github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-28 14:07:14 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #69720 from fabriziopandini/kubeadm-add-etcd-ports-constant

Browse Source 
Kubeadm - Add etcd ports constant
This commit is contained in:
k8s-ci-robot 2018-10-12 16:02:01 -07:00 committed by GitHub
commit f22334f14d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 40 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/kubeadm/app/cmd/upgrade/plan.go
View File

@ -112,7 +112,7 @@ func RunPlan(flags *planFlags) error {
etcdClient = client
} else {
client, err := etcdutil.NewFromStaticPod(
[]string{"localhost:2379"},
[]string{fmt.Sprintf("localhost:%d", constants.EtcdListenClientPort)},
constants.GetStaticPodDirectory(),
upgradeVars.cfg.CertificatesDir,
)

6
cmd/kubeadm/app/constants/constants.go
View File

@ -81,6 +81,9 @@ const (
// EtcdServerKeyName defines etcd's server key name
EtcdServerKeyName = "etcd/server.key"
// EtcdListenClientPort defines the port etcd listen on for client traffic
EtcdListenClientPort = 2379
// EtcdPeerCertAndKeyBaseName defines etcd's peer certificate and key base name
EtcdPeerCertAndKeyBaseName = "etcd/peer"
// EtcdPeerCertName defines etcd's peer certificate name
@ -88,6 +91,9 @@ const (
// EtcdPeerKeyName defines etcd's peer key name
EtcdPeerKeyName = "etcd/peer.key"
// EtcdListenPeerPort defines the port etcd listen on for peer traffic
EtcdListenPeerPort = 2380
// EtcdHealthcheckClientCertAndKeyBaseName defines etcd's healthcheck client certificate and key base name
EtcdHealthcheckClientCertAndKeyBaseName = "etcd/healthcheck-client"
// EtcdHealthcheckClientCertName defines etcd's healthcheck client certificate name

2
cmd/kubeadm/app/phases/controlplane/manifests.go
View File

@ -180,7 +180,7 @@ func getAPIServerCommand(cfg *kubeadmapi.InitConfiguration) []string {
}
} else {
// Default to etcd static pod on localhost
defaultArguments["etcd-servers"] = "https://127.0.0.1:2379"
defaultArguments["etcd-servers"] = fmt.Sprintf("https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort)
defaultArguments["etcd-cafile"] = filepath.Join(cfg.CertificatesDir, kubeadmconstants.EtcdCACertName)
defaultArguments["etcd-certfile"] = filepath.Join(cfg.CertificatesDir, kubeadmconstants.APIServerEtcdClientCertName)
defaultArguments["etcd-keyfile"] = filepath.Join(cfg.CertificatesDir, kubeadmconstants.APIServerEtcdClientKeyName)

18
cmd/kubeadm/app/phases/controlplane/manifests_test.go
View File

@ -181,7 +181,7 @@ func TestGetAPIServerCommand(t *testing.T) {
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=1.2.3.4",
"--etcd-servers=https://127.0.0.1:2379",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
@ -225,7 +225,7 @@ func TestGetAPIServerCommand(t *testing.T) {
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=4.3.2.1",
"--etcd-servers=https://127.0.0.1:2379",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
@ -264,7 +264,7 @@ func TestGetAPIServerCommand(t *testing.T) {
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=2001:db8::1",
"--etcd-servers=https://127.0.0.1:2379",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
@ -397,7 +397,7 @@ func TestGetAPIServerCommand(t *testing.T) {
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=2001:db8::1",
"--etcd-servers=https://127.0.0.1:2379",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
@ -441,7 +441,7 @@ func TestGetAPIServerCommand(t *testing.T) {
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=1.2.3.4",
"--etcd-servers=https://127.0.0.1:2379",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
@ -488,7 +488,7 @@ func TestGetAPIServerCommand(t *testing.T) {
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=9.9.9.9",
"--etcd-servers=https://127.0.0.1:2379",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
@ -534,7 +534,7 @@ func TestGetAPIServerCommand(t *testing.T) {
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC,ABAC",
"--advertise-address=1.2.3.4",
"--etcd-servers=https://127.0.0.1:2379",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
@ -576,7 +576,7 @@ func TestGetAPIServerCommand(t *testing.T) {
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=1.2.3.4",
"--etcd-servers=https://127.0.0.1:2379",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
@ -618,7 +618,7 @@ func TestGetAPIServerCommand(t *testing.T) {
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC,Webhook",
"--advertise-address=1.2.3.4",
"--etcd-servers=https://127.0.0.1:2379",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",

12
cmd/kubeadm/app/phases/etcd/local.go
View File

@ -71,7 +71,7 @@ func GetEtcdPodSpec(cfg *kubeadmapi.InitConfiguration) v1.Pod {
staticpodutil.NewVolumeMount(certsVolumeName, cfg.CertificatesDir+"/etcd", false),
},
LivenessProbe: staticpodutil.EtcdProbe(
cfg, kubeadmconstants.Etcd, 2379, cfg.CertificatesDir,
cfg, kubeadmconstants.Etcd, kubeadmconstants.EtcdListenClientPort, cfg.CertificatesDir,
kubeadmconstants.EtcdCACertName, kubeadmconstants.EtcdHealthcheckClientCertName, kubeadmconstants.EtcdHealthcheckClientKeyName,
),
}, etcdMounts)
@ -81,10 +81,10 @@ func GetEtcdPodSpec(cfg *kubeadmapi.InitConfiguration) v1.Pod {
func getEtcdCommand(cfg *kubeadmapi.InitConfiguration) []string {
defaultArguments := map[string]string{
"name": cfg.GetNodeName(),
"listen-client-urls": "https://127.0.0.1:2379",
"advertise-client-urls": "https://127.0.0.1:2379",
"listen-peer-urls": "https://127.0.0.1:2380",
"initial-advertise-peer-urls": "https://127.0.0.1:2380",
"listen-client-urls": fmt.Sprintf("https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"advertise-client-urls": fmt.Sprintf("https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"listen-peer-urls": fmt.Sprintf("https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
"initial-advertise-peer-urls": fmt.Sprintf("https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
"data-dir": cfg.Etcd.Local.DataDir,
"cert-file": filepath.Join(cfg.CertificatesDir, kubeadmconstants.EtcdServerCertName),
"key-file": filepath.Join(cfg.CertificatesDir, kubeadmconstants.EtcdServerKeyName),
@ -95,7 +95,7 @@ func getEtcdCommand(cfg *kubeadmapi.InitConfiguration) []string {
"peer-trusted-ca-file": filepath.Join(cfg.CertificatesDir, kubeadmconstants.EtcdCACertName),
"peer-client-cert-auth": "true",
"snapshot-count": "10000",
"initial-cluster": fmt.Sprintf("%s=https://127.0.0.1:2380", cfg.GetNodeName()),
"initial-cluster": fmt.Sprintf("%s=https://127.0.0.1:%d", cfg.GetNodeName(), kubeadmconstants.EtcdListenPeerPort),
}
command := []string{"etcd"}

27
cmd/kubeadm/app/phases/etcd/local_test.go
View File

@ -17,6 +17,7 @@ limitations under the License.
package etcd
import (
"fmt"
"os"
"path/filepath"
"reflect"
@ -135,10 +136,10 @@ func TestGetEtcdCommand(t *testing.T) {
expected: []string{
"etcd",
"--name=foo",
"--listen-client-urls=https://127.0.0.1:2379",
"--advertise-client-urls=https://127.0.0.1:2379",
"--listen-peer-urls=https://127.0.0.1:2380",
"--initial-advertise-peer-urls=https://127.0.0.1:2380",
fmt.Sprintf("--listen-client-urls=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
fmt.Sprintf("--advertise-client-urls=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
fmt.Sprintf("--listen-peer-urls=https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/var/lib/etcd",
"--cert-file=" + kubeadmconstants.EtcdServerCertName,
"--key-file=" + kubeadmconstants.EtcdServerKeyName,
@ -149,7 +150,7 @@ func TestGetEtcdCommand(t *testing.T) {
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--snapshot-count=10000",
"--peer-client-cert-auth=true",
"--initial-cluster=foo=https://127.0.0.1:2380",
fmt.Sprintf("--initial-cluster=foo=https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
},
},
{
@ -174,8 +175,8 @@ func TestGetEtcdCommand(t *testing.T) {
"--name=bar",
"--listen-client-urls=https://10.0.1.10:2379",
"--advertise-client-urls=https://10.0.1.10:2379",
"--listen-peer-urls=https://127.0.0.1:2380",
"--initial-advertise-peer-urls=https://127.0.0.1:2380",
fmt.Sprintf("--listen-peer-urls=https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/var/lib/etcd",
"--cert-file=" + kubeadmconstants.EtcdServerCertName,
"--key-file=" + kubeadmconstants.EtcdServerKeyName,
@ -186,7 +187,7 @@ func TestGetEtcdCommand(t *testing.T) {
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--snapshot-count=10000",
"--peer-client-cert-auth=true",
"--initial-cluster=bar=https://127.0.0.1:2380",
fmt.Sprintf("--initial-cluster=bar=https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
},
},
{
@ -205,10 +206,10 @@ func TestGetEtcdCommand(t *testing.T) {
expected: []string{
"etcd",
"--name=wombat",
"--listen-client-urls=https://127.0.0.1:2379",
"--advertise-client-urls=https://127.0.0.1:2379",
"--listen-peer-urls=https://127.0.0.1:2380",
"--initial-advertise-peer-urls=https://127.0.0.1:2380",
fmt.Sprintf("--listen-client-urls=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
fmt.Sprintf("--advertise-client-urls=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
fmt.Sprintf("--listen-peer-urls=https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/etc/foo",
"--cert-file=" + kubeadmconstants.EtcdServerCertName,
"--key-file=" + kubeadmconstants.EtcdServerKeyName,
@ -219,7 +220,7 @@ func TestGetEtcdCommand(t *testing.T) {
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--snapshot-count=10000",
"--peer-client-cert-auth=true",
"--initial-cluster=wombat=https://127.0.0.1:2380",
fmt.Sprintf("--initial-cluster=wombat=https://127.0.0.1:%d", kubeadmconstants.EtcdListenPeerPort),
},
},
}

4
cmd/kubeadm/app/phases/upgrade/staticpods.go
View File

@ -341,7 +341,7 @@ func performEtcdStaticPodUpgrade(waiter apiclient.Waiter, pathMgr StaticPodPathM
// Initialize the new etcd client if it wasn't pre-initialized
if newEtcdClient == nil {
client, err := etcdutil.NewFromStaticPod(
[]string{"localhost:2379"},
[]string{fmt.Sprintf("localhost:%d", constants.EtcdListenClientPort)},
constants.GetStaticPodDirectory(),
cfg.CertificatesDir,
)
@ -417,7 +417,7 @@ func StaticPodControlPlane(waiter apiclient.Waiter, pathMgr StaticPodPathManager
} else {
// etcd Static Pod
client, err := etcdutil.NewFromStaticPod(
[]string{"localhost:2379"},
[]string{fmt.Sprintf("localhost:%d", constants.EtcdListenClientPort)},
constants.GetStaticPodDirectory(),
cfg.CertificatesDir,
)

2
cmd/kubeadm/app/preflight/checks.go
View File

@ -879,7 +879,7 @@ func RunInitMasterChecks(execer utilsexec.Interface, cfg *kubeadmapi.InitConfigu
if cfg.Etcd.Local != nil {
// Only do etcd related checks when no external endpoints were specified
checks = append(checks,
PortOpenCheck{port: 2379},
PortOpenCheck{port: kubeadmconstants.EtcdListenClientPort},
DirAvailableCheck{Path: cfg.Etcd.Local.DataDir},
)
}