packages/eggo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!15 upgrage to v0.9.4-1

Browse Source 
From: @zh_xiaoyu
Reviewed-by: @duguhaotian,@duguhaotian
Signed-off-by: @duguhaotian
This commit is contained in:
openeuler-ci-bot 2021-10-12 07:37:39 +00:00 committed by Gitee
commit d007f9a1e4
10 changed files with 8 additions and 1164 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

214
0001-remove-residual-objects.patch
View File

@ -1,214 +0,0 @@
From 989d35593ad625cafa6ce60a1dc57c8bd2a917c8 Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Thu, 2 Sep 2021 03:02:35 +0100
Subject: [PATCH 1/2] remove residual objects
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
pkg/clusterdeployment/binary/binary.go | 30 +++++++++++++++++++
.../binary/controlplane/controlplane.go | 2 +-
.../binary/infrastructure/infrastructure.go | 11 ++++++-
pkg/clusterdeployment/clusterdeploy.go | 1 +
pkg/clusterdeployment/runtime/runtime.go | 4 +--
pkg/constants/constants.go | 5 ++--
pkg/utils/runner/runner.go | 15 +++++++---
7 files changed, 58 insertions(+), 10 deletions(-)
diff --git a/pkg/clusterdeployment/binary/binary.go b/pkg/clusterdeployment/binary/binary.go
index 246f547..4596047 100644
--- a/pkg/clusterdeployment/binary/binary.go
+++ b/pkg/clusterdeployment/binary/binary.go
@@ -444,11 +444,37 @@ func (bcp *BinaryClusterDeployment) PreDeleteClusterHooks() {
}
}
+func clearResiduals(nodes []*api.HostConfig, confDir string) error {
+ if len(nodes) == 0 {
+ return nil
+ }
+
+ var strNodes []string
+ for _, n := range nodes {
+ strNodes = append(strNodes, n.Address)
+ }
+
+ shell := fmt.Sprintf("#!/bin/bash\nrm -rf %s\nexit 0", confDir)
+
+ checker := task.NewTaskIgnoreErrInstance(
+ &commontools.RunShellTask{
+ ShellName: "checkMaster",
+ Shell: shell,
+ },
+ )
+
+ return nodemanager.RunTaskOnNodes(checker, strNodes)
+}
+
func (bcp *BinaryClusterDeployment) PostDeleteClusterHooks() {
role := []uint16{api.Worker, api.Master, api.ETCD, api.LoadBalance}
if err := dependency.HookSchedule(bcp.config, bcp.config.Nodes, role, api.SchedulePostCleanup); err != nil {
logrus.Warnf("Ignore: Delete cluster PostHook failed: %v", err)
}
+ // clear all residual objects
+ if err := clearResiduals(bcp.config.Nodes, bcp.config.GetConfigDir()); err != nil {
+ logrus.Warnf("Ignore: Delete cluster PostHook failed: %v", err)
+ }
}
func (bcp *BinaryClusterDeployment) PreNodeJoinHooks(node *api.HostConfig) error {
@@ -562,4 +588,8 @@ func (bcp *BinaryClusterDeployment) PostNodeCleanupHooks(node *api.HostConfig) {
if err := dependency.HookSchedule(bcp.config, []*api.HostConfig{node}, role, api.SchedulePostCleanup); err != nil {
logrus.Warnf("Ignore: Delete Node PostHook failed: %v", err)
}
+
+ if err := clearResiduals([]*api.HostConfig{node}, bcp.config.GetConfigDir()); err != nil {
+ logrus.Warnf("Ignore: Delete cluster PostHook failed: %v", err)
+ }
}
diff --git a/pkg/clusterdeployment/binary/controlplane/controlplane.go b/pkg/clusterdeployment/binary/controlplane/controlplane.go
index 38e138f..5e6a8a0 100644
--- a/pkg/clusterdeployment/binary/controlplane/controlplane.go
+++ b/pkg/clusterdeployment/binary/controlplane/controlplane.go
@@ -636,7 +636,7 @@ func (ct *PostControlPlaneTask) bootstrapClusterRoleBinding(r runner.Runner) err
}
func (ct *PostControlPlaneTask) kubeletServerCRB(r runner.Runner) error {
- if !ct.cluster.WorkerConfig.KubeletConf.EnableServer {
+ if ct.cluster.WorkerConfig.KubeletConf == nil || !ct.cluster.WorkerConfig.KubeletConf.EnableServer {
return nil
}
diff --git a/pkg/clusterdeployment/binary/infrastructure/infrastructure.go b/pkg/clusterdeployment/binary/infrastructure/infrastructure.go
index 5a489dc..71ad610 100644
--- a/pkg/clusterdeployment/binary/infrastructure/infrastructure.go
+++ b/pkg/clusterdeployment/binary/infrastructure/infrastructure.go
@@ -27,6 +27,7 @@ import (
"isula.org/eggo/pkg/api"
"isula.org/eggo/pkg/clusterdeployment/binary/cleanupcluster"
+ "isula.org/eggo/pkg/constants"
"isula.org/eggo/pkg/utils"
"isula.org/eggo/pkg/utils/dependency"
"isula.org/eggo/pkg/utils/nodemanager"
@@ -319,6 +320,13 @@ func (it *DestroyInfraTask) Name() string {
return "DestroyInfraTask"
}
+func getCopyDefaultDir(user string) string {
+ if user == "root" {
+ return constants.DefaultRootCopyTempDirHome
+ }
+ return fmt.Sprintf(constants.DefaultUserCopyTempHomeFormat, user)
+}
+
func (it *DestroyInfraTask) Run(r runner.Runner, hcg *api.HostConfig) error {
if hcg == nil {
return fmt.Errorf("empty host config")
@@ -339,7 +347,8 @@ func (it *DestroyInfraTask) Run(r runner.Runner, hcg *api.HostConfig) error {
logrus.Errorf("path %s not in White List and cannot remove", dstDir)
return nil
}
- if _, err := r.RunCommand(fmt.Sprintf("sudo -E /bin/sh -c \"rm -rf %s\"", dstDir)); err != nil {
+ copyTempDir := getCopyDefaultDir(hcg.UserName)
+ if _, err := r.RunCommand(fmt.Sprintf("sudo -E /bin/sh -c \"rm -rf %s %s\"", dstDir, copyTempDir)); err != nil {
return fmt.Errorf("rm dependency failed: %v", err)
}
diff --git a/pkg/clusterdeployment/clusterdeploy.go b/pkg/clusterdeployment/clusterdeploy.go
index ee57ec3..f31ac42 100644
--- a/pkg/clusterdeployment/clusterdeploy.go
+++ b/pkg/clusterdeployment/clusterdeploy.go
@@ -216,6 +216,7 @@ func rollbackFailedNoeds(handler api.ClusterDeploymentAPI, nodes []*api.HostConf
for _, n := range nodes {
// do best to cleanup, if error, just ignore
handler.ClusterNodeCleanup(n, n.Type)
+ handler.PostNodeCleanupHooks(n)
handler.MachineInfraDestroy(n)
rollIDs = append(rollIDs, n.Address)
}
diff --git a/pkg/clusterdeployment/runtime/runtime.go b/pkg/clusterdeployment/runtime/runtime.go
index 29fab7d..2e352b6 100644
--- a/pkg/clusterdeployment/runtime/runtime.go
+++ b/pkg/clusterdeployment/runtime/runtime.go
@@ -199,9 +199,9 @@ func (ct *DeployRuntimeTask) Run(r runner.Runner, hcg *api.HostConfig) error {
}
// start service
- if _, err := r.RunCommand(fmt.Sprintf("sudo -E /bin/sh -c \"systemctl daemon-reload && systemctl restart %s\"",
+ if output, err := r.RunCommand(fmt.Sprintf("sudo -E /bin/sh -c \"systemctl daemon-reload && systemctl restart %s\"",
ct.runtime.GetRuntimeService())); err != nil {
- logrus.Errorf("start %s failed: %v", ct.runtime.GetRuntimeService(), err)
+ logrus.Errorf("start %s failed: %v\nout: %s", ct.runtime.GetRuntimeService(), err, output)
return err
}
diff --git a/pkg/constants/constants.go b/pkg/constants/constants.go
index 0935c36..ee02e24 100644
--- a/pkg/constants/constants.go
+++ b/pkg/constants/constants.go
@@ -21,8 +21,9 @@ const (
DefaultImagePath = "/image"
// user home dir formats
- UserHomeFormat = "/home/%s"
- DefaultUserCopyTempDirFormat = "/home/%s/.eggo/temp"
+ UserHomeFormat = "/home/%s"
+ DefaultUserCopyTempHomeFormat = "/home/%s/.eggo"
+ DefaultRootCopyTempDirHome = "/root/.eggo"
// network plugin arguments key
NetworkPluginArgKeyYamlPath = "NetworkYamlPath"
diff --git a/pkg/utils/runner/runner.go b/pkg/utils/runner/runner.go
index 7436f63..3b15a08 100644
--- a/pkg/utils/runner/runner.go
+++ b/pkg/utils/runner/runner.go
@@ -164,7 +164,7 @@ func (ssh *SSHRunner) Reconnect() error {
func clearUserTempDir(conn ssh.Connection, host *kkv1alpha1.HostCfg) {
tmpShell := "/tmp/" + RunnerShellPrefix + "*"
// scp to tmp file
- dir := fmt.Sprintf(constants.DefaultUserCopyTempDirFormat, host.User)
+ dir := getCopyDefaultDir(host.User)
_, err := conn.Exec(fmt.Sprintf("sudo -E /bin/sh -c \"rm -rf %s; rm -rf %s\"", dir, tmpShell), host)
if err != nil {
logrus.Warnf("[%s] remove temp dir: %s failed: %v", host.Name, dir, err)
@@ -175,7 +175,7 @@ func clearUserTempDir(conn ssh.Connection, host *kkv1alpha1.HostCfg) {
func prepareUserTempDir(conn ssh.Connection, host *kkv1alpha1.HostCfg) error {
// scp to tmp file
- dir := fmt.Sprintf(constants.DefaultUserCopyTempDirFormat, host.User)
+ dir := getCopyDefaultDir(host.User)
var sb strings.Builder
sb.WriteString("sudo -E /bin/sh -c \"")
sb.WriteString(fmt.Sprintf("mkdir -p %s", dir))
@@ -190,11 +190,18 @@ func prepareUserTempDir(conn ssh.Connection, host *kkv1alpha1.HostCfg) error {
return nil
}
+func getCopyDefaultDir(user string) string {
+ if user == "root" {
+ return constants.DefaultRootCopyTempDirHome + "/temp"
+ }
+ return fmt.Sprintf(constants.DefaultUserCopyTempHomeFormat, user) + "/temp"
+}
+
func (ssh *SSHRunner) copyFile(src, dst string) error {
if ssh.Conn == nil {
return fmt.Errorf("[%s] SSH runner is not connected", ssh.Host.Name)
}
- tempDir := fmt.Sprintf(constants.DefaultUserCopyTempDirFormat, ssh.Host.User)
+ tempDir := getCopyDefaultDir(ssh.Host.User)
// scp to tmp file
tempCpyFile := filepath.Join(tempDir, filepath.Base(src))
err := ssh.Conn.Scp(src, tempCpyFile)
@@ -240,7 +247,7 @@ func (ssh *SSHRunner) copyDir(srcDir, dstDir string) error {
logrus.Errorf("[%s] create cert tmp tar failed: %v", ssh.Host.Name, err)
return err
}
- tmpCpyDir := fmt.Sprintf(constants.DefaultUserCopyTempDirFormat, ssh.Host.User)
+ tmpCpyDir := getCopyDefaultDir(ssh.Host.User)
tmpPkiFile := filepath.Join(tmpCpyDir, "pkg.tar")
// scp to user home directory
err = ssh.Copy(tmpPkgFile, tmpPkiFile)
--
2.25.1

115
0002-remove-residual-in-infrastruce.patch
View File

@ -1,115 +0,0 @@
From 782855308cd9f817c6525617a2a45e9aea4859f5 Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Sat, 4 Sep 2021 09:54:50 +0100
Subject: [PATCH 2/2] remove residual in infrastruce
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
pkg/clusterdeployment/binary/binary.go | 30 -------------------
.../binary/infrastructure/infrastructure.go | 12 ++++----
pkg/clusterdeployment/clusterdeploy.go | 1 -
3 files changed, 7 insertions(+), 36 deletions(-)
diff --git a/pkg/clusterdeployment/binary/binary.go b/pkg/clusterdeployment/binary/binary.go
index 4596047..246f547 100644
--- a/pkg/clusterdeployment/binary/binary.go
+++ b/pkg/clusterdeployment/binary/binary.go
@@ -444,37 +444,11 @@ func (bcp *BinaryClusterDeployment) PreDeleteClusterHooks() {
}
}
-func clearResiduals(nodes []*api.HostConfig, confDir string) error {
- if len(nodes) == 0 {
- return nil
- }
-
- var strNodes []string
- for _, n := range nodes {
- strNodes = append(strNodes, n.Address)
- }
-
- shell := fmt.Sprintf("#!/bin/bash\nrm -rf %s\nexit 0", confDir)
-
- checker := task.NewTaskIgnoreErrInstance(
- &commontools.RunShellTask{
- ShellName: "checkMaster",
- Shell: shell,
- },
- )
-
- return nodemanager.RunTaskOnNodes(checker, strNodes)
-}
-
func (bcp *BinaryClusterDeployment) PostDeleteClusterHooks() {
role := []uint16{api.Worker, api.Master, api.ETCD, api.LoadBalance}
if err := dependency.HookSchedule(bcp.config, bcp.config.Nodes, role, api.SchedulePostCleanup); err != nil {
logrus.Warnf("Ignore: Delete cluster PostHook failed: %v", err)
}
- // clear all residual objects
- if err := clearResiduals(bcp.config.Nodes, bcp.config.GetConfigDir()); err != nil {
- logrus.Warnf("Ignore: Delete cluster PostHook failed: %v", err)
- }
}
func (bcp *BinaryClusterDeployment) PreNodeJoinHooks(node *api.HostConfig) error {
@@ -588,8 +562,4 @@ func (bcp *BinaryClusterDeployment) PostNodeCleanupHooks(node *api.HostConfig) {
if err := dependency.HookSchedule(bcp.config, []*api.HostConfig{node}, role, api.SchedulePostCleanup); err != nil {
logrus.Warnf("Ignore: Delete Node PostHook failed: %v", err)
}
-
- if err := clearResiduals([]*api.HostConfig{node}, bcp.config.GetConfigDir()); err != nil {
- logrus.Warnf("Ignore: Delete cluster PostHook failed: %v", err)
- }
}
diff --git a/pkg/clusterdeployment/binary/infrastructure/infrastructure.go b/pkg/clusterdeployment/binary/infrastructure/infrastructure.go
index 71ad610..634e338 100644
--- a/pkg/clusterdeployment/binary/infrastructure/infrastructure.go
+++ b/pkg/clusterdeployment/binary/infrastructure/infrastructure.go
@@ -312,8 +312,9 @@ func NodeInfrastructureSetup(config *api.ClusterConfig, nodeID string, role uint
}
type DestroyInfraTask struct {
- packageSrc *api.PackageSrcConfig
- roleInfra *api.RoleInfra
+ packageSrc *api.PackageSrcConfig
+ roleInfra *api.RoleInfra
+ k8sConfigDir string
}
func (it *DestroyInfraTask) Name() string {
@@ -348,7 +349,7 @@ func (it *DestroyInfraTask) Run(r runner.Runner, hcg *api.HostConfig) error {
return nil
}
copyTempDir := getCopyDefaultDir(hcg.UserName)
- if _, err := r.RunCommand(fmt.Sprintf("sudo -E /bin/sh -c \"rm -rf %s %s\"", dstDir, copyTempDir)); err != nil {
+ if _, err := r.RunCommand(fmt.Sprintf("sudo -E /bin/sh -c \"rm -rf %s %s %s\"", dstDir, copyTempDir, it.k8sConfigDir)); err != nil {
return fmt.Errorf("rm dependency failed: %v", err)
}
@@ -429,8 +430,9 @@ func NodeInfrastructureDestroy(config *api.ClusterConfig, hostconfig *api.HostCo
itask := task.NewTaskIgnoreErrInstance(
&DestroyInfraTask{
- packageSrc: &config.PackageSrc,
- roleInfra: roleInfra,
+ packageSrc: &config.PackageSrc,
+ roleInfra: roleInfra,
+ k8sConfigDir: config.GetConfigDir(),
})
if err := nodemanager.RunTaskOnNodes(itask, []string{hostconfig.Address}); err != nil {
diff --git a/pkg/clusterdeployment/clusterdeploy.go b/pkg/clusterdeployment/clusterdeploy.go
index f31ac42..ee57ec3 100644
--- a/pkg/clusterdeployment/clusterdeploy.go
+++ b/pkg/clusterdeployment/clusterdeploy.go
@@ -216,7 +216,6 @@ func rollbackFailedNoeds(handler api.ClusterDeploymentAPI, nodes []*api.HostConf
for _, n := range nodes {
// do best to cleanup, if error, just ignore
handler.ClusterNodeCleanup(n, n.Type)
- handler.PostNodeCleanupHooks(n)
handler.MachineInfraDestroy(n)
rollIDs = append(rollIDs, n.Address)
}
--
2.25.1

52
0003-eggo-static-compile.patch
View File

@ -1,52 +0,0 @@
From 2471b2b91c1e0581c386cf63a8db7e95a039ba8b Mon Sep 17 00:00:00 2001
From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
Date: Tue, 7 Sep 2021 16:36:44 +0800
Subject: [PATCH] eggo static compile
Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
---
Makefile | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/Makefile b/Makefile
index e1cb535..9722c0c 100644
--- a/Makefile
+++ b/Makefile
@@ -9,26 +9,30 @@ LDFLAGS := -X isula.org/eggo/cmd.Version=$(VERSION) \
-X isula.org/eggo/cmd.BuildTime=$(SOURCE_DATE_EPOCH) \
-X isula.org/eggo/cmd.Arch=$(ARCH) \
$(EXTRALDFLAGS)
+STATIC_LDFLAGS := -extldflags=-static -linkmode=external
SAFEBUILDFLAGS := -buildmode=pie -extldflags=-ftrapv -extldflags=-zrelro -extldflags=-znow -tmpdir=/tmp/xxeggo $(LDFLAGS)
+GO := go
+GO_BUILD := CGO_ENABLED=0 $(GO)
+
.PHONY: eggo
eggo:
@echo "build eggo starting..."
- @go build -ldflags '$(LDFLAGS)' -o bin/eggo .
+ @$(GO_BUILD) build -ldflags '$(LDFLAGS) $(STATIC_LDFLAGS)' -o bin/eggo .
@echo "build eggo done!"
local:
@echo "build eggo use vendor starting..."
- @go build -ldflags '$(LDFLAGS)' -mod vendor -o bin/eggo .
+ @$(GO_BUILD) build -ldflags '$(LDFLAGS) $(STATIC_LDFLAGS)' -mod vendor -o bin/eggo .
@echo "build eggo use vendor done!"
test:
@echo "Unit tests starting..."
- @go test -race -cover -count=1 -timeout=300s ./...
+ @$(GO) test -race -cover -count=1 -timeout=300s ./...
@echo "Units test done!"
.PHONY: safe
safe:
@echo "build safe eggo starting..."
- go build -ldflags '$(SAFEBUILDFLAGS)' -o bin/eggo .
+ $(GO_BUILD) build -ldflags '$(SAFEBUILDFLAGS) $(STATIC_LDFLAGS)' -o bin/eggo .
@echo "build safe eggo done!"
images: image-eggo
--
2.25.1

203
0004-use-local-cert-replace-openssl.patch
View File

@ -1,203 +0,0 @@
From 5a443177a9c70296d9a3e57b2336e33ba72c6657 Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Wed, 8 Sep 2021 04:21:32 +0100
Subject: [PATCH 1/4] use local cert replace openssl
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
cmd/checker.go | 10 ++++++++++
cmd/checker_test.go | 9 +++++++++
.../binary/controlplane/controlplane.go | 2 +-
.../binary/etcdcluster/etcdcerts.go | 8 ++++----
.../binary/etcdcluster/etcdcluster.go | 2 +-
.../binary/etcdcluster/etcdcluster_test.go | 2 +-
pkg/utils/certs/certs_test.go | 12 ++++++------
pkg/utils/runner/runner.go | 4 ++--
8 files changed, 34 insertions(+), 15 deletions(-)
diff --git a/cmd/checker.go b/cmd/checker.go
index a924629..4530f2b 100644
--- a/cmd/checker.go
+++ b/cmd/checker.go
@@ -24,6 +24,7 @@ import (
"time"
"isula.org/eggo/pkg/api"
+ "isula.org/eggo/pkg/utils"
"isula.org/eggo/pkg/utils/endpoint"
chain "isula.org/eggo/pkg/utils/responsibilitychain"
"k8s.io/apimachinery/pkg/util/validation"
@@ -388,6 +389,15 @@ func (ccr *InstallConfigResponsibility) Execute() error {
if !filepath.IsAbs(path) {
return fmt.Errorf("srcpackage %s path: %s must be absolute", arch, path)
}
+ if _, ok := ccr.arch[arch]; ok {
+ exist, err := utils.CheckPathExist(path)
+ if err != nil {
+ return err
+ }
+ if !exist {
+ return fmt.Errorf("have arch: %s node, but src package: %s is not exist", arch, path)
+ }
+ }
}
if len(ccr.conf.PackageSrc.SrcPath) != 0 {
diff --git a/cmd/checker_test.go b/cmd/checker_test.go
index fefe0e6..1fee45a 100644
--- a/cmd/checker_test.go
+++ b/cmd/checker_test.go
@@ -44,6 +44,15 @@ func TestRunChecker(t *testing.T) {
t.Fatalf("load deploy config file failed: %v", err)
}
+ if err = RunChecker(conf); err == nil {
+ t.Fatalf("test invalid cluster config failed: %v", err)
+ }
+
+ for _, fn := range conf.InstallConfig.PackageSrc.SrcPath {
+ os.MkdirAll(fn, 0755)
+ defer os.RemoveAll(fn)
+ }
+
// test check success
if err = RunChecker(conf); err != nil {
t.Fatalf("test checker success failed: %v", err)
diff --git a/pkg/clusterdeployment/binary/controlplane/controlplane.go b/pkg/clusterdeployment/binary/controlplane/controlplane.go
index 5e6a8a0..2296c57 100644
--- a/pkg/clusterdeployment/binary/controlplane/controlplane.go
+++ b/pkg/clusterdeployment/binary/controlplane/controlplane.go
@@ -285,7 +285,7 @@ func generateCerts(savePath string, cg certs.CertGenerator, ccfg *api.ClusterCon
}
func prepareCAs(lcg certs.CertGenerator, savePath string) error {
- if _, err := lcg.RunCommand(fmt.Sprintf("sudo mkdir -p -m 0700 %s", savePath)); err != nil {
+ if _, err := lcg.RunCommand(fmt.Sprintf("mkdir -p -m 0700 %s", savePath)); err != nil {
logrus.Errorf("prepare certificates store path failed: %v", err)
return err
}
diff --git a/pkg/clusterdeployment/binary/etcdcluster/etcdcerts.go b/pkg/clusterdeployment/binary/etcdcluster/etcdcerts.go
index 1262e99..00f6116 100644
--- a/pkg/clusterdeployment/binary/etcdcluster/etcdcerts.go
+++ b/pkg/clusterdeployment/binary/etcdcluster/etcdcerts.go
@@ -89,21 +89,21 @@ func generateEtcdCerts(r runner.Runner, ccfg *api.ClusterConfig, hostConfig *api
}
// see: https://kubernetes.io/docs/setup/best-practices/certificates/
-func generateCaAndApiserverEtcdCerts(r runner.Runner, ccfg *api.ClusterConfig) error {
+func generateCaAndApiserverEtcdCerts(ccfg *api.ClusterConfig) error {
savePath := api.GetCertificateStorePath(ccfg.Name)
etcdCertsPath := filepath.Join(savePath, "etcd")
- cg := certs.NewOpensshBinCertGenerator(r)
+ lcg := certs.NewLocalCertGenerator()
// generate etcd root ca
caConfig := &certs.CertConfig{
CommonName: "etcd-ca",
}
- if err := cg.CreateCA(caConfig, etcdCertsPath, "ca"); err != nil {
+ if err := lcg.CreateCA(caConfig, etcdCertsPath, "ca"); err != nil {
return err
}
// generate apiserver-etcd-client certificates
- if err := genApiserverEtcdClientCerts(savePath, cg, ccfg); err != nil {
+ if err := genApiserverEtcdClientCerts(savePath, lcg, ccfg); err != nil {
return err
}
diff --git a/pkg/clusterdeployment/binary/etcdcluster/etcdcluster.go b/pkg/clusterdeployment/binary/etcdcluster/etcdcluster.go
index 88db696..5444e77 100644
--- a/pkg/clusterdeployment/binary/etcdcluster/etcdcluster.go
+++ b/pkg/clusterdeployment/binary/etcdcluster/etcdcluster.go
@@ -229,7 +229,7 @@ func prepareEtcdConfigs(ccfg *api.ClusterConfig, r runner.Runner, hostConfig *ap
func Init(conf *api.ClusterConfig) error {
// generate ca certificates and kube-apiserver-etcd-client certificates
- if err := generateCaAndApiserverEtcdCerts(&runner.LocalRunner{}, conf); err != nil {
+ if err := generateCaAndApiserverEtcdCerts(conf); err != nil {
return err
}
diff --git a/pkg/clusterdeployment/binary/etcdcluster/etcdcluster_test.go b/pkg/clusterdeployment/binary/etcdcluster/etcdcluster_test.go
index 43be12d..f19394a 100644
--- a/pkg/clusterdeployment/binary/etcdcluster/etcdcluster_test.go
+++ b/pkg/clusterdeployment/binary/etcdcluster/etcdcluster_test.go
@@ -172,7 +172,7 @@ func TestEtcdCertsAndConfig(t *testing.T) {
t.Fatalf("prepare etcd configs failed: %v", err)
}
- if err = generateCaAndApiserverEtcdCerts(r, deployConf); err != nil {
+ if err = generateCaAndApiserverEtcdCerts(deployConf); err != nil {
t.Fatalf("generate ca and apiserver etcd certs failed: %v", err)
}
diff --git a/pkg/utils/certs/certs_test.go b/pkg/utils/certs/certs_test.go
index 522d0cb..59a4a65 100644
--- a/pkg/utils/certs/certs_test.go
+++ b/pkg/utils/certs/certs_test.go
@@ -12,8 +12,8 @@ import (
func TestNewLocalCertGenerator(t *testing.T) {
savePath := "/tmp/haozi"
- cg := NewLocalCertGenerator()
- err := cg.CreateServiceAccount(savePath)
+ lcg := NewLocalCertGenerator()
+ err := lcg.CreateServiceAccount(savePath)
if err != nil {
t.Fatalf("create service account failed: %v", err)
}
@@ -37,7 +37,7 @@ func TestNewLocalCertGenerator(t *testing.T) {
},
Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
}
- err = cg.CreateCA(apiserverConfig, savePath, "ca")
+ err = lcg.CreateCA(apiserverConfig, savePath, "ca")
if err != nil {
t.Fatalf("create apiserver ca failed: %v", err)
}
@@ -59,16 +59,16 @@ func TestNewLocalCertGenerator(t *testing.T) {
}
caCertPath := fmt.Sprintf("%s/ca.crt", savePath)
caKeyPath := fmt.Sprintf("%s/ca.key", savePath)
- err = cg.CreateCertAndKey(caCertPath, caKeyPath, adminConfig, savePath, "admin")
+ err = lcg.CreateCertAndKey(caCertPath, caKeyPath, adminConfig, savePath, "admin")
if err != nil {
t.Fatalf("create cert and key for admin failed: %v", err)
}
- err = cg.CreateKubeConfig(savePath, constants.KubeConfigFileNameAdmin, caCertPath, "default-cluster", "default-admin",
+ err = lcg.CreateKubeConfig(savePath, constants.KubeConfigFileNameAdmin, caCertPath, "default-cluster", "default-admin",
filepath.Join(savePath, "admin.crt"), filepath.Join(savePath, "admin.key"), "https://127.0.0.1:6443")
if err != nil {
t.Fatalf("create kubeconfig for admin failed: %v", err)
}
- if err := cg.CleanAll(savePath); err != nil {
+ if err := lcg.CleanAll(savePath); err != nil {
t.Fatalf("clean all failed: %v", err)
}
}
diff --git a/pkg/utils/runner/runner.go b/pkg/utils/runner/runner.go
index 3b15a08..9e1689e 100644
--- a/pkg/utils/runner/runner.go
+++ b/pkg/utils/runner/runner.go
@@ -51,7 +51,7 @@ type LocalRunner struct {
}
func (r *LocalRunner) copyDir(srcDir, dstDir string) error {
- output, err := exec.Command("/bin/sh", "-c", fmt.Sprintf("sudo cp -rf %v %v", srcDir, dstDir)).CombinedOutput()
+ output, err := exec.Command("/bin/sh", "-c", fmt.Sprintf("cp -rf %v %v", srcDir, dstDir)).CombinedOutput()
if err != nil {
logrus.Errorf("[local] copy %s to %s failed: %v\noutput: %v\n", srcDir, dstDir, err, string(output))
return err
@@ -70,7 +70,7 @@ func (r *LocalRunner) Copy(src, dst string) error {
// just copy file
return r.copyDir(src, dst)
}
- output, err := exec.Command("/bin/sh", "-c", fmt.Sprintf("sudo cp -f %v %v", src, dst)).CombinedOutput()
+ output, err := exec.Command("/bin/sh", "-c", fmt.Sprintf("cp -f %v %v", src, dst)).CombinedOutput()
if err != nil {
logrus.Errorf("[local] copy %s to %s failed: %v\noutput: %v\n", src, dst, err, string(output))
} else {
--
2.25.1

213
0005-add-coredns-checker.patch
View File

@ -1,213 +0,0 @@
From e3f440f40c64265fd3cb2e0a3c8e7d44b1022550 Mon Sep 17 00:00:00 2001
From: zhangxiaoyu <zhangxiaoyu58@huawei.com>
Date: Wed, 8 Sep 2021 17:11:43 +0800
Subject: [PATCH 2/4] add coredns checker
Signed-off-by: zhangxiaoyu <zhangxiaoyu58@huawei.com>
---
cmd/api.go | 1 +
cmd/configs.go | 20 +++++++++++--------
cmd/join.go | 9 +++++++--
config/centos.config | 7 ++++---
config/openEuler.config | 5 +++--
docs/manual.md | 7 ++++---
.../binary/coredns/coredns.go | 8 ++++++++
pkg/utils/infra/infra.go | 6 ++++++
8 files changed, 45 insertions(+), 18 deletions(-)
diff --git a/cmd/api.go b/cmd/api.go
index fdc8949..538c2e0 100644
--- a/cmd/api.go
+++ b/cmd/api.go
@@ -28,6 +28,7 @@ type InstallConfig struct {
LoadBalance []*PackageConfig `yaml:"loadbalance"`
Container []*PackageConfig `yaml:"container"`
Image []*PackageConfig `yaml:"image"`
+ Dns []*PackageConfig `yaml:"dns"`
Addition map[string][]*PackageConfig `yaml:"addition"` // key: master, worker, etcd, loadbalance
}
diff --git a/cmd/configs.go b/cmd/configs.go
index 7555a92..dfc4c45 100644
--- a/cmd/configs.go
+++ b/cmd/configs.go
@@ -28,6 +28,7 @@ import (
"github.com/sirupsen/logrus"
"isula.org/eggo/pkg/api"
+ "isula.org/eggo/pkg/clusterdeployment/binary/coredns"
"isula.org/eggo/pkg/constants"
"isula.org/eggo/pkg/utils"
"isula.org/eggo/pkg/utils/infra"
@@ -279,6 +280,10 @@ func fillPackageConfig(ccfg *api.ClusterConfig, icfg *InstallConfig) {
ccfg.RoleInfra[s.role].Softwares = appendSoftware(ccfg.RoleInfra[s.role].Softwares, s.pc, s.dpc)
}
+ if coredns.IsTypeBinary(ccfg.ServiceCluster.DNS.CorednsType) {
+ ccfg.RoleInfra[api.Master].Softwares = appendSoftware(ccfg.RoleInfra[api.Master].Softwares, ToEggoPackageConfig(icfg.Dns), infra.DnsPackages)
+ }
+
if len(icfg.Addition) == 0 {
return
}
@@ -306,12 +311,9 @@ func fillOpenPort(ccfg *api.ClusterConfig, openports map[string][]*OpenPorts, dn
ccfg.RoleInfra[role].OpenPorts = append(ccfg.RoleInfra[role].OpenPorts, ToEggoOpenPort(p)...)
}
- if dnsType == "binary" || dnsType == "" {
+ if coredns.IsTypeBinary(dnsType) {
ccfg.RoleInfra[api.Master].OpenPorts =
append(ccfg.RoleInfra[api.Master].OpenPorts, infra.CorednsPorts...)
- } else if dnsType == "pod" {
- ccfg.RoleInfra[api.Worker].OpenPorts =
- append(ccfg.RoleInfra[api.Worker].OpenPorts, infra.CorednsPorts...)
}
}
@@ -766,6 +768,12 @@ func createDeployConfigTemplate(file string) error {
Type: "image",
},
},
+ Dns: []*PackageConfig{
+ {
+ Name: "coredns",
+ Type: "pkg",
+ },
+ },
Addition: map[string][]*PackageConfig{
"master": {
{
@@ -778,10 +786,6 @@ func createDeployConfigTemplate(file string) error {
Name: "calico.yaml",
Type: "yaml",
},
- {
- Name: "coredns",
- Type: "pkg",
- },
},
"worker": {
{
diff --git a/cmd/join.go b/cmd/join.go
index 7d0b4a1..79d68fc 100644
--- a/cmd/join.go
+++ b/cmd/join.go
@@ -117,8 +117,13 @@ func getMergedAndDiffConfigs(conf *DeployConfig, joinConf *DeployConfig) (*Deplo
if getHostConfigByIp(mergedConfig.Workers, host.Ip) != nil {
continue
}
- h := createHostConfig(getHostConfigByIp(allHostConfigs, host.Ip), host,
- defaultHostName(conf.ClusterID, "worker", len(conf.Workers)+i))
+
+ h := getHostConfigByIp(diffConfig.Masters, host.Ip)
+ if h == nil {
+ h = createHostConfig(getHostConfigByIp(allHostConfigs, host.Ip), host,
+ defaultHostName(conf.ClusterID, "worker", len(conf.Workers)+i))
+ }
+
mergedConfig.Workers = append(mergedConfig.Workers, h)
diffConfig.Workers = append(diffConfig.Workers, h)
}
diff --git a/config/centos.config b/config/centos.config
index c9b0d0e..a5a2924 100755
--- a/config/centos.config
+++ b/config/centos.config
@@ -54,13 +54,14 @@ install:
image:
- name: images.tar
type: image
+ dns:
+ - name: coredns
+ type: bin
+ dst: /usr/bin
addition:
master:
- name: calico.yaml
type: yaml
- - name: coredns
- type: bin
- dst: /usr/bin
worker:
- name: conntrack,socat
type: bin
diff --git a/config/openEuler.config b/config/openEuler.config
index 90e5892..07acf9b 100755
--- a/config/openEuler.config
+++ b/config/openEuler.config
@@ -36,9 +36,10 @@ install:
image:
- name: images.tar
type: image
+ dns:
+ - name: coredns
+ type: pkg
addition:
master:
- name: calico.yaml
type: yaml
- - name: coredns
- type: pkg
diff --git a/docs/manual.md b/docs/manual.md
index 0957069..a4913b1 100644
--- a/docs/manual.md
+++ b/docs/manual.md
@@ -300,6 +300,10 @@ install: // 配置各种类型节点上需要
- name: pause.tar
type: image
dst: ""
+ dns: // k8s coredns安装包。如果corednstype配置为pod此处无需配置
+ - name: coredns
+ type: pkg
+ dst: ""
addition: // 额外的安装包或二进制文件列表
master:
- name: prejoin.sh
@@ -309,9 +313,6 @@ install: // 配置各种类型节点上需要
- name: calico.yaml
type: yaml
dst: ""
- - name: coredns
- type: pkg
- dst: ""
worker:
- name: docker.service
type: file
diff --git a/pkg/clusterdeployment/binary/coredns/coredns.go b/pkg/clusterdeployment/binary/coredns/coredns.go
index 35edb08..a33c71f 100644
--- a/pkg/clusterdeployment/binary/coredns/coredns.go
+++ b/pkg/clusterdeployment/binary/coredns/coredns.go
@@ -33,6 +33,14 @@ func init() {
cbs[CorednsTypeOfBinary] = &BinaryCoredns{}
}
+func IsTypeBinary(configType string) bool {
+ return configType == CorednsTypeOfBinary || configType == ""
+}
+
+func IsTypePod(configType string) bool {
+ return configType == CorednsTypeOfPod
+}
+
func getTypeOfCoredns(configType string) string {
if configType != "" {
return configType
diff --git a/pkg/utils/infra/infra.go b/pkg/utils/infra/infra.go
index b0c8ecd..2b36e2a 100644
--- a/pkg/utils/infra/infra.go
+++ b/pkg/utils/infra/infra.go
@@ -110,6 +110,12 @@ var (
}
// coredns
+ DnsPackages = []*api.PackageConfig{
+ {
+ Name: "coredns",
+ Type: "repo",
+ },
+ }
CorednsPorts = []*api.OpenPorts{
{
Port: 53,
--
2.25.1

199
0006-add-list-command-for-eggo.patch
View File

@ -1,199 +0,0 @@
From a0ce71ec1363c210f12b92926ba911896bd32134 Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Thu, 9 Sep 2021 03:28:17 +0100
Subject: [PATCH 3/4] add list command for eggo
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
cmd/configs.go | 6 +--
cmd/eggo.go | 1 +
cmd/list.go | 122 +++++++++++++++++++++++++++++++++++++++++++++++
pkg/api/tools.go | 4 ++
4 files changed, 130 insertions(+), 3 deletions(-)
create mode 100644 cmd/list.go
diff --git a/cmd/configs.go b/cmd/configs.go
index dfc4c45..04e1ec8 100644
--- a/cmd/configs.go
+++ b/cmd/configs.go
@@ -90,11 +90,11 @@ func defaultDeployConfigPath() string {
}
func eggoPlaceHolderPath(ClusterID string) string {
- return filepath.Join(api.EggoHomePath, ClusterID, ".eggo.pid")
+ return filepath.Join(api.GetEggoClusterPath(), ClusterID, ".eggo.pid")
}
func savedDeployConfigPath(ClusterID string) string {
- return filepath.Join(api.EggoHomePath, ClusterID, "deploy.yaml")
+ return filepath.Join(api.GetEggoClusterPath(), ClusterID, "deploy.yaml")
}
func saveDeployConfig(cc *DeployConfig, filePath string) error {
@@ -104,7 +104,7 @@ func saveDeployConfig(cc *DeployConfig, filePath string) error {
}
cleanPath := filepath.Clean(filePath)
- if !strings.HasPrefix(cleanPath, api.EggoHomePath) {
+ if !strings.HasPrefix(cleanPath, api.GetEggoClusterPath()) {
return fmt.Errorf("invalid config file path %v", filePath)
}
diff --git a/cmd/eggo.go b/cmd/eggo.go
index 7e42833..272fb17 100644
--- a/cmd/eggo.go
+++ b/cmd/eggo.go
@@ -99,6 +99,7 @@ func NewEggoCmd() *cobra.Command {
eggoCmd.AddCommand(NewTemplateCmd())
eggoCmd.AddCommand(NewJoinCmd())
eggoCmd.AddCommand(NewDeleteCmd())
+ eggoCmd.AddCommand(NewListCmd())
return eggoCmd
}
diff --git a/cmd/list.go b/cmd/list.go
new file mode 100644
index 0000000..27729ba
--- /dev/null
+++ b/cmd/list.go
@@ -0,0 +1,122 @@
+/******************************************************************************
+ * Copyright (c) Huawei Technologies Co., Ltd. 2021. All rights reserved.
+ * eggo licensed under the Mulan PSL v2.
+ * You can use this software according to the terms and conditions of the Mulan PSL v2.
+ * You may obtain a copy of Mulan PSL v2 at:
+ * http://license.coscl.org.cn/MulanPSL2
+ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
+ * PURPOSE.
+ * See the Mulan PSL v2 for more details.
+ * Author: haozi007
+ * Create: 2021-09-09
+ * Description: eggo list command implement
+ ******************************************************************************/
+
+package cmd
+
+import (
+ "fmt"
+ "os"
+ "path/filepath"
+
+ "github.com/sirupsen/logrus"
+ "github.com/spf13/cobra"
+ "isula.org/eggo/pkg/api"
+)
+
+type clusterInfo struct {
+ name string
+ masterCnt int
+ workerCnt int
+ status string
+}
+
+var (
+ infos []clusterInfo
+)
+
+func addClusterInfo(name string, conf *DeployConfig, err error) {
+ info := clusterInfo{
+ name: name,
+ }
+ if err != nil {
+ info.status = "unknow"
+ logrus.Debugf("%s: %s", info.name, err.Error())
+ infos = append(infos, info)
+ return
+ }
+ if conf.Masters != nil {
+ info.masterCnt = len(conf.Masters)
+ }
+ if conf.Workers != nil {
+ info.workerCnt = len(conf.Workers)
+ }
+
+ if terr := RunChecker(conf); terr != nil {
+ info.status = "broken"
+ logrus.Debugf("%s: %s", info.name, terr.Error())
+ } else {
+ info.status = "success"
+ }
+
+ infos = append(infos, info)
+}
+
+func checkFile(path string, info os.FileInfo, err error) error {
+ if err != nil {
+ return err
+ }
+ if !info.IsDir() {
+ logrus.Debugf("ingore non-dir: %q", path)
+ return nil
+ }
+
+ if path == api.GetEggoClusterPath() {
+ return nil
+ }
+
+ conf, err := loadDeployConfig(savedDeployConfigPath(info.Name()))
+ addClusterInfo(info.Name(), conf, err)
+ return filepath.SkipDir
+}
+
+func showClustersInfo() {
+ maxLen := 8
+ for _, info := range infos {
+ if len(info.name) > maxLen {
+ maxLen = len(info.name)
+ }
+ }
+ fmt.Printf("Name%*s\tMasters\tWorkers\tStatus\n", maxLen, "")
+ for _, info := range infos {
+ fmt.Printf("%s%*s\t%d\t%d\t%s\n", info.name, len(info.name)-maxLen, "", info.masterCnt, info.workerCnt, info.status)
+ }
+}
+
+func listClusters(cmd *cobra.Command, args []string) error {
+ infos = nil
+ if opts.debug {
+ initLog()
+ }
+
+ eggoDir := api.GetEggoClusterPath()
+
+ if err := filepath.Walk(eggoDir, checkFile); err != nil {
+ logrus.Debugf("walk eggo cluster dir: %s, err: %v\n", eggoDir, err)
+ }
+
+ showClustersInfo()
+
+ return nil
+}
+
+func NewListCmd() *cobra.Command {
+ listCmd := &cobra.Command{
+ Use: "list",
+ Short: "list clusters which manager by eggo",
+ RunE: listClusters,
+ }
+
+ return listCmd
+}
diff --git a/pkg/api/tools.go b/pkg/api/tools.go
index 89a82d5..c9aaf93 100644
--- a/pkg/api/tools.go
+++ b/pkg/api/tools.go
@@ -63,6 +63,10 @@ func GetCertificateStorePath(cluster string) string {
return filepath.Join(EggoHomePath, cluster, "pki")
}
+func GetEggoClusterPath() string {
+ return EggoHomePath
+}
+
func GetEtcdServers(ecc *EtcdClusterConfig) string {
//etcd_servers="https://${MASTER_IPS[$i]}:2379"
//etcd_servers="$etcd_servers,https://${MASTER_IPS[$i]}:2379"
--
2.25.1

158
0007-update-cert-of-ca.patch
View File

@ -1,158 +0,0 @@
From f21402b93adae2162b2cf6d57dda5c3350bd9995 Mon Sep 17 00:00:00 2001
From: haozi007 <liuhao27@huawei.com>
Date: Sat, 11 Sep 2021 11:04:10 +0100
Subject: [PATCH 4/4] update cert of ca
1. support external ca;
2. default expired time change to 100 years;
3. support remote yaml;
Signed-off-by: haozi007 <liuhao27@huawei.com>
---
.../binary/controlplane/controlplane.go | 20 +++++++++++++++++--
.../binary/etcdcluster/etcdcerts.go | 13 ++++++++++++
pkg/utils/certs/certs.go | 4 ++--
pkg/utils/certs/localcerts.go | 2 +-
pkg/utils/dependency/dependency.go | 8 ++++++++
5 files changed, 42 insertions(+), 5 deletions(-)
diff --git a/pkg/clusterdeployment/binary/controlplane/controlplane.go b/pkg/clusterdeployment/binary/controlplane/controlplane.go
index 2296c57..9c591c4 100644
--- a/pkg/clusterdeployment/binary/controlplane/controlplane.go
+++ b/pkg/clusterdeployment/binary/controlplane/controlplane.go
@@ -284,7 +284,7 @@ func generateCerts(savePath string, cg certs.CertGenerator, ccfg *api.ClusterCon
return generateFrontProxyClientCertificate(savePath, cg)
}
-func prepareCAs(lcg certs.CertGenerator, savePath string) error {
+func prepareCAs(lcg certs.CertGenerator, savePath string, ccfg *api.ClusterConfig) error {
if _, err := lcg.RunCommand(fmt.Sprintf("mkdir -p -m 0700 %s", savePath)); err != nil {
logrus.Errorf("prepare certificates store path failed: %v", err)
return err
@@ -293,6 +293,22 @@ func prepareCAs(lcg certs.CertGenerator, savePath string) error {
if err := lcg.CreateServiceAccount(savePath); err != nil {
return err
}
+
+ if ccfg.Certificate.ExternalCA {
+ getStrCmd := func(name string) string {
+ return fmt.Sprintf("cp -f %s/%s %s/%s %s", ccfg.Certificate.ExternalCAPath, certs.GetKeyName(name),
+ ccfg.Certificate.ExternalCAPath, certs.GetCertName(name), savePath)
+ }
+
+ if _, err := lcg.RunCommand(getStrCmd(RootCAName)); err != nil {
+ return err
+ }
+
+ if _, err := lcg.RunCommand(getStrCmd(FrontProxyCAName)); err != nil {
+ return err
+ }
+ }
+
// create root ca
caConfig := &certs.CertConfig{
CommonName: "kubernetes",
@@ -342,7 +358,7 @@ func createAdminKubeConfigForEggo(lcg certs.CertGenerator, caPath string, savePa
func prepareCredentials(clusterName string, ccfg *api.ClusterConfig) error {
lcg := certs.NewLocalCertGenerator()
caPath := api.GetCertificateStorePath(clusterName)
- if err := prepareCAs(lcg, caPath); err != nil {
+ if err := prepareCAs(lcg, caPath, ccfg); err != nil {
return err
}
return createAdminKubeConfigForEggo(lcg, caPath, api.GetClusterHomePath(clusterName), ccfg)
diff --git a/pkg/clusterdeployment/binary/etcdcluster/etcdcerts.go b/pkg/clusterdeployment/binary/etcdcluster/etcdcerts.go
index 00f6116..29aeea7 100644
--- a/pkg/clusterdeployment/binary/etcdcluster/etcdcerts.go
+++ b/pkg/clusterdeployment/binary/etcdcluster/etcdcerts.go
@@ -17,6 +17,7 @@ package etcdcluster
import (
"crypto/x509"
+ "fmt"
"path/filepath"
"isula.org/eggo/pkg/api"
@@ -98,6 +99,18 @@ func generateCaAndApiserverEtcdCerts(ccfg *api.ClusterConfig) error {
caConfig := &certs.CertConfig{
CommonName: "etcd-ca",
}
+
+ if ccfg.Certificate.ExternalCA {
+ _, err := lcg.RunCommand(fmt.Sprintf("mkdir -p -m 0700 %s && cp -f %s/etcd/%s %s", etcdCertsPath, ccfg.Certificate.ExternalCAPath, certs.GetCertName("ca"), etcdCertsPath))
+ if err != nil {
+ return err
+ }
+ _, err = lcg.RunCommand(fmt.Sprintf("cp -f %s/etcd/%s %s", ccfg.Certificate.ExternalCAPath, certs.GetKeyName("ca"), etcdCertsPath))
+ if err != nil {
+ return err
+ }
+ }
+
if err := lcg.CreateCA(caConfig, etcdCertsPath, "ca"); err != nil {
return err
}
diff --git a/pkg/utils/certs/certs.go b/pkg/utils/certs/certs.go
index 0f16f7f..e57cfe8 100644
--- a/pkg/utils/certs/certs.go
+++ b/pkg/utils/certs/certs.go
@@ -123,7 +123,7 @@ func (o *OpensshBinCertGenerator) CreateCA(config *CertConfig, savePath string,
sb.WriteString("sudo -E /bin/sh -c \"")
sb.WriteString(fmt.Sprintf("mkdir -p %s && cd %s", savePath, savePath))
sb.WriteString(fmt.Sprintf(" && openssl genrsa -out %s.key 4096", name))
- sb.WriteString(fmt.Sprintf(" && openssl req -x509 -new -nodes -key %s.key -subj \"%s\" -days 10000 -out %s.crt", name, getSubject(config), name))
+ sb.WriteString(fmt.Sprintf(" && openssl req -x509 -new -nodes -key %s.key -subj \"%s\" -days 36500 -out %s.crt", name, getSubject(config), name))
sb.WriteString("\"")
_, err := o.r.RunCommand(sb.String())
@@ -184,7 +184,7 @@ func (o *OpensshBinCertGenerator) CreateCertAndKey(caCertPath, caKeyPath string,
sb.WriteString("sudo -E /bin/sh -c \"")
sb.WriteString(fmt.Sprintf("cd %s && openssl genrsa -out %s.key 4096", savePath, name))
sb.WriteString(fmt.Sprintf(" && openssl req -new -key %s.key -out %s.csr -config %s/%s-csr.conf", name, name, savePath, name))
- sb.WriteString(fmt.Sprintf(" && openssl x509 -req -in %s.csr -CA %s -CAkey %s -CAcreateserial -out %s.crt -days 10000 -extensions v3_ext -extfile %s-csr.conf", name, caCertPath, caKeyPath, name, name))
+ sb.WriteString(fmt.Sprintf(" && openssl x509 -req -in %s.csr -CA %s -CAkey %s -CAcreateserial -out %s.crt -days 36500 -extensions v3_ext -extfile %s-csr.conf", name, caCertPath, caKeyPath, name, name))
sb.WriteString(fmt.Sprintf(" && rm -f %s/%s-csr.conf", savePath, name))
sb.WriteString(fmt.Sprintf(" && rm -f %s.csr", name))
sb.WriteString("\"")
diff --git a/pkg/utils/certs/localcerts.go b/pkg/utils/certs/localcerts.go
index 7feca10..c5fe2e5 100644
--- a/pkg/utils/certs/localcerts.go
+++ b/pkg/utils/certs/localcerts.go
@@ -151,7 +151,7 @@ func (l *LocalCertGenerator) CreateCertAndKey(caCertPath, caKeyPath string, conf
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
ExtKeyUsage: config.Usages,
NotBefore: caCert.NotBefore,
- NotAfter: time.Now().Add(time.Hour * 24 * 365).UTC(),
+ NotAfter: time.Now().Add(time.Hour * 24 * 36500).UTC(),
}
certBytes, err := x509.CreateCertificate(rand.Reader, &certConf, caCert, signer.Public(), caKey)
diff --git a/pkg/utils/dependency/dependency.go b/pkg/utils/dependency/dependency.go
index 1c24a2e..870b938 100644
--- a/pkg/utils/dependency/dependency.go
+++ b/pkg/utils/dependency/dependency.go
@@ -247,6 +247,10 @@ func (dy *dependencyYaml) Install(r runner.Runner) error {
var sb strings.Builder
sb.WriteString(fmt.Sprintf("sudo -E /bin/sh -c \"export KUBECONFIG=%s ", dy.kubeconfig))
for _, y := range dy.yaml {
+ if strings.HasPrefix(y.Name, "http://") || strings.HasPrefix(y.Name, "https://") {
+ sb.WriteString(fmt.Sprintf("&& kubectl apply -f %s ", y.Name))
+ continue
+ }
sb.WriteString(fmt.Sprintf("&& kubectl apply -f %s/%s ", dy.srcPath, y.Name))
}
sb.WriteString("\"")
@@ -262,6 +266,10 @@ func (dy *dependencyYaml) Remove(r runner.Runner) error {
var sb strings.Builder
sb.WriteString(fmt.Sprintf("sudo -E /bin/sh -c \"export KUBECONFIG=%s ", dy.kubeconfig))
for _, y := range dy.yaml {
+ if strings.HasPrefix(y.Name, "http://") || strings.HasPrefix(y.Name, "https://") {
+ sb.WriteString(fmt.Sprintf("&& kubectl delete -f %s ", y.Name))
+ continue
+ }
sb.WriteString(fmt.Sprintf("&& kubectl delete -f %s/%s ", dy.srcPath, y.Name))
}
sb.WriteString("\"")
--
2.25.1

18
eggo.spec
View File

@ -1,19 +1,11 @@
Name: eggo Name: eggo
Version: 0.9.3 Version: 0.9.4
Release: 4 Release: 1
Summary: Eggo is a tool built to provide standard multi-ways for creating Kubernetes clusters. Summary: Eggo is a tool built to provide standard multi-ways for creating Kubernetes clusters.
License: Mulan PSL V2 License: Mulan PSL V2
URL: https://gitee.com/openeuler/eggo URL: https://gitee.com/openeuler/eggo
Source0: https://gitee.com/openeuler/eggo/repository/archive/v%{version}.tar.gz Source0: https://gitee.com/openeuler/eggo/repository/archive/v%{version}.tar.gz
Patch0001: 0001-remove-residual-objects.patch
Patch0002: 0002-remove-residual-in-infrastruce.patch
Patch0003: 0003-eggo-static-compile.patch
Patch0004: 0004-use-local-cert-replace-openssl.patch
Patch0005: 0005-add-coredns-checker.patch
Patch0006: 0006-add-list-command-for-eggo.patch
Patch0007: 0007-update-cert-of-ca.patch
BuildRequires: make BuildRequires: make
BuildRequires: git BuildRequires: git
BuildRequires: golang >= 1.13 BuildRequires: golang >= 1.13
@ -53,6 +45,12 @@ rm -rf src
%attr(551,root,root) %{_bindir}/eggo %attr(551,root,root) %{_bindir}/eggo
%changelog %changelog
* Mon Sep 13 2021 zhangxiaoyu<zhangxiaoyu58@huawei.com> - 0.9.4-1
- Type:upgrade
- CVE:NA
- SUG:NA
- DESC:upgrage to v0.9.4-1
* Mon Sep 13 2021 zhangxiaoyu<zhangxiaoyu58@huawei.com> - 0.9.3-4 * Mon Sep 13 2021 zhangxiaoyu<zhangxiaoyu58@huawei.com> - 0.9.3-4
- Type:bugfix - Type:bugfix
- CVE:NA - CVE:NA

BIN
v0.9.3.tar.gz
View File

Binary file not shown.

BIN
v0.9.4.tar.gz Normal file
View File

Binary file not shown.