diff --git a/cluster/centos/build.sh b/cluster/centos/build.sh index b7bc78328d..1f8c0795df 100755 --- a/cluster/centos/build.sh +++ b/cluster/centos/build.sh @@ -14,7 +14,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Download the flannel, etcd, docker, bridge-utils and K8s binaries automatically +# Download the flannel, etcd, docker, bridge-utils and K8s binaries automatically # and store into binaries directory. # Run as sudoers only @@ -24,84 +24,84 @@ set -o errexit set -o nounset set -o pipefail -readonly ROOT=$(dirname "${BASH_SOURCE}") -source ${ROOT}/config-build.sh +readonly ROOT=$(dirname "${BASH_SOURCE[0]}") +source "${ROOT}/config-build.sh" # ensure $RELEASES_DIR is an absolute file path -mkdir -p ${RELEASES_DIR} -RELEASES_DIR=$(cd ${RELEASES_DIR}; pwd) +mkdir -p "${RELEASES_DIR}" +RELEASES_DIR=$(cd "${RELEASES_DIR}"; pwd) # get absolute file path of binaries -BINARY_DIR=$(cd ${ROOT}; pwd)/binaries +BINARY_DIR=$(cd "${ROOT}"; pwd)/binaries function clean-up() { - rm -rf ${RELEASES_DIR} - rm -rf ${BINARY_DIR} + rm -rf "${RELEASES_DIR}" + rm -rf "${BINARY_DIR}" } function download-releases() { - rm -rf ${RELEASES_DIR} - mkdir -p ${RELEASES_DIR} + rm -rf "${RELEASES_DIR}" + mkdir -p "${RELEASES_DIR}" echo "Download flannel release v${FLANNEL_VERSION} ..." - curl -L ${FLANNEL_DOWNLOAD_URL} -o ${RELEASES_DIR}/flannel.tar.gz + curl -L "${FLANNEL_DOWNLOAD_URL}" -o "${RELEASES_DIR}/flannel.tar.gz" echo "Download etcd release v${ETCD_VERSION} ..." - curl -L ${ETCD_DOWNLOAD_URL} -o ${RELEASES_DIR}/etcd.tar.gz + curl -L "${ETCD_DOWNLOAD_URL}" -o "${RELEASES_DIR}/etcd.tar.gz" echo "Download kubernetes release v${K8S_VERSION} ..." - curl -L ${K8S_CLIENT_DOWNLOAD_URL} -o ${RELEASES_DIR}/kubernetes-client-linux-amd64.tar.gz - curl -L ${K8S_SERVER_DOWNLOAD_URL} -o ${RELEASES_DIR}/kubernetes-server-linux-amd64.tar.gz + curl -L "${K8S_CLIENT_DOWNLOAD_URL}" -o "${RELEASES_DIR}/kubernetes-client-linux-amd64.tar.gz" + curl -L "${K8S_SERVER_DOWNLOAD_URL}" -o "${RELEASES_DIR}/kubernetes-server-linux-amd64.tar.gz" echo "Download docker release v${DOCKER_VERSION} ..." - curl -L ${DOCKER_DOWNLOAD_URL} -o ${RELEASES_DIR}/docker.tar.gz + curl -L "${DOCKER_DOWNLOAD_URL}" -o "${RELEASES_DIR}/docker.tar.gz" } function unpack-releases() { - rm -rf ${BINARY_DIR} - mkdir -p ${BINARY_DIR}/master/bin - mkdir -p ${BINARY_DIR}/node/bin + rm -rf "${BINARY_DIR}" + mkdir -p "${BINARY_DIR}/master/bin" + mkdir -p "${BINARY_DIR}/node/bin" # flannel - if [[ -f ${RELEASES_DIR}/flannel.tar.gz ]] ; then - tar xzf ${RELEASES_DIR}/flannel.tar.gz -C ${RELEASES_DIR} - cp ${RELEASES_DIR}/flanneld ${BINARY_DIR}/master/bin - cp ${RELEASES_DIR}/flanneld ${BINARY_DIR}/node/bin + if [[ -f "${RELEASES_DIR}/flannel.tar.gz" ]] ; then + tar xzf "${RELEASES_DIR}/flannel.tar.gz" -C "${RELEASES_DIR}" + cp "${RELEASES_DIR}/flanneld" "${BINARY_DIR}/master/bin" + cp "${RELEASES_DIR}/flanneld" "${BINARY_DIR}/node/bin" fi # etcd - if [[ -f ${RELEASES_DIR}/etcd.tar.gz ]] ; then - tar xzf ${RELEASES_DIR}/etcd.tar.gz -C ${RELEASES_DIR} + if [[ -f "${RELEASES_DIR}/etcd.tar.gz" ]] ; then + tar xzf "${RELEASES_DIR}/etcd.tar.gz" -C "${RELEASES_DIR}" ETCD="etcd-v${ETCD_VERSION}-linux-amd64" - cp ${RELEASES_DIR}/$ETCD/etcd \ - ${RELEASES_DIR}/$ETCD/etcdctl ${BINARY_DIR}/master/bin - cp ${RELEASES_DIR}/$ETCD/etcd \ - ${RELEASES_DIR}/$ETCD/etcdctl ${BINARY_DIR}/node/bin + cp "${RELEASES_DIR}/${ETCD}/etcd" \ + "${RELEASES_DIR}/${ETCD}/etcdctl" "${BINARY_DIR}/master/bin" + cp "${RELEASES_DIR}/${ETCD}/etcd" \ + "${RELEASES_DIR}/${ETCD}/etcdctl" "${BINARY_DIR}/node/bin" fi # k8s - if [[ -f ${RELEASES_DIR}/kubernetes-client-linux-amd64.tar.gz ]] ; then - tar xzf ${RELEASES_DIR}/kubernetes-client-linux-amd64.tar.gz -C ${RELEASES_DIR} - cp ${RELEASES_DIR}/kubernetes/client/bin/kubectl ${BINARY_DIR} + if [[ -f "${RELEASES_DIR}/kubernetes-client-linux-amd64.tar.gz" ]] ; then + tar xzf "${RELEASES_DIR}/kubernetes-client-linux-amd64.tar.gz" -C "${RELEASES_DIR}" + cp "${RELEASES_DIR}/kubernetes/client/bin/kubectl" "${BINARY_DIR}" fi - if [[ -f ${RELEASES_DIR}/kubernetes-server-linux-amd64.tar.gz ]] ; then - tar xzf ${RELEASES_DIR}/kubernetes-server-linux-amd64.tar.gz -C ${RELEASES_DIR} - cp ${RELEASES_DIR}/kubernetes/server/bin/kube-apiserver \ - ${RELEASES_DIR}/kubernetes/server/bin/kube-controller-manager \ - ${RELEASES_DIR}/kubernetes/server/bin/kube-scheduler ${BINARY_DIR}/master/bin - cp ${RELEASES_DIR}/kubernetes/server/bin/kubelet \ - ${RELEASES_DIR}/kubernetes/server/bin/kube-proxy ${BINARY_DIR}/node/bin + if [[ -f "${RELEASES_DIR}/kubernetes-server-linux-amd64.tar.gz" ]] ; then + tar xzf "${RELEASES_DIR}/kubernetes-server-linux-amd64.tar.gz" -C "${RELEASES_DIR}" + cp "${RELEASES_DIR}/kubernetes/server/bin/kube-apiserver" \ + "${RELEASES_DIR}/kubernetes/server/bin/kube-controller-manager" \ + "${RELEASES_DIR}/kubernetes/server/bin/kube-scheduler" "${BINARY_DIR}/master/bin" + cp "${RELEASES_DIR}/kubernetes/server/bin/kubelet" \ + "${RELEASES_DIR}/kubernetes/server/bin/kube-proxy" "${BINARY_DIR}/node/bin" fi # docker - if [[ -f ${RELEASES_DIR}/docker.tar.gz ]]; then - tar xzf ${RELEASES_DIR}/docker.tar.gz -C ${RELEASES_DIR} + if [[ -f "${RELEASES_DIR}/docker.tar.gz" ]]; then + tar xzf "${RELEASES_DIR}/docker.tar.gz" -C "${RELEASES_DIR}" - cp ${RELEASES_DIR}/docker/docker* ${BINARY_DIR}/node/bin + cp "${RELEASES_DIR}/docker/docker*" "${BINARY_DIR}/node/bin" fi - chmod -R +x ${BINARY_DIR} + chmod -R +x "${BINARY_DIR}" echo "Done! All binaries are stored in ${BINARY_DIR}" } @@ -134,4 +134,4 @@ function parse-opt() { esac } -parse-opt $@ +parse-opt "${@}" diff --git a/cluster/centos/config-build.sh b/cluster/centos/config-build.sh index 852c3673fd..9ed75ae797 100755 --- a/cluster/centos/config-build.sh +++ b/cluster/centos/config-build.sh @@ -31,16 +31,22 @@ ETCD_VERSION=${ETCD_VERSION:-"3.0.9"} # Define k8s version to use. K8S_VERSION=${K8S_VERSION:-"1.3.7"} +# shellcheck disable=2034 # Variables sourced in other scripts executed from the same shell DOCKER_DOWNLOAD_URL=\ "https://get.docker.com/builds/Linux/x86_64/docker-${DOCKER_VERSION}.tgz" +# shellcheck disable=2034 # Variables sourced in other scripts executed from the same shell FLANNEL_DOWNLOAD_URL=\ "https://github.com/coreos/flannel/releases/download/v${FLANNEL_VERSION}/flannel-v${FLANNEL_VERSION}-linux-amd64.tar.gz" +# shellcheck disable=2034 # Variables sourced in other scripts executed from the same shell ETCD_DOWNLOAD_URL=\ "https://github.com/coreos/etcd/releases/download/v${ETCD_VERSION}/etcd-v${ETCD_VERSION}-linux-amd64.tar.gz" +# shellcheck disable=2034 # Variables sourced in other scripts executed from the same shell K8S_CLIENT_DOWNLOAD_URL=\ "https://dl.k8s.io/v${K8S_VERSION}/kubernetes-client-linux-amd64.tar.gz" + +# shellcheck disable=2034 # Variables sourced in other scripts executed from the same shell K8S_SERVER_DOWNLOAD_URL=\ "https://dl.k8s.io/v${K8S_VERSION}/kubernetes-server-linux-amd64.tar.gz" diff --git a/cluster/centos/config-default.sh b/cluster/centos/config-default.sh index 4d33d4ab20..a08ff2fed9 100755 --- a/cluster/centos/config-default.sh +++ b/cluster/centos/config-default.sh @@ -14,7 +14,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -readonly root=$(dirname "${BASH_SOURCE}") +readonly root=$(dirname "${BASH_SOURCE[0]}") ## Contains configuration values for the CentOS cluster # The user should have sudo privilege @@ -30,8 +30,9 @@ export MASTERS="${MASTERS:-$MASTER}" # Get the length of specific arg0, could be a space-separate string or array. function length-of() { local len=0 + # shellcheck disable=SC2034 # Unused variables left for readability for part in $1; do - let ++len + ((++len)) done echo $len } @@ -41,9 +42,9 @@ export NUM_MASTERS="${NUM_MASTERS:-$(length-of "$MASTERS")}" # Get default master advertise address: first master node. function default-advertise-address() { # get the first master node - local masters_array=(${MASTERS}) + local masters_array=("${MASTERS}") local master=${masters_array[0]} - echo ${master#*@} + echo "${master#*@}" } # Define advertise address of masters, could be a load balancer address. @@ -76,7 +77,8 @@ function concat-etcd-servers() { echo "$etcd_servers" } -export ETCD_SERVERS="$(concat-etcd-servers)" +ETCD_SERVERS="$(concat-etcd-servers)" +export ETCD_SERVERS # By default, etcd cluster will use runtime configuration # https://coreos.com/etcd/docs/latest/v2/runtime-configuration.html @@ -90,17 +92,19 @@ function concat-etcd-initial-cluster() { etcd_initial_cluster+="," fi etcd_initial_cluster+="infra${num_infra}=https://${master_ip}:2380" - let ++num_infra + ((++num_infra)) done echo "$etcd_initial_cluster" } -export ETCD_INITIAL_CLUSTER="$(concat-etcd-initial-cluster)" +ETCD_INITIAL_CLUSTER="$(concat-etcd-initial-cluster)" +export ETCD_INITIAL_CLUSTER CERT_DIR="${CERT_DIR:-${root}/ca-cert}" mkdir -p "${CERT_DIR}" # CERT_DIR path must be absolute. -export CERT_DIR="$(cd "${CERT_DIR}"; pwd)" +CERT_DIR="$(cd "${CERT_DIR}" && pwd)" +export CERT_DIR # define the IP range used for service cluster IPs. # according to rfc 1918 ref: https://tools.ietf.org/html/rfc1918 choose a private ip range here. @@ -108,12 +112,14 @@ export SERVICE_CLUSTER_IP_RANGE=${SERVICE_CLUSTER_IP_RANGE:-"192.168.3.0/24"} # Optional: Install cluster DNS. ENABLE_CLUSTER_DNS="${KUBE_ENABLE_CLUSTER_DNS:-true}" +export ENABLE_CLUSTER_DNS # DNS_SERVER_IP must be a IP in SERVICE_CLUSTER_IP_RANGE DNS_SERVER_IP=${DNS_SERVER_IP:-"192.168.3.100"} DNS_DOMAIN=${DNS_DOMAIN:-"cluster.local"} # Optional: Install Kubernetes UI ENABLE_CLUSTER_UI="${KUBE_ENABLE_CLUSTER_UI:-true}" +export ENABLE_CLUSTER_UI # define the IP range used for flannel overlay network, should not conflict with above SERVICE_CLUSTER_IP_RANGE export FLANNEL_NET=${FLANNEL_NET:-"172.16.0.0/16"} diff --git a/cluster/centos/config-test.sh b/cluster/centos/config-test.sh index c3a5c476f7..45dd75c0da 100644 --- a/cluster/centos/config-test.sh +++ b/cluster/centos/config-test.sh @@ -15,5 +15,5 @@ # limitations under the License. ## for CentOS/Fedora/RHEL cluster in test mode -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../.. +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. source "${KUBE_ROOT}/cluster/centos/config-default.sh" diff --git a/cluster/centos/deployAddons.sh b/cluster/centos/deployAddons.sh index b19d1cd1ef..fce75750f1 100755 --- a/cluster/centos/deployAddons.sh +++ b/cluster/centos/deployAddons.sh @@ -18,8 +18,8 @@ set -e -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../.. -source "config-default.sh" +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. +source "${KUBE_ROOT}/cluster/centos/config-default.sh" KUBECTL="${KUBE_ROOT}/cluster/kubectl.sh" export KUBECTL_PATH="${KUBE_ROOT}/cluster/centos/binaries/kubectl" export KUBE_CONFIG_FILE=${KUBE_CONFIG_FILE:-${KUBE_ROOT}/cluster/centos/config-default.sh} @@ -30,8 +30,8 @@ function deploy_dns { sed -i -e "s/\\\$DNS_DOMAIN/${DNS_DOMAIN}/g" kube-dns.yaml sed -i -e "s/\\\$DNS_SERVER_IP/${DNS_SERVER_IP}/g" kube-dns.yaml - KUBEDNS=`eval "${KUBECTL} get services --namespace=kube-system | grep kube-dns | cat"` - + KUBEDNS=$("${KUBECTL} get services --namespace=kube-system | grep kube-dns | cat") + if [ ! "$KUBEDNS" ]; then # use kubectl to create kube-dns addon ${KUBECTL} --namespace=kube-system create -f kube-dns.yaml @@ -47,11 +47,11 @@ function deploy_dns { function deploy_dashboard { echo "Deploying Kubernetes Dashboard" - ${KUBECTL} apply -f ${KUBE_ROOT}/cluster/addons/dashboard/dashboard-secret.yaml - ${KUBECTL} apply -f ${KUBE_ROOT}/cluster/addons/dashboard/dashboard-configmap.yaml - ${KUBECTL} apply -f ${KUBE_ROOT}/cluster/addons/dashboard/dashboard-rbac.yaml - ${KUBECTL} apply -f ${KUBE_ROOT}/cluster/addons/dashboard/dashboard-controller.yaml - ${KUBECTL} apply -f ${KUBE_ROOT}/cluster/addons/dashboard/dashboard-service.yaml + ${KUBECTL} apply -f "${KUBE_ROOT}/cluster/addons/dashboard/dashboard-secret.yaml" + ${KUBECTL} apply -f "${KUBE_ROOT}/cluster/addons/dashboard/dashboard-configmap.yaml" + ${KUBECTL} apply -f "${KUBE_ROOT}/cluster/addons/dashboard/dashboard-rbac.yaml" + ${KUBECTL} apply -f "${KUBE_ROOT}/cluster/addons/dashboard/dashboard-controller.yaml" + ${KUBECTL} apply -f "${KUBE_ROOT}/cluster/addons/dashboard/dashboard-service.yaml" echo } @@ -64,4 +64,3 @@ fi if [ "${ENABLE_CLUSTER_UI}" == true ]; then deploy_dashboard fi - diff --git a/cluster/centos/make-ca-cert.sh b/cluster/centos/make-ca-cert.sh index 37202e3cc6..8206e45f63 100755 --- a/cluster/centos/make-ca-cert.sh +++ b/cluster/centos/make-ca-cert.sh @@ -66,11 +66,11 @@ tar xzf easy-rsa.tar.gz > /dev/null 2>&1 cd easy-rsa-master/easyrsa3 ./easyrsa init-pki > /dev/null 2>&1 -./easyrsa --batch "--req-cn=$cert_ip@`date +%s`" build-ca nopass > /dev/null 2>&1 +./easyrsa --batch "--req-cn=${cert_ip}@$(date +%s)" build-ca nopass > /dev/null 2>&1 if [ $use_cn = "true" ]; then - ./easyrsa build-server-full $cert_ip nopass > /dev/null 2>&1 - cp -p pki/issued/$cert_ip.crt "${cert_dir}/server.cert" > /dev/null 2>&1 - cp -p pki/private/$cert_ip.key "${cert_dir}/server.key" > /dev/null 2>&1 + ./easyrsa build-server-full "${cert_ip}" nopass > /dev/null 2>&1 + cp -p "pki/issued/${cert_ip}.crt" "${cert_dir}/server.cert" > /dev/null 2>&1 + cp -p "pki/private/${cert_ip}.key" "${cert_dir}/server.key" > /dev/null 2>&1 else ./easyrsa --subject-alt-name="${sans}" build-server-full kubernetes-master nopass > /dev/null 2>&1 cp -p pki/issued/kubernetes-master.crt "${cert_dir}/server.cert" > /dev/null 2>&1 @@ -85,5 +85,5 @@ cp -p pki/ca.crt "${cert_dir}/ca.crt" cp -p pki/issued/kubecfg.crt "${cert_dir}/kubecfg.crt" cp -p pki/private/kubecfg.key "${cert_dir}/kubecfg.key" # Make server certs accessible to apiserver. -chgrp $cert_group "${cert_dir}/server.key" "${cert_dir}/server.cert" "${cert_dir}/ca.crt" +chgrp "${cert_group}" "${cert_dir}/server.key" "${cert_dir}/server.cert" "${cert_dir}/ca.crt" chmod 660 "${cert_dir}/server.key" "${cert_dir}/server.cert" "${cert_dir}/ca.crt" diff --git a/cluster/centos/master/scripts/flannel.sh b/cluster/centos/master/scripts/flannel.sh index 745a29f08d..83a7de5b58 100644 --- a/cluster/centos/master/scripts/flannel.sh +++ b/cluster/centos/master/scripts/flannel.sh @@ -48,10 +48,9 @@ EOF # Store FLANNEL_NET to etcd. attempt=0 while true; do - /opt/kubernetes/bin/etcdctl --ca-file ${CA_FILE} --cert-file ${CERT_FILE} --key-file ${KEY_FILE} \ - --no-sync -C ${ETCD_SERVERS} \ - get /coreos.com/network/config >/dev/null 2>&1 - if [[ "$?" == 0 ]]; then + if /opt/kubernetes/bin/etcdctl --ca-file ${CA_FILE} --cert-file ${CERT_FILE} --key-file ${KEY_FILE} \ + --no-sync -C "${ETCD_SERVERS}" \ + get /coreos.com/network/config >/dev/null 2>&1; then break else if (( attempt > 600 )); then @@ -60,7 +59,7 @@ while true; do fi /opt/kubernetes/bin/etcdctl --ca-file ${CA_FILE} --cert-file ${CERT_FILE} --key-file ${KEY_FILE} \ - --no-sync -C ${ETCD_SERVERS} \ + --no-sync -C "${ETCD_SERVERS}" \ mk /coreos.com/network/config "{\"Network\":\"${FLANNEL_NET}\"}" >/dev/null 2>&1 attempt=$((attempt+1)) sleep 3 diff --git a/cluster/centos/node/bin/mk-docker-opts.sh b/cluster/centos/node/bin/mk-docker-opts.sh index e45dbc71bc..22a459f513 100755 --- a/cluster/centos/node/bin/mk-docker-opts.sh +++ b/cluster/centos/node/bin/mk-docker-opts.sh @@ -30,7 +30,7 @@ OPTIONS: -c Output combined Docker options into DOCKER_OPTS var -k Set the combined options key to this value (default DOCKER_OPTS=) -m Do not output --ip-masq (useful for older Docker version) -" >/dev/stderr +" >/dev/stderr exit 1 } @@ -40,8 +40,9 @@ combined_opts_key="DOCKER_OPTS" indiv_opts=false combined_opts=false ipmasq=true +val="" -while getopts "f:d:ick:" opt; do +while getopts "f:d:icmk:" opt; do case $opt in f) flannel_env=$OPTARG @@ -72,37 +73,41 @@ if [[ $indiv_opts = false ]] && [[ $combined_opts = false ]]; then combined_opts=true fi -if [[ -f "$flannel_env" ]]; then - source $flannel_env +if [[ -f "${flannel_env}" ]]; then + source "${flannel_env}" fi if [[ -n "$FLANNEL_SUBNET" ]]; then + # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below DOCKER_OPT_BIP="--bip=$FLANNEL_SUBNET" fi if [[ -n "$FLANNEL_MTU" ]]; then + # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below DOCKER_OPT_MTU="--mtu=$FLANNEL_MTU" fi if [[ "$FLANNEL_IPMASQ" = true ]] && [[ $ipmasq = true ]]; then + # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below DOCKER_OPT_IPMASQ="--ip-masq=false" fi eval docker_opts="\$${combined_opts_key}" docker_opts+=" " -echo -n "" >$docker_env +echo -n "" >"${docker_env}" + +# OPT_LOOP for opt in $(compgen -v DOCKER_OPT_); do - eval val=\$$opt + eval val=\$"${opt}" if [[ "$indiv_opts" = true ]]; then - echo "$opt=\"$val\"" >>$docker_env + echo "$opt=\"$val\"" >>"${docker_env}" fi docker_opts+="$val " done if [[ "$combined_opts" = true ]]; then - echo "${combined_opts_key}=\"${docker_opts}\"" >>$docker_env + echo "${combined_opts_key}=\"${docker_opts}\"" >>"${docker_env}" fi - diff --git a/cluster/centos/node/scripts/flannel.sh b/cluster/centos/node/scripts/flannel.sh index fe9b8e90c9..41ec84c537 100755 --- a/cluster/centos/node/scripts/flannel.sh +++ b/cluster/centos/node/scripts/flannel.sh @@ -52,10 +52,9 @@ EOF # Store FLANNEL_NET to etcd. attempt=0 while true; do - /opt/kubernetes/bin/etcdctl --ca-file ${CA_FILE} --cert-file ${CERT_FILE} --key-file ${KEY_FILE} \ - --no-sync -C ${ETCD_SERVERS} \ - get /coreos.com/network/config >/dev/null 2>&1 - if [[ "$?" == 0 ]]; then + if /opt/kubernetes/bin/etcdctl --ca-file ${CA_FILE} --cert-file ${CERT_FILE} --key-file ${KEY_FILE} \ + --no-sync -C "${ETCD_SERVERS}" \ + get /coreos.com/network/config >/dev/null 2>&1; then break else if (( attempt > 600 )); then @@ -64,7 +63,7 @@ while true; do fi /opt/kubernetes/bin/etcdctl --ca-file ${CA_FILE} --cert-file ${CERT_FILE} --key-file ${KEY_FILE} \ - --no-sync -C ${ETCD_SERVERS} \ + --no-sync -C "${ETCD_SERVERS}" \ mk /coreos.com/network/config "{\"Network\":\"${FLANNEL_NET}\"}" >/dev/null 2>&1 attempt=$((attempt+1)) sleep 3 diff --git a/cluster/centos/util.sh b/cluster/centos/util.sh index efb1c878b1..d8cae8cf17 100755 --- a/cluster/centos/util.sh +++ b/cluster/centos/util.sh @@ -23,16 +23,16 @@ SSH_OPTS="-oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null -oLogLevel=E # Use the config file specified in $KUBE_CONFIG_FILE, or default to # config-default.sh. -KUBE_ROOT=$(dirname "${BASH_SOURCE}")/../.. -readonly ROOT=$(dirname "${BASH_SOURCE}") +KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/../.. +readonly ROOT=$(dirname "${BASH_SOURCE[0]}") source "${ROOT}/${KUBE_CONFIG_FILE:-"config-default.sh"}" source "$KUBE_ROOT/cluster/common.sh" - +# shellcheck disable=SC2034 # Can't tell if this is still needed or not KUBECTL_PATH=${KUBE_ROOT}/cluster/centos/binaries/kubectl # Directory to be used for master and node provisioning. -KUBE_TEMP="~/kube_temp" +KUBE_TEMP="${HOME}/kube_temp" # Get master IP addresses and store in KUBE_MASTER_IP_ADDRESSES[] @@ -88,12 +88,13 @@ function trap-add { local signal="${2-EXIT}" local cur - cur="$(eval "sh -c 'echo \$3' -- $(trap -p ${signal})")" + cur="$(eval "sh -c 'echo \$3' -- $(trap -p "${signal}")")" if [[ -n "${cur}" ]]; then handler="${cur}; ${handler}" fi - trap "${handler}" ${signal} + # shellcheck disable=SC2064 # Early expansion is intentional here. + trap "${handler}" "${signal}" } # Validate a kubernetes cluster @@ -101,13 +102,12 @@ function validate-cluster() { # by default call the generic validate-cluster.sh script, customizable by # any cluster provider if this does not fit. set +e - "${KUBE_ROOT}/cluster/validate-cluster.sh" - if [[ "$?" -ne "0" ]]; then + if ! "${KUBE_ROOT}/cluster/validate-cluster.sh"; then for master in ${MASTERS}; do - troubleshoot-master ${master} + troubleshoot-master "${master}" done for node in ${NODES}; do - troubleshoot-node ${node} + troubleshoot-node "${node}" done exit 1 fi @@ -121,7 +121,7 @@ function kube-up() { local num_infra=0 for master in ${MASTERS}; do provision-master "${master}" "infra${num_infra}" - let ++num_infra + ((++num_infra)) done for master in ${MASTERS}; do @@ -147,11 +147,11 @@ function kube-up() { # Delete a kubernetes cluster function kube-down() { for master in ${MASTERS}; do - tear-down-master ${master} + tear-down-master "${master}" done for node in ${NODES}; do - tear-down-node ${node} + tear-down-node "${node}" done } @@ -170,7 +170,7 @@ function troubleshoot-master() { else daemon_status="active" fi - printf "%-24s %s\n" ${daemon} ${daemon_status} + printf "%-24s %s\n" "${daemon}" ${daemon_status} done printf "\n" } @@ -190,7 +190,7 @@ function troubleshoot-node() { else daemon_status="active" fi - printf "%-24s %s\n" ${daemon} ${daemon_status} + printf "%-24s %s\n" "${daemon}" ${daemon_status} done printf "\n" } @@ -307,8 +307,9 @@ function provision-node() { local node=$1 local node_ip=${node#*@} local dns_ip=${DNS_SERVER_IP#*@} + # shellcheck disable=SC2153 # DNS_DOMAIN sourced from external file local dns_domain=${DNS_DOMAIN#*@} - ensure-setup-dir ${node} + ensure-setup-dir "${node}" kube-scp "${node}" "${ROOT}/binaries/node ${ROOT}/node ${ROOT}/config-default.sh ${ROOT}/util.sh" "${KUBE_TEMP}" kube-scp "${node}" "${ROOT}/etcd-cert/ca.pem \ @@ -360,15 +361,15 @@ function ensure-etcd-cert() { function kube-ssh() { local host="$1" shift - ssh ${SSH_OPTS} -t "${host}" "$@" >/dev/null 2>&1 + ssh "${SSH_OPTS}" -t "${host}" "$@" >/dev/null 2>&1 } # Copy file recursively over ssh function kube-scp() { local host="$1" - local src=($2) + local src=("$2") local dst="$3" - scp -r ${SSH_OPTS} ${src[*]} "${host}:${dst}" + scp -r "${SSH_OPTS}" "${src[*]}" "${host}:${dst}" } # Ensure that we have a password created for validating to the master. Will @@ -380,8 +381,8 @@ function kube-scp() { function get-password { load-or-gen-kube-basicauth if [[ -z "${KUBE_USER}" || -z "${KUBE_PASSWORD}" ]]; then - KUBE_USER=admin - KUBE_PASSWORD=$(python -c 'import string,random; \ - print("".join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(16)))') + KUBE_USER="admin" + KUBE_PASSWORD=$(python -c 'import string,random; '\ + 'print("".join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(16)))') fi } diff --git a/hack/.shellcheck_failures b/hack/.shellcheck_failures index 07f643d7a3..2304e87fa6 100644 --- a/hack/.shellcheck_failures +++ b/hack/.shellcheck_failures @@ -3,16 +3,6 @@ ./cluster/addons/addon-manager/kube-addons.sh ./cluster/addons/fluentd-elasticsearch/es-image/run.sh ./cluster/addons/fluentd-elasticsearch/fluentd-es-image/run.sh -./cluster/centos/build.sh -./cluster/centos/config-build.sh -./cluster/centos/config-default.sh -./cluster/centos/config-test.sh -./cluster/centos/deployAddons.sh -./cluster/centos/make-ca-cert.sh -./cluster/centos/master/scripts/flannel.sh -./cluster/centos/node/bin/mk-docker-opts.sh -./cluster/centos/node/scripts/flannel.sh -./cluster/centos/util.sh ./cluster/clientbin.sh ./cluster/common.sh ./cluster/gce/config-common.sh