From e982ac5b550dbbb8613d937f15bb9ece4482689b Mon Sep 17 00:00:00 2001 From: CJ Cullen Date: Mon, 20 Apr 2015 14:50:18 -0700 Subject: [PATCH] Change kube2sky to use token-system-dns secret, point at https endpoint (instead of kubernetes-ro service). --- cluster/addons/dns/kube2sky/kube2sky.go | 37 ++++++++++++++++--------- cluster/addons/dns/skydns-rc.yaml.in | 15 +++++++++- 2 files changed, 38 insertions(+), 14 deletions(-) diff --git a/cluster/addons/dns/kube2sky/kube2sky.go b/cluster/addons/dns/kube2sky/kube2sky.go index e8d9aeac82453..fb940136c56aa 100644 --- a/cluster/addons/dns/kube2sky/kube2sky.go +++ b/cluster/addons/dns/kube2sky/kube2sky.go @@ -29,6 +29,7 @@ import ( kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api" kclient "github.com/GoogleCloudPlatform/kubernetes/pkg/client" + kclientcmd "github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd" kfields "github.com/GoogleCloudPlatform/kubernetes/pkg/fields" klabels "github.com/GoogleCloudPlatform/kubernetes/pkg/labels" tools "github.com/GoogleCloudPlatform/kubernetes/pkg/tools" @@ -42,6 +43,7 @@ var ( etcd_mutation_timeout = flag.Duration("etcd_mutation_timeout", 10*time.Second, "crash after retrying etcd mutation for a specified duration") etcd_server = flag.String("etcd-server", "http://127.0.0.1:4001", "URL to etcd server") verbose = flag.Bool("verbose", false, "log extra information") + kubecfg_file = flag.String("kubecfg_file", "", "Location of kubecfg file for access to kubernetes service") ) func removeDNS(record string, etcdClient *etcd.Client) error { @@ -128,22 +130,31 @@ func newEtcdClient() (client *etcd.Client) { // TODO: evaluate using pkg/client/clientcmd func newKubeClient() (*kclient.Client, error) { - config := &kclient.Config{} - - masterHost := os.Getenv("KUBERNETES_RO_SERVICE_HOST") - if masterHost == "" { - log.Fatalf("KUBERNETES_RO_SERVICE_HOST is not defined") - } - masterPort := os.Getenv("KUBERNETES_RO_SERVICE_PORT") - if masterPort == "" { - log.Fatalf("KUBERNETES_RO_SERVICE_PORT is not defined") + var config *kclient.Config + if *kubecfg_file == "" { + // No kubecfg file provided. Use kubernetes_ro service. + masterHost := os.Getenv("KUBERNETES_RO_SERVICE_HOST") + if masterHost == "" { + log.Fatalf("KUBERNETES_RO_SERVICE_HOST is not defined") + } + masterPort := os.Getenv("KUBERNETES_RO_SERVICE_PORT") + if masterPort == "" { + log.Fatalf("KUBERNETES_RO_SERVICE_PORT is not defined") + } + config = &kclient.Config{ + Host: fmt.Sprintf("http://%s:%s", masterHost, masterPort), + Version: "v1beta1", + } + } else { + var err error + if config, err = kclientcmd.NewNonInteractiveDeferredLoadingClientConfig( + &kclientcmd.ClientConfigLoadingRules{ExplicitPath: *kubecfg_file}, + &kclientcmd.ConfigOverrides{}).ClientConfig(); err != nil { + return nil, err + } } - config.Host = fmt.Sprintf("http://%s:%s", masterHost, masterPort) log.Printf("Using %s for kubernetes master", config.Host) - - config.Version = "v1beta1" log.Printf("Using kubernetes API %s", config.Version) - return kclient.New(config) } diff --git a/cluster/addons/dns/skydns-rc.yaml.in b/cluster/addons/dns/skydns-rc.yaml.in index 048785f973857..7329ef3a3a23b 100644 --- a/cluster/addons/dns/skydns-rc.yaml.in +++ b/cluster/addons/dns/skydns-rc.yaml.in @@ -29,10 +29,15 @@ desiredState: "-advertise-client-urls=http://127.0.0.1:4001", ] - name: kube2sky - image: gcr.io/google_containers/kube2sky:1.1 + image: gcr.io/google_containers/kube2sky:1.2 + volumeMounts: + - name: dns-token + mountPath: /etc/dns_token + readOnly: true command: [ # entrypoint = "/kube2sky", "-domain={{ pillar['dns_domain'] }}", + "-kubecfg_file=/etc/dns_token/kubeconfig", ] - name: skydns image: gcr.io/google_containers/skydns:2015-03-11-001 @@ -46,3 +51,11 @@ desiredState: - name: dns containerPort: 53 protocol: UDP + volumes: + - name: dns-token + source: + secret: + target: + kind: Secret + namespace: default + name: token-system-dns \ No newline at end of file