mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-25 04:33:26 +00:00
Create kubeconfig for cluster secrets on other cloud providers as well
This commit is contained in:
parent
a3f09700e5
commit
657a7ef6a4
@ -1304,7 +1304,18 @@ function build-config() {
|
|||||||
export CONTEXT="aws_${INSTANCE_PREFIX}"
|
export CONTEXT="aws_${INSTANCE_PREFIX}"
|
||||||
(
|
(
|
||||||
umask 077
|
umask 077
|
||||||
|
|
||||||
|
# Update the user's kubeconfig to include credentials for this apiserver.
|
||||||
create-kubeconfig
|
create-kubeconfig
|
||||||
|
|
||||||
|
if [[ "${FEDERATION:-}" == "true" ]]; then
|
||||||
|
# Create a kubeconfig with credentials for this apiserver. We will later use
|
||||||
|
# this kubeconfig to create a secret which the federation control plane can
|
||||||
|
# use to talk to this apiserver.
|
||||||
|
KUBECONFIG_DIR=$(dirname ${KUBECONFIG:-$DEFAULT_KUBECONFIG})
|
||||||
|
KUBECONFIG="${KUBECONFIG_DIR}/federation/kubernetes-apiserver/${CONTEXT}/kubeconfig" \
|
||||||
|
create-kubeconfig
|
||||||
|
fi
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -26,6 +26,7 @@ NETWORK="${NETWORK:-default}"
|
|||||||
NETWORK_RANGE="${NETWORK_RANGE:-10.240.0.0/16}"
|
NETWORK_RANGE="${NETWORK_RANGE:-10.240.0.0/16}"
|
||||||
FIREWALL_SSH="${FIREWALL_SSH:-${NETWORK}-allow-ssh}"
|
FIREWALL_SSH="${FIREWALL_SSH:-${NETWORK}-allow-ssh}"
|
||||||
GCLOUD="${GCLOUD:-gcloud}"
|
GCLOUD="${GCLOUD:-gcloud}"
|
||||||
|
KUBECTL="${KUBECTL:-kubectl}"
|
||||||
CMD_GROUP="${CMD_GROUP:-}"
|
CMD_GROUP="${CMD_GROUP:-}"
|
||||||
GCLOUD_CONFIG_DIR="${GCLOUD_CONFIG_DIR:-${HOME}/.config/gcloud/kubernetes}"
|
GCLOUD_CONFIG_DIR="${GCLOUD_CONFIG_DIR:-${HOME}/.config/gcloud/kubernetes}"
|
||||||
MACHINE_TYPE="${MACHINE_TYPE:-n1-standard-2}"
|
MACHINE_TYPE="${MACHINE_TYPE:-n1-standard-2}"
|
||||||
|
@ -193,6 +193,22 @@ function kube-up() {
|
|||||||
# Bring up the cluster.
|
# Bring up the cluster.
|
||||||
"${GCLOUD}" ${CMD_GROUP:-} container clusters create "${CLUSTER_NAME}" "${create_args[@]}"
|
"${GCLOUD}" ${CMD_GROUP:-} container clusters create "${CLUSTER_NAME}" "${create_args[@]}"
|
||||||
|
|
||||||
|
if [[ "${FEDERATION:-}" == "true" ]]; then
|
||||||
|
# Create a kubeconfig with credentials for this apiserver. We will later use
|
||||||
|
# this kubeconfig to create a secret which the federation control plane can
|
||||||
|
# use to talk to this apiserver.
|
||||||
|
KUBECONFIG=${KUBECONFIG:-${HOME}/.kube/config}
|
||||||
|
KUBECONFIG_DIR=$(dirname $KUBECONFIG)
|
||||||
|
CONTEXT=$($KUBECTL config current-context)
|
||||||
|
DEST_KUBECONFIG="${KUBECONFIG_DIR}/federation/kubernetes-apiserver/${CONTEXT}/kubeconfig"
|
||||||
|
mkdir -p $(dirname $DEST_KUBECONFIG) >&2
|
||||||
|
# TODO: Original kubeconfig can contain credential information about
|
||||||
|
# other clusters as well. Extract the information about only this cluster
|
||||||
|
# and then create a file with that.
|
||||||
|
# For now, we use the whole kubeconfig file.
|
||||||
|
cp $KUBECONFIG $DEST_KUBECONFIG >&2
|
||||||
|
fi
|
||||||
|
|
||||||
if [[ ! -z "${HEAPSTER_MACHINE_TYPE:-}" ]]; then
|
if [[ ! -z "${HEAPSTER_MACHINE_TYPE:-}" ]]; then
|
||||||
"${GCLOUD}" ${CMD_GROUP:-} container node-pools create "heapster-pool" --cluster "${CLUSTER_NAME}" --num-nodes=1 --machine-type="${HEAPSTER_MACHINE_TYPE}" "${shared_args[@]}"
|
"${GCLOUD}" ${CMD_GROUP:-} container node-pools create "heapster-pool" --cluster "${CLUSTER_NAME}" --num-nodes=1 --machine-type="${HEAPSTER_MACHINE_TYPE}" "${shared_args[@]}"
|
||||||
fi
|
fi
|
||||||
|
@ -295,7 +295,17 @@ function kube-up {
|
|||||||
vagrant ssh master -- sudo cat /srv/kubernetes/kubecfg.key >"${KUBE_KEY}" 2>/dev/null
|
vagrant ssh master -- sudo cat /srv/kubernetes/kubecfg.key >"${KUBE_KEY}" 2>/dev/null
|
||||||
vagrant ssh master -- sudo cat /srv/kubernetes/ca.crt >"${CA_CERT}" 2>/dev/null
|
vagrant ssh master -- sudo cat /srv/kubernetes/ca.crt >"${CA_CERT}" 2>/dev/null
|
||||||
|
|
||||||
|
# Update the user's kubeconfig to include credentials for this apiserver.
|
||||||
create-kubeconfig
|
create-kubeconfig
|
||||||
|
|
||||||
|
if [[ "${FEDERATION:-}" == "true" ]]; then
|
||||||
|
# Create a kubeconfig with credentials for this apiserver. We will later use
|
||||||
|
# this kubeconfig to create a secret which the federation control plane can
|
||||||
|
# use to talk to this apiserver.
|
||||||
|
KUBECONFIG_DIR=$(dirname ${KUBECONFIG:-$DEFAULT_KUBECONFIG})
|
||||||
|
KUBECONFIG="${KUBECONFIG_DIR}/federation/kubernetes-apiserver/${CONTEXT}/kubeconfig" \
|
||||||
|
create-kubeconfig
|
||||||
|
fi
|
||||||
)
|
)
|
||||||
|
|
||||||
verify-cluster
|
verify-cluster
|
||||||
|
Loading…
Reference in New Issue
Block a user