Merge pull request #2334 from wansir/kubectl-image
Configuring kubectl image from command line
This commit is contained in:
KubeSphere CI Bot
@@ -34,6 +34,7 @@ type AuthenticationOptions struct {
|
||||
JwtSecret string `json:"-" yaml:"jwtSecret"`
|
||||
// oauth options
|
||||
OAuthOptions *oauth.Options `json:"oauthOptions" yaml:"oauthOptions"`
|
||||
KubectlImage string `json:"kubectlImage" yaml:"kubectlImage"`
|
||||
}
|
||||
|
||||
func NewAuthenticateOptions() *AuthenticationOptions {
|
||||
@@ -43,6 +44,7 @@ func NewAuthenticateOptions() *AuthenticationOptions {
|
||||
OAuthOptions: oauth.NewOptions(),
|
||||
MultipleLogin: false,
|
||||
JwtSecret: "",
|
||||
KubectlImage: "kubesphere/kubectl:v1.0.0",
|
||||
}
|
||||
}
|
||||
|
||||
@@ -61,4 +63,5 @@ func (options *AuthenticationOptions) AddFlags(fs *pflag.FlagSet, s *Authenticat
|
||||
fs.BoolVar(&options.MultipleLogin, "multiple-login", s.MultipleLogin, "Allow multiple login with the same account, disable means only one user can login at the same time.")
|
||||
fs.StringVar(&options.JwtSecret, "jwt-secret", s.JwtSecret, "Secret to sign jwt token, must not be empty.")
|
||||
fs.DurationVar(&options.OAuthOptions.AccessTokenMaxAge, "access-token-max-age", s.OAuthOptions.AccessTokenMaxAge, "AccessTokenMaxAgeSeconds control the lifetime of access tokens, 0 means no expiration.")
|
||||
fs.StringVar(&s.KubectlImage, "kubectl-image", s.KubectlImage, "Setup the image used by kubectl terminal pod")
|
||||
}
|
||||
|
||||
@@ -53,6 +53,8 @@ type Controller struct {
|
||||
clusterRoleBindingLister rbacv1listers.ClusterRoleBindingLister
|
||||
clusterRoleBindingSynced cache.InformerSynced
|
||||
userSynced cache.InformerSynced
|
||||
deploymentSynced cache.InformerSynced
|
||||
podSynced cache.InformerSynced
|
||||
// workqueue is a rate limited work queue. This is used to queue work to be
|
||||
// processed instead of performing it as soon as a change happens. This
|
||||
// means we can ensure we only process a fixed amount of resources at a
|
||||
@@ -65,7 +67,9 @@ type Controller struct {
|
||||
kubectlOperator kubectl.Interface
|
||||
}
|
||||
|
||||
func NewController(k8sClient kubernetes.Interface, clusterRoleBindingInformer rbacv1informers.ClusterRoleBindingInformer, deploymentInformer appsv1informers.DeploymentInformer, podInformer coreinfomers.PodInformer, userInformer iamv1alpha2informers.UserInformer) *Controller {
|
||||
func NewController(k8sClient kubernetes.Interface, clusterRoleBindingInformer rbacv1informers.ClusterRoleBindingInformer,
|
||||
deploymentInformer appsv1informers.DeploymentInformer, podInformer coreinfomers.PodInformer,
|
||||
userInformer iamv1alpha2informers.UserInformer, kubectlImage string) *Controller {
|
||||
// Create event broadcaster
|
||||
// Add sample-controller types to the default Kubernetes Scheme so Events can be
|
||||
// logged for sample-controller types.
|
||||
@@ -81,7 +85,9 @@ func NewController(k8sClient kubernetes.Interface, clusterRoleBindingInformer rb
|
||||
clusterRoleBindingLister: clusterRoleBindingInformer.Lister(),
|
||||
clusterRoleBindingSynced: clusterRoleBindingInformer.Informer().HasSynced,
|
||||
userSynced: userInformer.Informer().HasSynced,
|
||||
kubectlOperator: kubectl.NewOperator(k8sClient, deploymentInformer, podInformer, userInformer),
|
||||
deploymentSynced: deploymentInformer.Informer().HasSynced,
|
||||
podSynced: podInformer.Informer().HasSynced,
|
||||
kubectlOperator: kubectl.NewOperator(k8sClient, deploymentInformer, podInformer, userInformer, kubectlImage),
|
||||
workqueue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "ClusterRoleBinding"),
|
||||
recorder: recorder,
|
||||
}
|
||||
@@ -105,7 +111,7 @@ func (c *Controller) Run(threadiness int, stopCh <-chan struct{}) error {
|
||||
|
||||
// Wait for the caches to be synced before starting workers
|
||||
klog.Info("Waiting for informer caches to sync")
|
||||
if ok := cache.WaitForCacheSync(stopCh, c.clusterRoleBindingSynced, c.userSynced); !ok {
|
||||
if ok := cache.WaitForCacheSync(stopCh, c.clusterRoleBindingSynced, c.userSynced, c.deploymentSynced, c.podSynced); !ok {
|
||||
return fmt.Errorf("failed to wait for caches to sync")
|
||||
}
|
||||
|
||||
|
||||
@@ -51,7 +51,7 @@ func newResourceHandler(k8sClient kubernetes.Interface, factory informers.Inform
|
||||
kubeconfigOperator: kubeconfig.NewReadOnlyOperator(factory.KubernetesSharedInformerFactory().Core().V1().ConfigMaps(), masterURL),
|
||||
kubectlOperator: kubectl.NewOperator(nil, factory.KubernetesSharedInformerFactory().Apps().V1().Deployments(),
|
||||
factory.KubernetesSharedInformerFactory().Core().V1().Pods(),
|
||||
factory.KubeSphereSharedInformerFactory().Iam().V1alpha2().Users()),
|
||||
factory.KubeSphereSharedInformerFactory().Iam().V1alpha2().Users(), ""),
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -31,7 +31,6 @@ import (
|
||||
iamv1alpha2informers "kubesphere.io/kubesphere/pkg/client/informers/externalversions/iam/v1alpha2"
|
||||
"kubesphere.io/kubesphere/pkg/models"
|
||||
"math/rand"
|
||||
"os"
|
||||
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
|
||||
|
||||
"kubesphere.io/kubesphere/pkg/constants"
|
||||
@@ -52,18 +51,13 @@ type operator struct {
|
||||
deploymentInformer appsv1informers.DeploymentInformer
|
||||
podInformer coreinfomers.PodInformer
|
||||
userInformer iamv1alpha2informers.UserInformer
|
||||
kubectlImage string
|
||||
}
|
||||
|
||||
func NewOperator(k8sClient kubernetes.Interface, deploymentInformer appsv1informers.DeploymentInformer, podInformer coreinfomers.PodInformer, userInformer iamv1alpha2informers.UserInformer) Interface {
|
||||
return &operator{k8sClient: k8sClient, deploymentInformer: deploymentInformer, podInformer: podInformer, userInformer: userInformer}
|
||||
}
|
||||
|
||||
var DefaultImage = "kubesphere/kubectl:advanced-1.0.0"
|
||||
|
||||
func init() {
|
||||
if env := os.Getenv("KUBECTL_IMAGE"); env != "" {
|
||||
DefaultImage = env
|
||||
}
|
||||
func NewOperator(k8sClient kubernetes.Interface, deploymentInformer appsv1informers.DeploymentInformer,
|
||||
podInformer coreinfomers.PodInformer, userInformer iamv1alpha2informers.UserInformer, kubectlImage string) Interface {
|
||||
return &operator{k8sClient: k8sClient, deploymentInformer: deploymentInformer, podInformer: podInformer,
|
||||
userInformer: userInformer, kubectlImage: kubectlImage}
|
||||
}
|
||||
|
||||
func (o *operator) GetKubectlPod(username string) (models.PodInfo, error) {
|
||||
@@ -118,7 +112,6 @@ func (o *operator) CreateKubectlDeploy(username string) error {
|
||||
deployName := fmt.Sprintf(deployNameFormat, username)
|
||||
|
||||
user, err := o.userInformer.Lister().Get(username)
|
||||
|
||||
if err != nil {
|
||||
klog.Error(err)
|
||||
// ignore if user not exist
|
||||
@@ -146,7 +139,7 @@ func (o *operator) CreateKubectlDeploy(username string) error {
|
||||
Spec: v1.PodSpec{
|
||||
Containers: []v1.Container{
|
||||
{Name: "kubectl",
|
||||
Image: DefaultImage,
|
||||
Image: o.kubectlImage,
|
||||
},
|
||||
},
|
||||
ServiceAccountName: "kubesphere-cluster-admin",
|
||||
@@ -156,14 +149,12 @@ func (o *operator) CreateKubectlDeploy(username string) error {
|
||||
}
|
||||
|
||||
err = controllerutil.SetControllerReference(user, deployment, scheme.Scheme)
|
||||
|
||||
if err != nil {
|
||||
klog.Errorln(err)
|
||||
return err
|
||||
}
|
||||
|
||||
_, err = o.k8sClient.AppsV1().Deployments(namespace).Create(deployment)
|
||||
|
||||
if err != nil {
|
||||
if errors.IsAlreadyExists(err) {
|
||||
return nil
|
||||
|
||||
Reference in New Issue
Block a user