Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change kube2sky to use token-system-dns secret, point at https endpoint ... #7154

Merged
merged 1 commit into from
Apr 22, 2015
+38 −14
Merged

Change kube2sky to use token-system-dns secret, point at https endpoint ... #7154

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 24 additions & 13 deletions cluster/addons/dns/kube2sky/kube2sky.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ import (

kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api"
kclient "github.com/GoogleCloudPlatform/kubernetes/pkg/client"
kclientcmd "github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd"
kfields "github.com/GoogleCloudPlatform/kubernetes/pkg/fields"
klabels "github.com/GoogleCloudPlatform/kubernetes/pkg/labels"
tools "github.com/GoogleCloudPlatform/kubernetes/pkg/tools"
Expand All @@ -42,6 +43,7 @@ var (
etcd_mutation_timeout = flag.Duration("etcd_mutation_timeout", 10*time.Second, "crash after retrying etcd mutation for a specified duration")
etcd_server = flag.String("etcd-server", "http://127.0.0.1:4001", "URL to etcd server")
verbose = flag.Bool("verbose", false, "log extra information")
kubecfg_file = flag.String("kubecfg_file", "", "Location of kubecfg file for access to kubernetes service")
)

func removeDNS(record string, etcdClient *etcd.Client) error {
Expand Down Expand Up @@ -128,22 +130,31 @@ func newEtcdClient() (client *etcd.Client) {

// TODO: evaluate using pkg/client/clientcmd
func newKubeClient() (*kclient.Client, error) {
config := &kclient.Config{}

masterHost := os.Getenv("KUBERNETES_RO_SERVICE_HOST")
if masterHost == "" {
log.Fatalf("KUBERNETES_RO_SERVICE_HOST is not defined")
}
masterPort := os.Getenv("KUBERNETES_RO_SERVICE_PORT")
if masterPort == "" {
log.Fatalf("KUBERNETES_RO_SERVICE_PORT is not defined")
var config *kclient.Config
if *kubecfg_file == "" {
// No kubecfg file provided. Use kubernetes_ro service.
masterHost := os.Getenv("KUBERNETES_RO_SERVICE_HOST")
if masterHost == "" {
log.Fatalf("KUBERNETES_RO_SERVICE_HOST is not defined")
}
masterPort := os.Getenv("KUBERNETES_RO_SERVICE_PORT")
if masterPort == "" {
log.Fatalf("KUBERNETES_RO_SERVICE_PORT is not defined")
}
config = &kclient.Config{
Host: fmt.Sprintf("http://%s:%s", masterHost, masterPort),
Version: "v1beta1",
}
} else {
var err error
if config, err = kclientcmd.NewNonInteractiveDeferredLoadingClientConfig(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will this use the v1beta3 API?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changing to v1beta3 required other changes. I'd rather see that go in a different PR.

&kclientcmd.ClientConfigLoadingRules{ExplicitPath: *kubecfg_file},
&kclientcmd.ConfigOverrides{}).ClientConfig(); err != nil {
return nil, err
}
}
config.Host = fmt.Sprintf("http://%s:%s", masterHost, masterPort)
log.Printf("Using %s for kubernetes master", config.Host)

config.Version = "v1beta1"
log.Printf("Using kubernetes API %s", config.Version)

return kclient.New(config)
}

Expand Down
15 changes: 14 additions & 1 deletion cluster/addons/dns/skydns-rc.yaml.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,10 +29,15 @@ desiredState:
"-advertise-client-urls=http://127.0.0.1:4001",
]
- name: kube2sky
image: gcr.io/google_containers/kube2sky:1.1
image: gcr.io/google_containers/kube2sky:1.2
volumeMounts:
- name: dns-token
mountPath: /etc/dns_token
readOnly: true
command: [
# entrypoint = "/kube2sky",
"-domain={{ pillar['dns_domain'] }}",
"-kubecfg_file=/etc/dns_token/kubeconfig",
]
- name: skydns
image: gcr.io/google_containers/skydns:2015-03-11-001
Expand All @@ -46,3 +51,11 @@ desiredState:
- name: dns
containerPort: 53
protocol: UDP
volumes:
- name: dns-token
source:
secret:
target:
kind: Secret
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pmorie have we fixed or disproved the Secret idempotency problem?

namespace: default
name: token-system-dns