From b6223fe690f6c688c9499c12de9a9daed6708ce7 Mon Sep 17 00:00:00 2001 From: Spellchaser Date: Sun, 29 Oct 2017 17:35:49 -0400 Subject: [PATCH 1/2] Add support for custom authentication This follows the client-go docs tutorial https://github.com/kubernetes/client-go/blob/master/tools/clientcmd/doc.go --- kubernetes/kubernetes.go | 52 +++++++++++++++++++++++++++++++++++----- 1 file changed, 46 insertions(+), 6 deletions(-) diff --git a/kubernetes/kubernetes.go b/kubernetes/kubernetes.go index 7fdda8c9..07805a8c 100644 --- a/kubernetes/kubernetes.go +++ b/kubernetes/kubernetes.go @@ -1,23 +1,63 @@ package kubernetes import ( + "fmt" + "os" + cfg "github.com/asobti/kube-monkey/config" kube "k8s.io/client-go/1.5/kubernetes" "k8s.io/client-go/1.5/rest" - "fmt" + "k8s.io/client-go/1.5/tools/clientcmd" ) +// Check if running in a cluster with service accounts +// Use case: firewall based/only cluster +func RunningInCluster() (bool) { + if _, err := os.Stat("/var/run/secrets/kubernetes.io/serviceaccount/token"); err == nil { + return true; + } else { + return false; + } +} + +func GetConfig() (*rest.Config, error) { + var kubeConfig rest.Config + + // Set the Kubernetes configuration based on the environment + if RunningInCluster() { + config, err := rest.InClusterConfig() + + if err != nil { + return nil, fmt.Errorf("Failed to create in-cluster config: %v.", err) + } + + kubeConfig = *config + } else { + loadingRules := clientcmd.NewDefaultClientConfigLoadingRules() + configOverrides := &clientcmd.ConfigOverrides{} + config := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loadingRules, configOverrides) + tmpKubeConfig, err := config.ClientConfig() + if err != nil { + return nil, fmt.Errorf("Failed to load local kube config: %v", err) + } + kubeConfig = *tmpKubeConfig; + } + + if apiserverHost, override := cfg.ClusterAPIServerHost(); override { + fmt.Printf("API server host overriden to: %s\n", apiserverHost) + config.Host = apiserverHost + } + + return &kubeConfig, nil +} + func NewInClusterClient() (*kube.Clientset, error) { - config, err := rest.InClusterConfig() + config, err := GetConfig() if err != nil { fmt.Println(err) return nil, err } - if apiserverHost, override := cfg.ClusterAPIServerHost(); override { - fmt.Printf("API server host overriden to: %s\n", apiserverHost) - config.Host = apiserverHost - } clientset, err := kube.NewForConfig(config) if err != nil { From 2c8b9c7bf15a9c4a264fbda993e0229cb5578c86 Mon Sep 17 00:00:00 2001 From: Spellchaser Date: Fri, 10 Nov 2017 14:12:02 -0500 Subject: [PATCH 2/2] Correctly Resolve Conflicts --- kubernetes/kubernetes.go | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/kubernetes/kubernetes.go b/kubernetes/kubernetes.go index 0cd19175..40b783ad 100644 --- a/kubernetes/kubernetes.go +++ b/kubernetes/kubernetes.go @@ -1,6 +1,9 @@ package kubernetes import ( + "fmt" + "os" + "github.com/golang/glog" cfg "github.com/asobti/kube-monkey/config" @@ -44,8 +47,8 @@ func GetConfig() (*rest.Config, error) { } if apiserverHost, override := cfg.ClusterAPIServerHost(); override { - fmt.Printf("API server host overriden to: %s\n", apiserverHost) - config.Host = apiserverHost + glog.V(3).Infof("API server host overriden to: %s\n", apiserverHost) + kubeConfig.Host = apiserverHost } return &kubeConfig, nil