fix(main): fix kubeadm init func (labring#2756)

Signed-off-by: cuisongliu <cuisongliu@qq.com>

Author: cuisongliu

.github/keylabeler.yml

@@ -0,0 +1,21 @@
+# Determines if we search the title (optional). Defaults to true.
+matchTitle: true
+
+# Determines if we search the body (optional). Defaults to true.
+matchBody: true
+
+# Determines if label matching is case sensitive (optional). Defaults to true.
+caseSensitive: false
+
+# Explicit keyword mappings to labels. Form of match:label. Required.
+labelMappings:
+  "[WIP]": WIP
+  doc: "kind/documentation"
+  docs: "kind/documentation"
+  bug: "kind/bug"
+  fix: "kind/bug"
+  BUG: "kind/bug"
+  Fix: "kind/bug"
+  Feature: "kind/feature"
+  Feat: "kind/feature"
+  feat: "kind/feature"

.github/mergeable.settings.yml

@@ -0,0 +1,7 @@
+# Configuration for weekly-digest - https://github.com/apps/weekly-digest
+publishDay: sun
+canPublishIssues: true
+canPublishPullRequests: true
+canPublishContributors: true
+canPublishStargazers: true
+canPublishCommits: true

.github/mergeable.yml

@@ -0,0 +1,81 @@
+name: Test Sealos Cert Command
+
+on:
+  workflow_dispatch:
+  push:
+    branches: ["main"]
+    paths:
+      - ".github/workflows/test_cert.yml"
+      - "cmd/**"
+      - "pkg/runtime/**"
+      - "pkg/buildah/**"
+  pull_request:
+    branches: ["*"]
+    paths:
+      - ".github/workflows/test_cert.yml"
+      - "cmd/**"
+      - "pkg/runtime/**"
+      - "pkg/buildah/**"
+
+
+jobs:
+  build-sealos:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Auto install sealos
+        uses: labring/sealos-action@v0.0.5
+        with:
+          type: install-dev
+          pruneCRI: true
+          autoFetch: false
+      - name: Save Binaries
+        uses: actions/upload-artifact@v3
+        with:
+          name: sealos
+          path: /usr/bin/sealos
+
+  verify-run-containerd-cert:
+    needs: [build-sealos]
+    runs-on: ubuntu-latest
+    steps:
+      - name: Download sealos
+        uses: actions/download-artifact@v3
+        with:
+          name: sealos
+          path: /tmp/
+      - name: Verify sealos
+        run: |
+          sudo chmod a+x /tmp/sealos
+          sudo mv /tmp/sealos /usr/bin/
+          sudo sealos version
+      - name: Remove containerd && docker
+        uses: labring/sealos-action@v0.0.7
+        with:
+          type: prune
+      - name: Auto install k8s using sealos
+        run: |
+          sudo sealos run labring/kubernetes:v1.25.0 --single --debug
+          mkdir -p "$HOME/.kube"
+          sudo cp -i /etc/kubernetes/admin.conf "$HOME/.kube/config"
+          sudo chown "$(whoami)" "$HOME/.kube/config"
+          kubectl get svc
+          kubectl get pod -A
+          sudo cat /root/.sealos/default/etc/kubeadm-init.yaml
+          sudo cat /root/.sealos/default/Clusterfile
+          sudo sealos cert --alt-names testci.sealos.github.io --debug
+          sudo cat /root/.sealos/default/etc/kubeadm-update.yml
+      - name: Verify Cluster Status
+        run: |
+          echo "Verify Cluster"
+          echo "Current system info"
+          sudo /var/lib/sealos/data/default/rootfs/opt/sealctl cri socket
+          sudo /var/lib/sealos/data/default/rootfs/opt/sealctl cri cgroup-driver --short
+          echo "Current Cluster info"
+          set -e
+          sudo cat /root/.sealos/default/etc/kubeadm-init.yaml | grep /run/containerd/containerd.sock
+          sudo cat /root/.sealos/default/etc/kubeadm-init.yaml | grep systemd
+          sudo cat /root/.sealos/default/etc/kubeadm-init.yaml | grep 100.64.0.0/10
+          sudo cat /root/.sealos/default/etc/kubeadm-init.yaml | grep 10.96.0.0/22
+          sudo cat /root/.sealos/default/etc/kubeadm-update.yml | grep testci.sealos.github.io

.github/weekly-digest.yml

@@ -59,7 +59,7 @@ var certCmd = &cobra.Command{
 		if err = cf.Process(); err != nil {
 			return err
 		}
-		r, err := runtime.NewDefaultRuntimeByKubeadm(cluster, cf.GetKubeadmConfig())
+		r, err := runtime.NewDefaultRuntime(cluster, cf.GetKubeadmConfig())
 		if err != nil {
 			return fmt.Errorf("get default runtime failed, %v", err)
 		}

.github/workflows/test_cert.yml

@@ -17,14 +17,12 @@ limitations under the License.
 package apply
 
 import (
-	"errors"
 	"fmt"
 
 	"github.com/labring/sealos/pkg/apply/processor"
 	"github.com/labring/sealos/pkg/buildah"
 	"github.com/labring/sealos/pkg/runtime"
 	"github.com/labring/sealos/pkg/types/v1beta1"
-	"github.com/labring/sealos/pkg/utils/yaml"
 )
 
 func NewClusterFromGenArgs(imageNames []string, args *RunArgs) ([]byte, error) {
@@ -45,30 +43,11 @@ func NewClusterFromGenArgs(imageNames []string, args *RunArgs) ([]byte, error) {
 		return nil, fmt.Errorf("input first image %s is not kubernetes image", imageNames)
 	}
 	cluster.Status.Mounts = append(cluster.Status.Mounts, *img)
-	rtInterface, err := runtime.NewDefaultRuntime(cluster, nil)
+	rtInterface, err := runtime.NewDefaultRuntime(cluster, &runtime.KubeadmConfig{})
 	if err != nil {
 		return nil, err
 	}
-	if rt, ok := rtInterface.(*runtime.KubeadmRuntime); ok {
-		if err = rt.ConvertInitConfigConversion(); err != nil {
-			return nil, err
-		}
-		c.cluster.Status = v1beta1.ClusterStatus{}
-		// todo: only generate configurations of the corresponding components by passing parameters
-		objects := []interface{}{c.cluster,
-			rt.InitConfiguration,
-			rt.ClusterConfiguration,
-			rt.JoinConfiguration,
-			rt.KubeProxyConfiguration,
-			rt.KubeletConfiguration,
-		}
-		data, err := yaml.MarshalYamlConfigs(objects...)
-		if err != nil {
-			return nil, err
-		}
-		return data, nil
-	}
-	return nil, errors.New("unknown convert kubeadmRuntime error")
+	return rtInterface.GetAdminKubeconfig()
 }
 
 func genImageInfo(imageName string) (*v1beta1.MountImage, error) {

cmd/sealos/cmd/cert.go

@@ -329,6 +329,11 @@ func (k *KubeadmRuntime) setCertSANS(certs []string) {
 	k.ClusterConfiguration.APIServer.CertSANs = certSans
 }
 
+func (k *KubeadmRuntime) setExcludeCIDRs() {
+	k.IPVS.ExcludeCIDRs = append(k.KubeProxyConfiguration.IPVS.ExcludeCIDRs, fmt.Sprintf("%s/32", k.getVip()))
+	k.IPVS.ExcludeCIDRs = strings2.RemoveDuplicate(k.IPVS.ExcludeCIDRs)
+}
+
 func (k *KubeadmRuntime) getEtcdDataDir() string {
 	const defaultEtcdDataDir = "/var/lib/etcd"
 	if k.ClusterConfiguration.Etcd.Local == nil {
@@ -355,11 +360,11 @@ func (k *KubeadmRuntime) setCRISocket(criSocket string) {
 	k.InitConfiguration.NodeRegistration.CRISocket = criSocket
 }
 
-func (k *KubeadmRuntime) generateInitConfigs() ([]byte, error) {
-	setCGroupDriverAndSocket := func(krt *KubeadmRuntime) error {
-		return krt.setCGroupDriverAndSocket(krt.getMaster0IPAndPort())
-	}
+var setCGroupDriverAndSocket = func(krt *KubeadmRuntime) error {
+	return krt.setCGroupDriverAndSocket(krt.getMaster0IPAndPort())
+}
 
+func (k *KubeadmRuntime) generateInitConfigs() ([]byte, error) {
 	if err := k.ConvertInitConfigConversion(setCGroupDriverAndSocket); err != nil {
 		return nil, err
 	}
@@ -384,11 +389,11 @@ func (k *KubeadmRuntime) ConvertInitConfigConversion(fns ...func(*KubeadmRuntime
 	if k.APIServer.ExtraArgs == nil {
 		k.APIServer.ExtraArgs = make(map[string]string)
 	}
-	k.IPVS.ExcludeCIDRs = append(k.KubeProxyConfiguration.IPVS.ExcludeCIDRs, fmt.Sprintf("%s/32", k.getVip()))
-	k.IPVS.ExcludeCIDRs = strings2.RemoveDuplicate(k.IPVS.ExcludeCIDRs)
-
+	k.setExcludeCIDRs()
+	k.setCertSANS([]string{})
 	// after all merging done, set default fields
 	k.finalizeInitConfig()
+
 	if err := k.convertKubeadmVersion(); err != nil {
 		return fmt.Errorf("convert kubeadm version failed: %w", err)
 	}

pkg/apply/gen.go

@@ -18,6 +18,8 @@ import (
 	"fmt"
 	"sync"
 
+	"github.com/labring/sealos/pkg/utils/yaml"
+
 	"github.com/labring/sealos/pkg/utils/logger"
 	"github.com/labring/sealos/pkg/utils/versionutil"
 
@@ -52,6 +54,26 @@ func (k *KubeadmRuntime) Init() error {
 	return k.pipeline("init", pipeline)
 }
 
+func (k *KubeadmRuntime) GetAdminKubeconfig() ([]byte, error) {
+	k.KubeadmConfig = k.ClusterFileKubeConfig
+	if err := k.ConvertInitConfigConversion(); err != nil {
+		return nil, err
+	}
+	k.Cluster.Status = v2.ClusterStatus{}
+	objects := []interface{}{k.Cluster,
+		k.InitConfiguration,
+		k.ClusterConfiguration,
+		k.JoinConfiguration,
+		k.KubeProxyConfiguration,
+		k.KubeletConfiguration,
+	}
+	data, err := yaml.MarshalYamlConfigs(objects...)
+	if err != nil {
+		return nil, err
+	}
+	return data, nil
+}
+
 type Interface interface {
 	Init() error
 	Reset() error
@@ -62,6 +84,7 @@ type Interface interface {
 	SyncNodeIPVS(mastersIPList, nodeIPList []string) error
 	UpdateCert(certs []string) error
 	UpgradeCluster(version string) error
+	GetAdminKubeconfig() ([]byte, error)
 }
 
 func (k *KubeadmRuntime) Reset() error {
@@ -99,7 +122,7 @@ func (k *KubeadmRuntime) DeleteMasters(mastersIPList []string) error {
 	return k.deleteMasters(mastersIPList)
 }
 
-func newKubeadmRuntime(cluster *v2.Cluster, kubeadm *KubeadmConfig, setKubeadm bool) (Interface, error) {
+func newKubeadmRuntime(cluster *v2.Cluster, kubeadm *KubeadmConfig) (Interface, error) {
 	k := &KubeadmRuntime{
 		Mutex:   &sync.Mutex{},
 		Cluster: cluster,
@@ -109,27 +132,18 @@ func newKubeadmRuntime(cluster *v2.Cluster, kubeadm *KubeadmConfig, setKubeadm b
 		},
 		KubeadmConfig: &KubeadmConfig{},
 	}
-	if setKubeadm {
-		k.KubeadmConfig = kubeadm
-	}
 	if err := k.Validate(); err != nil {
 		return nil, err
 	}
 	if logger.IsDebugMode() {
 		k.vlog = 6
 	}
-	k.setCertSANS([]string{})
 	return k, nil
 }
 
 // NewDefaultRuntime arg "clusterName" is the Cluster name
 func NewDefaultRuntime(cluster *v2.Cluster, kubeadm *KubeadmConfig) (Interface, error) {
-	return newKubeadmRuntime(cluster, kubeadm, false)
-}
-
-// NewDefaultRuntimeByKubeadm arg "clusterName" is the Cluster name
-func NewDefaultRuntimeByKubeadm(cluster *v2.Cluster, kubeadm *KubeadmConfig) (Interface, error) {
-	return newKubeadmRuntime(cluster, kubeadm, true)
+	return newKubeadmRuntime(cluster, kubeadm)
 }
 
 func (k *KubeadmRuntime) Validate() error {

pkg/runtime/kubeadm.go

@@ -43,6 +43,9 @@ func (k *KubeadmRuntime) UpdateCert(certs []string) error {
 	if len(certs) != 0 {
 		k.setCertSANS(append(k.getCertSANS(), certs...))
 	}
+	if err := k.ConvertInitConfigConversion(setCGroupDriverAndSocket); err != nil {
+		return err
+	}
 	pipeline := []func() error{
 		k.updateCert,
 		k.saveNewKubeadmConfig,