Closed kvaps closed 2 months ago
Some logic can be borrowed from talosctl (be aware MPL license is not compatible with Apache2) https://github.com/siderolabs/talos/blob/b86edc6776f77a65d3a254cf0f0d713ce7a9145e/cmd/talosctl/cmd/talos/etcd.go#L1
Or we can sub-license whole plugin under MPL
It would be nice to develop plugin to simplify etcd maintenance using kubectl, eg.:
should take into spec of this pod,
check if it has
--client-cert-auth
and--cert-file
,--key-file
specified:check volumeMounts contains paths of these files
Download
tls.crt
andtls.key
from a secretGenerate temporary client certificate out of CA
Enable port-forward to this pod or service
Create dynamic etcd client with correct endpoint and certificates
Provide basic comands to maintain etcd: