raijin-server 0.2.39__py3-none-any.whl → 0.2.41__py3-none-any.whl

raijin_server/__init__.py

@@ -1,5 +1,5 @@
 """Pacote principal do CLI Raijin Server."""
 
-__version__ = "0.2.39"
+__version__ = "0.2.41"
 
 __all__ = ["__version__"]

raijin_server/modules/minio.py

@@ -1,5 +1,6 @@
 """Deploy do MinIO via Helm com configuracoes production-ready."""
 
+import json
 import secrets
 import socket
 import tempfile
@@ -15,7 +16,6 @@ LOCAL_PATH_PROVISIONER_URL = (
     "https://raw.githubusercontent.com/rancher/local-path-provisioner/"
     "v0.0.30/deploy/local-path-storage.yaml"
 )
-RAIJIN_LOCAL_PATH_SC_NAME = "raijin-local-path"
 
 
 def _detect_node_name(ctx: ExecutionContext) -> str:
@@ -58,28 +58,6 @@ def _apply_manifest(ctx: ExecutionContext, manifest: str, description: str) -> b
             tmp_path.unlink(missing_ok=True)
 
 
-def _create_raijin_local_path_sc(ctx: ExecutionContext) -> bool:
-    """Cria StorageClass com volumeBindingMode=Immediate baseada no local-path."""
-    manifest = textwrap.dedent(
-        f"""
-        apiVersion: storage.k8s.io/v1
-        kind: StorageClass
-        metadata:
-          name: {RAIJIN_LOCAL_PATH_SC_NAME}
-        provisioner: rancher.io/local-path
-        reclaimPolicy: Delete
-        volumeBindingMode: Immediate
-        allowVolumeExpansion: true
-        parameters:
-          type: ""
-        """
-    ).strip()
-    typer.echo(
-        f"Criando StorageClass '{RAIJIN_LOCAL_PATH_SC_NAME}' com binding imediato para PVCs do MinIO..."
-    )
-    return _apply_manifest(ctx, manifest, f"StorageClass {RAIJIN_LOCAL_PATH_SC_NAME}")
-
-
 def _get_default_storage_class(ctx: ExecutionContext) -> str:
     """Retorna o nome da StorageClass default do cluster, se existir."""
     result = run_cmd(
@@ -107,6 +85,102 @@ def _list_storage_classes(ctx: ExecutionContext) -> list:
     return []
 
 
+def _patch_local_path_provisioner_tolerations(ctx: ExecutionContext) -> None:
+    """Adiciona tolerations ao local-path-provisioner para rodar em control-plane."""
+    typer.echo("  Configurando tolerations no local-path-provisioner...")
+    
+    # Patch no deployment para tolerar control-plane
+    patch_deployment = textwrap.dedent(
+        """
+        spec:
+          template:
+            spec:
+              tolerations:
+              - key: node-role.kubernetes.io/control-plane
+                operator: Exists
+                effect: NoSchedule
+              - key: node-role.kubernetes.io/master
+                operator: Exists
+                effect: NoSchedule
+        """
+    ).strip()
+    
+    result = run_cmd(
+        [
+            "kubectl", "-n", "local-path-storage", "patch", "deployment",
+            "local-path-provisioner", "--patch", patch_deployment,
+        ],
+        ctx,
+        check=False,
+    )
+    if result.returncode == 0:
+        typer.secho("    ✓ Deployment patched com tolerations.", fg=typer.colors.GREEN)
+    
+    # Patch no ConfigMap para os helper pods (que criam os dirs no node)
+    # O local-path-provisioner usa um ConfigMap com helperPod template
+    helper_pod_config = {
+        "nodePathMap": [
+            {
+                "node": "DEFAULT_PATH_FOR_NON_LISTED_NODES",
+                "paths": ["/opt/local-path-provisioner"]
+            }
+        ],
+        "setupCommand": None,
+        "teardownCommand": None,
+        "helperPod": {
+            "apiVersion": "v1",
+            "kind": "Pod",
+            "metadata": {},
+            "spec": {
+                "tolerations": [
+                    {"key": "node-role.kubernetes.io/control-plane", "operator": "Exists", "effect": "NoSchedule"},
+                    {"key": "node-role.kubernetes.io/master", "operator": "Exists", "effect": "NoSchedule"}
+                ],
+                "containers": [
+                    {
+                        "name": "helper-pod",
+                        "image": "busybox:stable",
+                        "imagePullPolicy": "IfNotPresent"
+                    }
+                ]
+            }
+        }
+    }
+    
+    # Converte para JSON string para o patch
+    config_json_str = json.dumps(helper_pod_config)
+    patch_data = json.dumps({"data": {"config.json": config_json_str}})
+    
+    # Aplica via patch no ConfigMap
+    result = run_cmd(
+        [
+            "kubectl", "-n", "local-path-storage", "patch", "configmap",
+            "local-path-config", "--type=merge", "-p", patch_data,
+        ],
+        ctx,
+        check=False,
+    )
+    if result.returncode == 0:
+        typer.secho("    ✓ ConfigMap patched para helper pods.", fg=typer.colors.GREEN)
+    
+    # Reinicia o deployment para aplicar as mudanças
+    run_cmd(
+        ["kubectl", "-n", "local-path-storage", "rollout", "restart", "deployment/local-path-provisioner"],
+        ctx,
+        check=False,
+    )
+    
+    # Aguarda rollout
+    run_cmd(
+        [
+            "kubectl", "-n", "local-path-storage", "rollout", "status",
+            "deployment/local-path-provisioner", "--timeout=60s",
+        ],
+        ctx,
+        check=False,
+    )
+
+
 def _install_local_path_provisioner(ctx: ExecutionContext) -> bool:
     """Instala local-path-provisioner para usar storage local (NVMe/SSD)."""
     typer.echo("Instalando local-path-provisioner para storage local...")
@@ -120,7 +194,7 @@ def _install_local_path_provisioner(ctx: ExecutionContext) -> bool:
         typer.secho("  Falha ao instalar local-path-provisioner.", fg=typer.colors.RED)
         return False
     
-    # Aguarda deployment ficar pronto
+    # Aguarda deployment ficar pronto inicialmente
     typer.echo("  Aguardando local-path-provisioner ficar Ready...")
     run_cmd(
         [
@@ -131,7 +205,10 @@ def _install_local_path_provisioner(ctx: ExecutionContext) -> bool:
         check=False,
     )
     
-    typer.secho("  ✓ local-path-provisioner instalado.", fg=typer.colors.GREEN)
+    # Aplica tolerations para control-plane (single-node clusters)
+    _patch_local_path_provisioner_tolerations(ctx)
+    
+    typer.secho("  ✓ local-path-provisioner instalado e configurado.", fg=typer.colors.GREEN)
     return True
 
 
@@ -169,29 +246,22 @@ def _ensure_storage_class(ctx: ExecutionContext) -> str:
     default_sc = _get_default_storage_class(ctx)
     available = _list_storage_classes(ctx)
 
-    # Se ja houver StorageClass dedicada do Raijin, usa ela
-    if default_sc == RAIJIN_LOCAL_PATH_SC_NAME:
-        typer.echo(f"StorageClass default detectada: {default_sc}")
-        return default_sc
-    if RAIJIN_LOCAL_PATH_SC_NAME in available:
-        typer.echo(f"StorageClass '{RAIJIN_LOCAL_PATH_SC_NAME}' detectada.")
-        _set_default_storage_class(ctx, RAIJIN_LOCAL_PATH_SC_NAME)
-        return RAIJIN_LOCAL_PATH_SC_NAME
-
-    # Se ja existir default diferente de local-path, respeita configuracao do cluster
-    if default_sc and default_sc != "local-path":
+    # Se ja existir default (qualquer uma), usa ela
+    if default_sc:
         typer.echo(f"StorageClass default detectada: {default_sc}")
+        # Se for local-path, garante que o provisioner tem tolerations
+        if default_sc == "local-path" or "local-path" in available:
+            _patch_local_path_provisioner_tolerations(ctx)
         return default_sc
 
-    # Se local-path estiver disponivel (default ou nao), cria uma classe dedicada com binding imediato
-    if "local-path" in available or default_sc == "local-path":
-        if _create_raijin_local_path_sc(ctx):
-            _set_default_storage_class(ctx, RAIJIN_LOCAL_PATH_SC_NAME)
-            return RAIJIN_LOCAL_PATH_SC_NAME
-        typer.echo("Nao foi possivel criar StorageClass dedicada; usando 'local-path'.")
+    # Se local-path estiver disponivel mas nao for default, define como default
+    if "local-path" in available:
+        typer.echo("StorageClass 'local-path' detectada.")
+        _patch_local_path_provisioner_tolerations(ctx)
         _set_default_storage_class(ctx, "local-path")
         return "local-path"
 
+    # Se houver outras classes disponiveis, pergunta qual usar
     if available:
         typer.echo(f"StorageClasses disponiveis (sem default): {', '.join(available)}")
         choice = typer.prompt(
@@ -219,10 +289,6 @@ def _ensure_storage_class(ctx: ExecutionContext) -> str:
     if not _install_local_path_provisioner(ctx):
         raise typer.Exit(1)
 
-    if _create_raijin_local_path_sc(ctx):
-        _set_default_storage_class(ctx, RAIJIN_LOCAL_PATH_SC_NAME)
-        return RAIJIN_LOCAL_PATH_SC_NAME
-
     _set_default_storage_class(ctx, "local-path")
     return "local-path"
 

{raijin_server-0.2.39.dist-info → raijin_server-0.2.41.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: raijin-server
-Version: 0.2.39
+Version: 0.2.41
 Summary: CLI para automacao de setup e hardening de servidores Ubuntu Server.
 Home-page: https://example.com/raijin-server
 Author: Equipe Raijin

{raijin_server-0.2.39.dist-info → raijin_server-0.2.41.dist-info}/RECORD

@@ -1,4 +1,4 @@
-raijin_server/__init__.py,sha256=xacey6j4K59BQrjBoDCtOtRtB9BSq7vxACgXc8_pFlg,95
+raijin_server/__init__.py,sha256=W9tq6k7VO0G-6o3OJv__0gbA0QirZV0MPWTWHqZmaCs,95
 raijin_server/cli.py,sha256=2m7q1znMLbBdnUwN6oOUrCZXEqC2e7SfbjYkymbP4lQ,37884
 raijin_server/config.py,sha256=QNiEVvrbW56XgvNn5-h3bkJm46Xc8mjNqPbvixXD8N0,4829
 raijin_server/healthchecks.py,sha256=lzXdFw6S0hOYbUKbqksh4phb04lXgXdTspP1Dsz4dx8,15401
@@ -22,7 +22,7 @@ raijin_server/modules/kong.py,sha256=eDSagvEP9_BCs9pZ-pCVs1BDdlYOoJfY5PnUSiTvvgc
 raijin_server/modules/kubernetes.py,sha256=9E6zV0zGQWZW92NVpxwYctpi-4JDmi6YzF3tKRI4HlU,13343
 raijin_server/modules/loki.py,sha256=aNiUpnOFppZMXoQwYhn7IoPMzwUz4aHi6pbiqj1PRjc,5022
 raijin_server/modules/metallb.py,sha256=uUuklc_RsQ-W2qDVRMQAxQm9HKGEqso444b1IwBpM6w,8554
-raijin_server/modules/minio.py,sha256=KSpoFP7RhXpDCaubHLo0amy6NWWVfdp5tuj8qVDB4tQ,15265
+raijin_server/modules/minio.py,sha256=_OrtFMoJBDKufh3U7_Cf2X3F9R-KaAfjQm-ok8YPT1U,17230
 raijin_server/modules/network.py,sha256=QRlYdcryCCPAWG3QQ_W7ld9gJgETI7H8gwntOU7UqFE,4818
 raijin_server/modules/observability_dashboards.py,sha256=fVz0WEOQrUTF5rJ__Nu_onyBuwL_exFmysWMmg8AE9w,7319
 raijin_server/modules/observability_ingress.py,sha256=Fh1rlFWueBNHnOkHuoHYyhILmpO-iQXINybSUYbYsHQ,5738
@@ -38,9 +38,9 @@ raijin_server/scripts/checklist.sh,sha256=j6E0Kmk1EfjLvKK1VpCqzXJAXI_7Bm67LK4ndy
 raijin_server/scripts/install.sh,sha256=Y1ickbQ4siQ0NIPs6UgrqUr8WWy7U0LHmaTQbEgavoI,3949
 raijin_server/scripts/log_size_metric.sh,sha256=Iv4SsX8AuCYRou-klYn32mX41xB6j0xJGLBO6riw4rU,1208
 raijin_server/scripts/pre-deploy-check.sh,sha256=XqMo7IMIpwUHF17YEmU0-cVmTDMoCGMBFnmS39FidI4,4912
-raijin_server-0.2.39.dist-info/licenses/LICENSE,sha256=kJsMCjOiRZE0AQNtxWqBa32z9kMAaF4EUxyHj3hKaJo,1105
-raijin_server-0.2.39.dist-info/METADATA,sha256=5CikB8uMIOaqFLxSS3kQyQMbmu5C1TkpJy-l9JrLEfQ,22851
-raijin_server-0.2.39.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-raijin_server-0.2.39.dist-info/entry_points.txt,sha256=3ZvxDX4pvcjkIRsXAJ69wIfVmKa78LKo-C3QhqN2KVM,56
-raijin_server-0.2.39.dist-info/top_level.txt,sha256=Yz1xneCRtsZOzbPIcTAcrSxd-1p80pohMXYAZ74dpok,14
-raijin_server-0.2.39.dist-info/RECORD,,
+raijin_server-0.2.41.dist-info/licenses/LICENSE,sha256=kJsMCjOiRZE0AQNtxWqBa32z9kMAaF4EUxyHj3hKaJo,1105
+raijin_server-0.2.41.dist-info/METADATA,sha256=rMBGEHgnwkEQ4wDLTKXqz7wnCad_yS9n7ynBPReFHhk,22851
+raijin_server-0.2.41.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+raijin_server-0.2.41.dist-info/entry_points.txt,sha256=3ZvxDX4pvcjkIRsXAJ69wIfVmKa78LKo-C3QhqN2KVM,56
+raijin_server-0.2.41.dist-info/top_level.txt,sha256=Yz1xneCRtsZOzbPIcTAcrSxd-1p80pohMXYAZ74dpok,14
+raijin_server-0.2.41.dist-info/RECORD,,