- fixing the protokube flag issue

2017-12-04 23:35:18 +00:00 · 2017-12-04 23:35:18 +00:00 · a140d5b7f1
parent d065111453
commit a140d5b7f1
4 changed files with 12 additions and 22 deletions
--- a/nodeup/pkg/model/context.go
+++ b/nodeup/pkg/model/context.go
@ -226,11 +226,17 @@ func (c *NodeupModelContext) UseEtcdTLS() bool {
 // @NOTE: in retrospect i think we should have consolidated the common config in the wrapper struct; it
 // feels wierd we set things like version, tls etc per cluster since they both have to be the same.
 func (c *NodeupModelContext) UseTLSAuth() bool {
-	if len(c.Cluster.Spec.EtcdClusters) != 2 {
+	if !c.UseEtcdTLS() {
 		return false
 	}
-	return c.Cluster.Spec.EtcdClusters[0].EnableTLSAuth && c.Cluster.Spec.EtcdClusters[1].EnableTLSAuth
+	for _, x := range c.Cluster.Spec.EtcdClusters {
 		if x.EnableTLSAuth {
 			return true
 		}
 	}
 	return false
 }
 // UsesCNI checks if the cluster has CNI configured
--- a/nodeup/pkg/model/protokube.go
+++ b/nodeup/pkg/model/protokube.go
@ -286,11 +286,10 @@ func (t *ProtokubeBuilder) ProtokubeFlags(k8sVersion semver.Version) (*Protokube
 		f.TLSCAFile = s(filepath.Join(t.PathSrvKubernetes(), "ca.crt"))
 		f.TLSCertFile = s(filepath.Join(t.PathSrvKubernetes(), "etcd.pem"))
 		f.TLSKeyFile = s(filepath.Join(t.PathSrvKubernetes(), "etcd-key.pem"))
-
+	}
 	if t.UseTLSAuth() {
 		enableAuth := true
-		if t.UseTLSAuth() {
+		f.TLSAuth = b(enableAuth)
 			f.TLSAuth = b(enableAuth)
 		}
 	}
 	zone := t.Cluster.Spec.DNSZone
--- a/pkg/model/bootstrapscript.go
+++ b/pkg/model/bootstrapscript.go
@ -106,11 +106,6 @@ func (b *BootstrapScript) ResourceNodeUp(ig *kops.InstanceGroup, cs *kops.Cluste
 			spec["kubeProxy"] = cs.KubeProxy
 			if ig.IsMaster() {
 				etcdSum, err := b.computeFingerprintOnStruct(cs.EtcdClusters)
 				if err != nil {
 					return "", err
 				}
 				spec["etcdFingerprint"] = etcdSum
 				spec["encryptionConfig"] = cs.EncryptionConfig
 				spec["kubeAPIServer"] = cs.KubeAPIServer
 				spec["kubeControllerManager"] = cs.KubeControllerManager
@ -278,16 +273,6 @@ func (b *BootstrapScript) getRelevantFileAssets(allFileAssets []kops.FileAssetSp
 	return fileAssets, nil
 }
 // computeFingerprintOnStruct is computed on the struct pointer
 func (b *BootstrapScript) computeFingerprintOnStruct(v interface{}) (string, error) {
 	content, err := yaml.Marshal(v)
 	if err != nil {
 		return "", err
 	}
 	return b.computeFingerprint(string(content))
 }
 // computeFingerprint takes a string and returns a base64 encoded fingerprint
 func (b *BootstrapScript) computeFingerprint(content string) (string, error) {
 	hasher := sha1.New()
--- a/protokube/cmd/protokube/main.go
+++ b/protokube/cmd/protokube/main.go
@ -77,7 +77,7 @@ func run() error {
 	flag.StringVar(&peerCA, "peer-ca", peerCA, "Path to a file containing the peer ca in PEM format")
 	flag.StringVar(&peerCert, "peer-cert", peerCert, "Path to a file containing the peer certificate")
 	flag.StringVar(&peerKey, "peer-key", peerKey, "Path to a file containing the private key for the peers")
-	flag.BoolVar(&tlsAuth, "tls-auth", peerAuth, "Indicates the peers and client should enforce authentication via CA")
+	flag.BoolVar(&tlsAuth, "tls-auth", tlsAuth, "Indicates the peers and client should enforce authentication via CA")
 	flag.StringVar(&tlsCA, "tls-ca", tlsCA, "Path to a file containing the ca for client certificates")
 	flag.StringVar(&tlsCert, "tls-cert", tlsCert, "Path to a file containing the certificate for etcd server")
 	flag.StringVar(&tlsKey, "tls-key", tlsKey, "Path to a file containing the private key for etcd server")