Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

future: support eks image #363

Merged
merged 5 commits into from
Mar 22, 2019
Merged

future: support eks image #363

merged 5 commits into from
Mar 22, 2019

Conversation

iyacontrol
Copy link
Contributor

What type of PR is this?

add support for eks.

/kind feature

@iyacontrol
Copy link
Contributor Author

eks 为aws 托管k8s,采取了特殊的webhook认证方式。kubeconfig 文件如下:

apiVersion: v1
clusters:

  • cluster:
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNU1ESXhOVEE1TkRreE9Wb1hEVEk1TURJeE1qQTVORGt4T1Zvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSnFqCkVaamdxa0EwTGYxR1pUaHZ1OHNDS0pxZnZDQ1dES2I5UHJ1ZVdtTkswSWpBZ1J1VDRkZDZ2WFNPYzMraExRVjkKRmY2eisrenFIN055dWJXeWQ4eGZqSTVGaDgvQnY5dUpPbzNXOHJ3YWRVRldtOGliMnVRTE5TNHVHdkF5VHJuSAozWGFjUFVzdGwydHd5RUtmK3V2YkpjMjBqaGZzakhablZMaEh6aUl2bVA4bUk5SE1IUi9HUUpiUUVOdVZSUWpiCkZIYTlYZE1XSEcwS2tCcFJ0VFZub0wyZTJUR3lweHlJZW1qUFMxUWVPSngvNndqL2gvVHFhMWhYTDFjWWlnNXEKNXVRUlR6MXpVNzk2YklZMEo2K0dWT3FsQk1lcnFQbFhRY2JIQ3dJb1FnRGRRSmNsdGduU2VqRnpDSjNaT2tHMApHU3h5cXhhc3I2YTJJNmF3WGwwQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFFV2IxamQvN2pNeEY4T1pORVdLcCszbFgzeWUKQi82c3VGK2UzdTdiNU05WUlER3NnOFRPMlJTK0Iwa0ZCcDBXTVpKOVNxVEYySG5SWUZoTDQzQ1RLZXI4c2xPLwpqd29NdnorR0s5NE9sd1ZtUlZ5TFZXUXZaTXcxeURyK3g1NGFnQ01LQnlGbXNEeHFPd1cra1FMTjNtTFdmN2pkCkJxQUltTlUyQnZFOTHBySmtOazB3cVNQanEwVWdXaExnWTA4aU1LRDlpQmVFdVdPTzJ3d3gKTXpxaFdiLzd6aVY0blNLZGdRSUl0SVorSDFMU2F6QmdnRjJjdFBaV2EwWTR2VGFUNUxkZ0F6dzRLODNEL2s5dQpVSG11ekdzYnRDRFVDZmpMeW9GWDRhZHY5a0ZpaEFEU29LUnJqWVQ3bk9VVGUvMU5MMERHd2xvakhoMD0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
    server: https://7EE8F10CFFCC6BD8FB9A480B.yl4.ap-southeast-1.eks.amazonaws.com
    name: arn:aws:eks:ap-southeast-1:xxx:cluster/SGT-eks-apse1-prod
    contexts:
  • context:
    cluster: arn:aws:eks:ap-southeast-1:xxx:cluster/SGT-eks-apse1-prod
    user: arn:aws:eks:ap-southeast-1:xxx:cluster/SGT-eks-apse1-prod
    name: arn:aws:eks:ap-southeast-1:xxx:cluster/SGT-eks-apse1-prod
    current-context: arn:aws:eks:ap-southeast-1:xxx:cluster/SGT-eks-apse1-prod
    kind: Config
    preferences: {}
    users:
  • name: arn:aws:eks:ap-southeast-1:xxxx:cluster/SGT-eks-apse1-prod
    user:
    exec:
    apiVersion: client.authentication.k8s.io/v1alpha1
    args:
    - token
    - -i
    - SGT-eks-apse1-prod
    command: aws-iam-authenticator

所以镜像中,必须安装aws-iam-authenticator,并且希望随着主版本提供eks专门镜像。

@wilhelmguo
Copy link
Collaborator

@iyacontrol 这个安装包大概有多大?可以考虑直接安装到基础镜像,没必要单独打镜像

@wilhelmguo wilhelmguo added the kind/feature Categorizes issue or PR as related to a new feature. label Mar 21, 2019
@iyacontrol
Copy link
Contributor Author

@wilhelmguo 26M 左右 。是否合适?

@wilhelmguo
Copy link
Collaborator

@iyacontrol 可以,但是可以考虑做一个基础镜像,没必要每次构建都安装一次

@iyacontrol
Copy link
Contributor Author

@wilhelmguo ok,可行。所谓的基础镜像,是把centos:7替换成 centos:7 + aws-iam-authenticator 吗?

@iyacontrol
Copy link
Contributor Author

@wilhelmguo 此外,这次兼容了eks,可以尽快发版,官宣一下吗?然后我可以写一个文章,来介绍wayne + eks认证这块。

@iyacontrol
Copy link
Contributor Author

@wilhelmguo 在hack/build下增加了base 文件夹,该文件夹下添加了新的base image dockerfile 。我想以后共性的东西可以添加在base当中。新的base image 命名为360cloud/centos:7,建议放到你们的仓库下面。

@wilhelmguo
Copy link
Collaborator

@iyacontrol 下周会发布新版本, 到时候你可以在官网写博客分享下

@wilhelmguo wilhelmguo merged commit f5ba583 into Qihoo360:master Mar 22, 2019
@iyacontrol iyacontrol deleted the eks branch March 22, 2019 13:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wilhelmguo wilhelmguo wilhelmguo approved these changes

Assignees

@iyacontrol iyacontrol

Labels
kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@iyacontrol @wilhelmguo