Mailinglist Archive: opensuse-commit (1903 mails)

< Previous Next >
commit kubic-control for openSUSE:Factory
Hello community,

here is the log from the commit of package kubic-control for openSUSE:Factory
checked in at 2019-04-26 22:55:55
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kubic-control (Old)
and /work/SRC/openSUSE:Factory/.kubic-control.new.5536 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "kubic-control"

Fri Apr 26 22:55:55 2019 rev:3 rq:698209 version:0.4.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/kubic-control/kubic-control.changes
2019-04-19 18:39:24.503262848 +0200
+++ /work/SRC/openSUSE:Factory/.kubic-control.new.5536/kubic-control.changes
2019-04-26 22:55:58.541256152 +0200
@@ -1,0 +2,15 @@
+Fri Apr 26 14:09:33 CEST 2019 - kukuk@xxxxxxx
+
+- Update to version 0.4.0
+ - Rework communication for removing nodes
+ - Add support for cilium
+ - Bug fixes
+
+-------------------------------------------------------------------
+Thu Apr 25 16:12:15 CEST 2019 - kukuk@xxxxxxx
+
+- Update to version 0.3.0
+ - Add support for RBAC management to kubicctl
+ - Add support to create user certificates to kubicctl
+
+-------------------------------------------------------------------

Old:
----
kubic-control-0.2.1.tar.xz

New:
----
kubic-control-0.4.0.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ kubic-control.spec ++++++
--- /var/tmp/diff_new_pack.fvSyHG/_old 2019-04-26 22:56:00.149255116 +0200
+++ /var/tmp/diff_new_pack.fvSyHG/_new 2019-04-26 22:56:00.153255113 +0200
@@ -17,7 +17,7 @@


Name: kubic-control
-Version: 0.2.1
+Version: 0.4.0
Release: 0
Summary: Simple setup tool for kubernetes
License: Apache-2.0

++++++ kubic-control-0.2.1.tar.xz -> kubic-control-0.4.0.tar.xz ++++++
Binary files old/kubic-control-0.2.1/.git/index and
new/kubic-control-0.4.0/.git/index differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/.git/logs/HEAD
new/kubic-control-0.4.0/.git/logs/HEAD
--- old/kubic-control-0.2.1/.git/logs/HEAD 2019-04-18 14:39:41.592935299
+0200
+++ new/kubic-control-0.4.0/.git/logs/HEAD 2019-04-26 14:07:15.557798664
+0200
@@ -1 +1 @@
-0000000000000000000000000000000000000000
6665a06488a12d17faf5d0e0d47295d6e96b8b3e Thorsten Kukuk <kukuk@xxxxxxxxxx>
1555591181 +0200 clone: from https://github.com/thkukuk/kubic-control
+0000000000000000000000000000000000000000
8789ce66da490b5f82b3fa885f8bb57f4f530a09 Thorsten Kukuk <kukuk@xxxxxxxxxx>
1556280435 +0200 clone: from https://github.com/thkukuk/kubic-control
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/.git/logs/refs/heads/master
new/kubic-control-0.4.0/.git/logs/refs/heads/master
--- old/kubic-control-0.2.1/.git/logs/refs/heads/master 2019-04-18
14:39:41.592935299 +0200
+++ new/kubic-control-0.4.0/.git/logs/refs/heads/master 2019-04-26
14:07:15.557798664 +0200
@@ -1 +1 @@
-0000000000000000000000000000000000000000
6665a06488a12d17faf5d0e0d47295d6e96b8b3e Thorsten Kukuk <kukuk@xxxxxxxxxx>
1555591181 +0200 clone: from https://github.com/thkukuk/kubic-control
+0000000000000000000000000000000000000000
8789ce66da490b5f82b3fa885f8bb57f4f530a09 Thorsten Kukuk <kukuk@xxxxxxxxxx>
1556280435 +0200 clone: from https://github.com/thkukuk/kubic-control
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/kubic-control-0.2.1/.git/logs/refs/remotes/origin/HEAD
new/kubic-control-0.4.0/.git/logs/refs/remotes/origin/HEAD
--- old/kubic-control-0.2.1/.git/logs/refs/remotes/origin/HEAD 2019-04-18
14:39:41.592935299 +0200
+++ new/kubic-control-0.4.0/.git/logs/refs/remotes/origin/HEAD 2019-04-26
14:07:15.557798664 +0200
@@ -1 +1 @@
-0000000000000000000000000000000000000000
6665a06488a12d17faf5d0e0d47295d6e96b8b3e Thorsten Kukuk <kukuk@xxxxxxxxxx>
1555591181 +0200 clone: from https://github.com/thkukuk/kubic-control
+0000000000000000000000000000000000000000
8789ce66da490b5f82b3fa885f8bb57f4f530a09 Thorsten Kukuk <kukuk@xxxxxxxxxx>
1556280435 +0200 clone: from https://github.com/thkukuk/kubic-control
Binary files
old/kubic-control-0.2.1/.git/objects/pack/pack-a6007c132993c72fc484c0cc5ad73cab05f65a68.idx
and
new/kubic-control-0.4.0/.git/objects/pack/pack-a6007c132993c72fc484c0cc5ad73cab05f65a68.idx
differ
Binary files
old/kubic-control-0.2.1/.git/objects/pack/pack-a6007c132993c72fc484c0cc5ad73cab05f65a68.pack
and
new/kubic-control-0.4.0/.git/objects/pack/pack-a6007c132993c72fc484c0cc5ad73cab05f65a68.pack
differ
Binary files
old/kubic-control-0.2.1/.git/objects/pack/pack-fa681be18b28df10ad5bbcf34d4024f7b5d4bfd2.idx
and
new/kubic-control-0.4.0/.git/objects/pack/pack-fa681be18b28df10ad5bbcf34d4024f7b5d4bfd2.idx
differ
Binary files
old/kubic-control-0.2.1/.git/objects/pack/pack-fa681be18b28df10ad5bbcf34d4024f7b5d4bfd2.pack
and
new/kubic-control-0.4.0/.git/objects/pack/pack-fa681be18b28df10ad5bbcf34d4024f7b5d4bfd2.pack
differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/.git/packed-refs
new/kubic-control-0.4.0/.git/packed-refs
--- old/kubic-control-0.2.1/.git/packed-refs 2019-04-18 14:39:41.592935299
+0200
+++ new/kubic-control-0.4.0/.git/packed-refs 2019-04-26 14:07:15.557798664
+0200
@@ -1,5 +1,8 @@
# pack-refs with: peeled fully-peeled sorted
-6665a06488a12d17faf5d0e0d47295d6e96b8b3e refs/remotes/origin/master
+8789ce66da490b5f82b3fa885f8bb57f4f530a09 refs/remotes/origin/master
+8753d28f8536fa50a7e9e5873348475a4a9652d5 refs/tags/0.3.0
11f0daf7e39c6c8ca826819b9fa230952c167fc4 refs/tags/v0.1.0
02cfb06685013a9b6a38b31ab421c3b37f3ae3cb refs/tags/v0.2.0
6665a06488a12d17faf5d0e0d47295d6e96b8b3e refs/tags/v0.2.1
+8753d28f8536fa50a7e9e5873348475a4a9652d5 refs/tags/v0.3.0
+8789ce66da490b5f82b3fa885f8bb57f4f530a09 refs/tags/v0.4.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/.git/refs/heads/master
new/kubic-control-0.4.0/.git/refs/heads/master
--- old/kubic-control-0.2.1/.git/refs/heads/master 2019-04-18
14:39:41.592935299 +0200
+++ new/kubic-control-0.4.0/.git/refs/heads/master 2019-04-26
14:07:15.557798664 +0200
@@ -1 +1 @@
-6665a06488a12d17faf5d0e0d47295d6e96b8b3e
+8789ce66da490b5f82b3fa885f8bb57f4f530a09
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/README.md
new/kubic-control-0.4.0/README.md
--- old/kubic-control-0.2.1/README.md 2019-04-18 14:39:41.596935314 +0200
+++ new/kubic-control-0.4.0/README.md 2019-04-26 14:07:15.557798664 +0200
@@ -30,7 +30,12 @@
contains `Kubic-Control-CA.crt`, `user.key` and `user.crt`. For the admin
role, this need to be a copy of admin.key and admin.crt. For other users,
you need to create corresponding certificates and sign them with
-`Kubic-Control-CA.crt`.
+`Kubic-Control-CA.crt`. If you call `kubicctl` as root and there is no
+`user.crt` in `~/.config/kubicctl`, the admin certificates from
+`/etc/kubicd/pki` are used if they exist.
+Certificates for additional users can be created with `kubicctl certificates
+create <account>`.
+
Please take care of this certificates and store them secure, this are the
passwords to access kubicd!

@@ -71,9 +76,17 @@

The second file, `rbac.conf`, is mandatory, else nobody can access `kubicd`,
all requests will be rejected. The default file can be found in
-`/usr/share/defaults/kubicd/kubicd.conf`. Changed entries should be written
+`/usr/share/defaults/kubicd/rbac.conf`. Changed entries should be written
to `/etc/kubicd/rbac.conf`.

+## RBAC
+
+`rbac.conf` contains the roles as key and the users, who are allowed to use
+this functionality as comma seperated list. `kubicctl rbac list` will print
+out a list of current configured roles and the corresponding users. `kubicctl
+rbac add <role> <user>` will add the user to the role.
+
+
## Notes

`Kubicd` does not store any informations about the state of the kubernetes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/VERSION
new/kubic-control-0.4.0/VERSION
--- old/kubic-control-0.2.1/VERSION 2019-04-18 14:39:41.596935314 +0200
+++ new/kubic-control-0.4.0/VERSION 2019-04-26 14:07:15.557798664 +0200
@@ -1 +1 @@
-0.2.1
+0.4.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/api/api.pb.go
new/kubic-control-0.4.0/api/api.pb.go
--- old/kubic-control-0.2.1/api/api.pb.go 2019-04-18 14:39:41.616935386
+0200
+++ new/kubic-control-0.4.0/api/api.pb.go 2019-04-26 14:07:15.609798852
+0200
@@ -37,7 +37,7 @@
func (m *StatusReply) String() string { return proto.CompactTextString(m) }
func (*StatusReply) ProtoMessage() {}
func (*StatusReply) Descriptor() ([]byte, []int) {
- return fileDescriptor_api_d955562b5e1094dd, []int{0}
+ return fileDescriptor_api_7ed840694d811469, []int{0}
}
func (m *StatusReply) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_StatusReply.Unmarshal(m, b)
@@ -84,7 +84,7 @@
func (m *InitRequest) String() string { return proto.CompactTextString(m) }
func (*InitRequest) ProtoMessage() {}
func (*InitRequest) Descriptor() ([]byte, []int) {
- return fileDescriptor_api_d955562b5e1094dd, []int{1}
+ return fileDescriptor_api_7ed840694d811469, []int{1}
}
func (m *InitRequest) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_InitRequest.Unmarshal(m, b)
@@ -130,7 +130,7 @@
func (m *AddNodeRequest) String() string { return proto.CompactTextString(m) }
func (*AddNodeRequest) ProtoMessage() {}
func (*AddNodeRequest) Descriptor() ([]byte, []int) {
- return fileDescriptor_api_d955562b5e1094dd, []int{2}
+ return fileDescriptor_api_7ed840694d811469, []int{2}
}
func (m *AddNodeRequest) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_AddNodeRequest.Unmarshal(m, b)
@@ -169,7 +169,7 @@
func (m *RemoveNodeRequest) String() string { return
proto.CompactTextString(m) }
func (*RemoveNodeRequest) ProtoMessage() {}
func (*RemoveNodeRequest) Descriptor() ([]byte, []int) {
- return fileDescriptor_api_d955562b5e1094dd, []int{3}
+ return fileDescriptor_api_7ed840694d811469, []int{3}
}
func (m *RemoveNodeRequest) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_RemoveNodeRequest.Unmarshal(m, b)
@@ -208,7 +208,7 @@
func (m *RebootNodeRequest) String() string { return
proto.CompactTextString(m) }
func (*RebootNodeRequest) ProtoMessage() {}
func (*RebootNodeRequest) Descriptor() ([]byte, []int) {
- return fileDescriptor_api_d955562b5e1094dd, []int{4}
+ return fileDescriptor_api_7ed840694d811469, []int{4}
}
func (m *RebootNodeRequest) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_RebootNodeRequest.Unmarshal(m, b)
@@ -246,7 +246,7 @@
func (m *Version) String() string { return proto.CompactTextString(m) }
func (*Version) ProtoMessage() {}
func (*Version) Descriptor() ([]byte, []int) {
- return fileDescriptor_api_d955562b5e1094dd, []int{5}
+ return fileDescriptor_api_7ed840694d811469, []int{5}
}
func (m *Version) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_Version.Unmarshal(m, b)
@@ -283,7 +283,7 @@
func (m *Empty) String() string { return proto.CompactTextString(m) }
func (*Empty) ProtoMessage() {}
func (*Empty) Descriptor() ([]byte, []int) {
- return fileDescriptor_api_d955562b5e1094dd, []int{6}
+ return fileDescriptor_api_7ed840694d811469, []int{6}
}
func (m *Empty) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_Empty.Unmarshal(m, b)
@@ -329,7 +329,7 @@
InitMaster(ctx context.Context, in *InitRequest, opts
...grpc.CallOption) (Kubeadm_InitMasterClient, error)
// Add a new worker node to the cluster
AddNode(ctx context.Context, in *AddNodeRequest, opts
...grpc.CallOption) (*StatusReply, error)
- RemoveNode(ctx context.Context, in *RemoveNodeRequest, opts
...grpc.CallOption) (*StatusReply, error)
+ RemoveNode(ctx context.Context, in *RemoveNodeRequest, opts
...grpc.CallOption) (Kubeadm_RemoveNodeClient, error)
RebootNode(ctx context.Context, in *RebootNodeRequest, opts
...grpc.CallOption) (*StatusReply, error)
// Upgrade cluster to newest version (as of kubeadm on master)
UpgradeKubernetes(ctx context.Context, in *Empty, opts
...grpc.CallOption) (Kubeadm_UpgradeKubernetesClient, error)
@@ -386,13 +386,36 @@
return out, nil
}

-func (c *kubeadmClient) RemoveNode(ctx context.Context, in *RemoveNodeRequest,
opts ...grpc.CallOption) (*StatusReply, error) {
- out := new(StatusReply)
- err := c.cc.Invoke(ctx, "/api.Kubeadm/RemoveNode", in, out, opts...)
+func (c *kubeadmClient) RemoveNode(ctx context.Context, in *RemoveNodeRequest,
opts ...grpc.CallOption) (Kubeadm_RemoveNodeClient, error) {
+ stream, err := c.cc.NewStream(ctx, &_Kubeadm_serviceDesc.Streams[1],
"/api.Kubeadm/RemoveNode", opts...)
if err != nil {
return nil, err
}
- return out, nil
+ x := &kubeadmRemoveNodeClient{stream}
+ if err := x.ClientStream.SendMsg(in); err != nil {
+ return nil, err
+ }
+ if err := x.ClientStream.CloseSend(); err != nil {
+ return nil, err
+ }
+ return x, nil
+}
+
+type Kubeadm_RemoveNodeClient interface {
+ Recv() (*StatusReply, error)
+ grpc.ClientStream
+}
+
+type kubeadmRemoveNodeClient struct {
+ grpc.ClientStream
+}
+
+func (x *kubeadmRemoveNodeClient) Recv() (*StatusReply, error) {
+ m := new(StatusReply)
+ if err := x.ClientStream.RecvMsg(m); err != nil {
+ return nil, err
+ }
+ return m, nil
}

func (c *kubeadmClient) RebootNode(ctx context.Context, in *RebootNodeRequest,
opts ...grpc.CallOption) (*StatusReply, error) {
@@ -405,7 +428,7 @@
}

func (c *kubeadmClient) UpgradeKubernetes(ctx context.Context, in *Empty, opts
...grpc.CallOption) (Kubeadm_UpgradeKubernetesClient, error) {
- stream, err := c.cc.NewStream(ctx, &_Kubeadm_serviceDesc.Streams[1],
"/api.Kubeadm/UpgradeKubernetes", opts...)
+ stream, err := c.cc.NewStream(ctx, &_Kubeadm_serviceDesc.Streams[2],
"/api.Kubeadm/UpgradeKubernetes", opts...)
if err != nil {
return nil, err
}
@@ -451,7 +474,7 @@
InitMaster(*InitRequest, Kubeadm_InitMasterServer) error
// Add a new worker node to the cluster
AddNode(context.Context, *AddNodeRequest) (*StatusReply, error)
- RemoveNode(context.Context, *RemoveNodeRequest) (*StatusReply, error)
+ RemoveNode(*RemoveNodeRequest, Kubeadm_RemoveNodeServer) error
RebootNode(context.Context, *RebootNodeRequest) (*StatusReply, error)
// Upgrade cluster to newest version (as of kubeadm on master)
UpgradeKubernetes(*Empty, Kubeadm_UpgradeKubernetesServer) error
@@ -502,22 +525,25 @@
return interceptor(ctx, in, info, handler)
}

-func _Kubeadm_RemoveNode_Handler(srv interface{}, ctx context.Context, dec
func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{},
error) {
- in := new(RemoveNodeRequest)
- if err := dec(in); err != nil {
- return nil, err
- }
- if interceptor == nil {
- return srv.(KubeadmServer).RemoveNode(ctx, in)
- }
- info := &grpc.UnaryServerInfo{
- Server: srv,
- FullMethod: "/api.Kubeadm/RemoveNode",
- }
- handler := func(ctx context.Context, req interface{}) (interface{},
error) {
- return srv.(KubeadmServer).RemoveNode(ctx,
req.(*RemoveNodeRequest))
+func _Kubeadm_RemoveNode_Handler(srv interface{}, stream grpc.ServerStream)
error {
+ m := new(RemoveNodeRequest)
+ if err := stream.RecvMsg(m); err != nil {
+ return err
}
- return interceptor(ctx, in, info, handler)
+ return srv.(KubeadmServer).RemoveNode(m,
&kubeadmRemoveNodeServer{stream})
+}
+
+type Kubeadm_RemoveNodeServer interface {
+ Send(*StatusReply) error
+ grpc.ServerStream
+}
+
+type kubeadmRemoveNodeServer struct {
+ grpc.ServerStream
+}
+
+func (x *kubeadmRemoveNodeServer) Send(m *StatusReply) error {
+ return x.ServerStream.SendMsg(m)
}

func _Kubeadm_RebootNode_Handler(srv interface{}, ctx context.Context, dec
func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{},
error) {
@@ -586,10 +612,6 @@
Handler: _Kubeadm_AddNode_Handler,
},
{
- MethodName: "RemoveNode",
- Handler: _Kubeadm_RemoveNode_Handler,
- },
- {
MethodName: "RebootNode",
Handler: _Kubeadm_RebootNode_Handler,
},
@@ -605,6 +627,11 @@
ServerStreams: true,
},
{
+ StreamName: "RemoveNode",
+ Handler: _Kubeadm_RemoveNode_Handler,
+ ServerStreams: true,
+ },
+ {
StreamName: "UpgradeKubernetes",
Handler: _Kubeadm_UpgradeKubernetes_Handler,
ServerStreams: true,
@@ -613,30 +640,30 @@
Metadata: "api.proto",
}

-func init() { proto.RegisterFile("api.proto",
fileDescriptor_api_d955562b5e1094dd) }
+func init() { proto.RegisterFile("api.proto",
fileDescriptor_api_7ed840694d811469) }

-var fileDescriptor_api_d955562b5e1094dd = []byte{
- // 344 bytes of a gzipped FileDescriptorProto
- 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x92,
0x4d, 0x4b, 0xf3, 0x40,
- 0x10, 0x80, 0xdf, 0xf4, 0x45, 0x63, 0xa6, 0x58, 0xed, 0x0a, 0x12, 0x04,
0xa1, 0x44, 0x84, 0x5e,
- 0xac, 0x5a, 0x15, 0xbc, 0xf6, 0xa0, 0x20, 0xc5, 0x1e, 0x22, 0x7a, 0x2d,
0x9b, 0xec, 0x18, 0x43,
- 0xcd, 0xce, 0x9a, 0xdd, 0x54, 0xfa, 0x33, 0xfd, 0x47, 0x92, 0xb4, 0x49,
0x5b, 0x6d, 0x91, 0x1e,
- 0xe7, 0xe3, 0x99, 0x65, 0x9e, 0x59, 0x70, 0xb8, 0x8a, 0x3b, 0x2a, 0x25,
0x43, 0xec, 0x3f, 0x57,
- 0xb1, 0xd7, 0x83, 0xfa, 0x93, 0xe1, 0x26, 0xd3, 0x3e, 0xaa, 0xf7, 0x09,
0x73, 0xc1, 0xd6, 0x59,
- 0x18, 0xa2, 0xd6, 0xae, 0xd5, 0xb2, 0xda, 0x3b, 0x7e, 0x19, 0xe6, 0x95,
0x04, 0xb5, 0xe6, 0x11,
- 0xba, 0xb5, 0x96, 0xd5, 0x76, 0xfc, 0x32, 0xf4, 0x42, 0xa8, 0x3f, 0xc8,
0xd8, 0xf8, 0xf8, 0x91,
- 0xa1, 0x36, 0xec, 0x0c, 0xd8, 0x28, 0x0b, 0x30, 0x95, 0x68, 0x50, 0x0f,
0xc7, 0x98, 0xea, 0x98,
- 0x64, 0x31, 0xcd, 0xf1, 0x9b, 0xf3, 0xca, 0xcb, 0xb4, 0xc0, 0x4e, 0xa1,
0xa1, 0x48, 0x0c, 0x25,
- 0x9a, 0x4f, 0x4a, 0x47, 0xb1, 0x8c, 0x66, 0xe3, 0x77, 0x15, 0x89, 0x41,
0x95, 0xf4, 0xce, 0xa1,
- 0xd1, 0x13, 0x62, 0x40, 0x02, 0xcb, 0x77, 0x8e, 0x01, 0x24, 0x09, 0x1c,
0x4a, 0x9e, 0xa0, 0x9e,
- 0xcd, 0x77, 0xf2, 0xcc, 0x20, 0x4f, 0x78, 0x5d, 0x68, 0xfa, 0x98, 0xd0,
0x18, 0x37, 0x65, 0x02,
- 0x22, 0xb3, 0x01, 0x73, 0x02, 0x76, 0xb9, 0x8a, 0x0b, 0xf6, 0xf2, 0xba,
0x65, 0xe8, 0xd9, 0xb0,
- 0x75, 0x97, 0x28, 0x33, 0xe9, 0x7e, 0xd5, 0xc0, 0xee, 0x67, 0x01, 0x72,
0x91, 0xb0, 0x6b, 0x80,
- 0xdc, 0xdb, 0x23, 0xd7, 0x06, 0x53, 0xb6, 0xdf, 0xc9, 0x2f, 0xb3, 0x20,
0xf2, 0x68, 0x9a, 0x59,
- 0xb8, 0x8e, 0xf7, 0xef, 0xc2, 0x62, 0x5d, 0xb0, 0x67, 0x22, 0xd8, 0x41,
0xd1, 0xb0, 0xac, 0x65,
- 0x15, 0xc5, 0x6e, 0x01, 0xe6, 0x2e, 0xd8, 0x61, 0xd1, 0xf1, 0x4b, 0xce,
0x7a, 0xb2, 0x34, 0x52,
- 0x91, 0x3f, 0x14, 0xad, 0x24, 0x6f, 0xa0, 0xf9, 0xac, 0xa2, 0x94, 0x0b,
0xec, 0x57, 0x37, 0x67,
- 0x50, 0x34, 0x16, 0x2a, 0xd6, 0xac, 0x77, 0x09, 0x7b, 0xf7, 0x68, 0xc2,
0xb7, 0x1c, 0x0a, 0x49,
- 0xbe, 0xc6, 0xd1, 0x5f, 0x50, 0xb0, 0x5d, 0x7c, 0xe7, 0xab, 0xef, 0x00,
0x00, 0x00, 0xff, 0xff,
- 0x57, 0x65, 0x10, 0x64, 0xdb, 0x02, 0x00, 0x00,
+var fileDescriptor_api_7ed840694d811469 = []byte{
+ // 347 bytes of a gzipped FileDescriptorProto
+ 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x94, 0x92,
0x4f, 0x4b, 0xc3, 0x40,
+ 0x10, 0xc5, 0x4d, 0x45, 0x63, 0xa6, 0x58, 0xed, 0x0a, 0x12, 0x04, 0xa1,
0x44, 0x84, 0x5e, 0xac,
+ 0x5a, 0x15, 0xc4, 0x5b, 0x0f, 0x0a, 0x52, 0xec, 0x21, 0xa2, 0xd7, 0xb2,
0xc9, 0x8e, 0x31, 0xd4,
+ 0xec, 0xae, 0xd9, 0x4d, 0xa5, 0x9f, 0xd3, 0x2f, 0x24, 0x9b, 0x76, 0xfb,
0x47, 0x5b, 0xa4, 0xc7,
+ 0x79, 0x33, 0x6f, 0x1e, 0xfb, 0x9b, 0x05, 0x8f, 0xca, 0xb4, 0x25, 0x73,
0xa1, 0x05, 0xd9, 0xa4,
+ 0x32, 0x0d, 0x3a, 0x50, 0x7d, 0xd6, 0x54, 0x17, 0x2a, 0x44, 0xf9, 0x31,
0x22, 0x3e, 0xb8, 0xaa,
+ 0x88, 0x63, 0x54, 0xca, 0x77, 0x1a, 0x4e, 0x73, 0x27, 0xb4, 0xa5, 0xe9,
0x64, 0xa8, 0x14, 0x4d,
+ 0xd0, 0xaf, 0x34, 0x9c, 0xa6, 0x17, 0xda, 0x32, 0x88, 0xa1, 0xfa, 0xc8,
0x53, 0x1d, 0xe2, 0x67,
+ 0x81, 0x4a, 0x93, 0x33, 0x20, 0x83, 0x22, 0xc2, 0x9c, 0xa3, 0x46, 0xd5,
0x1f, 0x62, 0xae, 0x52,
+ 0xc1, 0xcb, 0x6d, 0x5e, 0x58, 0x9f, 0x75, 0x5e, 0xc7, 0x0d, 0x72, 0x0a,
0x35, 0x29, 0x58, 0x9f,
+ 0xa3, 0xfe, 0x12, 0xf9, 0x20, 0xe5, 0xc9, 0x64, 0xfd, 0xae, 0x14, 0xac,
0x37, 0x15, 0x83, 0x73,
+ 0xa8, 0x75, 0x18, 0xeb, 0x09, 0x86, 0x36, 0xe7, 0x18, 0x80, 0x0b, 0x86,
0x7d, 0x4e, 0x33, 0x54,
+ 0x93, 0xfd, 0x9e, 0x51, 0x7a, 0x46, 0x08, 0xda, 0x50, 0x0f, 0x31, 0x13,
0x43, 0x5c, 0xd7, 0x13,
+ 0x09, 0xa1, 0xd7, 0xf0, 0x9c, 0x80, 0x6b, 0x9f, 0xe2, 0x83, 0xbb, 0xf8,
0x5c, 0x5b, 0x06, 0x2e,
+ 0x6c, 0xdd, 0x67, 0x52, 0x8f, 0xda, 0xdf, 0x15, 0x70, 0xbb, 0x45, 0x84,
0x94, 0x65, 0xe4, 0x1a,
+ 0xc0, 0x70, 0x7b, 0xa2, 0x4a, 0x63, 0x4e, 0xf6, 0x5b, 0xe6, 0x32, 0x73,
0x20, 0x8f, 0xc6, 0xca,
+ 0xdc, 0x75, 0x82, 0x8d, 0x0b, 0x87, 0xb4, 0xc1, 0x9d, 0x80, 0x20, 0x07,
0xe5, 0xc0, 0x22, 0x96,
+ 0x65, 0x2e, 0x72, 0x07, 0x30, 0x63, 0x41, 0x0e, 0xcb, 0x89, 0x3f, 0x70,
0x56, 0xe4, 0xdd, 0x1a,
+ 0xaf, 0x65, 0x32, 0xf5, 0xfe, 0x82, 0xb4, 0x34, 0xf5, 0x06, 0xea, 0x2f,
0x32, 0xc9, 0x29, 0xc3,
+ 0xee, 0xf4, 0xea, 0x04, 0xca, 0xc1, 0x12, 0xc6, 0x8a, 0xc0, 0x4b, 0xd8,
0x7b, 0x40, 0x1d, 0xbf,
+ 0x1b, 0x53, 0x2c, 0xf8, 0x5b, 0x9a, 0xfc, 0x67, 0x8a, 0xb6, 0xcb, 0x0f,
0x7d, 0xf5, 0x13, 0x00,
+ 0x00, 0xff, 0xff, 0x6e, 0x87, 0x73, 0x92, 0xdd, 0x02, 0x00, 0x00,
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/api/api.proto
new/kubic-control-0.4.0/api/api.proto
--- old/kubic-control-0.2.1/api/api.proto 2019-04-18 14:39:41.596935314
+0200
+++ new/kubic-control-0.4.0/api/api.proto 2019-04-26 14:07:15.557798664
+0200
@@ -23,7 +23,7 @@
rpc InitMaster (InitRequest) returns (stream StatusReply) {}
// Add a new worker node to the cluster
rpc AddNode (AddNodeRequest) returns (StatusReply) {}
- rpc RemoveNode (RemoveNodeRequest) returns (StatusReply) {}
+ rpc RemoveNode (RemoveNodeRequest) returns (stream StatusReply) {}
rpc RebootNode (RebootNodeRequest) returns (StatusReply) {}
// Upgrade cluster to newest version (as of kubeadm on master)
rpc UpgradeKubernetes (Empty) returns (stream StatusReply) {}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/cmd/kubicd/main.go
new/kubic-control-0.4.0/cmd/kubicd/main.go
--- old/kubic-control-0.2.1/cmd/kubicd/main.go 2019-04-18 14:39:41.596935314
+0200
+++ new/kubic-control-0.4.0/cmd/kubicd/main.go 2019-04-26 14:07:15.557798664
+0200
@@ -60,18 +60,17 @@
return kubeadm.UpgradeKubernetes(in, stream)
}

+func (s *server) RemoveNode(in *pb.RemoveNodeRequest, stream
pb.Kubeadm_RemoveNodeServer) error {
+ log.Printf("Received: remove node %v", in.NodeNames)
+ return kubeadm.RemoveNode(in, stream)
+}
+
func (s *server) AddNode(ctx context.Context, in *pb.AddNodeRequest)
(*pb.StatusReply, error) {
log.Printf("Received: add node %v", in.NodeNames)
status, message := kubeadm.AddNode(in.NodeNames)
return &pb.StatusReply{Success: status, Message: message}, nil
}

-func (s *server) RemoveNode(ctx context.Context, in *pb.RemoveNodeRequest)
(*pb.StatusReply, error) {
- log.Printf("Received: remove node %v", in.NodeNames)
- status, message := kubeadm.RemoveNode(in.NodeNames)
- return &pb.StatusReply{Success: status, Message: message}, nil
-}
-
func (s *server) RebootNode(ctx context.Context, in *pb.RebootNodeRequest)
(*pb.StatusReply, error) {
log.Printf("Received: reboot node %v", in.NodeNames)
status, message := kubeadm.RebootNode(in.NodeNames)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/certificates/certificates.go
new/kubic-control-0.4.0/pkg/certificates/certificates.go
--- old/kubic-control-0.2.1/pkg/certificates/certificates.go 2019-04-18
14:39:41.596935314 +0200
+++ new/kubic-control-0.4.0/pkg/certificates/certificates.go 2019-04-26
14:07:15.557798664 +0200
@@ -32,6 +32,7 @@


subCmd.AddCommand(
+ CreateCertsCmd(),
InitializeCertsCmd(),
)

diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/certificates/create.go
new/kubic-control-0.4.0/pkg/certificates/create.go
--- old/kubic-control-0.2.1/pkg/certificates/create.go 1970-01-01
01:00:00.000000000 +0100
+++ new/kubic-control-0.4.0/pkg/certificates/create.go 2019-04-26
14:07:15.557798664 +0200
@@ -0,0 +1,52 @@
+// Copyright 2019 Thorsten Kukuk
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package certificates
+
+import (
+ "os"
+ "fmt"
+
+ "github.com/spf13/cobra"
+)
+
+func CreateCertsCmd() *cobra.Command {
+ var subCmd = &cobra.Command {
+ Use: "create <user>",
+ Short: "Cerate certificate for an user",
+ Run: createCerts,
+ Args: cobra.ExactArgs(1),
+ }
+
+ return subCmd
+}
+
+func createCerts (cmd *cobra.Command, args []string) {
+ user := args[0]
+
+ err := CreateUser(PKI_dir, user)
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "Error creating certificate for user
'%s': %v\n",
+ user, err)
+ return
+ }
+ err = SignUser(PKI_dir, user)
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "Error signing certificate for user
'%s': %v\n",
+ user, err)
+ return
+ }
+ fmt.Printf("Signed certificates for user '%s' created in '%s'.\n",
+ user, PKI_dir)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/certificates/initialize.go
new/kubic-control-0.4.0/pkg/certificates/initialize.go
--- old/kubic-control-0.2.1/pkg/certificates/initialize.go 2019-04-18
14:39:41.596935314 +0200
+++ new/kubic-control-0.4.0/pkg/certificates/initialize.go 2019-04-26
14:07:15.557798664 +0200
@@ -15,14 +15,12 @@
package certificates

import (
+ "os"
+ "fmt"
+
"github.com/spf13/cobra"
)

-// var (
-// PKI_dir string
- //cfg, cfg_err =
ini.LooseLoad("/usr/share/defaults/kubicd/kubicd.conf",
"/etc/kubicd/kubicd.conf")
-//)
-
func InitializeCertsCmd() *cobra.Command {
var subCmd = &cobra.Command {
Use: "initialize",
@@ -37,22 +35,28 @@
func initializeCerts (cmd *cobra.Command, args []string) {
err := CreateCA(PKI_dir)
if err != nil {
+ fmt.Fprintf(os.Stderr, "Error creating CA: %v\n", err)
return
}
err = CreateUser(PKI_dir, "KubicD")
if err != nil {
+ fmt.Fprintf(os.Stderr, "Error creating user 'KubicD': %v\n",
err)
return
}
err = SignUser(PKI_dir, "KubicD")
if err != nil {
+ fmt.Fprintf(os.Stderr, "Error signing user 'KubicD': %v\n", err)
return
}
err = CreateUser(PKI_dir, "admin")
if err != nil {
+ fmt.Fprintf(os.Stderr, "Error creating user 'admin': %v\n", err)
return
}
err = SignUser(PKI_dir, "admin")
if err != nil {
+ fmt.Fprintf(os.Stderr, "Error signing user 'admin': %v\n", err)
return
}
+ fmt.Printf("All certificates and the CA are created and can be found in
'%s'\n", PKI_dir)
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/kubeadm/initMaster.go
new/kubic-control-0.4.0/pkg/kubeadm/initMaster.go
--- old/kubic-control-0.2.1/pkg/kubeadm/initMaster.go 2019-04-18
14:39:41.596935314 +0200
+++ new/kubic-control-0.4.0/pkg/kubeadm/initMaster.go 2019-04-26
14:07:15.561798678 +0200
@@ -32,6 +32,7 @@

func InitMaster(in *pb.InitRequest, stream pb.Kubeadm_InitMasterServer) error {
arg_socket := "--cri-socket=/run/crio/crio.sock"
+ arg_pod_network := in.PodNetworking
arg_pod_network_cidr := ""
arg_kubernetes_version := ""

@@ -57,6 +58,16 @@
return nil
}

+ // verify, that we got only a supported pod network
+ if len(arg_pod_network) < 1 {
+ arg_pod_network = "flannel"
+ } else if !strings.EqualFold(arg_pod_network, "flannel") &&
!strings.EqualFold(arg_pod_network, "cilium") {
+ if err := stream.Send(&pb.StatusReply{Success: false, Message:
"Unsupported pod network, please use 'flannel' or 'cilium'"}); err != nil {
+ return err
+ }
+ return nil
+ }
+
success, message := ExecuteCmd("systemctl", "enable", "--now", "crio")
if success != true {
if err := stream.Send(&pb.StatusReply{Success: success,
Message: message}); err != nil {
@@ -73,7 +84,7 @@
return nil
}

- if (strings.EqualFold(in.PodNetworking, "flannel")) {
+ if strings.EqualFold(arg_pod_network, "flannel") {
arg_pod_network_cidr = "--pod-network-cidr=10.244.0.0/16"
}
if len (in.KubernetesVersion) > 0 {
@@ -90,8 +101,13 @@
if err := stream.Send(&pb.StatusReply{Success: true, Message:
"Initialize Kubernetes control-plane"}); err != nil {
return err
}
- success, message = ExecuteCmd("kubeadm", "init", arg_socket,
- arg_pod_network_cidr, arg_kubernetes_version)
+ if len(arg_pod_network_cidr) > 0 {
+ success, message = ExecuteCmd("kubeadm", "init", arg_socket,
+ arg_pod_network_cidr, arg_kubernetes_version)
+ } else {
+ success, message = ExecuteCmd("kubeadm", "init", arg_socket,
+ arg_kubernetes_version)
+ }
if success != true {
ResetMaster()
if err := stream.Send(&pb.StatusReply{Success: success,
Message: message}); err != nil {
@@ -100,17 +116,33 @@
return nil
}

- // Setting up flannel
- if err := stream.Send(&pb.StatusReply{Success: true, Message: "Deploy
flannel"}); err != nil {
- return err
- }
- success, message = ExecuteCmd("kubectl",
"--kubeconfig=/etc/kubernetes/admin.conf", "apply", "-f",
"https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml";)
- if success != true {
- ResetMaster()
- if err := stream.Send(&pb.StatusReply{Success: success,
Message: message}); err != nil {
- return err
+ if strings.EqualFold(arg_pod_network, "flannel") {
+ // Setting up flannel
+ if err := stream.Send(&pb.StatusReply{Success: true, Message:
"Deploy flannel"}); err != nil {
+ return err
+ }
+ success, message = ExecuteCmd("kubectl",
"--kubeconfig=/etc/kubernetes/admin.conf", "apply", "-f",
"https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml";)
+ if success != true {
+ ResetMaster()
+ if err := stream.Send(&pb.StatusReply{Success: success,
Message: message}); err != nil {
+ return err
+ }
+ return nil
+ }
+ } else if strings.EqualFold(arg_pod_network, "cilium") {
+ // Setting up cilium
+ if err := stream.Send(&pb.StatusReply{Success: true, Message:
"Deploy cilium"}); err != nil {
+ return err
+ }
+ // success, message = ExecuteCmd("kubectl",
"--kubeconfig=/etc/kubernetes/admin.conf", "apply", "-f",
"https://raw.githubusercontent.com/kubic-project/k8s-manifests/cilium/cilium.yaml";)
+ success, message = ExecuteCmd("kubectl",
"--kubeconfig=/etc/kubernetes/admin.conf", "apply", "-f",
"https://raw.githubusercontent.com/kubic-project/k8s-manifests/65cc2ac79b2ed2448b366f9d89c1bf43e35c827f/cilium.yaml";)
+ if success != true {
+ ResetMaster()
+ if err := stream.Send(&pb.StatusReply{Success: success,
Message: message}); err != nil {
+ return err
+ }
+ return nil
}
- return nil
}

// Setting up kured
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/kubeadm/removeNode.go
new/kubic-control-0.4.0/pkg/kubeadm/removeNode.go
--- old/kubic-control-0.2.1/pkg/kubeadm/removeNode.go 2019-04-18
14:39:41.596935314 +0200
+++ new/kubic-control-0.4.0/pkg/kubeadm/removeNode.go 2019-04-26
14:07:15.561798678 +0200
@@ -14,37 +14,71 @@

package kubeadm

-func RemoveNode(nodeName string) (bool, string) {
+import (
+ pb "github.com/thkukuk/kubic-control/api"
+)

+
+func RemoveNode(in *pb.RemoveNodeRequest, stream pb.Kubeadm_RemoveNodeServer)
error {
+ // XXX in.NodeNames could be a list of Nodes ...
// salt host names are not identical with kubernetes node name.
- hostname, err := GetNodeName(nodeName)
- if err != nil {
- return false, err.Error()
+ hostname, herr := GetNodeName(in.NodeNames)
+ if herr != nil {
+ if err := stream.Send(&pb.StatusReply{Success: false, Message:
herr.Error()}); err != nil {
+ return err
+ }
+ return nil
+ }
+
+ if err := stream.Send(&pb.StatusReply{Success: true, Message: "Draining
node " + hostname + "..."}); err != nil {
+ return err
}

success, message := ExecuteCmd("kubectl",
"--kubeconfig=/etc/kubernetes/admin.conf",
"drain", hostname, "--delete-local-data", "--force",
"--ignore-daemonsets")
if success != true {
- return success, message
+ if err := stream.Send(&pb.StatusReply{Success: success,
Message: message}); err != nil {
+ return err
+ }
+ return nil
+ }
+
+ if err := stream.Send(&pb.StatusReply{Success: true, Message: "Removing
node " + hostname + "from Kubernetes"}); err != nil {
+ return err
}
success, message = ExecuteCmd("kubectl",
"--kubeconfig=/etc/kubernetes/admin.conf",
"delete", "node", hostname)
if success != true {
- return success, message
+ if err := stream.Send(&pb.StatusReply{Success: success,
Message: message}); err != nil {
+ return err
+ }
+ return nil
}

- success, message = ExecuteCmd("salt", nodeName, "cmd.run", "kubeadm
reset --force")
+ if err := stream.Send(&pb.StatusReply{Success: true, Message: "Cleanup
node " + hostname + "..."}); err != nil {
+ return err
+ }
+ success, message = ExecuteCmd("salt", in.NodeNames, "cmd.run",
"kubeadm reset --force")
if success != true {
- return success, message
+ if err := stream.Send(&pb.StatusReply{Success: success,
Message: message}); err != nil {
+ return err
+ }
+ return nil
}
// Try some system cleanup, ignore if fails
- ExecuteCmd("salt", nodeName, "cmd.run", "sed -i -e
's|^REBOOT_METHOD=kured|REBOOT_METHOD=auto|g' /etc/transactional-update.conf")
- ExecuteCmd("salt", nodeName, "grains.delkey", "kubicd")
- ExecuteCmd("salt", nodeName, "cmd.run", "\"iptables -t nat -F &&
iptables -t mangle -F && iptables -X\"")
- ExecuteCmd("salt", nodeName, "cmd.run", "\"ip link delete cni0; ip
link delete flannel.1\"")
- ExecuteCmd("salt", nodeName, "service.disable", "kubelet")
- ExecuteCmd("salt", nodeName, "service.stop", "kubelet")
- ExecuteCmd("salt", nodeName, "service.disable", "crio")
- ExecuteCmd("salt", nodeName, "service.stop", "crio")
- return true, ""
+ ExecuteCmd("salt", in.NodeNames, "cmd.run", "sed -i -e
's|^REBOOT_METHOD=kured|REBOOT_METHOD=auto|g' /etc/transactional-update.conf")
+ ExecuteCmd("salt", in.NodeNames, "grains.delkey", "kubicd")
+ success, message = ExecuteCmd("salt", in.NodeNames, "cmd.run",
"\"iptables -t nat -F && iptables -t mangle -F && iptables -X\"")
+ if err := stream.Send(&pb.StatusReply{Success: true, Message: "Warning:
removal of iptables failed: "+message}); err != nil {
+ return err
+ }
+ success, message = ExecuteCmd("salt", in.NodeNames, "cmd.run", "\"ip
link delete cni0; ip link delete flannel.1\"")
+ if err := stream.Send(&pb.StatusReply{Success: true, Message: "Warning:
removal of network interfaces failed: "+message}); err != nil {
+ return err
+ }
+ ExecuteCmd("salt", in.NodeNames, "service.disable", "kubelet")
+ ExecuteCmd("salt", in.NodeNames, "service.stop", "kubelet")
+ ExecuteCmd("salt", in.NodeNames, "service.disable", "crio")
+ ExecuteCmd("salt", in.NodeNames, "service.stop", "crio")
+ return nil
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/kubeadm/upgradeKubernetes.go
new/kubic-control-0.4.0/pkg/kubeadm/upgradeKubernetes.go
--- old/kubic-control-0.2.1/pkg/kubeadm/upgradeKubernetes.go 2019-04-18
14:39:41.596935314 +0200
+++ new/kubic-control-0.4.0/pkg/kubeadm/upgradeKubernetes.go 2019-04-26
14:07:15.561798678 +0200
@@ -34,7 +34,7 @@
// Check if kuberadm and kubelet is new enough on all nodes
// salt '*' --out=yaml pkg.version kubernetes-kubeadm kubernetes-kubelet

- if err := stream.Send(&pb.StatusReply{Success: success, Message:
"Validate whether the cluster is upgradeable..."}); err != nil {
+ if err := stream.Send(&pb.StatusReply{Success: true, Message: "Validate
whether the cluster is upgradeable..."}); err != nil {
return err
}
success, message = ExecuteCmd("kubeadm", "upgrade", "plan",
kubernetes_version)
@@ -45,7 +45,7 @@
return nil
}

- if err := stream.Send(&pb.StatusReply{Success: success, Message:
"Upgrade the control plane..."}); err != nil {
+ if err := stream.Send(&pb.StatusReply{Success: true, Message: "Upgrade
the control plane..."}); err != nil {
return err
}
success, message = ExecuteCmd("kubeadm", "upgrade", "apply",
"v"+kubernetes_version, "--yes")
@@ -69,7 +69,7 @@

var failedNodes = ""
for i := range nodelist {
- if err := stream.Send(&pb.StatusReply{Success: success,
Message: "Upgrade "+nodelist[i]+"..."}); err != nil {
+ if err := stream.Send(&pb.StatusReply{Success: true, Message:
"Upgrade "+nodelist[i]+"..."}); err != nil {
return err
}
hostname, err := GetNodeName(nodelist[i])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/kubicctl/initMaster.go
new/kubic-control-0.4.0/pkg/kubicctl/initMaster.go
--- old/kubic-control-0.2.1/pkg/kubicctl/initMaster.go 2019-04-18
14:39:41.596935314 +0200
+++ new/kubic-control-0.4.0/pkg/kubicctl/initMaster.go 2019-04-26
14:07:15.561798678 +0200
@@ -38,7 +38,7 @@
Args: cobra.ExactArgs(0),
}

- subCmd.PersistentFlags().StringVar(&podNetwork, "pod-network",
podNetwork, "pod network should be used")
+ subCmd.PersistentFlags().StringVar(&podNetwork, "pod-network",
podNetwork, "pod network, valid values are 'flannel' or 'cilium'")

return subCmd
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/kubicctl/removeNode.go
new/kubic-control-0.4.0/pkg/kubicctl/removeNode.go
--- old/kubic-control-0.2.1/pkg/kubicctl/removeNode.go 2019-04-18
14:39:41.596935314 +0200
+++ new/kubic-control-0.4.0/pkg/kubicctl/removeNode.go 2019-04-26
14:07:15.561798678 +0200
@@ -18,8 +18,9 @@
"context"
"time"
"fmt"
+ "os"
+ "io"

- log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
pb "github.com/thkukuk/kubic-control/api"
)
@@ -46,7 +47,7 @@
}
defer conn.Close()

- c := pb.NewKubeadmClient(conn)
+ client := pb.NewKubeadmClient(conn)

// var deadlineMin = flag.Int("deadline_min", 10, "Default deadline in
minutes.")
// clientDeadline := time.Now().Add(time.Duration(*deadlineMin) *
time.Minute)
@@ -54,14 +55,32 @@
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
defer cancel()

- r, err := c.RemoveNode(ctx, &pb.RemoveNodeRequest{NodeNames: nodes})
+ stream, err := client.RemoveNode(ctx, &pb.RemoveNodeRequest{NodeNames:
nodes})
if err != nil {
- log.Errorf("could not initialize: %v", err)
+ fmt.Fprintf(os.Stderr, "could not initialize: %v", err)
return
}
- if r.Success {
- fmt.Printf("Node %s removed\n", nodes)
- } else {
- log.Errorf("Removing node %s failed: %s", nodes, r.Message)
- }
+
+ for {
+ r, err := stream.Recv()
+ if err == io.EOF {
+ break
+ }
+ if err != nil {
+ if r == nil {
+ fmt.Fprintf(os.Stderr, "Removing node %s
failed: %v\n", nodes, err)
+ } else {
+ fmt.Fprintf(os.Stderr, "Removing node %s
failed: %s\n%v\n", r.Message, err)
+ }
+ os.Exit(1)
+ }
+ if (r.Success != true) {
+ fmt.Fprintf(os.Stderr, "%s\n", r.Message)
+ os.Exit(1)
+ } else {
+ fmt.Printf("%s\n", r.Message)
+ }
+ }
+
+ fmt.Printf("Node %s removed\n", nodes)
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/kubicctl/root.go
new/kubic-control-0.4.0/pkg/kubicctl/root.go
--- old/kubic-control-0.2.1/pkg/kubicctl/root.go 2019-04-18
14:39:41.596935314 +0200
+++ new/kubic-control-0.4.0/pkg/kubicctl/root.go 2019-04-26
14:07:15.561798678 +0200
@@ -26,6 +26,7 @@
"github.com/spf13/cobra"
homedir "github.com/mitchellh/go-homedir"
"github.com/thkukuk/kubic-control/pkg/certificates"
+ "github.com/thkukuk/kubic-control/pkg/rbac"
)

const (
@@ -86,6 +87,7 @@
UpgradeKubernetesCmd(),
FetchKubeconfigCmd(),
certificates.CertificatesCmd(),
+ rbac.RBACCmd(),
)

var err error
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/rbac/addAccount.go
new/kubic-control-0.4.0/pkg/rbac/addAccount.go
--- old/kubic-control-0.2.1/pkg/rbac/addAccount.go 1970-01-01
01:00:00.000000000 +0100
+++ new/kubic-control-0.4.0/pkg/rbac/addAccount.go 2019-04-26
14:07:15.561798678 +0200
@@ -0,0 +1,77 @@
+// Copyright 2019 Thorsten Kukuk
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package rbac
+
+import (
+ "os"
+ "fmt"
+ "strings"
+
+ "github.com/spf13/cobra"
+ "gopkg.in/ini.v1"
+)
+
+func AddAccountCmd() *cobra.Command {
+ var subCmd = &cobra.Command {
+ Use: "add <role> <user>",
+ Short: "Add user account to a role",
+ Run: addAccount,
+ Args: cobra.ExactArgs(2),
+ }
+
+ return subCmd
+}
+
+func addAccount (cmd *cobra.Command, args []string) {
+ role := args[0]
+ user := args[1]
+ entry := ""
+
+ cfg, err := ini.LooseLoad("/usr/share/defaults/kubicd/rbac.conf",
"/etc/kubicd/rbac.conf")
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "Cannot load rbac.conf: %v\n", err)
+ os.Exit(1)
+ }
+
+ if !cfg.Section("").HasKey(role) {
+ fmt.Printf("Adding new role: '%s'\n", role)
+ } else {
+ entry = cfg.Section("").Key(role).String()
+ }
+ userList := strings.Split(entry, ",")
+ for i := range userList {
+ if user == strings.TrimSpace(userList[i]) {
+ fmt.Printf("User already part of '%s'\n", role)
+ return
+ }
+ }
+ if len(entry) > 0 {
+ entry = entry + "," + user
+ } else {
+ entry = user
+ }
+ wcfg, werr := ini.LooseLoad("/etc/kubicd/rbac.conf")
+ if werr != nil {
+ fmt.Fprintf(os.Stderr, "Cannot open /etc/kubicd/rbac.conf:
%v\n",
+ werr)
+ os.Exit(1)
+ }
+ wcfg.Section("").Key(role).SetValue(entry)
+ werr = wcfg.SaveTo("/etc/kubicd/rbac.conf")
+ if werr != nil {
+ fmt.Fprintf(os.Stderr, "Writing rbac.conf failed: %v\n", werr)
+ os.Exit (1)
+ }
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/rbac/listRoles.go
new/kubic-control-0.4.0/pkg/rbac/listRoles.go
--- old/kubic-control-0.2.1/pkg/rbac/listRoles.go 1970-01-01
01:00:00.000000000 +0100
+++ new/kubic-control-0.4.0/pkg/rbac/listRoles.go 2019-04-26
14:07:15.561798678 +0200
@@ -0,0 +1,48 @@
+// Copyright 2019 Thorsten Kukuk
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package rbac
+
+import (
+ "os"
+ "fmt"
+
+ "github.com/spf13/cobra"
+ "gopkg.in/ini.v1"
+)
+
+func ListRolesCmd() *cobra.Command {
+ var subCmd = &cobra.Command {
+ Use: "list",
+ Short: "List roles and accounts",
+ Run: listRoles,
+ Args: cobra.ExactArgs(0),
+ }
+
+ return subCmd
+}
+
+func listRoles (cmd *cobra.Command, args []string) {
+ cfg, err := ini.LooseLoad("/usr/share/defaults/kubicd/rbac.conf",
"/etc/kubicd/rbac.conf")
+ if err != nil {
+ fmt.Fprintf(os.Stderr, "Cannot load rbac.conf: %v\n", err)
+ os.Exit(1)
+ }
+
+ roleList := cfg.Section("").KeyStrings()
+ for i := range roleList {
+ entry := cfg.Section("").Key(roleList[i]).String()
+ fmt.Printf("%s: %s\n", roleList[i], entry)
+ }
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/kubic-control-0.2.1/pkg/rbac/rbac.go
new/kubic-control-0.4.0/pkg/rbac/rbac.go
--- old/kubic-control-0.2.1/pkg/rbac/rbac.go 1970-01-01 01:00:00.000000000
+0100
+++ new/kubic-control-0.4.0/pkg/rbac/rbac.go 2019-04-26 14:07:15.561798678
+0200
@@ -0,0 +1,34 @@
+// Copyright 2019 Thorsten Kukuk
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package rbac
+
+import (
+ "github.com/spf13/cobra"
+)
+
+func RBACCmd() *cobra.Command {
+ var subCmd = &cobra.Command {
+ Use: "rbac",
+ Short: "Manage RBAC rules",
+ }
+
+ subCmd.AddCommand(
+ AddAccountCmd(),
+// RemoveAccountCmd(),
+ ListRolesCmd(),
+ )
+
+ return subCmd
+}


< Previous Next >
This Thread