| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 |
- /*
- Copyright 2018 The Kubernetes Authors.
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- */
- package main
- import (
- "crypto/tls"
- "k8s.io/client-go/kubernetes"
- "k8s.io/client-go/rest"
- "k8s.io/klog"
- )
- // Get a clientset with in-cluster config.
- func getClient() *kubernetes.Clientset {
- config, err := rest.InClusterConfig()
- if err != nil {
- klog.Fatal(err)
- }
- clientset, err := kubernetes.NewForConfig(config)
- if err != nil {
- klog.Fatal(err)
- }
- return clientset
- }
- func configTLS(config Config, clientset *kubernetes.Clientset) *tls.Config {
- sCert, err := tls.LoadX509KeyPair(config.CertFile, config.KeyFile)
- if err != nil {
- klog.Fatal(err)
- }
- return &tls.Config{
- Certificates: []tls.Certificate{sCert},
- // TODO: uses mutual tls after we agree on what cert the apiserver should use.
- // ClientAuth: tls.RequireAndVerifyClientCert,
- }
- }
|
