From bd291e2cc87c0500a0cd61548d3c085bc62b652e Mon Sep 17 00:00:00 2001
From: pixiake <guotongxue123@163.com>
Date: Fri, 15 May 2020 15:48:07 +0800
Subject: [PATCH] add checksum

---
 pkg/apis/kubekey/v1alpha1/default.go |   8 +-
 pkg/cluster/kubernetes/master.go     |  10 ---
 pkg/cluster/kubernetes/nodes.go      |  20 +++--
 pkg/cluster/preinstall/preinstall.go | 105 ++++++++++++---------------
 pkg/files/file.go                    |  59 +++++++++++++++
 pkg/install/install.go               |   3 +-
 pkg/kubesphere/kubesphere.go         |   3 +-
 7 files changed, 121 insertions(+), 87 deletions(-)
 create mode 100644 pkg/files/file.go

diff --git a/pkg/apis/kubekey/v1alpha1/default.go b/pkg/apis/kubekey/v1alpha1/default.go
index a45863a7..133d45a3 100644
--- a/pkg/apis/kubekey/v1alpha1/default.go
+++ b/pkg/apis/kubekey/v1alpha1/default.go
@@ -13,18 +13,18 @@ const (
 	DefaultNetworkPlugin  = "calico"
 	DefaultPodsCIDR       = "10.233.64.0/18"
 	DefaultServiceCIDR    = "10.233.0.0/18"
-	DefaultKubeImageRepo  = "kubekey"
+	DefaultKubeImageRepo  = "kubesphere"
 	DefaultClusterName    = "cluster.local"
 	DefaultArch           = "amd64"
 	DefaultHostName       = "allinone"
 	DefaultEtcdRepo       = "kubesphere"
 	DefaultEtcdVersion    = "v3.3.12"
 	DefaultEtcdPort       = "2379"
-	DefaultKubeVersion    = "v1.17.4"
+	DefaultKubeVersion    = "v1.17.5"
 	DefaultCalicoVersion  = "v3.13.0"
 	DefaultFlannelVersion = "v0.11.0"
-	DefaultCniVersion     = "v0.8.2"
-	DefaultHelmVersion    = "v3.1.2"
+	DefaultCniVersion     = "v0.8.6"
+	DefaultHelmVersion    = "v3.2.1"
 	ETCDRole              = "etcd"
 	MasterRole            = "master"
 	WorkerRole            = "worker"
diff --git a/pkg/cluster/kubernetes/master.go b/pkg/cluster/kubernetes/master.go
index 3419db51..17dcc736 100644
--- a/pkg/cluster/kubernetes/master.go
+++ b/pkg/cluster/kubernetes/master.go
@@ -17,10 +17,6 @@ import (
 )
 
 var (
-	//joinMasterCmd = ""
-	//joinWorkerCmd = ""
-	//clusterInfo   = ""
-	//kubeConfig    = ""
 	clusterIsExist = false
 	clusterStatus  = map[string]string{
 		"version":       "",
@@ -147,12 +143,6 @@ func addWorkerLabel(mgr *manager.Manager, node *kubekeyapi.HostCfg) error {
 	return nil
 }
 
-//func GetJoinNodesCmd(mgr *manager.Manager) error {
-//	mgr.Logger.Infoln("Get join nodes cmd")
-//
-//	return mgr.RunTaskOnClientNode(getJoinNodesCmd, false)
-//}
-
 func getJoinNodesCmd(mgr *manager.Manager) error {
 	if err := getJoinCmd(mgr); err != nil {
 		return err
diff --git a/pkg/cluster/kubernetes/nodes.go b/pkg/cluster/kubernetes/nodes.go
index 5000f6ec..430d7667 100644
--- a/pkg/cluster/kubernetes/nodes.go
+++ b/pkg/cluster/kubernetes/nodes.go
@@ -19,33 +19,30 @@ func SyncKubeBinaries(mgr *manager.Manager) error {
 }
 
 func syncKubeBinaries(mgr *manager.Manager, node *kubekeyapi.HostCfg, conn ssh.Connection) error {
-	output, _ := mgr.Runner.RunCmd("/usr/local/bin/kubelet --version")
-	if !strings.Contains(output, mgr.Cluster.Kubernetes.Version) {
+	if !strings.Contains(clusterStatus["clusterInfo"], node.Name) && !strings.Contains(clusterStatus["clusterInfo"], node.InternalAddress) {
 
 		currentDir, err1 := filepath.Abs(filepath.Dir(os.Args[0]))
 		if err1 != nil {
 			return errors.Wrap(err1, "Failed to get current dir")
 		}
 
-		filepath := fmt.Sprintf("%s/%s", currentDir, kubekeyapi.DefaultPreDir)
+		filepath := fmt.Sprintf("%s/%s/%s", currentDir, kubekeyapi.DefaultPreDir, mgr.Cluster.Kubernetes.Version)
 
-		kubeadm := fmt.Sprintf("kubeadm-%s", mgr.Cluster.Kubernetes.Version)
-		kubelet := fmt.Sprintf("kubelet-%s", mgr.Cluster.Kubernetes.Version)
-		kubectl := fmt.Sprintf("kubectl-%s", mgr.Cluster.Kubernetes.Version)
-		helm := fmt.Sprintf("helm-%s", kubekeyapi.DefaultHelmVersion)
+		kubeadm := fmt.Sprintf("kubeadm")
+		kubelet := fmt.Sprintf("kubelet")
+		kubectl := fmt.Sprintf("kubectl")
+		helm := fmt.Sprintf("helm")
 		kubecni := fmt.Sprintf("cni-plugins-linux-%s-%s.tgz", kubekeyapi.DefaultArch, kubekeyapi.DefaultCniVersion)
 		binaryList := []string{kubeadm, kubelet, kubectl, helm, kubecni}
 
+		cmdlist := []string{}
+
 		for _, binary := range binaryList {
 			err2 := mgr.Runner.ScpFile(fmt.Sprintf("%s/%s", filepath, binary), fmt.Sprintf("%s/%s", "/tmp/kubekey", binary))
 			if err2 != nil {
 				return errors.Wrap(errors.WithStack(err2), fmt.Sprintf("Failed to sync binaries"))
 			}
-		}
 
-		cmdlist := []string{}
-
-		for _, binary := range binaryList {
 			if strings.Contains(binary, "cni-plugins-linux") {
 				cmdlist = append(cmdlist, fmt.Sprintf("mkdir -p /opt/cni/bin && tar -zxf %s/%s -C /opt/cni/bin", "/tmp/kubekey", binary))
 			} else {
@@ -66,6 +63,7 @@ func syncKubeBinaries(mgr *manager.Manager, node *kubekeyapi.HostCfg, conn ssh.C
 }
 
 func setKubelet(mgr *manager.Manager) error {
+
 	kubeletService, err1 := tmpl.GenerateKubeletService(mgr.Cluster)
 	if err1 != nil {
 		return err1
diff --git a/pkg/cluster/preinstall/preinstall.go b/pkg/cluster/preinstall/preinstall.go
index 445c6553..1cc23379 100644
--- a/pkg/cluster/preinstall/preinstall.go
+++ b/pkg/cluster/preinstall/preinstall.go
@@ -3,77 +3,59 @@ package preinstall
 import (
 	"fmt"
 	kubekeyapi "github.com/kubesphere/kubekey/pkg/apis/kubekey/v1alpha1"
+	"github.com/kubesphere/kubekey/pkg/files"
 	"github.com/kubesphere/kubekey/pkg/util"
 	"github.com/pkg/errors"
 	log "github.com/sirupsen/logrus"
 	"os"
 	"os/exec"
 	"path/filepath"
+	"strings"
 )
 
-func FilesDownloadHttp(cfg *kubekeyapi.K2ClusterSpec, filepath string, logger *log.Logger) error {
-	var kubeVersion string
-	if cfg.Kubernetes.Version == "" {
-		kubeVersion = kubekeyapi.DefaultKubeVersion
-	} else {
-		kubeVersion = cfg.Kubernetes.Version
-	}
+func FilesDownloadHttp(cfg *kubekeyapi.K2ClusterSpec, filepath, version string, logger *log.Logger) error {
 
-	kubeadmUrl := fmt.Sprintf("https://kubernetes-release.pek3b.qingstor.com/release/%s/bin/linux/%s/kubeadm", kubeVersion, kubekeyapi.DefaultArch)
-	kubeletUrl := fmt.Sprintf("https://kubernetes-release.pek3b.qingstor.com/release/%s/bin/linux/%s/kubelet", kubeVersion, kubekeyapi.DefaultArch)
-	kubectlUrl := fmt.Sprintf("https://kubernetes-release.pek3b.qingstor.com/release/%s/bin/linux/%s/kubectl", kubeVersion, kubekeyapi.DefaultArch)
-	kubeCniUrl := fmt.Sprintf("https://containernetworking.pek3b.qingstor.com/plugins/releases/download/%s/cni-plugins-linux-%s-%s.tgz", kubekeyapi.DefaultCniVersion, kubekeyapi.DefaultArch, kubekeyapi.DefaultCniVersion)
-	HelmUrl := fmt.Sprintf("https://kubernetes-helm.pek3b.qingstor.com/linux-amd64/%s/helm", kubekeyapi.DefaultHelmVersion)
+	kubeadm := files.KubeBinary{Name: "kubeadm", Arch: kubekeyapi.DefaultArch, Version: version}
+	kubelet := files.KubeBinary{Name: "kubelet", Arch: kubekeyapi.DefaultArch, Version: version}
+	kubectl := files.KubeBinary{Name: "kubectl", Arch: kubekeyapi.DefaultArch, Version: version}
+	kubecni := files.KubeBinary{Name: "kubecni", Arch: kubekeyapi.DefaultArch, Version: kubekeyapi.DefaultCniVersion}
+	helm := files.KubeBinary{Name: "helm", Arch: kubekeyapi.DefaultArch, Version: kubekeyapi.DefaultHelmVersion}
 
-	kubeadm := fmt.Sprintf("%s/kubeadm-%s", filepath, kubeVersion)
-	kubelet := fmt.Sprintf("%s/kubelet-%s", filepath, kubeVersion)
-	kubectl := fmt.Sprintf("%s/kubectl-%s", filepath, kubeVersion)
-	kubeCni := fmt.Sprintf("%s/cni-plugins-linux-%s-%s.tgz", filepath, kubekeyapi.DefaultArch, kubekeyapi.DefaultCniVersion)
-	helm := fmt.Sprintf("%s/helm-%s", filepath, kubekeyapi.DefaultHelmVersion)
+	kubeadm.Url = fmt.Sprintf("https://kubernetes-release.pek3b.qingstor.com/release/%s/bin/linux/%s/kubeadm", kubeadm.Version, kubeadm.Arch)
+	kubelet.Url = fmt.Sprintf("https://kubernetes-release.pek3b.qingstor.com/release/%s/bin/linux/%s/kubelet", kubelet.Version, kubelet.Arch)
+	kubectl.Url = fmt.Sprintf("https://kubernetes-release.pek3b.qingstor.com/release/%s/bin/linux/%s/kubectl", kubectl.Version, kubectl.Arch)
+	kubecni.Url = fmt.Sprintf("https://containernetworking.pek3b.qingstor.com/plugins/releases/download/%s/cni-plugins-linux-%s-%s.tgz", kubecni.Version, kubecni.Arch, kubecni.Version)
+	helm.Url = fmt.Sprintf("https://kubernetes-helm.pek3b.qingstor.com/linux-%s/%s/helm", helm.Arch, helm.Version)
 
-	getKubeadmCmd := fmt.Sprintf("curl -o %s  %s", kubeadm, kubeadmUrl)
-	getKubeletCmd := fmt.Sprintf("curl -o %s  %s", kubelet, kubeletUrl)
-	getKubectlCmd := fmt.Sprintf("curl -o %s  %s", kubectl, kubectlUrl)
-	getKubeCniCmd := fmt.Sprintf("curl -o %s  %s", kubeCni, kubeCniUrl)
-	getHelmCmd := fmt.Sprintf("curl -o %s  %s", helm, HelmUrl)
+	kubeadm.Path = fmt.Sprintf("%s/kubeadm", filepath)
+	kubelet.Path = fmt.Sprintf("%s/kubelet", filepath)
+	kubectl.Path = fmt.Sprintf("%s/kubectl", filepath)
+	kubecni.Path = fmt.Sprintf("%s/cni-plugins-linux-%s-%s.tgz", filepath, kubekeyapi.DefaultArch, kubekeyapi.DefaultCniVersion)
+	helm.Path = fmt.Sprintf("%s/helm", filepath)
 
-	logger.Info("Downloading Kubeadm ...")
-	if util.IsExist(kubeadm) == false {
-		if out, err := exec.Command("/bin/sh", "-c", getKubeadmCmd).CombinedOutput(); err != nil {
-			fmt.Println(string(out))
-			return errors.Wrap(err, "Failed to download kubeadm binary")
-		}
-	}
+	kubeadm.GetCmd = fmt.Sprintf("curl -o %s  %s", kubeadm.Path, kubeadm.Url)
+	kubelet.GetCmd = fmt.Sprintf("curl -o %s  %s", kubelet.Path, kubelet.Url)
+	kubectl.GetCmd = fmt.Sprintf("curl -o %s  %s", kubectl.Path, kubectl.Url)
+	kubecni.GetCmd = fmt.Sprintf("curl -o %s  %s", kubecni.Path, kubecni.Url)
+	helm.GetCmd = fmt.Sprintf("curl -o %s  %s", helm.Path, helm.Url)
 
-	logger.Info("Downloading Kubelet ...")
-	if util.IsExist(kubelet) == false {
-		if out, err := exec.Command("/bin/sh", "-c", getKubeletCmd).CombinedOutput(); err != nil {
-			fmt.Println(string(out))
-			return errors.Wrap(err, "Failed to download kubelet binary")
-		}
-	}
+	binaries := []files.KubeBinary{kubeadm, kubelet, kubectl, kubecni, helm}
 
-	logger.Info("Downloading Kubectl ...")
-	if util.IsExist(kubectl) == false {
-		if out, err := exec.Command("/bin/sh", "-c", getKubectlCmd).CombinedOutput(); err != nil {
-			fmt.Println(string(out))
-			return errors.Wrap(err, "Failed to download kubectl binary")
-		}
-	}
+	for _, binary := range binaries {
+		logger.Info(fmt.Sprintf("Downloading %s ...", binary.Name))
+		if util.IsExist(binary.Path) == false {
+			if out, err := exec.Command("/bin/sh", "-c", binary.GetCmd).CombinedOutput(); err != nil {
+				fmt.Println(string(out))
+				return errors.Wrap(err, "Failed to download kubeadm binary")
+			}
 
-	logger.Info("Downloading KubeCni ...")
-	if util.IsExist(kubeCni) == false {
-		if out, err := exec.Command("/bin/sh", "-c", getKubeCniCmd).CombinedOutput(); err != nil {
-			fmt.Println(string(out))
-			return errors.Wrap(err, "Faild to download kubecni")
-		}
-	}
-
-	logger.Info("Downloading Helm ...")
-	if util.IsExist(helm) == false {
-		if out, err := exec.Command("/bin/sh", "-c", getHelmCmd).CombinedOutput(); err != nil {
-			fmt.Println(string(out))
-			return errors.Wrap(err, "Failed to download helm binary")
+			out, err := exec.Command("/bin/sh", "-c", fmt.Sprintf("sha256sum %s", binary.Path)).CombinedOutput()
+			if err != nil {
+				return errors.Wrap(err, fmt.Sprintf("Failed to check SHA256 of %s", binary.Path))
+			}
+			if !strings.Contains(strings.TrimSpace(string(out)), binary.GetSha256()) {
+				return errors.New(fmt.Sprintf("SHA256 no match. %s not in %s", binary.GetSha256(), strings.TrimSpace(string(out))))
+			}
 		}
 	}
 
@@ -88,12 +70,19 @@ func Prepare(cfg *kubekeyapi.K2ClusterSpec, logger *log.Logger) error {
 		return errors.Wrap(err, "Faild to get current dir")
 	}
 
-	filepath := fmt.Sprintf("%s/%s", currentDir, kubekeyapi.DefaultPreDir)
+	var kubeVersion string
+	if cfg.Kubernetes.Version == "" {
+		kubeVersion = kubekeyapi.DefaultKubeVersion
+	} else {
+		kubeVersion = cfg.Kubernetes.Version
+	}
+
+	filepath := fmt.Sprintf("%s/%s/%s", currentDir, kubekeyapi.DefaultPreDir, kubeVersion)
 	if err := util.CreateDir(filepath); err != nil {
 		return errors.Wrap(err, "Failed to create download target dir")
 	}
 
-	if err := FilesDownloadHttp(cfg, filepath, logger); err != nil {
+	if err := FilesDownloadHttp(cfg, filepath, kubeVersion, logger); err != nil {
 		return err
 	}
 	return nil
diff --git a/pkg/files/file.go b/pkg/files/file.go
new file mode 100644
index 00000000..5c71d8fc
--- /dev/null
+++ b/pkg/files/file.go
@@ -0,0 +1,59 @@
+package files
+
+const (
+	kubeadm = "kubeadm"
+	kubelet = "kubelet"
+	kubectl = "kubectl"
+	kubecni = "kubecni"
+	helm    = "helm"
+	amd64   = "amd64"
+	arm64   = "arm64"
+)
+
+type KubeBinary struct {
+	Name    string
+	Arch    string
+	Version string
+	Url     string
+	Path    string
+	GetCmd  string
+}
+
+var (
+	fileSha256 = map[string]map[string]map[string]string{
+		kubeadm: {
+			amd64: {
+				"v1.17.4": "3cdcffcf8a1660241a045cfdfed3ebbf7f7c6a0840f008e2b049b533bca5bb8c",
+				"v1.17.5": "9bd2fd1118b3d07d12e2a806c04bf34d99e79886c5318ddc003ba38f30da390c",
+			},
+		},
+		kubelet: {
+			amd64: {
+				"v1.17.4": "f3a427ddf610b568db60c8d47565041901220e1bbe257614b61bb4c76801d765",
+				"v1.17.5": "c5fbfa83444bdeefb51934c29f0b4b7ffc43ce5a98d7f957d8a11e3440055383",
+			},
+		},
+		kubectl: {
+			amd64: {
+				"v1.17.4": "465b2d2bd7512b173860c6907d8127ee76a19a385aa7865608e57a5eebe23597",
+				"v1.17.5": "03cd1fa19f90d38005148793efdb17a9b58d01dedea641a8496b9cf228db3ab4",
+			},
+		},
+		helm: {
+			amd64: {
+				"v3.2.1": "98c57f2b86493dd36ebaab98990e6d5117510f5efbf21c3344c3bdc91a4f947c",
+			},
+		},
+		kubecni: {
+			amd64: {
+				"v0.8.2": "21283754ffb953329388b5a3c52cef7d656d535292bda2d86fcdda604b482f85",
+				"v0.8.6": "994fbfcdbb2eedcfa87e48d8edb9bb365f4e2747a7e47658482556c12fd9b2f5",
+			},
+		},
+	}
+)
+
+func (binary *KubeBinary) GetSha256() string {
+	sha256 := fileSha256[binary.Name][binary.Arch][binary.Version]
+	return sha256
+}
diff --git a/pkg/install/install.go b/pkg/install/install.go
index 0f7a39a8..7b01ce44 100644
--- a/pkg/install/install.go
+++ b/pkg/install/install.go
@@ -33,13 +33,12 @@ func ExecTasks(mgr *manager.Manager) error {
 	createTasks := []manager.Task{
 		{Task: preinstall.InitOS, ErrMsg: "Failed to download kube binaries"},
 		{Task: docker.InstallerDocker, ErrMsg: "Failed to install docker"},
-		{Task: kubernetes.SyncKubeBinaries, ErrMsg: "Failed to sync kube binaries"},
 		{Task: images.PreDownloadImages, ErrMsg: "Failed to pre-download images"},
 		{Task: etcd.GenerateEtcdCerts, ErrMsg: "Failed to generate etcd certs"},
 		{Task: etcd.SyncEtcdCertsToMaster, ErrMsg: "Failed to sync etcd certs"},
 		{Task: etcd.GenerateEtcdService, ErrMsg: "Failed to start etcd cluster"},
 		{Task: kubernetes.GetClusterStatus, ErrMsg: "Failed to get cluster status"},
-		//{Task: kubernetes.ConfigureKubeletService, ErrMsg: "Failed to sync kube binaries"},
+		{Task: kubernetes.SyncKubeBinaries, ErrMsg: "Failed to sync kube binaries"},
 		{Task: kubernetes.InitKubernetesCluster, ErrMsg: "Failed to init kubernetes cluster"},
 		{Task: network.DeployNetworkPlugin, ErrMsg: "Failed to deploy network plugin"},
 		//{Task: kubernetes.GetJoinNodesCmd, ErrMsg: "Failed to get join cmd"},
diff --git a/pkg/kubesphere/kubesphere.go b/pkg/kubesphere/kubesphere.go
index 308a4f3a..72bd21b9 100644
--- a/pkg/kubesphere/kubesphere.go
+++ b/pkg/kubesphere/kubesphere.go
@@ -55,9 +55,8 @@ func CheckKubeSphereStatus(mgr *manager.Manager) {
 		time.Sleep(10 * time.Second)
 		_, err := mgr.Runner.RunCmd("/usr/local/bin/kubectl exec -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') ls kubesphere/playbooks/kubesphere_running")
 		if err == nil {
-			out, err := mgr.Runner.RunCmd("/usr/local/bin/kubectl exec -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') cat kubesphere/playbooks/kubesphere_running")
+			_, err := mgr.Runner.RunCmd("/usr/local/bin/kubectl exec -n kubesphere-system $(kubectl get pod -n kubesphere-system -l app=ks-install -o jsonpath='{.items[0].metadata.name}') cat kubesphere/playbooks/kubesphere_running")
 			if err == nil {
-				fmt.Println(out)
 				break
 			}
 		}