feat : Add support for NCP/NCPVPC

cloud-barista · Nov 15, 2022 · 5fd2c13 · 5fd2c13
1 parent e290f07
commit 5fd2c13
Show file tree

Hide file tree

Showing 11 changed files with 150 additions and 12 deletions.
diff --git a/docs/test/batch-register-cloud-info.sh.example b/docs/test/batch-register-cloud-info.sh.example
@@ -89,3 +89,21 @@ export CI_REGION="Region"
 export CI_ZONE="default"
 
 ./connectioninfo-create.sh CLOUDIT
+
+# NCPVPC
+
+export NCPVPC_CLIENT_ID="XXXXXXXXXXXXXXX"
+export NCPVPC_CLIENT_SECRET="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+export NCPVPC_REGION="KR"
+export NCPVPC_ZONE="KR-1"
+
+./connectioninfo-create.sh NCPVPC
+
+# Ncp
+
+export NCP_CLIENT_ID="XXXXXXXXXXXXXXX"
+export NCP_CLIENT_SECRET="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+export NCP_REGION="KR"
+export NCP_ZONE="KR-1"
+
+./connectioninfo-create.sh NCP
diff --git a/docs/test/conf.env b/docs/test/conf.env
@@ -15,3 +15,6 @@ export c_TENCENT_DRIVER="tencent-driver-v1.0"
 export c_OPENSTACK_DRIVER="openstack-driver-v1.0"
 export c_IBM_DRIVER="ibm-driver-v1.0"
 export c_CLOUDIT_DRIVER="cloudit-driver-v1.0"
+export c_NCPVPC_DRIVER="ncpvpc-driver-v1.0"
+export c_NCP_DRIVER="ncp-driver-v1.0"
+export c_NHNCLOUD_DRIVER="nhncloud-driver-v1.0"
diff --git a/docs/test/connectioninfo-create.sh b/docs/test/connectioninfo-create.sh
@@ -2,7 +2,7 @@
 # ------------------------------------------------------------------------------
 # usage
 if [ "$#" -lt 1 ]; then
-	echo "./connectioninfo-create.sh [AWS/GCP/AZURE/ALIBABA/TENCENT/OPENSTACK/IBM] <option>"
+	echo "./connectioninfo-create.sh [AWS/GCP/AZURE/ALIBABA/TENCENT/OPENSTACK/IBM/CLOUDIT/NCPVPC/NCP] <option>"
 	echo "./connectioninfo-create.sh GCP"
 	echo "./connectioninfo-create.sh AWS add"
 	exit 0
@@ -21,11 +21,11 @@ source ./conf.env
 # 1. CSP
 if [ "$#" -gt 0 ]; then v_CSP="$1"; else	v_CSP="${CSP}"; fi
 if [ "${v_CSP}" == "" ]; then 
-	read -e -p "Cloud ? [AWS(default) or GCP or AZURE or ALIBABA or TENCENT or OPENSTACK or IBM or CLOUDIT] : "  v_CSP
+	read -e -p "Cloud ? [AWS(default) or GCP or AZURE or ALIBABA or TENCENT or OPENSTACK or IBM or CLOUDIT or NCPVPC or NCP] : "  v_CSP
 fi
 
 if [ "${v_CSP}" == "" ]; then v_CSP="AWS"; fi
-if [ "${v_CSP}" != "GCP" ] && [ "${v_CSP}" != "AWS" ] && [ "${v_CSP}" != "AZURE" ] && [ "${v_CSP}" != "ALIBABA" ] && [ "${v_CSP}" != "TENCENT" ] && [ "${v_CSP}" != "OPENSTACK" ] && [ "${v_CSP}" != "IBM" ] && [ "${v_CSP}" != "CLOUDIT" ]; then echo "[ERROR] missing <cloud>"; exit -1;fi
+if [ "${v_CSP}" != "GCP" ] && [ "${v_CSP}" != "AWS" ] && [ "${v_CSP}" != "AZURE" ] && [ "${v_CSP}" != "ALIBABA" ] && [ "${v_CSP}" != "TENCENT" ] && [ "${v_CSP}" != "OPENSTACK" ] && [ "${v_CSP}" != "IBM" ] && [ "${v_CSP}" != "CLOUDIT" ] && [ "${v_CSP}" != "NCPVPC" ] && [ "${v_CSP}" != "NCP" ]; then echo "[ERROR] missing <cloud>"; exit -1;fi
 
 v_CSP_LOWER="$(echo ${v_CSP} | tr [:upper:] [:lower:])"
 
@@ -50,6 +50,10 @@ elif [ "${v_CSP}" == "IBM" ]; then
 	v_DRIVER="${c_IBM_DRIVER}"
 elif [ "${v_CSP}" == "CLOUDIT" ]; then
 	v_DRIVER="${c_CLOUDIT_DRIVER}"
+elif [ "${v_CSP}" == "NCPVPC" ]; then
+	v_DRIVER="${c_NCPVPC_DRIVER}"
+elif [ "${v_CSP}" == "NCP" ]; then
+	v_DRIVER="${c_NCP_DRIVER}"
 fi
 
 
@@ -341,7 +345,7 @@ if [ "${v_CSP}" == "CLOUDIT" ]; then
 
 		v_CLOUDIT_USERNAME="${CI_USERNAME}"
 		if [ "${v_CLOUDIT_USERNAME}" == "" ]; then
-			read -e -p "Username ? [예:mcks] : "  v_OPENSTACK_USERNAME
+			read -e -p "Username ? [예:mcks] : "  v_CLOUDIT_USERNAME
 			if [ "${v_CLOUDIT_USERNAME}" == "" ]; then echo "[ERROR] missing <cloudit username>"; exit -1;fi
 		fi
 
@@ -378,7 +382,72 @@ if [ "${v_CSP}" == "CLOUDIT" ]; then
 		if [ "${v_ZONE}" == "" ]; then v_ZONE="default";fi
 	fi
 fi
+# NCPVPC
+if [ "${v_CSP}" == "NCPVPC" ]; then
+
+	if [ "${v_OPTION}" != "add" ]; then
+
+		v_NCPVPC_ID="${NCPVPC_CLIENT_ID}"
+		if [ "${v_NCPVPC_ID}" == "" ]; then
+			read -e -p "Access ClientId ? [예:AH24UUA2ZGNOP6DKKIA6] : "  v_NCPVPC_ID
+			if [ "${v_NCPVPC_ID}" == "" ]; then echo "[ERROR] missing <ncpvpc_client_id>"; exit -1;fi
+		fi
+
+		v_NCPVPC_SECRET="${NCPVPC_CLIENT_SECRET}"
+		if [ "${v_NCPVPC_SECRET}" == "" ]; then
+			read -e -p "Access-key ClientSecret ? [예:y76ZWz6A/vwqGanDAI926TTPCJrrMo1VbPOh8X7K] : "  v_NCPVPC_SECRET
+			if [ "${v_NCPVPC_SECRET}" == "" ]; then echo "[ERROR] missing <ncpvpc_client_secret>"; exit -1;fi
+		fi
+
+	fi
+
+	# region
+	v_REGION="${NCPVPC_REGION}"
+	if [ "${v_REGION}" == "" ]; then
+		read -e -p "region ? [예:KR] : "  v_REGION
+		if [ "${v_REGION}" == "" ]; then echo "[ERROR] missing region"; exit -1;fi
+	fi
+
+	# zone
+	v_ZONE="${NCPVPC_ZONE}"
+	if [ "${v_ZONE}" == "" ]; then
+		read -e -p "zone ? [예:KR-1] : "  v_ZONE
+		if [ "${v_ZONE}" == "" ]; then v_ZONE="${v_REGION}-1";fi
+	fi
+fi
+# NCP
+if [ "${v_CSP}" == "NCP" ]; then
+
+	if [ "${v_OPTION}" != "add" ]; then
 
+		v_NCP_ID="${NCPVPC_CLIENT_ID}"
+		if [ "${v_NCP_ID}" == "" ]; then
+			read -e -p "Access ClientId ? [예:AH24UUA2ZGNOP6DKKIA6] : "  v_NCP_ID
+			if [ "${v_NCP_ID}" == "" ]; then echo "[ERROR] missing <ncp_client_id>"; exit -1;fi
+		fi
+
+		v_NCP_SECRET="${NCP_CLIENT_SECRET}"
+		if [ "${v_NCP_SECRET}" == "" ]; then
+			read -e -p "Access-key ClientSecret ? [예:y76ZWz6A/vwqGanDAI926TTPCJrrMo1VbPOh8X7K] : "  v_NCP_SECRET
+			if [ "${v_NCP_SECRET}" == "" ]; then echo "[ERROR] missing <ncp_client_secret>"; exit -1;fi
+		fi
+
+	fi
+
+	# region
+	v_REGION="${NCP_REGION}"
+	if [ "${v_REGION}" == "" ]; then
+		read -e -p "region ? [예:KR] : "  v_REGION
+		if [ "${v_REGION}" == "" ]; then echo "[ERROR] missing region"; exit -1;fi
+	fi
+
+	# zone
+	v_ZONE="${NCP_ZONE}"
+	if [ "${v_ZONE}" == "" ]; then
+		read -e -p "zone ? [예:KR-1] : "  v_ZONE
+		if [ "${v_ZONE}" == "" ]; then v_ZONE="${v_REGION}-1";fi
+	fi
+fi
 v_REGION_LOWER="$(echo ${v_REGION} | tr [:upper:] [:lower:])"
 
 NM_CREDENTIAL="credential-${v_CSP_LOWER}"
@@ -432,7 +501,14 @@ elif [ "${v_CSP}" == "CLOUDIT" ]; then
 	echo "- cloudit_password  			is '${v_CLOUDIT_PASSWORD}'"
 	echo "- cloudit_auth_token			is '${v_CLOUDIT_AUTHTOKEN}'"
 	echo "- cloudit_tenantid	 		is '${v_CLOUDIT_TENANTID}'"
-
+elif [ "${v_CSP}" == "NCPVPC" ]; then
+	echo "- Zone                       is '${v_ZONE}'"
+ 	echo "- ncpvpc_client_id     	   is '${v_NCPVPC_ID}'"
+	echo "- ncpvpc_client_secret  	   is '${v_NCPVPC_SECRET}'"
+elif [ "${v_CSP}" == "NCP" ]; then
+	echo "- Zone                       is '${v_ZONE}'"
+ 	echo "- ncp_client_id     	   is '${v_NCP_ID}'"
+	echo "- ncp_client_secret  	   is '${v_NCP_SECRET}'"
 fi
 echo "- (Name of credential)       is '${NM_CREDENTIAL}'"
 echo "- (Name of region)           is '${NM_REGION}'"
@@ -556,7 +632,32 @@ EOF
 				{"Key" : "Username",    		"Value" : "${v_CLOUDIT_USERNAME}"},
 				{"Key" : "Password",			"Value" : "${v_CLOUDIT_PASSWORD}"},
 				{"Key" : "AuthToken",			"Value" : "${v_CLOUDIT_AUTHTOKEN}"},
-				{"Key" : "TenantId",			"Value" : "${v_CLOUDIT_TENANTID}"}
+				{"Key" : "TenantId",			"Value" : "${v_CLOUDIT_TENANTID}"},
+				{"Key" : "ClusterId", 			"Value" : "CL"}
+			]
+			}
+EOF
+		elif [ "${v_CSP}" == "NCPVPC" ]; then
+			curl -sX DELETE ${c_URL_SPIDER}/credential/${NM_CREDENTIAL} -H "${c_CT}" -o /dev/null -w "CREDENTIAL.delete():%{http_code}\n"
+			curl -sX POST   ${c_URL_SPIDER}/credential                  -H "${c_CT}" -o /dev/null -w "CREDENTIAL.regist():%{http_code}\n" -d @- <<EOF
+			{
+			"CredentialName"   : "${NM_CREDENTIAL}",
+			"ProviderName"     : "${v_CSP}",
+			"KeyValueInfoList" : [
+				{"Key" : "ClientId",	    "Value" : "${v_NCPVPC_ID}"},
+				{"Key" : "ClientSecret",    "Value" : "${v_NCPVPC_SECRET}"}
+			]
+			}
+EOF
+		elif [ "${v_CSP}" == "NCP" ]; then
+			curl -sX DELETE ${c_URL_SPIDER}/credential/${NM_CREDENTIAL} -H "${c_CT}" -o /dev/null -w "CREDENTIAL.delete():%{http_code}\n"
+			curl -sX POST   ${c_URL_SPIDER}/credential                  -H "${c_CT}" -o /dev/null -w "CREDENTIAL.regist():%{http_code}\n" -d @- <<EOF
+			{
+			"CredentialName"   : "${NM_CREDENTIAL}",
+			"ProviderName"     : "${v_CSP}",
+			"KeyValueInfoList" : [
+				{"Key" : "ClientId",	    "Value" : "${v_NCP_ID}"},
+				{"Key" : "ClientSecret",    "Value" : "${v_NCP_SECRET}"}
 			]
 			}
 EOF

diff --git a/docs/test/env.sh b/docs/test/env.sh
@@ -2,7 +2,7 @@
 # -----------------------------------------------------------------
 # usage
 if [ "$#" -lt 1 ]; then 
-	echo "./env.sh [AWS/GCP/AZURE/ALBIABA/TENCENT/OPENSTACK] <credential file>"
+	echo "./env.sh [AWS/GCP/AZURE/ALBIABA/TENCENT/OPENSTACK/IBM] <credential file>"
 	echo "./env.sh AWS ~/.aws/credential"
 	exit 0; 
 fi

diff --git a/src/core/app/const.go b/src/core/app/const.go
@@ -16,6 +16,8 @@ const (
 	CSP_TENCENT   CSP = "tencent"
 	CSP_OPENSTACK CSP = "openstack"
 	CSP_IBM       CSP = "ibm"
+	CSP_NCPVPC    CSP = "ncpvpc"
+	CSP_NCP       CSP = "ncp"
 	CSP_CLOUDIT   CSP = "cloudit"
 
 	CONTROL_PLANE ROLE = "control-plane"

diff --git a/src/core/model/types.go b/src/core/model/types.go
@@ -84,7 +84,7 @@ type Node struct {
 	PublicIP    string   `json:"publicIp"`
 	Role        app.ROLE `json:"role" enums:"control-plane,worker"`
 	Spec        string   `json:"spec"`
-	Csp         app.CSP  `json:"csp" enums:"aws,gcp,azure,alibaba,tencent,openstack,ibm,cloudit"`
+	Csp         app.CSP  `json:"csp" enums:"aws,gcp,azure,alibaba,tencent,openstack,ibm,cloudit,ncp,ncpvpc"`
 	CreatedTime string   `json:"createdTime" example:"2022-01-02T12:00:00Z" default:""`
 	CspLabel    string   `json:"cspLabel"`
 	RegionLabel string   `json:"regionLabel"`

diff --git a/src/core/provision/provisioner.go b/src/core/provision/provisioner.go
@@ -170,10 +170,9 @@ func (self *Provisioner) InitExternalEtcd() error {
 		ips += fmt.Sprintf("%s ", machine.PrivateIP)
 		hosts += fmt.Sprintf("%s %s ", machine.Name, machine.PrivateIP)
 	}
-	if _, err := self.leader.executeSSH("sudo echo '%s'>$HOME/.ssh/id_rsa; sudo chmod 600 $HOME/.ssh/id_rsa", self.leader.Credential); err != nil {
+	if _, err := self.leader.executeSSH("sudo echo '%s'>$HOME/id_rsa; sudo mv $HOME/id_rsa $HOME/.ssh/id_rsa; sudo chmod 600 $HOME/.ssh/id_rsa", self.leader.Credential); err != nil {
 		return errors.New(fmt.Sprintf("Failed to create private-key."))
 	}
-
 	if _, err := self.leader.executeSSH(REMOTE_TARGET_PATH+"/etcd-ca.sh %s", ips); err != nil {
 		return errors.New(fmt.Sprintf("Failed to create etcd certificates. (etcd-ca.sh)"))
 	}

diff --git a/src/core/service/cluster.go b/src/core/service/cluster.go
@@ -61,7 +61,7 @@ func CreateCluster(namespace string, req *app.ClusterReq) (*model.Cluster, error
 		connection := tumblebug.NewConnection(req.ControlPlane[0].Connection)
 		exists, _ := connection.GET()
 		if exists {
-			if strings.ToLower(connection.ProviderName) == string(app.CSP_IBM) || strings.ToLower(connection.ProviderName) == string(app.CSP_CLOUDIT) {
+			if strings.ToLower(connection.ProviderName) == string(app.CSP_IBM) || strings.ToLower(connection.ProviderName) == string(app.CSP_NCP) || strings.ToLower(connection.ProviderName) == string(app.CSP_NCPVPC) {
 				return nil, errors.New(fmt.Sprintf("%s does not yet supported nlb loadbalancer.", strings.ToLower(connection.ProviderName)))
 			}
 		}

diff --git a/src/core/service/csp.go b/src/core/service/csp.go
@@ -17,6 +17,8 @@ const (
 	ALIBABA_IMAGE_ID = "ubuntu_18_04_x64_20G_alibase_20210521.vhd"
 	TENCENT_IMAGE_ID = "img-pi0ii46r"
 	CLOUDIT_IMAGE_ID = "ac2696a8-ecf7-4aab-bfbf-9ab5f3256ca2"
+	NCPVPC_IMAGE_ID  = "SW.VSVR.OS.LNX64.UBNTU.SVR1804.B050"
+	NCP_IMAGE_ID     = "SPSW0LINUX000130"
 )
 
 // region별 AMI :  (AMI 이름 : ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20200908, 소유자:099720109477 )
@@ -76,6 +78,9 @@ func getCSPCidrBlock(csp app.CSP) string {
 		return fmt.Sprintf("192.168.%d.0/24", 70+rand.Intn(10))
 	case app.CSP_CLOUDIT:
 		return "10.0.244.0/22"
+	case app.CSP_NCPVPC:
+	case app.CSP_NCP:
+		return fmt.Sprintf("192.168.%d.0/24", 80+rand.Intn(10))
 	}
 
 	return "192.168.255.0/24"
@@ -94,6 +99,10 @@ func getCSPImageId(csp app.CSP, configName string, region *tumblebug.Region) (st
 		return TENCENT_IMAGE_ID, nil
 	} else if csp == app.CSP_CLOUDIT {
 		return CLOUDIT_IMAGE_ID, nil
+	} else if csp == app.CSP_NCP {
+		return NCP_IMAGE_ID, nil
+	} else if csp == app.CSP_NCPVPC {
+		return NCPVPC_IMAGE_ID, nil
 	} else if csp == app.CSP_OPENSTACK {
 		// openstack : lookupImages를 통해 사용자가 등록한 이미지를 검색하여, 이미지 이름에 'ubuntu'와 '1804'가 포함된 이미지 정보 가져오기
 		lookupImages := tumblebug.NewLookupImages(configName)

diff --git a/src/core/service/mcir.go b/src/core/service/mcir.go
@@ -64,7 +64,7 @@ func (self *MCIR) CreateIfNotExist() (model.ClusterReason, string) {
 
 	//validate a CSP
 	exists := false
-	for _, c := range []string{string(app.CSP_AWS), string(app.CSP_GCP), string(app.CSP_AZURE), string(app.CSP_ALIBABA), string(app.CSP_TENCENT), string(app.CSP_OPENSTACK), string(app.CSP_IBM), string(app.CSP_CLOUDIT)} {
+	for _, c := range []string{string(app.CSP_AWS), string(app.CSP_GCP), string(app.CSP_AZURE), string(app.CSP_ALIBABA), string(app.CSP_TENCENT), string(app.CSP_OPENSTACK), string(app.CSP_IBM), string(app.CSP_CLOUDIT), string(app.CSP_NCPVPC), string(app.CSP_NCP)} {
 		if string(self.csp) == c {
 			exists = true
 			break
@@ -112,6 +112,8 @@ func (self *MCIR) CreateIfNotExist() (model.ClusterReason, string) {
 	self.subnetName = vpc.Subnets[0].Name
 
 	// Create a Firewall
+	/* NCP Classic CSP는 Security Group 생성 및 삭제를 REST API를 통해서는 지원하지 않음. 조회만 가능함.
+	 * mcks명명규칙에 맞춰 console에서 미리 생성해야 정상 동작함. 예) mcks-config-ncp-kr-sg  (mcks=namespace, kr=region 나머지는 고정)*/
 	fw := tumblebug.NewFirewall(self.csp, self.namespace, self.firewallName, self.config)
 	fw.VPCId = self.vpcName
 	exists, err = fw.GET()

diff --git a/src/core/tumblebug/mcis.go b/src/core/tumblebug/mcis.go
@@ -40,6 +40,10 @@ func NewNLB(ns string, mcisName string, groupId string) *NLBReq {
 		},
 	}
 
+	if strings.Contains(nlb.NLBBase.Config, string(app.CSP_NCPVPC)) {
+		nlb.HealthChecker.Timeout = "-1"
+	}
+
 	if strings.Contains(nlb.NLBBase.Config, string(app.CSP_GCP)) {
 		nlb.HealthChecker.NLBProtocolBase.Protocol = "HTTP"
 		nlb.HealthChecker.NLBProtocolBase.Port = "80"