forked from kubermatic/kubermatic
-
Notifications
You must be signed in to change notification settings - Fork 0
/
client.go
152 lines (125 loc) · 4.4 KB
/
client.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
/*
Copyright 2020 The Kubermatic Kubernetes Platform contributors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package client
import (
"context"
"fmt"
kubermaticv1 "github.com/kubermatic/kubermatic/api/pkg/crd/kubermatic/v1"
"github.com/kubermatic/kubermatic/api/pkg/resources"
"github.com/kubermatic/kubermatic/api/pkg/util/restmapper"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/types"
restclient "k8s.io/client-go/rest"
"k8s.io/client-go/tools/clientcmd"
ctrlruntimeclient "sigs.k8s.io/controller-runtime/pkg/client"
)
// NewInternal returns a new instance of the client connection provider that
// only works from within the seed cluster but has the advantage that it doesn't leave
// the seed clusters network
func NewInternal(seedClient ctrlruntimeclient.Client) (*Provider, error) {
return &Provider{
seedClient: seedClient,
useExternalAddress: false,
restMapperCache: restmapper.New(),
}, nil
}
// NewExternal returns a new instance of the client connection provider
// that uses the external cluster address and hence works from everywhere.
// Use NewInternal if possible
func NewExternal(seedClient ctrlruntimeclient.Client) (*Provider, error) {
return &Provider{
seedClient: seedClient,
useExternalAddress: true,
restMapperCache: restmapper.New(),
}, nil
}
type Provider struct {
seedClient ctrlruntimeclient.Client
useExternalAddress bool
// We keep the existing cluster mappings to avoid the discovery on each call to the API server
restMapperCache *restmapper.Cache
}
// GetAdminKubeconfig returns the admin kubeconfig for the given cluster. For internal use
// by ourselves only.
func (p *Provider) GetAdminKubeconfig(c *kubermaticv1.Cluster) ([]byte, error) {
s := &corev1.Secret{}
if err := p.seedClient.Get(context.Background(), types.NamespacedName{Namespace: c.Status.NamespaceName, Name: resources.InternalUserClusterAdminKubeconfigSecretName}, s); err != nil {
return nil, err
}
d := s.Data[resources.KubeconfigSecretKey]
if len(d) == 0 {
return nil, fmt.Errorf("no kubeconfig found")
}
if p.useExternalAddress {
return setExternalAddress(c, d)
}
return d, nil
}
func setExternalAddress(c *kubermaticv1.Cluster, config []byte) ([]byte, error) {
cfg, err := clientcmd.Load(config)
if err != nil {
return nil, fmt.Errorf("failed to load kubeconfig: %v", err)
}
for _, cluster := range cfg.Clusters {
cluster.Server = c.Address.URL
}
data, err := clientcmd.Write(*cfg)
if err != nil {
return nil, fmt.Errorf("failed to marshal kubeconfig: %v", err)
}
return data, nil
}
// ConfigOption defines a function that applies additional configuration to restclient.Config in a generic way.
type ConfigOption func(*restclient.Config) *restclient.Config
// GetClientConfig returns the client config used for initiating a connection for the given cluster
func (p *Provider) GetClientConfig(c *kubermaticv1.Cluster, options ...ConfigOption) (*restclient.Config, error) {
b, err := p.GetAdminKubeconfig(c)
if err != nil {
return nil, err
}
cfg, err := clientcmd.Load(b)
if err != nil {
return nil, err
}
if p.useExternalAddress {
for _, cluster := range cfg.Clusters {
cluster.Server = c.Address.URL
}
}
iconfig := clientcmd.NewNonInteractiveClientConfig(
*cfg,
resources.KubeconfigDefaultContextKey,
&clientcmd.ConfigOverrides{},
nil,
)
clientConfig, err := iconfig.ClientConfig()
if err != nil {
return nil, err
}
// Avoid blocking of the controller by increasing the QPS for user cluster interaction
clientConfig.QPS = 20
clientConfig.Burst = 50
// apply all options
for _, opt := range options {
clientConfig = opt(clientConfig)
}
return clientConfig, err
}
// GetClient returns a dynamic client
func (p *Provider) GetClient(c *kubermaticv1.Cluster, options ...ConfigOption) (ctrlruntimeclient.Client, error) {
config, err := p.GetClientConfig(c, options...)
if err != nil {
return nil, err
}
return p.restMapperCache.Client(config)
}