Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Bootstrap node key files & fix permissions

Browse Source
This commit is contained in:
Erik Wilson 2019-07-17 13:57:33 -07:00
parent d140911b55
commit 2f4d2838ea
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
pkg/daemons/control/bootstrap.go
View File

@ -37,6 +37,9 @@ type serverBootstrap struct {
PasswdFileData string `json:"passwdFileData,omitempty"` PasswdFileData string `json:"passwdFileData,omitempty"`
RequestHeaderCAData string `json:"requestHeaderCAData,omitempty"` RequestHeaderCAData string `json:"requestHeaderCAData,omitempty"`
RequestHeaderCAKeyData string `json:"requestHeaderCAKeyData,omitempty"` RequestHeaderCAKeyData string `json:"requestHeaderCAKeyData,omitempty"`
ClientKubeletKey string `json:"clientKubeletKey,omitempty"`
ClientKubeProxyKey string `json:"clientKubeProxyKey,omitempty"`
ServingKubeletKey string `json:"servingKubeletKey,omitempty"`
} }
var validBootstrapTypes = map[string]bool{ var validBootstrapTypes = map[string]bool{
@ -202,6 +205,9 @@ func readRuntimeBootstrapData(runtime *config.ControlRuntime) ([]byte, error) {
runtime.PasswdFile: "", runtime.PasswdFile: "",
runtime.RequestHeaderCA: "", runtime.RequestHeaderCA: "",
runtime.RequestHeaderCAKey: "", runtime.RequestHeaderCAKey: "",
runtime.ClientKubeletKey: "",
runtime.ClientKubeProxyKey: "",
runtime.ServingKubeletKey: "",
} }
for k := range serverBootstrapFiles { for k := range serverBootstrapFiles {
data, err := ioutil.ReadFile(k) data, err := ioutil.ReadFile(k)
@ -219,6 +225,9 @@ func readRuntimeBootstrapData(runtime *config.ControlRuntime) ([]byte, error) {
PasswdFileData: serverBootstrapFiles[runtime.PasswdFile], PasswdFileData: serverBootstrapFiles[runtime.PasswdFile],
RequestHeaderCAData: serverBootstrapFiles[runtime.RequestHeaderCA], RequestHeaderCAData: serverBootstrapFiles[runtime.RequestHeaderCA],
RequestHeaderCAKeyData: serverBootstrapFiles[runtime.RequestHeaderCAKey], RequestHeaderCAKeyData: serverBootstrapFiles[runtime.RequestHeaderCAKey],
ClientKubeletKey: serverBootstrapFiles[runtime.ClientKubeletKey],
ClientKubeProxyKey: serverBootstrapFiles[runtime.ClientKubeProxyKey],
ServingKubeletKey: serverBootstrapFiles[runtime.ServingKubeletKey],
} }
return json.Marshal(serverBootstrapFileData) return json.Marshal(serverBootstrapFileData)
} }
@ -233,10 +242,13 @@ func writeRuntimeBootstrapData(runtime *config.ControlRuntime, runtimeData *serv
runtime.PasswdFile: runtimeData.PasswdFileData, runtime.PasswdFile: runtimeData.PasswdFileData,
runtime.RequestHeaderCA: runtimeData.RequestHeaderCAData, runtime.RequestHeaderCA: runtimeData.RequestHeaderCAData,
runtime.RequestHeaderCAKey: runtimeData.RequestHeaderCAKeyData, runtime.RequestHeaderCAKey: runtimeData.RequestHeaderCAKeyData,
runtime.ClientKubeletKey: runtimeData.ClientKubeletKey,
runtime.ClientKubeProxyKey: runtimeData.ClientKubeProxyKey,
runtime.ServingKubeletKey: runtimeData.ServingKubeletKey,
} }
for k, v := range runtimePathValue { for k, v := range runtimePathValue {
if _, err := os.Stat(k); os.IsNotExist(err) { if _, err := os.Stat(k); os.IsNotExist(err) {
if err := ioutil.WriteFile(k, []byte(v), 600); err != nil { if err := ioutil.WriteFile(k, []byte(v), 0600); err != nil {
return err return err
} }
} }