diff --git a/Makefile b/Makefile index 5a3c8cdee2048..361c0be333a64 100644 --- a/Makefile +++ b/Makefile @@ -198,6 +198,7 @@ gofmt: gofmt -w -s cloudmock/ gofmt -w -s cmd/ gofmt -w -s examples/ + gofmt -w -s federation/ gofmt -w -s util/ gofmt -w -s upup/pkg/ gofmt -w -s protokube/cmd @@ -211,6 +212,7 @@ govet: k8s.io/kops/cmd/... \ k8s.io/kops/channels/... \ k8s.io/kops/examples/... \ + k8s.io/kops/federation/... \ k8s.io/kops/util/... \ k8s.io/kops/upup/... \ k8s.io/kops/protokube/... \ diff --git a/federation/apply_federation.go b/federation/apply_federation.go index f7013271092c6..00280d8430c53 100644 --- a/federation/apply_federation.go +++ b/federation/apply_federation.go @@ -17,35 +17,35 @@ limitations under the License. package federation import ( - "fmt" - "k8s.io/kops/upup/pkg/fi/fitasks" - "k8s.io/kops/upup/pkg/fi" - "crypto/rsa" - crypto_rand "crypto/rand" - k8sapiv1 "k8s.io/kubernetes/pkg/api/v1" - "k8s.io/kops/federation/tasks" - "text/template" "bytes" + crypto_rand "crypto/rand" + "crypto/rsa" + "fmt" + "github.com/golang/glog" "k8s.io/kops/federation/model" "k8s.io/kops/federation/targets/kubernetes" + "k8s.io/kops/federation/tasks" kopsapi "k8s.io/kops/pkg/apis/kops" - "k8s.io/kops/pkg/client/simple" "k8s.io/kops/pkg/apis/kops/registry" - "k8s.io/kubernetes/pkg/api/errors" - "k8s.io/kops/upup/pkg/kutil" + "k8s.io/kops/pkg/client/simple" + "k8s.io/kops/upup/pkg/fi" + "k8s.io/kops/upup/pkg/fi/fitasks" "k8s.io/kops/upup/pkg/fi/k8sapi" - "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_3" + "k8s.io/kops/upup/pkg/kutil" "k8s.io/kubernetes/federation/client/clientset_generated/federation_release_1_4" - "github.com/golang/glog" + "k8s.io/kubernetes/pkg/api/errors" + k8sapiv1 "k8s.io/kubernetes/pkg/api/v1" + "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_3" "strings" + "text/template" ) type ApplyFederationOperation struct { - Federation *kopsapi.Federation - KopsClient simple.Clientset + Federation *kopsapi.Federation + KopsClient simple.Clientset - namespace string - name string + namespace string + name string apiserverDeploymentName string apiserverServiceName string @@ -54,7 +54,7 @@ type ApplyFederationOperation struct { apiserverSecretName string } -func (o*ApplyFederationOperation) FindKubecfg() (*kutil.KubeconfigBuilder, error) { +func (o *ApplyFederationOperation) FindKubecfg() (*kutil.KubeconfigBuilder, error) { // TODO: Only if not yet set? // hasKubecfg, err := hasKubecfg(f.Name) // if err != nil { @@ -62,7 +62,6 @@ func (o*ApplyFederationOperation) FindKubecfg() (*kutil.KubeconfigBuilder, erro // hasKubecfg = true // } - // Loop through looking for a configured cluster for _, controller := range o.Federation.Spec.Controllers { cluster, err := o.KopsClient.Clusters().Get(controller) @@ -78,11 +77,11 @@ func (o*ApplyFederationOperation) FindKubecfg() (*kutil.KubeconfigBuilder, erro apiserverKeypair := o.buildApiserverKeypair() federationConfiguration := &FederationConfiguration{ - Namespace: o.namespace, - ApiserverSecretName: o.apiserverSecretName, + Namespace: o.namespace, + ApiserverSecretName: o.apiserverSecretName, ApiserverServiceName: o.apiserverServiceName, - ApiserverKeypair: apiserverKeypair, - KubeconfigSecretName:"federation-apiserver-kubeconfig", + ApiserverKeypair: apiserverKeypair, + KubeconfigSecretName: "federation-apiserver-kubeconfig", } k, err := federationConfiguration.extractKubecfg(context, o.Federation) if err != nil { @@ -98,7 +97,7 @@ func (o*ApplyFederationOperation) FindKubecfg() (*kutil.KubeconfigBuilder, erro return nil, nil } -func (o*ApplyFederationOperation) Run() error { +func (o *ApplyFederationOperation) Run() error { o.namespace = "federation" o.name = "federation" @@ -160,13 +159,13 @@ func (o*ApplyFederationOperation) Run() error { clusterName := strings.Replace(cluster.Name, ".", "-", -1) a := &FederationCluster{ - FederationNamespace : o.namespace, + FederationNamespace: o.namespace, ControllerKubernetesClients: controllerKubernetesClients, - FederationClient: federationControllerClient, + FederationClient: federationControllerClient, ClusterSecretName: "secret-" + cluster.Name, - ClusterName: clusterName, + ClusterName: clusterName, ApiserverHostname: cluster.Spec.MasterPublicName, } err = a.Run(cluster) @@ -186,7 +185,7 @@ func (o*ApplyFederationOperation) Run() error { // Builds a fi.Context applying to the federation namespace in the specified cluster // Note that this operates inside the cluster, for example the KeyStore is backed by secrets in the namespace -func (o*ApplyFederationOperation) federationContextForCluster(cluster *kopsapi.Cluster) (*fi.Context, error) { +func (o *ApplyFederationOperation) federationContextForCluster(cluster *kopsapi.Cluster) (*fi.Context, error) { clusterKeystore, err := registry.KeyStore(cluster) if err != nil { return nil, err @@ -207,12 +206,12 @@ func (o*ApplyFederationOperation) federationContextForCluster(cluster *kopsapi.C return context, nil } -func (o*ApplyFederationOperation) buildApiserverKeypair() (*fitasks.Keypair) { +func (o *ApplyFederationOperation) buildApiserverKeypair() *fitasks.Keypair { keypairName := "secret-" + o.apiserverHostName keypair := &fitasks.Keypair{ - Name: fi.String(keypairName), - Subject: "cn=" + o.Federation.Name, - Type: "server", + Name: fi.String(keypairName), + Subject: "cn=" + o.Federation.Name, + Type: "server", } // So it has a valid cert inside the cluster @@ -228,7 +227,7 @@ func (o*ApplyFederationOperation) buildApiserverKeypair() (*fitasks.Keypair) { return keypair } -func (o*ApplyFederationOperation) runOnCluster(context *fi.Context, cluster *kopsapi.Cluster) error { +func (o *ApplyFederationOperation) runOnCluster(context *fi.Context, cluster *kopsapi.Cluster) error { _, _, err := EnsureCASecret(context.Keystore) if err != nil { return err @@ -248,10 +247,10 @@ func (o*ApplyFederationOperation) runOnCluster(context *fi.Context, cluster *kop federationConfiguration := &FederationConfiguration{ ApiserverServiceName: o.apiserverServiceName, - Namespace: o.namespace, - ApiserverSecretName: o.apiserverSecretName, - ApiserverKeypair: apiserverKeypair, - KubeconfigSecretName:"federation-apiserver-kubeconfig", + Namespace: o.namespace, + ApiserverSecretName: o.apiserverSecretName, + ApiserverKeypair: apiserverKeypair, + KubeconfigSecretName: "federation-apiserver-kubeconfig", } err = federationConfiguration.EnsureConfiguration(context) if err != nil { @@ -268,7 +267,7 @@ func (o*ApplyFederationOperation) runOnCluster(context *fi.Context, cluster *kop } applyManifestTask := tasks.KubernetesResource{ - Name: fi.String(o.name), + Name: fi.String(o.name), Manifest: fi.WrapResource(fi.NewStringResource(manifest)), } err = applyManifestTask.Run(context) @@ -279,7 +278,7 @@ func (o*ApplyFederationOperation) runOnCluster(context *fi.Context, cluster *kop return nil } -func (o*ApplyFederationOperation) buildTemplateData() map[string]string { +func (o *ApplyFederationOperation) buildTemplateData() map[string]string { namespace := o.namespace name := o.name @@ -325,7 +324,7 @@ func (o*ApplyFederationOperation) buildTemplateData() map[string]string { return data } -func (o*ApplyFederationOperation) executeTemplate(key string, templateDefinition string) (string, error) { +func (o *ApplyFederationOperation) executeTemplate(key string, templateDefinition string) (string, error) { data := o.buildTemplateData() t := template.New(key) @@ -358,7 +357,7 @@ func (o*ApplyFederationOperation) executeTemplate(key string, templateDefinition return buffer.String(), nil } -func (o*ApplyFederationOperation) EnsureNamespace(c *fi.Context) error { +func (o *ApplyFederationOperation) EnsureNamespace(c *fi.Context) error { k8s := c.Target.(*kubernetes.KubernetesTarget).KubernetesClient ns, err := k8s.Core().Namespaces().Get(o.namespace) @@ -381,7 +380,7 @@ func (o*ApplyFederationOperation) EnsureNamespace(c *fi.Context) error { return nil } -func (o*ApplyFederationOperation) ensureFederationNamespace(k8s federation_release_1_4.Interface, name string) (*k8sapiv1.Namespace, error) { +func (o *ApplyFederationOperation) ensureFederationNamespace(k8s federation_release_1_4.Interface, name string) (*k8sapiv1.Namespace, error) { return mutateNamespace(k8s, name, func(n *k8sapiv1.Namespace) (*k8sapiv1.Namespace, error) { if n == nil { n = &k8sapiv1.Namespace{} diff --git a/federation/auth_file.go b/federation/auth_file.go index adc2458c530c9..d153d1e03e77e 100644 --- a/federation/auth_file.go +++ b/federation/auth_file.go @@ -17,9 +17,9 @@ limitations under the License. package federation import ( - "strings" - "fmt" "bytes" + "fmt" + "strings" ) type AuthFile struct { @@ -48,7 +48,7 @@ func ParseAuthFile(data []byte) (*AuthFile, error) { return parsed, nil } -func (a*AuthFile) FindUser(user string) *AuthFileLine { +func (a *AuthFile) FindUser(user string) *AuthFileLine { for _, line := range a.Lines { if line.User == user { return line @@ -57,7 +57,7 @@ func (a*AuthFile) FindUser(user string) *AuthFileLine { return nil } -func (a*AuthFile) Add(line *AuthFileLine) error { +func (a *AuthFile) Add(line *AuthFileLine) error { existing := a.FindUser(line.User) if existing != nil { return fmt.Errorf("user %q already exists in file", line.User) @@ -66,7 +66,7 @@ func (a*AuthFile) Add(line *AuthFileLine) error { return nil } -func (a*AuthFile) Encode() string { +func (a *AuthFile) Encode() string { var b bytes.Buffer for _, line := range a.Lines { @@ -82,8 +82,8 @@ func ParseAuthFileLine(line string) (*AuthFileLine, error) { } parsed := &AuthFileLine{ Secret: tokens[0], - User: tokens[1], - Role: tokens[2], + User: tokens[1], + Role: tokens[2], } return parsed, nil } diff --git a/federation/federation_cluster.go b/federation/federation_cluster.go index 1415606a2608a..57f21ed6c3ca8 100644 --- a/federation/federation_cluster.go +++ b/federation/federation_cluster.go @@ -18,30 +18,30 @@ package federation import ( "fmt" - "k8s.io/kubernetes/pkg/api/v1" - "k8s.io/kubernetes/pkg/api/errors" "github.com/golang/glog" - "k8s.io/kops/upup/pkg/kutil" kopsapi "k8s.io/kops/pkg/apis/kops" - "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_3" - "k8s.io/kubernetes/federation/client/clientset_generated/federation_release_1_4" - "k8s.io/kubernetes/federation/apis/federation/v1beta1" "k8s.io/kops/pkg/apis/kops/registry" + "k8s.io/kops/upup/pkg/kutil" + "k8s.io/kubernetes/federation/apis/federation/v1beta1" + "k8s.io/kubernetes/federation/client/clientset_generated/federation_release_1_4" + "k8s.io/kubernetes/pkg/api/errors" + "k8s.io/kubernetes/pkg/api/v1" + "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_3" ) type FederationCluster struct { FederationNamespace string - ControllerKubernetesClients []release_1_3.Interface - FederationClient federation_release_1_4.Interface + ControllerKubernetesClients []release_1_3.Interface + FederationClient federation_release_1_4.Interface - ClusterSecretName string + ClusterSecretName string - ClusterName string - ApiserverHostname string + ClusterName string + ApiserverHostname string } -func (o*FederationCluster) Run(cluster *kopsapi.Cluster) error { +func (o *FederationCluster) Run(cluster *kopsapi.Cluster) error { keyStore, err := registry.KeyStore(cluster) if err != nil { return err @@ -52,9 +52,9 @@ func (o*FederationCluster) Run(cluster *kopsapi.Cluster) error { } k := kutil.CreateKubecfg{ - ContextName: cluster.Name, - KeyStore: keyStore, - SecretStore: secretStore, + ContextName: cluster.Name, + KeyStore: keyStore, + SecretStore: secretStore, KubeMasterIP: cluster.Spec.MasterPublicName, } @@ -64,8 +64,8 @@ func (o*FederationCluster) Run(cluster *kopsapi.Cluster) error { } user := kutil.KubectlUser{ - ClientCertificateData: kubeconfig.ClientCert, - ClientKeyData : kubeconfig.ClientKey, + ClientCertificateData: kubeconfig.ClientCert, + ClientKeyData: kubeconfig.ClientKey, } // username/password or bearer token may be set, but not both if kubeconfig.KubeBearerToken != "" { @@ -88,7 +88,7 @@ func (o*FederationCluster) Run(cluster *kopsapi.Cluster) error { return nil } -func (o*FederationCluster) ensureFederationSecret(k8s release_1_3.Interface, caCertData []byte, user kutil.KubectlUser) error { +func (o *FederationCluster) ensureFederationSecret(k8s release_1_3.Interface, caCertData []byte, user kutil.KubectlUser) error { _, err := mutateSecret(k8s, o.FederationNamespace, o.ClusterSecretName, func(s *v1.Secret) (*v1.Secret, error) { var kubeconfigData []byte var err error @@ -96,7 +96,7 @@ func (o*FederationCluster) ensureFederationSecret(k8s release_1_3.Interface, caC { kubeconfig := &kutil.KubectlConfig{ ApiVersion: "v1", - Kind: "Config", + Kind: "Config", } cluster := &kutil.KubectlClusterWithName{ @@ -122,7 +122,7 @@ func (o*FederationCluster) ensureFederationSecret(k8s release_1_3.Interface, caC Name: o.ClusterName, Context: kutil.KubectlContext{ Cluster: cluster.Name, - User: user.Name, + User: user.Name, }, } kubeconfig.CurrentContext = o.ClusterName @@ -149,7 +149,7 @@ func (o*FederationCluster) ensureFederationSecret(k8s release_1_3.Interface, caC return err } -func (o*FederationCluster) ensureFederationCluster(federationClient federation_release_1_4.Interface) error { +func (o *FederationCluster) ensureFederationCluster(federationClient federation_release_1_4.Interface) error { _, err := mutateCluster(federationClient, o.ClusterName, func(c *v1beta1.Cluster) (*v1beta1.Cluster, error) { if c == nil { c = &v1beta1.Cluster{} diff --git a/federation/federation_configuration.go b/federation/federation_configuration.go index 2f682bd0c5d3b..a82155dba077b 100644 --- a/federation/federation_configuration.go +++ b/federation/federation_configuration.go @@ -18,21 +18,21 @@ package federation import ( "fmt" - "k8s.io/kops/upup/pkg/fi" - "k8s.io/kubernetes/pkg/api/v1" - "k8s.io/kops/federation/targets/kubernetes" - "k8s.io/kubernetes/pkg/api/errors" "github.com/golang/glog" - "k8s.io/kops/upup/pkg/kutil" + "k8s.io/kops/federation/targets/kubernetes" kopsapi "k8s.io/kops/pkg/apis/kops" + "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/fi/fitasks" + "k8s.io/kops/upup/pkg/kutil" + "k8s.io/kubernetes/pkg/api/errors" + "k8s.io/kubernetes/pkg/api/v1" "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_3" ) const UserAdmin = "admin" type FederationConfiguration struct { - Namespace string + Namespace string ApiserverKeypair *fitasks.Keypair ApiserverServiceName string @@ -41,7 +41,7 @@ type FederationConfiguration struct { KubeconfigSecretName string } -func (o*FederationConfiguration) extractKubecfg(c *fi.Context, f *kopsapi.Federation) (*kutil.KubeconfigBuilder, error) { +func (o *FederationConfiguration) extractKubecfg(c *fi.Context, f *kopsapi.Federation) (*kutil.KubeconfigBuilder, error) { // TODO: move this masterName := "api." + f.Spec.DNSName @@ -113,7 +113,7 @@ func (o*FederationConfiguration) extractKubecfg(c *fi.Context, f *kopsapi.Federa return k, nil } -func (o*FederationConfiguration) findBasicAuth(secret *v1.Secret) (*AuthFile, error) { +func (o *FederationConfiguration) findBasicAuth(secret *v1.Secret) (*AuthFile, error) { var basicAuthData *AuthFile var err error @@ -131,7 +131,7 @@ func (o*FederationConfiguration) findBasicAuth(secret *v1.Secret) (*AuthFile, er return basicAuthData, nil } -func (o*FederationConfiguration) findKnownTokens(secret *v1.Secret) (*AuthFile, error) { +func (o *FederationConfiguration) findKnownTokens(secret *v1.Secret) (*AuthFile, error) { var knownTokens *AuthFile var err error @@ -149,7 +149,7 @@ func (o*FederationConfiguration) findKnownTokens(secret *v1.Secret) (*AuthFile, return knownTokens, nil } -func (o*FederationConfiguration) EnsureConfiguration(c *fi.Context) error { +func (o *FederationConfiguration) EnsureConfiguration(c *fi.Context) error { caCert, _, err := c.Keystore.FindKeypair(fi.CertificateId_CA) if err != nil { return err @@ -214,7 +214,7 @@ func (o*FederationConfiguration) EnsureConfiguration(c *fi.Context) error { } err = knownTokens.Add(&AuthFileLine{User: UserAdmin, Secret: string(s.Data), Role: "admin"}) if err != nil { - return nil, err + return nil, err } adminToken = string(s.Data) } else { @@ -260,7 +260,7 @@ func (o*FederationConfiguration) EnsureConfiguration(c *fi.Context) error { // TODO: Prefer username / password or token? user := kutil.KubectlUser{ - Username:UserAdmin, + Username: UserAdmin, Password: adminPassword, //Token: adminToken, } @@ -272,7 +272,7 @@ func (o*FederationConfiguration) EnsureConfiguration(c *fi.Context) error { return nil } -func (o*FederationConfiguration) ensureSecretKubeconfig(c *fi.Context, caCert *fi.Certificate, user kutil.KubectlUser) error { +func (o *FederationConfiguration) ensureSecretKubeconfig(c *fi.Context, caCert *fi.Certificate, user kutil.KubectlUser) error { k8s := c.Target.(*kubernetes.KubernetesTarget).KubernetesClient _, err := mutateSecret(k8s, o.Namespace, o.KubeconfigSecretName, func(s *v1.Secret) (*v1.Secret, error) { @@ -282,7 +282,7 @@ func (o*FederationConfiguration) ensureSecretKubeconfig(c *fi.Context, caCert *f { kubeconfig := &kutil.KubectlConfig{ ApiVersion: "v1", - Kind: "Config", + Kind: "Config", } cluster := &kutil.KubectlClusterWithName{ @@ -312,7 +312,7 @@ func (o*FederationConfiguration) ensureSecretKubeconfig(c *fi.Context, caCert *f Name: o.ApiserverServiceName, Context: kutil.KubectlContext{ Cluster: cluster.Name, - User: user.Name, + User: user.Name, }, } kubeconfig.CurrentContext = o.ApiserverServiceName diff --git a/federation/federation_namespace.go b/federation/federation_namespace.go index 791b73a79d9c1..455b975505d96 100644 --- a/federation/federation_namespace.go +++ b/federation/federation_namespace.go @@ -17,10 +17,10 @@ limitations under the License. package federation import ( - "k8s.io/kubernetes/federation/client/clientset_generated/federation_release_1_4" + "fmt" "github.com/golang/glog" + "k8s.io/kubernetes/federation/client/clientset_generated/federation_release_1_4" "k8s.io/kubernetes/pkg/api/errors" - "fmt" "k8s.io/kubernetes/pkg/api/v1" ) diff --git a/federation/targets/kubernetes/kubernetestarget.go b/federation/targets/kubernetes/kubernetestarget.go index bd3a5b6efcd79..3551b6e6f1482 100644 --- a/federation/targets/kubernetes/kubernetestarget.go +++ b/federation/targets/kubernetes/kubernetestarget.go @@ -17,12 +17,12 @@ limitations under the License. package kubernetes import ( - "k8s.io/kops/upup/pkg/fi" - "k8s.io/kops/pkg/client/simple" + "fmt" kopsapi "k8s.io/kops/pkg/apis/kops" + "k8s.io/kops/pkg/client/simple" + "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/upup/pkg/kutil" "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_3" - "fmt" ) type KubernetesTarget struct { @@ -34,9 +34,9 @@ type KubernetesTarget struct { func NewKubernetesTarget(clientset simple.Clientset, keystore fi.Keystore, cluster *kopsapi.Cluster) (*KubernetesTarget, error) { b := &kutil.CreateKubecfg{ - ContextName: cluster.Name, - KeyStore: keystore, - SecretStore: nil, + ContextName: cluster.Name, + KeyStore: keystore, + SecretStore: nil, KubeMasterIP: cluster.Spec.MasterPublicName, } @@ -56,7 +56,7 @@ func NewKubernetesTarget(clientset simple.Clientset, keystore fi.Keystore, clust } target := &KubernetesTarget{ - cluster: cluster, + cluster: cluster, KubernetesClient: k8sClient, } return target, nil @@ -81,6 +81,5 @@ func (t *KubernetesTarget) Apply(manifest []byte) error { return err } - return nil } diff --git a/federation/tasks/kubernetesresource.go b/federation/tasks/kubernetesresource.go index 41784f7f0f15c..bbb01b263b66a 100644 --- a/federation/tasks/kubernetesresource.go +++ b/federation/tasks/kubernetesresource.go @@ -18,14 +18,14 @@ package tasks import ( "fmt" - "k8s.io/kops/upup/pkg/fi" "k8s.io/kops/federation/targets/kubernetes" + "k8s.io/kops/upup/pkg/fi" "k8s.io/kubernetes/pkg/util/validation/field" ) //go:generate fitask -type=KubernetesResource type KubernetesResource struct { - Name *string + Name *string Manifest *fi.ResourceHolder }