github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Check that sever API provides certificates capabilities 

Print user friendly error with information about required version.
pull/6/head
Evgeny L 2016-09-09 08:41:19 +00:00 committed by Ilya Dmitrichenko
parent b6d0efb854
commit ac849dab8e
No known key found for this signature in database
GPG Key ID: E7889175A6C0CEB9
1 changed files with 41 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
pkg/kubeadm/node/csr.go
View File

@ -21,7 +21,10 @@ import (
"io/ioutil"
"strings"
"k8s.io/kubernetes/pkg/apis/certificates"
unversionedcertificates "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/certificates/unversioned"
"k8s.io/kubernetes/pkg/client/restclient"
"k8s.io/kubernetes/pkg/client/typed/discovery"
"k8s.io/kubernetes/pkg/client/unversioned/clientcmd"
clientcmdapi "k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api"
kubeadmapi "k8s.io/kubernetes/pkg/kubeadm/api"
@ -60,6 +63,12 @@ func PerformTLSBootstrap(s *kubeadmapi.KubeadmConfig, apiEndpoint string, caCert
return nil, fmt.Errorf("<node/csr> failed to create API client configuration [%s]", err)
}
err = checkCertsAPI(bootstrapClientConfig)
if err != nil {
return nil, fmt.Errorf("<node/csr> API compatibility error [%s]", err)
}
client, err := unversionedcertificates.NewForConfig(bootstrapClientConfig)
if err != nil {
return nil, fmt.Errorf("<node/csr> failed to create API client [%s]", err)
@ -88,3 +97,35 @@ func PerformTLSBootstrap(s *kubeadmapi.KubeadmConfig, apiEndpoint string, caCert
return finalConfig, nil
}
func checkCertsAPI(config *restclient.Config) error {
discoveryClient, err := discovery.NewDiscoveryClientForConfig(config)
if err != nil {
return fmt.Errorf("failed to create API discovery client [%s]", err)
}
serverGroups, err := discoveryClient.ServerGroups()
if err != nil {
return fmt.Errorf("failed to retrieve a list of supported API objects [%s]", err)
}
for _, group := range serverGroups.Groups {
if group.Name == certificates.GroupName {
return nil
}
}
version, err := discoveryClient.ServerVersion()
serverVersion := version.String()
if err != nil {
serverVersion = "N/A"
}
// Due to changes in API namespaces for certificates
// https://github.com/kubernetes/kubernetes/pull/31887/
// it is compatible only with versions released after v1.4.0-beta.0
return fmt.Errorf("installed Kubernetes API server version \"%s\" does not support certificates signing request use v1.4.0 or newer", serverVersion)
}