k3s/pkg/cli/cmds/server.go

339 lines
12 KiB
Go
Raw Normal View History

2019-01-09 16:54:15 +00:00
package cmds
import (
"context"
"github.com/rancher/k3s/pkg/daemons/config"
"github.com/rancher/k3s/pkg/version"
2020-07-10 17:34:00 +00:00
"github.com/rancher/spur/cli"
"github.com/rancher/spur/cli/altsrc"
2019-01-09 16:54:15 +00:00
)
const (
DisableItems = "coredns, servicelb, traefik, local-storage, metrics-server"
)
2019-01-09 16:54:15 +00:00
type Server struct {
ClusterCIDR string
AgentToken string
AgentTokenFile string
Token string
TokenFile string
ClusterSecret string
ServiceCIDR string
ClusterDNS string
ClusterDomain string
// The port which kubectl clients can access k8s
HTTPSPort int
// The port which custom k3s API runs on
SupervisorPort int
// The port which kube-apiserver runs on
APIServerPort int
APIServerBindAddress string
2019-10-15 21:17:26 +00:00
DataDir string
DisableAgent bool
KubeConfigOutput string
KubeConfigMode string
2020-07-10 17:34:00 +00:00
TLSSan []string
2019-10-15 21:17:26 +00:00
BindAddress string
2020-07-10 17:34:00 +00:00
ExtraAPIArgs []string
ExtraSchedulerArgs []string
ExtraControllerArgs []string
ExtraCloudControllerArgs []string
2019-10-15 21:17:26 +00:00
Rootless bool
2019-11-16 00:12:27 +00:00
DatastoreEndpoint string
DatastoreCAFile string
DatastoreCertFile string
DatastoreKeyFile string
2019-10-15 21:17:26 +00:00
AdvertiseIP string
AdvertisePort int
DisableScheduler bool
ServerURL string
2019-10-15 21:17:26 +00:00
FlannelBackend string
DefaultLocalStoragePath string
DisableCCM bool
2019-10-17 21:46:15 +00:00
DisableNPC bool
2020-04-27 16:31:25 +00:00
DisableKubeProxy bool
ClusterInit bool
ClusterReset bool
2019-12-12 22:41:10 +00:00
EncryptSecrets bool
StartupHooks []func(context.Context, config.Control) error
2019-01-09 16:54:15 +00:00
}
var ServerConfig Server
2020-07-10 17:34:00 +00:00
func NewServerCommand(action func(*cli.Context) error) *cli.Command {
return &cli.Command{
2019-01-09 16:54:15 +00:00
Name: "server",
Usage: "Run management server",
UsageText: appName + " server [OPTIONS]",
Before: func(ctx *cli.Context) error {
if err := CheckSELinuxFlags(ctx); err != nil {
return err
}
return DebugContext(cli.InitAllInputSource(altsrc.NewConfigFromFlag(ConfigFlag.Name)))(ctx)
},
Action: InitLogging(action),
2019-01-09 16:54:15 +00:00
Flags: []cli.Flag{
2020-07-10 17:34:00 +00:00
&ConfigFlag,
&DebugFlag,
&VLevel,
&VModule,
&LogFile,
&AlsoLogToStderr,
&cli.StringFlag{
2019-03-31 00:10:23 +00:00
Name: "bind-address",
Usage: "(listener) " + version.Program + " bind address (default: 0.0.0.0)",
2019-03-31 00:10:23 +00:00
Destination: &ServerConfig.BindAddress,
},
2020-07-10 17:34:00 +00:00
&cli.IntFlag{
2019-01-09 16:54:15 +00:00
Name: "https-listen-port",
Usage: "(listener) HTTPS listen port",
2019-01-09 16:54:15 +00:00
Value: 6443,
Destination: &ServerConfig.HTTPSPort,
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
Name: "advertise-address",
Usage: "(listener) IP address that apiserver uses to advertise to members of the cluster (default: node-external-ip/node-ip)",
Destination: &ServerConfig.AdvertiseIP,
},
2020-07-10 17:34:00 +00:00
&cli.IntFlag{
Name: "advertise-port",
Usage: "(listener) Port that apiserver uses to advertise to members of the cluster (default: listen-port)",
Destination: &ServerConfig.AdvertisePort,
},
2020-07-10 17:34:00 +00:00
&cli.StringSliceFlag{
Name: "tls-san",
Usage: "(listener) Add additional hostname or IP as a Subject Alternative Name in the TLS cert",
Destination: &ServerConfig.TLSSan,
2019-01-09 16:54:15 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-01-09 16:54:15 +00:00
Name: "data-dir,d",
Usage: "(data) Folder to hold state default /var/lib/rancher/" + version.Program + " or ${HOME}/.rancher/" + version.Program + " if not root",
2019-01-09 16:54:15 +00:00
Destination: &ServerConfig.DataDir,
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-01-09 16:54:15 +00:00
Name: "cluster-cidr",
Usage: "(networking) Network CIDR to use for pod IPs",
2019-01-09 16:54:15 +00:00
Destination: &ServerConfig.ClusterCIDR,
Value: "10.42.0.0/16",
2019-01-09 16:54:15 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-03-06 10:37:03 +00:00
Name: "service-cidr",
Usage: "(networking) Network CIDR to use for services IPs",
2019-03-06 10:37:03 +00:00
Destination: &ServerConfig.ServiceCIDR,
Value: "10.43.0.0/16",
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-03-06 11:16:04 +00:00
Name: "cluster-dns",
Usage: "(networking) Cluster IP for coredns service. Should be in your service-cidr range (default: 10.43.0.10)",
2019-03-06 11:16:04 +00:00
Destination: &ServerConfig.ClusterDNS,
Value: "",
2019-03-06 11:16:04 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-04-12 06:06:35 +00:00
Name: "cluster-domain",
Usage: "(networking) Cluster Domain",
2019-04-12 06:06:35 +00:00
Destination: &ServerConfig.ClusterDomain,
Value: "cluster.local",
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
Name: "flannel-backend",
2020-04-30 15:48:12 +00:00
Usage: "(networking) One of 'none', 'vxlan', 'ipsec', 'host-gw', or 'wireguard'",
Destination: &ServerConfig.FlannelBackend,
2019-11-08 20:56:41 +00:00
Value: "vxlan",
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
Name: "token,t",
Usage: "(cluster) Shared secret used to join a server or agent to a cluster",
Destination: &ServerConfig.Token,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_TOKEN"},
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
Name: "token-file",
Usage: "(cluster) File containing the cluster-secret/token",
Destination: &ServerConfig.TokenFile,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_TOKEN_FILE"},
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-01-22 21:14:58 +00:00
Name: "write-kubeconfig,o",
Usage: "(client) Write kubeconfig for admin client to this file",
2019-01-22 21:14:58 +00:00
Destination: &ServerConfig.KubeConfigOutput,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_KUBECONFIG_OUTPUT"},
2019-01-22 21:14:58 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-01-22 21:14:58 +00:00
Name: "write-kubeconfig-mode",
Usage: "(client) Write kubeconfig with this mode",
2019-01-22 21:14:58 +00:00
Destination: &ServerConfig.KubeConfigMode,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_KUBECONFIG_MODE"},
2019-01-22 21:14:58 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringSliceFlag{
Name: "kube-apiserver-arg",
Usage: "(flags) Customized flag for kube-apiserver process",
Destination: &ServerConfig.ExtraAPIArgs,
},
2020-07-10 17:34:00 +00:00
&cli.StringSliceFlag{
Name: "kube-scheduler-arg",
Usage: "(flags) Customized flag for kube-scheduler process",
Destination: &ServerConfig.ExtraSchedulerArgs,
},
2020-07-10 17:34:00 +00:00
&cli.StringSliceFlag{
Name: "kube-controller-manager-arg",
Usage: "(flags) Customized flag for kube-controller-manager process",
Destination: &ServerConfig.ExtraControllerArgs,
},
2020-07-10 17:34:00 +00:00
&cli.StringSliceFlag{
Name: "kube-cloud-controller-manager-arg",
Usage: "(flags) Customized flag for kube-cloud-controller-manager process",
Destination: &ServerConfig.ExtraCloudControllerArgs,
2019-10-15 21:17:26 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-11-16 00:12:27 +00:00
Name: "datastore-endpoint",
Usage: "(db) Specify etcd, Mysql, Postgres, or Sqlite (default) data source name",
2019-11-16 00:12:27 +00:00
Destination: &ServerConfig.DatastoreEndpoint,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_DATASTORE_ENDPOINT"},
2019-05-15 23:05:24 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-11-16 00:12:27 +00:00
Name: "datastore-cafile",
Usage: "(db) TLS Certificate Authority file used to secure datastore backend communication",
Destination: &ServerConfig.DatastoreCAFile,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_DATASTORE_CAFILE"},
2019-06-11 22:48:47 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-11-16 00:12:27 +00:00
Name: "datastore-certfile",
Usage: "(db) TLS certification file used to secure datastore backend communication",
Destination: &ServerConfig.DatastoreCertFile,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_DATASTORE_CERTFILE"},
2019-06-11 22:48:47 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
2019-11-16 00:12:27 +00:00
Name: "datastore-keyfile",
Usage: "(db) TLS key file used to secure datastore backend communication",
Destination: &ServerConfig.DatastoreKeyFile,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_DATASTORE_KEYFILE"},
2019-06-11 22:48:47 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
Name: "default-local-storage-path",
Usage: "(storage) Default local storage path for local provisioner storage class",
Destination: &ServerConfig.DefaultLocalStoragePath,
2019-05-29 18:53:51 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringSliceFlag{
2020-01-29 23:40:49 +00:00
Name: "disable",
Usage: "(components) Do not deploy packaged components and delete any deployed components (valid items: " + DisableItems + ")",
2019-05-29 18:53:51 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.BoolFlag{
2019-07-12 16:59:03 +00:00
Name: "disable-scheduler",
Usage: "(components) Disable Kubernetes default scheduler",
2019-07-12 16:59:03 +00:00
Destination: &ServerConfig.DisableScheduler,
},
2020-07-10 17:34:00 +00:00
&cli.BoolFlag{
2019-10-15 21:17:26 +00:00
Name: "disable-cloud-controller",
Usage: "(components) Disable " + version.Program + " default cloud controller manager",
2019-10-15 21:17:26 +00:00
Destination: &ServerConfig.DisableCCM,
},
2020-07-10 17:34:00 +00:00
&cli.BoolFlag{
2020-04-27 16:31:25 +00:00
Name: "disable-kube-proxy",
Usage: "(components) Disable running kube-proxy",
Destination: &ServerConfig.DisableKubeProxy,
},
2020-07-10 17:34:00 +00:00
&cli.BoolFlag{
2019-10-17 21:46:15 +00:00
Name: "disable-network-policy",
Usage: "(components) Disable " + version.Program + " default network policy controller",
2019-10-17 21:46:15 +00:00
Destination: &ServerConfig.DisableNPC,
},
2020-07-10 17:34:00 +00:00
&NodeNameFlag,
&WithNodeIDFlag,
&NodeLabels,
&NodeTaints,
&DockerFlag,
&CRIEndpointFlag,
&PauseImageFlag,
&SnapshotterFlag,
2020-07-10 17:34:00 +00:00
&PrivateRegistryFlag,
&NodeIPFlag,
&NodeExternalIPFlag,
&ResolvConfFlag,
&FlannelIfaceFlag,
&FlannelConfFlag,
&ExtraKubeletArgs,
&ExtraKubeProxyArgs,
&ProtectKernelDefaultsFlag,
2020-07-10 17:34:00 +00:00
&cli.BoolFlag{
Name: "rootless",
Usage: "(experimental) Run rootless",
Destination: &ServerConfig.Rootless,
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
Name: "agent-token",
2019-11-14 19:42:42 +00:00
Usage: "(experimental/cluster) Shared secret used to join agents to the cluster, but not servers",
Destination: &ServerConfig.AgentToken,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_AGENT_TOKEN"},
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
Name: "agent-token-file",
Usage: "(experimental/cluster) File containing the agent secret",
Destination: &ServerConfig.AgentTokenFile,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_AGENT_TOKEN_FILE"},
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
Name: "server,s",
Hidden: hideClusterFlags,
Usage: "(experimental/cluster) Server to connect to, used to join a cluster",
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_URL"},
Destination: &ServerConfig.ServerURL,
},
2020-07-10 17:34:00 +00:00
&cli.BoolFlag{
Name: "cluster-init",
Hidden: hideClusterFlags,
Usage: "(experimental/cluster) Initialize a new cluster",
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_CLUSTER_INIT"},
Destination: &ServerConfig.ClusterInit,
},
2020-07-10 17:34:00 +00:00
&cli.BoolFlag{
Name: "cluster-reset",
Hidden: hideClusterFlags,
Usage: "(experimental/cluster) Forget all peers and become sole member of a new cluster",
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_CLUSTER_RESET"},
Destination: &ServerConfig.ClusterReset,
},
2020-07-10 17:34:00 +00:00
&cli.BoolFlag{
2019-12-12 22:41:10 +00:00
Name: "secrets-encryption",
Usage: "(experimental) Enable Secret encryption at rest",
Destination: &ServerConfig.EncryptSecrets,
},
&SELinuxFlag,
// Hidden/Deprecated flags below
&DisableSELinuxFlag,
2020-07-10 17:34:00 +00:00
&FlannelFlag,
&cli.StringSliceFlag{
2020-01-29 23:40:49 +00:00
Name: "no-deploy",
Usage: "(deprecated) Do not deploy packaged components (valid items: " + DisableItems + ")",
2020-01-29 23:40:49 +00:00
},
2020-07-10 17:34:00 +00:00
&cli.StringFlag{
Name: "cluster-secret",
Usage: "(deprecated) use --token",
2019-11-14 19:42:42 +00:00
Destination: &ServerConfig.ClusterSecret,
2020-07-10 17:34:00 +00:00
EnvVars: []string{version.ProgramUpper + "_CLUSTER_SECRET"},
},
2020-07-10 17:34:00 +00:00
&cli.BoolFlag{
Name: "disable-agent",
Usage: "Do not run a local agent and register a local kubelet",
Hidden: true,
Destination: &ServerConfig.DisableAgent,
},
2020-07-10 17:34:00 +00:00
&cli.StringSliceFlag{
Hidden: true,
Name: "kube-controller-arg",
Usage: "(flags) Customized flag for kube-controller-manager process",
Destination: &ServerConfig.ExtraControllerArgs,
},
&cli.StringSliceFlag{
Hidden: true,
Name: "kube-cloud-controller-arg",
Usage: "(flags) Customized flag for kube-cloud-controller-manager process",
Destination: &ServerConfig.ExtraCloudControllerArgs,
},
2019-01-09 16:54:15 +00:00
},
}
}