github.com/galamsiva2020/kubernetes-heapster-monitoring@v0.0.0-20210823134957-3c1baa7c1e70/deploy/kube-config/standalone-with-apiserver/common.sh

github.com/galamsiva2020/kubernetes-heapster-monitoring@v0.0.0-20210823134957-3c1baa7c1e70/deploy/kube-config/standalone-with-apiserver/common.sh (about)

     1  # Copyright 2016 The Kubernetes Authors.
     2  #
     3  # Licensed under the Apache License, Version 2.0 (the "License");
     4  # you may not use this file except in compliance with the License.
     5  # You may obtain a copy of the License at
     6  #
     7  #     http://www.apache.org/licenses/LICENSE-2.0
     8  #
     9  # Unless required by applicable law or agreed to in writing, software
    10  # distributed under the License is distributed on an "AS IS" BASIS,
    11  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  # See the License for the specific language governing permissions and
    13  # limitations under the License.
    14  
    15  # required:
    16  # KUBE_ROOT: path of the root of the Kubernetes repository
    17  
    18  : "${KUBE_ROOT?Must set KUBE_ROOT env var}"
    19  
    20  source "${KUBE_ROOT}/cluster/common.sh"
    21  
    22  # Creates the required certificates for Heapster apiserver.
    23  # $1: The public IP for the master.
    24  #
    25  # Assumed vars
    26  #   KUBE_TEMP
    27  #   MASTER_NAME
    28  #
    29  # Set vars
    30  #   HEAPSTER_APISERVER_CA_CERT_BASE64
    31  #   HEAPSTER_APISERVER_CERT_BASE64
    32  #   HEAPSTER_APISERVER_KEY_BASE64
    33  #
    34  function create-apiserver-certs() {
    35    local -r primary_cn="${1}"
    36    local sans="IP:${1},DNS:${MASTER_NAME}"
    37  
    38    echo "Generating certs for alternate-names: ${sans}"
    39  
    40    local kube_temp="${KUBE_TEMP}/heapster"
    41    mkdir -p "${kube_temp}"
    42    KUBE_TEMP="${kube_temp}" PRIMARY_CN="${primary_cn}" SANS="${sans}" generate-certs
    43  
    44    local cert_dir="${kube_temp}/easy-rsa-master/easyrsa3"
    45    # By default, linux wraps base64 output every 76 cols, so we use 'tr -d' to remove whitespaces.
    46    # Note 'base64 -w0' doesn't work on Mac OS X, which has different flags.
    47    export HEAPSTER_APISERVER_CA_CERT_BASE64=$(cat "${cert_dir}/pki/ca.crt" | base64 | tr -d '\r\n')
    48    export HEAPSTER_APISERVER_CERT_BASE64=$(cat "${cert_dir}/pki/issued/${MASTER_NAME}.crt" | base64 | tr -d '\r\n')
    49    export HEAPSTER_APISERVER_KEY_BASE64=$(cat "${cert_dir}/pki/private/${MASTER_NAME}.key" | base64 | tr -d '\r\n')
    50  }
    51  
    52  # Creates token and basic auth credentials for Heapster apiserver.
    53  #
    54  # Set vars
    55  #   HEAPSTER_API_KNOWN_TOKENS
    56  #   HEAPSTER_API_BASIC_AUTH
    57  #   KUBE_USER
    58  #   KUBE_PASSWORD
    59  #   HEAPSTER_API_TOKEN
    60  #
    61  function create-auth-config() {
    62    # Generate token
    63    HEAPSTER_API_TOKEN="$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64 | tr -d "=+/" | dd bs=32 count=1 2>/dev/null)"
    64    export HEAPSTER_API_KNOWN_TOKENS="${HEAPSTER_API_TOKEN},admin,admin"
    65    # Generate basic auth credentials
    66    gen-kube-basicauth
    67    export HEAPSTER_API_BASIC_AUTH="${KUBE_PASSWORD},${KUBE_USER},admin"
    68  
    69    export KUBE_USER
    70    export KUBE_PASSWORD
    71    export HEAPSTER_API_TOKEN
    72  }
    73  
    74  # Creates kubeconfig for Heapster apiserver.
    75  #
    76  # Assumed vars
    77  #   CONTEXT
    78  #   KUBECONFIG
    79  #   HEAPSTER_API_HOST
    80  #   HEAPSTER_API_TOKEN
    81  #   KUBE_USER
    82  #   KUBE_PASSWORD
    83  #
    84  function create-heapster-kubeconfig() {
    85    KUBE_MASTER_IP="${HEAPSTER_API_HOST}:443" \
    86      CONTEXT="${CONTEXT}" \
    87      KUBE_BEARER_TOKEN="$HEAPSTER_API_TOKEN" \
    88      KUBE_USER="${KUBE_USER}" \
    89      KUBE_PASSWORD="${KUBE_PASSWORD}" \
    90      KUBECONFIG="${KUBECONFIG}" \
    91      create-kubeconfig
    92  }