def join_dqlite_worker_node(info, master_ip, master_port, token):
"""
Join this node as a worker to a cluster running dqlite.
:param info: dictionary with the connection information
:param master_ip: the IP of the master node we contacted to connect to the cluster
:param master_port: the port of the mester node we contacted to connect to the cluster
:param token: the token to pass to the master in order to authenticate with it
"""
hostname_override = info["hostname_override"]
if info["ca_key"] is not None:
print(
"Joining process failed. Make sure the cluster you connect to supports joining worker nodes."
)
exit(1)
store_remote_ca(info["ca"])
store_cert("serviceaccount.key", info["service_account_key"])
store_base_kubelet_args(info["kubelet_args"])
update_cert_auth_kubeproxy(token, info["ca"], master_ip, master_port, hostname_override)
update_cert_auth_kubelet(token, info["ca"], master_ip, master_port)
store_callback_token(info["callback_token"])
update_traefik(master_ip, info["apiport"], info["control_plane_nodes"])
mark_worker_node()
mark_no_cert_reissue()
print_traefik_usage(master_ip, info["apiport"], info["control_plane_nodes"])
def join_etcd(connection_parts, verify=True):
"""
Configure node to join an etcd cluster.
:param connection_parts: connection string parts
"""
token = connection_parts[1]
master_ep = connection_parts[0].split(":")
master_ip = master_ep[0]
master_port = master_ep[1]
callback_token = generate_callback_token()
info = get_connection_info(master_ip,
master_port,
token,
callback_token=callback_token)
store_base_kubelet_args(info["kubelet_args"])
hostname_override = None
if "hostname_override" in info:
hostname_override = info["hostname_override"]
store_remote_ca(info["ca"])
update_flannel(info["etcd"], master_ip, master_port, token)
update_kubeproxy(info["kubeproxy"], info["ca"], master_ip, info["apiport"],
hostname_override)
update_kubelet(info["kubelet"], info["ca"], master_ip, info["apiport"])
mark_worker_node()
mark_no_cert_reissue()
def join_dqlite(connection_parts, verify=False):
"""
Configure node to join a dqlite cluster.
:param connection_parts: connection string parts
"""
token = connection_parts[1]
master_ep = connection_parts[0].split(":")
master_ip = master_ep[0]
master_port = master_ep[1]
fingerprint = None
if len(connection_parts) > 2:
fingerprint = connection_parts[2]
verify = True
print("Contacting cluster at {}".format(master_ip))
info = get_connection_info(
master_ip,
master_port,
token,
cluster_type="dqlite",
verify_peer=verify,
fingerprint=fingerprint,
)
hostname_override = info["hostname_override"]
store_cert("ca.crt", info["ca"])
store_cert("ca.key", info["ca_key"])
store_cert("serviceaccount.key", info["service_account_key"])
# triplets of [username in known_tokens.csv, username in kubeconfig, kubeconfig filename name]
for component in [
("kube-proxy", "kubeproxy", "proxy.config"),
("kubelet", "kubelet", "kubelet.config"),
("kube-controller-manager", "controller", "controller.config"),
("kube-scheduler", "scheduler", "scheduler.config"),
]:
component_token = get_token(component[0])
if not component_token:
print("Error, could not locate {} token. Joining cluster failed.".
format(component[0]))
exit(3)
assert token is not None
# TODO make this configurable
create_kubeconfig(component_token, info["ca"], "127.0.0.1", "16443",
component[2], component[1])
if "admin_token" in info:
replace_admin_token(info["admin_token"])
create_admin_kubeconfig(info["ca"], info["admin_token"])
store_base_kubelet_args(info["kubelet_args"])
store_callback_token(info["callback_token"])
update_dqlite(info["cluster_cert"], info["cluster_key"], info["voters"],
hostname_override)
# We want to update the local CNI yaml but we do not want to apply it.
# The cni is applied already in the cluster we join
try_initialise_cni_autodetect_for_clustering(master_ip, apply_cni=False)
mark_no_cert_reissue()
def join_dqlite_master_node(info, master_ip, token):
"""
Join this node to a cluster running dqlite.
:param info: dictionary with the connection information
:param master_ip: the IP of the master node we contacted to connect to the cluster
:param token: the token to pass to the master in order to authenticate with it
"""
hostname_override = info["hostname_override"]
store_cert("ca.crt", info["ca"])
store_cert("ca.key", info["ca_key"])
store_cert("serviceaccount.key", info["service_account_key"])
# triplets of [username in known_tokens.csv, username in kubeconfig, kubeconfig filename name]
for component in [
("kube-proxy", "kubeproxy", "proxy.config"),
("kubelet", "kubelet", "kubelet.config"),
("kube-controller-manager", "controller", "controller.config"),
("kube-scheduler", "scheduler", "scheduler.config"),
]:
component_token = get_token(component[0])
if not component_token:
print("Error, could not locate {} token. Joining cluster failed.".format(component[0]))
exit(3)
assert token is not None
# TODO make this configurable
create_kubeconfig(
component_token, info["ca"], "127.0.0.1", "16443", component[2], component[1]
)
if "admin_token" in info:
replace_admin_token(info["admin_token"])
if "api_authz_mode" in info:
update_apiserver(info["api_authz_mode"])
create_admin_kubeconfig(info["ca"], info["admin_token"])
store_base_kubelet_args(info["kubelet_args"])
update_kubelet_node_ip(info["kubelet_args"], hostname_override)
store_callback_token(info["callback_token"])
update_dqlite(info["cluster_cert"], info["cluster_key"], info["voters"], hostname_override)
# We want to update the local CNI yaml but we do not want to apply it.
# The cni is applied already in the cluster we join
try_initialise_cni_autodetect_for_clustering(master_ip, apply_cni=False)
mark_no_cert_reissue()