add APIServerEndpoint validation for JoinConfiguration

SataQiu · SataQiu · commit 5da7346be6da · 2019-09-04T14:40:43.000+08:00
diff --git a/controllers/kubeadmconfig_controller.go b/controllers/kubeadmconfig_controller.go
@@ -85,7 +85,7 @@ func (r *KubeadmConfigReconciler) SetupWithManager(mgr ctrl.Manager) error {
 		Complete(r)
 }
 
-// Reconcile TODO
+// Reconcile handles KubeadmConfig events
 func (r *KubeadmConfigReconciler) Reconcile(req ctrl.Request) (_ ctrl.Result, rerr error) {
 	ctx := context.Background()
 	log := r.Log.WithValues("kubeadmconfig", req.NamespacedName)
@@ -380,7 +380,7 @@ func (r *KubeadmConfigReconciler) ClusterToKubeadmConfigs(o handler.MapObject) [
 	return result
 }
 
-// reconcileDiscovery ensure that config.JoinConfiguration.Discovery is properly set for the joining node.
+// reconcileDiscovery ensures that config.JoinConfiguration.Discovery is properly set for the joining node.
 // The implementation func respect user provided discovery configurations, but in case some of them are missing, a valid BootstrapToken object
 // is automatically injected into config.JoinConfiguration.Discovery.
 // This allows to simplify configuration UX, by providing the option to delegate to CABPK the configuration of kubeadm join discovery.
@@ -398,8 +398,8 @@ func (r *KubeadmConfigReconciler) reconcileDiscovery(cluster *clusterv1.Cluster,
 	}
 
 	// if BootstrapToken already contains an APIServerEndpoint, respect it; otherwise inject the APIServerEndpoint endpoint defined in cluster status
-	//TODO(fp) might be we want to validate user provided APIServerEndpoint and warn/error if it doesn't match the api endpoint defined at cluster level
 	apiServerEndpoint := config.Spec.JoinConfiguration.Discovery.BootstrapToken.APIServerEndpoint
+	needValidateAPIEndpoints := true
 	if apiServerEndpoint == "" {
 		if len(cluster.Status.APIEndpoints) == 0 {
 			return errors.Wrap(&capierrors.RequeueAfterError{RequeueAfter: 10 * time.Second}, "Waiting for Cluster Controller to set cluster.Status.APIEndpoints")
@@ -409,6 +409,21 @@ func (r *KubeadmConfigReconciler) reconcileDiscovery(cluster *clusterv1.Cluster,
 		apiServerEndpoint = fmt.Sprintf("%s:%d", cluster.Status.APIEndpoints[0].Host, cluster.Status.APIEndpoints[0].Port)
 		config.Spec.JoinConfiguration.Discovery.BootstrapToken.APIServerEndpoint = apiServerEndpoint
 		log.Info("Altering JoinConfiguration.Discovery.BootstrapToken", "APIServerEndpoint", apiServerEndpoint)
+		needValidateAPIEndpoints = false
+	}
+	// validate user provided APIServerEndpoint matches the api endpoint defined at cluster level
+	if needValidateAPIEndpoints {
+		found := false
+		for _, APIEndpoint := range cluster.Status.APIEndpoints {
+			if apiServerEndpoint == fmt.Sprintf("%s:%d", APIEndpoint.Host, APIEndpoint.Port) {
+				found = true
+				break
+			}
+		}
+		if !found {
+			err := errors.Errorf("the provided APIServerEndpoint %v does not match any api endpoint defined at cluster %v", apiServerEndpoint, cluster.Status.APIEndpoints)
+			log.Error(err, "found mismatched configuration")
+		}
 	}
 
 	// if BootstrapToken already contains a token, respect it; otherwise create a new bootstrap token for the node to join
