions.Token,
// Some cloud services like Azure AKS use self-signed certificates not valid for httpclient.
// With this method we allow invalid certificates
SkipTlsVerify = true
};
}
else if (KubernetesClientConfiguration.IsInCluster())
{
kubernetesConfig = KubernetesClientConfiguration.InClusterConfig();
}
else
{
kubernetesConfig = KubernetesClientConfiguration.BuildConfigFromConfigFile();
}
return(new Kubernetes(kubernetesConfig));
}
public static IClientBuilder UseKubeGatewayListProvider(this IClientBuilder builder,
Action <KubeGatewayOptions> configureOptions = null)
{
return(builder.ConfigureServices((ctx, services) =>
{
services.AddOptions <KubeGatewayOptions>();
services.Configure <KubeGatewayOptions>(configureOptions);
KubernetesClientConfiguration config = default;
if (KubernetesClientConfiguration.IsInCluster())
{
config = KubernetesClientConfiguration.InClusterConfig();
}
else
{
config = KubernetesClientConfiguration.BuildDefaultConfig();
}
services.AddSingleton <IGatewayListProvider>(sp => new KubeGatewayListProvider(
sp.GetRequiredService <ILoggerFactory>(),
sp.GetRequiredService <IOptions <ClusterOptions> >(),
sp.GetRequiredService <IOptions <GatewayOptions> >(),
sp.GetRequiredService <IOptions <KubeGatewayOptions> >(),
new k8s.Kubernetes(config)
));
}));
}
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureServices((hostContext, services) =>
{
services.AddHostedService <HealthChecksOperator>()
.AddSingleton <IKubernetes>(sp =>
{
var config = KubernetesClientConfiguration.IsInCluster() ?
KubernetesClientConfiguration.InClusterConfig() :
KubernetesClientConfiguration.BuildConfigFromConfigFile();
return(new Kubernetes(config));
})
.AddTransient <IHealthChecksController, HealthChecksController>()
.AddSingleton <OperatorDiagnostics>()
.AddSingleton <DeploymentHandler>()
.AddSingleton <ServiceHandler>()
.AddSingleton <SecretHandler>()
.AddSingleton <ConfigMaphandler>()
.AddSingleton <HealthCheckServiceWatcher>();
}).ConfigureLogging((context, builder) =>
{
var logger = new LoggerConfiguration()
.MinimumLevel.Information()
.MinimumLevel.Override("Microsoft", LogEventLevel.Warning)
.Enrich.WithProperty("Application", nameof(K8sOperator))
.Enrich.FromLogContext()
.WriteTo.ColoredConsole(outputTemplate: "[{Timestamp:HH:mm:ss} {Level:u3}] {Message:lj}{NewLine}{Exception:lj}")
.CreateLogger();
builder.ClearProviders();
builder.AddSerilog(logger, dispose: true);
});
public KubernetesApiService(ILogger <KubernetesApiService> logger)
{
var config = KubernetesClientConfiguration.InClusterConfig();
_client = new Kubernetes(config);
_logger = logger;
}
static async Task Main(string[] args)
{
KubernetesClientConfiguration config;
if (KubernetesClientConfiguration.IsInCluster())
{
config = KubernetesClientConfiguration.InClusterConfig();
}
else
{
config = new KubernetesClientConfiguration {
Host = "http://localhost:8001"
};
}
_Client = new Kubernetes(config);
var result = await _Client.ListNamespacedCustomObjectWithHttpMessagesAsync(
group : User.Definition.Group,
version : User.Definition.Version,
plural : User.Definition.Plural,
namespaceParameter : "default",
watch : true);
using (result.Watch <User, object>((type, item) => Handle(type, item)))
{
Console.WriteLine("* Watching for custom object events");
_ResetEvent.WaitOne();
}
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc().AddMetrics();
services.AddSwaggerGen(swagger => {
swagger.SwaggerDoc("v1", new Swashbuckle.AspNetCore.Swagger.Info {
Title = "Kamus Swagger"
});
});
services.AddSingleton <IKubernetes>(s =>
{
KubernetesClientConfiguration config;
config = string.IsNullOrEmpty(Configuration["Kubernetes:ProxyUrl"])
? KubernetesClientConfiguration.InClusterConfig()
: new KubernetesClientConfiguration {
Host = Configuration["Kubernetes:ProxyUrl"]
};
return(new Kubernetes(config));
});
services.AddScoped <IKeyManagement>(s =>
{
var provider = Configuration.GetValue <string>("KeyManagement:Provider");
switch (provider)
{
case "AzureKeyVault":
return(new EnvelopeEncryptionDecorator(
new AzureKeyVaultKeyManagement(s.GetService <IKeyVaultClient>(), Configuration),
new SymmetricKeyManagement(),
Configuration.GetValue <int>("KeyManagement:KeyVault:MaximumDataLength")));
case "AESKey":
var key = Configuration.GetValue <string>("KeyManagement:AES:Key");
if (string.IsNullOrEmpty(key))
{
Log.ForContext <Startup>().Warning("Random key was created for SymmetricKeyManagement, it might break distributed deployments");
}
return(new SymmetricKeyManagement(key));
default:
throw new InvalidOperationException($"Unsupported provider type: {provider}");
}
});
services.AddSingleton <IKeyVaultClient>(_ => new KeyVaultClient(GetToken));
services.AddAuthentication().AddScheme <KubernetesAuthenticationOptions, KubernetesAuthenticationHandler>("kubernetes", null);
services.AddAuthorization(options => {
options.AddPolicy("KubernetesPolicy", policyBuilder => policyBuilder.RequireAssertion(
context => context.Resource as string == context.User.Claims.FirstOrDefault(claim => claim.Type == "sub").Value)
);
});
services.AddSingleton <IConfiguration>(Configuration);
services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>();
}
private static IKubernetes GetKubernetesClient()
{
var config = KubernetesClientConfiguration.IsInCluster() ?
KubernetesClientConfiguration.InClusterConfig() :
KubernetesClientConfiguration.BuildConfigFromConfigFile();
return(new Kubernetes(config));
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddControllersWithViews();
var k8sConfig = KubernetesClientConfiguration.InClusterConfig();
var k8sClient = new Kubernetes(k8sConfig);
services.AddSingleton(typeof(k8s.IKubernetes), k8sClient);
}
