Merge pull request #518 from zhuangqh/me-kubeconfig-from-vc

[incubator][VC] syncer: try to get tenant admin kubeconfig from vc object
kubernetes-retired · Mar 12, 2020 · 06f32a3 · 06f32a3
2 parents d546a72 + 468987b
commit 06f32a3
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 4 deletions.
diff --git a/incubator/virtualcluster/pkg/syncer/constants/constants.go b/incubator/virtualcluster/pkg/syncer/constants/constants.go
@@ -35,6 +35,8 @@ const (
 	LabelClusterIP = "tenancy.x-k8s.io/clusterIP"
 	// LabelSecretName is the service account token secret name in tenant namespace.
 	LabelSecretName = "tenancy.x-k8s.io/secret.name"
+	// LabelAdminKubeConfig is the kubeconfig in base64 format for tenant master.
+	LabelAdminKubeConfig = "tenancy.x-k8s.io/admin-kubeconfig"
 
 	// LabelServiceAccountUID is the tenant service account UID related to the secret.
 	LabelServiceAccountUID = "tenancy.x-k8s.io/service-account.UID"

diff --git a/incubator/virtualcluster/pkg/syncer/syncer.go b/incubator/virtualcluster/pkg/syncer/syncer.go
@@ -262,12 +262,18 @@ func (s *Syncer) addCluster(key string, vc *v1alpha1.Virtualcluster) error {
 
 	clusterName := conversion.ToClusterKey(vc)
 
-	adminKubeConfigSecret, err := s.secretClient.Secrets(clusterName).Get(KubeconfigAdmin, metav1.GetOptions{})
-	if err != nil {
-		return fmt.Errorf("failed to get secret (%s) for virtual cluster in root namespace %s: %v", KubeconfigAdmin, clusterName, err)
+	var adminKubeConfigBytes []byte
+	if adminKubeConfig, exists := vc.GetAnnotations()[constants.LabelAdminKubeConfig]; exists {
+		adminKubeConfigBytes = []byte(adminKubeConfig)
+	} else {
+		adminKubeConfigSecret, err := s.secretClient.Secrets(clusterName).Get(KubeconfigAdmin, metav1.GetOptions{})
+		if err != nil {
+			return fmt.Errorf("failed to get secret (%s) for virtual cluster in root namespace %s: %v", KubeconfigAdmin, clusterName, err)
+		}
+		adminKubeConfigBytes = adminKubeConfigSecret.Data[KubeconfigAdmin]
 	}
 
-	tenantCluster, err := cluster.NewTenantCluster(clusterName, vc.Namespace, vc.Name, string(vc.UID), s.lister, adminKubeConfigSecret.Data[KubeconfigAdmin], cluster.Options{})
+	tenantCluster, err := cluster.NewTenantCluster(clusterName, vc.Namespace, vc.Name, string(vc.UID), s.lister, adminKubeConfigBytes, cluster.Options{})
 	if err != nil {
 		return fmt.Errorf("failed to new tenant cluster %s/%s: %v", vc.Namespace, vc.Name, err)
 	}