kubernetes
/
kubectl
mirror of https://github.com/kubernetes/kubectl.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #84251 from deads2k/insecure-backend-proxy-kubectl 

add option to skip verifying kubelet certificates for logs

Kubernetes-commit: 4c5889190b557d69c05bd3161e274d841ba823d2
This commit is contained in:
Kubernetes Publisher 2019-10-23 17:49:19 -07:00
parent 1bfbeaf206 3fa753054c
commit 7eb9b5b7db
1 changed files with 20 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pkg/cmd/logs/logs.go
View File

@ -70,6 +70,9 @@ var (
# Show all logs from pod nginx written in the last hour # Show all logs from pod nginx written in the last hour
kubectl logs --since=1h nginx kubectl logs --since=1h nginx
# Show logs from a kubelet with an expired serving certificate
kubectl logs --insecure-skip-tls-verify-backend nginx
# Return snapshot logs from first container of a job named hello # Return snapshot logs from first container of a job named hello
kubectl logs job/hello kubectl logs job/hello
@ -103,6 +106,7 @@ type LogsOptions struct {
LimitBytes int64 LimitBytes int64
Tail int64 Tail int64
Container string Container string
InsecureSkipTLSVerifyBackend bool
// whether or not a container name was given via --container // whether or not a container name was given via --container
ContainerNameSpecified bool ContainerNameSpecified bool
@ -159,6 +163,8 @@ func NewCmdLogs(f cmdutil.Factory, streams genericclioptions.IOStreams) *cobra.C
cmd.Flags().StringVar(&o.SinceTime, "since-time", o.SinceTime, i18n.T("Only return logs after a specific date (RFC3339). Defaults to all logs. Only one of since-time / since may be used.")) cmd.Flags().StringVar(&o.SinceTime, "since-time", o.SinceTime, i18n.T("Only return logs after a specific date (RFC3339). Defaults to all logs. Only one of since-time / since may be used."))
cmd.Flags().DurationVar(&o.SinceSeconds, "since", o.SinceSeconds, "Only return logs newer than a relative duration like 5s, 2m, or 3h. Defaults to all logs. Only one of since-time / since may be used.") cmd.Flags().DurationVar(&o.SinceSeconds, "since", o.SinceSeconds, "Only return logs newer than a relative duration like 5s, 2m, or 3h. Defaults to all logs. Only one of since-time / since may be used.")
cmd.Flags().StringVarP(&o.Container, "container", "c", o.Container, "Print the logs of this container") cmd.Flags().StringVarP(&o.Container, "container", "c", o.Container, "Print the logs of this container")
cmd.Flags().BoolVar(&o.InsecureSkipTLSVerifyBackend, "insecure-skip-tls-verify-backend", o.InsecureSkipTLSVerifyBackend,
"Skip verifying the identity of the kubelet that logs are requested from. In theory, an attacker could provide invalid log content back. You might want to use this if your kubelet serving certificates have expired.")
cmdutil.AddPodRunningTimeoutFlag(cmd, defaultPodLogsTimeout) cmdutil.AddPodRunningTimeoutFlag(cmd, defaultPodLogsTimeout)
cmd.Flags().StringVarP(&o.Selector, "selector", "l", o.Selector, "Selector (label query) to filter on.") cmd.Flags().StringVarP(&o.Selector, "selector", "l", o.Selector, "Selector (label query) to filter on.")
cmd.Flags().IntVar(&o.MaxFollowConcurrency, "max-log-requests", o.MaxFollowConcurrency, "Specify maximum number of concurrent logs to follow when using by a selector. Defaults to 5.") cmd.Flags().IntVar(&o.MaxFollowConcurrency, "max-log-requests", o.MaxFollowConcurrency, "Specify maximum number of concurrent logs to follow when using by a selector. Defaults to 5.")
@ -172,6 +178,7 @@ func (o *LogsOptions) ToLogOptions() (*corev1.PodLogOptions, error) {
Follow: o.Follow, Follow: o.Follow,
Previous: o.Previous, Previous: o.Previous,
Timestamps: o.Timestamps, Timestamps: o.Timestamps,
InsecureSkipTLSVerifyBackend: o.InsecureSkipTLSVerifyBackend,
} }
if len(o.SinceTime) > 0 { if len(o.SinceTime) > 0 {