Merge pull request #363 from aaronlevy/ca-fix

hack: copy ca.crt to host as part of vagrant provisioning

Author: aaronlevy

hack/multi-node/Vagrantfile

@@ -20,6 +20,8 @@ end
 
 CONTROLLER_USER_DATA_PATH = File.expand_path("./cluster/user-data-controller")
 WORKER_USER_DATA_PATH = File.expand_path("./cluster/user-data-worker")
+KUBECONFIG_PATH = File.expand_path("cluster/auth/kubeconfig")
+CA_CERT_PATH = File.expand_path("cluster/tls/ca.crt")
 
 def etcdIP(num)
   return "172.17.4.#{num+50}"
@@ -131,6 +133,12 @@ Vagrant.configure("2") do |config|
 
       controller.vm.provision :file, source: CONTROLLER_USER_DATA_PATH, destination: "/tmp/vagrantfile-user-data"
       controller.vm.provision :shell, inline: "mv /tmp/vagrantfile-user-data /var/lib/coreos-vagrant/", privileged: true
+
+      controller.vm.provision :file, :source => KUBECONFIG_PATH, :destination => "/tmp/kubeconfig"
+      controller.vm.provision :shell, :inline => "mv /tmp/kubeconfig /etc/kubernetes/kubeconfig", :privileged => true
+
+      controller.vm.provision :file, :source => CA_CERT_PATH, :destination => "/tmp/ca.crt"
+      controller.vm.provision :shell, :inline => "mv /tmp/ca.crt /etc/kubernetes/ca.crt", :privileged => true
     end
   end
 
@@ -153,6 +161,12 @@ Vagrant.configure("2") do |config|
 
       worker.vm.provision :file, source: WORKER_USER_DATA_PATH, destination: "/tmp/vagrantfile-user-data"
       worker.vm.provision :shell, inline: "mv /tmp/vagrantfile-user-data /var/lib/coreos-vagrant/", privileged: true
+
+      worker.vm.provision :file, :source => KUBECONFIG_PATH, :destination => "/tmp/kubeconfig"
+      worker.vm.provision :shell, :inline => "mv /tmp/kubeconfig /etc/kubernetes/kubeconfig", :privileged => true
+
+      worker.vm.provision :file, :source => CA_CERT_PATH, :destination => "/tmp/ca.crt"
+      worker.vm.provision :shell, :inline => "mv /tmp/ca.crt /etc/kubernetes/ca.crt", :privileged => true
     end
   end
 end

hack/multi-node/bootkube-up

@@ -22,10 +22,8 @@ fi
 # Render assets
 if [ ! -d "cluster" ]; then
   ../../_output/bin/${local_os}/bootkube render --asset-dir=cluster --api-servers=https://172.17.4.101:443 ${etcd_render_flags}
-  # Add rendered kubeconfig to the node user-data
-  cat user-data.sample > cluster/user-data && sed 's/^/      /' cluster/auth/kubeconfig >> cluster/user-data
-  cp cluster/user-data{,-worker}
-  cp cluster/user-data{,-controller}
+  cp user-data.sample cluster/user-data-worker
+  cp user-data.sample cluster/user-data-controller
   sed -i.bak -e '/--node-labels=master=true/d' cluster/user-data-worker
 fi
 

hack/multi-node/user-data.sample

@@ -41,9 +41,3 @@ coreos:
 
         [Install]
         WantedBy=multi-user.target
-
-write_files:
-  - path: "/etc/kubernetes/kubeconfig"
-    permissions: "0644"
-    owner: core
-    content: |

hack/single-node/Vagrantfile

@@ -12,6 +12,8 @@ Vagrant.require_version ">= 1.6.0"
 
 NODE_IP = "172.17.4.100"
 USER_DATA_PATH = File.expand_path("cluster/user-data")
+KUBECONFIG_PATH = File.expand_path("cluster/auth/kubeconfig")
+CA_CERT_PATH = File.expand_path("cluster/tls/ca.crt")
 
 Vagrant.configure("2") do |config|
   # always use Vagrant's insecure key
@@ -51,4 +53,10 @@ Vagrant.configure("2") do |config|
 
   config.vm.provision :file, :source => USER_DATA_PATH, :destination => "/tmp/vagrantfile-user-data"
   config.vm.provision :shell, :inline => "mv /tmp/vagrantfile-user-data /var/lib/coreos-vagrant/", :privileged => true
+
+  config.vm.provision :file, :source => KUBECONFIG_PATH, :destination => "/tmp/kubeconfig"
+  config.vm.provision :shell, :inline => "mv /tmp/kubeconfig /etc/kubernetes/kubeconfig", :privileged => true
+
+  config.vm.provision :file, :source => CA_CERT_PATH, :destination => "/tmp/ca.crt"
+  config.vm.provision :shell, :inline => "mv /tmp/ca.crt /etc/kubernetes/ca.crt", :privileged => true
 end

hack/single-node/bootkube-up

@@ -12,8 +12,7 @@ fi
 # Render assets
 if [ ! -d "cluster" ]; then
   ../../_output/bin/${local_os}/bootkube render --asset-dir=cluster --api-servers=https://172.17.4.100:443
-  # Add rendered kubeconfig to the node user-data
-  cat user-data.sample > cluster/user-data && sed 's/^/      /' cluster/auth/kubeconfig >> cluster/user-data
+  cp user-data.sample cluster/user-data
 fi
 
 # Start the VM

hack/single-node/user-data.sample

@@ -49,9 +49,3 @@ coreos:
 
         [Install]
         WantedBy=multi-user.target
-
-write_files:
-  - path: "/etc/kubernetes/kubeconfig"
-    permissions: "0644"
-    owner: core
-    content: |