github.com/galamsiva2020/kubernetes-heapster-monitoring@v0.0.0-20210823134957-3c1baa7c1e70/deploy/kube-config/standalone-with-apiserver/common.sh (about) 1 # Copyright 2016 The Kubernetes Authors. 2 # 3 # Licensed under the Apache License, Version 2.0 (the "License"); 4 # you may not use this file except in compliance with the License. 5 # You may obtain a copy of the License at 6 # 7 # http://www.apache.org/licenses/LICENSE-2.0 8 # 9 # Unless required by applicable law or agreed to in writing, software 10 # distributed under the License is distributed on an "AS IS" BASIS, 11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 # See the License for the specific language governing permissions and 13 # limitations under the License. 14 15 # required: 16 # KUBE_ROOT: path of the root of the Kubernetes repository 17 18 : "${KUBE_ROOT?Must set KUBE_ROOT env var}" 19 20 source "${KUBE_ROOT}/cluster/common.sh" 21 22 # Creates the required certificates for Heapster apiserver. 23 # $1: The public IP for the master. 24 # 25 # Assumed vars 26 # KUBE_TEMP 27 # MASTER_NAME 28 # 29 # Set vars 30 # HEAPSTER_APISERVER_CA_CERT_BASE64 31 # HEAPSTER_APISERVER_CERT_BASE64 32 # HEAPSTER_APISERVER_KEY_BASE64 33 # 34 function create-apiserver-certs() { 35 local -r primary_cn="${1}" 36 local sans="IP:${1},DNS:${MASTER_NAME}" 37 38 echo "Generating certs for alternate-names: ${sans}" 39 40 local kube_temp="${KUBE_TEMP}/heapster" 41 mkdir -p "${kube_temp}" 42 KUBE_TEMP="${kube_temp}" PRIMARY_CN="${primary_cn}" SANS="${sans}" generate-certs 43 44 local cert_dir="${kube_temp}/easy-rsa-master/easyrsa3" 45 # By default, linux wraps base64 output every 76 cols, so we use 'tr -d' to remove whitespaces. 46 # Note 'base64 -w0' doesn't work on Mac OS X, which has different flags. 47 export HEAPSTER_APISERVER_CA_CERT_BASE64=$(cat "${cert_dir}/pki/ca.crt" | base64 | tr -d '\r\n') 48 export HEAPSTER_APISERVER_CERT_BASE64=$(cat "${cert_dir}/pki/issued/${MASTER_NAME}.crt" | base64 | tr -d '\r\n') 49 export HEAPSTER_APISERVER_KEY_BASE64=$(cat "${cert_dir}/pki/private/${MASTER_NAME}.key" | base64 | tr -d '\r\n') 50 } 51 52 # Creates token and basic auth credentials for Heapster apiserver. 53 # 54 # Set vars 55 # HEAPSTER_API_KNOWN_TOKENS 56 # HEAPSTER_API_BASIC_AUTH 57 # KUBE_USER 58 # KUBE_PASSWORD 59 # HEAPSTER_API_TOKEN 60 # 61 function create-auth-config() { 62 # Generate token 63 HEAPSTER_API_TOKEN="$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64 | tr -d "=+/" | dd bs=32 count=1 2>/dev/null)" 64 export HEAPSTER_API_KNOWN_TOKENS="${HEAPSTER_API_TOKEN},admin,admin" 65 # Generate basic auth credentials 66 gen-kube-basicauth 67 export HEAPSTER_API_BASIC_AUTH="${KUBE_PASSWORD},${KUBE_USER},admin" 68 69 export KUBE_USER 70 export KUBE_PASSWORD 71 export HEAPSTER_API_TOKEN 72 } 73 74 # Creates kubeconfig for Heapster apiserver. 75 # 76 # Assumed vars 77 # CONTEXT 78 # KUBECONFIG 79 # HEAPSTER_API_HOST 80 # HEAPSTER_API_TOKEN 81 # KUBE_USER 82 # KUBE_PASSWORD 83 # 84 function create-heapster-kubeconfig() { 85 KUBE_MASTER_IP="${HEAPSTER_API_HOST}:443" \ 86 CONTEXT="${CONTEXT}" \ 87 KUBE_BEARER_TOKEN="$HEAPSTER_API_TOKEN" \ 88 KUBE_USER="${KUBE_USER}" \ 89 KUBE_PASSWORD="${KUBE_PASSWORD}" \ 90 KUBECONFIG="${KUBECONFIG}" \ 91 create-kubeconfig 92 }