mirror of
https://github.com/k3s-io/k3s.git
synced 2026-05-28 04:34:19 -04:00
Fix K3s not validating datastore connection when no token is set
Signed-off-by: bo.jiang <bo.jiang@daocloud.io>
This commit is contained in:
bo.jiang
Brad Davidson
parent
b8cf676807
commit
b5f4fd1d73
1 changed files with 33 additions and 13 deletions
|
|
@ -186,6 +186,13 @@ func (c *Cluster) storageBootstrap(ctx context.Context) error {
|
|||
// that's AFTER generating CA certs and tokens. If the config is updated to set the
|
||||
// matching key, further startups will still be blocked pending cleanup of the
|
||||
// "newer" files as per the bootstrap reconciliation code.
|
||||
|
||||
_, err = getBootstrapValues(ctx, storageClient)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
logrus.Info("Datastore connection validated successfully, proceeding with bootstrap data generation")
|
||||
|
||||
c.saveBootstrap = true
|
||||
return nil
|
||||
}
|
||||
|
|
@ -269,6 +276,30 @@ func (c *Cluster) getBootstrapData(ctx context.Context, token string) ([]byte, e
|
|||
return decrypt(token, value.Data)
|
||||
}
|
||||
|
||||
// getBootstrapValues returns the value of all keys under the "/bootstrap" prefix, with a 10 second timeout.
|
||||
func getBootstrapValues(ctx context.Context, storageClient client.Client) ([]client.Value, error) {
|
||||
var bootstrapList []client.Value
|
||||
var err error
|
||||
|
||||
if err := wait.PollUntilContextCancel(ctx, 5*time.Second, true, func(ctx context.Context) (bool, error) {
|
||||
operationCtx, operationCancel := context.WithTimeout(ctx, 10*time.Second)
|
||||
defer operationCancel()
|
||||
|
||||
bootstrapList, err = storageClient.List(operationCtx, "/bootstrap", 0)
|
||||
if err != nil {
|
||||
if errors.Is(err, rpctypes.ErrGPRCNotSupportedForLearner) {
|
||||
return false, nil
|
||||
}
|
||||
return false, err
|
||||
}
|
||||
return true, nil
|
||||
}); err != nil {
|
||||
logrus.Errorf("Failed to validate datastore connection: %v", err)
|
||||
return nil, err
|
||||
}
|
||||
return bootstrapList, nil
|
||||
}
|
||||
|
||||
// getBootstrapKeyFromStorage will list all keys that has prefix /bootstrap and will check for key that is
|
||||
// hashed with empty string and will check for any key that is hashed by different token than the one
|
||||
// passed to it, it will return error if it finds a key that is hashed with different token and will return
|
||||
|
|
@ -278,19 +309,8 @@ func getBootstrapKeyFromStorage(ctx context.Context, storageClient client.Client
|
|||
emptyStringKey := storageKey("")
|
||||
tokenKey := storageKey(normalizedToken)
|
||||
|
||||
var bootstrapList []client.Value
|
||||
var err error
|
||||
|
||||
if err := wait.PollUntilContextCancel(ctx, 5*time.Second, true, func(ctx context.Context) (bool, error) {
|
||||
bootstrapList, err = storageClient.List(ctx, "/bootstrap", 0)
|
||||
if err != nil {
|
||||
if errors.Is(err, rpctypes.ErrGPRCNotSupportedForLearner) {
|
||||
return false, nil
|
||||
}
|
||||
return false, err
|
||||
}
|
||||
return true, nil
|
||||
}); err != nil {
|
||||
bootstrapList, err := getBootstrapValues(ctx, storageClient)
|
||||
if err != nil {
|
||||
return nil, false, err
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue