[Configuration]Support configuration for X509 client certificate in kube config file
This commit is contained in:
Hui Yu
@@ -1,5 +1,5 @@
|
||||
INCLUDE:=-I../../kubernetes/include -I../../kubernetes/model -I../../kubernetes/api
|
||||
LIBS:=-L../../kubernetes/build -lkubernetes -lcurl -lpthread -lssl -lz
|
||||
INCLUDE:=-I../../kubernetes/include -I../../kubernetes/model -I../../kubernetes/api -I../../kubernetes/config
|
||||
LIBS:=-L../../kubernetes/build -lkubernetes -lcurl -lyaml -lpthread -lssl -lz
|
||||
CFLAGS:=-g
|
||||
|
||||
all:
|
||||
|
||||
@@ -1,22 +1,10 @@
|
||||
#include <kube_config.h>
|
||||
#include <apiClient.h>
|
||||
#include <CoreV1API.h>
|
||||
#include <malloc.h>
|
||||
#include <stdio.h>
|
||||
#include <errno.h>
|
||||
|
||||
// kubectl proxy server
|
||||
#define K8S_APISERVER_BASEPATH "http://localhost:8001"
|
||||
|
||||
// Alternately from within a Kubernetes cluster:
|
||||
// #define K8S_APISERVER_BASEPATH https://your.server.here
|
||||
|
||||
#define K8S_TOKEN_FILE_IN_CLUSTER "/var/run/secrets/kubernetes.io/serviceaccount/token"
|
||||
#define K8S_TOKEN_BUF_SIZE 1024
|
||||
#define K8S_AUTH_KEY "Authorization"
|
||||
#define K8S_AUTH_VALUE_TEMPLATE "Bearer %s"
|
||||
|
||||
apiClient_t *g_k8sAPIConnector;
|
||||
|
||||
void create_a_pod(apiClient_t * apiClient)
|
||||
{
|
||||
char *namespace = "default";
|
||||
@@ -54,57 +42,34 @@ void create_a_pod(apiClient_t * apiClient)
|
||||
v1_pod_free(apod);
|
||||
}
|
||||
|
||||
int loadK8sConfigInCluster(char *token, int token_buf_size)
|
||||
{
|
||||
static char fname[] = "loadK8sConfigInCluster()";
|
||||
|
||||
FILE *fp;
|
||||
fp = fopen(K8S_TOKEN_FILE_IN_CLUSTER, "r");
|
||||
|
||||
if (fp == NULL) {
|
||||
if (errno == ENOENT) {
|
||||
printf("%s: The file %s does not exist.", fname, K8S_TOKEN_FILE_IN_CLUSTER);
|
||||
return (-1);
|
||||
} else {
|
||||
printf("%s: Failed to open file %s.", fname, K8S_TOKEN_FILE_IN_CLUSTER);
|
||||
return (-1);
|
||||
}
|
||||
}
|
||||
|
||||
while (fgets(token, token_buf_size, fp) != NULL) {
|
||||
;
|
||||
}
|
||||
|
||||
printf("%s\n", token);
|
||||
|
||||
fclose(fp);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int init_k8s_connector(const char *token_out_of_cluster)
|
||||
{
|
||||
list_t *apiKeys;
|
||||
apiKeys = list_create();
|
||||
|
||||
char *keyToken = strdup(K8S_AUTH_KEY);
|
||||
|
||||
char valueToken[K8S_TOKEN_BUF_SIZE];
|
||||
memset(valueToken, 0, sizeof(valueToken));
|
||||
|
||||
sprintf(valueToken, K8S_AUTH_VALUE_TEMPLATE, token_out_of_cluster);
|
||||
|
||||
keyValuePair_t *keyPairToken = keyValuePair_create(keyToken, valueToken);
|
||||
list_addElement(apiKeys, keyPairToken);
|
||||
|
||||
g_k8sAPIConnector = apiClient_create_with_base_path(K8S_APISERVER_BASEPATH, NULL, apiKeys);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
init_k8s_connector(argv[1]);
|
||||
|
||||
create_a_pod(g_k8sAPIConnector);
|
||||
int rc = 0;
|
||||
|
||||
char *baseName = NULL;
|
||||
sslConfig_t *sslConfig = NULL;
|
||||
list_t *apiKeys = NULL;
|
||||
apiClient_t *k8sApiClient = NULL;
|
||||
|
||||
rc = load_kube_config(&baseName, &sslConfig, &apiKeys, NULL);
|
||||
if (0 == rc) {
|
||||
k8sApiClient = apiClient_create_with_base_path(baseName, sslConfig, apiKeys);
|
||||
} else {
|
||||
printf("Cannot load kubernetes configuration.\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (k8sApiClient) {
|
||||
create_a_pod(k8sApiClient);
|
||||
}
|
||||
|
||||
free_client_config(baseName, sslConfig, apiKeys);
|
||||
baseName = NULL;
|
||||
sslConfig = NULL;
|
||||
apiKeys = NULL;
|
||||
|
||||
apiClient_free(k8sApiClient);
|
||||
k8sApiClient = NULL;
|
||||
|
||||
apiClient_free(g_k8sAPIConnector);
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
INCLUDE:=-I../../kubernetes/include -I../../kubernetes/model -I../../kubernetes/api
|
||||
LIBS:=-L../../kubernetes/build -lkubernetes -lcurl -lpthread -lssl -lz
|
||||
INCLUDE:=-I../../kubernetes/include -I../../kubernetes/model -I../../kubernetes/api -I../../kubernetes/config
|
||||
LIBS:=-L../../kubernetes/build -lkubernetes -lcurl -lyaml -lpthread -lssl -lz
|
||||
CFLAGS:=-g
|
||||
|
||||
all:
|
||||
|
||||
@@ -1,22 +1,10 @@
|
||||
#include <kube_config.h>
|
||||
#include <apiClient.h>
|
||||
#include <CoreV1API.h>
|
||||
#include <malloc.h>
|
||||
#include <stdio.h>
|
||||
#include <errno.h>
|
||||
|
||||
// kubectl proxy server
|
||||
#define K8S_APISERVER_BASEPATH "http://localhost:8001"
|
||||
|
||||
// Alternately from within a Kubernetes cluster:
|
||||
// #define K8S_APISERVER_BASEPATH https://your.server.here
|
||||
|
||||
#define K8S_TOKEN_FILE_IN_CLUSTER "/var/run/secrets/kubernetes.io/serviceaccount/token"
|
||||
#define K8S_TOKEN_BUF_SIZE 1024
|
||||
#define K8S_AUTH_KEY "Authorization"
|
||||
#define K8S_AUTH_VALUE_TEMPLATE "Bearer %s"
|
||||
|
||||
apiClient_t *g_k8sAPIConnector;
|
||||
|
||||
void list_pod(apiClient_t * apiClient)
|
||||
{
|
||||
v1_pod_list_t *pod_list = NULL;
|
||||
@@ -31,71 +19,48 @@ void list_pod(apiClient_t * apiClient)
|
||||
0, /* timeoutSeconds */
|
||||
0 /* watch */
|
||||
);
|
||||
printf("return code=%ld\n", apiClient->response_code);
|
||||
printf("The return code of HTTP request=%ld\n", apiClient->response_code);
|
||||
if (pod_list) {
|
||||
printf("Get pod list.\n");
|
||||
printf("Get pod list:\n");
|
||||
listEntry_t *listEntry = NULL;
|
||||
v1_pod_t *pod = NULL;
|
||||
list_ForEach(listEntry, pod_list->items) {
|
||||
pod = listEntry->data;
|
||||
printf("pod name=%s\n", pod->metadata->name);
|
||||
printf("\tThe pod name: %s\n", pod->metadata->name);
|
||||
}
|
||||
} else {
|
||||
printf("Cannot list any pod.\n");
|
||||
printf("Cannot get any pod.\n");
|
||||
}
|
||||
}
|
||||
|
||||
int loadK8sConfigInCluster(char *token, int token_buf_size)
|
||||
{
|
||||
static char fname[] = "loadK8sConfigInCluster()";
|
||||
|
||||
FILE *fp;
|
||||
fp = fopen(K8S_TOKEN_FILE_IN_CLUSTER, "r");
|
||||
|
||||
if (fp == NULL) {
|
||||
if (errno == ENOENT) {
|
||||
printf("%s: The file %s does not exist.", fname, K8S_TOKEN_FILE_IN_CLUSTER);
|
||||
return (-1);
|
||||
} else {
|
||||
printf("%s: Failed to open file %s.", fname, K8S_TOKEN_FILE_IN_CLUSTER);
|
||||
return (-1);
|
||||
}
|
||||
}
|
||||
|
||||
while (fgets(token, token_buf_size, fp) != NULL) {
|
||||
;
|
||||
}
|
||||
|
||||
printf("%s\n", token);
|
||||
|
||||
fclose(fp);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int init_k8s_connector(const char *token_out_of_cluster)
|
||||
{
|
||||
list_t *apiKeys;
|
||||
apiKeys = list_create();
|
||||
|
||||
char *keyToken = strdup(K8S_AUTH_KEY);
|
||||
|
||||
char valueToken[K8S_TOKEN_BUF_SIZE];
|
||||
memset(valueToken, 0, sizeof(valueToken));
|
||||
|
||||
sprintf(valueToken, K8S_AUTH_VALUE_TEMPLATE, token_out_of_cluster);
|
||||
|
||||
keyValuePair_t *keyPairToken = keyValuePair_create(keyToken, valueToken);
|
||||
list_addElement(apiKeys, keyPairToken);
|
||||
|
||||
g_k8sAPIConnector = apiClient_create_with_base_path(K8S_APISERVER_BASEPATH, NULL, apiKeys);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
init_k8s_connector(argv[1]);
|
||||
int rc = 0;
|
||||
|
||||
list_pod(g_k8sAPIConnector);
|
||||
char *baseName = NULL;
|
||||
sslConfig_t *sslConfig = NULL;
|
||||
list_t *apiKeys = NULL;
|
||||
apiClient_t *k8sApiClient = NULL;
|
||||
|
||||
apiClient_free(g_k8sAPIConnector);
|
||||
rc = load_kube_config(&baseName, &sslConfig, &apiKeys, NULL);
|
||||
if (0 == rc) {
|
||||
k8sApiClient = apiClient_create_with_base_path(baseName, sslConfig, apiKeys);
|
||||
} else {
|
||||
printf("Cannot load kubernetes configuration.\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (k8sApiClient) {
|
||||
list_pod(k8sApiClient);
|
||||
}
|
||||
|
||||
free_client_config(baseName, sslConfig, apiKeys);
|
||||
baseName = NULL;
|
||||
sslConfig = NULL;
|
||||
apiKeys = NULL;
|
||||
|
||||
apiClient_free(k8sApiClient);
|
||||
k8sApiClient = NULL;
|
||||
|
||||
return rc;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user