diff options
-rw-r--r-- | test/security/k8s/src/check/check.go | 12 | ||||
-rw-r--r-- | test/security/k8s/src/check/cmd/check/check.go | 5 | ||||
-rw-r--r-- | test/security/k8s/src/check/rancher/rancher.go | 6 | ||||
-rw-r--r-- | test/security/k8s/src/check/raw/raw.go | 6 |
4 files changed, 27 insertions, 2 deletions
diff --git a/test/security/k8s/src/check/check.go b/test/security/k8s/src/check/check.go index c185887d7..b9814829e 100644 --- a/test/security/k8s/src/check/check.go +++ b/test/security/k8s/src/check/check.go @@ -4,6 +4,8 @@ package check type Informer interface { // GetAPIParams returns API server parameters. GetAPIParams() ([]string, error) + // GetSchedulerParams returns scheduler parameters. + GetSchedulerParams() ([]string, error) } // Command represents commands run on cluster. @@ -12,14 +14,17 @@ type Command int const ( // APIProcess represents API server command ("kube-apiserver"). APIProcess Command = iota + // SchedulerProcess represents scheduler command ("kube-scheduler"). + SchedulerProcess ) func (c Command) String() string { names := [...]string{ "kube-apiserver", + "kube-scheduler", } - if c < APIProcess || c > APIProcess { + if c < APIProcess || c > SchedulerProcess { return "exit" } return names[c] @@ -31,14 +36,17 @@ type Service int const ( // APIService represents API server service ("kubernetes/kubernetes"). APIService Service = iota + // SchedulerService represents scheduler service ("kubernetes/scheduler"). + SchedulerService ) func (s Service) String() string { names := [...]string{ "kubernetes/kubernetes", + "kubernetes/scheduler", } - if s < APIService || s > APIService { + if s < APIService || s > SchedulerService { return "" } return names[s] diff --git a/test/security/k8s/src/check/cmd/check/check.go b/test/security/k8s/src/check/cmd/check/check.go index 40e3a092c..e60912801 100644 --- a/test/security/k8s/src/check/cmd/check/check.go +++ b/test/security/k8s/src/check/cmd/check/check.go @@ -42,4 +42,9 @@ func main() { log.Fatal(err) } master.CheckAPI(apiParams) + + _, err = info.GetSchedulerParams() + if err != nil { + log.Fatal(err) + } } diff --git a/test/security/k8s/src/check/rancher/rancher.go b/test/security/k8s/src/check/rancher/rancher.go index d77f15445..41f3c38e2 100644 --- a/test/security/k8s/src/check/rancher/rancher.go +++ b/test/security/k8s/src/check/rancher/rancher.go @@ -34,6 +34,12 @@ func (r *Rancher) GetAPIParams() ([]string, error) { return getProcessParams(check.APIProcess, check.APIService) } +// GetSchedulerParams returns parameters of running Kubernetes scheduler. +// It queries default environment set in configuration file. +func (r *Rancher) GetSchedulerParams() ([]string, error) { + return getProcessParams(check.SchedulerProcess, check.SchedulerService) +} + func getProcessParams(process check.Command, service check.Service) ([]string, error) { hosts, err := listHosts() if err != nil { diff --git a/test/security/k8s/src/check/raw/raw.go b/test/security/k8s/src/check/raw/raw.go index 2a9f0a17f..3c5409aee 100644 --- a/test/security/k8s/src/check/raw/raw.go +++ b/test/security/k8s/src/check/raw/raw.go @@ -34,6 +34,12 @@ func (r *Raw) GetAPIParams() ([]string, error) { return getProcessParams(check.APIProcess) } +// GetSchedulerParams returns parameters of running Kubernetes scheduler. +// It queries only cluster nodes with "controlplane" role. +func (r *Raw) GetSchedulerParams() ([]string, error) { + return getProcessParams(check.SchedulerProcess) +} + func getProcessParams(process check.Command) ([]string, error) { nodes, err := config.GetNodesInfo() if err != nil { |