koris.cloud package


koris.cloud.builder module


Build a kubernetes cluster on a cloud

class koris.cloud.builder.ClusterBuilder(config, oscinfo, nova, neutron, cinder, conn)[source]

Bases: object

Plan and build a kubernetes cluster in the cloud

static calculate_discovery_hash(ca_bundle)[source]

calculate the discovery hash based on the ca_bundle

static create_bootstrap_token()[source]

create a new random bootstrap token like f62bcr.fedcba9876543210, a valid token matches the expression [a-z0-9]{6}.[a-z0-9]{16}

static create_ca()[source]

create a self signed CA


Sets up networking for the cluster.


Generates a keypair for the first master node.

The master node needs a keypair which is uploaded to OpenStack. This keypair is then used for adding master nodes to the cluster.

This key pair is also added as a secret to the master-adder-pod.

Returns:An OpenStack keypair.

execute the complete cluster build

class koris.cloud.builder.ControlPlaneBuilder(config, osinfo, cloud_config=None)[source]

Bases: object

Interact with openstack and create a virtual machines with a volume, and network interface. The machines are provisioned with cloud-init. This class builds the control plane machine, and although it is similar to NodeBuilder it uses a bit slightly different methods under the hood to configure the control plane services.

add_master(zone, flavor, k8s_version='1.14.1', k8s_conf=None, **kwargs)[source]

Adds a new instance in OpenStack which will be provisioned as master.

  • Create a new machine
  • Grab the public key from OpenStack so the master-add-pod can SSH to it.
  • zone (str) – The noris.cloud availability zone to create the master in.
  • flavor (str) – The noris.cloud instance flavor of the master.

The results of the asyncio task.

create_masters_tasks(ssh_key, ca_bundle, cloud_config, lb_ip, lb_port, bootstrap_token, lb_dns='', pod_subnet='', pod_network='CALICO', dex=None, k8s_version='1.14.1')[source]

Create future tasks for creating the cluster control plane nodesself.

create_new_master(zone=None, flavor=None)[source]

Creates a new instance in OpenStack and labels it as a K8s master

  • zone (str) – The noris.cloud availability zone to create the master in.
  • flavor (str) – The noris.cloude instance flavor of the master.

class:koris.cloud.openstack.Instance` which represents the added master.

Return type:

An instance of `


get information on the nodes from openstack.

Returns:list [openstack.Instance, openstack.Instance, …]
class koris.cloud.builder.NodeBuilder(config, osinfo, cloud_config=None)[source]

Bases: object

Interact with openstack and create a virtual machines with a volume, and network interface. The machines are provisioned with cloud-init.

create_initial_nodes(cloud_config, ca_bundle, lb_ip, lb_port, bootstrap_token, discovery_hash, k8s_version='1.14.1', pod_network='CALICO')[source]

Create all initial nodes when running koris apply <config>

create_new_nodes(role='node', zone=None, flavor=None, amount=1)[source]

add additional nodes

create_nodes_tasks(host, token, ca_info, role='node', flavor=None, zone=None, amount=1, k8s_version='1.14.1')[source]

Create tasks for adding nodes when running koris add --args ...

  • ca_cert (CertBundle.cert) –
  • token (str) –
  • discovery_hash (str) –
  • host (str) –
  • flavor (str or None) –
  • zone (str) –

get information on the nodes from openstack.

Returns:list [openstack.Instance, openstack.Instance, …]
static launch_new_nodes(node_tasks)[source]

Launch all nodes when running koris add ...

koris.cloud.builder.get_server_range(servers, cluster_name, role, amount)[source]

Given a list of servers find the last server name and add N more

koris.cloud.openstack module

functions and classes to interact with openstack

exception koris.cloud.openstack.BuilderError[source]

Bases: Exception

Raise a custom error if the build fails

class koris.cloud.openstack.Instance(cinder, nova, name, network, zone, role, volume_config, flavor)[source]

Bases: object

Create an Openstack Server with an attached volume

attach_port(netclient, net, secgroups)[source]

associate a network port with an instance

create(flavor, secgroups, keypair, userdata)[source]

Boot the instance on openstack returns the OpenStack instance


stop and terminate an instance


return the IP address of the first NIC


return all network interfaces attached to the instance

exception koris.cloud.openstack.InstanceExists[source]

Bases: Exception

raise a custom error if the machine exists

exception koris.cloud.openstack.InstanceNotFound[source]

Bases: Exception

Raises a custom error if machine doesn’t exist.

class koris.cloud.openstack.LoadBalancer(config, conn, neutron=None)[source]

Bases: object

A class to create a LoadBalancer in OpenStack.

Openstack allows one to create a loadbalancer and configure it later. Thus we create a LoadBalancer, so we have it’s IP. The IP of the LoadBalancer, is then stored in the SSL certificates. During the boot of the machines, we configure the LoadBalancer.

add_health_monitor(pool_id, name=None)[source]

Adds a Healthmonitor to a Pool

add_listener(name=None, protocol='HTTPS', protocol_port=6443)[source]

Adds a custom listener to the LoadBalancer

add_member(pool_id, ip_addr, protocol_port=6443)[source]

Adds a Listener to a Pool.

add_pool(listener_id, lb_algorithm='SOURCE_IP', protocol='HTTPS', name=None)[source]

Adds a pool to a listener


Associates a Floating IP with the LoadBalancer

bulk_update_members(members, pool_id=None)[source]

bulk update members of a listener

Using this method, a Health Monitor is automatically added by openstack.

  • members (list) – list containing member information
  • pool_id (str) – the Id of the pool

indicates whether the operation succeeded or not

Return type:



Find if a floating ip exists in the pool and if it’s available for assignement.

Parameters:fip (str) – a floating ip

exits, if floating ip not available in pool exits, if floating ip already being used


Configure a load balancer created in earlier step

Parameters:master_ips (list) – A list of the master IP addresses

Provision a minimally configured LoadBalancer in OpenStack

Returns:tuple (dict, str) - the dict is the load balancer information, if a floating IP was associated it is returned as a string. Else it’s None.

get the default pool

del_member(member_id, pool_id)[source]

Deletes a member from the LoadBalancer.

  • member_id (str) – The ID of the member to be deleted.
  • pool_id (str) – The ID of the pool where the member is located.

Delete the cluster API loadbalancer

Deletion order of LoadBalancer (done via –cascade):
  • remove pool (LB is pending up date)
  • if healthmonitor in pool, delete it first
  • remove listener (LB is pending update)
  • remove LB (LB is pending delete)

Retrieve LoadBalancer information


Retrieve or create a LoadBalancer


Return the LoadBalancer’s IP or Floating IP address


Returns the listener of name MASTER_LISTENER_NAME, including additional info.

Returns:A dict containing all necessary information of the master listener:
    'name': '<listener.name:str>',
    'id': '<listener.id:str>',
    'pool': {
        'name': '<pool.name:str>',
        'id': '<pool.id:str>',
            'members': [
                    'id': '<pool.members[i].id:str>',
                    'name': '<member.name:str>',
                    'address': '<member.address:str>',
members_uri = '/v2.0/lbaas/pools/%s/members'
class koris.cloud.openstack.OSCloudConfig(subnet_id=None)[source]

Bases: object

Data class to hold the configuration file for kubernetes cloud provider

class koris.cloud.openstack.OSClusterInfo(nova_client, neutron_client, cinder_client, config, conn)[source]

Bases: object

Class containing various information of the cluster.

This tries to retrieve the Network, Subnetwork, Router and Security Group from OpenStack. If any of those can’t be retrieved, the attributes are set to None. The function setup_networking() can initialize all resources.

It is the responsibility of the client to check if the resources are available and set them up, if necessary.

  • nova_client – An OpenStack NOVA Client
  • neutron_client – An OpenStack NEUTRON Client
  • cinder_client – An OpenStack CINDER Client
  • config (dict) – A dictionary containing koris config parameters.
  • conn – An OpenStack Connection Object.

return the current compute client


distribute control plane nodes in the different availability zones


distribute worker nodes in the different availability zones


Retrieve all nodes as Instances


Find the koris image in OpenStack

We use self._image in order to save us doing multiple calls to OpenStack every time the property is called.


get the host names of all control plane nodes


return the current network client


get the host names of all worker nodes


Creates Network, Subnet, Router and Security Group if necessary.

This function is ephemeral, as it checks if the resources are existing, before creating them.

Parameters:config (dict) – A dictionary containing the koris config parameters.

return the current storage client

class koris.cloud.openstack.OSNetwork(config, conn)[source]

Bases: object

Manages a Network on OpenStack.

The name will be taken from the config or set to cluster-name-net.

  • config (dict) – A dictionary containing the koris config parameters.
  • conn – An OpenStack connection object.
static find_external_network(conn, default='ext02', fallback='bgp-noris', autodetect=True)[source]

Finds and returns an external network in OpenStack.

This function will look for all external networks, then try to find the one with name passed as the “default” parameter. In case this can’t be found, it will try to return the external network with the “fallback” parameter. In case this can’t be found, it will return the first external network it finds.

  • conn (OpenStackAPI.connection.connection) – An OpenStack Connection.
  • default (str) – The default external network to use.
  • fallback (str) – The fallback external network to use in case the default is not found.
  • autodetect (bool) – If network isn’t given with router in the config and the default is not found try and find one.

An OpenStackAPI.network.v2.network object or None if no external

network can be found.


Retrieves a Network from OpenStack.

Returns:An OpenStack Network object, or None.

Retrieves or creates a Network.

Returns:An OpenStack Network object.
class koris.cloud.openstack.OSRouter(network_id, subnet, config, conn)[source]

Bases: object

A class managing a Router on OpenStack.

  • network_id (str) – The UUID of the OpenStack Network.
  • subnet – An OpenStack Subnetwork Object.
  • config (dcit) – A dictionary containing koris config parameters.
  • conn – An OpenStack Connection Object.

Retrieves a Router by the default name from OpenStack.


Retrieves or creates a Router on OpenStack.

Function will create the router, create a new port and add it as an interface to the router, then adding and external gateway.

Returns:An OpenStack Router object.
class koris.cloud.openstack.OSSubnet(network_id, config, conn)[source]

Bases: object

Manages a Subnet on OpenStack.

  • network_id (str) – The UUID of the Network to create the Subnet in.
  • config (dict) – A dictionary containing the koris config parameters.
  • conn – An OpenStack Connection object.

Retrieves a Subnet from OpenStack.

Returns:An OpenStack Subnetwork Object or None.

Retrieves or creates a Subnet on OpenStack.

If a new Subnetwork is created, additional information will be saved in the config.

Returns:An OpenStack Subnetwork Object.
class koris.cloud.openstack.SecurityGroup(name, conn, subnet)[source]

Bases: object

A class to create and configure a security group in OpenStack.

This class behaves differently as the OSNetwork, OSSubnet and OSRouter classes as we need to additional functions on it, such as configure.

  • name (str) – The name of the Security Group
  • conn – An OpenStack Connection object
  • subnet – An OpenStack Subnet object

Adds a security group rule.


Configures the SecurityGroup for cluster usage.


Deletes a security rule.


Checks if this SecurityGroup has been created in OpenStack.


Retrieves the SecurityGroup from OpenStack.

If it exists, will also set the id attribute of the class.


Retrieves or creates a security group for all machines.

Returns:An OpenStack Security Group Object.
koris.cloud.openstack.delete_instance(name, conn, ignore_not_found=True)[source]

Removes a server from OpenStack.

This will also remove Volumes and Network ports.

  • name (str) – Name of the Server to delete.
  • conn – An OpenStack Connection object.
  • ignore_not_found (bool) – If set to False, raises InstanceNotFound if the instance doesn’t exist.
koris.cloud.openstack.distribute_host_zones(hosts, zones)[source]

this divides the lists of hosts into zones >>> hosts >>> [‘host1’, ‘host2’, ‘host3’, ‘host4’, ‘host5’] >>> zones >>> [‘A’, ‘B’] >>> list(zip([hosts[i:i + n] for i in range(0, len(hosts), n)], zones)) # noqa >>> [([‘host1’, ‘host2’, ‘host3’], ‘A’), ([‘host4’, ‘host5’], ‘B’)] # noqa


get openstack low level clients

This should be replaced in the future with openstack.connect


Establishes an OpenStack connection.

This function will exit with error code 1 in case a connection could not be established.

Returns:an OpenStack Connection Object.
Return type:conn (OpenStackAPI.Connection)

Automagically read all OS_* variables and yield key: value pairs which can be used for OS connection

Module contents

cloud wrapper

Currently we interface only with openstack, in the future we might add vSphere and AWS.