aboutsummaryrefslogtreecommitdiffstats
path: root/test/security
diff options
context:
space:
mode:
authorPawel Wieczorek <p.wieczorek2@samsung.com>2019-09-27 16:10:33 +0200
committerPawel Wieczorek <p.wieczorek2@samsung.com>2019-09-27 17:38:49 +0200
commit96f4e2fe0ef3bfaf8371f29562ecb6129f20e3ab (patch)
tree2288de65e30918dc76069e74b51498026e23acc0 /test/security
parentcd41e6ad30e6a0a06915b3630b81bb8894ca9b01 (diff)
k8s: Add scheduler information collection
Issue-ID: SECCOM-235 Change-Id: I7da645737440172d3cf11f33069daa2697f83056 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Diffstat (limited to 'test/security')
-rw-r--r--test/security/k8s/src/check/check.go12
-rw-r--r--test/security/k8s/src/check/cmd/check/check.go5
-rw-r--r--test/security/k8s/src/check/rancher/rancher.go6
-rw-r--r--test/security/k8s/src/check/raw/raw.go6
4 files changed, 27 insertions, 2 deletions
diff --git a/test/security/k8s/src/check/check.go b/test/security/k8s/src/check/check.go
index c185887d7..b9814829e 100644
--- a/test/security/k8s/src/check/check.go
+++ b/test/security/k8s/src/check/check.go
@@ -4,6 +4,8 @@ package check
type Informer interface {
// GetAPIParams returns API server parameters.
GetAPIParams() ([]string, error)
+ // GetSchedulerParams returns scheduler parameters.
+ GetSchedulerParams() ([]string, error)
}
// Command represents commands run on cluster.
@@ -12,14 +14,17 @@ type Command int
const (
// APIProcess represents API server command ("kube-apiserver").
APIProcess Command = iota
+ // SchedulerProcess represents scheduler command ("kube-scheduler").
+ SchedulerProcess
)
func (c Command) String() string {
names := [...]string{
"kube-apiserver",
+ "kube-scheduler",
}
- if c < APIProcess || c > APIProcess {
+ if c < APIProcess || c > SchedulerProcess {
return "exit"
}
return names[c]
@@ -31,14 +36,17 @@ type Service int
const (
// APIService represents API server service ("kubernetes/kubernetes").
APIService Service = iota
+ // SchedulerService represents scheduler service ("kubernetes/scheduler").
+ SchedulerService
)
func (s Service) String() string {
names := [...]string{
"kubernetes/kubernetes",
+ "kubernetes/scheduler",
}
- if s < APIService || s > APIService {
+ if s < APIService || s > SchedulerService {
return ""
}
return names[s]
diff --git a/test/security/k8s/src/check/cmd/check/check.go b/test/security/k8s/src/check/cmd/check/check.go
index 40e3a092c..e60912801 100644
--- a/test/security/k8s/src/check/cmd/check/check.go
+++ b/test/security/k8s/src/check/cmd/check/check.go
@@ -42,4 +42,9 @@ func main() {
log.Fatal(err)
}
master.CheckAPI(apiParams)
+
+ _, err = info.GetSchedulerParams()
+ if err != nil {
+ log.Fatal(err)
+ }
}
diff --git a/test/security/k8s/src/check/rancher/rancher.go b/test/security/k8s/src/check/rancher/rancher.go
index d77f15445..41f3c38e2 100644
--- a/test/security/k8s/src/check/rancher/rancher.go
+++ b/test/security/k8s/src/check/rancher/rancher.go
@@ -34,6 +34,12 @@ func (r *Rancher) GetAPIParams() ([]string, error) {
return getProcessParams(check.APIProcess, check.APIService)
}
+// GetSchedulerParams returns parameters of running Kubernetes scheduler.
+// It queries default environment set in configuration file.
+func (r *Rancher) GetSchedulerParams() ([]string, error) {
+ return getProcessParams(check.SchedulerProcess, check.SchedulerService)
+}
+
func getProcessParams(process check.Command, service check.Service) ([]string, error) {
hosts, err := listHosts()
if err != nil {
diff --git a/test/security/k8s/src/check/raw/raw.go b/test/security/k8s/src/check/raw/raw.go
index 2a9f0a17f..3c5409aee 100644
--- a/test/security/k8s/src/check/raw/raw.go
+++ b/test/security/k8s/src/check/raw/raw.go
@@ -34,6 +34,12 @@ func (r *Raw) GetAPIParams() ([]string, error) {
return getProcessParams(check.APIProcess)
}
+// GetSchedulerParams returns parameters of running Kubernetes scheduler.
+// It queries only cluster nodes with "controlplane" role.
+func (r *Raw) GetSchedulerParams() ([]string, error) {
+ return getProcessParams(check.SchedulerProcess)
+}
+
func getProcessParams(process check.Command) ([]string, error) {
nodes, err := config.GetNodesInfo()
if err != nil {