mirror of
https://github.com/rancher/k3k.git
synced 2026-05-16 22:36:44 +00:00
8457d3a20b
* Refactor server config secret Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * lint fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Refactor Agents configuration for virtual and shared mode Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * wsl Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fixes Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix typo Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * fix unit tests Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Remove go assert depednecny Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> --------- Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com>
96 lines
2.7 KiB
Go
96 lines
2.7 KiB
Go
package server
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"gopkg.in/yaml.v3"
|
|
"k8s.io/apimachinery/pkg/util/sets"
|
|
|
|
corev1 "k8s.io/api/core/v1"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
|
|
"github.com/rancher/k3k/pkg/apis/k3k.io/v1beta1"
|
|
"github.com/rancher/k3k/pkg/controller"
|
|
"github.com/rancher/k3k/pkg/controller/cluster/agent"
|
|
)
|
|
|
|
// serverConfig are few options from k3s server options that will
|
|
// construct the yaml config file for k3s server
|
|
type serverConfig struct {
|
|
ClusterCIDR string `yaml:"cluster-cidr,omitempty"`
|
|
ClusterDNS string `yaml:"cluster-dns,omitempty"`
|
|
ClusterInit bool `yaml:"cluster-init,omitempty"`
|
|
DisableAgent bool `yaml:"disable-agent,omitempty"`
|
|
Disable []string `yaml:"disable,omitempty"`
|
|
EgressSelectorMode string `yaml:"egress-selector-mode,omitempty"`
|
|
Server string `yaml:"server,omitempty"`
|
|
ServiceCIDR string `yaml:"service-cidr,omitempty"`
|
|
TLSSAN []string `yaml:"tls-san,omitempty"`
|
|
Token string `yaml:"token,omitempty"`
|
|
}
|
|
|
|
func (s *Server) Config(init bool, serviceIP string) (*corev1.Secret, error) {
|
|
name := configSecretName(s.cluster.Name, init)
|
|
|
|
serverConfig := buildServerConfig(s.cluster, init, serviceIP, s.token)
|
|
|
|
config, err := yaml.Marshal(serverConfig)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return &corev1.Secret{
|
|
TypeMeta: metav1.TypeMeta{
|
|
Kind: "Secret",
|
|
APIVersion: "v1",
|
|
},
|
|
ObjectMeta: metav1.ObjectMeta{
|
|
Name: name,
|
|
Namespace: s.cluster.Namespace,
|
|
},
|
|
Data: map[string][]byte{
|
|
"config.yaml": config,
|
|
},
|
|
}, nil
|
|
}
|
|
|
|
func buildServerConfig(cluster *v1beta1.Cluster, initServer bool, serviceIP, token string) serverConfig {
|
|
sans := sets.NewString(cluster.Spec.TLSSANs...)
|
|
sans.Insert(
|
|
serviceIP,
|
|
ServiceName(cluster.Name),
|
|
fmt.Sprintf("%s.%s", ServiceName(cluster.Name), cluster.Namespace),
|
|
)
|
|
|
|
cluster.Status.TLSSANs = sans.List()
|
|
|
|
serverConfig := serverConfig{
|
|
ClusterInit: true,
|
|
Token: token,
|
|
TLSSAN: cluster.Status.TLSSANs,
|
|
ServiceCIDR: cluster.Status.ServiceCIDR,
|
|
ClusterCIDR: cluster.Status.ClusterCIDR,
|
|
ClusterDNS: cluster.Spec.ClusterDNS,
|
|
}
|
|
|
|
if !initServer {
|
|
serverConfig.Server = "https://" + serviceIP
|
|
}
|
|
|
|
if cluster.Spec.Mode != agent.VirtualNodeMode {
|
|
serverConfig.DisableAgent = true
|
|
serverConfig.EgressSelectorMode = "disabled"
|
|
serverConfig.Disable = []string{"servicelb", "traefik", "metrics-server", "local-storage"}
|
|
}
|
|
|
|
return serverConfig
|
|
}
|
|
|
|
func configSecretName(clusterName string, init bool) string {
|
|
if !init {
|
|
return controller.SafeConcatNameWithPrefix(clusterName, configName)
|
|
}
|
|
|
|
return controller.SafeConcatNameWithPrefix(clusterName, initConfigName)
|
|
}
|