Home Explore Help
Sign In
Tailscale
/
tailscale
mirror of https://github.com/tailscale/tailscale.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

cmd/k8s-operator: set different app type for operator with proxy (#10081)

Updates tailscale/tailscale#9222

plain k8s-operator should have hostinfo.App set to 'k8s-operator', operator with proxy should have it set to 'k8s-operator-proxy'. In proxy mode, we were setting the type after it had already been set to 'k8s-operator'

Signed-off-by: Irbe Krumina <[email protected]>
Irbe Krumina 2 years ago
parent
673ff2cb0b
commit
af49bcaa52
2 changed files with 12 additions and 6 deletions
Split View Show Diff Stats
  1. 11 2
      cmd/k8s-operator/operator.go
  2. 1 4
      cmd/k8s-operator/proxy.go

+ 11 - 2
cmd/k8s-operator/operator.go
View File 

@@ -67,10 +67,20 @@ func main() {
 
 	zlog := kzap.NewRaw(opts...).Sugar()
 
 	logf.SetLogger(zapr.NewLogger(zlog.Desugar()))
 
 
+	// The operator can run either as a plain operator or it can
 
+	// additionally act as api-server proxy
 
+	// https://tailscale.com/kb/1236/kubernetes-operator/?q=kubernetes#accessing-the-kubernetes-control-plane-using-an-api-server-proxy.
 
+	mode := parseAPIProxyMode()
 
+	if mode == apiserverProxyModeDisabled {
 
+		hostinfo.SetApp("k8s-operator")
 
+	} else {
 
+		hostinfo.SetApp("k8s-operator-proxy")
 
+	}
 
+
 
 	s, tsClient := initTSNet(zlog)
 
 	defer s.Close()
 
 	restConfig := config.GetConfigOrDie()
 
-	maybeLaunchAPIServerProxy(zlog, restConfig, s)
 
+	maybeLaunchAPIServerProxy(zlog, restConfig, s, mode)
 
 	runReconcilers(zlog, s, tsNamespace, restConfig, tsClient, image, priorityClassName, tags, tsFirewallMode)
 
 }
 
 
@@ -78,7 +88,6 @@ func main() {
 
 // CLIENT_ID_FILE and CLIENT_SECRET_FILE environment variables to authenticate
 
 // with Tailscale.
 
 func initTSNet(zlog *zap.SugaredLogger) (*tsnet.Server, *tailscale.Client) {
 
-	hostinfo.SetApp("k8s-operator")
 
 	var (
 
 		clientIDPath     = defaultEnv("CLIENT_ID_FILE", "")
 
 		clientSecretPath = defaultEnv("CLIENT_SECRET_FILE", "")

+ 1 - 4
cmd/k8s-operator/proxy.go
View File 

@@ -21,7 +21,6 @@ import (
 
 	"k8s.io/client-go/transport"
 
 	"tailscale.com/client/tailscale"
 
 	"tailscale.com/client/tailscale/apitype"
 
-	"tailscale.com/hostinfo"
 
 	"tailscale.com/tailcfg"
 
 	"tailscale.com/tsnet"
 
 	"tailscale.com/types/logger"
 
@@ -84,12 +83,10 @@ func parseAPIProxyMode() apiServerProxyMode {
 
 // maybeLaunchAPIServerProxy launches the auth proxy, which is a small HTTP server
 
 // that authenticates requests using the Tailscale LocalAPI and then proxies
 
 // them to the kube-apiserver.
 
-func maybeLaunchAPIServerProxy(zlog *zap.SugaredLogger, restConfig *rest.Config, s *tsnet.Server) {
 
-	mode := parseAPIProxyMode()
 
+func maybeLaunchAPIServerProxy(zlog *zap.SugaredLogger, restConfig *rest.Config, s *tsnet.Server, mode apiServerProxyMode) {
 
 	if mode == apiserverProxyModeDisabled {
 
 		return
 
 	}
 
-	hostinfo.SetApp("k8s-operator-proxy")
 
 	startlog := zlog.Named("launchAPIProxy")
 
 	if mode == apiserverProxyModeNoAuth {
 
 		restConfig = rest.AnonymousClientConfig(restConfig)