github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-27 21:47:07 +00:00
Code Issues Projects Releases Wiki Activity

Fix typos

Browse Source 
- Fix typos in tests for upgrade phase
- Rename loadCertificateAuthorithy() --> loadCertificateAuthority()
- Disambiguate apiKubeletClientCert & apiEtcdClientCert
- Parameterize hard-coded certs_test config + log tempCertsDir
This commit is contained in:
leigh schrandt 2017-12-18 00:39:35 -07:00
parent f5e11a0ce0
commit f61430d7c8
4 changed files with 25 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
cmd/kubeadm/app/phases/certs/certs.go
View File

@ -79,7 +79,7 @@ func CreateCACertAndKeyfiles(cfg *kubeadmapi.MasterConfiguration) error {
// It assumes the cluster CA certificate and key files should exists into the CertificatesDir // It assumes the cluster CA certificate and key files should exists into the CertificatesDir
func CreateAPIServerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { func CreateAPIServerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error {
caCert, caKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) caCert, caKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName)
if err != nil { if err != nil {
return err return err
} }
@ -103,12 +103,12 @@ func CreateAPIServerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error {
// It assumes the cluster CA certificate and key files should exists into the CertificatesDir // It assumes the cluster CA certificate and key files should exists into the CertificatesDir
func CreateAPIServerKubeletClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { func CreateAPIServerKubeletClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error {
caCert, caKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) caCert, caKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName)
if err != nil { if err != nil {
return err return err
} }
apiClientCert, apiClientKey, err := NewAPIServerKubeletClientCertAndKey(caCert, caKey) apiKubeletClientCert, apiKubeletClientKey, err := NewAPIServerKubeletClientCertAndKey(caCert, caKey)
if err != nil { if err != nil {
return err return err
} }
@ -117,8 +117,8 @@ func CreateAPIServerKubeletClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfigura
cfg.CertificatesDir, cfg.CertificatesDir,
kubeadmconstants.APIServerKubeletClientCertAndKeyBaseName, kubeadmconstants.APIServerKubeletClientCertAndKeyBaseName,
caCert, caCert,
apiClientCert, apiKubeletClientCert,
apiClientKey, apiKubeletClientKey,
) )
} }
@ -127,7 +127,7 @@ func CreateAPIServerKubeletClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfigura
// It assumes the cluster CA certificate and key file exist in the CertificatesDir // It assumes the cluster CA certificate and key file exist in the CertificatesDir
func CreateEtcdServerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { func CreateEtcdServerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error {
caCert, caKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) caCert, caKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName)
if err != nil { if err != nil {
return err return err
} }
@ -151,7 +151,7 @@ func CreateEtcdServerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error
// It assumes the cluster CA certificate and key file exist in the CertificatesDir // It assumes the cluster CA certificate and key file exist in the CertificatesDir
func CreateEtcdPeerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { func CreateEtcdPeerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error {
caCert, caKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) caCert, caKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName)
if err != nil { if err != nil {
return err return err
} }
@ -175,12 +175,12 @@ func CreateEtcdPeerCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error {
// It assumes the cluster CA certificate and key file exist in the CertificatesDir // It assumes the cluster CA certificate and key file exist in the CertificatesDir
func CreateAPIServerEtcdClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { func CreateAPIServerEtcdClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error {
caCert, caKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName) caCert, caKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.CACertAndKeyBaseName)
if err != nil { if err != nil {
return err return err
} }
apiClientCert, apiClientKey, err := NewAPIServerEtcdClientCertAndKey(caCert, caKey) apiEtcdClientCert, apiEtcdClientKey, err := NewAPIServerEtcdClientCertAndKey(caCert, caKey)
if err != nil { if err != nil {
return err return err
} }
@ -189,8 +189,8 @@ func CreateAPIServerEtcdClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguratio
cfg.CertificatesDir, cfg.CertificatesDir,
kubeadmconstants.APIServerEtcdClientCertAndKeyBaseName, kubeadmconstants.APIServerEtcdClientCertAndKeyBaseName,
caCert, caCert,
apiClientCert, apiEtcdClientCert,
apiClientKey, apiEtcdClientKey,
) )
} }
@ -235,7 +235,7 @@ func CreateFrontProxyCACertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) erro
// It assumes the front proxy CAA certificate and key files should exists into the CertificatesDir // It assumes the front proxy CAA certificate and key files should exists into the CertificatesDir
func CreateFrontProxyClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error { func CreateFrontProxyClientCertAndKeyFiles(cfg *kubeadmapi.MasterConfiguration) error {
frontProxyCACert, frontProxyCAKey, err := loadCertificateAuthorithy(cfg.CertificatesDir, kubeadmconstants.FrontProxyCACertAndKeyBaseName) frontProxyCACert, frontProxyCAKey, err := loadCertificateAuthority(cfg.CertificatesDir, kubeadmconstants.FrontProxyCACertAndKeyBaseName)
if err != nil { if err != nil {
return err return err
} }
@ -398,8 +398,8 @@ func NewFrontProxyClientCertAndKey(frontProxyCACert *x509.Certificate, frontProx
return frontProxyClientCert, frontProxyClientKey, nil return frontProxyClientCert, frontProxyClientKey, nil
} }
// loadCertificateAuthorithy loads certificate authority // loadCertificateAuthority loads certificate authority
func loadCertificateAuthorithy(pkiDir string, baseName string) (*x509.Certificate, *rsa.PrivateKey, error) { func loadCertificateAuthority(pkiDir string, baseName string) (*x509.Certificate, *rsa.PrivateKey, error) {
// Checks if certificate authority exists in the PKI directory // Checks if certificate authority exists in the PKI directory
if !pkiutil.CertOrKeyExist(pkiDir, baseName) { if !pkiutil.CertOrKeyExist(pkiDir, baseName) {
return nil, nil, fmt.Errorf("couldn't load %s certificate authority from %s", baseName, pkiDir) return nil, nil, fmt.Errorf("couldn't load %s certificate authority from %s", baseName, pkiDir)

10
cmd/kubeadm/app/phases/certs/certs_test.go
View File

@ -275,7 +275,7 @@ func TestNewAPIServerCertAndKey(t *testing.T) {
cfg := &kubeadmapi.MasterConfiguration{ cfg := &kubeadmapi.MasterConfiguration{
API: kubeadmapi.API{AdvertiseAddress: addr}, API: kubeadmapi.API{AdvertiseAddress: addr},
Networking: kubeadmapi.Networking{ServiceSubnet: "10.96.0.0/12", DNSDomain: "cluster.local"}, Networking: kubeadmapi.Networking{ServiceSubnet: "10.96.0.0/12", DNSDomain: "cluster.local"},
NodeName: "valid-hostname", NodeName: hostname,
} }
caCert, caKey, err := NewCACertAndKey() caCert, caKey, err := NewCACertAndKey()
if err != nil { if err != nil {
@ -300,14 +300,14 @@ func TestNewAPIServerKubeletClientCertAndKey(t *testing.T) {
t.Fatalf("failed creation of ca cert and key: %v", err) t.Fatalf("failed creation of ca cert and key: %v", err)
} }
apiClientCert, _, err := NewAPIServerKubeletClientCertAndKey(caCert, caKey) apiKubeletClientCert, _, err := NewAPIServerKubeletClientCertAndKey(caCert, caKey)
if err != nil { if err != nil {
t.Fatalf("failed creation of cert and key: %v", err) t.Fatalf("failed creation of cert and key: %v", err)
} }
certstestutil.AssertCertificateIsSignedByCa(t, apiClientCert, caCert) certstestutil.AssertCertificateIsSignedByCa(t, apiKubeletClientCert, caCert)
certstestutil.AssertCertificateHasClientAuthUsage(t, apiClientCert) certstestutil.AssertCertificateHasClientAuthUsage(t, apiKubeletClientCert)
certstestutil.AssertCertificateHasOrganizations(t, apiClientCert, kubeadmconstants.MastersGroup) certstestutil.AssertCertificateHasOrganizations(t, apiKubeletClientCert, kubeadmconstants.MastersGroup)
} }
func TestNewEtcdServerCertAndKey(t *testing.T) { func TestNewEtcdServerCertAndKey(t *testing.T) {

2
cmd/kubeadm/app/phases/upgrade/staticpods.go
View File

@ -208,7 +208,7 @@ func performEtcdStaticPodUpgrade(waiter apiclient.Waiter, pathMgr StaticPodPathM
backupEtcdDir := pathMgr.BackupEtcdDir() backupEtcdDir := pathMgr.BackupEtcdDir()
runningEtcdDir := cfg.Etcd.DataDir runningEtcdDir := cfg.Etcd.DataDir
if err := util.CopyDir(runningEtcdDir, backupEtcdDir); err != nil { if err := util.CopyDir(runningEtcdDir, backupEtcdDir); err != nil {
return true, fmt.Errorf("failer to back up etcd data: %v", err) return true, fmt.Errorf("failed to back up etcd data: %v", err)
} }
// Need to check currently used version and version from constants, if differs then upgrade // Need to check currently used version and version from constants, if differs then upgrade

9
cmd/kubeadm/app/phases/upgrade/staticpods_test.go
View File

@ -308,13 +308,13 @@ func TestStaticPodControlPlane(t *testing.T) {
defer os.RemoveAll(pathMgr.TempManifestDir()) defer os.RemoveAll(pathMgr.TempManifestDir())
defer os.RemoveAll(pathMgr.BackupManifestDir()) defer os.RemoveAll(pathMgr.BackupManifestDir())
tempCersDir, err := ioutil.TempDir("", "kubeadm-certs") tempCertsDir, err := ioutil.TempDir("", "kubeadm-certs")
if err != nil { if err != nil {
t.Fatalf("couldn't create temporary certificates directory: %v", err) t.Fatalf("couldn't create temporary certificates directory: %v", err)
} }
defer os.RemoveAll(tempCersDir) defer os.RemoveAll(tempCertsDir)
oldcfg, err := getConfig("v1.7.0", tempCersDir) oldcfg, err := getConfig("v1.7.0", tempCertsDir)
if err != nil { if err != nil {
t.Fatalf("couldn't create config: %v", err) t.Fatalf("couldn't create config: %v", err)
} }
@ -337,6 +337,7 @@ func TestStaticPodControlPlane(t *testing.T) {
t.Fatalf("couldn't initialize pre-upgrade certificate: %v", err) t.Fatalf("couldn't initialize pre-upgrade certificate: %v", err)
} }
} }
fmt.Printf("Wrote certs to %s\n", oldcfg.CertificatesDir)
// Initialize the directory with v1.7 manifests; should then be upgraded to v1.8 using the method // Initialize the directory with v1.7 manifests; should then be upgraded to v1.8 using the method
err = controlplanephase.CreateInitStaticPodManifestFiles(pathMgr.RealManifestDir(), oldcfg) err = controlplanephase.CreateInitStaticPodManifestFiles(pathMgr.RealManifestDir(), oldcfg)
@ -353,7 +354,7 @@ func TestStaticPodControlPlane(t *testing.T) {
t.Fatalf("couldn't read temp file: %v", err) t.Fatalf("couldn't read temp file: %v", err)
} }
newcfg, err := getConfig("v1.8.0", tempCersDir) newcfg, err := getConfig("v1.8.0", tempCertsDir)
if err != nil { if err != nil {
t.Fatalf("couldn't create config: %v", err) t.Fatalf("couldn't create config: %v", err)
} }