|
|
@@ -433,9 +433,12 @@ an OpenShift Container Platform cluster
|
|
|
"master", "master-config.yaml")
|
|
|
openshift_node_config_path = os.path.join(openshift_base_config_path,
|
|
|
"node", "node-config.yaml")
|
|
|
+ openshift_node_bootstrap_config_path = os.path.join(openshift_base_config_path,
|
|
|
+ "node", "bootstrap-node-config.yaml")
|
|
|
openshift_cert_check_paths = [
|
|
|
openshift_master_config_path,
|
|
|
openshift_node_config_path,
|
|
|
+ openshift_node_bootstrap_config_path,
|
|
|
]
|
|
|
|
|
|
# Paths for Kubeconfigs. Additional kubeconfigs are conditionally
|
|
|
@@ -567,45 +570,49 @@ an OpenShift Container Platform cluster
|
|
|
# There may be additional kubeconfigs to check, but their naming
|
|
|
# is less predictable than the ones we've already assembled.
|
|
|
|
|
|
- try:
|
|
|
- # Try to read the standard 'node-config.yaml' file to check if
|
|
|
- # this host is a node.
|
|
|
- with io.open(openshift_node_config_path, 'r', encoding='utf-8') as fp:
|
|
|
- cfg = yaml.load(fp)
|
|
|
+ for node_config in [openshift_node_config_path, openshift_node_bootstrap_config_path]:
|
|
|
+ try:
|
|
|
+ # Try to read the standard 'node-config.yaml' file to check if
|
|
|
+ # this host is a node.
|
|
|
+ with io.open(node_config, 'r', encoding='utf-8') as fp:
|
|
|
+ cfg = yaml.load(fp)
|
|
|
+
|
|
|
+ # OK, the config file exists, therefore this is a
|
|
|
+ # node. Nodes have their own kubeconfig files to
|
|
|
+ # communicate with the master API. Let's read the relative
|
|
|
+ # path to that file from the node config.
|
|
|
+ node_masterKubeConfig = cfg['masterKubeConfig']
|
|
|
+ # As before, the path to the 'masterKubeConfig' file is
|
|
|
+ # relative to `fp`
|
|
|
+ cfg_path = os.path.dirname(fp.name)
|
|
|
+ node_kubeconfig = os.path.join(cfg_path, node_masterKubeConfig)
|
|
|
|
|
|
- # OK, the config file exists, therefore this is a
|
|
|
- # node. Nodes have their own kubeconfig files to
|
|
|
- # communicate with the master API. Let's read the relative
|
|
|
- # path to that file from the node config.
|
|
|
- node_masterKubeConfig = cfg['masterKubeConfig']
|
|
|
- # As before, the path to the 'masterKubeConfig' file is
|
|
|
- # relative to `fp`
|
|
|
- cfg_path = os.path.dirname(fp.name)
|
|
|
- node_kubeconfig = os.path.join(cfg_path, node_masterKubeConfig)
|
|
|
-
|
|
|
- with io.open(node_kubeconfig, 'r', encoding='utf8') as fp:
|
|
|
- # Read in the nodes kubeconfig file and grab the good stuff
|
|
|
- cfg = yaml.load(fp)
|
|
|
+ with io.open(node_kubeconfig, 'r', encoding='utf8') as fp:
|
|
|
+ # Read in the nodes kubeconfig file and grab the good stuff
|
|
|
+ cfg = yaml.load(fp)
|
|
|
|
|
|
- c = cfg['users'][0]['user']['client-certificate-data']
|
|
|
- (cert_subject,
|
|
|
- cert_expiry_date,
|
|
|
- time_remaining,
|
|
|
- cert_serial) = load_and_handle_cert(c, now, base64decode=True, ans_module=module)
|
|
|
+ c = cfg['users'][0]['user'].get('client-certificate-data')
|
|
|
+ if not c:
|
|
|
+ # This is not a node
|
|
|
+ raise IOError
|
|
|
+ (cert_subject,
|
|
|
+ cert_expiry_date,
|
|
|
+ time_remaining,
|
|
|
+ cert_serial) = load_and_handle_cert(c, now, base64decode=True, ans_module=module)
|
|
|
|
|
|
- expire_check_result = {
|
|
|
- 'cert_cn': cert_subject,
|
|
|
- 'path': fp.name,
|
|
|
- 'expiry': cert_expiry_date,
|
|
|
- 'days_remaining': time_remaining.days,
|
|
|
- 'health': None,
|
|
|
- 'serial': cert_serial
|
|
|
- }
|
|
|
+ expire_check_result = {
|
|
|
+ 'cert_cn': cert_subject,
|
|
|
+ 'path': fp.name,
|
|
|
+ 'expiry': cert_expiry_date,
|
|
|
+ 'days_remaining': time_remaining.days,
|
|
|
+ 'health': None,
|
|
|
+ 'serial': cert_serial
|
|
|
+ }
|
|
|
|
|
|
- classify_cert(expire_check_result, now, time_remaining, expire_window, kubeconfigs)
|
|
|
- except IOError:
|
|
|
- # This is not a node
|
|
|
- pass
|
|
|
+ classify_cert(expire_check_result, now, time_remaining, expire_window, kubeconfigs)
|
|
|
+ except IOError:
|
|
|
+ # This is not a node
|
|
|
+ pass
|
|
|
|
|
|
for kube in filter_paths(kubeconfig_paths):
|
|
|
with io.open(kube, 'r', encoding='utf-8') as fp:
|
Vadim Rutkovsky