Allow client.Config to be used for HTTP2 and WebSocket connections

client.Config describes how to make a client connection to a server for HTTP traffic, but for connection upgrade scenarios cannot be used because the underlying http.Transport object can't allow the connection to be hijacked. Reorganize the TLS and connection wrapper methods so that a sophisticated client can do: cfg := &client.Config{...} // from somewhere tlsConfig, _ := client.TLSConfigFor(cfg) _ := conn.Dial(...) rt := MyRoundTripper() // some func that implements grabbing requests wrapper, _ := client.HTTPWrappersFor(cfg) req := &http.Request{} req.Header.Set("Connection-Upgrade", ...) _, := wrapper.RoundTrip(req) // rt has been invoked with a fully formed Req with auth rt.Req.Write(conn) // read response for upgrade It would be good to have utility function that does more of this, but mostly enabling the HTTP2/SPDY client exec function right now.
2025-09-07 04:03:20 +00:00 · 2015-01-29 17:43:09 -05:00
parent 7603f88960
commit d072232d4a
6 changed files with 177 additions and 149 deletions
--- a/pkg/client/kubelet.go
+++ b/pkg/client/kubelet.go
@@ -59,41 +59,25 @@ type HTTPKubeletClient struct {
 	EnableHttps bool
 }

+// TODO: this structure is questionable, it should be using client.Config and overriding defaults.
 func NewKubeletClient(config *KubeletConfig) (KubeletClient, error) {
 	transport := http.DefaultTransport
-	hasCA := len(config.CAFile) > 0 || len(config.CAData) > 0
-	hasCert := len(config.CertFile) > 0 || len(config.CertData) > 0
-	if hasCert {
-		var (
-			certData, keyData, caData []byte
-			err                       error
-		)
-		if certData, err = dataFromSliceOrFile(config.CertData, config.CertFile); err != nil {
-			return nil, err
-		}
-		if keyData, err = dataFromSliceOrFile(config.KeyData, config.KeyFile); err != nil {
-			return nil, err
-		}
-		if caData, err = dataFromSliceOrFile(config.CAData, config.CAFile); err != nil {
-			return nil, err
-		}
-		if transport, err = NewClientCertTLSTransport(certData, keyData, caData); err != nil {
-			return nil, err
-		}
-	} else if hasCA {
-		var (
-			caData []byte
-			err    error
-		)
-		if caData, err = dataFromSliceOrFile(config.CAData, config.CAFile); err != nil {
-			return nil, err
-		}
-		if transport, err = NewTLSTransport(caData); err != nil {
-			return nil, err
+
+	tlsConfig, err := TLSConfigFor(&Config{
+		TLSClientConfig: config.TLSClientConfig,
+	})
+	if err != nil {
+		return nil, err
+	}
+	if tlsConfig != nil {
+		transport = &http.Transport{
+			TLSClientConfig: tlsConfig,
 		}
 	}

-	c := &http.Client{Transport: transport}
+	c := &http.Client{
+		Transport: transport,
+	}
 	return &HTTPKubeletClient{
 		Client:      c,
 		Port:        config.Port,