diff --git a/cmd/kubeadm/app/phases/certs/certs.go b/cmd/kubeadm/app/phases/certs/certs.go index 4c7df216944..86583f4cf5d 100644 --- a/cmd/kubeadm/app/phases/certs/certs.go +++ b/cmd/kubeadm/app/phases/certs/certs.go @@ -79,7 +79,7 @@ func CreateCACertAndKeyfiles(cfg *kubeadmapi.MasterConfiguration) error { // It assumes the cluster CA certificate and key files should exists into the CertificatesDir func CreateAPIServerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { - caCert, caKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) + caCert, caKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) if err != nil { return err } @@ -103,12 +103,12 @@ func CreateAPIServerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { // It assumes the cluster CA certificate and key files should exists into the CertificatesDir func CreateAPIServerKubeletClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { - caCert, caKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) + caCert, caKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) if err != nil { return err } - apiClientCert, apiClientKey, err := NewAPIServerKubeletClientCertAndKey(caCert, caKey) + apiKubeletClientCert, apiKubeletClientKey, err := NewAPIServerKubeletClientCertAndKey(caCert, caKey) if err != nil { return err } @@ -117,8 +117,8 @@ func CreateAPIServerKubeletClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfigura cfg.CertificatesDir, kubeadmconstants.APIServerKubeletClientCertAndKeyBaseName, caCert, - apiClientCert, - apiClientKey, + apiKubeletClientCert, + apiKubeletClientKey, ) } @@ -127,7 +127,7 @@ func CreateAPIServerKubeletClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfigura // It assumes the cluster CA certificate and key file exist in the CertificatesDir func CreateEtcdServerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { - caCert, caKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) + caCert, caKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) if err != nil { return err } @@ -151,7 +151,7 @@ func CreateEtcdServerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error // It assumes the cluster CA certificate and key file exist in the CertificatesDir func CreateEtcdPeerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { - caCert, caKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) + caCert, caKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) if err != nil { return err } @@ -175,12 +175,12 @@ func CreateEtcdPeerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { // It assumes the cluster CA certificate and key file exist in the CertificatesDir func CreateAPIServerEtcdClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { - caCert, caKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) + caCert, caKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) if err != nil { return err } - apiClientCert, apiClientKey, err := NewAPIServerEtcdClientCertAndKey(caCert, caKey) + apiEtcdClientCert, apiEtcdClientKey, err := NewAPIServerEtcdClientCertAndKey(caCert, caKey) if err != nil { return err } @@ -189,8 +189,8 @@ func CreateAPIServerEtcdClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguratio cfg.CertificatesDir, kubeadmconstants.APIServerEtcdClientCertAndKeyBaseName, caCert, - apiClientCert, - apiClientKey, + apiEtcdClientCert, + apiEtcdClientKey, ) } @@ -235,7 +235,7 @@ func CreateFrontProxyCACertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) erro // It assumes the front proxy CAA certificate and key files should exists into the CertificatesDir func CreateFrontProxyClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { - frontProxyCACert, frontProxyCAKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.FrontProxyCACertAndKeyBaseName) + frontProxyCACert, frontProxyCAKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.FrontProxyCACertAndKeyBaseName) if err != nil { return err } @@ -398,8 +398,8 @@ func NewFrontProxyClientCertAndKey(frontProxyCACert *x509.Certificate, frontProx return frontProxyClientCert, frontProxyClientKey, nil } -// loadCertificateAuthorithy loads certificate authority -func loadCertificateAuthorithy(pkiDir string, baseName string) (*x509.Certificate, *rsa.PrivateKey, error) { +// loadCertificateAuthority loads certificate authority +func loadCertificateAuthority(pkiDir string, baseName string) (*x509.Certificate, *rsa.PrivateKey, error) { // Checks if certificate authority exists in the PKI directory if !pkiutil.CertOrKeyExist(pkiDir, baseName) { return nil, nil, fmt.Errorf("couldn't load %s certificate authority from %s", baseName, pkiDir) diff --git a/cmd/kubeadm/app/phases/certs/certs_test.go b/cmd/kubeadm/app/phases/certs/certs_test.go index 58223adf89b..55c1ea1f56d 100644 --- a/cmd/kubeadm/app/phases/certs/certs_test.go +++ b/cmd/kubeadm/app/phases/certs/certs_test.go @@ -275,7 +275,7 @@ func TestNewAPIServerCertAndKey(t *testing.T) { cfg := &kubeadmapi.MasterConfiguration{ API: kubeadmapi.API{AdvertiseAddress: addr}, Networking: kubeadmapi.Networking{ServiceSubnet: "10.96.0.0/12", DNSDomain: "cluster.local"}, - NodeName: "valid-hostname", + NodeName: hostname, } caCert, caKey, err := NewCACertAndKey() if err != nil { @@ -300,14 +300,14 @@ func TestNewAPIServerKubeletClientCertAndKey(t *testing.T) { t.Fatalf("failed creation of ca cert and key: %v", err) } - apiClientCert, _, err := NewAPIServerKubeletClientCertAndKey(caCert, caKey) + apiKubeletClientCert, _, err := NewAPIServerKubeletClientCertAndKey(caCert, caKey) if err != nil { t.Fatalf("failed creation of cert and key: %v", err) } - certstestutil.AssertCertificateIsSignedByCa(t, apiClientCert, caCert) - certstestutil.AssertCertificateHasClientAuthUsage(t, apiClientCert) - certstestutil.AssertCertificateHasOrganizations(t, apiClientCert, kubeadmconstants.MastersGroup) + certstestutil.AssertCertificateIsSignedByCa(t, apiKubeletClientCert, caCert) + certstestutil.AssertCertificateHasClientAuthUsage(t, apiKubeletClientCert) + certstestutil.AssertCertificateHasOrganizations(t, apiKubeletClientCert, kubeadmconstants.MastersGroup) } func TestNewEtcdServerCertAndKey(t *testing.T) { diff --git a/cmd/kubeadm/app/phases/upgrade/staticpods.go b/cmd/kubeadm/app/phases/upgrade/staticpods.go index ee1016868f9..f79146a91f6 100644 --- a/cmd/kubeadm/app/phases/upgrade/staticpods.go +++ b/cmd/kubeadm/app/phases/upgrade/staticpods.go @@ -208,7 +208,7 @@ func performEtcdStaticPodUpgrade(waiter apiclient.Waiter, pathMgr StaticPodPathM backupEtcdDir := pathMgr.BackupEtcdDir() runningEtcdDir := cfg.Etcd.DataDir if err := util.CopyDir(runningEtcdDir, backupEtcdDir); err != nil { - return true, fmt.Errorf("failer to back up etcd data: %v", err) + return true, fmt.Errorf("failed to back up etcd data: %v", err) } // Need to check currently used version and version from constants, if differs then upgrade diff --git a/cmd/kubeadm/app/phases/upgrade/staticpods_test.go b/cmd/kubeadm/app/phases/upgrade/staticpods_test.go index 6bd50ca9d70..2cf71ab9d50 100644 --- a/cmd/kubeadm/app/phases/upgrade/staticpods_test.go +++ b/cmd/kubeadm/app/phases/upgrade/staticpods_test.go @@ -308,13 +308,13 @@ func TestStaticPodControlPlane(t *testing.T) { defer os.RemoveAll(pathMgr.TempManifestDir()) defer os.RemoveAll(pathMgr.BackupManifestDir()) - tempCersDir, err := ioutil.TempDir("", "kubeadm-certs") + tempCertsDir, err := ioutil.TempDir("", "kubeadm-certs") if err != nil { t.Fatalf("couldn't create temporary certificates directory: %v", err) } - defer os.RemoveAll(tempCersDir) + defer os.RemoveAll(tempCertsDir) - oldcfg, err := getConfig("v1.7.0", tempCersDir) + oldcfg, err := getConfig("v1.7.0", tempCertsDir) if err != nil { t.Fatalf("couldn't create config: %v", err) } @@ -337,6 +337,7 @@ func TestStaticPodControlPlane(t *testing.T) { t.Fatalf("couldn't initialize pre-upgrade certificate: %v", err) } } + fmt.Printf("Wrote certs to %s\n", oldcfg.CertificatesDir) // Initialize the directory with v1.7 manifests; should then be upgraded to v1.8 using the method err = controlplanephase.CreateInitStaticPodManifestFiles(pathMgr.RealManifestDir(), oldcfg) @@ -353,7 +354,7 @@ func TestStaticPodControlPlane(t *testing.T) { t.Fatalf("couldn't read temp file: %v", err) } - newcfg, err := getConfig("v1.8.0", tempCersDir) + newcfg, err := getConfig("v1.8.0", tempCertsDir) if err != nil { t.Fatalf("couldn't create config: %v", err) }