public override async Task ExecuteAsync(OutputContext output, ApplicationBuilder application)
{
using var step = output.BeginStep("");
if (!await KubectlDetector.IsKubectlInstalledAsync(output))
{
throw new CommandException($"Cannot apply manifests because kubectl is not installed.");
}
if (!await KubectlDetector.IsKubectlConnectedToClusterAsync(output))
{
throw new CommandException($"Cannot apply manifests because kubectl is not connected to a cluster.");
}
using var tempFile = TempFile.Create();
output.WriteInfoLine($"Writing output to '{tempFile.FilePath}'.");
{
await using var stream = File.OpenWrite(tempFile.FilePath);
await using var writer = new StreamWriter(stream, new UTF8Encoding(encoderShouldEmitUTF8Identifier: false), leaveOpen: true);
await ApplicationYamlWriter.WriteAsync(output, writer, application);
}
var ns = $"namespace ${application.Namespace}";
if (string.IsNullOrEmpty(application.Namespace))
{
ns = "current namespace";
}
output.WriteDebugLine($"Running 'kubectl apply' in ${ns}");
output.WriteCommandLine("kubectl", $"apply -f \"{tempFile.FilePath}\"");
var capture = output.Capture();
var exitCode = await Process.ExecuteAsync(
$"kubectl",
$"apply -f \"{tempFile.FilePath}\"",
System.Environment.CurrentDirectory,
stdOut : capture.StdOut,
stdErr : capture.StdErr);
output.WriteDebugLine($"Done running 'kubectl apply' exit code: {exitCode}");
if (exitCode != 0)
{
throw new CommandException("'kubectl apply' failed.");
}
output.WriteInfoLine($"Deployed application '{application.Name}'.");
}
private static async Task ExecuteDeployAsync(OutputContext output, ApplicationBuilder application, string environment, bool interactive, bool force)
{
var watch = System.Diagnostics.Stopwatch.StartNew();
if (!await KubectlDetector.IsKubectlInstalledAsync(output))
{
throw new CommandException($"Cannot apply manifests because kubectl is not installed.");
}
if (!await KubectlDetector.IsKubectlConnectedToClusterAsync(output))
{
throw new CommandException($"Cannot apply manifests because kubectl is not connected to a cluster.");
}
await application.ProcessExtensionsAsync(options : null, output, ExtensionContext.OperationKind.Deploy);
ApplyRegistry(output, application, interactive, requireRegistry: true);
var executor = new ApplicationExecutor(output)
{
ServiceSteps =
{
new ApplyContainerDefaultsStep(),
new CombineStep()
{
Environment = environment,
},
new PublishProjectStep(),
new BuildDockerImageStep()
{
Environment = environment,
},
new PushDockerImageStep()
{
Environment = environment,
},
new ValidateSecretStep()
{
Environment = environment, Interactive= interactive, Force = force,
},
new GenerateServiceKubernetesManifestStep()
{
Environment = environment,
},
},
IngressSteps =
{
new ValidateIngressStep()
{
Environment = environment, Interactive = interactive, Force = force,
},
new GenerateIngressKubernetesManifestStep(),
},
ApplicationSteps =
{
new DeployApplicationKubernetesManifestStep(),
}
};
await executor.ExecuteAsync(application);
watch.Stop();
TimeSpan elapsedTime = watch.Elapsed;
output.WriteAlwaysLine($"Time Elapsed: {elapsedTime.Hours:00}:{elapsedTime.Minutes:00}:{elapsedTime.Seconds:00}:{elapsedTime.Milliseconds / 10:00}");
}
public override async Task ExecuteAsync(OutputContext output, ApplicationBuilder application, IngressBuilder ingress)
{
// This code assumes that in the future we might support other ingress types besides nginx.
//
// Right now we only know some hardcoded details about ingress-nginx that we use for both
// validation and generation of manifests.
//
// For instance we don't support k8s 1.18.X IngressClass resources because that version
// isn't broadly available yet.
var ingressClass = "nginx";
if (!IngressClasses.Add(ingressClass))
{
output.WriteDebugLine($"Already validated ingress class '{ingressClass}'.");
return;
}
if (await KubectlDetector.GetKubernetesServerVersion(output) == null)
{
throw new CommandException($"Cannot validate ingress because kubectl is not installed.");
}
if (!await KubectlDetector.IsKubectlConnectedToClusterAsync(output))
{
throw new CommandException($"Cannot validate ingress because kubectl is not connected to a cluster.");
}
output.WriteDebugLine($"Validating ingress class '{ingressClass}'.");
var config = KubernetesClientConfiguration.BuildDefaultConfig();
// If namespace is null, set it to default
config.Namespace ??= "default";
var kubernetes = new Kubernetes(config);
// Looking for a deployment using a standard label.
// Note: using a deployment instead of a service - minikube doesn't create a service for the controller.
try
{
var result = await kubernetes.ListDeploymentForAllNamespacesWithHttpMessagesAsync(
labelSelector : "app.kubernetes.io/name in (ingress-nginx, nginx-ingress-controller)");
if (result.Body.Items.Count > 0)
{
foreach (var service in result.Body.Items)
{
output.WriteInfoLine($"Found existing ingress controller '{service.Metadata.Name}' in namespace '{service.Metadata.NamespaceProperty}'.");
}
return;
}
}
catch (HttpOperationException ex) when(ex.Response.StatusCode == HttpStatusCode.NotFound)
{
// The kubernetes client uses exceptions for 404s.
}
catch (Exception ex)
{
output.WriteDebugLine("Failed to query secret.");
output.WriteDebugLine(ex.ToString());
throw new CommandException("Unable connect to kubernetes.", ex);
}
if (Force)
{
output.WriteDebugLine("Skipping because force was specified.");
return;
}
if (!Interactive)
{
throw new CommandException(
$"An ingress was specified for the application, but the 'ingress-nginx' controller could not be found. " +
$"Rerun the command with --interactive to deploy a controller for development, or with --force to skip validation. Alternatively " +
$"see our documentation on ingress: https://aka.ms/tye/ingress");
}
output.WriteAlwaysLine(
"Tye can deploy the ingress-nginx controller for you. This will be a basic deployment suitable for " +
"experimentation and development. Your production needs, or requirements may differ depending on your Kubernetes distribution. " +
"See: https://aka.ms/tye/ingress for documentation.");
if (!output.Confirm($"Deploy ingress-nginx"))
{
// user skipped deployment of ingress, continue with deployment.
return;
}
// We want to be able to detect minikube because the process for enabling nginx-ingress is different there,
// it's shipped as an addon.
//
// see: https://github.com/telepresenceio/telepresence/blob/4364fd83d5926bef46babd704e7bd6c82a75dbd6/telepresence/startup.py#L220
if (config.CurrentContext == "minikube")
{
output.WriteDebugLine($"Running 'minikube addons enable ingress'");
output.WriteCommandLine("minikube", "addon enable ingress");
var capture = output.Capture();
var exitCode = await ProcessUtil.ExecuteAsync(
$"minikube",
$"addons enable ingress",
System.Environment.CurrentDirectory,
stdOut : capture.StdOut,
stdErr : capture.StdErr);
output.WriteDebugLine($"Done running 'minikube addons enable ingress' exit code: {exitCode}");
if (exitCode != 0)
{
throw new CommandException("'minikube addons enable ingress' failed.");
}
output.WriteInfoLine($"Deployed ingress-nginx.");
}
else
{
// If we get here then we should deploy the ingress controller.
// The first time we apply the ingress controller, the validating webhook will not have started.
// This causes an error to be returned from the process. As this always happens, we are going to
// not check the error returned and assume the kubectl command worked. This is double checked in
// the future as well when we try to create the ingress resource.
output.WriteDebugLine($"Running 'kubectl apply'");
output.WriteCommandLine("kubectl", $"apply -f \"https://aka.ms/tye/ingress/deploy\"");
var capture = output.Capture();
var exitCode = await ProcessUtil.ExecuteAsync(
$"kubectl",
$"apply -f \"https://aka.ms/tye/ingress/deploy\"",
System.Environment.CurrentDirectory);
output.WriteDebugLine($"Done running 'kubectl apply' exit code: {exitCode}");
output.WriteInfoLine($"Waiting for ingress-nginx controller to start.");
// We need to then wait for the webhooks that are created by ingress-nginx to start. Deploying an ingress immediately
// after creating the controller will fail if the webhook isn't ready.
//
// Internal error occurred: failed calling webhook "validate.nginx.ingress.kubernetes.io":
// Post https://ingress-nginx-controller-admission.ingress-nginx.svc:443/networking.k8s.io/v1/ingresses?timeout=30s:
// dial tcp 10.0.31.130:443: connect: connection refused
//
// Unfortunately this is the likely case for us.
try
{
output.WriteDebugLine("Watching for ingress-nginx controller readiness...");
var response = await kubernetes.ListNamespacedPodWithHttpMessagesAsync(
namespaceParameter : "ingress-nginx",
labelSelector : "app.kubernetes.io/component=controller,app.kubernetes.io/name=ingress-nginx",
watch : true);
var tcs = new TaskCompletionSource <object?>();
using var watcher = response.Watch <V1Pod, V1PodList>(
onEvent: (@event, pod) =>
{
// Wait for the readiness-check to pass.
if (pod.Status.Conditions.All(c => string.Equals(c.Status, bool.TrueString, StringComparison.OrdinalIgnoreCase)))
{
tcs.TrySetResult(null); // Success!
output.WriteDebugLine($"Pod '{pod.Metadata.Name}' is ready.");
}
},
onError: ex =>
{
tcs.TrySetException(ex);
output.WriteDebugLine("Watch operation failed.");
},
onClosed: () =>
{
// YOLO?
tcs.TrySetResult(null);
output.WriteDebugLine("Watch operation completed.");
});
await tcs.Task;
}
catch (Exception ex)
{
output.WriteDebugLine("Failed to ingress-nginx pods.");
output.WriteDebugLine(ex.ToString());
throw new CommandException("Failed to query ingress-nginx pods.", ex);
}
output.WriteInfoLine($"Deployed ingress-nginx.");
}
}
public static async Task <KubernetesIngressOutput> CreateIngress(
OutputContext output,
ApplicationBuilder application,
IngressBuilder ingress)
{
var root = new YamlMappingNode();
var k8sVersion = await KubectlDetector.GetKubernetesServerVersion(output);
root.Add("kind", "Ingress");
if (k8sVersion >= MinIngressVersion)
{
root.Add("apiVersion", "networking.k8s.io/v1");
}
else
{
root.Add("apiVersion", "extensions/v1beta1");
}
var metadata = new YamlMappingNode();
root.Add("metadata", metadata);
metadata.Add("name", ingress.Name);
if (!string.IsNullOrEmpty(application.Namespace))
{
metadata.Add("namespace", application.Namespace);
}
var annotations = new YamlMappingNode();
metadata.Add("annotations", annotations);
annotations.Add("kubernetes.io/ingress.class", new YamlScalarNode("nginx")
{
Style = ScalarStyle.SingleQuoted,
});
annotations.Add("nginx.ingress.kubernetes.io/rewrite-target", new YamlScalarNode("/$2")
{
Style = ScalarStyle.SingleQuoted,
});
var labels = new YamlMappingNode();
metadata.Add("labels", labels);
labels.Add("app.kubernetes.io/part-of", new YamlScalarNode(application.Name)
{
Style = ScalarStyle.SingleQuoted,
});
var spec = new YamlMappingNode();
root.Add("spec", spec);
if (ingress.Rules.Count == 0)
{
return(new KubernetesIngressOutput(ingress.Name, new YamlDocument(root)));
}
var rules = new YamlSequenceNode();
spec.Add("rules", rules);
// k8s ingress is grouped by host first, then grouped by path
foreach (var hostgroup in ingress.Rules.GroupBy(r => r.Host))
{
var rule = new YamlMappingNode();
rules.Add(rule);
if (!string.IsNullOrEmpty(hostgroup.Key))
{
rule.Add("host", hostgroup.Key);
}
var http = new YamlMappingNode();
rule.Add("http", http);
var paths = new YamlSequenceNode();
http.Add("paths", paths);
foreach (var ingressRule in hostgroup)
{
var path = new YamlMappingNode();
paths.Add(path);
var backend = new YamlMappingNode();
path.Add("backend", backend);
var service = application.Services.FirstOrDefault(s => s.Name == ingressRule.Service);
if (service is null)
{
throw new InvalidOperationException($"Could not resolve service '{ingressRule.Service}'.");
}
var binding = service.Bindings.FirstOrDefault(b => b.Name is null || b.Name == "http");
if (binding is null)
{
throw new InvalidOperationException($"Could not resolve an http binding for service '{service.Name}'.");
}
if (k8sVersion >= MinIngressVersion)
{
var backendService = new YamlMappingNode();
backend.Add("service", backendService);
backendService.Add("name", ingressRule.Service);
var backendPort = new YamlMappingNode();
backendService.Add("port", backendPort);
backendPort.Add("number", (binding.Port ?? 80).ToString(CultureInfo.InvariantCulture));
path.Add("pathType", "Prefix");
}
else
{
backend.Add("serviceName", ingressRule.Service);
backend.Add("servicePort", (binding.Port ?? 80).ToString(CultureInfo.InvariantCulture));
}
// Tye implements path matching similar to this example:
// https://kubernetes.github.io/ingress-nginx/examples/rewrite/
//
// Therefore our rewrite-target is set to $2 - we want to make sure we have
// two capture groups.
if (string.IsNullOrEmpty(ingressRule.Path) || ingressRule.Path == "/")
{
path.Add("path", "/()(.*)"); // () is an empty capture group.
}
else
{
if (ingressRule.PreservePath)
{
path.Add("path", $"/()({ingressRule.Path.Trim('/')}.*)");
}
else
{
var regex = $"{ingressRule.Path.TrimEnd('/')}(/|$)(.*)";
path.Add("path", regex);
}
}
// Only support prefix matching for now
}
}
return(new KubernetesIngressOutput(ingress.Name, new YamlDocument(root)));
}
public override async Task ExecuteAsync(OutputContext output, ApplicationBuilder application)
{
using var step = output.BeginStep("Applying Kubernetes Manifests...");
if (await KubectlDetector.GetKubernetesServerVersion(output) == null)
{
throw new CommandException($"Cannot apply manifests because kubectl is not installed.");
}
if (!await KubectlDetector.IsKubectlConnectedToClusterAsync(output))
{
throw new CommandException($"Cannot apply manifests because kubectl is not connected to a cluster.");
}
using var tempFile = TempFile.Create();
output.WriteInfoLine($"Writing output to '{tempFile.FilePath}'.");
{
await using var stream = File.OpenWrite(tempFile.FilePath);
await using var writer = new StreamWriter(stream, new UTF8Encoding(encoderShouldEmitUTF8Identifier: false), leaveOpen: true);
await ApplicationYamlWriter.WriteAsync(output, writer, application);
}
var ns = $"namespace ${application.Namespace}";
if (string.IsNullOrEmpty(application.Namespace))
{
ns = "current namespace";
}
output.WriteDebugLine($"Running 'kubectl apply' in ${ns}");
output.WriteCommandLine("kubectl", $"apply -f \"{tempFile.FilePath}\"");
var capture = output.Capture();
var exitCode = await Process.ExecuteAsync(
$"kubectl",
$"apply -f \"{tempFile.FilePath}\"",
System.Environment.CurrentDirectory,
stdOut : capture.StdOut,
stdErr : capture.StdErr);
output.WriteDebugLine($"Done running 'kubectl apply' exit code: {exitCode}");
if (exitCode != 0)
{
throw new CommandException("'kubectl apply' failed.");
}
output.WriteInfoLine($"Deployed application '{application.Name}'.");
if (application.Ingress.Count > 0)
{
output.WriteInfoLine($"Waiting for ingress to be deployed. This may take a long time.");
foreach (var ingress in application.Ingress)
{
using var ingressStep = output.BeginStep($"Retrieving details for {ingress.Name}...");
var done = false;
Action <string> complete = line =>
{
done = line != "''";
if (done)
{
output.WriteInfoLine($"IngressIP: {line}");
}
};
var retries = 0;
while (!done && retries < 60)
{
var ingressExitCode = await Process.ExecuteAsync(
"kubectl",
$"get ingress {ingress.Name} -o jsonpath='{{..ip}}'",
Environment.CurrentDirectory,
complete,
capture.StdErr);
if (ingressExitCode != 0)
{
throw new CommandException("'kubectl get ingress' failed");
}
if (!done)
{
await Task.Delay(2000);
retries++;
}
}
}
}
}