Commit 3d8118b4 authored by Brad Davidson's avatar Brad Davidson Committed by Brad Davidson

Fix misc nits and missing/unused imports

parent dfe88df8
......@@ -21,13 +21,14 @@ func (c *Cluster) Bootstrap(ctx context.Context) error {
return err
}
runBootstrap, err := c.shouldBootstrapLoad(ctx)
shouldBootstrap, err := c.shouldBootstrapLoad(ctx)
if err != nil {
return err
}
c.shouldBootstrap = runBootstrap
if runBootstrap {
c.shouldBootstrap = shouldBootstrap
if shouldBootstrap {
if err := c.bootstrap(ctx); err != nil {
return err
}
......@@ -93,15 +94,18 @@ func (c *Cluster) shouldBootstrapLoad(ctx context.Context) (bool, error) {
// bootstrapped touches a file to indicate that bootstrap has been completed.
func (c *Cluster) bootstrapped() error {
if err := os.MkdirAll(filepath.Dir(c.bootstrapStamp()), 0700); err != nil {
stamp := c.bootstrapStamp()
if err := os.MkdirAll(filepath.Dir(stamp), 0700); err != nil {
return err
}
if _, err := os.Stat(c.bootstrapStamp()); err == nil {
// return if file already exists
if _, err := os.Stat(stamp); err == nil {
return nil
}
f, err := os.Create(c.bootstrapStamp())
// otherwise try to create it
f, err := os.Create(stamp)
if err != nil {
return err
}
......
......@@ -19,9 +19,7 @@ import (
// storageKey returns the etcd key for storing bootstrap data for a given passphrase.
// The key is derived from the sha256 hash of the passphrase.
func storageKey(passphrase string) string {
d := sha256.New()
d.Write([]byte(passphrase))
return "/bootstrap/" + hex.EncodeToString(d.Sum(nil)[:])[:12]
return "/bootstrap/" + keyHash(passphrase)
}
// keyHash returns the first 12 characters of the sha256 sum of the passphrase.
......
......@@ -36,22 +36,23 @@ func (c *Cluster) newListener(ctx context.Context) (net.Listener, http.Handler,
storage := tlsStorage(ctx, c.config.DataDir, c.runtime)
return dynamiclistener.NewListener(tcp, storage, cert, key, dynamiclistener.Config{
CN: version.Program,
Organization: []string{version.Program},
ExpirationDaysCheck: config.CertificateRenewDays,
Organization: []string{version.Program},
SANs: append(c.config.SANs, "localhost", "kubernetes", "kubernetes.default", "kubernetes.default.svc."+c.config.ClusterDomain),
CN: version.Program,
TLSConfig: &tls.Config{
ClientAuth: tls.RequestClientCert,
MinVersion: c.config.TLSMinVersion,
CipherSuites: c.config.TLSCipherSuites,
},
SANs: append(c.config.SANs, "localhost", "kubernetes", "kubernetes.default", "kubernetes.default.svc."+c.config.ClusterDomain),
ExpirationDaysCheck: config.CertificateRenewDays,
})
}
// initClusterAndHTTPS sets up the dynamic tls listener, request router,
// and cluster database. Once the database is up, it starts the supervisor http server.
func (c *Cluster) initClusterAndHTTPS(ctx context.Context) error {
l, handler, err := c.newListener(ctx)
// Set up dynamiclistener TLS listener and request handler
listener, handler, err := c.newListener(ctx)
if err != nil {
return err
}
......@@ -76,7 +77,7 @@ func (c *Cluster) initClusterAndHTTPS(ctx context.Context) error {
// Start the supervisor http server on the tls listener
go func() {
err := server.Serve(l)
err := server.Serve(listener)
logrus.Fatalf("server stopped: %v", err)
}()
......
......@@ -5,13 +5,10 @@ package cluster
import (
"context"
"net"
"net/http"
"strings"
"time"
"github.com/rancher/k3s/pkg/cluster/managed"
"github.com/rancher/kine/pkg/endpoint"
"github.com/sirupsen/logrus"
)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment