From b6c874967386086ce52c6302c4a9ebc1b698efb0 Mon Sep 17 00:00:00 2001
From: Yang Le <yangle@redhat.com>
Date: Tue, 7 Nov 2023 15:36:08 +0800
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20fix=20the=20wrong=20apiserver=20?=
 =?UTF-8?q?endpoint=20in=20hosted=20mode?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Yang Le <yangle@redhat.com>
---
 pkg/cmd/join/cmd.go     |  3 +++
 pkg/cmd/join/exec.go    | 49 +++++++++++++++++++++++++++++++++++++----
 pkg/cmd/join/options.go |  7 +++++-
 3 files changed, 54 insertions(+), 5 deletions(-)

diff --git a/pkg/cmd/join/cmd.go b/pkg/cmd/join/cmd.go
index 3df4546b5..9ff42326c 100644
--- a/pkg/cmd/join/cmd.go
+++ b/pkg/cmd/join/cmd.go
@@ -59,6 +59,9 @@ func NewCmd(clusteradmFlags *genericclioptionsclusteradm.ClusteradmFlags, stream
 	cmd.Flags().BoolVar(&o.forceHubInClusterEndpointLookup, "force-internal-endpoint-lookup", false,
 		"If true, the installed klusterlet agent will be starting the cluster registration process by "+
 			"looking for the internal endpoint from the public cluster-info in the hub cluster instead of from --hub-apiserver.")
+	cmd.Flags().BoolVar(&o.forceManagedInClusterEndpointLookup, "force-internal-endpoint-lookup-managed", false,
+		"If true, the klusterlet accesses the managed cluster by using the internal endpoint from the public cluster-info"+
+			" in the managed cluster instead of from --managed-cluster-kubeconfig directly.")
 	cmd.Flags().BoolVar(&o.wait, "wait", false, "If true, running the cluster registration in foreground.")
 	cmd.Flags().StringVarP(&o.mode, "mode", "m", "default", "mode to deploy klusterlet, can be default or hosted")
 	cmd.Flags().StringVar(&o.managedKubeconfigFile, "managed-cluster-kubeconfig", "", "To specify the directory to external managed cluster kubeconfig in hosted mode")
diff --git a/pkg/cmd/join/exec.go b/pkg/cmd/join/exec.go
index ca15f0c08..948a08640 100644
--- a/pkg/cmd/join/exec.go
+++ b/pkg/cmd/join/exec.go
@@ -20,6 +20,7 @@ import (
 	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
+	"k8s.io/client-go/tools/clientcmd"
 	clientcmdapiv1 "k8s.io/client-go/tools/clientcmd/api/v1"
 	"k8s.io/klog/v2"
 	"k8s.io/kubectl/pkg/cmd/util"
@@ -174,11 +175,25 @@ func (o *Options) complete(cmd *cobra.Command, args []string) (err error) {
 	}
 
 	// get managed cluster externalServerURL
-	kubeClient, err := o.ClusteradmFlags.KubectlFactory.KubernetesClientSet()
-	if err != nil {
-		klog.Errorf("Failed building kube client: %v", err)
-		return err
+	var kubeClient *kubernetes.Clientset
+	switch o.mode {
+	case string(operatorv1.InstallModeHosted):
+		restConfig, err := clientcmd.BuildConfigFromFlags("", o.managedKubeconfigFile)
+		if err != nil {
+			return err
+		}
+		kubeClient, err = kubernetes.NewForConfig(restConfig)
+		if err != nil {
+			return err
+		}
+	default:
+		kubeClient, err = o.ClusteradmFlags.KubectlFactory.KubernetesClientSet()
+		if err != nil {
+			klog.Errorf("Failed building kube client: %v", err)
+			return err
+		}
 	}
+
 	klusterletApiserver, err := helpers.GetAPIServer(kubeClient)
 	if err != nil {
 		klog.Warningf("Failed looking for cluster endpoint for the registering klusterlet: %v", err)
@@ -230,6 +245,32 @@ func (o *Options) validate() error {
 		if err != nil {
 			return err
 		}
+
+		// replace the server address with the internal endpoint
+		if o.forceManagedInClusterEndpointLookup {
+			config := &clientcmdapiv1.Config{}
+			err = yaml.Unmarshal(managedConfig, config)
+			if err != nil {
+				return err
+			}
+			restConfig, err := clientcmd.BuildConfigFromFlags("", o.managedKubeconfigFile)
+			if err != nil {
+				return err
+			}
+			kubeClient, err := kubernetes.NewForConfig(restConfig)
+			if err != nil {
+				return err
+			}
+			inClusterEndpoint, err := helpers.GetAPIServer(kubeClient)
+			if err != nil {
+				return err
+			}
+			config.Clusters[0].Cluster.Server = inClusterEndpoint
+			managedConfig, err = yaml.Marshal(config)
+			if err != nil {
+				return err
+			}
+		}
 		o.values.ManagedKubeconfig = base64.StdEncoding.EncodeToString(managedConfig)
 	}
 
diff --git a/pkg/cmd/join/options.go b/pkg/cmd/join/options.go
index c342629c1..e6611c41f 100644
--- a/pkg/cmd/join/options.go
+++ b/pkg/cmd/join/options.go
@@ -44,7 +44,12 @@ type Options struct {
 	// the external endpoint from --hub-apiserver instead of looking for the internal
 	// endpoint from the public cluster-info.
 	forceHubInClusterEndpointLookup bool
-	hubInClusterEndpoint            string
+	// By default, the klusterlet running in the hosting cluster will access the managed
+	// cluster registered in the hosted mode by using the external endpoint from
+	// --managed-cluster-kubeconfig instead of looking for the internal endpoint from the
+	// public cluster-info.
+	forceManagedInClusterEndpointLookup bool
+	hubInClusterEndpoint                string
 
 	//Values below are tempoary data
 	//HubCADate: data in hub ca file