rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-09-09 11:01:40 +00:00
Code Issues Releases Wiki Activity

Run rebuild cluster certs from clusterup

Browse Source
This commit is contained in:
galal-hussein
2018-12-21 00:01:42 +02:00
committed by Alena Prokharchyk
parent 918b4ad669
commit 3c6c7f1b7b
3 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cluster/certificates.go
View File

@@ -177,7 +177,8 @@ func RotateRKECertificates(ctx context.Context, c *Cluster, flags ExternalFlags,
}
}
}
if len(rotateFlags.Services) == 0 {
// to handle kontainer engine sending empty string for services
if len(rotateFlags.Services) == 0 || (len(rotateFlags.Services) == 1 && rotateFlags.Services[0] == "") {
// do not rotate service account token
if c.Certificates[pki.ServiceAccountTokenKeyName].Key != nil {
serviceAccountTokenKey = string(cert.EncodePrivateKeyPEM(c.Certificates[pki.ServiceAccountTokenKeyName].Key))

4
cmd/cert.go
View File

@@ -77,7 +77,7 @@ func rotateRKECertificatesFromCli(ctx *cli.Context) error {
if err := ClusterInit(context.Background(), rkeConfig, hosts.DialersOptions{}, externalFlags); err != nil {
return err
}
_, _, _, _, _, err = RebuildClusterWithRotatedCertificates(context.Background(), hosts.DialersOptions{}, externalFlags)
_, _, _, _, _, err = ClusterUp(context.Background(), hosts.DialersOptions{}, externalFlags)
return err
}
@@ -85,7 +85,7 @@ func showRKECertificatesFromCli(ctx *cli.Context) error {
return nil
}
func RebuildClusterWithRotatedCertificates(ctx context.Context,
func rebuildClusterWithRotatedCertificates(ctx context.Context,
dialersOptions hosts.DialersOptions,
flags cluster.ExternalFlags) (string, string, string, string, map[string]pki.CertificatePKI, error) {
var APIURL, caCrt, clientCert, clientKey string

6
cmd/up.go
View File

@@ -103,7 +103,6 @@ func doUpgradeLegacyCluster(ctx context.Context, kubeCluster *cluster.Cluster, f
}
func ClusterUp(ctx context.Context, dialersOptions hosts.DialersOptions, flags cluster.ExternalFlags) (string, string, string, string, map[string]pki.CertificatePKI, error) {
log.Infof(ctx, "Building Kubernetes cluster")
var APIURL, caCrt, clientCert, clientKey string
clusterState, err := cluster.ReadStateFile(ctx, cluster.GetStateFilePath(flags.ClusterFilePath, flags.ConfigDir))
@@ -115,7 +114,12 @@ func ClusterUp(ctx context.Context, dialersOptions hosts.DialersOptions, flags c
if err != nil {
return APIURL, caCrt, clientCert, clientKey, nil, err
}
// check if rotate certificates is triggered
if kubeCluster.RancherKubernetesEngineConfig.RotateCertificates != nil {
return rebuildClusterWithRotatedCertificates(ctx, dialersOptions, flags)
}
log.Infof(ctx, "Building Kubernetes cluster")
err = kubeCluster.SetupDialers(ctx, dialersOptions)
if err != nil {
return APIURL, caCrt, clientCert, clientKey, nil, err