clean up admin commands

hack/test-cmd.sh

@@ -86,11 +86,11 @@ do
     SERVER_HOSTNAME_LIST="${SERVER_HOSTNAME_LIST},${IP_ADDRESS}"
 done <<< "${ALL_IP_ADDRESSES}"
 
-# Create certificates
-openshift admin create-all-certs --overwrite=false --cert-dir="${CERT_DIR}" --hostnames="${SERVER_HOSTNAME_LIST}" --nodes="${API_HOST}" --master="${MASTER_ADDR}" --public-master="${API_SCHEME}://${PUBLIC_MASTER_HOST}"
+openshift admin create-master-certs --overwrite=false --cert-dir="${CERT_DIR}" --hostnames="${SERVER_HOSTNAME_LIST}" --master="${MASTER_ADDR}" --public-master="${API_SCHEME}://${PUBLIC_MASTER_HOST}"
+openshift admin create-node-config --listen="https://0.0.0.0:10250" --node-dir="${CERT_DIR}/node-${API_HOST}" --node="${API_HOST}" --hostnames="${SERVER_HOSTNAME_LIST}" --master="${MASTER_ADDR}" --certificate-authority="${CERT_DIR}/ca/cert.crt" --signer-cert="${CERT_DIR}/ca/cert.crt" --signer-key="${CERT_DIR}/ca/key.key" --signer-serial="${CERT_DIR}/ca/serial.txt"
 
 # Start openshift
-OPENSHIFT_ON_PANIC=crash openshift start --master="${API_SCHEME}://${API_HOST}:${API_PORT}" --listen="${API_SCHEME}://${API_HOST}:${API_PORT}" --hostname="${API_HOST}" --volume-dir="${VOLUME_DIR}" --cert-dir="${CERT_DIR}" --etcd-dir="${ETCD_DATA_DIR}" 1>&2 &
+OPENSHIFT_ON_PANIC=crash openshift start --master="${API_SCHEME}://${API_HOST}:${API_PORT}" --listen="${API_SCHEME}://${API_HOST}:${API_PORT}" --hostname="${API_HOST}" --volume-dir="${VOLUME_DIR}" --cert-dir="${CERT_DIR}" --etcd-dir="${ETCD_DATA_DIR}" --create-certs=false 1>&2 &
 OS_PID=$!
 
 if [[ "${API_SCHEME}" == "https" ]]; then

hack/test-end-to-end.sh

@@ -184,7 +184,8 @@ do
 	SERVER_HOSTNAME_LIST="${SERVER_HOSTNAME_LIST},${IP_ADDRESS}"
 done <<< "${ALL_IP_ADDRESSES}"
 
-openshift admin create-all-certs --overwrite=false --cert-dir="${CERT_DIR}" --hostnames="${SERVER_HOSTNAME_LIST}" --nodes="127.0.0.1" --master="${MASTER_ADDR}" --public-master="${API_SCHEME}://${PUBLIC_MASTER_HOST}"
+openshift admin create-master-certs --overwrite=false --cert-dir="${CERT_DIR}" --hostnames="${SERVER_HOSTNAME_LIST}" --master="${MASTER_ADDR}" --public-master="${API_SCHEME}://${PUBLIC_MASTER_HOST}"
+openshift admin create-node-config --listen="https://0.0.0.0:10250" --node-dir="${CERT_DIR}/node-127.0.0.1" --node="127.0.0.1" --hostnames="${SERVER_HOSTNAME_LIST}" --master="${MASTER_ADDR}"  --certificate-authority="${CERT_DIR}/ca/cert.crt" --signer-cert="${CERT_DIR}/ca/cert.crt" --signer-key="${CERT_DIR}/ca/key.key" --signer-serial="${CERT_DIR}/ca/serial.txt"
 
 
 echo "[INFO] Starting OpenShift server"

hack/test-extended.sh

@@ -54,15 +54,26 @@ start_server() {
     SERVER_HOSTNAME_LIST="${SERVER_HOSTNAME_LIST},${IP_ADDRESS}"
   done <<< "${ALL_IP_ADDRESSES}"
 
-  echo "[INFO] Create certificates for the OpenShift server"
-  sudo env "PATH=${PATH}" openshift admin create-all-certs \
+  echo "[INFO] Create certificates for the OpenShift master"
+  env "PATH=${PATH}" openshift admin create-master-certs \
   --overwrite=false \
   --cert-dir="${CERT_DIR}" \
   --hostnames="${SERVER_HOSTNAME_LIST}" \
-  --nodes="127.0.0.1" \
   --master="https://${OS_MASTER_ADDR}" \
   --public-master="https://${OS_MASTER_ADDR}"
 
+  echo "[INFO] Create certificates for the OpenShift node"
+  env "PATH=${PATH}" openshift admin create-node-config \
+  --listen="https://0.0.0.0:10250" \
+  --node-dir="${CERT_DIR}/node-127.0.0.1" \
+  --node="127.0.0.1" \
+  --hostnames="${SERVER_HOSTNAME_LIST}" \
+  --master="https://${OS_MASTER_ADDR}" \
+  --certificate-authority="${CERT_DIR}/ca/cert.crt" \
+  --signer-cert="${CERT_DIR}/ca/cert.crt" \
+  --signer-key="${CERT_DIR}/ca/key.key" \
+  --signer-serial="${CERT_DIR}/ca/serial.txt"
+
   echo "[INFO] Starting OpenShift server"
   sudo env "PATH=${PATH}" openshift start \
     --listen="https://0.0.0.0:${OS_MASTER_PORT}" \

pkg/cmd/admin/admin.go

@@ -2,7 +2,7 @@ package admin
 
 import (
 	"fmt"
-	"os"
+	"io"
 
 	"github.com/spf13/cobra"
 
@@ -28,21 +28,19 @@ Note: This is a beta release of OpenShift and may change significantly.  See
     https://github.com/openshift/origin for the latest information on OpenShift.
 `
 
-func NewCommandAdmin(name, fullName string) *cobra.Command {
+func NewCommandAdmin(name, fullName string, out io.Writer) *cobra.Command {
 	// Main command
 	cmd := &cobra.Command{
 		Use:   name,
 		Short: "tools for managing an OpenShift cluster",
 		Long:  fmt.Sprintf(longDesc),
 		Run: func(c *cobra.Command, args []string) {
-			c.SetOutput(os.Stdout)
+			c.SetOutput(out)
 			c.Help()
 		},
 	}
 
 	f := clientcmd.New(cmd.PersistentFlags())
-	//in := os.Stdin
-	out := os.Stdout
 
 	templates.UseAdminTemplates(cmd)
 
@@ -54,17 +52,15 @@ func NewCommandAdmin(name, fullName string) *cobra.Command {
 	cmd.AddCommand(config.NewCmdConfig(fullName, "config"))
 
 	// TODO: these probably belong in a sub command
-	cmd.AddCommand(admin.NewCommandCreateKubeConfig())
-	cmd.AddCommand(admin.NewCommandCreateBootstrapPolicyFile())
-	cmd.AddCommand(admin.NewCommandOverwriteBootstrapPolicy(out))
-	cmd.AddCommand(admin.NewCommandNodeConfig())
+	cmd.AddCommand(admin.NewCommandCreateKubeConfig(admin.CreateKubeConfigCommandName, fullName+" "+admin.CreateKubeConfigCommandName, out))
+	cmd.AddCommand(admin.NewCommandCreateBootstrapPolicyFile(admin.CreateBootstrapPolicyFileCommand, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out))
+	cmd.AddCommand(admin.NewCommandOverwriteBootstrapPolicy(admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.OverwriteBootstrapPolicyCommandName, fullName+" "+admin.CreateBootstrapPolicyFileCommand, out))
+	cmd.AddCommand(admin.NewCommandNodeConfig(admin.NodeConfigCommandName, fullName+" "+admin.NodeConfigCommandName, out))
 	// TODO: these should be rolled up together
-	cmd.AddCommand(admin.NewCommandCreateAllCerts())
-	cmd.AddCommand(admin.NewCommandCreateClientCert())
-	cmd.AddCommand(admin.NewCommandCreateNodeClientCert())
-	cmd.AddCommand(admin.NewCommandCreateServerCert())
-	cmd.AddCommand(admin.NewCommandCreateSignerCert())
-	cmd.AddCommand(admin.NewCommandCreateClient())
+	cmd.AddCommand(admin.NewCommandCreateMasterCerts(admin.CreateMasterCertsCommandName, fullName+" "+admin.CreateMasterCertsCommandName, out))
+	cmd.AddCommand(admin.NewCommandCreateClient(admin.CreateClientCommandName, fullName+" "+admin.CreateClientCommandName, out))
+	cmd.AddCommand(admin.NewCommandCreateServerCert(admin.CreateServerCertCommandName, fullName+" "+admin.CreateServerCertCommandName, out))
+	cmd.AddCommand(admin.NewCommandCreateSignerCert(admin.CreateSignerCertCommandName, fullName+" "+admin.CreateSignerCertCommandName, out))
 
 	if name == fullName {
 		cmd.AddCommand(version.NewVersionCommand(fullName))

pkg/cmd/openshift/openshift.go

@@ -57,7 +57,7 @@ func CommandFor(basename string) *cobra.Command {
 	case "osc":
 		cmd = cli.NewCommandCLI(basename, basename)
 	case "osadm":
-		cmd = admin.NewCommandAdmin(basename, basename)
+		cmd = admin.NewCommandAdmin(basename, basename, os.Stdout)
 	default:
 		cmd = NewCommandOpenShift()
 	}
@@ -83,7 +83,7 @@ func NewCommandOpenShift() *cobra.Command {
 
 	startAllInOne, _ := start.NewCommandStartAllInOne()
 	root.AddCommand(startAllInOne)
-	root.AddCommand(admin.NewCommandAdmin("admin", "openshift admin"))
+	root.AddCommand(admin.NewCommandAdmin("admin", "openshift admin", os.Stdout))
 	root.AddCommand(cli.NewCommandCLI("cli", "openshift cli"))
 	root.AddCommand(cli.NewCmdKubectl("kube"))
 	root.AddCommand(newExperimentalCommand("openshift", "ex"))

pkg/cmd/server/admin/create_bootstrappolicy_file.go

@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"errors"
 	"fmt"
+	"io"
 	"io/ioutil"
 	"os"
 	"path"
@@ -32,15 +33,15 @@ type CreateBootstrapPolicyFileOptions struct {
 	OpenShiftSharedResourcesNamespace string
 }
 
-func NewCommandCreateBootstrapPolicyFile() *cobra.Command {
+func NewCommandCreateBootstrapPolicyFile(commandName string, fullName string, out io.Writer) *cobra.Command {
 	options := &CreateBootstrapPolicyFileOptions{}
 
 	cmd := &cobra.Command{
-		Use:   CreateBootstrapPolicyFileCommand,
+		Use:   commandName,
 		Short: "Create bootstrap policy for OpenShift.",
 		Run: func(c *cobra.Command, args []string) {
 			if err := options.Validate(args); err != nil {
-				fmt.Println(err.Error())
+				fmt.Fprintln(c.Out(), err.Error())
 				c.Help()
 				return
 			}
@@ -50,6 +51,7 @@ func NewCommandCreateBootstrapPolicyFile() *cobra.Command {
 			}
 		},
 	}
+	cmd.SetOutput(out)
 
 	flags := cmd.Flags()
 

pkg/cmd/server/admin/create_client.go

@@ -3,6 +3,7 @@ package admin
 import (
 	"errors"
 	"fmt"
+	"io"
 	"io/ioutil"
 	"path"
 
@@ -12,6 +13,8 @@ import (
 	"github.com/GoogleCloudPlatform/kubernetes/pkg/util"
 )
 
+const CreateClientCommandName = "create-api-client-config"
+
 type CreateClientOptions struct {
 	GetSignerCertOptions *GetSignerCertOptions
 
@@ -25,15 +28,15 @@ type CreateClientOptions struct {
 	PublicAPIServerURL string
 }
 
-func NewCommandCreateClient() *cobra.Command {
+func NewCommandCreateClient(commandName string, fullName string, out io.Writer) *cobra.Command {
 	options := &CreateClientOptions{GetSignerCertOptions: &GetSignerCertOptions{}}
 
 	cmd := &cobra.Command{
-		Use:   "create-api-client-config",
+		Use:   commandName,
 		Short: "Create a portable client folder containing a client certificate, a client key, a server certificate authority, and a .kubeconfig file.",
 		Run: func(c *cobra.Command, args []string) {
 			if err := options.Validate(args); err != nil {
-				fmt.Println(err.Error())
+				fmt.Fprintln(c.Out(), err.Error())
 				c.Help()
 				return
 			}
@@ -43,6 +46,7 @@ func NewCommandCreateClient() *cobra.Command {
 			}
 		},
 	}
+	cmd.SetOutput(out)
 
 	flags := cmd.Flags()
 

pkg/cmd/server/admin/create_clientcert.go

@@ -2,10 +2,8 @@ package admin
 
 import (
 	"errors"
-	"fmt"
 
 	"github.com/golang/glog"
-	"github.com/spf13/cobra"
 
 	"github.com/GoogleCloudPlatform/kubernetes/pkg/auth/user"
 	"github.com/GoogleCloudPlatform/kubernetes/pkg/util"
@@ -25,40 +23,6 @@ type CreateClientCertOptions struct {
 	Overwrite bool
 }
 
-func NewCommandCreateClientCert() *cobra.Command {
-	options := &CreateClientCertOptions{GetSignerCertOptions: &GetSignerCertOptions{}}
-
-	cmd := &cobra.Command{
-		Use:   "create-client-cert",
-		Short: "Create client certificate",
-		Run: func(c *cobra.Command, args []string) {
-			if err := options.Validate(args); err != nil {
-				fmt.Println(err.Error())
-				c.Help()
-				return
-			}
-
-			if _, err := options.CreateClientCert(); err != nil {
-				fmt.Println(err.Error())
-				c.Help()
-				return
-			}
-		},
-	}
-
-	flags := cmd.Flags()
-	BindGetSignerCertOptions(options.GetSignerCertOptions, flags, "")
-
-	flags.StringVar(&options.CertFile, "cert", "openshift.local.certificates/user/cert.crt", "The certificate file.")
-	flags.StringVar(&options.KeyFile, "key", "openshift.local.certificates/user/key.key", "The key file.")
-
-	flags.StringVar(&options.User, "user", "", "The scope qualified username.")
-	flags.Var(&options.Groups, "groups", "The list of groups this user belongs to. Comma delimited list")
-	flags.BoolVar(&options.Overwrite, "overwrite", true, "Overwrite existing cert files if found.  If false, any existing file will be left as-is.")
-
-	return cmd
-}
-
 func (o CreateClientCertOptions) Validate(args []string) error {
 	if len(args) != 0 {
 		return errors.New("no arguments are supported")

pkg/cmd/server/admin/create_kubeconfig.go

@@ -3,6 +3,7 @@ package admin
 import (
 	"errors"
 	"fmt"
+	"io"
 	"io/ioutil"
 	"os"
 	"path/filepath"
@@ -14,6 +15,8 @@ import (
 	clientcmdapi "github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd/api"
 )
 
+const CreateKubeConfigCommandName = "create-kubeconfig"
+
 type CreateKubeConfigOptions struct {
 	APIServerURL       string
 	PublicAPIServerURL string
@@ -27,11 +30,11 @@ type CreateKubeConfigOptions struct {
 	KubeConfigFile string
 }
 
-func NewCommandCreateKubeConfig() *cobra.Command {
+func NewCommandCreateKubeConfig(commandName string, fullName string, out io.Writer) *cobra.Command {
 	options := &CreateKubeConfigOptions{}
 
 	cmd := &cobra.Command{
-		Use:   "create-kubeconfig",
+		Use:   commandName,
 		Short: "Create a basic .kubeconfig file from client certs",
 		Long: `
 Create's a .kubeconfig file at <--kubeconfig> that looks like this:
@@ -60,7 +63,7 @@ users:
 `,
 		Run: func(c *cobra.Command, args []string) {
 			if err := options.Validate(args); err != nil {
-				fmt.Println(err.Error())
+				fmt.Fprintln(c.Out(), err.Error())
 				c.Help()
 				return
 			}
@@ -70,6 +73,7 @@ users:
 			}
 		},
 	}
+	cmd.SetOutput(out)
 
 	flags := cmd.Flags()