func NewCommandAdmin(name, fullName string, out io.Writer) *cobra.Command {
// Main command
cmds := &cobra.Command{
Use: name,
Short: "Tools for managing an OpenShift cluster",
Long: fmt.Sprintf(adminLong),
Run: cmdutil.DefaultSubCommandRun(out),
}
f := clientcmd.New(cmds.PersistentFlags())
cmds.AddCommand(project.NewCmdNewProject(project.NewProjectRecommendedName, fullName+" "+project.NewProjectRecommendedName, f, out))
cmds.AddCommand(policy.NewCmdPolicy(policy.PolicyRecommendedName, fullName+" "+policy.PolicyRecommendedName, f, out))
cmds.AddCommand(exipfailover.NewCmdIPFailoverConfig(f, fullName, "ipfailover", out))
cmds.AddCommand(router.NewCmdRouter(f, fullName, "router", out))
cmds.AddCommand(registry.NewCmdRegistry(f, fullName, "registry", out))
cmds.AddCommand(buildchain.NewCmdBuildChain(f, fullName, "build-chain"))
cmds.AddCommand(node.NewCommandManageNode(f, node.ManageNodeCommandName, fullName+" "+node.ManageNodeCommandName, out))
cmds.AddCommand(cmd.NewCmdConfig(fullName, "config"))
cmds.AddCommand(prune.NewCommandPrune(prune.PruneRecommendedName, fullName+" "+prune.PruneRecommendedName, f, out))
// TODO: these probably belong in a sub command
cmds.AddCommand(admin.NewCommandCreateKubeConfig(admin.CreateKubeConfigCommandName, fullName+" "+admin.CreateKubeConfigCommandName, out))
cmds.AddCommand(admin.NewCommandCreateBootstrapPolicyFile(admin.CreateBootstrapPolicyFileCommand, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out))
cmds.AddCommand(admin.NewCommandCreateBootstrapProjectTemplate(f, admin.CreateBootstrapProjectTemplateCommand, fullName+" "+admin.CreateBootstrapProjectTemplateCommand, out))
cmds.AddCommand(admin.NewCommandOverwriteBootstrapPolicy(admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out))
cmds.AddCommand(admin.NewCommandNodeConfig(admin.NodeConfigCommandName, fullName+" "+admin.NodeConfigCommandName, out))
// TODO: these should be rolled up together
cmds.AddCommand(admin.NewCommandCreateMasterCerts(admin.CreateMasterCertsCommandName, fullName+" "+admin.CreateMasterCertsCommandName, out))
cmds.AddCommand(admin.NewCommandCreateClient(admin.CreateClientCommandName, fullName+" "+admin.CreateClientCommandName, out))
cmds.AddCommand(admin.NewCommandCreateKeyPair(admin.CreateKeyPairCommandName, fullName+" "+admin.CreateKeyPairCommandName, out))
cmds.AddCommand(admin.NewCommandCreateServerCert(admin.CreateServerCertCommandName, fullName+" "+admin.CreateServerCertCommandName, out))
cmds.AddCommand(admin.NewCommandCreateSignerCert(admin.CreateSignerCertCommandName, fullName+" "+admin.CreateSignerCertCommandName, out))
// TODO: use groups
templates.ActsAsRootCommand(cmds)
if name == fullName {
cmds.AddCommand(version.NewVersionCommand(fullName))
}
cmds.AddCommand(cmd.NewCmdOptions(out))
return cmds
}
func NewCommandAdmin(name, fullName string, out io.Writer, errout io.Writer) *cobra.Command {
// Main command
cmds := &cobra.Command{
Use: name,
Short: "Tools for managing a cluster",
Long: fmt.Sprintf(adminLong),
Run: cmdutil.DefaultSubCommandRun(out),
}
f := clientcmd.New(cmds.PersistentFlags())
groups := templates.CommandGroups{
{
Message: "Basic Commands:",
Commands: []*cobra.Command{
project.NewCmdNewProject(project.NewProjectRecommendedName, fullName+" "+project.NewProjectRecommendedName, f, out),
policy.NewCmdPolicy(policy.PolicyRecommendedName, fullName+" "+policy.PolicyRecommendedName, f, out, errout),
groups.NewCmdGroups(groups.GroupsRecommendedName, fullName+" "+groups.GroupsRecommendedName, f, out),
},
},
{
Message: "Install Commands:",
Commands: []*cobra.Command{
router.NewCmdRouter(f, fullName, "router", out),
exipfailover.NewCmdIPFailoverConfig(f, fullName, "ipfailover", out, errout),
registry.NewCmdRegistry(f, fullName, "registry", out),
},
},
{
Message: "Maintenance Commands:",
Commands: []*cobra.Command{
buildchain.NewCmdBuildChain(name, fullName+" "+buildchain.BuildChainRecommendedCommandName, f, out),
diagnostics.NewCmdDiagnostics(diagnostics.DiagnosticsRecommendedName, fullName+" "+diagnostics.DiagnosticsRecommendedName, out),
node.NewCommandManageNode(f, node.ManageNodeCommandName, fullName+" "+node.ManageNodeCommandName, out, errout),
prune.NewCommandPrune(prune.PruneRecommendedName, fullName+" "+prune.PruneRecommendedName, f, out),
},
},
{
Message: "Settings Commands:",
Commands: []*cobra.Command{
cmd.NewCmdConfig(fullName, "config"),
// TODO: these probably belong in a sub command
admin.NewCommandCreateKubeConfig(admin.CreateKubeConfigCommandName, fullName+" "+admin.CreateKubeConfigCommandName, out),
admin.NewCommandCreateClient(admin.CreateClientCommandName, fullName+" "+admin.CreateClientCommandName, out),
cmd.NewCmdCompletion(fullName, f, out),
},
},
{
Message: "Advanced Commands:",
Commands: []*cobra.Command{
network.NewCmdPodNetwork(network.PodNetworkCommandName, fullName+" "+network.PodNetworkCommandName, f, out),
admin.NewCommandCreateBootstrapProjectTemplate(f, admin.CreateBootstrapProjectTemplateCommand, fullName+" "+admin.CreateBootstrapProjectTemplateCommand, out),
admin.NewCommandCreateBootstrapPolicyFile(admin.CreateBootstrapPolicyFileCommand, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out),
admin.NewCommandCreateLoginTemplate(f, admin.CreateLoginTemplateCommand, fullName+" "+admin.CreateLoginTemplateCommand, out),
admin.NewCommandCreateProviderSelectionTemplate(f, admin.CreateProviderSelectionTemplateCommand, fullName+" "+admin.CreateProviderSelectionTemplateCommand, out),
admin.NewCommandCreateErrorTemplate(f, admin.CreateErrorTemplateCommand, fullName+" "+admin.CreateErrorTemplateCommand, out),
admin.NewCommandOverwriteBootstrapPolicy(admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out),
admin.NewCommandNodeConfig(admin.NodeConfigCommandName, fullName+" "+admin.NodeConfigCommandName, out),
cert.NewCmdCert(cert.CertRecommendedName, fullName+" "+cert.CertRecommendedName, out, errout),
},
},
}
groups.Add(cmds)
templates.ActsAsRootCommand(cmds, []string{"options"}, groups...)
// Deprecated commands that are bundled with the binary but not displayed to end users directly
deprecatedCommands := []*cobra.Command{
admin.NewCommandCreateMasterCerts(admin.CreateMasterCertsCommandName, fullName+" "+admin.CreateMasterCertsCommandName, out),
admin.NewCommandCreateKeyPair(admin.CreateKeyPairCommandName, fullName+" "+admin.CreateKeyPairCommandName, out),
admin.NewCommandCreateServerCert(admin.CreateServerCertCommandName, fullName+" "+admin.CreateServerCertCommandName, out),
admin.NewCommandCreateSignerCert(admin.CreateSignerCertCommandName, fullName+" "+admin.CreateSignerCertCommandName, out),
}
for _, cmd := range deprecatedCommands {
// Unsetting Short description will not show this command in help
cmd.Short = ""
cmd.Deprecated = fmt.Sprintf("Use '%s ca' instead.", fullName)
cmds.AddCommand(cmd)
}
if name == fullName {
cmds.AddCommand(version.NewVersionCommand(fullName, false))
}
cmds.AddCommand(cmd.NewCmdOptions(out))
return cmds
}
func NewCommandAdmin(name, fullName string, in io.Reader, out io.Writer, errout io.Writer) *cobra.Command {
// Main command
cmds := &cobra.Command{
Use: name,
Short: "Tools for managing a cluster",
Long: fmt.Sprintf(adminLong),
Run: kcmdutil.DefaultSubCommandRun(out),
}
f := clientcmd.New(cmds.PersistentFlags())
groups := templates.CommandGroups{
{
Message: "Component Installation:",
Commands: []*cobra.Command{
router.NewCmdRouter(f, fullName, "router", out, errout),
exipfailover.NewCmdIPFailoverConfig(f, fullName, "ipfailover", out, errout),
registry.NewCmdRegistry(f, fullName, "registry", out, errout),
},
},
{
Message: "Security and Policy:",
Commands: []*cobra.Command{
project.NewCmdNewProject(project.NewProjectRecommendedName, fullName+" "+project.NewProjectRecommendedName, f, out),
policy.NewCmdPolicy(policy.PolicyRecommendedName, fullName+" "+policy.PolicyRecommendedName, f, out, errout),
groups.NewCmdGroups(groups.GroupsRecommendedName, fullName+" "+groups.GroupsRecommendedName, f, out, errout),
cert.NewCmdCert(cert.CertRecommendedName, fullName+" "+cert.CertRecommendedName, out, errout),
admin.NewCommandOverwriteBootstrapPolicy(admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out),
},
},
{
Message: "Node Management:",
Commands: []*cobra.Command{
admin.NewCommandNodeConfig(admin.NodeConfigCommandName, fullName+" "+admin.NodeConfigCommandName, out),
node.NewCommandManageNode(f, node.ManageNodeCommandName, fullName+" "+node.ManageNodeCommandName, out, errout),
cmdutil.ReplaceCommandName("kubectl", fullName, templates.Normalize(kubectl.NewCmdCordon(f, out))),
cmdutil.ReplaceCommandName("kubectl", fullName, templates.Normalize(kubectl.NewCmdUncordon(f, out))),
cmdutil.ReplaceCommandName("kubectl", fullName, templates.Normalize(kubectl.NewCmdDrain(f, out, errout))),
cmdutil.ReplaceCommandName("kubectl", fullName, templates.Normalize(kubectl.NewCmdTaint(f, out))),
network.NewCmdPodNetwork(network.PodNetworkCommandName, fullName+" "+network.PodNetworkCommandName, f, out, errout),
},
},
{
Message: "Maintenance:",
Commands: []*cobra.Command{
diagnostics.NewCmdDiagnostics(diagnostics.DiagnosticsRecommendedName, fullName+" "+diagnostics.DiagnosticsRecommendedName, out),
prune.NewCommandPrune(prune.PruneRecommendedName, fullName+" "+prune.PruneRecommendedName, f, out, errout),
buildchain.NewCmdBuildChain(name, fullName+" "+buildchain.BuildChainRecommendedCommandName, f, out),
migrate.NewCommandMigrate(
migrate.MigrateRecommendedName, fullName+" "+migrate.MigrateRecommendedName, f, out, errout,
// Migration commands
migrateimages.NewCmdMigrateImageReferences("image-references", fullName+" "+migrate.MigrateRecommendedName+" image-references", f, in, out, errout),
migratestorage.NewCmdMigrateAPIStorage("storage", fullName+" "+migrate.MigrateRecommendedName+" storage", f, in, out, errout),
),
top.NewCommandTop(top.TopRecommendedName, fullName+" "+top.TopRecommendedName, f, out, errout),
},
},
{
Message: "Configuration:",
Commands: []*cobra.Command{
admin.NewCommandCreateKubeConfig(admin.CreateKubeConfigCommandName, fullName+" "+admin.CreateKubeConfigCommandName, out),
admin.NewCommandCreateClient(admin.CreateClientCommandName, fullName+" "+admin.CreateClientCommandName, out),
admin.NewCommandCreateBootstrapProjectTemplate(f, admin.CreateBootstrapProjectTemplateCommand, fullName+" "+admin.CreateBootstrapProjectTemplateCommand, out),
admin.NewCommandCreateBootstrapPolicyFile(admin.CreateBootstrapPolicyFileCommand, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out),
admin.NewCommandCreateLoginTemplate(f, admin.CreateLoginTemplateCommand, fullName+" "+admin.CreateLoginTemplateCommand, out),
admin.NewCommandCreateProviderSelectionTemplate(f, admin.CreateProviderSelectionTemplateCommand, fullName+" "+admin.CreateProviderSelectionTemplateCommand, out),
admin.NewCommandCreateErrorTemplate(f, admin.CreateErrorTemplateCommand, fullName+" "+admin.CreateErrorTemplateCommand, out),
},
},
}
groups.Add(cmds)
templates.ActsAsRootCommand(cmds, []string{"options"}, groups...)
// Deprecated commands that are bundled with the binary but not displayed to end users directly
deprecatedCommands := []*cobra.Command{
admin.NewCommandCreateMasterCerts(admin.CreateMasterCertsCommandName, fullName+" "+admin.CreateMasterCertsCommandName, out),
admin.NewCommandCreateKeyPair(admin.CreateKeyPairCommandName, fullName+" "+admin.CreateKeyPairCommandName, out),
admin.NewCommandCreateServerCert(admin.CreateServerCertCommandName, fullName+" "+admin.CreateServerCertCommandName, out),
admin.NewCommandCreateSignerCert(admin.CreateSignerCertCommandName, fullName+" "+admin.CreateSignerCertCommandName, out),
}
for _, cmd := range deprecatedCommands {
// Unsetting Short description will not show this command in help
cmd.Short = ""
cmd.Deprecated = fmt.Sprintf("Use '%s ca' instead.", fullName)
cmds.AddCommand(cmd)
}
cmds.AddCommand(
// part of every root command
cmd.NewCmdConfig(fullName, "config", out, errout),
cmd.NewCmdCompletion(fullName, f, out),
// hidden
cmd.NewCmdOptions(out),
)
if name == fullName {
cmds.AddCommand(cmd.NewCmdVersion(fullName, f, out, cmd.VersionOptions{}))
}
return cmds
}
// InstallRouter installs a default router on the OpenShift server
func (h *Helper) InstallRouter(kubeClient kclient.Interface, f *clientcmd.Factory, configDir, images, hostIP string, portForwarding bool, out io.Writer) error {
_, err := kubeClient.Services(DefaultNamespace).Get(SvcRouter)
if err == nil {
// Router service already exists, nothing to do
return nil
}
if !apierrors.IsNotFound(err) {
return errors.NewError("error retrieving router service").WithCause(err).WithDetails(h.OriginLog())
}
masterDir := filepath.Join(configDir, "master")
// Create service account for router
routerSA := &kapi.ServiceAccount{}
routerSA.Name = "router"
_, err = kubeClient.ServiceAccounts("default").Create(routerSA)
if err != nil {
return errors.NewError("cannot create router service account").WithCause(err).WithDetails(h.OriginLog())
}
// Add router SA to privileged SCC
privilegedSCC, err := kubeClient.SecurityContextConstraints().Get("privileged")
if err != nil {
return errors.NewError("cannot retrieve privileged SCC").WithCause(err).WithDetails(h.OriginLog())
}
privilegedSCC.Users = append(privilegedSCC.Users, serviceaccount.MakeUsername("default", "router"))
_, err = kubeClient.SecurityContextConstraints().Update(privilegedSCC)
if err != nil {
return errors.NewError("cannot update privileged SCC").WithCause(err).WithDetails(h.OriginLog())
}
// Create router cert
cmdOutput := &bytes.Buffer{}
createCertOptions := &admin.CreateServerCertOptions{
SignerCertOptions: &admin.SignerCertOptions{
CertFile: filepath.Join(masterDir, "ca.crt"),
KeyFile: filepath.Join(masterDir, "ca.key"),
SerialFile: filepath.Join(masterDir, "ca.serial.txt"),
},
Overwrite: true,
Hostnames: []string{fmt.Sprintf("%s.xip.io", hostIP)},
CertFile: filepath.Join(masterDir, "router.crt"),
KeyFile: filepath.Join(masterDir, "router.key"),
Output: cmdOutput,
}
_, err = createCertOptions.CreateServerCert()
if err != nil {
return errors.NewError("cannot create router cert").WithCause(err)
}
err = catFiles(filepath.Join(masterDir, "router.pem"),
filepath.Join(masterDir, "router.crt"),
filepath.Join(masterDir, "router.key"),
filepath.Join(masterDir, "ca.crt"))
if err != nil {
return err
}
imageTemplate := variable.NewDefaultImageTemplate()
imageTemplate.Format = images
cfg := &router.RouterConfig{
Name: "router",
Type: "haproxy-router",
ImageTemplate: imageTemplate,
Ports: "80:80,443:443",
Replicas: 1,
Labels: "router=<name>",
Credentials: filepath.Join(masterDir, "admin.kubeconfig"),
DefaultCertificate: filepath.Join(masterDir, "router.pem"),
StatsPort: 1936,
StatsUsername: "******",
HostNetwork: !portForwarding,
HostPorts: true,
ServiceAccount: "router",
}
output := &bytes.Buffer{}
cmd := router.NewCmdRouter(f, "", "router", out)
cmd.SetOutput(output)
err = router.RunCmdRouter(f, cmd, output, cfg, []string{})
glog.V(4).Infof("Router command output:\n%s", output.String())
if err != nil {
return errors.NewError("cannot install router").WithCause(err).WithDetails(h.OriginLog())
}
return nil
}