add etcd flag
This commit is contained in:
magicsong
@@ -2,64 +2,23 @@ package main
|
||||
|
||||
import (
|
||||
"flag"
|
||||
"time"
|
||||
|
||||
"github.com/projectcalico/libcalico-go/lib/apiconfig"
|
||||
"github.com/projectcalico/libcalico-go/lib/clientv3"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
"k8s.io/client-go/rest"
|
||||
"k8s.io/klog"
|
||||
"kubesphere.io/kubesphere/pkg/client/clientset/versioned"
|
||||
ksinformer "kubesphere.io/kubesphere/pkg/client/informers/externalversions"
|
||||
"kubesphere.io/kubesphere/pkg/controller/network/nsnetworkpolicy"
|
||||
"kubesphere.io/kubesphere/pkg/controller/network/provider"
|
||||
"kubesphere.io/kubesphere/pkg/controller/network/runoption"
|
||||
)
|
||||
|
||||
const (
|
||||
certPath = "/calicocerts"
|
||||
)
|
||||
|
||||
var npProviderFlag string
|
||||
var opt runoption.RunOption
|
||||
|
||||
func init() {
|
||||
flag.StringVar(&npProviderFlag, "np-provider", "calico", "specify the network policy provider, k8s or calico")
|
||||
flag.StringVar(&opt.ProviderName, "np-provider", "calico", "specify the network policy provider, k8s or calico")
|
||||
flag.BoolVar(&opt.AllowInsecureEtcd, "allow-insecure-etcd", false, "specify allow connect to etcd using insecure http")
|
||||
//TODO add more flags
|
||||
}
|
||||
|
||||
func main() {
|
||||
klog.InitFlags(nil)
|
||||
flag.Set("logtostderr", "true")
|
||||
flag.Parse()
|
||||
klog.V(1).Info("Preparing kubernetes client")
|
||||
config, err := rest.InClusterConfig()
|
||||
if err != nil {
|
||||
panic(err.Error())
|
||||
}
|
||||
// creates the clientset
|
||||
k8sClientset := kubernetes.NewForConfigOrDie(config)
|
||||
ksClientset := versioned.NewForConfigOrDie(config)
|
||||
informer := ksinformer.NewSharedInformerFactory(ksClientset, time.Minute*10)
|
||||
klog.V(1).Info("Kubernetes client initialized successfully")
|
||||
var npProvider provider.NsNetworkPolicyProvider
|
||||
if npProviderFlag == "calico" {
|
||||
klog.V(1).Info("Preparing calico client")
|
||||
config := apiconfig.NewCalicoAPIConfig()
|
||||
config.Spec.EtcdEndpoints = "https://127.0.0.1:2379"
|
||||
config.Spec.EtcdKeyFile = certPath + "/etcd-key"
|
||||
config.Spec.EtcdCertFile = certPath + "/etcd-cert"
|
||||
config.Spec.EtcdCACertFile = certPath + "/etcd-ca"
|
||||
config.Spec.DatastoreType = apiconfig.EtcdV3
|
||||
client, err := clientv3.New(*config)
|
||||
if err != nil {
|
||||
klog.Fatal("Failed to initialize calico client", err)
|
||||
}
|
||||
npProvider = provider.NewCalicoNetworkProvider(client.NetworkPolicies())
|
||||
klog.V(1).Info("Calico client initialized successfully")
|
||||
}
|
||||
//TODO: support no-calico cni
|
||||
c := nsnetworkpolicy.NewController(k8sClientset, ksClientset, informer.Network().V1alpha1().NamespaceNetworkPolicies(), npProvider)
|
||||
stop := make(chan struct{})
|
||||
klog.V(1).Infof("Starting controller")
|
||||
go informer.Network().V1alpha1().NamespaceNetworkPolicies().Informer().Run(stop)
|
||||
if err := c.Run(1, stop); err != nil {
|
||||
klog.Fatal(err)
|
||||
}
|
||||
klog.Fatal(opt.Run())
|
||||
}
|
||||
|
||||
1
go.sum
1
go.sum
@@ -439,6 +439,7 @@ golang.org/x/net v0.0.0-20190328230028-74de082e2cca/go.mod h1:t9HGtf8HONx5eT2rtn
|
||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190613194153-d28f0bde5980 h1:dfGZHvZk057jK2MCeWus/TowKpJ8y4AmooUzdBSR9GU=
|
||||
golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859 h1:R/3boaszxrf1GEUWTVDzSKVwLmSJpwZ1yqXm8j0v2QI=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||
|
||||
82
pkg/controller/network/runoption/option.go
Normal file
82
pkg/controller/network/runoption/option.go
Normal file
@@ -0,0 +1,82 @@
|
||||
package runoption
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/projectcalico/libcalico-go/lib/apiconfig"
|
||||
"github.com/projectcalico/libcalico-go/lib/clientv3"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
"k8s.io/client-go/rest"
|
||||
"k8s.io/klog"
|
||||
"kubesphere.io/kubesphere/pkg/client/clientset/versioned"
|
||||
ksinformer "kubesphere.io/kubesphere/pkg/client/informers/externalversions"
|
||||
"kubesphere.io/kubesphere/pkg/controller/network/nsnetworkpolicy"
|
||||
"kubesphere.io/kubesphere/pkg/controller/network/provider"
|
||||
)
|
||||
|
||||
type CalicoDataStoreType string
|
||||
|
||||
const (
|
||||
certPath = "/calicocerts"
|
||||
|
||||
KubernetesDataStore CalicoDataStoreType = "k8s"
|
||||
EtcdDataStore CalicoDataStoreType = "etcd"
|
||||
)
|
||||
|
||||
type RunOption struct {
|
||||
ProviderName string
|
||||
DataStoreType CalicoDataStoreType
|
||||
EtcdEndpoints string
|
||||
AllowInsecureEtcd bool
|
||||
}
|
||||
|
||||
func (r RunOption) Run() error {
|
||||
klog.V(1).Info("Check config")
|
||||
if err := r.check(); err != nil {
|
||||
return err
|
||||
}
|
||||
klog.V(1).Info("Preparing kubernetes client")
|
||||
config, err := rest.InClusterConfig()
|
||||
if err != nil {
|
||||
panic(err.Error())
|
||||
}
|
||||
// creates the clientset
|
||||
k8sClientset := kubernetes.NewForConfigOrDie(config)
|
||||
ksClientset := versioned.NewForConfigOrDie(config)
|
||||
informer := ksinformer.NewSharedInformerFactory(ksClientset, time.Minute*10)
|
||||
klog.V(1).Info("Kubernetes client initialized successfully")
|
||||
var npProvider provider.NsNetworkPolicyProvider
|
||||
|
||||
if r.ProviderName == "calico" {
|
||||
klog.V(1).Info("Preparing calico client")
|
||||
config := apiconfig.NewCalicoAPIConfig()
|
||||
config.Spec.EtcdEndpoints = r.EtcdEndpoints
|
||||
if !r.AllowInsecureEtcd {
|
||||
config.Spec.EtcdKeyFile = certPath + "/etcd-key"
|
||||
config.Spec.EtcdCertFile = certPath + "/etcd-cert"
|
||||
config.Spec.EtcdCACertFile = certPath + "/etcd-ca"
|
||||
}
|
||||
if r.DataStoreType == KubernetesDataStore {
|
||||
config.Spec.DatastoreType = apiconfig.Kubernetes
|
||||
} else {
|
||||
config.Spec.DatastoreType = apiconfig.EtcdV3
|
||||
}
|
||||
client, err := clientv3.New(*config)
|
||||
if err != nil {
|
||||
klog.Fatal("Failed to initialize calico client", err)
|
||||
}
|
||||
npProvider = provider.NewCalicoNetworkProvider(client.NetworkPolicies())
|
||||
klog.V(1).Info("Calico client initialized successfully")
|
||||
}
|
||||
|
||||
//TODO: support no-calico cni
|
||||
c := nsnetworkpolicy.NewController(k8sClientset, ksClientset, informer.Network().V1alpha1().NamespaceNetworkPolicies(), npProvider)
|
||||
stop := make(chan struct{})
|
||||
klog.V(1).Infof("Starting controller")
|
||||
go informer.Network().V1alpha1().NamespaceNetworkPolicies().Informer().Run(stop)
|
||||
return c.Run(1, stop)
|
||||
}
|
||||
|
||||
func (r RunOption) check() error {
|
||||
return nil
|
||||
}
|
||||
Reference in New Issue
Block a user