From 6218d8322965bb4b838a7bb84f5dbd4fcefa1a88 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=B6nke=20Liebau?= <soenke.liebau@gmail.com>
Date: Thu, 25 Feb 2021 15:40:39 +0100
Subject: [PATCH 1/2] Adds bootstrapping of certificates and kubeconfig to
 agent.

If a bootstrap config is provided via the --bootstrap-file command line option and no valid config can be found in the usual places the agent will attempt to bootstrap a Kubeconfig via the configuration in the bootstrap file.

Additionally this code will check if the provided files from --server-cert-file and --server-key-file exist. If not, it will create a key pair and signing request, upload this to the apiserver and wait for the certificate to be provided by a controller.
---
 src/bin/agent.rs | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/src/bin/agent.rs b/src/bin/agent.rs
index 07566ba..061efb6 100644
--- a/src/bin/agent.rs
+++ b/src/bin/agent.rs
@@ -1,8 +1,6 @@
 use std::env;
 use std::ffi::OsString;
 
-use kube::config::Config as KubeConfig;
-use kube::config::KubeConfigOptions;
 use kubelet::config::{Config, ServerConfig};
 use kubelet::Kubelet;
 use log::{info, warn};
@@ -78,9 +76,15 @@ async fn main() -> anyhow::Result<()> {
         insecure_registries: None,
     };
 
-    let kubeconfig = KubeConfig::from_kubeconfig(&KubeConfigOptions::default())
-        .await
-        .expect("Failed to create Kubernetes Client!");
+    // Bootstrap a kubernetes config, if no valid config is found
+    // This also generates certificates for the webserver the krustlet
+    // runs
+    let kubeconfig = kubelet::bootstrap(
+        &krustlet_config,
+        &krustlet_config.bootstrap_file,
+        notify_bootstrap,
+    )
+    .await?;
 
     let provider = StackableProvider::new(
         kube::Client::new(kubeconfig.clone()),
@@ -101,3 +105,7 @@ fn export_env(var_name: &str, var_value: &str) {
     info!("Exporting {}={}", var_name, var_value);
     std::env::set_var(var_name, var_value);
 }
+
+fn notify_bootstrap(message: String) {
+    info!("Successfully bootstrapped tls certificate: {}", message);
+}

From 8971a769302f82a3da9164993908c0bc5d4241af Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=B6nke=20Liebau?= <soenke.liebau@opencore.com>
Date: Thu, 25 Feb 2021 15:54:12 +0100
Subject: [PATCH 2/2] typo

Co-authored-by: Lars Francke <github@lars-francke.de>
---
 src/bin/agent.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/bin/agent.rs b/src/bin/agent.rs
index 061efb6..e541561 100644
--- a/src/bin/agent.rs
+++ b/src/bin/agent.rs
@@ -107,5 +107,5 @@ fn export_env(var_name: &str, var_value: &str) {
 }
 
 fn notify_bootstrap(message: String) {
-    info!("Successfully bootstrapped tls certificate: {}", message);
+    info!("Successfully bootstrapped TLS certificate: {}", message);
 }