// makeUserIdentificationFieldsConfig returns a client.Config capable of being merged using mergo for only server identification information
func makeServerIdentificationConfig(info clientauth.Info) restclient.Config {
config := restclient.Config{}
config.CAFile = info.CAFile
if info.Insecure != nil {
config.Insecure = *info.Insecure
}
return config
}
// MergeWithConfig returns a copy of a client.Config with values from the Info.
// The fields of client.Config with a corresponding field in the Info are set
// with the value from the Info.
func (info Info) MergeWithConfig(c restclient.Config) (restclient.Config, error) {
var config restclient.Config = c
config.Username = info.User
config.Password = info.Password
config.CAFile = info.CAFile
config.CertFile = info.CertFile
config.KeyFile = info.KeyFile
config.BearerToken = info.BearerToken
if info.Insecure != nil {
config.Insecure = *info.Insecure
}
return config, nil
}
func makeTransport(config *schedulerapi.ExtenderConfig) (http.RoundTripper, error) {
var cfg restclient.Config
if config.TLSConfig != nil {
cfg.TLSClientConfig = *config.TLSConfig
}
if config.EnableHttps {
hasCA := len(cfg.CAFile) > 0 || len(cfg.CAData) > 0
if !hasCA {
cfg.Insecure = true
}
}
tlsConfig, err := restclient.TLSConfigFor(&cfg)
if err != nil {
return nil, err
}
if tlsConfig != nil {
return utilnet.SetTransportDefaults(&http.Transport{
TLSClientConfig: tlsConfig,
}), nil
}
return utilnet.SetTransportDefaults(&http.Transport{}), nil
}
// GetKubeClientConfig returns rest client configuration based on the passed url.
func GetKubeClientConfig(uri *url.URL) (*kube_rest.Config, error) {
var (
kubeConfig *kube_rest.Config
err error
)
opts := uri.Query()
configOverrides, err := getConfigOverrides(uri)
if err != nil {
return nil, err
}
inClusterConfig := defaultInClusterConfig
if len(opts["inClusterConfig"]) > 0 {
inClusterConfig, err = strconv.ParseBool(opts["inClusterConfig"][0])
if err != nil {
return nil, err
}
}
if inClusterConfig {
kubeConfig, err = kube_rest.InClusterConfig()
if err != nil {
return nil, err
}
if configOverrides.ClusterInfo.Server != "" {
kubeConfig.Host = configOverrides.ClusterInfo.Server
}
kubeConfig.GroupVersion = &schema.GroupVersion{Version: configOverrides.ClusterInfo.APIVersion}
kubeConfig.Insecure = configOverrides.ClusterInfo.InsecureSkipTLSVerify
if configOverrides.ClusterInfo.InsecureSkipTLSVerify {
kubeConfig.TLSClientConfig.CAFile = ""
}
} else {
authFile := ""
if len(opts["auth"]) > 0 {
authFile = opts["auth"][0]
}
if authFile != "" {
if kubeConfig, err = kube_client_cmd.NewNonInteractiveDeferredLoadingClientConfig(
&kube_client_cmd.ClientConfigLoadingRules{ExplicitPath: authFile},
configOverrides).ClientConfig(); err != nil {
return nil, err
}
} else {
kubeConfig = &kube_rest.Config{
Host: configOverrides.ClusterInfo.Server,
Insecure: configOverrides.ClusterInfo.InsecureSkipTLSVerify,
}
kubeConfig.GroupVersion = &schema.GroupVersion{Version: configOverrides.ClusterInfo.APIVersion}
}
}
if len(kubeConfig.Host) == 0 {
return nil, fmt.Errorf("invalid kubernetes master url specified")
}
if len(kubeConfig.GroupVersion.Version) == 0 {
return nil, fmt.Errorf("invalid kubernetes API version specified")
}
useServiceAccount := defaultUseServiceAccount
if len(opts["useServiceAccount"]) >= 1 {
useServiceAccount, err = strconv.ParseBool(opts["useServiceAccount"][0])
if err != nil {
return nil, err
}
}
if useServiceAccount {
// If a readable service account token exists, then use it
if contents, err := ioutil.ReadFile(defaultServiceAccountFile); err == nil {
kubeConfig.BearerToken = string(contents)
}
}
return kubeConfig, nil
}
func hasExistingInsecureCluster(clientConfigToTest restclient.Config, kubeconfig kclientcmdapi.Config) bool {
clientConfigToTest.Insecure = true
matchingClusters := getMatchingClusters(clientConfigToTest, kubeconfig)
return len(matchingClusters) > 0
}
func GetKubeClientConfig(uri *url.URL) (*kube_client.Config, error) {
var (
kubeConfig *kube_client.Config
err error
)
opts := uri.Query()
configOverrides, err := getConfigOverrides(uri)
if err != nil {
return nil, err
}
inClusterConfig := defaultInClusterConfig
if len(opts["inClusterConfig"]) > 0 {
inClusterConfig, err = strconv.ParseBool(opts["inClusterConfig"][0])
if err != nil {
return nil, err
}
}
if inClusterConfig {
kubeConfig, err = kube_client.InClusterConfig()
if err != nil {
return nil, err
}
if configOverrides.ClusterInfo.Server != "" {
kubeConfig.Host = configOverrides.ClusterInfo.Server
}
kubeConfig.GroupVersion = &unversioned.GroupVersion{Version: configOverrides.ClusterInfo.APIVersion}
kubeConfig.Insecure = configOverrides.ClusterInfo.InsecureSkipTLSVerify
if configOverrides.ClusterInfo.InsecureSkipTLSVerify {
kubeConfig.TLSClientConfig.CAFile = ""
}
} else {
authFile := ""
if len(opts["auth"]) > 0 {
authFile = opts["auth"][0]
}
if authFile != "" {
// Load structured kubeconfig data from the given path.
loader := &kubeClientCmd.ClientConfigLoadingRules{ExplicitPath: authFile}
loadedConfig, err := loader.Load()
if err != nil {
return nil, err
}
// Flatten the loaded data to a particular restclient.Config based on the current context.
if kubeConfig, err = kubeClientCmd.NewNonInteractiveClientConfig(
*loadedConfig,
loadedConfig.CurrentContext,
&kubeClientCmd.ConfigOverrides{},
loader).ClientConfig(); err != nil {
return nil, err
}
} else {
kubeConfig = &kube_client.Config{
Host: configOverrides.ClusterInfo.Server,
Insecure: configOverrides.ClusterInfo.InsecureSkipTLSVerify,
}
kubeConfig.GroupVersion = &unversioned.GroupVersion{Version: configOverrides.ClusterInfo.APIVersion}
}
}
if len(kubeConfig.Host) == 0 {
return nil, fmt.Errorf("invalid kubernetes master url specified")
}
useServiceAccount := defaultUseServiceAccount
if len(opts["useServiceAccount"]) >= 1 {
useServiceAccount, err = strconv.ParseBool(opts["useServiceAccount"][0])
if err != nil {
return nil, err
}
}
if useServiceAccount {
// If a readable service account token exists, then use it
if contents, err := ioutil.ReadFile(defaultServiceAccountFile); err == nil {
kubeConfig.BearerToken = string(contents)
}
}
kubeConfig.ContentType = "application/vnd.kubernetes.protobuf"
return kubeConfig, nil
}