github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-26 13:07:07 +00:00
Code Issues Projects Releases Wiki Activity

Use cert util to get cert data.

Browse Source
This commit is contained in:
xiangpengzhao 2018-03-07 08:57:52 +08:00
parent 051c4804e1
commit 1d167d2794
1 changed files with 3 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
cmd/kubeadm/app/phases/upgrade/postupgrade.go
View File

@ -17,10 +17,7 @@ limitations under the License.
package upgrade package upgrade
import ( import (
"crypto/x509"
"encoding/pem"
"fmt" "fmt"
"io/ioutil"
"os" "os"
"path/filepath" "path/filepath"
"time" "time"
@ -29,6 +26,7 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/util/errors" "k8s.io/apimachinery/pkg/util/errors"
clientset "k8s.io/client-go/kubernetes" clientset "k8s.io/client-go/kubernetes"
certutil "k8s.io/client-go/util/cert"
kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
kubeadmapiext "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha1" kubeadmapiext "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha1"
kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants" kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants"
@ -205,19 +203,9 @@ func rollbackFiles(files map[string]string, originalErr error) error {
// shouldBackupAPIServerCertAndKey checks if the cert of kube-apiserver will be expired in 180 days. // shouldBackupAPIServerCertAndKey checks if the cert of kube-apiserver will be expired in 180 days.
func shouldBackupAPIServerCertAndKey(certAndKeyDir string) (bool, error) { func shouldBackupAPIServerCertAndKey(certAndKeyDir string) (bool, error) {
apiServerCert := filepath.Join(certAndKeyDir, kubeadmconstants.APIServerCertName) apiServerCert := filepath.Join(certAndKeyDir, kubeadmconstants.APIServerCertName)
data, err := ioutil.ReadFile(apiServerCert) certs, err := certutil.CertsFromFile(apiServerCert)
if err != nil { if err != nil {
return false, fmt.Errorf("failed to read kube-apiserver certificate from disk: %v", err) return false, fmt.Errorf("couldn't load the certificate file %s: %v", apiServerCert, err)
}
block, _ := pem.Decode(data)
if block == nil {
return false, fmt.Errorf("expected the kube-apiserver certificate to be PEM encoded")
}
certs, err := x509.ParseCertificates(block.Bytes)
if err != nil {
return false, fmt.Errorf("unable to parse certificate data: %v", err)
} }
if len(certs) == 0 { if len(certs) == 0 {
return false, fmt.Errorf("no certificate data found") return false, fmt.Errorf("no certificate data found")