def join_dqlite(connection_parts, verify=True, interface=None): """ Configure node to join a dqlite cluster. :param connection_parts: connection string parts :param interface: source address to be used for the HTTP connection """ token = connection_parts[1] master_ep = connection_parts[0].split(":") master_ip = master_ep[0] master_port = master_ep[1] fingerprint = None if len(connection_parts) > 2: fingerprint = connection_parts[2] verify = False print("Contacting cluster at {}".format(master_ip)) info = get_connection_info( master_ip, master_port, token, cluster_type="dqlite", verify_peer=verify, fingerprint=fingerprint, interface=interface, ) hostname_override = info["hostname_override"] store_cert("ca.crt", info["ca"]) store_cert("ca.key", info["ca_key"]) store_cert("serviceaccount.key", info["service_account_key"]) # triplets of [username in known_tokens.csv, username in kubeconfig, kubeconfig filename name] for component in [ ("kube-proxy", "kubeproxy", "proxy.config"), ("kubelet", "kubelet", "kubelet.config"), ("kube-controller-manager", "controller", "controller.config"), ("kube-scheduler", "scheduler", "scheduler.config"), ]: component_token = get_token(component[0]) if not component_token: print("Error, could not locate {} token. Joining cluster failed.". format(component[0])) exit(3) assert token is not None # TODO make this configurable create_kubeconfig(component_token, info["ca"], "127.0.0.1", "16443", component[2], component[1]) if "admin_token" in info: replace_admin_token(info["admin_token"]) create_admin_kubeconfig(info["ca"], info["admin_token"]) store_base_kubelet_args(info["kubelet_args"]) store_callback_token(info["callback_token"]) update_dqlite(info["cluster_cert"], info["cluster_key"], info["voters"], hostname_override) # We want to update the local CNI yaml but we do not want to apply it. # The cni is applied already in the cluster we join try_initialise_cni_autodetect_for_clustering(master_ip, apply_cni=False)
def join_dqlite_master_node(info, master_ip, token): """ Join this node to a cluster running dqlite. :param info: dictionary with the connection information :param master_ip: the IP of the master node we contacted to connect to the cluster :param token: the token to pass to the master in order to authenticate with it """ hostname_override = info["hostname_override"] store_cert("ca.crt", info["ca"]) store_cert("ca.key", info["ca_key"]) store_cert("serviceaccount.key", info["service_account_key"]) # triplets of [username in known_tokens.csv, username in kubeconfig, kubeconfig filename name] for component in [ ("kube-proxy", "kubeproxy", "proxy.config"), ("kubelet", "kubelet", "kubelet.config"), ("kube-controller-manager", "controller", "controller.config"), ("kube-scheduler", "scheduler", "scheduler.config"), ]: component_token = get_token(component[0]) if not component_token: print("Error, could not locate {} token. Joining cluster failed.".format(component[0])) exit(3) assert token is not None # TODO make this configurable create_kubeconfig( component_token, info["ca"], "127.0.0.1", "16443", component[2], component[1] ) if "admin_token" in info: replace_admin_token(info["admin_token"]) if "api_authz_mode" in info: update_apiserver(info["api_authz_mode"]) create_admin_kubeconfig(info["ca"], info["admin_token"]) store_base_kubelet_args(info["kubelet_args"]) update_kubelet_node_ip(info["kubelet_args"], hostname_override) store_callback_token(info["callback_token"]) update_dqlite(info["cluster_cert"], info["cluster_key"], info["voters"], hostname_override) # We want to update the local CNI yaml but we do not want to apply it. # The cni is applied already in the cluster we join try_initialise_cni_autodetect_for_clustering(master_ip, apply_cni=False) mark_no_cert_reissue()