Merge pull request #107532 from marseel/add_bootstrap_to_kubemark

Add option to bootstrap kubeconfig for hollow-node
2025-07-24 04:06:03 +00:00 · 2022-02-02 06:44:21 -08:00 · 2022-02-02 06:44:21 -08:00 · 8f80ae88f2
commit 8f80ae88f2
parent d4b49be81a 27336259ba
1 changed files with 33 additions and 15 deletions
--- a/cmd/kubemark/hollow-node.go
+++ b/cmd/kubemark/hollow-node.go
@ -17,6 +17,7 @@ limitations under the License.
 package main

 import (
+	"context"
 	"errors"
 	goflag "flag"
 	"fmt"
@ -30,6 +31,7 @@ import (

 	v1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
+	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
 	clientset "k8s.io/client-go/kubernetes"
 	restclient "k8s.io/client-go/rest"
@ -45,6 +47,7 @@ import (
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/cluster/ports"
 	cadvisortest "k8s.io/kubernetes/pkg/kubelet/cadvisor/testing"
+	"k8s.io/kubernetes/pkg/kubelet/certificate/bootstrap"
 	"k8s.io/kubernetes/pkg/kubelet/cm"
 	"k8s.io/kubernetes/pkg/kubelet/cri/remote"
 	fakeremote "k8s.io/kubernetes/pkg/kubelet/cri/remote/fake"
@ -55,21 +58,23 @@ import (
 )

 type hollowNodeConfig struct {
-	KubeconfigPath       string
-	KubeletPort          int
-	KubeletReadOnlyPort  int
-	Morph                string
-	NodeName             string
-	ServerPort           int
-	ContentType          string
-	UseRealProxier       bool
-	ProxierSyncPeriod    time.Duration
-	ProxierMinSyncPeriod time.Duration
-	NodeLabels           map[string]string
-	RegisterWithTaints   []v1.Taint
-	MaxPods              int
-	ExtendedResources    map[string]string
-	UseHostImageService  bool
+	KubeconfigPath          string
+	BootstrapKubeconfigPath string
+	CertDirectory           string
+	KubeletPort             int
+	KubeletReadOnlyPort     int
+	Morph                   string
+	NodeName                string
+	ServerPort              int
+	ContentType             string
+	UseRealProxier          bool
+	ProxierSyncPeriod       time.Duration
+	ProxierMinSyncPeriod    time.Duration
+	NodeLabels              map[string]string
+	RegisterWithTaints      []v1.Taint
+	MaxPods                 int
+	ExtendedResources       map[string]string
+	UseHostImageService     bool
 }

 const (
@ -83,6 +88,8 @@ var knownMorphs = sets.NewString("kubelet", "proxy")

 func (c *hollowNodeConfig) addFlags(fs *pflag.FlagSet) {
 	fs.StringVar(&c.KubeconfigPath, "kubeconfig", "/kubeconfig/kubeconfig", "Path to kubeconfig file.")
+	fs.StringVar(&c.BootstrapKubeconfigPath, "bootstrap-kubeconfig", "", "Path to bootstrap kubeconfig file.")
+	fs.StringVar(&c.CertDirectory, "cert-dir", "/etc/srv/", "Path to cert directory for bootstraping.")
 	fs.IntVar(&c.KubeletPort, "kubelet-port", ports.KubeletPort, "Port on which HollowKubelet should be listening.")
 	fs.IntVar(&c.KubeletReadOnlyPort, "kubelet-read-only-port", ports.KubeletReadOnlyPort, "Read-only port on which Kubelet is listening.")
 	fs.StringVar(&c.NodeName, "name", "fake-node", "Name of this Hollow Node.")
@ -116,6 +123,13 @@ func (c *hollowNodeConfig) createClientConfigFromFile() (*restclient.Config, err
 	return config, nil
 }

+func (c *hollowNodeConfig) bootstrapClientConfig() error {
+	if c.BootstrapKubeconfigPath != "" {
+		return bootstrap.LoadClientCert(context.TODO(), c.KubeconfigPath, c.BootstrapKubeconfigPath, c.CertDirectory, types.NodeName(c.NodeName))
+	}
+	return nil
+}
+
 func (c *hollowNodeConfig) createHollowKubeletOptions() *kubemark.HollowKubletOptions {
 	return &kubemark.HollowKubletOptions{
 		NodeName:            c.NodeName,
@ -175,6 +189,10 @@ func run(cmd *cobra.Command, config *hollowNodeConfig) error {
 	}

 	// create a client to communicate with API server.
+	err := config.bootstrapClientConfig()
+	if err != nil {
+		return fmt.Errorf("Failed to bootstrap, error: %w. Exiting", err)
+	}
 	clientConfig, err := config.createClientConfigFromFile()
 	if err != nil {
 		return fmt.Errorf("Failed to create a ClientConfig, error: %w. Exiting", err)