diff --git a/cmd/kubeadm/app/cmd/init.go b/cmd/kubeadm/app/cmd/init.go index ac2824951db..ae996433bc4 100644 --- a/cmd/kubeadm/app/cmd/init.go +++ b/cmd/kubeadm/app/cmd/init.go @@ -216,7 +216,10 @@ func (i *Init) Validate() error { func (i *Init) Run(out io.Writer) error { if i.cfg.Discovery.Token != nil { - if err := kubemaster.CreateTokenAuthFile(i.cfg.Discovery.Token); err != nil { + if err := kubemaster.PrepareTokenDiscovery(i.cfg.Discovery.Token); err != nil { + return err + } + if err := kubemaster.CreateTokenAuthFile(kubeadmutil.BearerToken(i.cfg.Discovery.Token)); err != nil { return err } } diff --git a/cmd/kubeadm/app/master/BUILD b/cmd/kubeadm/app/master/BUILD index 48aadd046aa..6fb2f43691b 100644 --- a/cmd/kubeadm/app/master/BUILD +++ b/cmd/kubeadm/app/master/BUILD @@ -38,6 +38,7 @@ go_library( "//pkg/registry/core/service/ipallocator:go_default_library", "//pkg/util/cert:go_default_library", "//pkg/util/intstr:go_default_library", + "//pkg/util/net:go_default_library", "//pkg/util/uuid:go_default_library", "//pkg/util/wait:go_default_library", "//vendor:github.com/blang/semver", diff --git a/cmd/kubeadm/app/master/tokens.go b/cmd/kubeadm/app/master/tokens.go index bf12b3a9e43..7cf35feab80 100644 --- a/cmd/kubeadm/app/master/tokens.go +++ b/cmd/kubeadm/app/master/tokens.go @@ -21,10 +21,13 @@ import ( "fmt" "os" "path" + "strconv" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" + kubeadmapiext "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha1" kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" + netutil "k8s.io/kubernetes/pkg/util/net" "k8s.io/kubernetes/pkg/util/uuid" ) @@ -38,22 +41,32 @@ func generateTokenIfNeeded(d *kubeadmapi.TokenDiscovery) error { return nil } if err := kubeadmutil.GenerateToken(d); err != nil { - fmt.Printf("[tokens] Generated token: %q\n", kubeadmutil.BearerToken(d)) - return nil - } else { return err } + fmt.Printf("[tokens] Generated token: %q\n", kubeadmutil.BearerToken(d)) + return nil } -func CreateTokenAuthFile(d *kubeadmapi.TokenDiscovery) error { - tokenAuthFilePath := path.Join(kubeadmapi.GlobalEnvParams.HostPKIPath, "tokens.csv") +func PrepareTokenDiscovery(d *kubeadmapi.TokenDiscovery) error { + if len(d.Addresses) == 0 { + ip, err := netutil.ChooseHostInterface() + if err != nil { + return err + } + d.Addresses = []string{ip.String() + ":" + strconv.Itoa(kubeadmapiext.DefaultDiscoveryBindPort)} + } if err := generateTokenIfNeeded(d); err != nil { return fmt.Errorf("failed to generate token(s) [%v]", err) } + return nil +} + +func CreateTokenAuthFile(bt string) error { + tokenAuthFilePath := path.Join(kubeadmapi.GlobalEnvParams.HostPKIPath, "tokens.csv") if err := os.MkdirAll(kubeadmapi.GlobalEnvParams.HostPKIPath, 0700); err != nil { return fmt.Errorf("failed to create directory %q [%v]", kubeadmapi.GlobalEnvParams.HostPKIPath, err) } - serialized := []byte(fmt.Sprintf("%s,kubeadm-node-csr,%s,system:kubelet-bootstrap\n", kubeadmutil.BearerToken(d), uuid.NewUUID())) + serialized := []byte(fmt.Sprintf("%s,kubeadm-node-csr,%s,system:kubelet-bootstrap\n", bt, uuid.NewUUID())) // DumpReaderToFile create a file with mode 0600 if err := cmdutil.DumpReaderToFile(bytes.NewReader(serialized), tokenAuthFilePath); err != nil { return fmt.Errorf("failed to save token auth file (%q) [%v]", tokenAuthFilePath, err) diff --git a/cmd/kubeadm/app/master/tokens_test.go b/cmd/kubeadm/app/master/tokens_test.go index 448dac8dbb1..e0287bc7ffe 100644 --- a/cmd/kubeadm/app/master/tokens_test.go +++ b/cmd/kubeadm/app/master/tokens_test.go @@ -50,10 +50,10 @@ func TestValidTokenPopulatesSecrets(t *testing.T) { if err != nil { t.Errorf("generateTokenIfNeeded gave an error for a valid token: %v", err) } - if s.ID != "" { + if s.ID == "" { t.Errorf("generateTokenIfNeeded did not populate the TokenID correctly; expected ID to be non-empty") } - if s.Secret != "" { + if s.Secret == "" { t.Errorf("generateTokenIfNeeded did not populate the Token correctly; expected Secret to be non-empty") } }) diff --git a/cmd/kubeadm/app/util/tokens.go b/cmd/kubeadm/app/util/tokens.go index e236db8817c..cedb631d27a 100644 --- a/cmd/kubeadm/app/util/tokens.go +++ b/cmd/kubeadm/app/util/tokens.go @@ -77,6 +77,12 @@ func BearerToken(d *kubeadmapi.TokenDiscovery) string { } func IsTokenValid(d *kubeadmapi.TokenDiscovery) (bool, error) { + if len(d.ID)+len(d.Secret) == 0 { + return false, nil + } + if _, _, err := ParseToken(d.ID + "." + d.Secret); err != nil { + return false, err + } return true, nil }