mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
Add the SSHTunnel transport to the kubelet client.
This commit is contained in:
parent
de9a5f43bc
commit
7ea533d871
@ -231,7 +231,7 @@ func handleInternal(legacy bool, storage map[string]rest.Storage, admissionContr
|
||||
container := restful.NewContainer()
|
||||
container.Router(restful.CurlyRouter{})
|
||||
mux := container.ServeMux
|
||||
if err := group.InstallREST(&RestContainer{container, 0}); err != nil {
|
||||
if err := group.InstallREST(&RestContainer{container, 0}, nil); err != nil {
|
||||
panic(fmt.Sprintf("unable to install container %s: %v", group.Version, err))
|
||||
}
|
||||
ws := new(restful.WebService)
|
||||
@ -1901,7 +1901,7 @@ func TestParentResourceIsRequired(t *testing.T) {
|
||||
Codec: newCodec,
|
||||
}
|
||||
container := restful.NewContainer()
|
||||
if err := group.InstallREST(&RestContainer{container, 0}); err == nil {
|
||||
if err := group.InstallREST(&RestContainer{container, 0}, nil); err == nil {
|
||||
t.Fatal("expected error")
|
||||
}
|
||||
|
||||
@ -1929,7 +1929,7 @@ func TestParentResourceIsRequired(t *testing.T) {
|
||||
Codec: newCodec,
|
||||
}
|
||||
container = restful.NewContainer()
|
||||
if err := group.InstallREST(&RestContainer{container, 0}); err != nil {
|
||||
if err := group.InstallREST(&RestContainer{container, 0}, nil); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
|
@ -121,7 +121,8 @@ func (r *ProxyHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
|
||||
httpCode = http.StatusNotFound
|
||||
return
|
||||
}
|
||||
if r.dial != nil {
|
||||
// If we have a custom dialer, and no pre-existing transport, initialize it to use the dialer.
|
||||
if transport == nil && r.dial != nil {
|
||||
transport = &http.Transport{Dial: r.dial}
|
||||
}
|
||||
|
||||
|
@ -102,6 +102,9 @@ type KubeletConfig struct {
|
||||
|
||||
// HTTPTimeout is used by the client to timeout http requests to Kubelet.
|
||||
HTTPTimeout time.Duration
|
||||
|
||||
// Dial is a custom dialer used for the client
|
||||
Dial func(net, addr string) (net.Conn, error)
|
||||
}
|
||||
|
||||
// TLSClientConfig contains settings to enable transport layer security
|
||||
|
@ -45,14 +45,20 @@ type ConnectionInfoGetter interface {
|
||||
// HTTPKubeletClient is the default implementation of KubeletHealthchecker, accesses the kubelet over HTTP.
|
||||
type HTTPKubeletClient struct {
|
||||
Client *http.Client
|
||||
Config *KubeletConfig
|
||||
Port uint
|
||||
EnableHttps bool
|
||||
}
|
||||
|
||||
// TODO: this structure is questionable, it should be using client.Config and overriding defaults.
|
||||
func NewKubeletClient(config *KubeletConfig) (KubeletClient, error) {
|
||||
transport := http.DefaultTransport
|
||||
|
||||
func MakeTransport(config *KubeletConfig) (http.RoundTripper, error) {
|
||||
var transport http.RoundTripper
|
||||
if config.Dial == nil {
|
||||
transport = http.DefaultTransport
|
||||
} else {
|
||||
transport = &http.Transport{
|
||||
Dial: config.Dial,
|
||||
}
|
||||
}
|
||||
cfg := &Config{TLSClientConfig: config.TLSClientConfig}
|
||||
if config.EnableHttps {
|
||||
hasCA := len(config.CAFile) > 0 || len(config.CAData) > 0
|
||||
@ -69,13 +75,22 @@ func NewKubeletClient(config *KubeletConfig) (KubeletClient, error) {
|
||||
TLSClientConfig: tlsConfig,
|
||||
}
|
||||
}
|
||||
return transport, nil
|
||||
}
|
||||
|
||||
// TODO: this structure is questionable, it should be using client.Config and overriding defaults.
|
||||
func NewKubeletClient(config *KubeletConfig) (KubeletClient, error) {
|
||||
transport, err := MakeTransport(config)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
c := &http.Client{
|
||||
Transport: transport,
|
||||
Timeout: config.HTTPTimeout,
|
||||
}
|
||||
return &HTTPKubeletClient{
|
||||
Client: c,
|
||||
Config: config,
|
||||
Port: config.Port,
|
||||
EnableHttps: config.EnableHttps,
|
||||
}, nil
|
||||
|
@ -17,6 +17,7 @@ limitations under the License.
|
||||
package fake_cloud
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"regexp"
|
||||
|
@ -506,6 +506,21 @@ func (m *Master) init(c *Config) {
|
||||
}
|
||||
m.setupSecureProxy(c.SSHUser, c.SSHKeyfile)
|
||||
proxyDialer = m.Dial
|
||||
|
||||
// This is pretty ugly. A better solution would be to pull this all the way up into the
|
||||
// server.go file.
|
||||
httpKubeletClient, ok := c.KubeletClient.(*client.HTTPKubeletClient)
|
||||
if ok {
|
||||
httpKubeletClient.Config.Dial = m.Dial
|
||||
transport, err := client.MakeTransport(httpKubeletClient.Config)
|
||||
if err != nil {
|
||||
glog.Errorf("Error setting up transport over SSH: %v", err)
|
||||
} else {
|
||||
httpKubeletClient.Client.Transport = transport
|
||||
}
|
||||
} else {
|
||||
glog.Errorf("Failed to cast %v to HTTPKubeletClient, skipping SSH tunnel.")
|
||||
}
|
||||
}
|
||||
|
||||
apiVersions := []string{}
|
||||
|
Loading…
Reference in New Issue
Block a user