diff --git a/pkg/kubenest/init.go b/pkg/kubenest/init.go index c6c79845c..59df60a07 100644 --- a/pkg/kubenest/init.go +++ b/pkg/kubenest/init.go @@ -32,6 +32,7 @@ type initData struct { kosmosClient versioned.Interface virtualClusterDataDir string privateRegistry string + externalIP string hostPortManager *vcnodecontroller.HostPortManager } @@ -141,6 +142,7 @@ func newRunData(opt *InitOptions, hostPortManager *vcnodecontroller.HostPortMana virtualClusterDataDir: opt.virtualClusterDataDir, privateRegistry: utils.DefaultImageRepository, CertStore: cert.NewCertStore(), + externalIP: opt.virtualCluster.Spec.ExternalIP, hostPortManager: hostPortManager, }, nil } @@ -200,3 +202,7 @@ func (i initData) DataDir() string { func (i initData) VirtualClusterVersion() string { return i.virtualClusterVersion.String() } + +func (i initData) ExternalIP() string { + return i.externalIP +} diff --git a/pkg/kubenest/tasks/cert.go b/pkg/kubenest/tasks/cert.go index 9f24b316a..266170ab5 100644 --- a/pkg/kubenest/tasks/cert.go +++ b/pkg/kubenest/tasks/cert.go @@ -134,6 +134,7 @@ func mutateCertConfig(data InitData, cc *cert.CertConfig) error { Namespace: data.GetNamespace(), ControlplaneAddr: data.ControlplaneAddress(), ClusterIps: data.ServiceClusterIp(), + ExternalIP: data.ExternalIP(), }, cc) if err != nil { return err diff --git a/pkg/kubenest/tasks/data.go b/pkg/kubenest/tasks/data.go index 810865a49..d62014128 100644 --- a/pkg/kubenest/tasks/data.go +++ b/pkg/kubenest/tasks/data.go @@ -19,4 +19,5 @@ type InitData interface { KosmosClient() versioned.Interface DataDir() string VirtualClusterVersion() string + ExternalIP() string } diff --git a/pkg/kubenest/util/cert/certs.go b/pkg/kubenest/util/cert/certs.go index 589e9847e..f1fc5d1d8 100644 --- a/pkg/kubenest/util/cert/certs.go +++ b/pkg/kubenest/util/cert/certs.go @@ -41,6 +41,7 @@ type AltNamesMutatorConfig struct { Namespace string ControlplaneAddr string ClusterIps []string + ExternalIP string } func (config *CertConfig) defaultPublicKeyAlgorithm() { @@ -212,6 +213,9 @@ func apiServerAltNamesMutator(cfg *AltNamesMutatorConfig) (*certutil.AltNames, e if len(cfg.ControlplaneAddr) > 0 { appendSANsToAltNames(altNames, []string{cfg.ControlplaneAddr}) } + if len(cfg.ExternalIP) > 0 { + appendSANsToAltNames(altNames, []string{cfg.ExternalIP}) + } if len(cfg.ClusterIps) > 0 { for _, clusterIp := range cfg.ClusterIps { appendSANsToAltNames(altNames, []string{clusterIp})