Use Cluster structure

Use separate cluster package Save cluster state and certs to kubernetes Handle Remove and sync cluster state/crts Reuse kubernetes client and combine image and version Separate building functions and small fixes
2025-09-13 05:34:11 +00:00 · 2017-11-02 12:07:10 +02:00
parent c4677f8ee6
commit 9974d53e57
23 changed files with 735 additions and 323 deletions
--- a/pki/deploy.go
+++ b/pki/deploy.go
@@ -6,7 +6,6 @@ import (
 	"crypto/x509"
 	"fmt"
 	"io/ioutil"
-	"os"
 	"time"

 	"github.com/Sirupsen/logrus"
@@ -19,44 +18,39 @@ import (

 func convertCrtToENV(name string, certificate *x509.Certificate) string {
 	encodedCrt := cert.EncodeCertPEM(certificate)
-	return name + "=" + string(encodedCrt)
+	return fmt.Sprintf("%s=%s", name, string(encodedCrt))
 }

 func convertKeyToENV(name string, key *rsa.PrivateKey) string {
 	encodedKey := cert.EncodePrivateKeyPEM(key)
-	return name + "=" + string(encodedKey)
+	return fmt.Sprintf("%s=%s", name, string(encodedKey))
 }

 func convertConfigToENV(name string, config string) string {
-	return name + "=" + config
+	return fmt.Sprintf("%s=%s", name, config)
 }

-func deployCertificatesOnMasters(cpHosts []hosts.Host, crtMap map[string]CertificatePKI, forceDeploy bool) error {
-	forceDeployEnv := "FORCE_DEPLOY=false"
-	if forceDeploy {
-		forceDeployEnv = "FORCE_DEPLOY=true"
-	}
+func DeployCertificatesOnMasters(cpHosts []hosts.Host, crtMap map[string]CertificatePKI) error {
 	env := []string{
-		forceDeployEnv,
-		convertCrtToENV(CACertENVName, crtMap[CACertName].certificate),
-		convertKeyToENV(CAKeyENVName, crtMap[CACertName].key),
-		convertCrtToENV(KubeAPICertENVName, crtMap[KubeAPICertName].certificate),
-		convertKeyToENV(KubeAPIKeyENVName, crtMap[KubeAPICertName].key),
-		convertCrtToENV(KubeControllerCertENVName, crtMap[KubeControllerName].certificate),
-		convertKeyToENV(KubeControllerKeyENVName, crtMap[KubeControllerName].key),
-		convertConfigToENV(KubeControllerConfigENVName, crtMap[KubeControllerName].config),
-		convertCrtToENV(KubeSchedulerCertENVName, crtMap[KubeSchedulerName].certificate),
-		convertKeyToENV(KubeSchedulerKeyENVName, crtMap[KubeSchedulerName].key),
-		convertConfigToENV(KubeSchedulerConfigENVName, crtMap[KubeSchedulerName].config),
-		convertCrtToENV(KubeProxyCertENVName, crtMap[KubeProxyName].certificate),
-		convertKeyToENV(KubeProxyKeyENVName, crtMap[KubeProxyName].key),
-		convertConfigToENV(KubeProxyConfigENVName, crtMap[KubeProxyName].config),
-		convertCrtToENV(KubeNodeCertENVName, crtMap[KubeNodeName].certificate),
-		convertKeyToENV(KubeNodeKeyENVName, crtMap[KubeNodeName].key),
-		convertConfigToENV(KubeNodeConfigENVName, crtMap[KubeNodeName].config),
+		convertCrtToENV(CACertENVName, crtMap[CACertName].Certificate),
+		convertKeyToENV(CAKeyENVName, crtMap[CACertName].Key),
+		convertCrtToENV(KubeAPICertENVName, crtMap[KubeAPICertName].Certificate),
+		convertKeyToENV(KubeAPIKeyENVName, crtMap[KubeAPICertName].Key),
+		convertCrtToENV(KubeControllerCertENVName, crtMap[KubeControllerName].Certificate),
+		convertKeyToENV(KubeControllerKeyENVName, crtMap[KubeControllerName].Key),
+		convertConfigToENV(KubeControllerConfigENVName, crtMap[KubeControllerName].Config),
+		convertCrtToENV(KubeSchedulerCertENVName, crtMap[KubeSchedulerName].Certificate),
+		convertKeyToENV(KubeSchedulerKeyENVName, crtMap[KubeSchedulerName].Key),
+		convertConfigToENV(KubeSchedulerConfigENVName, crtMap[KubeSchedulerName].Config),
+		convertCrtToENV(KubeProxyCertENVName, crtMap[KubeProxyName].Certificate),
+		convertKeyToENV(KubeProxyKeyENVName, crtMap[KubeProxyName].Key),
+		convertConfigToENV(KubeProxyConfigENVName, crtMap[KubeProxyName].Config),
+		convertCrtToENV(KubeNodeCertENVName, crtMap[KubeNodeName].Certificate),
+		convertKeyToENV(KubeNodeKeyENVName, crtMap[KubeNodeName].Key),
+		convertConfigToENV(KubeNodeConfigENVName, crtMap[KubeNodeName].Config),
 	}
-	for _, host := range cpHosts {
-		err := doRunDeployer(&host, env)
+	for i := range cpHosts {
+		err := doRunDeployer(&cpHosts[i], env)
 		if err != nil {
 			return err
 		}
@@ -64,23 +58,18 @@ func deployCertificatesOnMasters(cpHosts []hosts.Host, crtMap map[string]Certifi
 	return nil
 }

-func deployCertificatesOnWorkers(workerHosts []hosts.Host, crtMap map[string]CertificatePKI, forceDeploy bool) error {
-	forceDeployEnv := "FORCE_DEPLOY=false"
-	if forceDeploy {
-		forceDeployEnv = "FORCE_DEPLOY=true"
-	}
+func DeployCertificatesOnWorkers(workerHosts []hosts.Host, crtMap map[string]CertificatePKI) error {
 	env := []string{
-		forceDeployEnv,
-		convertCrtToENV(CACertENVName, crtMap[CACertName].certificate),
-		convertCrtToENV(KubeProxyCertENVName, crtMap[KubeProxyName].certificate),
-		convertKeyToENV(KubeProxyKeyENVName, crtMap[KubeProxyName].key),
-		convertConfigToENV(KubeProxyConfigENVName, crtMap[KubeProxyName].config),
-		convertCrtToENV(KubeNodeCertENVName, crtMap[KubeNodeName].certificate),
-		convertKeyToENV(KubeNodeKeyENVName, crtMap[KubeNodeName].key),
-		convertConfigToENV(KubeNodeConfigENVName, crtMap[KubeNodeName].config),
+		convertCrtToENV(CACertENVName, crtMap[CACertName].Certificate),
+		convertCrtToENV(KubeProxyCertENVName, crtMap[KubeProxyName].Certificate),
+		convertKeyToENV(KubeProxyKeyENVName, crtMap[KubeProxyName].Key),
+		convertConfigToENV(KubeProxyConfigENVName, crtMap[KubeProxyName].Config),
+		convertCrtToENV(KubeNodeCertENVName, crtMap[KubeNodeName].Certificate),
+		convertKeyToENV(KubeNodeKeyENVName, crtMap[KubeNodeName].Key),
+		convertConfigToENV(KubeNodeConfigENVName, crtMap[KubeNodeName].Config),
 	}
-	for _, host := range workerHosts {
-		err := doRunDeployer(&host, env)
+	for i := range workerHosts {
+		err := doRunDeployer(&workerHosts[i], env)
 		if err != nil {
 			return err
 		}
@@ -90,7 +79,7 @@ func deployCertificatesOnWorkers(workerHosts []hosts.Host, crtMap map[string]Cer

 func doRunDeployer(host *hosts.Host, containerEnv []string) error {
 	logrus.Debugf("[certificates] Pulling Certificate downloader Image on host [%s]", host.Hostname)
-	err := docker.PullImage(host, CrtDownloaderImage)
+	err := docker.PullImage(host.DClient, host.Hostname, CrtDownloaderImage)
 	if err != nil {
 		return err
 	}
@@ -115,7 +104,7 @@ func doRunDeployer(host *hosts.Host, containerEnv []string) error {
 	}
 	logrus.Debugf("[certificates] Successfully started Certificate deployer container: %s", resp.ID)
 	for {
-		isDeployerRunning, err := docker.IsContainerRunning(host, CrtDownloaderContainer)
+		isDeployerRunning, err := docker.IsContainerRunning(host.DClient, host.Hostname, CrtDownloaderContainer)
 		if err != nil {
 			return err
 		}
@@ -130,13 +119,11 @@ func doRunDeployer(host *hosts.Host, containerEnv []string) error {
 	}
 }

-func deployAdminConfig(kubeConfig string, forceDeploy bool) error {
+func DeployAdminConfig(kubeConfig string) error {
 	logrus.Debugf("Deploying admin Kubeconfig locally: %s", kubeConfig)
-	if _, err := os.Stat(KubeAdminConfigPath); os.IsNotExist(err) || forceDeploy {
-		err := ioutil.WriteFile(KubeAdminConfigPath, []byte(kubeConfig), 0644)
-		if err != nil {
-			return fmt.Errorf("Failed to create local admin kubeconfig file: %v", err)
-		}
+	err := ioutil.WriteFile(KubeAdminConfigPath, []byte(kubeConfig), 0644)
+	if err != nil {
+		return fmt.Errorf("Failed to create local admin kubeconfig file: %v", err)
 	}
 	return nil
 }