github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-26 05:03:09 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #38672 from zmerlynn/restrict-kops-admin-access

Browse Source 
Automatic merge from submit-queue

hack/e2e.go / kops: Add --kops-admin-access to restrict API access

**What this PR does / why we need it**: Allow `--admin-access` to be set in `kops`
**Release note**:
```release-note
NONE
```
This commit is contained in:
Kubernetes Submit Queue 2016-12-13 00:43:22 -08:00 committed by GitHub
commit 30c64be3e1
2 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
hack/e2e.go
View File

@ -68,6 +68,7 @@ var (
kopsZones = flag.String("kops-zones", "us-west-2a", "(kops AWS only) AWS zones for kops deployment, comma delimited.") kopsZones = flag.String("kops-zones", "us-west-2a", "(kops AWS only) AWS zones for kops deployment, comma delimited.")
kopsNodes = flag.Int("kops-nodes", 2, "(kops only) Number of nodes to create.") kopsNodes = flag.Int("kops-nodes", 2, "(kops only) Number of nodes to create.")
kopsUpTimeout = flag.Duration("kops-up-timeout", 20*time.Minute, "(kops only) Time limit between 'kops config / kops update' and a response from the Kubernetes API.") kopsUpTimeout = flag.Duration("kops-up-timeout", 20*time.Minute, "(kops only) Time limit between 'kops config / kops update' and a response from the Kubernetes API.")
kopsAdminAccess = flag.String("kops-admin-access", "", "(kops only) If set, restrict apiserver access to this CIDR range.")
// kubernetes-anywhere specific flags. // kubernetes-anywhere specific flags.
kubernetesAnywherePath = flag.String("kubernetes-anywhere-path", "", "(kubernetes-anywhere only) Path to the kubernetes-anywhere directory. Must be set for kubernetes-anywhere.") kubernetesAnywherePath = flag.String("kubernetes-anywhere-path", "", "(kubernetes-anywhere only) Path to the kubernetes-anywhere directory. Must be set for kubernetes-anywhere.")
@ -511,6 +512,7 @@ type kops struct {
sshKey string sshKey string
zones []string zones []string
nodes int nodes int
adminAccess string
cluster string cluster string
kubecfg string kubecfg string
} }
@ -573,6 +575,7 @@ func NewKops() (*kops, error) {
sshKey: sshKey + ".pub", // kops only needs the public key, e2es need the private key. sshKey: sshKey + ".pub", // kops only needs the public key, e2es need the private key.
zones: zones, zones: zones,
nodes: *kopsNodes, nodes: *kopsNodes,
adminAccess: *kopsAdminAccess,
cluster: *kopsCluster, cluster: *kopsCluster,
kubecfg: kubecfg, kubecfg: kubecfg,
}, nil }, nil
@ -589,6 +592,9 @@ func (k kops) Up() error {
if k.kubeVersion != "" { if k.kubeVersion != "" {
createArgs = append(createArgs, "--kubernetes-version", k.kubeVersion) createArgs = append(createArgs, "--kubernetes-version", k.kubeVersion)
} }
if k.adminAccess != "" {
createArgs = append(createArgs, "--admin-access", k.adminAccess)
}
if err := finishRunning(exec.Command(k.path, createArgs...)); err != nil { if err := finishRunning(exec.Command(k.path, createArgs...)); err != nil {
return fmt.Errorf("kops configuration failed: %v", err) return fmt.Errorf("kops configuration failed: %v", err)
} }

1
hack/verify-flags/known-flags.txt
View File

@ -308,6 +308,7 @@ k8s-bin-dir
k8s-build-output k8s-build-output
keep-gogoproto keep-gogoproto
km-path km-path
kops-admin-access
kops-cluster kops-cluster
kops-kubernetes-version kops-kubernetes-version
kops-nodes kops-nodes