hardcoded kubelet config.yaml generation

preved911 · Feb 24, 2020 · 9a5dc73 · 9a5dc73
1 parent aced211
commit 9a5dc73
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 2 deletions.
diff --git a/go.mod b/go.mod
@@ -10,6 +10,7 @@ require (
 	k8s.io/apimachinery v0.17.2
 	k8s.io/client-go v0.17.2
 	k8s.io/klog v1.0.0
+	k8s.io/kubelet v0.0.0
 	k8s.io/kubernetes v1.17.2
 )
 

diff --git a/kubelet.go b/kubelet.go
@@ -21,6 +21,10 @@ import (
 	restclient "k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
+
+	kubeletphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/kubelet"
+	// kubeletconfig "k8s.io/kubernetes/pkg/kubelet/apis/config"
+	kubeletconfig "k8s.io/kubelet/config/v1beta1"
 )
 
 // func parseCertCA(certificatesDir string) ([]byte, error) {
@@ -112,7 +116,7 @@ func kubeletCertKeyGen(nodeName, certificatesDir string) ([]byte, []byte, error)
 	return publicKey, privateKeyData, nil
 }
 
-func kubeletConfigCreate(nodeName, certificatesDir string) error {
+func kubeletKubeConfigCreate(nodeName, certificatesDir string) error {
 	var kubeletConfigFile string = fmt.Sprintf("kubelet-%s.conf", nodeName)
 
 	// check kubelet.conf existence
@@ -169,3 +173,40 @@ func kubeletConfigCreate(nodeName, certificatesDir string) error {
 		filepath.Join(certificatesDir, kubeletConfigFile),
 	)
 }
+
+func kubeletConfigCreate(certificatesDir string) error {
+	var (
+		healthzPort                                                                int32 = 10248
+		kubeletAnonymousAuthenticationEnabled, kubeletWebhookAuthenticationEnabled bool
+	)
+
+	kubeletWebhookAuthenticationEnabled = true
+
+	kubeletConfig := &kubeletconfig.KubeletConfiguration{
+		Authentication: kubeletconfig.KubeletAuthentication{
+			X509: kubeletconfig.KubeletX509Authentication{
+				ClientCAFile: "/etc/kubernetes/pki/ca.crt",
+			},
+			Webhook: kubeletconfig.KubeletWebhookAuthentication{
+				Enabled: &kubeletWebhookAuthenticationEnabled,
+			},
+			Anonymous: kubeletconfig.KubeletAnonymousAuthentication{
+				Enabled: &kubeletAnonymousAuthenticationEnabled,
+			},
+		},
+		Authorization: kubeletconfig.KubeletAuthorization{
+			Mode: "Webhook",
+		},
+		CgroupDriver:       "systemd",
+		ClusterDNS:         []string{"10.96.0.10"},
+		ClusterDomain:      "cluster.local",
+		HealthzBindAddress: "127.0.0.1",
+		HealthzPort:        &healthzPort,
+		RotateCertificates: true,
+		StaticPodPath:      "/etc/kubernetes/manifests",
+	}
+
+	return kubeletphase.WriteConfigToDisk(
+		kubeletConfig,
+		certificatesDir)
+}
diff --git a/main.go b/main.go
@@ -33,8 +33,12 @@ func main() {
 	}
 
 	for _, nodeName := range cfg.Nodes {
-		if err := kubeletConfigCreate(nodeName, cfg.initConfiguration.CertificatesDir); err != nil {
+		if err := kubeletKubeConfigCreate(nodeName, cfg.initConfiguration.CertificatesDir); err != nil {
 			log.Fatalln(err)
 		}
 	}
+
+	if err := kubeletConfigCreate(cfg.initConfiguration.CertificatesDir); err != nil {
+		log.Fatalln(err)
+	}
 }