github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Avoid making connections to the apiserver insecure by default in kube2sky.

pull/6/head
Vishnu Kannan 2015-05-22 16:07:58 -07:00
parent eab1ceccd4
commit 0ae4defc9d
1 changed files with 20 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
cluster/addons/dns/kube2sky/kube2sky.go
View File

@ -34,7 +34,6 @@ import (
kclient "github.com/GoogleCloudPlatform/kubernetes/pkg/client" kclient "github.com/GoogleCloudPlatform/kubernetes/pkg/client"
kcache "github.com/GoogleCloudPlatform/kubernetes/pkg/client/cache" kcache "github.com/GoogleCloudPlatform/kubernetes/pkg/client/cache"
kclientcmd "github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd" kclientcmd "github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd"
kclientcmdapi "github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd/api"
kframework "github.com/GoogleCloudPlatform/kubernetes/pkg/controller/framework" kframework "github.com/GoogleCloudPlatform/kubernetes/pkg/controller/framework"
kSelector "github.com/GoogleCloudPlatform/kubernetes/pkg/fields" kSelector "github.com/GoogleCloudPlatform/kubernetes/pkg/fields"
tools "github.com/GoogleCloudPlatform/kubernetes/pkg/tools" tools "github.com/GoogleCloudPlatform/kubernetes/pkg/tools"
@ -50,7 +49,7 @@ var (
argEtcdMutationTimeout = flag.Duration("etcd_mutation_timeout", 10*time.Second, "crash after retrying etcd mutation for a specified duration") argEtcdMutationTimeout = flag.Duration("etcd_mutation_timeout", 10*time.Second, "crash after retrying etcd mutation for a specified duration")
argEtcdServer = flag.String("etcd-server", "http://127.0.0.1:4001", "URL to etcd server") argEtcdServer = flag.String("etcd-server", "http://127.0.0.1:4001", "URL to etcd server")
argKubecfgFile = flag.String("kubecfg_file", "", "Location of kubecfg file for access to kubernetes service") argKubecfgFile = flag.String("kubecfg_file", "", "Location of kubecfg file for access to kubernetes service")
argKubeMasterUrl = flag.String("kube_master_url", "https://${KUBERNETES_SERVICE_HOST}:${KUBERNETES_SERVICE_PORT}", "Url to reach kubernetes master. Env variables in this flag will be expanded.") argKubeMasterUrl = flag.String("kube_master_url", "", "Url to reach kubernetes master. Env variables in this flag will be expanded.")
) )
const ( const (
@ -336,9 +335,6 @@ func newEtcdClient(etcdServer string) (*etcd.Client, error) {
} }
func getKubeMasterUrl() (string, error) { func getKubeMasterUrl() (string, error) {
if *argKubeMasterUrl == "" {
return "", fmt.Errorf("no --kube_master_url specified")
}
parsedUrl, err := url.Parse(os.ExpandEnv(*argKubeMasterUrl)) parsedUrl, err := url.Parse(os.ExpandEnv(*argKubeMasterUrl))
if err != nil { if err != nil {
return "", fmt.Errorf("failed to parse --kube_master_url %s - %v", *argKubeMasterUrl, err) return "", fmt.Errorf("failed to parse --kube_master_url %s - %v", *argKubeMasterUrl, err)
@ -351,21 +347,33 @@ func getKubeMasterUrl() (string, error) {
// TODO: evaluate using pkg/client/clientcmd // TODO: evaluate using pkg/client/clientcmd
func newKubeClient() (*kclient.Client, error) { func newKubeClient() (*kclient.Client, error) {
var config *kclient.Config var (
masterUrl, err := getKubeMasterUrl() config *kclient.Config
err error
masterURL string
)
if *argKubeMasterUrl != "" {
masterURL, err = getKubeMasterUrl()
if err != nil { if err != nil {
return nil, err return nil, err
} }
}
if *argKubecfgFile == "" { if *argKubecfgFile == "" {
if masterURL == "" {
return nil, fmt.Errorf("--kube_master_url must be set when --kubecfg_file is not set")
}
config = &kclient.Config{ config = &kclient.Config{
Host: masterUrl, Host: masterURL,
Version: "v1beta3", Version: "v1beta3",
} }
} else { } else {
var err error overrides := &kclientcmd.ConfigOverrides{}
if masterURL != "" {
overrides.ClusterInfo.Server = masterURL
}
if config, err = kclientcmd.NewNonInteractiveDeferredLoadingClientConfig( if config, err = kclientcmd.NewNonInteractiveDeferredLoadingClientConfig(
&kclientcmd.ClientConfigLoadingRules{ExplicitPath: *argKubecfgFile}, &kclientcmd.ClientConfigLoadingRules{ExplicitPath: *argKubecfgFile},
&kclientcmd.ConfigOverrides{ClusterInfo: kclientcmdapi.Cluster{Server: masterUrl, InsecureSkipTLSVerify: true}}).ClientConfig(); err != nil { overrides).ClientConfig(); err != nil {
return nil, err return nil, err
} }
} }