2019-01-09 16:54:15 +00:00
|
|
|
package cmds
|
|
|
|
|
|
|
|
import (
|
|
|
|
"os"
|
|
|
|
"path/filepath"
|
|
|
|
|
2020-08-11 23:17:32 +00:00
|
|
|
"github.com/pkg/errors"
|
2020-05-05 22:09:04 +00:00
|
|
|
"github.com/rancher/k3s/pkg/version"
|
2020-07-10 17:34:00 +00:00
|
|
|
"github.com/rancher/spur/cli"
|
|
|
|
"github.com/rancher/spur/cli/altsrc"
|
2019-01-09 16:54:15 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type Agent struct {
|
2019-03-04 06:29:06 +00:00
|
|
|
Token string
|
2019-03-04 17:10:01 +00:00
|
|
|
TokenFile string
|
2019-11-14 19:42:42 +00:00
|
|
|
ClusterSecret string
|
2019-03-24 19:19:05 +00:00
|
|
|
ServerURL string
|
2019-07-24 07:22:31 +00:00
|
|
|
DisableLoadBalancer bool
|
2019-03-26 22:15:16 +00:00
|
|
|
ResolvConf string
|
2019-03-04 06:29:06 +00:00
|
|
|
DataDir string
|
|
|
|
NodeIP string
|
2019-10-15 21:17:26 +00:00
|
|
|
NodeExternalIP string
|
2019-03-04 06:29:06 +00:00
|
|
|
NodeName string
|
2019-05-03 17:36:12 +00:00
|
|
|
PauseImage string
|
2020-07-17 23:16:23 +00:00
|
|
|
Snapshotter string
|
2019-03-04 06:29:06 +00:00
|
|
|
Docker bool
|
|
|
|
ContainerRuntimeEndpoint string
|
|
|
|
NoFlannel bool
|
2019-03-19 23:28:43 +00:00
|
|
|
FlannelIface string
|
2019-08-08 05:56:09 +00:00
|
|
|
FlannelConf string
|
2019-03-04 06:29:06 +00:00
|
|
|
Debug bool
|
2019-03-08 22:47:44 +00:00
|
|
|
Rootless bool
|
2019-10-19 10:18:51 +00:00
|
|
|
RootlessAlreadyUnshared bool
|
2019-11-05 09:45:07 +00:00
|
|
|
WithNodeID bool
|
2020-08-11 23:17:32 +00:00
|
|
|
EnableSELinux bool
|
2020-07-10 17:34:00 +00:00
|
|
|
ExtraKubeletArgs []string
|
|
|
|
ExtraKubeProxyArgs []string
|
|
|
|
Labels []string
|
|
|
|
Taints []string
|
|
|
|
PrivateRegistry string
|
2020-07-14 22:46:10 +00:00
|
|
|
ProtectKernelDefaults bool
|
2019-01-09 16:54:15 +00:00
|
|
|
AgentShared
|
|
|
|
}
|
|
|
|
|
|
|
|
type AgentShared struct {
|
|
|
|
NodeIP string
|
|
|
|
}
|
|
|
|
|
|
|
|
var (
|
|
|
|
appName = filepath.Base(os.Args[0])
|
|
|
|
AgentConfig Agent
|
|
|
|
NodeIPFlag = cli.StringFlag{
|
|
|
|
Name: "node-ip,i",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(agent/networking) IP address to advertise for node",
|
2019-01-09 16:54:15 +00:00
|
|
|
Destination: &AgentConfig.NodeIP,
|
|
|
|
}
|
2019-10-15 21:17:26 +00:00
|
|
|
NodeExternalIPFlag = cli.StringFlag{
|
|
|
|
Name: "node-external-ip",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(agent/networking) External IP address to advertise for node",
|
2019-10-15 21:17:26 +00:00
|
|
|
Destination: &AgentConfig.NodeExternalIP,
|
|
|
|
}
|
2019-01-09 16:54:15 +00:00
|
|
|
NodeNameFlag = cli.StringFlag{
|
|
|
|
Name: "node-name",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(agent/node) Node name",
|
2020-07-10 17:34:00 +00:00
|
|
|
EnvVars: []string{version.ProgramUpper + "_NODE_NAME"},
|
2019-01-09 16:54:15 +00:00
|
|
|
Destination: &AgentConfig.NodeName,
|
|
|
|
}
|
2019-11-05 09:45:07 +00:00
|
|
|
WithNodeIDFlag = cli.BoolFlag{
|
|
|
|
Name: "with-node-id",
|
|
|
|
Usage: "(agent/node) Append id to node name",
|
|
|
|
Destination: &AgentConfig.WithNodeID,
|
|
|
|
}
|
2019-03-02 00:10:18 +00:00
|
|
|
DockerFlag = cli.BoolFlag{
|
|
|
|
Name: "docker",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(agent/runtime) Use docker instead of containerd",
|
2019-03-02 00:10:18 +00:00
|
|
|
Destination: &AgentConfig.Docker,
|
|
|
|
}
|
2019-10-27 05:53:25 +00:00
|
|
|
CRIEndpointFlag = cli.StringFlag{
|
|
|
|
Name: "container-runtime-endpoint",
|
|
|
|
Usage: "(agent/runtime) Disable embedded containerd and use alternative CRI implementation",
|
|
|
|
Destination: &AgentConfig.ContainerRuntimeEndpoint,
|
|
|
|
}
|
|
|
|
PrivateRegistryFlag = cli.StringFlag{
|
|
|
|
Name: "private-registry",
|
|
|
|
Usage: "(agent/runtime) Private registry configuration file",
|
|
|
|
Destination: &AgentConfig.PrivateRegistry,
|
2020-05-05 22:09:04 +00:00
|
|
|
Value: "/etc/rancher/" + version.Program + "/registries.yaml",
|
2019-10-27 05:53:25 +00:00
|
|
|
}
|
|
|
|
PauseImageFlag = cli.StringFlag{
|
|
|
|
Name: "pause-image",
|
2019-12-10 23:16:26 +00:00
|
|
|
Usage: "(agent/runtime) Customized pause image for containerd or docker sandbox",
|
2019-10-27 05:53:25 +00:00
|
|
|
Destination: &AgentConfig.PauseImage,
|
2019-12-10 23:16:26 +00:00
|
|
|
Value: "docker.io/rancher/pause:3.1",
|
2019-10-27 05:53:25 +00:00
|
|
|
}
|
2020-07-17 23:16:23 +00:00
|
|
|
SnapshotterFlag = cli.StringFlag{
|
|
|
|
Name: "snapshotter",
|
|
|
|
Usage: "(agent/runtime) Override default containerd snapshotter",
|
|
|
|
Destination: &AgentConfig.Snapshotter,
|
|
|
|
Value: "overlayfs",
|
|
|
|
}
|
2019-03-02 00:10:18 +00:00
|
|
|
FlannelFlag = cli.BoolFlag{
|
|
|
|
Name: "no-flannel",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(deprecated) use --flannel-backend=none",
|
2019-03-02 00:10:18 +00:00
|
|
|
Destination: &AgentConfig.NoFlannel,
|
|
|
|
}
|
2019-03-19 23:28:43 +00:00
|
|
|
FlannelIfaceFlag = cli.StringFlag{
|
|
|
|
Name: "flannel-iface",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(agent/networking) Override default flannel interface",
|
2019-03-19 23:28:43 +00:00
|
|
|
Destination: &AgentConfig.FlannelIface,
|
|
|
|
}
|
2019-08-08 05:56:09 +00:00
|
|
|
FlannelConfFlag = cli.StringFlag{
|
|
|
|
Name: "flannel-conf",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(agent/networking) Override default flannel config file",
|
2019-08-08 05:56:09 +00:00
|
|
|
Destination: &AgentConfig.FlannelConf,
|
|
|
|
}
|
2019-03-26 22:15:16 +00:00
|
|
|
ResolvConfFlag = cli.StringFlag{
|
|
|
|
Name: "resolv-conf",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(agent/networking) Kubelet resolv.conf file",
|
2020-07-10 17:34:00 +00:00
|
|
|
EnvVars: []string{version.ProgramUpper + "_RESOLV_CONF"},
|
2019-03-26 22:15:16 +00:00
|
|
|
Destination: &AgentConfig.ResolvConf,
|
|
|
|
}
|
2019-04-05 00:43:00 +00:00
|
|
|
ExtraKubeletArgs = cli.StringSliceFlag{
|
2020-07-10 17:34:00 +00:00
|
|
|
Name: "kubelet-arg",
|
|
|
|
Usage: "(agent/flags) Customized flag for kubelet process",
|
|
|
|
Destination: &AgentConfig.ExtraKubeletArgs,
|
2019-04-05 00:43:00 +00:00
|
|
|
}
|
|
|
|
ExtraKubeProxyArgs = cli.StringSliceFlag{
|
2020-07-10 17:34:00 +00:00
|
|
|
Name: "kube-proxy-arg",
|
|
|
|
Usage: "(agent/flags) Customized flag for kube-proxy process",
|
|
|
|
Destination: &AgentConfig.ExtraKubeProxyArgs,
|
2019-04-05 00:43:00 +00:00
|
|
|
}
|
2019-05-07 23:47:07 +00:00
|
|
|
NodeTaints = cli.StringSliceFlag{
|
2020-07-10 17:34:00 +00:00
|
|
|
Name: "node-taint",
|
|
|
|
Usage: "(agent/node) Registering kubelet with set of taints",
|
|
|
|
Destination: &AgentConfig.Taints,
|
2019-05-07 23:47:07 +00:00
|
|
|
}
|
|
|
|
NodeLabels = cli.StringSliceFlag{
|
2020-07-10 17:34:00 +00:00
|
|
|
Name: "node-label",
|
|
|
|
Usage: "(agent/node) Registering and starting kubelet with set of labels",
|
|
|
|
Destination: &AgentConfig.Labels,
|
2019-05-07 23:47:07 +00:00
|
|
|
}
|
2020-02-28 17:10:55 +00:00
|
|
|
DisableSELinuxFlag = cli.BoolFlag{
|
2020-08-11 23:17:32 +00:00
|
|
|
Name: "disable-selinux",
|
|
|
|
Usage: "(deprecated) Use --selinux to explicitly enable SELinux",
|
|
|
|
Hidden: true,
|
|
|
|
Value: true, // disabled by default
|
2020-02-28 17:10:55 +00:00
|
|
|
}
|
2020-07-14 22:46:10 +00:00
|
|
|
ProtectKernelDefaultsFlag = cli.BoolFlag{
|
|
|
|
Name: "protect-kernel-defaults",
|
2020-07-14 22:55:18 +00:00
|
|
|
Usage: "(agent/node) Kernel tuning behavior. If set, error if kernel tunables are different than kubelet defaults.",
|
2020-07-14 22:46:10 +00:00
|
|
|
Destination: &AgentConfig.ProtectKernelDefaults,
|
|
|
|
}
|
2020-08-11 23:17:32 +00:00
|
|
|
SELinuxFlag = cli.BoolFlag{
|
|
|
|
Name: "selinux",
|
|
|
|
Usage: "(agent/node) Enable SELinux in containerd",
|
|
|
|
Hidden: false,
|
|
|
|
Destination: &AgentConfig.EnableSELinux,
|
|
|
|
EnvVars: []string{version.ProgramUpper + "_SELINUX"},
|
|
|
|
}
|
2019-01-09 16:54:15 +00:00
|
|
|
)
|
|
|
|
|
2020-08-11 23:17:32 +00:00
|
|
|
func CheckSELinuxFlags(ctx *cli.Context) error {
|
|
|
|
disable, enable := DisableSELinuxFlag.Name, SELinuxFlag.Name
|
|
|
|
switch {
|
|
|
|
case ctx.IsSet(disable) && ctx.IsSet(enable):
|
|
|
|
return errors.Errorf("--%s is deprecated in favor of --%s to affirmatively enable it in containerd", disable, enable)
|
|
|
|
case ctx.IsSet(disable):
|
|
|
|
AgentConfig.EnableSELinux = !ctx.Bool(disable)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
2020-07-10 17:34:00 +00:00
|
|
|
func NewAgentCommand(action func(ctx *cli.Context) error) *cli.Command {
|
|
|
|
return &cli.Command{
|
2019-01-09 16:54:15 +00:00
|
|
|
Name: "agent",
|
|
|
|
Usage: "Run node agent",
|
|
|
|
UsageText: appName + " agent [OPTIONS]",
|
2020-08-11 23:17:32 +00:00
|
|
|
Before: func(ctx *cli.Context) error {
|
|
|
|
if err := CheckSELinuxFlags(ctx); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return DebugContext(cli.InitAllInputSource(altsrc.NewConfigFromFlag(ConfigFlag.Name)))(ctx)
|
|
|
|
},
|
|
|
|
Action: InitLogging(action),
|
2019-01-09 16:54:15 +00:00
|
|
|
Flags: []cli.Flag{
|
2020-07-10 17:34:00 +00:00
|
|
|
&ConfigFlag,
|
|
|
|
&DebugFlag,
|
|
|
|
&VLevel,
|
|
|
|
&VModule,
|
|
|
|
&LogFile,
|
|
|
|
&AlsoLogToStderr,
|
|
|
|
&cli.StringFlag{
|
2019-01-09 16:54:15 +00:00
|
|
|
Name: "token,t",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(cluster) Token to use for authentication",
|
2020-07-10 17:34:00 +00:00
|
|
|
EnvVars: []string{version.ProgramUpper + "_TOKEN"},
|
2019-01-09 16:54:15 +00:00
|
|
|
Destination: &AgentConfig.Token,
|
|
|
|
},
|
2020-07-10 17:34:00 +00:00
|
|
|
&cli.StringFlag{
|
2019-03-02 00:07:55 +00:00
|
|
|
Name: "token-file",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(cluster) Token file to use for authentication",
|
2020-07-10 17:34:00 +00:00
|
|
|
EnvVars: []string{version.ProgramUpper + "_TOKEN_FILE"},
|
2019-03-02 00:07:55 +00:00
|
|
|
Destination: &AgentConfig.TokenFile,
|
|
|
|
},
|
2020-07-10 17:34:00 +00:00
|
|
|
&cli.StringFlag{
|
2019-01-09 16:54:15 +00:00
|
|
|
Name: "server,s",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(cluster) Server to connect to",
|
2020-07-10 17:34:00 +00:00
|
|
|
EnvVars: []string{version.ProgramUpper + "_URL"},
|
2019-01-09 16:54:15 +00:00
|
|
|
Destination: &AgentConfig.ServerURL,
|
|
|
|
},
|
2020-07-10 17:34:00 +00:00
|
|
|
&cli.StringFlag{
|
2019-01-09 16:54:15 +00:00
|
|
|
Name: "data-dir,d",
|
2019-10-27 05:53:25 +00:00
|
|
|
Usage: "(agent/data) Folder to hold state",
|
2019-01-09 16:54:15 +00:00
|
|
|
Destination: &AgentConfig.DataDir,
|
2020-05-05 22:09:04 +00:00
|
|
|
Value: "/var/lib/rancher/" + version.Program + "",
|
2019-01-09 16:54:15 +00:00
|
|
|
},
|
2020-07-10 17:34:00 +00:00
|
|
|
&NodeNameFlag,
|
|
|
|
&WithNodeIDFlag,
|
|
|
|
&NodeLabels,
|
|
|
|
&NodeTaints,
|
|
|
|
&DockerFlag,
|
|
|
|
&CRIEndpointFlag,
|
|
|
|
&PauseImageFlag,
|
2020-07-17 23:16:23 +00:00
|
|
|
&SnapshotterFlag,
|
2020-07-10 17:34:00 +00:00
|
|
|
&PrivateRegistryFlag,
|
|
|
|
&NodeIPFlag,
|
|
|
|
&NodeExternalIPFlag,
|
|
|
|
&ResolvConfFlag,
|
|
|
|
&FlannelIfaceFlag,
|
|
|
|
&FlannelConfFlag,
|
|
|
|
&ExtraKubeletArgs,
|
|
|
|
&ExtraKubeProxyArgs,
|
2020-07-14 22:46:10 +00:00
|
|
|
&ProtectKernelDefaultsFlag,
|
2020-07-10 17:34:00 +00:00
|
|
|
&cli.BoolFlag{
|
2019-10-27 05:53:25 +00:00
|
|
|
Name: "rootless",
|
|
|
|
Usage: "(experimental) Run rootless",
|
|
|
|
Destination: &AgentConfig.Rootless,
|
|
|
|
},
|
2020-08-11 23:17:32 +00:00
|
|
|
&SELinuxFlag,
|
2019-10-27 05:53:25 +00:00
|
|
|
|
|
|
|
// Deprecated/hidden below
|
|
|
|
|
2020-08-11 23:17:32 +00:00
|
|
|
&DisableSELinuxFlag,
|
2020-07-10 17:34:00 +00:00
|
|
|
&FlannelFlag,
|
|
|
|
&cli.StringFlag{
|
2019-10-27 05:53:25 +00:00
|
|
|
Name: "cluster-secret",
|
|
|
|
Usage: "(deprecated) use --token",
|
2019-11-14 19:42:42 +00:00
|
|
|
Destination: &AgentConfig.ClusterSecret,
|
2020-07-10 17:34:00 +00:00
|
|
|
EnvVars: []string{version.ProgramUpper + "_CLUSTER_SECRET"},
|
2019-10-27 05:53:25 +00:00
|
|
|
},
|
2019-01-09 16:54:15 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|