/
connect.go
119 lines (106 loc) · 3.01 KB
/
connect.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package beku
import (
"errors"
"fmt"
"strings"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
)
// Client k8s client
type client struct {
Host string
CAData []byte
CertData []byte
KeyData []byte
}
var defaultClient = new(client)
func getClientConfig() *client {
return defaultClient
}
func setClientConfig(host string, ca, cert, key []byte) error {
defaultClient.Host = host
if len(ca) <= 1 && len(cert) <= 1 && len(key) <= 1 {
return nil
}
defaultClient.CAData = ca
defaultClient.CertData = cert
defaultClient.KeyData = key
return nil
}
// GetKubeClient get Kubernetes apiServer
func GetKubeClient(isInCluster ...bool) (*kubernetes.Clientset, error) {
// Incluster call apiserver
if len(isInCluster) > 0 && isInCluster[0] {
restConf, err := rest.InClusterConfig()
if err != nil {
return nil, fmt.Errorf("get InClusterConfig err:%s", err.Error())
}
return kubernetes.NewForConfig(restConf)
}
config := getClientConfig()
if config.Host == "" {
return nil, errors.New("get kubernetes apiserver error,Because Host is empty,you can call function RegisterK8sClient() register")
}
if ViaTLS(config.CAData, config.CertData, config.KeyData) {
return getTLSKubeClient(config.Host, config.CAData, config.CertData, config.KeyData)
}
return getKubeClient(config.Host)
}
// ViaTLS verify Kubernetes apiServer cert
func ViaTLS(ca, cert, key []byte) bool {
return len(ca) > 1 && len(cert) > 1 && len(key) > 1
}
func getTLSKubeClient(host string, ca, cert, key []byte) (*kubernetes.Clientset, error) {
return kubernetes.NewForConfig(&rest.Config{
Host: host,
TLSClientConfig: rest.TLSClientConfig{
CAData: ca,
CertData: cert,
KeyData: key,
},
})
}
func getKubeClient(host string) (*kubernetes.Clientset, error) {
return kubernetes.NewForConfig(&rest.Config{
Host: host,
})
}
// RegisterK8sClient register k8s apiServer Client on Beku
// If the certificate is not required, ca,cert,key field is ""
func RegisterK8sClient(host, ca, cert, key string) error {
if strings.TrimSpace(host) == "" {
return errors.New("RegisterK8sClient failed,host is not allowed to be empty")
}
return setClientConfig(host, []byte(ca), []byte(cert), []byte(key))
}
// RegisterK8sClientBase64 register k8s apiServer Client on Beku
// use the function when ca,cert,key were base64 encode.
// the function will base64 decode ca,cert,key
// ca is certificate-authority-data
// cert is client-certificate-data
// key is client-key-data
func RegisterK8sClientBase64(host, ca, cert, key string) error {
if strings.TrimSpace(host) == "" {
return errors.New("RegisterK8sClient failed,host is not allowed to be empty")
}
var (
caByts, certByts, keyByts []byte
err error
)
if ca != "" && cert != "" && key != "" {
caByts, err = Base64Decode(ca)
if err != nil {
return err
}
certByts, err = Base64Decode(cert)
if err != nil {
return err
}
keyByts, err = Base64Decode(key)
if err != nil {
return err
}
}
setClientConfig(host, caByts, certByts, keyByts)
return nil
}