github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-27 13:37:30 +00:00
Code Issues Projects Releases Wiki Activity

Check that sever API provides certificates capabilities

Browse Source 
Print user friendly error with information about required version.
This commit is contained in:
Evgeny L 2016-09-09 08:41:19 +00:00 committed by Ilya Dmitrichenko
parent b6d0efb854
commit ac849dab8e
No known key found for this signature in database
GPG Key ID: E7889175A6C0CEB9
1 changed files with 41 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
pkg/kubeadm/node/csr.go
View File

@ -21,7 +21,10 @@ import (
"io/ioutil" "io/ioutil"
"strings" "strings"
"k8s.io/kubernetes/pkg/apis/certificates"
unversionedcertificates "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/unversioned" unversionedcertificates "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/unversioned"
"k8s.io/kubernetes/pkg/client/restclient"
"k8s.io/kubernetes/pkg/client/typed/discovery"
"k8s.io/kubernetes/pkg/client/unversioned/clientcmd" "k8s.io/kubernetes/pkg/client/unversioned/clientcmd"
clientcmdapi "k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api" clientcmdapi "k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api"
kubeadmapi "k8s.io/kubernetes/pkg/kubeadm/api" kubeadmapi "k8s.io/kubernetes/pkg/kubeadm/api"
@ -60,6 +63,12 @@ func PerformTLSBootstrap(s *kubeadmapi.KubeadmConfig, apiEndpoint string, caCert
return nil, fmt.Errorf("<node/csr> failed to create API client configuration [%s]", err) return nil, fmt.Errorf("<node/csr> failed to create API client configuration [%s]", err)
} }
err = checkCertsAPI(bootstrapClientConfig)
if err != nil {
return nil, fmt.Errorf("<node/csr> API compatibility error [%s]", err)
}
client, err := unversionedcertificates.NewForConfig(bootstrapClientConfig) client, err := unversionedcertificates.NewForConfig(bootstrapClientConfig)
if err != nil { if err != nil {
return nil, fmt.Errorf("<node/csr> failed to create API client [%s]", err) return nil, fmt.Errorf("<node/csr> failed to create API client [%s]", err)
@ -88,3 +97,35 @@ func PerformTLSBootstrap(s *kubeadmapi.KubeadmConfig, apiEndpoint string, caCert
return finalConfig, nil return finalConfig, nil
} }
func checkCertsAPI(config *restclient.Config) error {
discoveryClient, err := discovery.NewDiscoveryClientForConfig(config)
if err != nil {
return fmt.Errorf("failed to create API discovery client [%s]", err)
}
serverGroups, err := discoveryClient.ServerGroups()
if err != nil {
return fmt.Errorf("failed to retrieve a list of supported API objects [%s]", err)
}
for _, group := range serverGroups.Groups {
if group.Name == certificates.GroupName {
return nil
}
}
version, err := discoveryClient.ServerVersion()
serverVersion := version.String()
if err != nil {
serverVersion = "N/A"
}
// Due to changes in API namespaces for certificates
// https://github.com/kubernetes/kubernetes/pull/31887/
// it is compatible only with versions released after v1.4.0-beta.0
return fmt.Errorf("installed Kubernetes API server version \"%s\" does not support certificates signing request use v1.4.0 or newer", serverVersion)
}