欢迎关注我的公众号:
目前刚开始写一个月,一共写了18篇原创文章,文章目录如下:
istio防故障利器,你知道几个,istio新手不要读,太难!
不懂envoyfilter也敢说精通istio系列-http-rbac-不要只会用AuthorizationPolicy配置权限
不懂envoyfilter也敢说精通istio系列-02-http-corsFilter-不要只会vs
不懂envoyfilter也敢说精通istio系列-03-http-csrf filter-再也不用再代码里写csrf逻辑了
不懂envoyfilter也敢说精通istio系列http-jwt_authn-不要只会RequestAuthorization
不懂envoyfilter也敢说精通istio系列-05-fault-filter-故障注入不止是vs
不懂envoyfilter也敢说精通istio系列-06-http-match-配置路由不只是vs
不懂envoyfilter也敢说精通istio系列-07-负载均衡配置不止是dr
不懂envoyfilter也敢说精通istio系列-08-连接池和断路器
不懂envoyfilter也敢说精通istio系列-09-http-route filter
不懂envoyfilter也敢说精通istio系列-network filter-redis proxy
不懂envoyfilter也敢说精通istio系列-network filter-HttpConnectionManager
不懂envoyfilter也敢说精通istio系列-ratelimit-istio ratelimit完全手册
————————————————
//创建config命令
func NewCmdConfig(f cmdutil.Factory, pathOptions *clientcmd.PathOptions, streams genericclioptions.IOStreams) *cobra.Command {
if len(pathOptions.ExplicitFileFlag) == 0 {//设置kubeconfig选项名称
pathOptions.ExplicitFileFlag = clientcmd.RecommendedConfigPathFlag
}
cmd := &cobra.Command{//创建cobra命令
Use: "config SUBCOMMAND",
DisableFlagsInUseLine: true,
Short: i18n.T("Modify kubeconfig files"),
Long: templates.LongDesc(`
Modify kubeconfig files using subcommands like "kubectl config set current-context my-context"
The loading order follows these rules:
1. If the --` + pathOptions.ExplicitFileFlag + ` flag is set, then only that file is loaded. The flag may only be set once and no merging takes place.
2. If $` + pathOptions.EnvVar + ` environment variable is set, then it is used as a list of paths (normal path delimiting rules for your system). These paths are merged. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list.
3. Otherwise, ` + path.Join("${HOME}", pathOptions.GlobalFileSubpath) + ` is used and no merging takes place.`),
Run: cmdutil.DefaultSubCommandRun(streams.ErrOut),
}
// file paths are common to all sub commands
cmd.PersistentFlags().StringVar(&pathOptions.LoadingRules.ExplicitPath, pathOptions.ExplicitFileFlag, pathOptions.LoadingRules.ExplicitPath, "use a particular kubeconfig file")//kubeconfig选项
// TODO(juanvallejo): update all subcommands to work with genericclioptions.IOStreams
cmd.AddCommand(NewCmdConfigView(f, streams, pathOptions))//添加view子命令
cmd.AddCommand(NewCmdConfigSetCluster(streams.Out, pathOptions))//set-cluster子命令
cmd.AddCommand(NewCmdConfigSetAuthInfo(streams.Out, pathOptions))//setauthinfo子命令
cmd.AddCommand(NewCmdConfigSetContext(streams.Out, pathOptions))//set-context子命令
cmd.AddCommand(NewCmdConfigSet(streams.Out, pathOptions))//set子命令
cmd.AddCommand(NewCmdConfigUnset(streams.Out, pathOptions))//unset子命令
cmd.AddCommand(NewCmdConfigCurrentContext(streams.Out, pathOptions))//current-context子命令
cmd.AddCommand(NewCmdConfigUseContext(streams.Out, pathOptions))//use-context子命令
cmd.AddCommand(NewCmdConfigGetContexts(streams, pathOptions))//get-context子命令
cmd.AddCommand(NewCmdConfigGetClusters(streams.Out, pathOptions))//get-cluster子命令
cmd.AddCommand(NewCmdConfigDeleteCluster(streams.Out, pathOptions))//delete-cluster子命令
cmd.AddCommand(NewCmdConfigDeleteContext(streams.Out, streams.ErrOut, pathOptions))//delete-context子命令
cmd.AddCommand(NewCmdConfigRenameContext(streams.Out, pathOptions))//rename-context子命令
return cmd
}type ViewOptions struct {//view结构体
PrintFlags *genericclioptions.PrintFlags
PrintObject printers.ResourcePrinterFunc
ConfigAccess clientcmd.ConfigAccess
Merge cliflag.Tristate
Flatten bool
Minify bool
RawByteData bool
Context string
OutputFormat string
genericclioptions.IOStreams
}//创建config命令
func NewCmdConfigView(f cmdutil.Factory, streams genericclioptions.IOStreams, ConfigAccess clientcmd.ConfigAccess) *cobra.Command {
o := &ViewOptions{//初始化结构体
PrintFlags: genericclioptions.NewPrintFlags("").WithTypeSetter(scheme.Scheme).WithDefaultOutput("yaml"),
ConfigAccess: ConfigAccess,
IOStreams: streams,
}
cmd := &cobra.Command{//创建cobra命令
Use: "view",
Short: i18n.T("Display merged kubeconfig settings or a specified kubeconfig file"),
Long: viewLong,
Example: viewExample,
Run: func(cmd *cobra.Command, args []string) {
cmdutil.CheckErr(o.Complete(cmd, args))//准备
cmdutil.CheckErr(o.Validate())//校验
cmdutil.CheckErr(o.Run())//运行
},
}
o.PrintFlags.AddFlags(cmd)//打印选项
o.Merge.Default(true)//merge默认值
mergeFlag := cmd.Flags().VarPF(&o.Merge, "merge", "", "Merge the full hierarchy of kubeconfig files")//merge选项
mergeFlag.NoOptDefVal = "true"
cmd.Flags().BoolVar(&o.RawByteData, "raw", o.RawByteData, "Display raw byte data")//raw选项
cmd.Flags().BoolVar(&o.Flatten, "flatten", o.Flatten, "Flatten the resulting kubeconfig file into self-contained output (useful for creating portable kubeconfig files)")//flatten选项
cmd.Flags().BoolVar(&o.Minify, "minify", o.Minify, "Remove all information not used by current-context from the output")//minify选项
return cmd
}//准备
func (o *ViewOptions) Complete(cmd *cobra.Command, args []string) error {
if len(args) != 0 {//参数必须是0个
return cmdutil.UsageErrorf(cmd, "unexpected arguments: %v", args)
}
if o.ConfigAccess.IsExplicitFile() {//如果指定了kubeconfig选项
if !o.Merge.Provided() {//如果merge没设置,设置为false
o.Merge.Set("false")
}
}
printer, err := o.PrintFlags.ToPrinter()//print flag转printer
if err != nil {
return err
}
o.PrintObject = printer.PrintObj//设置printObject函数
o.Context = cmdutil.GetFlagString(cmd, "context")//设置context
return nil
}func (o ViewOptions) Validate() error {//校验
if !o.Merge.Value() && !o.ConfigAccess.IsExplicitFile() {//如果merge为false,必须指定kubeconfig选项
return errors.New("if merge==false a precise file must to specified")
}
return nil
}//运行
func (o ViewOptions) Run() error {
config, err := o.loadConfig()//加载config
if err != nil {
return err
}
if o.Minify {//如果指定了minify
if len(o.Context) > 0 {//如果指定了context
config.CurrentContext = o.Context//设置config context
}
if err := clientcmdapi.MinifyConfig(config); err != nil {//修剪config
return err
}
}
if o.Flatten {// 如果指定了flattern
if err := clientcmdapi.FlattenConfig(config); err != nil {//flatten config
return err
}
} else if !o.RawByteData {//如果没指定raw
clientcmdapi.ShortenConfig(config)//shorten config
}
convertedObj, err := latest.Scheme.ConvertToVersion(config, latest.ExternalVersion)//转换config版本
if err != nil {
return err
}
return o.PrintObject(convertedObj, o.Out)//打印
}func (o ViewOptions) loadConfig() (*clientcmdapi.Config, error) {//加载config
err := o.Validate()//校验
if err != nil {
return nil, err
}
config, err := o.getStartingConfig()//获取config
return config, err
}
// getStartingConfig returns the Config object built from the sources specified by the options, the filename read (only if it was a single file), and an error if something goes wrong
func (o *ViewOptions) getStartingConfig() (*clientcmdapi.Config, error) {
switch {
case !o.Merge.Value():// 如果merge为false
return clientcmd.LoadFromFile(o.ConfigAccess.GetExplicitFile())//从文件加载
default:
return o.ConfigAccess.GetStartingConfig()//从configAccess加载
}
}func MinifyConfig(config *Config) error {//修剪config
if len(config.CurrentContext) == 0 {//如果没有currentContext报错
return errors.New("current-context must exist in order to minify")
}
currContext, exists := config.Contexts[config.CurrentContext]//获取currentContext
if !exists {
return fmt.Errorf("cannot locate context %v", config.CurrentContext)
}
newContexts := map[string]*Context{}
newContexts[config.CurrentContext] = currContext//设置新的context
newClusters := map[string]*Cluster{}//clustermap
if len(currContext.Cluster) > 0 {//如果currentContext的cluster有值
if _, exists := config.Clusters[currContext.Cluster]; !exists {//获取当前cluster
return fmt.Errorf("cannot locate cluster %v", currContext.Cluster)
}
newClusters[currContext.Cluster] = config.Clusters[currContext.Cluster]//把cluster设置到newCluster里
}
newAuthInfos := map[string]*AuthInfo{}//newAuthinfos map
if len(currContext.AuthInfo) > 0 {//如果当前contenxt有授权信息
if _, exists := config.AuthInfos[currContext.AuthInfo]; !exists {//判断授权信息是否存在
return fmt.Errorf("cannot locate user %v", currContext.AuthInfo)
}
newAuthInfos[currContext.AuthInfo] = config.AuthInfos[currContext.AuthInfo]//设置newAuthInfos
}
config.AuthInfos = newAuthInfos//设置config当前上下文的信息
config.Clusters = newClusters
config.Contexts = newContexts
return nil
}func FlattenConfig(config *Config) error {//flatten config
for key, authInfo := range config.AuthInfos {//遍历授权信息
baseDir, err := MakeAbs(path.Dir(authInfo.LocationOfOrigin), "")//获取授权信息秘钥基路径
if err != nil {
return err
}
if err := FlattenContent(&authInfo.ClientCertificate, &authInfo.ClientCertificateData, baseDir); err != nil {//从文件读取ClientCertificate信息,赋值给ClientCertificateData
return err
}
if err := FlattenContent(&authInfo.ClientKey, &authInfo.ClientKeyData, baseDir); err != nil {//从文件读取ClientKey信息赋值给ClientKeyData
return err
}
config.AuthInfos[key] = authInfo//设置授权信息
}
for key, cluster := range config.Clusters {//遍历clusters
baseDir, err := MakeAbs(path.Dir(cluster.LocationOfOrigin), "")//获取cluster秘钥信息基路径
if err != nil {
return err
}
if err := FlattenContent(&cluster.CertificateAuthority, &cluster.CertificateAuthorityData, baseDir); err != nil {//从文件读取CertificateAuthority,赋值给CertificateAuthorityData
return err
}
config.Clusters[key] = cluster//设置cluster
}
return nil
}func ShortenConfig(config *Config) {//简化config
// trick json encoder into printing a human readable string in the raw data
// by base64 decoding what we want to print. Relies on implementation of
// http://golang.org/pkg/encoding/json/#Marshal using base64 to encode []byte
for key, authInfo := range config.AuthInfos {//遍历授权信息
if len(authInfo.ClientKeyData) > 0 {
authInfo.ClientKeyData = redactedBytes//设置ClientKeyData
}
if len(authInfo.ClientCertificateData) > 0 {
authInfo.ClientCertificateData = redactedBytes//设置ClientCertificateData
}
config.AuthInfos[key] = authInfo//设置授权信息
}
for key, cluster := range config.Clusters {
if len(cluster.CertificateAuthorityData) > 0 {
cluster.CertificateAuthorityData = dataOmittedBytes//设置CertificateAuthorityData
}
config.Clusters[key] = cluster//设置cluster
}
}
扫一扫
1705
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
