2017-11-28 11:26:15 +00:00
|
|
|
package cmd
|
|
|
|
|
|
|
|
|
|
import (
|
2018-01-09 22:10:56 +00:00
|
|
|
"context"
|
2017-11-28 11:26:15 +00:00
|
|
|
"fmt"
|
2018-04-18 06:04:30 +00:00
|
|
|
"strings"
|
2018-07-10 19:21:27 +00:00
|
|
|
"time"
|
2017-11-28 11:26:15 +00:00
|
|
|
|
|
|
|
|
"github.com/rancher/rke/cluster"
|
2018-07-10 19:21:27 +00:00
|
|
|
"github.com/rancher/rke/dind"
|
2017-12-11 18:28:08 +00:00
|
|
|
"github.com/rancher/rke/hosts"
|
2018-02-20 11:51:57 +00:00
|
|
|
"github.com/rancher/rke/k8s"
|
2018-01-09 22:10:56 +00:00
|
|
|
"github.com/rancher/rke/log"
|
2017-11-28 11:26:15 +00:00
|
|
|
"github.com/rancher/rke/pki"
|
2017-12-16 03:38:15 +00:00
|
|
|
"github.com/rancher/types/apis/management.cattle.io/v3"
|
2017-11-28 11:26:15 +00:00
|
|
|
"github.com/urfave/cli"
|
|
|
|
|
"k8s.io/client-go/util/cert"
|
|
|
|
|
)
|
|
|
|
|
|
2017-12-16 03:38:15 +00:00
|
|
|
var clusterFilePath string
|
|
|
|
|
|
2018-07-10 19:21:27 +00:00
|
|
|
const DINDWaitTime = 3
|
|
|
|
|
|
2017-11-28 11:26:15 +00:00
|
|
|
func UpCommand() cli.Command {
|
|
|
|
|
upFlags := []cli.Flag{
|
|
|
|
|
cli.StringFlag{
|
|
|
|
|
Name: "config",
|
|
|
|
|
Usage: "Specify an alternate cluster YAML file",
|
2018-02-06 19:25:54 +00:00
|
|
|
Value: pki.ClusterConfig,
|
2017-11-28 11:26:15 +00:00
|
|
|
EnvVar: "RKE_CONFIG",
|
|
|
|
|
},
|
2017-12-22 01:01:53 +00:00
|
|
|
cli.BoolFlag{
|
|
|
|
|
Name: "local",
|
|
|
|
|
Usage: "Deploy Kubernetes cluster locally",
|
|
|
|
|
},
|
2018-07-10 19:21:27 +00:00
|
|
|
cli.BoolFlag{
|
|
|
|
|
Name: "dind",
|
|
|
|
|
Usage: "Deploy Kubernetes cluster in docker containers (experimental)",
|
|
|
|
|
},
|
2018-03-20 12:56:49 +00:00
|
|
|
cli.BoolFlag{
|
|
|
|
|
Name: "update-only",
|
|
|
|
|
Usage: "Skip idempotent deployment of control and etcd plane",
|
|
|
|
|
},
|
|
|
|
|
cli.BoolFlag{
|
|
|
|
|
Name: "disable-port-check",
|
|
|
|
|
Usage: "Disable port check validation between nodes",
|
|
|
|
|
},
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
2018-03-06 00:52:43 +00:00
|
|
|
|
2018-05-15 17:35:52 +00:00
|
|
|
upFlags = append(upFlags, commonFlags...)
|
2018-03-06 00:52:43 +00:00
|
|
|
|
2017-11-28 11:26:15 +00:00
|
|
|
return cli.Command{
|
|
|
|
|
Name: "up",
|
|
|
|
|
Usage: "Bring the cluster up",
|
|
|
|
|
Action: clusterUpFromCli,
|
|
|
|
|
Flags: upFlags,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-22 01:01:53 +00:00
|
|
|
func ClusterUp(
|
|
|
|
|
ctx context.Context,
|
|
|
|
|
rkeConfig *v3.RancherKubernetesEngineConfig,
|
|
|
|
|
dockerDialerFactory, localConnDialerFactory hosts.DialerFactory,
|
2018-02-20 11:51:57 +00:00
|
|
|
k8sWrapTransport k8s.WrapTransport,
|
2018-04-02 11:02:00 +00:00
|
|
|
local bool, configDir string, updateOnly, disablePortCheck bool) (string, string, string, string, map[string]pki.CertificatePKI, error) {
|
2017-12-22 01:01:53 +00:00
|
|
|
|
2018-01-09 22:10:56 +00:00
|
|
|
log.Infof(ctx, "Building Kubernetes cluster")
|
2017-11-28 11:26:15 +00:00
|
|
|
var APIURL, caCrt, clientCert, clientKey string
|
2018-02-20 11:51:57 +00:00
|
|
|
kubeCluster, err := cluster.ParseCluster(ctx, rkeConfig, clusterFilePath, configDir, dockerDialerFactory, localConnDialerFactory, k8sWrapTransport)
|
2017-11-28 11:26:15 +00:00
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
|
|
|
|
|
2017-12-22 01:01:53 +00:00
|
|
|
err = kubeCluster.TunnelHosts(ctx, local)
|
2017-11-28 11:26:15 +00:00
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
|
|
|
|
|
2018-01-18 20:41:04 +00:00
|
|
|
currentCluster, err := kubeCluster.GetClusterState(ctx)
|
|
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2018-01-16 18:29:09 +00:00
|
|
|
}
|
2018-03-20 12:56:49 +00:00
|
|
|
if !disablePortCheck {
|
|
|
|
|
if err = kubeCluster.CheckClusterPorts(ctx, currentCluster); err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2018-03-20 12:56:49 +00:00
|
|
|
}
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
|
|
|
|
|
2018-01-09 22:10:56 +00:00
|
|
|
err = cluster.SetUpAuthentication(ctx, kubeCluster, currentCluster)
|
2017-11-28 11:26:15 +00:00
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
2018-10-10 17:19:21 +00:00
|
|
|
if len(kubeCluster.ControlPlaneHosts) > 0 {
|
|
|
|
|
APIURL = fmt.Sprintf("https://" + kubeCluster.ControlPlaneHosts[0].Address + ":6443")
|
|
|
|
|
}
|
|
|
|
|
clientCert = string(cert.EncodeCertPEM(kubeCluster.Certificates[pki.KubeAdminCertName].Certificate))
|
|
|
|
|
clientKey = string(cert.EncodePrivateKeyPEM(kubeCluster.Certificates[pki.KubeAdminCertName].Key))
|
|
|
|
|
caCrt = string(cert.EncodeCertPEM(kubeCluster.Certificates[pki.CACertName].Certificate))
|
2017-11-28 11:26:15 +00:00
|
|
|
|
2018-03-20 12:56:49 +00:00
|
|
|
err = cluster.ReconcileCluster(ctx, kubeCluster, currentCluster, updateOnly)
|
2017-11-28 11:26:15 +00:00
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
2018-10-10 17:19:21 +00:00
|
|
|
// update APIURL after reconcile
|
|
|
|
|
if len(kubeCluster.ControlPlaneHosts) > 0 {
|
|
|
|
|
APIURL = fmt.Sprintf("https://" + kubeCluster.ControlPlaneHosts[0].Address + ":6443")
|
|
|
|
|
}
|
2018-01-09 22:10:56 +00:00
|
|
|
err = kubeCluster.SetUpHosts(ctx)
|
2017-11-28 11:26:15 +00:00
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
|
|
|
|
|
2018-02-01 21:43:09 +00:00
|
|
|
if err := kubeCluster.PrePullK8sImages(ctx); err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2018-02-01 21:43:09 +00:00
|
|
|
}
|
|
|
|
|
|
2018-01-09 22:10:56 +00:00
|
|
|
err = kubeCluster.DeployControlPlane(ctx)
|
2017-11-28 11:26:15 +00:00
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
|
|
|
|
|
2018-02-26 21:14:04 +00:00
|
|
|
// Apply Authz configuration after deploying controlplane
|
|
|
|
|
err = cluster.ApplyAuthzResources(ctx, kubeCluster.RancherKubernetesEngineConfig, clusterFilePath, configDir, k8sWrapTransport)
|
|
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2018-02-26 21:14:04 +00:00
|
|
|
}
|
|
|
|
|
|
2018-04-27 21:02:38 +00:00
|
|
|
err = kubeCluster.SaveClusterState(ctx, &kubeCluster.RancherKubernetesEngineConfig)
|
2017-11-28 11:26:15 +00:00
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
|
|
|
|
|
2018-01-09 22:10:56 +00:00
|
|
|
err = kubeCluster.DeployWorkerPlane(ctx)
|
2017-12-26 22:07:25 +00:00
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2017-12-26 22:07:25 +00:00
|
|
|
}
|
|
|
|
|
|
2018-03-21 17:20:58 +00:00
|
|
|
if err = kubeCluster.CleanDeadLogs(ctx); err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2018-03-21 17:20:58 +00:00
|
|
|
}
|
|
|
|
|
|
2018-09-26 23:26:20 +00:00
|
|
|
err = kubeCluster.SyncLabelsAndTaints(ctx, currentCluster)
|
2017-11-28 11:26:15 +00:00
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
|
|
|
|
|
2018-03-01 21:32:25 +00:00
|
|
|
err = cluster.ConfigureCluster(ctx, kubeCluster.RancherKubernetesEngineConfig, kubeCluster.Certificates, clusterFilePath, configDir, k8sWrapTransport, false)
|
2017-11-28 11:26:15 +00:00
|
|
|
if err != nil {
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
|
|
|
|
|
2018-04-18 06:04:30 +00:00
|
|
|
if err := checkAllIncluded(kubeCluster); err != nil {
|
|
|
|
|
return APIURL, caCrt, clientCert, clientKey, nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 22:10:56 +00:00
|
|
|
log.Infof(ctx, "Finished building Kubernetes cluster successfully")
|
2018-04-02 11:02:00 +00:00
|
|
|
return APIURL, caCrt, clientCert, clientKey, kubeCluster.Certificates, nil
|
2017-11-28 11:26:15 +00:00
|
|
|
}
|
|
|
|
|
|
2018-04-18 06:04:30 +00:00
|
|
|
func checkAllIncluded(cluster *cluster.Cluster) error {
|
|
|
|
|
if len(cluster.InactiveHosts) == 0 {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var names []string
|
|
|
|
|
for _, host := range cluster.InactiveHosts {
|
|
|
|
|
names = append(names, host.Address)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return fmt.Errorf("Provisioning incomplete, host(s) [%s] skipped because they could not be contacted", strings.Join(names, ","))
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-28 11:26:15 +00:00
|
|
|
func clusterUpFromCli(ctx *cli.Context) error {
|
2018-01-15 04:36:28 +00:00
|
|
|
if ctx.Bool("local") {
|
|
|
|
|
return clusterUpLocal(ctx)
|
|
|
|
|
}
|
2018-07-10 19:21:27 +00:00
|
|
|
if ctx.Bool("dind") {
|
|
|
|
|
return clusterUpDind(ctx)
|
|
|
|
|
}
|
2017-12-16 03:38:15 +00:00
|
|
|
clusterFile, filePath, err := resolveClusterFile(ctx)
|
2017-11-28 11:26:15 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("Failed to resolve cluster file: %v", err)
|
|
|
|
|
}
|
2017-12-16 03:38:15 +00:00
|
|
|
clusterFilePath = filePath
|
|
|
|
|
|
|
|
|
|
rkeConfig, err := cluster.ParseConfig(clusterFile)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("Failed to parse cluster file: %v", err)
|
|
|
|
|
}
|
2018-03-06 00:52:43 +00:00
|
|
|
|
|
|
|
|
rkeConfig, err = setOptionsFromCLI(ctx, rkeConfig)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2018-03-20 12:56:49 +00:00
|
|
|
updateOnly := ctx.Bool("update-only")
|
|
|
|
|
disablePortCheck := ctx.Bool("disable-port-check")
|
2018-03-06 00:52:43 +00:00
|
|
|
|
2018-04-02 11:02:00 +00:00
|
|
|
_, _, _, _, _, err = ClusterUp(context.Background(), rkeConfig, nil, nil, nil, false, "", updateOnly, disablePortCheck)
|
2018-01-15 04:36:28 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func clusterUpLocal(ctx *cli.Context) error {
|
|
|
|
|
var rkeConfig *v3.RancherKubernetesEngineConfig
|
|
|
|
|
clusterFile, filePath, err := resolveClusterFile(ctx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Infof(context.Background(), "Failed to resolve cluster file, using default cluster instead")
|
|
|
|
|
rkeConfig = cluster.GetLocalRKEConfig()
|
|
|
|
|
} else {
|
|
|
|
|
clusterFilePath = filePath
|
|
|
|
|
rkeConfig, err = cluster.ParseConfig(clusterFile)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("Failed to parse cluster file: %v", err)
|
|
|
|
|
}
|
2017-12-22 01:01:53 +00:00
|
|
|
rkeConfig.Nodes = []v3.RKEConfigNode{*cluster.GetLocalRKENodeConfig()}
|
|
|
|
|
}
|
2018-05-15 17:35:52 +00:00
|
|
|
|
|
|
|
|
rkeConfig.IgnoreDockerVersion = ctx.Bool("ignore-docker-version")
|
|
|
|
|
|
2018-04-02 11:02:00 +00:00
|
|
|
_, _, _, _, _, err = ClusterUp(context.Background(), rkeConfig, nil, hosts.LocalHealthcheckFactory, nil, true, "", false, false)
|
2017-11-28 11:26:15 +00:00
|
|
|
return err
|
|
|
|
|
}
|
2018-07-10 19:21:27 +00:00
|
|
|
|
|
|
|
|
func clusterUpDind(ctx *cli.Context) error {
|
|
|
|
|
// get dind config
|
2018-08-14 22:04:56 +00:00
|
|
|
rkeConfig, disablePortCheck, err := getDindConfig(ctx)
|
2018-07-10 19:21:27 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
// setup dind environment
|
2018-08-14 22:04:56 +00:00
|
|
|
if err = createDINDEnv(context.Background(), rkeConfig); err != nil {
|
2018-07-10 19:21:27 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
// start cluster
|
|
|
|
|
_, _, _, _, _, err = ClusterUp(context.Background(), rkeConfig, hosts.DindConnFactory, hosts.DindHealthcheckConnFactory, nil, false, "", false, disablePortCheck)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-14 22:04:56 +00:00
|
|
|
func getDindConfig(ctx *cli.Context) (*v3.RancherKubernetesEngineConfig, bool, error) {
|
2018-07-10 19:21:27 +00:00
|
|
|
disablePortCheck := ctx.Bool("disable-port-check")
|
|
|
|
|
clusterFile, filePath, err := resolveClusterFile(ctx)
|
|
|
|
|
if err != nil {
|
2018-08-14 22:04:56 +00:00
|
|
|
return nil, disablePortCheck, fmt.Errorf("Failed to resolve cluster file: %v", err)
|
2018-07-10 19:21:27 +00:00
|
|
|
}
|
|
|
|
|
clusterFilePath = filePath
|
|
|
|
|
|
|
|
|
|
rkeConfig, err := cluster.ParseConfig(clusterFile)
|
|
|
|
|
if err != nil {
|
2018-08-14 22:04:56 +00:00
|
|
|
return nil, disablePortCheck, fmt.Errorf("Failed to parse cluster file: %v", err)
|
2018-07-10 19:21:27 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rkeConfig, err = setOptionsFromCLI(ctx, rkeConfig)
|
|
|
|
|
if err != nil {
|
2018-08-14 22:04:56 +00:00
|
|
|
return nil, disablePortCheck, err
|
2018-07-10 19:21:27 +00:00
|
|
|
}
|
|
|
|
|
// Setting conntrack max for kubeproxy to 0
|
|
|
|
|
if rkeConfig.Services.Kubeproxy.ExtraArgs == nil {
|
|
|
|
|
rkeConfig.Services.Kubeproxy.ExtraArgs = make(map[string]string)
|
|
|
|
|
}
|
|
|
|
|
rkeConfig.Services.Kubeproxy.ExtraArgs["conntrack-max-per-core"] = "0"
|
|
|
|
|
|
2018-08-14 22:04:56 +00:00
|
|
|
return rkeConfig, disablePortCheck, nil
|
2018-07-10 19:21:27 +00:00
|
|
|
}
|
|
|
|
|
|
2018-08-14 22:04:56 +00:00
|
|
|
func createDINDEnv(ctx context.Context, rkeConfig *v3.RancherKubernetesEngineConfig) error {
|
|
|
|
|
for i := range rkeConfig.Nodes {
|
|
|
|
|
address, err := dind.StartUpDindContainer(ctx, rkeConfig.Nodes[i].Address, dind.DINDNetwork)
|
|
|
|
|
if err != nil {
|
2018-07-10 19:21:27 +00:00
|
|
|
return err
|
|
|
|
|
}
|
2018-08-14 22:04:56 +00:00
|
|
|
if rkeConfig.Nodes[i].HostnameOverride == "" {
|
|
|
|
|
rkeConfig.Nodes[i].HostnameOverride = rkeConfig.Nodes[i].Address
|
|
|
|
|
}
|
|
|
|
|
rkeConfig.Nodes[i].Address = address
|
2018-07-10 19:21:27 +00:00
|
|
|
}
|
|
|
|
|
time.Sleep(DINDWaitTime * time.Second)
|
|
|
|
|
return nil
|
|
|
|
|
}
|
