github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-13 05:46:16 +00:00
Code Issues Projects Releases Wiki Activity

Add Google cloudkms service to gce cloud provider

Browse Source
This commit is contained in:
Saksham Sharma 2017-06-27 17:28:32 -07:00
parent b47dc4704b
commit 57e8461662
2 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/cloudprovider/providers/gce/BUILD
View File

@ -55,6 +55,7 @@ go_library(
"//vendor/github.com/prometheus/client_golang/prometheus:go_default_library", "//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
"//vendor/golang.org/x/oauth2:go_default_library", "//vendor/golang.org/x/oauth2:go_default_library",
"//vendor/golang.org/x/oauth2/google:go_default_library", "//vendor/golang.org/x/oauth2/google:go_default_library",
"//vendor/google.golang.org/api/cloudkms/v1:go_default_library",
"//vendor/google.golang.org/api/compute/v0.beta:go_default_library", "//vendor/google.golang.org/api/compute/v0.beta:go_default_library",
"//vendor/google.golang.org/api/compute/v1:go_default_library", "//vendor/google.golang.org/api/compute/v1:go_default_library",
"//vendor/google.golang.org/api/container/v1:go_default_library", "//vendor/google.golang.org/api/container/v1:go_default_library",

22
pkg/cloudprovider/providers/gce/gce.go
View File

@ -25,9 +25,9 @@ import (
"sync" "sync"
"time" "time"
"cloud.google.com/go/compute/metadata" gcfg "gopkg.in/gcfg.v1"
"gopkg.in/gcfg.v1" "cloud.google.com/go/compute/metadata"
"k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/sets"
"k8s.io/apimachinery/pkg/util/wait" "k8s.io/apimachinery/pkg/util/wait"
@ -38,6 +38,7 @@ import (
"github.com/golang/glog" "github.com/golang/glog"
"golang.org/x/oauth2" "golang.org/x/oauth2"
"golang.org/x/oauth2/google" "golang.org/x/oauth2/google"
cloudkms "google.golang.org/api/cloudkms/v1"
computebeta "google.golang.org/api/compute/v0.beta" computebeta "google.golang.org/api/compute/v0.beta"
compute "google.golang.org/api/compute/v1" compute "google.golang.org/api/compute/v1"
container "google.golang.org/api/container/v1" container "google.golang.org/api/container/v1"
@ -85,6 +86,7 @@ type GCECloud struct {
service *compute.Service service *compute.Service
serviceBeta *computebeta.Service serviceBeta *computebeta.Service
containerService *container.Service containerService *container.Service
cloudkmsService *cloudkms.Service
clientBuilder controller.ControllerClientBuilder clientBuilder controller.ControllerClientBuilder
projectID string projectID string
region string region string
@ -153,6 +155,16 @@ func (g *GCECloud) GetComputeService() *compute.Service {
return g.service return g.service
} }
// Raw access to the cloudkmsService of GCE cloud. Required for encryption of etcd using Google KMS.
func (g *GCECloud) GetKMSService() *cloudkms.Service {
return g.cloudkmsService
}
// Returns the ProjectID corresponding to the project this cloud is in.
func (g *GCECloud) GetProjectID() string {
return g.projectID
}
// newGCECloud creates a new instance of GCECloud. // newGCECloud creates a new instance of GCECloud.
func newGCECloud(config io.Reader) (*GCECloud, error) { func newGCECloud(config io.Reader) (*GCECloud, error) {
projectID, zone, err := getProjectAndZone() projectID, zone, err := getProjectAndZone()
@ -244,6 +256,11 @@ func CreateGCECloud(projectID, region, zone string, managedZones []string, netwo
return nil, err return nil, err
} }
cloudkmsService, err := cloudkms.New(client)
if err != nil {
return nil, err
}
if networkURL == "" { if networkURL == "" {
networkName, err := getNetworkNameViaAPICall(service, projectID) networkName, err := getNetworkNameViaAPICall(service, projectID)
if err != nil { if err != nil {
@ -274,6 +291,7 @@ func CreateGCECloud(projectID, region, zone string, managedZones []string, netwo
service: service, service: service,
serviceBeta: serviceBeta, serviceBeta: serviceBeta,
containerService: containerService, containerService: containerService,
cloudkmsService: cloudkmsService,
projectID: projectID, projectID: projectID,
networkProjectID: networkProjectID, networkProjectID: networkProjectID,
onXPN: onXPN, onXPN: onXPN,