attempt at socks

Author: paigerube14

cerberus/kubernetes/client.py

@@ -1,11 +1,14 @@
 import re
 import os
 import sys
+import ssl
 import yaml
 import time
 import logging
 import requests
 import urllib3
+from urllib.parse import urlparse
+from urllib3.contrib.socks import SOCKSProxyManager
 from collections import defaultdict
 from kubernetes import client, config
 import cerberus.invoke.command as runcommand
@@ -26,27 +29,26 @@ def initialize_clients(kubeconfig_path, chunk_size, timeout):
     global kubeconfig_path_global
 
     """Initialize object and create clients from specified kubeconfig"""
-    client_config = client.Configuration()
+    config.load_kube_config(kubeconfig_path)
+
+    client_config = client.Configuration().get_default_copy()
     http_proxy = os.getenv("http_proxy", None)
-    """Proxy has auth header"""
-    proxy_auth = None
-    if http_proxy:
-        if "@" in http_proxy:
-            proxy_auth = http_proxy.split("@")[0].split("//")[1]
-            user_pass = proxy_auth.split(":")[0]
-            client_config.username = user_pass[0]
-            client_config.password = user_pass[1]
-    client_config.ssl_ca_cert = False
-    client_config.verify_ssl = False
-    config.load_kube_config(config_file=kubeconfig_path, persist_config=True, client_configuration=client_config)
-    proxy_url = http_proxy
-    if proxy_url:
-        client_config.proxy = proxy_url
-        if proxy_auth:
-            client_config.proxy_headers = urllib3.util.make_headers(proxy_basic_auth=proxy_auth)
+    api_client = client.ApiClient(client_config)
+    if http_proxy is not None:
+        os.environ["HTTP_PROXY"] = http_proxy
+        client_config.proxy = http_proxy
+        proxy_auth = urlparse(http_proxy)
+        if proxy_auth.username and proxy_auth.password:
+            auth_string = proxy_auth.username + ":" + proxy_auth.password
+            client_config.proxy_headers = urllib3.util.make_headers(
+                proxy_basic_auth=auth_string
+            )
+        else:
+            api_client.rest_client.pool_manager = SOCKSProxyManager(proxy_url=http_proxy, cert_reqs=ssl.CERT_NONE, assert_hostname=False)
 
     client.Configuration.set_default(client_config)
-    cli = client.CoreV1Api()
+    
+    cli = client.CoreV1Api(api_client)
     cmd_timeout = timeout
     request_chunk_size = str(chunk_size)
     kubeconfig_path_global = kubeconfig_path
@@ -61,7 +63,7 @@ def list_continue_helper(func, *args, **keyword_args):
         continue_string = ret.metadata._continue
 
         while continue_string:
-            ret = func(*args, **keyword_args, _continue=continue_string)
+            ret = func(*args, **keyword_args, _continue=continue_string, _request_timeout=10)
             ret_overall.append(ret)
             continue_string = ret.metadata._continue
 
@@ -77,7 +79,7 @@ def list_nodes(label_selector=None):
     try:
         if label_selector:
             ret = list_continue_helper(
-                cli.list_node, pretty=True, label_selector=label_selector, limit=request_chunk_size
+                cli.list_node, pretty=True, label_selector=label_selector, limit=request_chunk_size, _request_timeout=10
             )
         else:
             ret = list_continue_helper(cli.list_node, pretty=True, limit=request_chunk_size)
@@ -94,7 +96,7 @@ def list_nodes(label_selector=None):
 # List all namespaces
 def list_namespaces():
     namespaces = []
-    ret_overall = list_continue_helper(cli.list_namespace, pretty=True, limit=request_chunk_size)
+    ret_overall = list_continue_helper(cli.list_namespace, pretty=True, limit=request_chunk_size, _request_timeout=10)
     for ret_items in ret_overall:
         for namespace in ret_items.items:
             namespaces.append(namespace.metadata.name)

requirements.txt

@@ -9,3 +9,4 @@ slack_sdk
 pyfiglet
 prometheus_api_client
 coverage
+'urllib3[socks]'