github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-06 02:34:03 +00:00
Code Issues Projects Releases Wiki Activity

kubeadm: support --discovery token://

Browse Source
This commit is contained in:
Mike Danese 2016-12-15 13:45:03 -08:00
parent 690c7e578b
commit 7945c437e5
5 changed files with 32 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cmd/kubeadm/app/cmd/init.go
View File

@ -216,7 +216,10 @@ func (i *Init) Validate() error {
func (i *Init) Run(out io.Writer) error { func (i *Init) Run(out io.Writer) error {
if i.cfg.Discovery.Token != nil { if i.cfg.Discovery.Token != nil {
if err := kubemaster.CreateTokenAuthFile(i.cfg.Discovery.Token); err != nil { if err := kubemaster.PrepareTokenDiscovery(i.cfg.Discovery.Token); err != nil {
return err
}
if err := kubemaster.CreateTokenAuthFile(kubeadmutil.BearerToken(i.cfg.Discovery.Token)); err != nil {
return err return err
} }
} }

1
cmd/kubeadm/app/master/BUILD
View File

@ -38,6 +38,7 @@ go_library(
"//pkg/registry/core/service/ipallocator:go_default_library", "//pkg/registry/core/service/ipallocator:go_default_library",
"//pkg/util/cert:go_default_library", "//pkg/util/cert:go_default_library",
"//pkg/util/intstr:go_default_library", "//pkg/util/intstr:go_default_library",
"//pkg/util/net:go_default_library",
"//pkg/util/uuid:go_default_library", "//pkg/util/uuid:go_default_library",
"//pkg/util/wait:go_default_library", "//pkg/util/wait:go_default_library",
"//vendor:github.com/blang/semver", "//vendor:github.com/blang/semver",

25
cmd/kubeadm/app/master/tokens.go
View File

@ -21,10 +21,13 @@ import (
"fmt" "fmt"
"os" "os"
"path" "path"
"strconv"
kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
kubeadmapiext "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1alpha1"
kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util" kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util"
cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util" cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
netutil "k8s.io/kubernetes/pkg/util/net"
"k8s.io/kubernetes/pkg/util/uuid" "k8s.io/kubernetes/pkg/util/uuid"
) )
@ -38,22 +41,32 @@ func generateTokenIfNeeded(d *kubeadmapi.TokenDiscovery) error {
return nil return nil
} }
if err := kubeadmutil.GenerateToken(d); err != nil { if err := kubeadmutil.GenerateToken(d); err != nil {
fmt.Printf("[tokens] Generated token: %q\n", kubeadmutil.BearerToken(d))
return nil
} else {
return err return err
} }
fmt.Printf("[tokens] Generated token: %q\n", kubeadmutil.BearerToken(d))
return nil
} }
func CreateTokenAuthFile(d *kubeadmapi.TokenDiscovery) error { func PrepareTokenDiscovery(d *kubeadmapi.TokenDiscovery) error {
tokenAuthFilePath := path.Join(kubeadmapi.GlobalEnvParams.HostPKIPath, "tokens.csv") if len(d.Addresses) == 0 {
ip, err := netutil.ChooseHostInterface()
if err != nil {
return err
}
d.Addresses = []string{ip.String() + ":" + strconv.Itoa(kubeadmapiext.DefaultDiscoveryBindPort)}
}
if err := generateTokenIfNeeded(d); err != nil { if err := generateTokenIfNeeded(d); err != nil {
return fmt.Errorf("failed to generate token(s) [%v]", err) return fmt.Errorf("failed to generate token(s) [%v]", err)
} }
return nil
}
func CreateTokenAuthFile(bt string) error {
tokenAuthFilePath := path.Join(kubeadmapi.GlobalEnvParams.HostPKIPath, "tokens.csv")
if err := os.MkdirAll(kubeadmapi.GlobalEnvParams.HostPKIPath, 0700); err != nil { if err := os.MkdirAll(kubeadmapi.GlobalEnvParams.HostPKIPath, 0700); err != nil {
return fmt.Errorf("failed to create directory %q [%v]", kubeadmapi.GlobalEnvParams.HostPKIPath, err) return fmt.Errorf("failed to create directory %q [%v]", kubeadmapi.GlobalEnvParams.HostPKIPath, err)
} }
serialized := []byte(fmt.Sprintf("%s,kubeadm-node-csr,%s,system:kubelet-bootstrap\n", kubeadmutil.BearerToken(d), uuid.NewUUID())) serialized := []byte(fmt.Sprintf("%s,kubeadm-node-csr,%s,system:kubelet-bootstrap\n", bt, uuid.NewUUID()))
// DumpReaderToFile create a file with mode 0600 // DumpReaderToFile create a file with mode 0600
if err := cmdutil.DumpReaderToFile(bytes.NewReader(serialized), tokenAuthFilePath); err != nil { if err := cmdutil.DumpReaderToFile(bytes.NewReader(serialized), tokenAuthFilePath); err != nil {
return fmt.Errorf("failed to save token auth file (%q) [%v]", tokenAuthFilePath, err) return fmt.Errorf("failed to save token auth file (%q) [%v]", tokenAuthFilePath, err)

4
cmd/kubeadm/app/master/tokens_test.go
View File

@ -50,10 +50,10 @@ func TestValidTokenPopulatesSecrets(t *testing.T) {
if err != nil { if err != nil {
t.Errorf("generateTokenIfNeeded gave an error for a valid token: %v", err) t.Errorf("generateTokenIfNeeded gave an error for a valid token: %v", err)
} }
if s.ID != "" { if s.ID == "" {
t.Errorf("generateTokenIfNeeded did not populate the TokenID correctly; expected ID to be non-empty") t.Errorf("generateTokenIfNeeded did not populate the TokenID correctly; expected ID to be non-empty")
} }
if s.Secret != "" { if s.Secret == "" {
t.Errorf("generateTokenIfNeeded did not populate the Token correctly; expected Secret to be non-empty") t.Errorf("generateTokenIfNeeded did not populate the Token correctly; expected Secret to be non-empty")
} }
}) })

6
cmd/kubeadm/app/util/tokens.go
View File

@ -77,6 +77,12 @@ func BearerToken(d *kubeadmapi.TokenDiscovery) string {
} }
func IsTokenValid(d *kubeadmapi.TokenDiscovery) (bool, error) { func IsTokenValid(d *kubeadmapi.TokenDiscovery) (bool, error) {
if len(d.ID)+len(d.Secret) == 0 {
return false, nil
}
if _, _, err := ParseToken(d.ID + "." + d.Secret); err != nil {
return false, err
}
return true, nil return true, nil
} }