From 34c41c1b05a5f9e0c10d7dbf542d2170b640fbc7 Mon Sep 17 00:00:00 2001 From: David Lewis Date: Tue, 13 Mar 2018 17:18:07 -0700 Subject: [PATCH 1/2] Add ClusterName support for kube config --- cluster.yml | 4 ++++ cluster/cluster.go | 7 ++++--- cluster/defaults.go | 4 ++++ pki/kubeconfig.go | 12 ++++++------ pki/pki.go | 1 + pki/util.go | 2 +- 6 files changed, 20 insertions(+), 10 deletions(-) diff --git a/cluster.yml b/cluster.yml index 14ae9494..49a8b5fd 100644 --- a/cluster.yml +++ b/cluster.yml @@ -132,6 +132,10 @@ ignore_docker_version: false kubernetes_version: v1.8.9-rancher1-1 +# If set, this is the cluster name that will be used in the kube config file +# Default value is "local" +cluster_name: mycluster + # List of registry credentials, if you are using a Docker Hub registry, # you can omit the `url` or set it to `docker.io` private_registries: diff --git a/cluster/cluster.go b/cluster/cluster.go index 7f266908..f451a387 100644 --- a/cluster/cluster.go +++ b/cluster/cluster.go @@ -180,13 +180,13 @@ func rebuildLocalAdminConfig(ctx context.Context, kubeCluster *Cluster) error { for _, cpHost := range kubeCluster.ControlPlaneHosts { if (currentKubeConfig == pki.CertificatePKI{}) { kubeCluster.Certificates = make(map[string]pki.CertificatePKI) - newConfig = getLocalAdminConfigWithNewAddress(kubeCluster.LocalKubeConfigPath, cpHost.Address) + newConfig = getLocalAdminConfigWithNewAddress(kubeCluster.LocalKubeConfigPath, cpHost.Address, kubeCluster.ClusterName) } else { kubeURL := fmt.Sprintf("https://%s:6443", cpHost.Address) caData := string(cert.EncodeCertPEM(caCrt)) crtData := string(cert.EncodeCertPEM(currentKubeConfig.Certificate)) keyData := string(cert.EncodePrivateKeyPEM(currentKubeConfig.Key)) - newConfig = pki.GetKubeConfigX509WithData(kubeURL, pki.KubeAdminCertName, caData, crtData, keyData) + newConfig = pki.GetKubeConfigX509WithData(kubeURL, kubeCluster.ClusterName, pki.KubeAdminCertName, caData, crtData, keyData) } if err := pki.DeployAdminConfig(ctx, newConfig, kubeCluster.LocalKubeConfigPath); err != nil { return fmt.Errorf("Failed to redeploy local admin config with new host") @@ -220,7 +220,7 @@ func getLocalConfigAddress(localConfigPath string) (string, error) { return address[2:], nil } -func getLocalAdminConfigWithNewAddress(localConfigPath, cpAddress string) string { +func getLocalAdminConfigWithNewAddress(localConfigPath, cpAddress string, clusterName string) string { config, _ := clientcmd.BuildConfigFromFlags("", localConfigPath) if config == nil { return "" @@ -228,6 +228,7 @@ func getLocalAdminConfigWithNewAddress(localConfigPath, cpAddress string) string config.Host = fmt.Sprintf("https://%s:6443", cpAddress) return pki.GetKubeConfigX509WithData( "https://"+cpAddress+":6443", + clusterName, pki.KubeAdminCertName, string(config.CAData), string(config.CertData), diff --git a/cluster/defaults.go b/cluster/defaults.go index 3730285f..ae7aab25 100644 --- a/cluster/defaults.go +++ b/cluster/defaults.go @@ -14,6 +14,7 @@ const ( DefaultClusterCIDR = "10.233.64.0/18" DefaultClusterDNSService = "10.233.0.3" DefaultClusterDomain = "cluster.local" + DefaultClusterName = "local" DefaultClusterSSHKeyPath = "~/.ssh/id_rsa" DefaultK8sVersion = v3.K8sV18 @@ -76,6 +77,9 @@ func (c *Cluster) setClusterDefaults(ctx context.Context) { if len(c.Ingress.Provider) == 0 { c.Ingress.Provider = DefaultIngressController } + if len(c.ClusterName) == 0 { + c.ClusterName = DefaultClusterName + } c.setClusterImageDefaults() c.setClusterKubernetesImageVersion(ctx) diff --git a/pki/kubeconfig.go b/pki/kubeconfig.go index a394e60f..edae423e 100644 --- a/pki/kubeconfig.go +++ b/pki/kubeconfig.go @@ -2,7 +2,7 @@ package pki import "encoding/base64" -func getKubeConfigX509(kubernetesURL string, componentName string, caPath string, crtPath string, keyPath string) string { +func getKubeConfigX509(kubernetesURL string, clusterName string, componentName string, caPath string, crtPath string, keyPath string) string { return `apiVersion: v1 kind: Config clusters: @@ -10,10 +10,10 @@ clusters: api-version: v1 certificate-authority: ` + caPath + ` server: "` + kubernetesURL + `" - name: "local" + name: "` + clusterName + `" contexts: - context: - cluster: "local" + cluster: "` + clusterName + `" user: "` + componentName + `" name: "Default" current-context: "Default" @@ -24,7 +24,7 @@ users: client-key: ` + keyPath + `` } -func GetKubeConfigX509WithData(kubernetesURL string, componentName string, cacrt string, crt string, key string) string { +func GetKubeConfigX509WithData(kubernetesURL string, clusterName string, componentName string, cacrt string, crt string, key string) string { return `apiVersion: v1 kind: Config clusters: @@ -32,10 +32,10 @@ clusters: api-version: v1 certificate-authority-data: ` + base64.StdEncoding.EncodeToString([]byte(cacrt)) + ` server: "` + kubernetesURL + `" - name: "local" + name: "` + clusterName + `" contexts: - context: - cluster: "local" + cluster: "` + clusterName + `" user: "` + componentName + `" name: "Default" current-context: "Default" diff --git a/pki/pki.go b/pki/pki.go index 9a6770cf..10c975c4 100644 --- a/pki/pki.go +++ b/pki/pki.go @@ -105,6 +105,7 @@ func GenerateRKECerts(ctx context.Context, rkeConfig v3.RancherKubernetesEngineC if len(cpHosts) > 0 { kubeAdminConfig := GetKubeConfigX509WithData( "https://"+cpHosts[0].Address+":6443", + rkeConfig.ClusterName, KubeAdminCertName, string(cert.EncodeCertPEM(caCrt)), string(cert.EncodeCertPEM(kubeAdminCrt)), diff --git a/pki/util.go b/pki/util.go index 55c1a47c..bfdbcd73 100644 --- a/pki/util.go +++ b/pki/util.go @@ -188,7 +188,7 @@ func ToCertObject(componentName, commonName, ouName string, cert *x509.Certifica keyPath := GetKeyPath(componentName) if componentName != CACertName && componentName != KubeAPICertName && !strings.Contains(componentName, EtcdCertName) { - config = getKubeConfigX509("https://127.0.0.1:6443", componentName, caCertPath, path, keyPath) + config = getKubeConfigX509("https://127.0.0.1:6443", "local", componentName, caCertPath, path, keyPath) configPath = GetConfigPath(componentName) configEnvName = getConfigEnvFromEnv(envName) } From 7be6846b8bf98f20da8ca43d70bc3825d0b6802d Mon Sep 17 00:00:00 2001 From: David Lewis Date: Thu, 22 Mar 2018 11:39:45 -0700 Subject: [PATCH 2/2] Vendor bump