uffizzi_core 2.1.29 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c97fb24aa0b59fec57a431af483f81a030afa9260fc7f0db21488edc0ad88842
-  data.tar.gz: e96d6f8d5b97de2d35e5311ab4cacb081a09713f1c75452d3a895c3caf73c190
+  metadata.gz: a3857b5cc3f90f134b4ce7275290e460c4abf7868dcdc8d3940390efbab73fc9
+  data.tar.gz: 99d1c61e2af05d005a2c30314bf726ed2f68442c8cafaf1c036fc5294294d286
 SHA512:
-  metadata.gz: 94efb8590f5b3575978921342816d7fe48355af568f2c6e693093b64b1ac8fae5533f859e5567b201d3d67254f107fc703167ad59b1b6016376b88ab3bab5398
-  data.tar.gz: f258d75612c7abfda4ca2aea0bafecba4274d91cf3ecbe663051f5ef6a0614177d3666931a9317d7d6fcf7c11a2c8c22fb2ce38a1ffee4760e1d29e67f93cf5b
+  metadata.gz: 9437c1c50d81bd7e6de3419ae81ef1d4035204b1e153249ae2a233918faf36e9267f6b58b200a73a77b335f5d03f4c2f7b1aebf39d7ed08e765b31941663da3d
+  data.tar.gz: 574c4e039f9f5a6ad4204b696ba6778eeb5ed88d729a5cda724b9d3a20e790f01547cf4b16c3a88bdd105da388bcd2c99e6e00194a8210d5c407845055bc1d93

data/app/clients/uffizzi_core/controller_client.rb

@@ -1,28 +1,18 @@
 # frozen_string_literal: true
 
 class UffizziCore::ControllerClient
+  class ConnectionError < StandardError; end
+
   attr_accessor :connection
 
-  def initialize
-    @connection = build_connection
+  def initialize(connection_settings)
+    @connection = build_connection(connection_settings)
   end
 
   def apply_config_file(deployment_id:, config_file_id:, body:)
     connection.post("/deployments/#{deployment_id}/config_files/#{config_file_id}", body)
   end
 
-  def deployment(deployment_id:)
-    get("/deployments/#{deployment_id}")
-  end
-
-  def create_deployment(deployment_id:, body:)
-    connection.post("/deployments/#{deployment_id}", body)
-  end
-
-  def delete_deployment(deployment_id:)
-    connection.delete("/deployments/#{deployment_id}")
-  end
-
   def deployment_containers(deployment_id:)
     get("/deployments/#{deployment_id}/containers")
   end
@@ -68,34 +58,61 @@ class UffizziCore::ControllerClient
     get('/deployments/usage_metrics/containers', query_params)
   end
 
+  def create_namespace(body:)
+    post('/namespaces', body)
+  end
+
+  def namespace(namespace:)
+    get("/namespaces/#{namespace}")
+  end
+
+  def delete_namespace(namespace:)
+    connection.delete("/namespaces/#{namespace}")
+  end
+
+  def create_cluster(namespace:, body:)
+    post("/namespaces/#{namespace}/cluster", body)
+  end
+
+  def show_cluster(namespace:, name:)
+    get("/namespaces/#{namespace}/cluster/#{name}")
+  end
+
   private
 
   def get(url, params = {})
-    response = connection.get(url, params)
+    make_request(:get, url, params)
+  end
+
+  def post(url, params = {})
+    make_request(:post, url, params)
+  end
+
+  def make_request(method, url, params)
+    response = connection.send(method, url, params)
     body = response.body
     underscored_body = UffizziCore::Converters.deep_underscore_keys(body)
 
     RequestResult.quiet.new(code: response.status, result: underscored_body)
+  rescue Faraday::ServerError
+    raise ConnectionError
   end
 
-  def build_connection
-    controller = Settings.controller
-    login = controller.login
-    password = controller.password
-    url = controller.url
-    connection = controller.connection
+  def build_connection(settings)
+    connection = settings.connection
     handled_exceptions = Faraday::Request::Retry::DEFAULT_EXCEPTIONS + [Faraday::ConnectionFailed]
 
-    Faraday.new(url) do |conn|
+    Faraday.new(settings.url) do |conn|
       conn.options.timeout = connection.timeout
       conn.options.open_timeout = connection.open_timeout
-      conn.request(:basic_auth, login, password)
+      conn.request(:basic_auth, settings.login, settings.password)
       conn.request(:json)
       conn.request(:retry,
                    max: connection.retires_count,
                    interval: connection.next_retry_timeout_seconds,
                    exceptions: handled_exceptions)
       conn.response(:json)
+      conn.response(:raise_error)
       conn.adapter(Faraday.default_adapter)
     end
   end

data/app/controller_modules/uffizzi_core/api/cli/v1/projects/clusters_controller_module.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module UffizziCore::Api::Cli::V1::Projects::ClustersControllerModule
+  private
+
+  def update_show_trial_quota_exceeded_warning; end
+
+  def stop_if_deployment_forbidden; end
+end

data/app/controllers/concerns/uffizzi_core/auth_management.rb

@@ -14,7 +14,23 @@ module UffizziCore::AuthManagement
   end
 
   def current_user
-    @current_user ||= UffizziCore::User.find_by(id: session[:user_id])
+    @current_user ||= UffizziCore::User.find_by(id: current_user_id)
+  end
+
+  def auth_token
+    header = request.headers['Authorization']
+    header&.split(' ')&.last
+  end
+
+  def current_user_id
+    return session[:user_id] if session[:user_id].present?
+    return unless auth_token.present?
+
+    decoded_token = UffizziCore::TokenService.decode(auth_token)
+    return unless decoded_token
+    return if decoded_token.first['expires_at'] < DateTime.now
+
+    decoded_token.first['user_id']
   end
 
   def authenticate_request!

data/app/controllers/uffizzi_core/api/cli/v1/accounts/projects_controller.rb

@@ -5,6 +5,12 @@
 class UffizziCore::Api::Cli::V1::Accounts::ProjectsController < UffizziCore::Api::Cli::V1::Accounts::ApplicationController
   before_action :authorize_uffizzi_core_api_cli_v1_accounts_projects
 
+  def index
+    projects = resource_account.projects.active
+
+    respond_with projects, each_serializer: UffizziCore::Api::Cli::V1::ShortProjectSerializer
+  end
+
   # Create a project
   #
   # @path [POST] /api/cli/v1/accounts/{account_id}/projects
@@ -17,7 +23,7 @@ class UffizziCore::Api::Cli::V1::Accounts::ProjectsController < UffizziCore::Api
 
   def create
     project_form = UffizziCore::Api::Cli::V1::Project::CreateForm.new(project_params)
-    project_form.account = current_user.accounts.find(params[:account_id])
+    project_form.account = resource_account
     UffizziCore::ProjectService.add_users_to_project!(project_form, project_form.account) if project_form.save
 
     respond_with project_form

data/app/controllers/uffizzi_core/api/cli/v1/accounts_controller.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+# @resource Project
+
+class UffizziCore::Api::Cli::V1::AccountsController < UffizziCore::Api::Cli::V1::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_accounts
+
+  # Get accounts of current user
+  #
+  # @path [GET] /api/cli/v1/accounts
+  #
+  # @response [object<accounts: Array<object<id: integer, name: string>> >] 200 OK
+  # @response 401 Not authorized
+  def index
+    accounts = current_user.accounts.order(name: :desc)
+
+    respond_with accounts
+  end
+
+  # Get account by name
+  #
+  # @path [GET] /api/cli/v1/accounts/{name}
+  #
+  # @response [object<account: <object<id: integer, name: string, projects: Array<object<id: integer, slug: string>>>> >] 200 OK
+  # @response 401 Not authorized
+  def show
+    respond_with resource_account
+  end
+
+  private
+
+  def policy_context
+    account = resource_account || current_user.default_account
+
+    UffizziCore::AccountContext.new(current_user, user_access_module, account, params)
+  end
+
+  def resource_account
+    @resource_account ||= if params[:name]
+      current_user.accounts.find_by!(name: params[:name])
+    else
+      current_user.default_account
+    end
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/clusters_controller.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Projects::ClustersController < UffizziCore::Api::Cli::V1::Projects::ApplicationController
+  include UffizziCore::Api::Cli::V1::Projects::ClustersControllerModule
+
+  before_action :authorize_uffizzi_core_api_cli_v1_projects_clusters
+  before_action :stop_if_deployment_forbidden, only: [:create]
+  after_action :update_show_trial_quota_exceeded_warning, only: [:create, :destroy]
+
+  def index
+    clusters = resource_project.clusters.enabled
+
+    respond_with clusters
+  end
+
+  def create
+    cluster_form = UffizziCore::Api::Cli::V1::Cluster::CreateForm.new(cluster_params)
+    cluster_form.project = resource_project
+    cluster_form.deployed_by = current_user
+    return respond_with cluster_form unless cluster_form.save
+
+    UffizziCore::ClusterService.start_deploy(cluster_form)
+
+    respond_with cluster_form
+  end
+
+  def show
+    respond_with resource_cluster
+  end
+
+  def destroy
+    resource_cluster.disable!
+
+    head(:no_content)
+  end
+
+  private
+
+  def resource_cluster
+    @resource_cluster ||= resource_project.clusters.enabled.find_by!(name: params[:name])
+  end
+
+  def cluster_params
+    params.require(:cluster)
+  end
+end

data/app/forms/uffizzi_core/api/cli/v1/cluster/create_form.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Cluster::CreateForm < UffizziCore::Cluster
+  include UffizziCore::ApplicationForm
+
+  permit :name, :manifest
+
+  validate :check_manifest, if: -> { manifest.present? }
+
+  private
+
+  def check_manifest
+    YAML.load_stream(manifest)
+  rescue Psych::SyntaxError => e
+    err = [e.problem, e.context].compact.join(' ')
+
+    errors.add(:manifest, err)
+  end
+end

data/app/jobs/uffizzi_core/cluster/delete_job.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class UffizziCore::Cluster::DeleteJob < UffizziCore::ApplicationJob
+  sidekiq_options queue: :deployments, retry: 5
+
+  def perform(id)
+    Rails.logger.info("DEPLOYMENT_PROCESS cluster_id=#{id} DeleteJob")
+
+    cluster = UffizziCore::Cluster.find(id)
+    UffizziCore::ControllerService.delete_namespace(cluster)
+  end
+end

data/app/jobs/uffizzi_core/cluster/deploy_job.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class UffizziCore::Cluster::DeployJob < UffizziCore::ApplicationJob
+  sidekiq_options queue: :deployments, retry: 5
+
+  def perform(id)
+    cluster = UffizziCore::Cluster.find(id)
+
+    UffizziCore::ClusterService.deploy_cluster(cluster)
+  end
+end

data/app/jobs/uffizzi_core/cluster/manage_deploying_job.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class UffizziCore::Cluster::ManageDeployingJob < UffizziCore::ApplicationJob
+  sidekiq_options queue: :deployments, retry: 5
+
+  def perform(id, try = 1)
+    cluster = UffizziCore::Cluster.find(id)
+
+    UffizziCore::ClusterService.manage_deploying(cluster, try)
+  end
+end

data/app/jobs/uffizzi_core/config_file/apply_job.rb

@@ -28,7 +28,7 @@ class UffizziCore::ConfigFile::ApplyJob < UffizziCore::ApplicationJob
       return
     end
 
-    unless UffizziCore::ControllerService.deployment_exists?(deployment)
+    unless UffizziCore::ControllerService.namespace_exists?(deployment)
       raise UffizziCore::DeploymentNotFoundError,
             deployment_id
     end

data/app/jobs/uffizzi_core/deployment/create_credential_job.rb

@@ -29,7 +29,7 @@ class UffizziCore::Deployment::CreateCredentialJob < UffizziCore::ApplicationJob
       return
     end
 
-    unless UffizziCore::ControllerService.deployment_exists?(deployment)
+    unless UffizziCore::ControllerService.namespace_exists?(deployment)
       raise UffizziCore::DeploymentNotFoundError,
             deployment_id
     end

data/app/jobs/uffizzi_core/deployment/create_job.rb

@@ -8,7 +8,7 @@ class UffizziCore::Deployment::CreateJob < UffizziCore::ApplicationJob
 
     deployment = UffizziCore::Deployment.find(id)
 
-    UffizziCore::ControllerService.create_deployment(deployment)
+    UffizziCore::ControllerService.create_namespace(deployment)
 
     UffizziCore::Deployment::CreateCredentialsJob.perform_async(deployment.id)
   end

data/app/jobs/uffizzi_core/deployment/delete_job.rb

@@ -6,6 +6,7 @@ class UffizziCore::Deployment::DeleteJob < UffizziCore::ApplicationJob
   def perform(id)
     Rails.logger.info("DEPLOYMENT_PROCESS deployment_id=#{id} DeleteJob")
 
-    UffizziCore::ControllerService.delete_deployment(id)
+    deployment = UffizziCore::Deployment.find(id)
+    UffizziCore::ControllerService.delete_namespace(deployment)
   end
 end

data/app/jobs/uffizzi_core/deployment/deploy_containers_job.rb

@@ -27,7 +27,7 @@ class UffizziCore::Deployment::DeployContainersJob < UffizziCore::ApplicationJob
       return
     end
 
-    raise UffizziCore::DeploymentNotFoundError, id unless UffizziCore::ControllerService.deployment_exists?(deployment)
+    raise UffizziCore::DeploymentNotFoundError, id unless UffizziCore::ControllerService.namespace_exists?(deployment)
 
     UffizziCore::DeploymentService.deploy_containers(deployment, repeated)
   end

data/app/jobs/uffizzi_core/deployment/update_credential_job.rb

@@ -29,7 +29,7 @@ class UffizziCore::Deployment::UpdateCredentialJob < UffizziCore::ApplicationJob
       return
     end
 
-    unless UffizziCore::ControllerService.deployment_exists?(deployment)
+    unless UffizziCore::ControllerService.namespace_exists?(deployment)
       raise UffizziCore::DeploymentNotFoundError,
             deployment_id
     end

data/app/lib/uffizzi_core/concerns/models/account.rb

@@ -23,6 +23,7 @@ module UffizziCore::Concerns::Models::Account
     has_many :projects, dependent: :destroy
     has_many :deployments, through: :projects
     has_many :payments, dependent: :destroy
+    has_many :clusters, through: :projects
 
     aasm(:sso_state) do
       state :connection_not_configured, initial: true

data/app/lib/uffizzi_core/concerns/models/cluster.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+module UffizziCore::Concerns::Models::Cluster
+  extend ActiveSupport::Concern
+  include UffizziCore::ClusterRepo
+
+  included do
+    include AASM
+
+    self.table_name = UffizziCore.table_names[:clusters]
+
+    belongs_to :project, class_name: UffizziCore::Project.name
+    belongs_to :deployed_by, class_name: UffizziCore::User.name, foreign_key: :deployed_by_id, optional: true
+    validates_uniqueness_of :name, conditions: -> { enabled }, scope: :project_id
+    validates :name, presence: true, format: { with: /\A[a-zA-Z0-9-]*\z/ }
+
+    aasm(:state) do
+      state :deploying_namespace, initial: true
+      state :failed_deploy_namespace
+      state :deploying
+      state :deployed
+      state :failed
+      state :disabled
+
+      event :start_deploying do
+        transitions from: [:deploying_namespace], to: :deploying
+      end
+
+      event :fail_deploy_namespace do
+        transitions from: [:deploying_namespace], to: :failed_deploy_namespace
+      end
+
+      event :finish_deploy do
+        transitions from: [:deploying], to: :deployed
+      end
+
+      event :fail do
+        transitions from: [:deploying], to: :failed
+      end
+
+      event :disable, after: :after_disable do
+        transitions from: [:failed_deploy_namespace, :deploying, :deployed, :failed], to: :disabled
+      end
+    end
+
+    def after_disable
+      UffizziCore::Cluster::DeleteJob.perform_async(id)
+    end
+
+    def namespace
+      "cluster-#{id}"
+    end
+  end
+end

data/app/lib/uffizzi_core/concerns/models/deployment.rb

@@ -72,6 +72,10 @@ module UffizziCore::Concerns::Models::Deployment
     def preview_url
       "#{subdomain}.#{Settings.app.managed_dns_zone}"
     end
+
+    def namespace
+      "deployment-#{id}"
+    end
   end
   # rubocop:enable Metrics/BlockLength
 end

data/app/lib/uffizzi_core/concerns/models/project.rb

@@ -22,6 +22,7 @@ module UffizziCore::Concerns::Models::Project
     has_many :compose_files, dependent: :destroy
     has_many :secrets, dependent: :destroy, as: :resource
     has_many :host_volume_files, dependent: :destroy
+    has_many :clusters, dependent: :destroy
 
     validates :name, presence: true, uniqueness: { scope: :account, message: 'Name already exists' }
     validates :slug, presence: true, uniqueness: { message: 'Project slug already taken' }

data/app/lib/uffizzi_core/concerns/models/user.rb

@@ -20,6 +20,7 @@ module UffizziCore::Concerns::Models::User
     has_many :user_projects, dependent: :destroy
     has_many :projects, through: :user_projects
     has_many :deployments, class_name: UffizziCore::Deployment.name, foreign_key: :deployed_by_id, dependent: :nullify
+    has_many :clusters, foreign_key: :deployed_by_id
 
     has_one_attached :avatar
 

data/app/models/uffizzi_core/cluster.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class UffizziCore::Cluster < ApplicationRecord
+  include UffizziCore::Concerns::Models::Cluster
+end

data/app/policies/uffizzi_core/api/cli/v1/accounts/projects_policy.rb

@@ -1,6 +1,10 @@
 # frozen_string_literal: true
 
 class UffizziCore::Api::Cli::V1::Accounts::ProjectsPolicy < UffizziCore::ApplicationPolicy
+  def index?
+    context.user_access_module.any_access_to_account?(context.user, context.account)
+  end
+
   def create?
     context.user_access_module.admin_or_developer_access_to_account?(context.user, context.account)
   end

data/app/policies/uffizzi_core/api/cli/v1/accounts_policy.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::AccountsPolicy < UffizziCore::ApplicationPolicy
+  def index?
+    context.user.present?
+  end
+
+  def show?
+    context.user_access_module.any_access_to_account?(context.user, context.account)
+  end
+end

data/app/policies/uffizzi_core/api/cli/v1/projects/clusters_policy.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Projects::ClustersPolicy < UffizziCore::ApplicationPolicy
+  def index?
+    context.user_access_module.any_access_to_project?(context.user, context.project)
+  end
+
+  def show?
+    context.user_access_module.any_access_to_project?(context.user, context.project)
+  end
+
+  def create?
+    context.user_access_module.admin_or_developer_access_to_project?(context.user, context.project)
+  end
+
+  def destroy?
+    context.user_access_module.admin_or_developer_access_to_project?(context.user, context.project)
+  end
+end

data/app/repositories/uffizzi_core/account_repo.rb

@@ -6,5 +6,6 @@ module UffizziCore::AccountRepo
   included do
     scope :by_kind, ->(kind) { where(kind: kind) }
     scope :personal, -> { by_kind(UffizziCore::Account.kind.personal) }
+    scope :organizational, -> { by_kind(UffizziCore::Account.kind.organizational) }
   end
 end

data/app/repositories/uffizzi_core/cluster_repo.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+module UffizziCore::ClusterRepo
+  extend ActiveSupport::Concern
+
+  included do
+    scope :deployed, -> { where(state: UffizziCore::Cluster::STATE_DEPLOYED) }
+    scope :enabled, -> { where.not(state: UffizziCore::Cluster::STATE_DISABLED) }
+  end
+end

data/app/serializers/uffizzi_core/api/cli/v1/account_serializer.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::AccountSerializer < UffizziCore::BaseSerializer
+  type :account
+
+  has_many :projects
+
+  attributes :id, :name
+end

data/app/serializers/uffizzi_core/api/cli/v1/projects/cluster_serializer.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Projects::ClusterSerializer < UffizziCore::BaseSerializer
+  type :cluster
+
+  attributes :name, :state, :kubeconfig
+end

data/app/serializers/uffizzi_core/controller/create_cluster/cluster_serializer.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class UffizziCore::Controller::CreateCluster::ClusterSerializer < UffizziCore::BaseSerializer
+  attributes :name, :manifest, :base_ingress_host
+
+  def base_ingress_host
+    Settings.app.managed_dns_zone
+  end
+end

data/app/services/uffizzi_core/cluster_service.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+class UffizziCore::ClusterService
+  class << self
+    def start_deploy(cluster)
+      UffizziCore::Cluster::DeployJob.perform_async(cluster.id)
+    end
+
+    def deploy_cluster(cluster)
+      begin
+        UffizziCore::ControllerService.create_namespace(cluster)
+      rescue UffizziCore::ControllerClient::ConnectionError
+        return cluster.fail_deploy_namespace!
+      end
+
+      cluster.start_deploying!
+
+      begin
+        UffizziCore::ControllerService.create_cluster(cluster)
+      rescue UffizziCore::ControllerClient::ConnectionError
+        return cluster.fail!
+      end
+
+      UffizziCore::Cluster::ManageDeployingJob.perform_in(5.seconds, cluster.id)
+    end
+
+    def manage_deploying(cluster, try)
+      return if cluster.disabled?
+      return cluster.fail! if try > Settings.vcluster.max_creation_retry_count
+
+      deployed_cluster = UffizziCore::ControllerService.show_cluster(cluster)
+
+      if deployed_cluster.status.ready && deployed_cluster.status.kube_config.present?
+        cluster.finish_deploy
+        cluster.kubeconfig = deployed_cluster.status.kube_config
+        cluster.save!
+
+        return
+      end
+
+      UffizziCore::Cluster::ManageDeployingJob.perform_in(5.seconds, cluster.id, ++try)
+    end
+  end
+end

data/app/services/uffizzi_core/controller_service.rb

@@ -9,16 +9,7 @@ class UffizziCore::ControllerService
         config_file: UffizziCore::Controller::ApplyConfigFile::ConfigFileSerializer.new(config_file).as_json,
       }
 
-      controller_client.apply_config_file(deployment_id: deployment.id, config_file_id: config_file.id, body: body)
-    end
-
-    def create_deployment(deployment)
-      body = UffizziCore::Controller::CreateDeployment::DeploymentSerializer.new(deployment).as_json
-      controller_client.create_deployment(deployment_id: deployment.id, body: body)
-    end
-
-    def delete_deployment(deployment_id)
-      controller_client.delete_deployment(deployment_id: deployment_id)
+      controller_client(deployment).apply_config_file(deployment_id: deployment.id, config_file_id: config_file.id, body: body)
     end
 
     def apply_credential(deployment, credential)
@@ -29,11 +20,11 @@ class UffizziCore::ControllerService
       options = { image: image }
 
       body = UffizziCore::Controller::CreateCredential::CredentialSerializer.new(credential, options).as_json
-      controller_client.apply_credential(deployment_id: deployment.id, body: body)
+      controller_client(deployment).apply_credential(deployment_id: deployment.id, body: body)
     end
 
     def delete_credential(deployment, credential)
-      controller_client.delete_credential(deployment_id: deployment.id, credential_id: credential.id)
+      controller_client(deployment).delete_credential(deployment_id: deployment.id, credential_id: credential.id)
     end
 
     def deploy_containers(deployment, containers)
@@ -65,11 +56,11 @@ class UffizziCore::ControllerService
         body = password_protection_module.add_password_configuration(body, deployment.project_id)
       end
 
-      controller_client.deploy_containers(deployment_id: deployment.id, body: body)
+      controller_client(deployment).deploy_containers(deployment_id: deployment.id, body: body)
     end
 
-    def deployment_exists?(deployment)
-      controller_client.deployment(deployment_id: deployment.id).code == 200
+    def namespace_exists?(deployable)
+      controller_client(deployable).namespace(namespace: deployable.namespace).code == 200
     end
 
     def fetch_deployment_events(deployment)
@@ -77,22 +68,53 @@ class UffizziCore::ControllerService
     end
 
     def fetch_pods(deployment)
-      pods = controller_client.deployment_containers(deployment_id: deployment.id).result || []
+      pods = controller_client(deployment).deployment_containers(deployment_id: deployment.id).result || []
       pods.filter { |pod| pod.metadata.name.start_with?(Settings.controller.namespace_prefix) }
     end
 
-    def fetch_namespace(deployment)
-      controller_client.deployment(deployment_id: deployment.id).result || nil
+    def fetch_namespace(deployable)
+      controller_client(deployable).namespace(namespace: deployable.namespace).result || nil
+    end
+
+    def create_namespace(deployable)
+      body = { namespace: deployable.namespace }
+      controller_client(deployable).create_namespace(body: body).result || nil
+    end
+
+    def delete_namespace(deployable)
+      controller_client(deployable).delete_namespace(namespace: deployable.namespace)
+    end
+
+    def create_cluster(cluster)
+      body = UffizziCore::Controller::CreateCluster::ClusterSerializer.new(cluster).as_json
+      controller_client(cluster).create_cluster(namespace: cluster.namespace, body: body).result
+    end
+
+    def show_cluster(cluster)
+      controller_client(cluster).show_cluster(namespace: cluster.namespace, name: cluster.name).result
+    end
+
+    def delete_cluster(cluster)
+      controller_client(cluster).delete_cluster(namespace: cluster.namespace)
     end
 
     private
 
     def request_events(deployment)
-      controller_client.deployment_containers_events(deployment_id: deployment.id)
+      controller_client(deployment).deployment_containers_events(deployment_id: deployment.id)
     end
 
-    def controller_client
-      UffizziCore::ControllerClient.new
+    def controller_client(deployable)
+      settings = case deployable
+                 when UffizziCore::Deployment
+                   Settings.controller
+                 when UffizziCore::Cluster
+                   Settings.vcluster_controller
+                 else
+                   raise StandardError, "Deployable #{deployable.class.name} undefined"
+      end
+
+      UffizziCore::ControllerClient.new(settings)
     end
   end
 end

data/app/services/uffizzi_core/logs_service.rb

@@ -37,7 +37,7 @@ class UffizziCore::LogsService
     end
 
     def controller_client
-      UffizziCore::ControllerClient.new
+      UffizziCore::ControllerClient.new(Settings.controller)
     end
   end
 end

data/config/routes.rb

@@ -10,6 +10,7 @@ UffizziCore::Engine.routes.draw do
         resources :projects, only: ['index', 'show', 'destroy'], param: :slug do
           scope module: :projects do
             resource :compose_file, only: ['show', 'create', 'destroy']
+            resources :clusters, only: [:index, :create, :show, :destroy], param: :name
             resources :deployments, only: ['index', 'show', 'create', 'destroy', 'update'] do
               post :deploy_containers, on: :member
               scope module: :deployments do
@@ -41,9 +42,11 @@ UffizziCore::Engine.routes.draw do
           resource :session, only: ['create']
         end
 
-        resources :accounts, only: [] do
+        resources :accounts, only: ['show'], param: :name
+
+        resources :accounts, only: ['index'] do
           scope module: :accounts do
-            resources :projects, only: ['create']
+            resources :projects, only: ['index', 'create']
             resources :credentials, only: ['index', 'create', 'update', 'destroy'], param: :type do
               member do
                 get :check_credential

data/db/migrate/20230613101901_create_clusters.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class CreateClusters < ActiveRecord::Migration[6.1]
+  def change
+    create_table('uffizzi_core_clusters', force: :cascade) do |t|
+      t.references :project, null: false,
+                             foreign_key: true,
+                             index: { name: :index_cluster_on_project_id },
+                             foreign_key: { to_table: :uffizzi_core_projects }
+      t.bigint 'deployed_by_id', foreign_key: true
+      t.string 'state'
+      t.string 'name'
+      t.text 'manifest'
+      t.text 'kubeconfig'
+
+      t.timestamps
+    end
+  end
+end

data/lib/uffizzi_core/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module UffizziCore
-  VERSION = '2.1.29'
+  VERSION = '2.2.0'
 end

data/lib/uffizzi_core.rb

@@ -35,6 +35,7 @@ module UffizziCore
     accounts: :uffizzi_core_accounts,
     activity_items: :uffizzi_core_activity_items,
     builds: :uffizzi_core_builds,
+    clusters: :uffizzi_core_clusters,
     comments: :uffizzi_core_comments,
     compose_files: :uffizzi_core_compose_files,
     config_files: :uffizzi_core_config_files,

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: uffizzi_core
 version: !ruby/object:Gem::Version
-  version: 2.1.29
+  version: 2.2.0
 platform: ruby
 authors:
 - Josh Thurman
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-06-21 00:00:00.000000000 Z
+date: 2023-07-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aasm
@@ -762,6 +762,7 @@ files:
 - app/contexts/uffizzi_core/base_context.rb
 - app/contexts/uffizzi_core/project_context.rb
 - app/contexts/uffizzi_core/webhooks_context.rb
+- app/controller_modules/uffizzi_core/api/cli/v1/projects/clusters_controller_module.rb
 - app/controller_modules/uffizzi_core/api/cli/v1/projects/deployments_controller_module.rb
 - app/controller_modules/uffizzi_core/api/cli/v1/projects_controller_module.rb
 - app/controllers/concerns/uffizzi_core/auth_management.rb
@@ -770,10 +771,12 @@ files:
 - app/controllers/uffizzi_core/api/cli/v1/accounts/application_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/accounts/credentials_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/accounts/projects_controller.rb
+- app/controllers/uffizzi_core/api/cli/v1/accounts_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/application_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/ci/application_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/ci/sessions_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/application_controller.rb
+- app/controllers/uffizzi_core/api/cli/v1/projects/clusters_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/compose_files_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/deployments/activity_items_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/deployments/application_controller.rb
@@ -798,6 +801,7 @@ files:
 - app/forms/uffizzi_core/api/cli/v1/account/credential/check_credential_form.rb
 - app/forms/uffizzi_core/api/cli/v1/account/credential/create_form.rb
 - app/forms/uffizzi_core/api/cli/v1/account/credential/update_form.rb
+- app/forms/uffizzi_core/api/cli/v1/cluster/create_form.rb
 - app/forms/uffizzi_core/api/cli/v1/compose_file/check_credentials_form.rb
 - app/forms/uffizzi_core/api/cli/v1/compose_file/cli_form.rb
 - app/forms/uffizzi_core/api/cli/v1/compose_file/create_form.rb
@@ -819,6 +823,9 @@ files:
 - app/jobs/uffizzi_core/account/update_credential_job.rb
 - app/jobs/uffizzi_core/activity_item/docker/update_digest_job.rb
 - app/jobs/uffizzi_core/application_job.rb
+- app/jobs/uffizzi_core/cluster/delete_job.rb
+- app/jobs/uffizzi_core/cluster/deploy_job.rb
+- app/jobs/uffizzi_core/cluster/manage_deploying_job.rb
 - app/jobs/uffizzi_core/config_file/apply_job.rb
 - app/jobs/uffizzi_core/deployment/create_credential_job.rb
 - app/jobs/uffizzi_core/deployment/create_credentials_job.rb
@@ -830,6 +837,7 @@ files:
 - app/jobs/uffizzi_core/deployment/update_credential_job.rb
 - app/lib/uffizzi_core/concerns/models/account.rb
 - app/lib/uffizzi_core/concerns/models/activity_item.rb
+- app/lib/uffizzi_core/concerns/models/cluster.rb
 - app/lib/uffizzi_core/concerns/models/comment.rb
 - app/lib/uffizzi_core/concerns/models/compose_file.rb
 - app/lib/uffizzi_core/concerns/models/config_file.rb
@@ -863,6 +871,7 @@ files:
 - app/models/uffizzi_core/activity_item/github.rb
 - app/models/uffizzi_core/activity_item/memory_limit.rb
 - app/models/uffizzi_core/application_record.rb
+- app/models/uffizzi_core/cluster.rb
 - app/models/uffizzi_core/comment.rb
 - app/models/uffizzi_core/compose_file.rb
 - app/models/uffizzi_core/config_file.rb
@@ -903,6 +912,8 @@ files:
 - app/models/uffizzi_core/user_project.rb
 - app/policies/uffizzi_core/api/cli/v1/accounts/credentials_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/accounts/projects_policy.rb
+- app/policies/uffizzi_core/api/cli/v1/accounts_policy.rb
+- app/policies/uffizzi_core/api/cli/v1/projects/clusters_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/projects/compose_files_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/projects/deployments/activity_items_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/projects/deployments/containers_policy.rb
@@ -914,6 +925,7 @@ files:
 - app/repositories/uffizzi_core/account_repo.rb
 - app/repositories/uffizzi_core/activity_item_repo.rb
 - app/repositories/uffizzi_core/basic_order_repo.rb
+- app/repositories/uffizzi_core/cluster_repo.rb
 - app/repositories/uffizzi_core/comment_repo.rb
 - app/repositories/uffizzi_core/compose_file_repo.rb
 - app/repositories/uffizzi_core/config_file_repo.rb
@@ -931,12 +943,14 @@ files:
 - app/repositories/uffizzi_core/usage_repo.rb
 - app/repositories/uffizzi_core/user_repo.rb
 - app/responders/uffizzi_core/json_responder.rb
+- app/serializers/uffizzi_core/api/cli/v1/account_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/accounts/credential_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/accounts/project_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/project_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/project_serializer/account_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/project_serializer/compose_file_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/project_serializer/deployment_serializer.rb
+- app/serializers/uffizzi_core/api/cli/v1/projects/cluster_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/projects/compose_file_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/projects/deployment_serializer.rb
 - app/serializers/uffizzi_core/api/cli/v1/projects/deployment_serializer/container_serializer.rb
@@ -953,6 +967,7 @@ files:
 - app/serializers/uffizzi_core/api/cli/v1/user_serializer/account_serializer.rb
 - app/serializers/uffizzi_core/base_serializer.rb
 - app/serializers/uffizzi_core/controller/apply_config_file/config_file_serializer.rb
+- app/serializers/uffizzi_core/controller/create_cluster/cluster_serializer.rb
 - app/serializers/uffizzi_core/controller/create_credential/credential_serializer.rb
 - app/serializers/uffizzi_core/controller/create_deployment/deployment_serializer.rb
 - app/serializers/uffizzi_core/controller/deploy_containers/compose_file_serializer.rb
@@ -964,6 +979,7 @@ files:
 - app/serializers/uffizzi_core/controller/deploy_containers/host_volume_file_serializer.rb
 - app/services/uffizzi_core/account_service.rb
 - app/services/uffizzi_core/activity_item_service.rb
+- app/services/uffizzi_core/cluster_service.rb
 - app/services/uffizzi_core/compose_file/builders/container_builder_service.rb
 - app/services/uffizzi_core/compose_file/builders/container_config_files_builder_service.rb
 - app/services/uffizzi_core/compose_file/builders/container_host_volume_files_builder_service.rb
@@ -1043,6 +1059,7 @@ files:
 - db/migrate/20230111000000_add_state_to_memberships.rb
 - db/migrate/20230306142513_add_last_deploy_at_to_deployments.rb
 - db/migrate/20230406154451_add_full_image_name_to_container.rb
+- db/migrate/20230613101901_create_clusters.rb
 - db/seeds.rb
 - lib/tasks/uffizzi_core_tasks.rake
 - lib/uffizzi_core.rb