// Clients returns an OpenShift and Kubernetes client with the credentials of the named service account
// TODO: change return types to client.Interface/kclient.Interface to allow auto-reloading credentials
func Clients(config kclient.Config, tokenRetriever TokenRetriever, namespace, name string) (*client.Client, *kclient.Client, error) {
// Clear existing auth info
config.Username = ""
config.Password = ""
config.CertFile = ""
config.CertData = []byte{}
config.KeyFile = ""
config.KeyData = []byte{}
// For now, just initialize the token once
// TODO: refetch the token if the client encounters 401 errors
token, err := tokenRetriever.GetToken(namespace, name)
if err != nil {
return nil, nil, err
}
config.BearerToken = token
c, err := client.New(&config)
if err != nil {
return nil, nil, err
}
kc, err := kclient.New(&config)
if err != nil {
return nil, nil, err
}
return c, kc, nil
}
// AnonymousClientConfig returns a copy of the given config with all user credentials (cert/key, bearer token, and username/password) removed
func AnonymousClientConfig(config kclient.Config) kclient.Config {
config.BearerToken = ""
config.CertData = nil
config.CertFile = ""
config.KeyData = nil
config.KeyFile = ""
config.Username = ""
config.Password = ""
return config
}
// MergeWithConfig returns a copy of a client.Config with values from the Info.
// The fields of client.Config with a corresponding field in the Info are set
// with the value from the Info.
func (info Info) MergeWithConfig(c client.Config) (client.Config, error) {
var config client.Config = c
config.Username = info.User
config.Password = info.Password
config.CAFile = info.CAFile
config.CertFile = info.CertFile
config.KeyFile = info.KeyFile
config.BearerToken = info.BearerToken
if info.Insecure != nil {
config.Insecure = *info.Insecure
}
return config, nil
}
func NewKubeClient(c config.Config, workQueueReady chan struct{}) (*Kube, error) {
const resyncPeriod = 10 * time.Second
var err error
kube := &Kube{}
conf := client.Config{
Host: c.Kubernetes.APIendpoint,
}
// We only pass the username + password if they were set...
if c.Kubernetes.Username != "" {
conf.Username = c.Kubernetes.Username
}
if c.Kubernetes.Password != "" {
conf.Password = c.Kubernetes.Password
}
kube.c, err = client.New(&conf)
if err != nil {
return nil, err
}
kube.NodeQueue = workqueue.New()
kube.ServiceQueue = workqueue.New()
// We will hardcode our namespace for now.
namespace := api.NamespaceAll
// Set up our enqueing function for node objects
nodeEnqueueAsAdd := func(obj interface{}) {
kube.NodeQueue.Add(QueueEvent{Obj: obj, ObjType: watch.Added})
}
nodeEnqueueAsDelete := func(obj interface{}) {
kube.NodeQueue.Add(QueueEvent{Obj: obj, ObjType: watch.Deleted})
}
nodeEnqueueAsUpdate := func(obj interface{}) {
kube.NodeQueue.Add(QueueEvent{Obj: obj, ObjType: watch.Modified})
}
// and one for service objects, too
serviceEnqueueAsAdd := func(obj interface{}) {
kube.ServiceQueue.Add(QueueEvent{Obj: obj, ObjType: watch.Added})
}
serviceEnqueueAsDelete := func(obj interface{}) {
kube.ServiceQueue.Add(QueueEvent{Obj: obj, ObjType: watch.Deleted})
}
serviceEnqueueAsUpdate := func(obj interface{}) {
kube.ServiceQueue.Add(QueueEvent{Obj: obj, ObjType: watch.Modified})
}
// Set up our event handlers. These get called every time the cache client gets a new event from the API.
nodeEventHandlers := framework.ResourceEventHandlerFuncs{
AddFunc: nodeEnqueueAsAdd,
DeleteFunc: nodeEnqueueAsDelete,
UpdateFunc: func(old, cur interface{}) {
// We're only going to add updates to the queue when the node condition changes
if old.(*api.Node).Status.Conditions[0].Status != cur.(*api.Node).Status.Conditions[0].Status {
nodeEnqueueAsUpdate(cur)
}
},
}
serviceEventHandlers := framework.ResourceEventHandlerFuncs{
AddFunc: serviceEnqueueAsAdd,
DeleteFunc: serviceEnqueueAsDelete,
UpdateFunc: func(old, cur interface{}) {
if !reflect.DeepEqual(old, cur) {
serviceEnqueueAsUpdate(cur)
}
},
}
kube.NodeLister.Store, kube.nodeController = framework.NewInformer(
cache.NewListWatchFromClient(
kube.c, "nodes", namespace, fields.Everything()),
&api.Node{}, resyncPeriod, nodeEventHandlers)
kube.ServiceLister.Store, kube.serviceController = framework.NewInformer(
cache.NewListWatchFromClient(
kube.c, "services", namespace, fields.Everything()),
&api.Service{}, resyncPeriod, serviceEventHandlers)
go kube.serviceController.Run(util.NeverStop)
go kube.nodeController.Run(util.NeverStop)
for !kube.serviceController.HasSynced() && !kube.nodeController.HasSynced() {
log.Println("Waiting for serviceController and nodeController to sync...")
time.Sleep(500 * time.Millisecond)
}
// Signal that the queue is ready
close(workQueueReady)
return kube, nil
}