Merge pull request #39464 from apprenda/kubeadm_93-more_discovery

Automatic merge from submit-queue

Implemented file and HTTPS based discovery for kubeadm

**What this PR does / why we need it**:
This PR implements both file and HTTPS based discovery for `kubeadm`.

**Which issue this PR fixes**:
fixes https://github.com/kubernetes/kubeadm/issues/93
fixes https://github.com/kubernetes/kubeadm/issues/94

**Special notes for your reviewer**:
I'd like to add some tests but 'm sure `kubeconfig` loading is already covered by other tests in `clientcmd` package.

/cc @luxas @pipejakob

cmd/kubeadm/app/cmd/join.go

@@ -33,6 +33,7 @@ import (
 	kubeconfigphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/kubeconfig"
 	"k8s.io/kubernetes/cmd/kubeadm/app/preflight"
 	kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util"
+
 	"k8s.io/kubernetes/pkg/api"
 	clientcmdapi "k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api"
 	"k8s.io/kubernetes/pkg/runtime"
@@ -129,7 +130,7 @@ func (j *Join) Validate() error {
 	return validation.ValidateNodeConfiguration(j.cfg).ToAggregate()
 }
 
-// Run executes worked node provisioning and tries to join an existing cluster.
+// Run executes worker node provisioning and tries to join an existing cluster.
 func (j *Join) Run(out io.Writer) error {
 	var cfg *clientcmdapi.Config
 	// TODO: delete this first block when we move Token to the discovery interface
@@ -138,7 +139,6 @@ func (j *Join) Run(out io.Writer) error {
 		if err != nil {
 			return err
 		}
-
 		connectionDetails, err := kubenode.EstablishMasterConnection(j.cfg.Discovery.Token, clusterInfo)
 		if err != nil {
 			return err
@@ -161,8 +161,7 @@ func (j *Join) Run(out io.Writer) error {
 		}
 	}
 
-	err := kubeconfigphase.WriteKubeconfigToDisk(path.Join(kubeadmapi.GlobalEnvParams.KubernetesDir, kubeconfigphase.KubeletKubeConfigFileName), cfg)
+	if err := kubeconfigphase.WriteKubeconfigToDisk(path.Join(kubeadmapi.GlobalEnvParams.KubernetesDir, kubeconfigphase.KubeletKubeConfigFileName), cfg); err != nil {
-	if err != nil {
 		return err
 	}
 

cmd/kubeadm/app/discovery/BUILD

@@ -20,6 +20,7 @@ go_library(
         "//cmd/kubeadm/app/discovery/file:go_default_library",
         "//cmd/kubeadm/app/discovery/https:go_default_library",
         "//cmd/kubeadm/app/discovery/token:go_default_library",
+        "//pkg/client/unversioned/clientcmd:go_default_library",
         "//pkg/client/unversioned/clientcmd/api:go_default_library",
         "//vendor:github.com/spf13/pflag",
     ],

cmd/kubeadm/app/discovery/discovery.go

@@ -18,14 +18,53 @@ package discovery
 
 import (
 	"fmt"
+	"io/ioutil"
+	"net/http"
 
 	kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
+
+	"k8s.io/kubernetes/pkg/client/unversioned/clientcmd"
 	clientcmdapi "k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api"
 )
 
-func For(c kubeadmapi.Discovery) (*clientcmdapi.Config, error) {
+// For identifies and executes the desired discovery mechanism.
+func For(d kubeadmapi.Discovery) (*clientcmdapi.Config, error) {
 	switch {
+	case d.File != nil:
+		return runFileDiscovery(d.File)
+	case d.HTTPS != nil:
+		return runHTTPSDiscovery(d.HTTPS)
+	case d.Token != nil:
+		// TODO move token discovery here
+		return runTokenDiscovery(d.Token)
 	default:
-		return nil, fmt.Errorf("unimplemented")
+		return nil, fmt.Errorf("Couldn't find a valid discovery configuration. Please provide one.")
 	}
 }
+
+// runFileDiscovery executes file-based discovery.
+func runFileDiscovery(fd *kubeadmapi.FileDiscovery) (*clientcmdapi.Config, error) {
+	return clientcmd.LoadFromFile(fd.Path)
+}
+
+// runHTTPSDiscovery executes HTTPS-based discovery.
+func runHTTPSDiscovery(hd *kubeadmapi.HTTPSDiscovery) (*clientcmdapi.Config, error) {
+	response, err := http.Get(hd.URL)
+	if err != nil {
+		return nil, err
+	}
+	defer response.Body.Close()
+
+	kubeconfig, err := ioutil.ReadAll(response.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	return clientcmd.Load(kubeconfig)
+}
+
+// TODO implement
+// runTokenDiscovery executes token-based discovery.
+func runTokenDiscovery(td *kubeadmapi.TokenDiscovery) (*clientcmdapi.Config, error) {
+	return nil, fmt.Errorf("Couldn't find a valid discovery configuration. Please provide one.")
+}

cmd/kubeadm/app/node/csr.go

@@ -29,12 +29,13 @@ import (
 	certutil "k8s.io/kubernetes/pkg/util/cert"
 )
 
+// TODO @mikedanese move this to PerformTLSBootstrap
 func PerformTLSBootstrapDeprecated(connection *ConnectionDetails) (*clientcmdapi.Config, error) {
 	fmt.Println("[csr] Created API client to obtain unique certificate for this node, generating keys and certificate signing request")
 
 	key, err := certutil.MakeEllipticPrivateKeyPEM()
 	if err != nil {
-		return nil, fmt.Errorf("failed to generating private key [%v]", err)
+		return nil, fmt.Errorf("failed to generate private key [%v]", err)
 	}
 	cert, err := csr.RequestNodeCertificate(connection.CertClient.CertificateSigningRequests(), key, connection.NodeName)
 	if err != nil {
@@ -80,7 +81,7 @@ func PerformTLSBootstrap(cfg *clientcmdapi.Config) error {
 
 	key, err := certutil.MakeEllipticPrivateKeyPEM()
 	if err != nil {
-		return fmt.Errorf("failed to generating private key [%v]", err)
+		return fmt.Errorf("failed to generate private key [%v]", err)
 	}
 	cert, err := csr.RequestNodeCertificate(c.Certificates().CertificateSigningRequests(), key, name)
 	if err != nil {