From 468987b1ef89bf2b0e3c858ad37123487b75678a Mon Sep 17 00:00:00 2001 From: zhuangqh Date: Fri, 13 Mar 2020 01:10:04 +0800 Subject: [PATCH] syncer: try to get tenant admin kubeconfig from vc object Signed-off-by: zhuangqh --- .../pkg/syncer/constants/constants.go | 2 ++ incubator/virtualcluster/pkg/syncer/syncer.go | 14 ++++++++++---- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/incubator/virtualcluster/pkg/syncer/constants/constants.go b/incubator/virtualcluster/pkg/syncer/constants/constants.go index 2485fcb26..28cdad2ef 100644 --- a/incubator/virtualcluster/pkg/syncer/constants/constants.go +++ b/incubator/virtualcluster/pkg/syncer/constants/constants.go @@ -35,6 +35,8 @@ const ( LabelClusterIP = "tenancy.x-k8s.io/clusterIP" // LabelSecretName is the service account token secret name in tenant namespace. LabelSecretName = "tenancy.x-k8s.io/secret.name" + // LabelAdminKubeConfig is the kubeconfig in base64 format for tenant master. + LabelAdminKubeConfig = "tenancy.x-k8s.io/admin-kubeconfig" // LabelServiceAccountUID is the tenant service account UID related to the secret. LabelServiceAccountUID = "tenancy.x-k8s.io/service-account.UID" diff --git a/incubator/virtualcluster/pkg/syncer/syncer.go b/incubator/virtualcluster/pkg/syncer/syncer.go index 6a72cc04f..46cd872c0 100644 --- a/incubator/virtualcluster/pkg/syncer/syncer.go +++ b/incubator/virtualcluster/pkg/syncer/syncer.go @@ -262,12 +262,18 @@ func (s *Syncer) addCluster(key string, vc *v1alpha1.Virtualcluster) error { clusterName := conversion.ToClusterKey(vc) - adminKubeConfigSecret, err := s.secretClient.Secrets(clusterName).Get(KubeconfigAdmin, metav1.GetOptions{}) - if err != nil { - return fmt.Errorf("failed to get secret (%s) for virtual cluster in root namespace %s: %v", KubeconfigAdmin, clusterName, err) + var adminKubeConfigBytes []byte + if adminKubeConfig, exists := vc.GetAnnotations()[constants.LabelAdminKubeConfig]; exists { + adminKubeConfigBytes = []byte(adminKubeConfig) + } else { + adminKubeConfigSecret, err := s.secretClient.Secrets(clusterName).Get(KubeconfigAdmin, metav1.GetOptions{}) + if err != nil { + return fmt.Errorf("failed to get secret (%s) for virtual cluster in root namespace %s: %v", KubeconfigAdmin, clusterName, err) + } + adminKubeConfigBytes = adminKubeConfigSecret.Data[KubeconfigAdmin] } - tenantCluster, err := cluster.NewTenantCluster(clusterName, vc.Namespace, vc.Name, string(vc.UID), s.lister, adminKubeConfigSecret.Data[KubeconfigAdmin], cluster.Options{}) + tenantCluster, err := cluster.NewTenantCluster(clusterName, vc.Namespace, vc.Name, string(vc.UID), s.lister, adminKubeConfigBytes, cluster.Options{}) if err != nil { return fmt.Errorf("failed to new tenant cluster %s/%s: %v", vc.Namespace, vc.Name, err) }