kubectl 源码分析之config set-cluster
发布一个k8s部署视频:https://edu.csdn.net/course/detail/26967
课程内容:各种k8s部署方式。包括minikube部署,kubeadm部署,kubeasz部署,rancher部署,k3s部署。包括开发测试环境部署k8s,和生产环境部署k8s。
腾讯课堂连接地址https://ke.qq.com/course/478827?taid=4373109931462251&tuin=ba64518
第二个视频发布 https://edu.csdn.net/course/detail/27109
腾讯课堂连接地址https://ke.qq.com/course/484107?tuin=ba64518
介绍主要的k8s资源的使用配置和命令。包括configmap,pod,service,replicaset,namespace,deployment,daemonset,ingress,pv,pvc,sc,role,rolebinding,clusterrole,clusterrolebinding,secret,serviceaccount,statefulset,job,cronjob,podDisruptionbudget,podSecurityPolicy,networkPolicy,resourceQuota,limitrange,endpoint,event,conponentstatus,node,apiservice,controllerRevision等。
第三个视频发布:https://edu.csdn.net/course/detail/27574
详细介绍helm命令,学习helm chart语法,编写helm chart。深入分析各项目源码,学习编写helm插件
第四个课程发布:https://edu.csdn.net/course/detail/28488
本课程将详细介绍k8s所有命令,以及命令的go源码分析,学习知其然,知其所以然
————————————————
type createClusterOptions struct {//set-cluster结构体
configAccess clientcmd.ConfigAccess
name string
server cliflag.StringFlag
insecureSkipTLSVerify cliflag.Tristate
certificateAuthority cliflag.StringFlag
embedCAData cliflag.Tristate
}//创建set-cluster命令
func NewCmdConfigSetCluster(out io.Writer, configAccess clientcmd.ConfigAccess) *cobra.Command {
options := &createClusterOptions{configAccess: configAccess}//初始化结构体
cmd := &cobra.Command{//创建cobra命令
Use: fmt.Sprintf("set-cluster NAME [--%v=server] [--%v=path/to/certificate/authority] [--%v=true]", clientcmd.FlagAPIServer, clientcmd.FlagCAFile, clientcmd.FlagInsecure),
DisableFlagsInUseLine: true,
Short: i18n.T("Sets a cluster entry in kubeconfig"),
Long: createClusterLong,
Example: createClusterExample,
Run: func(cmd *cobra.Command, args []string) {
cmdutil.CheckErr(options.complete(cmd))//准备
cmdutil.CheckErr(options.run())//运行
fmt.Fprintf(out, "Cluster %q set.\n", options.name)//打印结果
},
}
options.insecureSkipTLSVerify.Default(false)//是否跳过tls校验
cmd.Flags().Var(&options.server, clientcmd.FlagAPIServer, clientcmd.FlagAPIServer+" for the cluster entry in kubeconfig")//server选项
f := cmd.Flags().VarPF(&options.insecureSkipTLSVerify, clientcmd.FlagInsecure, "", clientcmd.FlagInsecure+" for the cluster entry in kubeconfig")//insecure-skip-tls-verify选项
f.NoOptDefVal = "true"
cmd.Flags().Var(&options.certificateAuthority, clientcmd.FlagCAFile, "Path to "+clientcmd.FlagCAFile+" file for the cluster entry in kubeconfig")/certificate-authority选项
cmd.MarkFlagFilename(clientcmd.FlagCAFile)
f = cmd.Flags().VarPF(&options.embedCAData, clientcmd.FlagEmbedCerts, "", clientcmd.FlagEmbedCerts+" for the cluster entry in kubeconfig")//embedCAData选项
f.NoOptDefVal = "true"
return cmd
}func (o *createClusterOptions) complete(cmd *cobra.Command) error {//准备
args := cmd.Flags().Args()//获取参数
if len(args) != 1 {//参数不为1个报错
return helpErrorf(cmd, "Unexpected args: %v", args)
}
o.name = args[0]//设置cluster名称
return nil
}func (o createClusterOptions) run() error {//运行
err := o.validate()//校验
if err != nil {
return err
}
config, err := o.configAccess.GetStartingConfig()//获取config
if err != nil {
return err
}
startingStanza, exists := config.Clusters[o.name]//判断cluster是否存在
if !exists {//不存在,创建cluster
startingStanza = clientcmdapi.NewCluster()
}
cluster := o.modifyCluster(*startingStanza)//修改cluster
config.Clusters[o.name] = &cluster//设置cluster
if err := clientcmd.ModifyConfig(o.configAccess, *config, true); err != nil {//修改配置
return err
}
return nil
}func (o createClusterOptions) validate() error {//校验
if len(o.name) == 0 {//名称不能为空
return errors.New("you must specify a non-empty cluster name")
}
if o.insecureSkipTLSVerify.Value() && o.certificateAuthority.Value() != "" {
//不能同时指定insecureSkipTLSVerify和certificateAuthority
return errors.New("you cannot specify a certificate authority and insecure mode at the same time")
}
if o.embedCAData.Value() {//如果embed-data为true
caPath := o.certificateAuthority.Value()//certificateAuthority路径
if caPath == "" {//路径为空报错
return fmt.Errorf("you must specify a --%s to embed", clientcmd.FlagCAFile)
}
if _, err := ioutil.ReadFile(caPath); err != nil {//判断路径是否可读取
return fmt.Errorf("could not read %s data from %s: %v", clientcmd.FlagCAFile, caPath, err)
}
}
return nil
}//修改cluster
func (o *createClusterOptions) modifyCluster(existingCluster clientcmdapi.Cluster) clientcmdapi.Cluster {
modifiedCluster := existingCluster
if o.server.Provided() {//如果指定了--server,则设置cluster的server
modifiedCluster.Server = o.server.Value()
}
if o.insecureSkipTLSVerify.Provided() {//如果设置了insecureSkipTLSVerify
modifiedCluster.InsecureSkipTLSVerify = o.insecureSkipTLSVerify.Value()//设置insecureSkipTLSVerify
// Specifying insecure mode clears any certificate authority
if modifiedCluster.InsecureSkipTLSVerify {// 如果insecureSkipTLSVerify为true
modifiedCluster.CertificateAuthority = ""//CertificateAuthority 设为空
modifiedCluster.CertificateAuthorityData = nil//CertificateAuthorityData 设为nil
}
}
if o.certificateAuthority.Provided() {//如果certificateAuthority有值
caPath := o.certificateAuthority.Value()//获取路径
if o.embedCAData.Value() {// 如果embed-data为true
modifiedCluster.CertificateAuthorityData, _ = ioutil.ReadFile(caPath)//设置CertificateAuthorityData为读取的值
modifiedCluster.InsecureSkipTLSVerify = false//InsecureSkipTLSVerify 设为false
modifiedCluster.CertificateAuthority = ""//CertificateAuthority 设为空
} else {
caPath, _ = filepath.Abs(caPath)//获取绝对路径
modifiedCluster.CertificateAuthority = caPath//CertificateAuthority 设为路径
// Specifying a certificate authority file clears certificate authority data and insecure mode
if caPath != "" {//路径不为空
modifiedCluster.InsecureSkipTLSVerify = false//InsecureSkipTLSVerify 设为false
modifiedCluster.CertificateAuthorityData = nil//CertificateAuthorityData 设为nil
}
}
}
return modifiedCluster
}