fix(platform): fix master scale issue (#919)

1. enable auth webhook
tkestack · Nov 18, 2020 · b6301d9 · b6301d9
1 parent ec82532
commit b6301d9
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 7 deletions.
diff --git a/pkg/platform/provider/baremetal/cluster/create.go b/pkg/platform/provider/baremetal/cluster/create.go
@@ -680,18 +680,14 @@ func (p *Provider) EnsureThirdPartyHAInit(ctx context.Context, c *v1.Cluster) er
 	return nil
 }
 func (p *Provider) EnsureAuthzWebhook(ctx context.Context, c *v1.Cluster) error {
-	// todo: a bug here that can't copy webhook related file from platform to node
-	// such as webhook.crt/webhook.key/tke-authz-webhook.yaml
-	if c.Status.Phase == platformv1.ClusterUpscaling {
-		return nil
-	}
 	machines := map[bool][]platformv1.ClusterMachine{
 		true:  c.Spec.ScalingMachines,
 		false: c.Spec.Machines}[len(c.Spec.ScalingMachines) > 0]
 	if !c.AuthzWebhookEnabled() {
 		return nil
 	}
 	isGlobalCluster := (c.Cluster.Name == "global")
+	isClusterUpscaling := (c.Status.Phase == platformv1.ClusterUpscaling)
 	for _, machine := range machines {
 		machineSSH, err := machine.SSH()
 		if err != nil {
@@ -705,7 +701,11 @@ func (p *Provider) EnsureAuthzWebhook(ctx context.Context, c *v1.Cluster) error
 				authzEndpoint = p.config.AuthzWebhook.Endpoint
 			}
 		}
-		option := authzwebhook.Option{AuthzWebhookEndpoint: authzEndpoint, IsGlobalCluster: isGlobalCluster}
+		option := authzwebhook.Option{
+			AuthzWebhookEndpoint: authzEndpoint,
+			IsGlobalCluster:      isGlobalCluster,
+			IsClusterUpscaling:   isClusterUpscaling,
+		}
 		err = authzwebhook.Install(machineSSH, &option)
 		if err != nil {
 			return errors.Wrap(err, machine.IP)

diff --git a/pkg/platform/provider/baremetal/phases/authzwebhook/authzwebhook.go b/pkg/platform/provider/baremetal/phases/authzwebhook/authzwebhook.go
@@ -57,6 +57,7 @@ contexts:
 type Option struct {
 	AuthzWebhookEndpoint string
 	IsGlobalCluster      bool
+	IsClusterUpscaling   bool
 }
 
 // WebhookCertAndKeyExist checks whether the certificate and private key exist,
@@ -74,7 +75,7 @@ func Install(s ssh.Interface, option *Option) error {
 	var webhookKeyName = constants.WebhookKeyName
 
 	basePath := constants.AppCertDir
-	if option.IsGlobalCluster {
+	if option.IsGlobalCluster && !option.IsClusterUpscaling {
 		basePath = installerconstants.DataDir
 	}
 	// For compatibility with old version clusters' webhook certificates and private keys.