Merge pull request #307 from dghubble/master

aaronlevy · web-flow · commit b754f32e043b · 2017-02-17T17:48:58.000-08:00
Detect pod and service CIDR from manifests
diff --git a/pkg/bootkube/bootkube.go b/pkg/bootkube/bootkube.go
@@ -47,22 +47,20 @@ func NewBootkube(config Config) (*bootkube, error) {
 	apiServer := apiserver.NewServerRunOptions()
 	fs := pflag.NewFlagSet("apiserver", pflag.ExitOnError)
 	apiServer.AddFlags(fs)
-	fs.Parse(makeAPIServerFlags(config))
+	flags, err := makeAPIServerFlags(config)
+	if err != nil {
+		return nil, err
+	}
+	fs.Parse(flags)
 
 	cmServer := controller.NewCMServer()
 	fs = pflag.NewFlagSet("controllermanager", pflag.ExitOnError)
 	cmServer.AddFlags(fs)
-	fs.Parse([]string{
-		"--master=" + insecureAPIAddr,
-		"--service-account-private-key-file=" + filepath.Join(config.AssetDir, asset.AssetPathServiceAccountPrivKey),
-		"--root-ca-file=" + filepath.Join(config.AssetDir, asset.AssetPathCACert),
-		"--cluster-signing-cert-file=" + filepath.Join(config.AssetDir, asset.AssetPathCACert),
-		"--cluster-signing-key-file=" + filepath.Join(config.AssetDir, asset.AssetPathCAKey),
-		"--allocate-node-cidrs=true",
-		"--cluster-cidr=10.2.0.0/16",
-		"--configure-cloud-routes=false",
-		"--leader-elect=true",
-	})
+	flags, err = makeControllerManagerFlags(config)
+	if err != nil {
+		return nil, err
+	}
+	fs.Parse(flags)
 
 	schedServer := scheduler.NewSchedulerServer()
 	fs = pflag.NewFlagSet("scheduler", pflag.ExitOnError)
@@ -81,8 +79,12 @@ func NewBootkube(config Config) (*bootkube, error) {
 	}, nil
 }
 
-func makeAPIServerFlags(config Config) []string {
-	res := []string{
+func makeAPIServerFlags(config Config) ([]string, error) {
+	serviceCIDR, err := detectServiceCIDR(config)
+	if err != nil {
+		return []string{}, err
+	}
+	return []string{
 		"--bind-address=0.0.0.0",
 		"--secure-port=443",
 		"--insecure-port=8080",
@@ -93,13 +95,30 @@ func makeAPIServerFlags(config Config) []string {
 		"--token-auth-file=" + filepath.Join(config.AssetDir, asset.AssetPathBootstrapAuthToken),
 		"--authorization-mode=RBAC",
 		"--etcd-servers=" + config.EtcdServer.String(),
-		"--service-cluster-ip-range=10.3.0.0/24",
+		"--service-cluster-ip-range=" + serviceCIDR,
 		"--service-account-key-file=" + filepath.Join(config.AssetDir, asset.AssetPathServiceAccountPubKey),
 		"--admission-control=NamespaceLifecycle,ServiceAccount",
 		"--runtime-config=api/all=true",
 		"--storage-backend=etcd3",
+	}, nil
+}
+
+func makeControllerManagerFlags(config Config) ([]string, error) {
+	podCIDR, err := detectPodCIDR(config)
+	if err != nil {
+		return []string{}, err
 	}
-	return res
+	return []string{
+		"--master=" + insecureAPIAddr,
+		"--service-account-private-key-file=" + filepath.Join(config.AssetDir, asset.AssetPathServiceAccountPrivKey),
+		"--root-ca-file=" + filepath.Join(config.AssetDir, asset.AssetPathCACert),
+		"--cluster-signing-cert-file=" + filepath.Join(config.AssetDir, asset.AssetPathCACert),
+		"--cluster-signing-key-file=" + filepath.Join(config.AssetDir, asset.AssetPathCAKey),
+		"--allocate-node-cidrs=true",
+		"--cluster-cidr=" + podCIDR,
+		"--configure-cloud-routes=false",
+		"--leader-elect=true",
+	}, nil
 }
 
 func (b *bootkube) Run() error {
diff --git a/pkg/bootkube/parse.go b/pkg/bootkube/parse.go
@@ -0,0 +1,87 @@
+package bootkube
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net"
+	"path/filepath"
+	"strings"
+
+	"github.com/ghodss/yaml"
+	"github.com/kubernetes-incubator/bootkube/pkg/asset"
+	"k8s.io/kubernetes/pkg/api/v1"
+	"k8s.io/kubernetes/pkg/apis/extensions/v1beta1"
+)
+
+const (
+	apiServerContainerName         = "kube-apiserver"
+	controllerManagerContainerName = "kube-controller-manager"
+)
+
+// detectServiceCIDR deserializes the '--service-cluster-ip-range' from the
+// kube-apiserver manifest
+func detectServiceCIDR(config Config) (string, error) {
+	b, err := ioutil.ReadFile(filepath.Join(config.AssetDir, asset.AssetPathAPIServer))
+	if err != nil {
+		return "", fmt.Errorf("can't read file %s: %v", asset.AssetPathAPIServer, err)
+	}
+	var apiServer v1beta1.DaemonSet
+	err = yaml.Unmarshal(b, &apiServer)
+	if err != nil {
+		return "", fmt.Errorf("cant unmarshal %s: %v", asset.AssetPathAPIServer, err)
+	}
+
+	containers := map[string]v1.Container{}
+	for _, container := range apiServer.Spec.Template.Spec.Containers {
+		containers[container.Name] = container
+	}
+
+	if container, exists := containers[apiServerContainerName]; exists {
+		cidr := findFlag("--service-cluster-ip-range", container.Command)
+		if _, _, err := net.ParseCIDR(cidr); err != nil {
+			return "", fmt.Errorf("invalid --cluster-cidr CIDR: %v", err)
+		}
+		return cidr, nil
+	}
+	return "", fmt.Errorf("can't detect --service-cluster-ip-range in %s", asset.AssetPathAPIServer)
+}
+
+// detectPodCIDR deserializes the '--cluster-cidr' from the
+// kube-controller-manager manifest.
+func detectPodCIDR(config Config) (string, error) {
+	b, err := ioutil.ReadFile(filepath.Join(config.AssetDir, asset.AssetPathControllerManager))
+	if err != nil {
+		return "", fmt.Errorf("can't read file %s: %v", asset.AssetPathControllerManager, err)
+	}
+	var manager v1beta1.Deployment
+	err = yaml.Unmarshal(b, &manager)
+	if err != nil {
+		return "", fmt.Errorf("can't unmarshal %s: %v", asset.AssetPathControllerManager, err)
+	}
+
+	containers := map[string]v1.Container{}
+	for _, container := range manager.Spec.Template.Spec.Containers {
+		containers[container.Name] = container
+	}
+
+	if container, exists := containers[controllerManagerContainerName]; exists {
+		cidr := findFlag("--cluster-cidr", container.Command)
+		if _, _, err := net.ParseCIDR(cidr); err != nil {
+			return "", fmt.Errorf("invalid --cluster-cidr CIDR: %v", err)
+		}
+		return cidr, nil
+	}
+	return "", fmt.Errorf("can't detect --cluster-cidr flag in %s", asset.AssetPathControllerManager)
+}
+
+func findFlag(flagName string, args []string) string {
+	for _, arg := range args {
+		if strings.HasPrefix(arg, flagName+"=") {
+			return strings.TrimPrefix(arg, flagName+"=")
+		}
+		if strings.HasPrefix(arg, flagName+" ") {
+			return strings.TrimSpace(strings.TrimPrefix(arg, flagName+" "))
+		}
+	}
+	return ""
+}
diff --git a/pkg/bootkube/parse_test.go b/pkg/bootkube/parse_test.go
@@ -0,0 +1,37 @@
+package bootkube
+
+import (
+	"testing"
+)
+
+const (
+	defaultServiceCIDR = "10.3.0.0/24"
+	defaultPodCIDR     = "10.2.0.0/24"
+)
+
+func TestFindFlag(t *testing.T) {
+	flags := []string{
+		"--key1=value",
+		"--key2 val",
+		"--service-cluster-ip-range=10.3.0.0/24",
+		"--cluster-cidr=10.2.0.0/24",
+		"--foobar baz",
+	}
+	cases := []struct {
+		flag     string
+		expected string
+	}{
+		{"--service-cluster-ip-range", defaultServiceCIDR},
+		{"--cluster-cidr", defaultPodCIDR},
+		{"--key1", "value"},
+		{"--key2", "val"},
+		{"--missing-flag", ""},
+		{"--foo", ""},
+		{"--foobar", "baz"},
+	}
+	for _, c := range cases {
+		if v := findFlag(c.flag, flags); v != c.expected {
+			t.Errorf("exected %s, got %s", c.expected, v)
+		}
+	}
+}
