func (o DiscoveryServerOptions) RunDiscoveryServer() error {
// if we don't have an etcd to back the server, we must be a legacy server
if len(o.Etcd.StorageConfig.ServerList) == 0 {
return o.RunLegacyDiscoveryServer()
}
// TODO have a "real" external address
if err := o.SecureServing.MaybeDefaultWithSelfSignedCerts("localhost"); err != nil {
return fmt.Errorf("error creating self-signed certificates: %v", err)
}
genericAPIServerConfig := genericapiserver.NewConfig()
if _, err := genericAPIServerConfig.ApplySecureServingOptions(o.SecureServing); err != nil {
return err
}
if _, err := genericAPIServerConfig.ApplyDelegatingAuthenticationOptions(o.Authentication); err != nil {
return err
}
if _, err := genericAPIServerConfig.ApplyDelegatingAuthorizationOptions(o.Authorization); err != nil {
return err
}
var err error
privilegedLoopbackToken := uuid.NewRandom().String()
if genericAPIServerConfig.LoopbackClientConfig, err = genericAPIServerConfig.SecureServingInfo.NewSelfClientConfig(privilegedLoopbackToken); err != nil {
return err
}
config := apiserver.Config{
GenericConfig: genericAPIServerConfig,
RESTOptionsGetter: &restOptionsFactory{storageConfig: &o.Etcd.StorageConfig},
}
server, err := config.Complete().New()
if err != nil {
return err
}
server.GenericAPIServer.PrepareRun().Run(wait.NeverStop)
return nil
}
func (o DiscoveryServerOptions) RunDiscoveryServer() error {
// if we don't have an etcd to back the server, we must be a legacy server
if len(o.Etcd.StorageConfig.ServerList) == 0 {
return o.RunLegacyDiscoveryServer()
}
// TODO have a "real" external address
if err := o.SecureServing.MaybeDefaultWithSelfSignedCerts("localhost"); err != nil {
return fmt.Errorf("error creating self-signed certificates: %v", err)
}
genericAPIServerConfig := genericapiserver.NewConfig()
if _, err := genericAPIServerConfig.ApplySecureServingOptions(o.SecureServing); err != nil {
return err
}
if _, err := genericAPIServerConfig.ApplyDelegatingAuthenticationOptions(o.Authentication); err != nil {
return err
}
if _, err := genericAPIServerConfig.ApplyDelegatingAuthorizationOptions(o.Authorization); err != nil {
return err
}
genericAPIServerConfig.LongRunningFunc = filters.BasicLongRunningRequestCheck(
sets.NewString("watch", "proxy"),
sets.NewString("attach", "exec", "proxy", "log", "portforward"),
)
var err error
privilegedLoopbackToken := uuid.NewRandom().String()
if genericAPIServerConfig.LoopbackClientConfig, err = genericAPIServerConfig.SecureServingInfo.NewSelfClientConfig(privilegedLoopbackToken); err != nil {
return err
}
kubeconfig, err := restclient.InClusterConfig()
if err != nil {
return err
}
coreAPIServerClient, err := kubeclientset.NewForConfig(kubeconfig)
if err != nil {
return err
}
config := apiserver.Config{
GenericConfig: genericAPIServerConfig,
RESTOptionsGetter: &restOptionsFactory{storageConfig: &o.Etcd.StorageConfig},
CoreAPIServerClient: coreAPIServerClient,
}
config.ProxyClientCert, err = ioutil.ReadFile(o.ProxyClientCertFile)
if err != nil {
return err
}
config.ProxyClientKey, err = ioutil.ReadFile(o.ProxyClientKeyFile)
if err != nil {
return err
}
server, err := config.Complete().New()
if err != nil {
return err
}
server.GenericAPIServer.PrepareRun().Run(wait.NeverStop)
return nil
}