Skip to content

Commit

Permalink
Fix a bug in logout
Browse files Browse the repository at this point in the history
  • Loading branch information
HoKim98 committed Jun 2, 2023
1 parent 492a381 commit 851b918
Show file tree
Hide file tree
Showing 4 changed files with 30 additions and 21 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ spec:
template:
metadata:
labels:
name: desktop
name: desktop-cleanup
spec:
affinity:
nodeAffinity:
Expand Down
27 changes: 11 additions & 16 deletions templates/vine/templates/session/user-session.yaml.j2
Original file line number Diff line number Diff line change
Expand Up @@ -32,23 +32,20 @@ spec:
- bash
- -c
args:
# - |
# set -e -x -o pipefail
# chown user:user /home/user /mnt/shared
# chmod 700 /home/user
# chmod 777 /mnt/shared
# exec true
- |
set -e -x -o pipefail
chown user:user /home/user
chown user:user /home/user /mnt/public
chmod 700 /home/user
chmod 777 /mnt/public
exec true
securityContext:
privileged: true
workingDir: /home/user
volumeMounts:
- name: home
mountPath: /home/user
- name: home-public
mountPath: /mnt/public
containers:
- name: desktop-environment
image: quay.io/ulagbulag/openark-vine-desktop:latest
Expand Down Expand Up @@ -86,8 +83,6 @@ spec:
value: "7.22"
- name: XDG_RUNTIME_DIR
value: /run/user/2000
lifecycle:
terminationGracePeriodSeconds: 5
ports:
- name: http
containerPort: 8080
Expand All @@ -109,6 +104,8 @@ spec:
readOnly: true
- name: home
mountPath: /home/user
- name: home-public
mountPath: /mnt/public
- name: machine-id
mountPath: /etc/machine-id
readOnly: true
Expand Down Expand Up @@ -143,6 +140,7 @@ spec:
runAsNonRoot: false
runAsUser: 2000
fsGroup: 2000
terminationGracePeriodSeconds: 5
volumes:
- name: dev
hostPath:
Expand Down Expand Up @@ -170,9 +168,9 @@ spec:
# path: "/opt/vdi/tenants/remote/{{ metadata.namespace }}/desktop-{{ spec.node.metadata.name }}"
# type: DirectoryOrCreate
{% endif %}
# - name: home-shared
# persistentVolumeClaim:
# claimName: desktop-shared
- name: home-public
persistentVolumeClaim:
claimName: desktop-public
- name: machine-id
hostPath:
path: /etc/machine-id
Expand Down Expand Up @@ -251,8 +249,6 @@ spec:
value: "false"
- name: X11VNC_XKB
value: "true"
lifecycle:
terminationGracePeriodSeconds: 30
ports:
- name: vnc
protocol: TCP
Expand All @@ -273,8 +269,6 @@ spec:
env:
- name: NOVNC_VNC_PATH
value: "/box/vnc/{{ spec.node.metadata.name }}/"
lifecycle:
terminationGracePeriodSeconds: 30
ports:
- name: http
protocol: TCP
Expand All @@ -290,6 +284,7 @@ spec:
securityContext:
runAsUser: 2000
fsGroup: 2000
terminationGracePeriodSeconds: 30
volumes:
- name: x11
hostPath:
Expand Down
2 changes: 1 addition & 1 deletion vine/rbac/src/logout.rs
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ pub async fn execute(
client,
box_name,
user_name,
|session_manager, spec| async move { session_manager.try_create(&spec.as_ref()).await },
|session_manager, spec| async move { session_manager.delete(&spec.as_ref()).await },
)
.await
}
20 changes: 17 additions & 3 deletions vine/session/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,11 @@ use dash_provider::client::job::FunctionActorJobClient;
use dash_provider_api::SessionContextMetadata;
use futures::TryFutureExt;
use k8s_openapi::{
api::core::v1::{Namespace, Node},
api::core::v1::{Namespace, Node, Pod},
serde_json::Value,
};
use kube::{
api::{Patch, PatchParams},
api::{DeleteParams, ListParams, Patch, PatchParams},
Api, Client, Resource, ResourceExt,
};
use log::info;
Expand Down Expand Up @@ -118,11 +118,12 @@ impl SessionManager {
.await
}

async fn delete(&self, spec: &SessionContextSpec<'_>) -> Result<()> {
pub async fn delete(&self, spec: &SessionContextSpec<'_>) -> Result<()> {
let ctx: SessionContext = spec.into();

self.label_namespace(&ctx, None)
.and_then(|()| self.delete_template(&ctx))
.and_then(|()| self.delete_pods(&ctx))
.and_then(|()| self.label_user(ctx.spec.node, ctx.spec.user_name, false))
.and_then(|()| self.create_cleanup(&ctx))
.and_then(|()| self.label_node(ctx.spec.node, None))
Expand Down Expand Up @@ -162,6 +163,19 @@ impl SessionManager {
.map(|_| ())
}

async fn delete_pods(&self, ctx: &SessionContext<'_>) -> Result<()> {
let api = Api::<Pod>::namespaced(self.client.kube.clone(), &ctx.metadata.namespace);
let dp = DeleteParams::background();
let lp = ListParams {
label_selector: Some("name=desktop".into()),
..Default::default()
};
api.delete_collection(&dp, &lp)
.await
.map(|_| ())
.map_err(Into::into)
}

async fn create_cleanup(&self, ctx: &SessionContext<'_>) -> Result<()> {
self.client
.create_raw_named(Self::TEMPLATE_CLEANUP_FILENAME, ctx)
Expand Down

0 comments on commit 851b918

Please sign in to comment.