From bc58f9bda12e0a9f2712b85ca914e1c906c4cf08 Mon Sep 17 00:00:00 2001 From: lili Date: Thu, 26 Oct 2023 16:23:48 +0800 Subject: [PATCH] update volcano.sh/apis version Signed-off-by: lili --- cmd/controller-manager/app/options/options.go | 8 ++++++++ cmd/controller-manager/app/server.go | 2 +- cmd/controller-manager/main.go | 2 +- cmd/scheduler/app/options/options.go | 8 ++++++++ cmd/scheduler/app/server.go | 2 +- cmd/scheduler/main.go | 2 +- cmd/webhook-manager/app/server.go | 2 +- go.mod | 2 +- go.sum | 4 ++-- 9 files changed, 24 insertions(+), 8 deletions(-) diff --git a/cmd/controller-manager/app/options/options.go b/cmd/controller-manager/app/options/options.go index f73838c602..08d7151611 100644 --- a/cmd/controller-manager/app/options/options.go +++ b/cmd/controller-manager/app/options/options.go @@ -40,8 +40,10 @@ type ServerOption struct { KubeClientOptions kube.ClientOptions CertFile string KeyFile string + CaCertFile string CertData []byte KeyData []byte + CaCertData []byte EnableLeaderElection bool LockObjectNamespace string PrintVersion bool @@ -76,6 +78,7 @@ func NewServerOption() *ServerOption { func (s *ServerOption) AddFlags(fs *pflag.FlagSet) { fs.StringVar(&s.KubeClientOptions.Master, "master", s.KubeClientOptions.Master, "The address of the Kubernetes API server (overrides any value in kubeconfig)") fs.StringVar(&s.KubeClientOptions.KubeConfig, "kubeconfig", s.KubeClientOptions.KubeConfig, "Path to kubeconfig file with authorization and master location information.") + fs.StringVar(&s.CaCertFile, "ca-cert-file", s.CaCertFile, "File containing the x509 Certificate for HTTPS.") fs.StringVar(&s.CertFile, "tls-cert-file", s.CertFile, ""+ "File containing the default x509 Certificate for HTTPS. (CA cert, if any, concatenated "+ "after server cert).") @@ -108,6 +111,11 @@ func (s *ServerOption) CheckOptionOrDie() error { func (s *ServerOption) readCAFiles() error { var err error + s.CaCertData, err = os.ReadFile(s.CaCertFile) + if err != nil { + return fmt.Errorf("failed to read cacert file (%s): %v", s.CaCertFile, err) + } + s.CertData, err = os.ReadFile(s.CertFile) if err != nil { return fmt.Errorf("failed to read cert file (%s): %v", s.CertFile, err) diff --git a/cmd/controller-manager/app/server.go b/cmd/controller-manager/app/server.go index a2743a30c6..c958ad169e 100644 --- a/cmd/controller-manager/app/server.go +++ b/cmd/controller-manager/app/server.go @@ -56,7 +56,7 @@ func Run(opt *options.ServerOption) error { } if opt.EnableHealthz { - if err := helpers.StartHealthz(opt.HealthzBindAddress, "volcano-controller", opt.CertData, opt.KeyData); err != nil { + if err := helpers.StartHealthz(opt.HealthzBindAddress, "volcano-controller", opt.CaCertData, opt.CertData, opt.KeyData); err != nil { return err } } diff --git a/cmd/controller-manager/main.go b/cmd/controller-manager/main.go index bf4e4f0712..a2483b1e42 100644 --- a/cmd/controller-manager/main.go +++ b/cmd/controller-manager/main.go @@ -58,7 +58,7 @@ func main() { fmt.Fprintf(os.Stderr, "%v\n", err) os.Exit(1) } - if s.CertFile != "" && s.KeyFile != "" { + if s.CaCertFile != "" && s.CertFile != "" && s.KeyFile != "" { if err := s.ParseCAFiles(nil); err != nil { fmt.Fprintf(os.Stderr, "Failed to parse CA file: %v\n", err) os.Exit(1) diff --git a/cmd/scheduler/app/options/options.go b/cmd/scheduler/app/options/options.go index b898993379..9668830820 100644 --- a/cmd/scheduler/app/options/options.go +++ b/cmd/scheduler/app/options/options.go @@ -49,8 +49,10 @@ type ServerOption struct { KubeClientOptions kube.ClientOptions CertFile string KeyFile string + CaCertFile string CertData []byte KeyData []byte + CaCertData []byte SchedulerNames []string SchedulerConf string SchedulePeriod time.Duration @@ -91,6 +93,7 @@ func NewServerOption() *ServerOption { func (s *ServerOption) AddFlags(fs *pflag.FlagSet) { fs.StringVar(&s.KubeClientOptions.Master, "master", s.KubeClientOptions.Master, "The address of the Kubernetes API server (overrides any value in kubeconfig)") fs.StringVar(&s.KubeClientOptions.KubeConfig, "kubeconfig", s.KubeClientOptions.KubeConfig, "Path to kubeconfig file with authorization and master location information") + fs.StringVar(&s.CaCertFile, "ca-cert-file", s.CaCertFile, "File containing the x509 Certificate for HTTPS.") fs.StringVar(&s.CertFile, "tls-cert-file", s.CertFile, ""+ "File containing the default x509 Certificate for HTTPS. (CA cert, if any, concatenated "+ "after server cert).") @@ -148,6 +151,11 @@ func (s *ServerOption) RegisterOptions() { func (s *ServerOption) readCAFiles() error { var err error + s.CaCertData, err = os.ReadFile(s.CaCertFile) + if err != nil { + return fmt.Errorf("failed to read cacert file (%s): %v", s.CaCertFile, err) + } + s.CertData, err = os.ReadFile(s.CertFile) if err != nil { return fmt.Errorf("failed to read cert file (%s): %v", s.CertFile, err) diff --git a/cmd/scheduler/app/server.go b/cmd/scheduler/app/server.go index 503fb291d3..5c73e0a6c8 100644 --- a/cmd/scheduler/app/server.go +++ b/cmd/scheduler/app/server.go @@ -92,7 +92,7 @@ func Run(opt *options.ServerOption) error { } if opt.EnableHealthz { - if err := helpers.StartHealthz(opt.HealthzBindAddress, "volcano-scheduler", opt.CertData, opt.KeyData); err != nil { + if err := helpers.StartHealthz(opt.HealthzBindAddress, "volcano-scheduler", opt.CaCertData, opt.CertData, opt.KeyData); err != nil { return err } } diff --git a/cmd/scheduler/main.go b/cmd/scheduler/main.go index b294154fa2..fc51a66ecf 100644 --- a/cmd/scheduler/main.go +++ b/cmd/scheduler/main.go @@ -59,7 +59,7 @@ func main() { os.Exit(1) } - if s.CertFile != "" && s.KeyFile != "" { + if s.CaCertFile != "" && s.CertFile != "" && s.KeyFile != "" { if err := s.ParseCAFiles(nil); err != nil { klog.Fatalf("Failed to parse CA file: %v", err) } diff --git a/cmd/webhook-manager/app/server.go b/cmd/webhook-manager/app/server.go index a03e6f8293..786963a101 100644 --- a/cmd/webhook-manager/app/server.go +++ b/cmd/webhook-manager/app/server.go @@ -47,7 +47,7 @@ func Run(config *options.Config) error { } if config.EnableHealthz { - if err := helpers.StartHealthz(config.HealthzBindAddress, "volcano-admission", config.CertData, config.KeyData); err != nil { + if err := helpers.StartHealthz(config.HealthzBindAddress, "volcano-admission", config.CaCertData, config.CertData, config.KeyData); err != nil { return err } } diff --git a/go.mod b/go.mod index b0fbe751c6..66c7a97b0e 100644 --- a/go.mod +++ b/go.mod @@ -40,7 +40,7 @@ require ( sigs.k8s.io/controller-runtime v0.13.0 sigs.k8s.io/yaml v1.3.0 stathat.com/c/consistent v1.0.0 - volcano.sh/apis v1.8.0 + volcano.sh/apis v1.8.0-alpha.0.0.20231028020234-1a5aa81107d7 ) require ( diff --git a/go.sum b/go.sum index 76edf6e901..1445c4f51f 100644 --- a/go.sum +++ b/go.sum @@ -1868,5 +1868,5 @@ sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= stathat.com/c/consistent v1.0.0 h1:ezyc51EGcRPJUxfHGSgJjWzJdj3NiMU9pNfLNGiXV0c= stathat.com/c/consistent v1.0.0/go.mod h1:QkzMWzcbB+yQBL2AttO6sgsQS/JSTapcDISJalmCDS0= -volcano.sh/apis v1.8.0 h1:TO9mxoqLMToBAEB195OPuiC3pnupqsUqfXVJroT7KEI= -volcano.sh/apis v1.8.0/go.mod h1:h+xbUpkjfRaHjktAi8h+7JNnNahjwhRSgpN9FUUwNXQ= +volcano.sh/apis v1.8.0-alpha.0.0.20231028020234-1a5aa81107d7 h1:Meq/5hsE1nK9XFZrU5tLM29RjC2SfXpsfLWaKcRyGbE= +volcano.sh/apis v1.8.0-alpha.0.0.20231028020234-1a5aa81107d7/go.mod h1:h+xbUpkjfRaHjktAi8h+7JNnNahjwhRSgpN9FUUwNXQ=