rke/cluster/hosts.go

package cluster

import (
	"fmt"
	"os"
	"path/filepath"
	"strings"
	"syscall"

	"github.com/rancher/rke/hosts"
	"github.com/rancher/rke/pki"
	"github.com/rancher/rke/services"
	"github.com/sirupsen/logrus"
	"golang.org/x/crypto/ssh"
	"golang.org/x/crypto/ssh/terminal"
)

const (
	DefaultSSHKeyPath = "/.ssh/id_rsa"
)

func (c *Cluster) TunnelHosts() error {
	key, err := checkEncryptedKey(c.SSHKeyPath)
	if err != nil {
		return fmt.Errorf("Failed to parse the private key: %v", err)
	}
	for i := range c.EtcdHosts {
		err := c.EtcdHosts[i].TunnelUp(key)
		if err != nil {
			return fmt.Errorf("Failed to set up SSH tunneling for Etcd hosts: %v", err)
		}
	}
	for i := range c.ControlPlaneHosts {
		err := c.ControlPlaneHosts[i].TunnelUp(key)
		if err != nil {
			return fmt.Errorf("Failed to set up SSH tunneling for Control hosts: %v", err)
		}
	}
	for i := range c.WorkerHosts {
		err := c.WorkerHosts[i].TunnelUp(key)
		if err != nil {
			return fmt.Errorf("Failed to set up SSH tunneling for Worker hosts: %v", err)
		}
	}
	return nil
}

func (c *Cluster) InvertIndexHosts() error {
	c.EtcdHosts = make([]*hosts.Host, 0)
	c.WorkerHosts = make([]*hosts.Host, 0)
	c.ControlPlaneHosts = make([]*hosts.Host, 0)
	for _, host := range c.Nodes {
		newHost := hosts.Host{
			RKEConfigNode: host,
		}
		for _, role := range host.Role {
			logrus.Debugf("Host: " + host.Address + " has role: " + role)
			switch role {
			case services.ETCDRole:
				c.EtcdHosts = append(c.EtcdHosts, &newHost)
			case services.ControlRole:
				newHost.IsControl = true
				c.ControlPlaneHosts = append(c.ControlPlaneHosts, &newHost)
			case services.WorkerRole:
				newHost.IsWorker = true
				c.WorkerHosts = append(c.WorkerHosts, &newHost)
			default:
				return fmt.Errorf("Failed to recognize host [%s] role %s", host.Address, role)
			}
		}
	}
	return nil
}

func (c *Cluster) SetUpHosts() error {
	if c.Authentication.Strategy == X509AuthenticationProvider {
		logrus.Infof("[certificates] Deploying kubernetes certificates to Cluster nodes")
		err := pki.DeployCertificatesOnMasters(c.ControlPlaneHosts, c.Certificates)
		if err != nil {
			return err
		}
		err = pki.DeployCertificatesOnWorkers(c.WorkerHosts, c.Certificates)
		if err != nil {
			return err
		}
		err = pki.DeployAdminConfig(c.Certificates[pki.KubeAdminCommonName].Config, c.LocalKubeConfigPath)
		if err != nil {
			return err
		}
		logrus.Infof("[certificates] Successfully deployed kubernetes certificates to Cluster nodes")
	}
	return nil
}

func CheckEtcdHostsChanged(kubeCluster, currentCluster *Cluster) error {
	if currentCluster != nil {
		etcdChanged := hosts.IsHostListChanged(currentCluster.EtcdHosts, kubeCluster.EtcdHosts)
		if etcdChanged {
			return fmt.Errorf("Adding or removing Etcd nodes is not supported")
		}
	}
	return nil
}

func checkEncryptedKey(sshKeyPath string) (ssh.Signer, error) {
	logrus.Infof("[ssh] Checking private key")
	key, err := hosts.ParsePrivateKey(privateKeyPath(sshKeyPath))
	if err != nil {
		if strings.Contains(err.Error(), "decode encrypted private keys") {
			fmt.Printf("Passphrase for Private SSH Key: ")
			passphrase, err := terminal.ReadPassword(int(syscall.Stdin))
			fmt.Printf("\n")
			if err != nil {
				return nil, err
			}
			key, err = hosts.ParsePrivateKeyWithPassPhrase(privateKeyPath(sshKeyPath), passphrase)
			if err != nil {
				return nil, err
			}
		} else {
			return nil, err
		}
	}
	return key, nil
}

func privateKeyPath(sshKeyPath string) string {
	if len(sshKeyPath) == 0 {
		return os.Getenv("HOME") + DefaultSSHKeyPath
	} else if sshKeyPath[:2] == "~/" {
		return filepath.Join(os.Getenv("HOME"), sshKeyPath[2:])
	}
	return sshKeyPath
}
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`package cluster`

			`import (`
			`"fmt"`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`"os"`
Fix tilde in ssh key path 2017-11-30 15:53:11 +00:00			`"path/filepath"`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`"strings"`
			`"syscall"`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00
			`"github.com/rancher/rke/hosts"`
			`"github.com/rancher/rke/pki"`
			`"github.com/rancher/rke/services"`
Use rancher/types 2017-11-13 21:28:38 +00:00			`"github.com/sirupsen/logrus"`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`"golang.org/x/crypto/ssh"`
			`"golang.org/x/crypto/ssh/terminal"`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`)`

Add ssh private key path 2017-11-21 20:26:26 +00:00			`const (`
			`DefaultSSHKeyPath = "/.ssh/id_rsa"`
			`)`

Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`func (c *Cluster) TunnelHosts() error {`
Add ssh private key path 2017-11-21 20:26:26 +00:00			`key, err := checkEncryptedKey(c.SSHKeyPath)`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`if err != nil {`
			`return fmt.Errorf("Failed to parse the private key: %v", err)`
			`}`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`for i := range c.EtcdHosts {`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`err := c.EtcdHosts[i].TunnelUp(key)`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`if err != nil {`
			`return fmt.Errorf("Failed to set up SSH tunneling for Etcd hosts: %v", err)`
			`}`
			`}`
			`for i := range c.ControlPlaneHosts {`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`err := c.ControlPlaneHosts[i].TunnelUp(key)`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`if err != nil {`
			`return fmt.Errorf("Failed to set up SSH tunneling for Control hosts: %v", err)`
			`}`
			`}`
			`for i := range c.WorkerHosts {`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`err := c.WorkerHosts[i].TunnelUp(key)`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`if err != nil {`
			`return fmt.Errorf("Failed to set up SSH tunneling for Worker hosts: %v", err)`
			`}`
			`}`
			`return nil`
			`}`

			`func (c *Cluster) InvertIndexHosts() error {`
Refactor reconcilation Add role based add/delete for services Use pointers for hosts Consistent log format 2017-11-30 23:16:45 +00:00			`c.EtcdHosts = make([]*hosts.Host, 0)`
			`c.WorkerHosts = make([]*hosts.Host, 0)`
			`c.ControlPlaneHosts = make([]*hosts.Host, 0)`
Structure and config changes 2017-11-28 17:45:24 +00:00			`for _, host := range c.Nodes {`
Refactor reconcilation Add role based add/delete for services Use pointers for hosts Consistent log format 2017-11-30 23:16:45 +00:00			`newHost := hosts.Host{`
			`RKEConfigNode: host,`
			`}`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`for _, role := range host.Role {`
Structure and config changes 2017-11-28 17:45:24 +00:00			`logrus.Debugf("Host: " + host.Address + " has role: " + role)`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`switch role {`
			`case services.ETCDRole:`
Refactor reconcilation Add role based add/delete for services Use pointers for hosts Consistent log format 2017-11-30 23:16:45 +00:00			`c.EtcdHosts = append(c.EtcdHosts, &newHost)`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`case services.ControlRole:`
Refactor reconcilation Add role based add/delete for services Use pointers for hosts Consistent log format 2017-11-30 23:16:45 +00:00			`newHost.IsControl = true`
			`c.ControlPlaneHosts = append(c.ControlPlaneHosts, &newHost)`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`case services.WorkerRole:`
Refactor reconcilation Add role based add/delete for services Use pointers for hosts Consistent log format 2017-11-30 23:16:45 +00:00			`newHost.IsWorker = true`
			`c.WorkerHosts = append(c.WorkerHosts, &newHost)`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`default:`
Structure and config changes 2017-11-28 17:45:24 +00:00			`return fmt.Errorf("Failed to recognize host [%s] role %s", host.Address, role)`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`}`
			`}`
			`}`
			`return nil`
			`}`

Use RKE cluster controller structures 2017-11-09 19:50:49 +00:00			`func (c *Cluster) SetUpHosts() error {`
Update rancher types 2017-11-14 18:11:21 +00:00			`if c.Authentication.Strategy == X509AuthenticationProvider {`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`logrus.Infof("[certificates] Deploying kubernetes certificates to Cluster nodes")`
			`err := pki.DeployCertificatesOnMasters(c.ControlPlaneHosts, c.Certificates)`
			`if err != nil {`
			`return err`
			`}`
			`err = pki.DeployCertificatesOnWorkers(c.WorkerHosts, c.Certificates)`
			`if err != nil {`
			`return err`
			`}`
Add HA Add relative path for local kube config Add default cluster yaml config name 2017-11-15 01:12:33 +00:00			`err = pki.DeployAdminConfig(c.Certificates[pki.KubeAdminCommonName].Config, c.LocalKubeConfigPath)`
Use Cluster structure Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes 2017-11-02 10:07:10 +00:00			`if err != nil {`
			`return err`
			`}`
			`logrus.Infof("[certificates] Successfully deployed kubernetes certificates to Cluster nodes")`
			`}`
			`return nil`
			`}`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00
Add error messages for adding/removing nodes while upgrade 2017-11-26 20:09:26 +00:00			`func CheckEtcdHostsChanged(kubeCluster, currentCluster *Cluster) error {`
Fix check for etcd hosts 2017-11-26 23:27:39 +00:00			`if currentCluster != nil {`
			`etcdChanged := hosts.IsHostListChanged(currentCluster.EtcdHosts, kubeCluster.EtcdHosts)`
			`if etcdChanged {`
			`return fmt.Errorf("Adding or removing Etcd nodes is not supported")`
			`}`
Add error messages for adding/removing nodes while upgrade 2017-11-26 20:09:26 +00:00			`}`
			`return nil`
			`}`

Add ssh private key path 2017-11-21 20:26:26 +00:00			`func checkEncryptedKey(sshKeyPath string) (ssh.Signer, error) {`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`logrus.Infof("[ssh] Checking private key")`
Add ssh private key path 2017-11-21 20:26:26 +00:00			`key, err := hosts.ParsePrivateKey(privateKeyPath(sshKeyPath))`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`if err != nil {`
			`if strings.Contains(err.Error(), "decode encrypted private keys") {`
			`fmt.Printf("Passphrase for Private SSH Key: ")`
			`passphrase, err := terminal.ReadPassword(int(syscall.Stdin))`
			`fmt.Printf("\n")`
			`if err != nil {`
			`return nil, err`
			`}`
Add ssh private key path 2017-11-21 20:26:26 +00:00			`key, err = hosts.ParsePrivateKeyWithPassPhrase(privateKeyPath(sshKeyPath), passphrase)`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`if err != nil {`
			`return nil, err`
			`}`
			`} else {`
			`return nil, err`
			`}`
			`}`
			`return key, nil`
			`}`

Add ssh private key path 2017-11-21 20:26:26 +00:00			`func privateKeyPath(sshKeyPath string) string {`
			`if len(sshKeyPath) == 0 {`
			`return os.Getenv("HOME") + DefaultSSHKeyPath`
Fix tilde in ssh key path 2017-11-30 15:53:11 +00:00			`} else if sshKeyPath[:2] == "~/" {`
			`return filepath.Join(os.Getenv("HOME"), sshKeyPath[2:])`
Add ssh private key path 2017-11-21 20:26:26 +00:00			`}`
			`return sshKeyPath`
Fix encrypted key issue 2017-11-17 21:33:07 +00:00			`}`