add ks-iam and ks-apigateway

Signed-off-by: hongming <talonwan@yunify.com>

cmd/ks-apiserver/apiserver.go

@@ -1,12 +1,28 @@
+/*
+
+ Copyright 2019 The KubeSphere Authors.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+*/
 package main
 
 import (
-	"fmt"
 	"kubesphere.io/kubesphere/cmd/ks-apiserver/app"
-	"os"
-
+	"log"
 	// Install apis
 	_ "kubesphere.io/kubesphere/pkg/apis/metrics/install"
+	_ "kubesphere.io/kubesphere/pkg/apis/monitoring/install"
 	_ "kubesphere.io/kubesphere/pkg/apis/operations/install"
 	_ "kubesphere.io/kubesphere/pkg/apis/resources/install"
 )
@@ -16,7 +32,6 @@ func main() {
 	cmd := app.NewAPIServerCommand()
 
 	if err := cmd.Execute(); err != nil {
-		fmt.Fprintf(os.Stderr, "error: %v\n", err)
-		os.Exit(1)
+		log.Fatalln(err)
 	}
 }

cmd/ks-apiserver/app/options/options.go

@@ -1,67 +0,0 @@
-package options
-
-import (
-	"fmt"
-	"github.com/spf13/pflag"
-	"os"
-)
-
-type ServerRunOptions struct {
-
-	// server bind address
-	BindAddress string
-
-	// insecure port number
-	InsecurePort int
-
-	// secure port number
-	SecurePort int
-
-	// OpenPitrix api gateway service url
-	OpenPitrixAddress string
-
-	// database connection string in MySQL like
-	// user:password@tcp(host)/dbname?charset=utf8&parseTime=True
-	DatabaseConnectionString string
-
-	// tls cert file
-	TlsCertFile string
-
-	// tls private key file
-	TlsPrivateKey string
-
-	// host openapi doc
-	ApiDoc bool
-
-	// kubeconfig file path
-	KubeConfig string
-}
-
-func NewServerRunOptions() *ServerRunOptions {
-	// create default server run options
-	s := ServerRunOptions{
-		BindAddress:              "0.0.0.0",
-		InsecurePort:             9090,
-		SecurePort:               0,
-		OpenPitrixAddress:        "openpitrix-api-gateway.openpitrix-system.svc",
-		DatabaseConnectionString: "",
-		TlsCertFile:              "",
-		TlsPrivateKey:            "",
-		ApiDoc:                   true,
-	}
-
-	return &s
-}
-
-func (s *ServerRunOptions) AddFlags(fs *pflag.FlagSet) {
-
-	fs.StringVar(&s.BindAddress, "bind-address", "0.0.0.0", "server bind address")
-	fs.IntVar(&s.InsecurePort, "insecure-port", 9090, "insecure port number")
-	fs.IntVar(&s.SecurePort, "secure-port", 0, "secure port number")
-	fs.StringVar(&s.OpenPitrixAddress, "openpitrix", "openpitrix-api-gateway.openpitrix-system.svc", "openpitrix api gateway address")
-	fs.StringVar(&s.DatabaseConnectionString, "database-connection", "", "database connection string")
-	fs.StringVar(&s.TlsCertFile, "tls-cert-file", "", "tls cert file")
-	fs.StringVar(&s.TlsPrivateKey, "tls-private-key", "", "tls private key")
-	fs.BoolVar(&s.ApiDoc, "api-doc", true, "host OpenAPI doc")
-	fs.StringVar(&s.KubeConfig, "kubeconfig", fmt.Sprintf("%s/.kube/config", os.Getenv("HOME")), "path to kubeconfig file")
-}

cmd/ks-apiserver/app/server.go

@@ -1,21 +1,38 @@
+/*
+
+ Copyright 2019 The KubeSphere Authors.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+*/
 package app
 
 import (
+	goflag "flag"
 	"fmt"
-	"github.com/emicklei/go-restful-openapi"
+	"github.com/golang/glog"
 	"github.com/spf13/cobra"
-	"kubesphere.io/kubesphere/cmd/ks-apiserver/app/options"
 	"kubesphere.io/kubesphere/pkg/apiserver/runtime"
-	"kubesphere.io/kubesphere/pkg/client"
 	"kubesphere.io/kubesphere/pkg/filter"
 	"kubesphere.io/kubesphere/pkg/informers"
+	"kubesphere.io/kubesphere/pkg/options"
 	"kubesphere.io/kubesphere/pkg/signals"
 	"log"
 	"net/http"
 )
 
 func NewAPIServerCommand() *cobra.Command {
-	s := options.NewServerRunOptions()
+	s := options.SharedOptions
 
 	cmd := &cobra.Command{
 		Use: "ks-apiserver",
@@ -23,15 +40,13 @@ func NewAPIServerCommand() *cobra.Command {
 for the api objects. The API Server services REST operations and provides the frontend to the
 cluster's shared state through which all other components interact.`,
 		RunE: func(cmd *cobra.Command, args []string) error {
-
-			//s.AddFlags(cmd.Flags())
-
 			return Run(s)
 		},
 	}
 
-	s.AddFlags(cmd.Flags())
-
+	cmd.Flags().AddFlagSet(s.CommandLine)
+	cmd.Flags().AddGoFlagSet(goflag.CommandLine)
+	glog.CopyStandardLogTo("INFO")
 	return cmd
 }
 
@@ -39,26 +54,11 @@ func Run(s *options.ServerRunOptions) error {
 
 	var err error
 
-	stopChan := signals.SetupSignalHandler()
-	informers.SharedInformerFactory().Start(stopChan)
-	informers.SharedInformerFactory().WaitForCacheSync(stopChan)
-	log.Println("resources sync success")
+	waitForResourceSync()
 
 	container := runtime.Container
 	container.Filter(filter.Logging)
 
-	if len(s.KubeConfig) > 0 {
-		client.KubeConfigFile = s.KubeConfig
-	}
-
-	if s.ApiDoc {
-		config := restfulspec.Config{
-			WebServices: container.RegisteredWebServices(),
-			APIPath:     "/apidoc.json",
-		}
-		container.Add(restfulspec.NewOpenAPIService(config))
-	}
-
 	log.Printf("Server listening on %d.", s.InsecurePort)
 
 	if s.InsecurePort != 0 {
@@ -71,3 +71,36 @@ func Run(s *options.ServerRunOptions) error {
 
 	return err
 }
+
+func waitForResourceSync() {
+	stopChan := signals.SetupSignalHandler()
+
+	informerFactory := informers.SharedInformerFactory()
+	informerFactory.Rbac().V1().Roles().Lister()
+	informerFactory.Rbac().V1().RoleBindings().Lister()
+	informerFactory.Rbac().V1().ClusterRoles().Lister()
+	informerFactory.Rbac().V1().ClusterRoleBindings().Lister()
+
+	informerFactory.Storage().V1().StorageClasses().Lister()
+
+	informerFactory.Core().V1().Namespaces().Lister()
+	informerFactory.Core().V1().Nodes().Lister()
+	informerFactory.Core().V1().ResourceQuotas().Lister()
+	informerFactory.Core().V1().Pods().Lister()
+	informerFactory.Core().V1().Services().Lister()
+	informerFactory.Core().V1().PersistentVolumeClaims().Lister()
+	informerFactory.Core().V1().Secrets().Lister()
+	informerFactory.Core().V1().ConfigMaps().Lister()
+
+	informerFactory.Apps().V1().ControllerRevisions().Lister()
+	informerFactory.Apps().V1().StatefulSets().Lister()
+	informerFactory.Apps().V1().Deployments().Lister()
+	informerFactory.Apps().V1().DaemonSets().Lister()
+
+	informerFactory.Batch().V1().Jobs().Lister()
+	informerFactory.Batch().V1beta1().CronJobs()
+
+	informerFactory.Start(stopChan)
+	informerFactory.WaitForCacheSync(stopChan)
+	log.Println("resources sync success")
+}

cmd/ks-iam/apiserver.go

@@ -0,0 +1,34 @@
+/*
+
+ Copyright 2019 The KubeSphere Authors.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+*/
+package main
+
+import (
+	"kubesphere.io/kubesphere/cmd/ks-iam/app"
+	"log"
+	// Install apis
+	_ "kubesphere.io/kubesphere/pkg/apis/iam/install"
+)
+
+func main() {
+
+	cmd := app.NewAPIServerCommand()
+
+	if err := cmd.Execute(); err != nil {
+		log.Fatalln(err)
+	}
+}

cmd/ks-iam/app/server.go

@@ -0,0 +1,95 @@
+/*
+
+ Copyright 2019 The KubeSphere Authors.
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+*/
+package app
+
+import (
+	goflag "flag"
+	"fmt"
+	"github.com/golang/glog"
+	"github.com/spf13/cobra"
+	"kubesphere.io/kubesphere/pkg/apiserver/runtime"
+	"kubesphere.io/kubesphere/pkg/filter"
+	"kubesphere.io/kubesphere/pkg/informers"
+	"kubesphere.io/kubesphere/pkg/models/iam"
+	"kubesphere.io/kubesphere/pkg/options"
+	"kubesphere.io/kubesphere/pkg/signals"
+	"log"
+	"net/http"
+)
+
+func NewAPIServerCommand() *cobra.Command {
+	s := options.SharedOptions
+
+	cmd := &cobra.Command{
+		Use: "ks-iam",
+		Long: `The KubeSphere API server validates and configures data
+for the api objects. The API Server services REST operations and provides the frontend to the
+cluster's shared state through which all other components interact.`,
+		RunE: func(cmd *cobra.Command, args []string) error {
+			return Run(s)
+		},
+	}
+	cmd.Flags().AddFlagSet(s.CommandLine)
+	cmd.Flags().AddGoFlagSet(goflag.CommandLine)
+	glog.CopyStandardLogTo("INFO")
+	return cmd
+}
+
+func Run(s *options.ServerRunOptions) error {
+
+	var err error
+
+	err = iam.DatabaseInit()
+
+	if err != nil {
+		return err
+	}
+
+	waitForResourceSync()
+
+	container := runtime.Container
+	container.Filter(filter.Logging)
+
+	log.Printf("Server listening on %d.", s.InsecurePort)
+
+	if s.InsecurePort != 0 {
+		err = http.ListenAndServe(fmt.Sprintf("%s:%d", s.BindAddress, s.InsecurePort), container)
+	}
+
+	if s.SecurePort != 0 && len(s.TlsCertFile) > 0 && len(s.TlsPrivateKey) > 0 {
+		err = http.ListenAndServeTLS(fmt.Sprintf("%s:%d", s.BindAddress, s.SecurePort), s.TlsCertFile, s.TlsPrivateKey, container)
+	}
+
+	return err
+}
+
+func waitForResourceSync() {
+	stopChan := signals.SetupSignalHandler()
+
+	informerFactory := informers.SharedInformerFactory()
+	informerFactory.Rbac().V1().Roles().Lister()
+	informerFactory.Rbac().V1().RoleBindings().Lister()
+	informerFactory.Rbac().V1().ClusterRoles().Lister()
+	informerFactory.Rbac().V1().ClusterRoleBindings().Lister()
+
+	informerFactory.Core().V1().Namespaces().Lister()
+
+	informerFactory.Start(stopChan)
+	informerFactory.WaitForCacheSync(stopChan)
+	log.Println("resources sync success")
+}