MAIA.kubernetes_utils module#

MAIA.kubernetes_utils.create_cifs_secret(request, cluster_id, settings, namespace, user_id, username, password, public_key)[source]#

Create a CIFS secret in the specified Kubernetes namespace.

Parameters:

  • request (HttpRequest) – The HTTP request object containing session and user information.

  • cluster_id (str) – The ID of the Kubernetes cluster.

  • settings (dict) – The settings dictionary containing configuration details.

  • namespace (str) – The Kubernetes namespace where the secret will be created.

  • user_id (str) – The user ID for the CIFS secret.

  • username (str) – The username for the CIFS secret.

  • password (str) – The password for the CIFS secret.

  • public_key (str) – The public key for the CIFS secret.

Returns:

None

MAIA.kubernetes_utils.create_cifs_secret_from_context(namespace, user_id, username, password, public_key)[source]#

Create a CIFS secret in the specified Kubernetes namespace.

Parameters:

  • namespace (str) – The Kubernetes namespace where the secret will be created.

  • user_id (str) – The user ID to be used in the secret name.

  • username (str) – The CIFS username to be encrypted and stored in the secret.

  • password (str) – The CIFS password to be encrypted and stored in the secret.

  • public_key (str) – The public key used to encrypt the username and password.

Returns:

None

Raises:

ApiException – If there is an error when calling the Kubernetes API to create the secret.

MAIA.kubernetes_utils.create_docker_registry_secret_from_context(docker_credentials, namespace, secret_name)[source]#

Creates a Kubernetes secret of type kubernetes.io/dockerconfigjson in the specified namespace using the provided Docker registry credentials.

Parameters:

  • docker_credentials (dict)

  • keys (A dictionary containing Docker registry credentials with the following)

  • "registry" (-) – The Docker registry URL (e.g., “https://index.docker.io/v1/”).

  • "username" (-) – The username for the Docker registry.

  • "password" (-) – The password for the Docker registry.

  • namespace (str) – The Kubernetes namespace where the secret will be created.

  • secret_name (str) – The name of the Kubernetes secret to be created.

Raises:

ApiException – If there is an error while creating the Kubernetes secret, an exception is raised with details about the failure.

Notes

This function uses the Kubernetes Python client to create the secret. Ensure that the Kubernetes client is properly configured to interact with the desired cluster.

MAIA.kubernetes_utils.create_helm_repo_secret_from_context(repo_name, helm_repo_config, argocd_namespace='argocd')[source]#

Create a Helm repository secret in the specified Argo CD namespace using the provided Helm repository configuration.

Parameters:

  • repo_name (str) – The name of the Helm repository.

  • helm_repo_config (dict) – A dictionary containing the Helm repository configuration with the following keys: - “username” (str): The username for the Helm repository. - “password” (str): The password for the Helm repository. - “project” (str): The project associated with the Helm repository. - “url” (str): The URL of the Helm repository. - “type” (str): The type of the Helm repository. - “name” (str): The name of the Helm repository. - “enableOCI” (str): A flag indicating whether OCI is enabled for the Helm repository.

  • argocd_namespace (str, optional) – The namespace in which to create the secret (default is “argocd”).

Returns:

None

Raises:

ApiException – If there is an error when calling the Kubernetes API to create the secret.

MAIA.kubernetes_utils.create_namespace(request, settings, namespace_id, cluster_id)[source]#

Creates a Kubernetes namespace using the provided request, settings, namespace ID, and cluster ID.

Parameters:

  • request (HttpRequest) – The HTTP request object containing session and user information.

  • settings (Settings) – The settings object containing configuration details.

  • namespace_id (str) – The ID of the namespace to be created.

  • cluster_id (str) – The ID of the Kubernetes cluster where the namespace will be created.

Returns:

None

Raises:

ApiException – If an error occurs while creating the namespace using the Kubernetes API.

MAIA.kubernetes_utils.create_namespace_from_context(namespace_id)[source]#

Create a Kubernetes namespace using the provided namespace ID.

Parameters:

namespace_id (str) – The ID of the namespace to be created.

Returns:

None – This function does not return any value. It prints the API response or an exception message.

Raises:

ApiException – If there is an error when calling the Kubernetes CoreV1Api to create the namespace.

MAIA.kubernetes_utils.generate_kubeconfig(id_token, user_id, namespace, cluster_id, settings)[source]#

Generates a Kubernetes configuration dictionary for a given user and cluster.

Parameters:

  • id_token (str) – The ID token for the user.

  • user_id (str) – The user ID.

  • namespace (str) – The Kubernetes namespace.

  • cluster_id (str) – The cluster ID.

  • settings (object) – An object containing various settings, including: - CLUSTER_NAMES (dict): A dictionary mapping cluster names to their IDs. - PRIVATE_CLUSTERS (dict): A dictionary of private clusters with their tokens. - OIDC_ISSUER_URL (str): The OIDC issuer URL. - OIDC_RP_CLIENT_ID (str): The OIDC client ID. - OIDC_RP_CLIENT_SECRET (str): The OIDC client secret.

Returns:

dict – A dictionary representing the Kubernetes configuration.

MAIA.kubernetes_utils.get_available_resources(id_token, api_urls, cluster_names, private_clusters=None)[source]#

Retrieves available GPU, CPU, and RAM resources from multiple Kubernetes clusters.

Parameters:

  • id_token (str) – The ID token for authentication.

  • api_urls (list) – List of API URLs for the Kubernetes clusters.

  • cluster_names (dict) – Dictionary mapping API URLs to cluster names.

  • private_clusters (list, optional) – List of private clusters with their tokens. Defaults to {}.

Returns:

tuple

A tuple containing:

  • gpu_dict (dict): Dictionary with GPU availability information for each node.

  • cpu_dict (dict): Dictionary with CPU availability information for each node.

  • ram_dict (dict): Dictionary with RAM availability information for each node.

  • gpu_allocations (dict): Dictionary with GPU allocation details for each pod.

MAIA.kubernetes_utils.get_cluster_status(id_token, api_urls, cluster_names, private_clusters=None)[source]#

Retrieve the status of clusters and their nodes.

Parameters:

  • id_token (str) – The ID token for authentication.

  • api_urls (list) – A list of API URLs for the clusters.

  • cluster_names (dict) – A dictionary mapping API URLs to cluster names.

  • private_clusters (dict, optional) – A dictionary mapping private cluster API URLs to their tokens. Defaults to {}.

Returns:

tuple

A tuple containing:

  • node_status_dict (dict): A dictionary mapping node names to their status and schedulability.

  • cluster_dict (dict): A dictionary mapping cluster names to their node names.

MAIA.kubernetes_utils.get_filtered_available_nodes(gpu_dict, cpu_dict, ram_dict, gpu_request, cpu_request, memory_request)[source]#

Filters and returns nodes that meet the specified GPU, CPU, and memory requirements.

Parameters:

  • gpu_dict (dict) – A dictionary where keys are node names and values are lists containing GPU information.

  • cpu_dict (dict) – A dictionary where keys are node names and values are lists containing CPU information.

  • ram_dict (dict) – A dictionary where keys are node names and values are lists containing RAM information.

  • gpu_request (int) – The minimum number of GPUs required.

  • cpu_request (float) – The minimum amount of CPU required.

  • memory_request (float) – The minimum amount of memory required.

Returns:

tuple – Three dictionaries containing the filtered nodes and their respective GPU, CPU, and RAM information.

MAIA.kubernetes_utils.get_namespace_details(settings, id_token, namespace, user_id, is_admin=False)[source]#

Retrieve details about the namespace including workspace applications, remote desktops, SSH ports, MONAI models, Orthanc instances and deployed clusters.

Parameters:

  • settings (object) – Configuration settings containing API URLs and private cluster tokens.

  • id_token (str) – Identity token for authentication.

  • namespace (str) – The namespace to retrieve details for.

  • user_id (str) – The user ID to filter resources.

  • is_admin (bool, optional) – Flag indicating if the user has admin privileges. Defaults to False.

Returns:

tuple – A tuple containing: - maia_workspace_apps (dict): Dictionary of workspace applications with their URLs. - remote_desktop_dict (dict): Dictionary of remote desktop URLs for users. - ssh_ports (dict): Dictionary of SSH ports for users. - monai_models (dict): Dictionary of MONAI models. - orthanc_list (dict): Dictionary of Orthanc instances. - deployed_clusters (list): List of clusters where the namespace is deployed.

MAIA.kubernetes_utils.get_namespaces(id_token, api_urls, private_clusters=None)[source]#

Retrieves a list of unique namespaces from multiple API URLs.

Parameters:

  • id_token (str) – The ID token used for authorization when accessing public clusters.

  • api_urls (list) – A list of API URLs to query for namespaces.

  • private_clusters (dict, optional) – A dictionary where keys are API URLs of private clusters and values are their respective tokens. Defaults to an empty dict.

Returns:

list – A list of unique namespace names retrieved from the provided API URLs.

MAIA.kubernetes_utils.label_pod_for_deletion(namespace, pod_name)[source]#

Label a Kubernetes pod for deletion by adding a ‘terminate-at’ annotation.

Parameters:

  • namespace (str) – The namespace of the pod.

  • pod_name (str) – The name of the pod to be labeled for deletion.

Raises:

Exception – If there is an error labeling the pod for deletion.

MAIA.kubernetes_utils.retrieve_json_key_for_maia_registry_authentication(request, cluster_id, settings, namespace, secret_name, registry_url)[source]#

Retrieves the JSON key for MAIA registry authentication.

This function generates a kubeconfig dictionary using the provided OpenID Connect (OIDC) ID token and user information, writes it to a temporary kubeconfig file, and sets the KUBECONFIG environment variable. It then delegates the retrieval of the JSON key to another function.

Parameters:

  • request (HttpRequest) – The HTTP request object containing the session and user information.

  • cluster_id (str) – The ID of the Kubernetes cluster.

  • settings (dict) – The settings dictionary containing configuration details.

  • namespace (str) – The Kubernetes namespace where the secret is located.

  • secret_name (str) – The name of the Kubernetes secret containing the registry credentials.

  • registry_url (str) – The URL of the container registry.

Returns:

dict – A dictionary containing the JSON key for MAIA registry authentication.

Raises:

  • KeyError – If the oidc_id_token is not found in the session.

  • FileNotFoundError – If there is an issue writing the kubeconfig file to the temporary directory.

MAIA.kubernetes_utils.retrieve_json_key_for_maia_registry_authentication_from_context(namespace, secret_name, registry_url)[source]#

Retrieve the JSON key for MAIA registry authentication from a Kubernetes secret. This function reads a Kubernetes secret in the specified namespace, decodes the .dockerconfigjson field, and extracts the password for the given registry URL.

Parameters:

  • namespace (str) – The namespace in which the Kubernetes secret is located.

  • secret_name (str) – The name of the Kubernetes secret containing the .dockerconfigjson.

  • registry_url (str) – The URL of the container registry for which the authentication key is required.

Returns:

str – The password associated with the specified registry URL in the .dockerconfigjson. Returns an empty dictionary if an exception occurs.

Raises:

kubernetes.client.exceptions.ApiException – If there is an error while reading the Kubernetes secret.