github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-24 20:24:09 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #103187 from Haleygo/fix-dry-run-when-using-externalCA

Browse Source 
Kubeadm init --dry-run should work when using an external ca
This commit is contained in:
Kubernetes Prow Robot 2021-07-02 07:58:25 -07:00 committed by GitHub
commit 1345a802de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 31 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/kubeadm/app/cmd/init.go
View File

@ -386,9 +386,6 @@ func newInitData(cmd *cobra.Command, args []string, options *initOptions, out io
// Validate that also the required kubeconfig files exists and are invalid, because // Validate that also the required kubeconfig files exists and are invalid, because
// kubeadm can't regenerate them without the CA Key // kubeadm can't regenerate them without the CA Key
kubeconfigDir := options.kubeconfigDir kubeconfigDir := options.kubeconfigDir
if options.dryRun {
kubeconfigDir = dryRunDir
}
if err := kubeconfigphase.ValidateKubeconfigsForExternalCA(kubeconfigDir, cfg); err != nil { if err := kubeconfigphase.ValidateKubeconfigsForExternalCA(kubeconfigDir, cfg); err != nil {
return nil, err return nil, err
} }

16
cmd/kubeadm/app/cmd/phases/init/certs.go
View File

@ -18,6 +18,8 @@ package phases
import ( import (
"fmt" "fmt"
"os"
"path/filepath"
"strings" "strings"
"github.com/pkg/errors" "github.com/pkg/errors"
@ -195,6 +197,20 @@ func runCerts(c workflow.RunData) error {
} }
fmt.Printf("[certs] Using certificateDir folder %q\n", data.CertificateWriteDir()) fmt.Printf("[certs] Using certificateDir folder %q\n", data.CertificateWriteDir())
// If using an external CA while dryrun, copy CA cert to dryrun dir for later use
if data.ExternalCA() && data.DryRun() {
externalCAFile := filepath.Join(data.Cfg().CertificatesDir, kubeadmconstants.CACertName)
fileInfo, _ := os.Stat(externalCAFile)
contents, err := os.ReadFile(externalCAFile)
if err != nil {
return err
}
err = os.WriteFile(filepath.Join(data.CertificateWriteDir(), kubeadmconstants.CACertName), contents, fileInfo.Mode())
if err != nil {
return err
}
}
return nil return nil
} }

15
cmd/kubeadm/app/cmd/phases/init/kubeconfig.go
View File

@ -18,6 +18,8 @@ package phases
import ( import (
"fmt" "fmt"
"os"
"path/filepath"
"github.com/pkg/errors" "github.com/pkg/errors"
"k8s.io/kubernetes/cmd/kubeadm/app/cmd/options" "k8s.io/kubernetes/cmd/kubeadm/app/cmd/options"
@ -132,6 +134,19 @@ func runKubeConfigFile(kubeConfigFileName string) func(workflow.RunData) error {
// if external CA mode, skip certificate authority generation // if external CA mode, skip certificate authority generation
if data.ExternalCA() { if data.ExternalCA() {
fmt.Printf("[kubeconfig] External CA mode: Using user provided %s\n", kubeConfigFileName) fmt.Printf("[kubeconfig] External CA mode: Using user provided %s\n", kubeConfigFileName)
// If using an external CA while dryrun, copy kubeconfig files to dryrun dir for later use
if data.DryRun() {
externalCAFile := filepath.Join(kubeadmconstants.KubernetesDir, kubeConfigFileName)
fileInfo, _ := os.Stat(externalCAFile)
contents, err := os.ReadFile(externalCAFile)
if err != nil {
return err
}
err = os.WriteFile(filepath.Join(data.KubeConfigDir(), kubeConfigFileName), contents, fileInfo.Mode())
if err != nil {
return err
}
}
return nil return nil
} }