Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

yurthub verify bootstrap ca on start #631

Merged
merged 1 commit into from
Dec 29, 2021
Merged

yurthub verify bootstrap ca on start #631

merged 1 commit into from
Dec 29, 2021

Conversation

gnunu
Copy link
Member

@gnunu gnunu commented Nov 26, 2021

What type of PR is this?

Uncomment only one /kind <> line, hit enter to put that in a new line, and remove leading whitespace from that line:
/kind bug
/kind documentation
/kind enhancement
/kind good-first-issue
/kind feature
/kind question
/kind design
/sig ai
/sig iot
/sig network
/sig storage
/sig storage

/kind bug

What this PR does / why we need it:

verify existed ca file if any, and do cleanup if necessary (mismatch). This will fix the openyurt convert failure due to stale contents left over in the yurthub root dir (/var/lib/yurthub).

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

/assign @rambohe-ch

Does this PR introduce a user-facing change?

NONE

other Note

@openyurt-bot
Copy link
Collaborator

@gnunu: GitHub didn't allow me to assign the following users: your_reviewer.

Note that only openyurtio members, repo collaborators and people who have commented on this issue/PR can be assigned. Additionally, issues/PRs can only have 10 assignees at the same time.
For more information please see the contributor guide

In response to this:

What type of PR is this?

Uncomment only one /kind <> line, hit enter to put that in a new line, and remove leading whitespace from that line:
/kind bug
/kind documentation
/kind enhancement
/kind good-first-issue
/kind feature
/kind question
/kind design
/sig ai
/sig iot
/sig network
/sig storage
/sig storage

/kind bug

What this PR does / why we need it:

verify existed ca file if any, and do cleanup if necessary (mismatch). This will fix the openyurt convert failure due to stale contents left over in the yurthub root dir (/var/lib/yurthub).

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

/assign @rambohe-ch

Does this PR introduce a user-facing change?

NONE

other Note

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openyurt-bot openyurt-bot added the kind/bug kind/bug label Nov 26, 2021
@openyurt-bot openyurt-bot added the size/M size/M: 30-99 label Nov 26, 2021
@rambohe-ch
Copy link
Member

rambohe-ch commented Nov 27, 2021
edited
Loading

@gnunu A good job to remove pki based on verifying join token. please fix the above golangci lint error.

@gnunu
Copy link
Member Author

gnunu commented Nov 27, 2021

@rambohe-ch thanks!

@rambohe-ch
Copy link
Member

@gnunu I think that maybe we can compare the remote server address from yurthub startup parameter --serveraddr and server address of /var/lib/yurthub/bootstrap-hub.conf. if yurthub is used to connect to a new kube-apiserver, the remote server address will be changed, so the old certificates should be removed.

@gnunu gnunu force-pushed the yurthub-ca-check branch 3 times, most recently from a126ce1 to 9af9bc1 Compare December 29, 2021 09:01
@openyurt-bot openyurt-bot added the approved approved label Dec 29, 2021
@rambohe-ch
Copy link
Member

/lgtm
/approve

@openyurt-bot openyurt-bot added the lgtm lgtm label Dec 29, 2021
@openyurt-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: gnunu, rambohe-ch

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openyurt-bot openyurt-bot merged commit ea360e3 into openyurtio:master Dec 29, 2021
MrGirl pushed a commit to MrGirl/openyurt that referenced this pull request Mar 29, 2022
@gnunu
yurthub verify server address and bootstrap ca file on start and do c…
0488dbd 
…leanup if necessary (openyurtio#631)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rambohe-ch rambohe-ch rambohe-ch approved these changes

@adamzhoul adamzhoul Awaiting requested review from adamzhoul

@Peeknut Peeknut Awaiting requested review from Peeknut

Assignees

@rambohe-ch rambohe-ch

Labels
approved approved kind/bug kind/bug lgtm lgtm size/M size/M: 30-99
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gnunu @openyurt-bot @rambohe-ch