mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
kube-apiserver: remove flags --identity-lease-duration-seconds and --identity-lease-renew-interval-seconds
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
This commit is contained in:
parent
368f9f949a
commit
02020b20e7
@ -82,9 +82,6 @@ type ServerRunOptions struct {
|
|||||||
MasterCount int
|
MasterCount int
|
||||||
EndpointReconcilerType string
|
EndpointReconcilerType string
|
||||||
|
|
||||||
IdentityLeaseDurationSeconds int
|
|
||||||
IdentityLeaseRenewIntervalSeconds int
|
|
||||||
|
|
||||||
ServiceAccountSigningKeyFile string
|
ServiceAccountSigningKeyFile string
|
||||||
ServiceAccountIssuer serviceaccount.TokenGenerator
|
ServiceAccountIssuer serviceaccount.TokenGenerator
|
||||||
ServiceAccountTokenMaxExpiration time.Duration
|
ServiceAccountTokenMaxExpiration time.Duration
|
||||||
@ -114,8 +111,6 @@ func NewServerRunOptions() *ServerRunOptions {
|
|||||||
EventTTL: 1 * time.Hour,
|
EventTTL: 1 * time.Hour,
|
||||||
MasterCount: 1,
|
MasterCount: 1,
|
||||||
EndpointReconcilerType: string(reconcilers.LeaseEndpointReconcilerType),
|
EndpointReconcilerType: string(reconcilers.LeaseEndpointReconcilerType),
|
||||||
IdentityLeaseDurationSeconds: 3600,
|
|
||||||
IdentityLeaseRenewIntervalSeconds: 10,
|
|
||||||
KubeletConfig: kubeletclient.KubeletClientConfig{
|
KubeletConfig: kubeletclient.KubeletClientConfig{
|
||||||
Port: ports.KubeletPort,
|
Port: ports.KubeletPort,
|
||||||
ReadOnlyPort: ports.KubeletReadOnlyPort,
|
ReadOnlyPort: ports.KubeletReadOnlyPort,
|
||||||
@ -185,12 +180,6 @@ func (s *ServerRunOptions) Flags() (fss cliflag.NamedFlagSets) {
|
|||||||
fs.StringVar(&s.EndpointReconcilerType, "endpoint-reconciler-type", s.EndpointReconcilerType,
|
fs.StringVar(&s.EndpointReconcilerType, "endpoint-reconciler-type", s.EndpointReconcilerType,
|
||||||
"Use an endpoint reconciler ("+strings.Join(reconcilers.AllTypes.Names(), ", ")+") master-count is deprecated, and will be removed in a future version.")
|
"Use an endpoint reconciler ("+strings.Join(reconcilers.AllTypes.Names(), ", ")+") master-count is deprecated, and will be removed in a future version.")
|
||||||
|
|
||||||
fs.IntVar(&s.IdentityLeaseDurationSeconds, "identity-lease-duration-seconds", s.IdentityLeaseDurationSeconds,
|
|
||||||
"The duration of kube-apiserver lease in seconds, must be a positive number. (In use when the APIServerIdentity feature gate is enabled.)")
|
|
||||||
|
|
||||||
fs.IntVar(&s.IdentityLeaseRenewIntervalSeconds, "identity-lease-renew-interval-seconds", s.IdentityLeaseRenewIntervalSeconds,
|
|
||||||
"The interval of kube-apiserver renewing its lease in seconds, must be a positive number. (In use when the APIServerIdentity feature gate is enabled.)")
|
|
||||||
|
|
||||||
// See #14282 for details on how to test/try this option out.
|
// See #14282 for details on how to test/try this option out.
|
||||||
// TODO: remove this comment once this option is tested in CI.
|
// TODO: remove this comment once this option is tested in CI.
|
||||||
fs.IntVar(&s.KubernetesServiceNodePort, "kubernetes-service-node-port", s.KubernetesServiceNodePort, ""+
|
fs.IntVar(&s.KubernetesServiceNodePort, "kubernetes-service-node-port", s.KubernetesServiceNodePort, ""+
|
||||||
|
@ -318,8 +318,6 @@ func TestAddFlags(t *testing.T) {
|
|||||||
Traces: &apiserveroptions.TracingOptions{
|
Traces: &apiserveroptions.TracingOptions{
|
||||||
ConfigFile: "/var/run/kubernetes/tracing_config.yaml",
|
ConfigFile: "/var/run/kubernetes/tracing_config.yaml",
|
||||||
},
|
},
|
||||||
IdentityLeaseDurationSeconds: 3600,
|
|
||||||
IdentityLeaseRenewIntervalSeconds: 10,
|
|
||||||
AggregatorRejectForwardingRedirects: true,
|
AggregatorRejectForwardingRedirects: true,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -142,17 +142,6 @@ func validateAPIPriorityAndFairness(options *ServerRunOptions) []error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func validateAPIServerIdentity(options *ServerRunOptions) []error {
|
|
||||||
var errs []error
|
|
||||||
if options.IdentityLeaseDurationSeconds <= 0 {
|
|
||||||
errs = append(errs, fmt.Errorf("--identity-lease-duration-seconds should be a positive number, but value '%d' provided", options.IdentityLeaseDurationSeconds))
|
|
||||||
}
|
|
||||||
if options.IdentityLeaseRenewIntervalSeconds <= 0 {
|
|
||||||
errs = append(errs, fmt.Errorf("--identity-lease-renew-interval-seconds should be a positive number, but value '%d' provided", options.IdentityLeaseRenewIntervalSeconds))
|
|
||||||
}
|
|
||||||
return errs
|
|
||||||
}
|
|
||||||
|
|
||||||
// Validate checks ServerRunOptions and return a slice of found errs.
|
// Validate checks ServerRunOptions and return a slice of found errs.
|
||||||
func (s *ServerRunOptions) Validate() []error {
|
func (s *ServerRunOptions) Validate() []error {
|
||||||
var errs []error
|
var errs []error
|
||||||
@ -171,7 +160,6 @@ func (s *ServerRunOptions) Validate() []error {
|
|||||||
errs = append(errs, s.APIEnablement.Validate(legacyscheme.Scheme, apiextensionsapiserver.Scheme, aggregatorscheme.Scheme)...)
|
errs = append(errs, s.APIEnablement.Validate(legacyscheme.Scheme, apiextensionsapiserver.Scheme, aggregatorscheme.Scheme)...)
|
||||||
errs = append(errs, validateTokenRequest(s)...)
|
errs = append(errs, validateTokenRequest(s)...)
|
||||||
errs = append(errs, s.Metrics.Validate()...)
|
errs = append(errs, s.Metrics.Validate()...)
|
||||||
errs = append(errs, validateAPIServerIdentity(s)...)
|
|
||||||
|
|
||||||
return errs
|
return errs
|
||||||
}
|
}
|
||||||
|
@ -283,9 +283,6 @@ func CreateKubeAPIServerConfig(s completedServerRunOptions) (
|
|||||||
ExtendExpiration: s.Authentication.ServiceAccounts.ExtendExpiration,
|
ExtendExpiration: s.Authentication.ServiceAccounts.ExtendExpiration,
|
||||||
|
|
||||||
VersionedInformers: versionedInformers,
|
VersionedInformers: versionedInformers,
|
||||||
|
|
||||||
IdentityLeaseDurationSeconds: s.IdentityLeaseDurationSeconds,
|
|
||||||
IdentityLeaseRenewIntervalSeconds: s.IdentityLeaseRenewIntervalSeconds,
|
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -121,6 +121,12 @@ const (
|
|||||||
// 1. the lease is an identity lease (different from leader election leases)
|
// 1. the lease is an identity lease (different from leader election leases)
|
||||||
// 2. which component owns this lease
|
// 2. which component owns this lease
|
||||||
IdentityLeaseComponentLabelKey = "k8s.io/component"
|
IdentityLeaseComponentLabelKey = "k8s.io/component"
|
||||||
|
// identityLeaseDurationSeconds is the duration of kube-apiserver lease in seconds
|
||||||
|
identityLeaseDurationSeconds = 3600
|
||||||
|
// identityLeaseRenewIntervalSeconds is the interval of kube-apiserver renewing its lease in seconds
|
||||||
|
identityLeaseRenewIntervalSeconds = 10
|
||||||
|
// identityLeaseGCPeriod is the interval which the lease GC controller checks for expired leases
|
||||||
|
identityLeaseGCPeriod = 3600 * time.Second
|
||||||
// KubeAPIServer defines variable used internally when referring to kube-apiserver component
|
// KubeAPIServer defines variable used internally when referring to kube-apiserver component
|
||||||
KubeAPIServer = "kube-apiserver"
|
KubeAPIServer = "kube-apiserver"
|
||||||
// KubeAPIServerIdentityLeaseLabelSelector selects kube-apiserver identity leases
|
// KubeAPIServerIdentityLeaseLabelSelector selects kube-apiserver identity leases
|
||||||
@ -193,9 +199,6 @@ type ExtraConfig struct {
|
|||||||
|
|
||||||
VersionedInformers informers.SharedInformerFactory
|
VersionedInformers informers.SharedInformerFactory
|
||||||
|
|
||||||
IdentityLeaseDurationSeconds int
|
|
||||||
IdentityLeaseRenewIntervalSeconds int
|
|
||||||
|
|
||||||
// RepairServicesInterval interval used by the repair loops for
|
// RepairServicesInterval interval used by the repair loops for
|
||||||
// the Services NodePort and ClusterIP resources
|
// the Services NodePort and ClusterIP resources
|
||||||
RepairServicesInterval time.Duration
|
RepairServicesInterval time.Duration
|
||||||
@ -480,9 +483,9 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget)
|
|||||||
clock.RealClock{},
|
clock.RealClock{},
|
||||||
kubeClient,
|
kubeClient,
|
||||||
holderIdentity,
|
holderIdentity,
|
||||||
int32(c.ExtraConfig.IdentityLeaseDurationSeconds),
|
identityLeaseDurationSeconds,
|
||||||
nil,
|
nil,
|
||||||
time.Duration(c.ExtraConfig.IdentityLeaseRenewIntervalSeconds)*time.Second,
|
identityLeaseRenewIntervalSeconds*time.Second,
|
||||||
leaseName,
|
leaseName,
|
||||||
metav1.NamespaceSystem,
|
metav1.NamespaceSystem,
|
||||||
labelAPIServerHeartbeat)
|
labelAPIServerHeartbeat)
|
||||||
@ -496,7 +499,7 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget)
|
|||||||
}
|
}
|
||||||
go apiserverleasegc.NewAPIServerLeaseGC(
|
go apiserverleasegc.NewAPIServerLeaseGC(
|
||||||
kubeClient,
|
kubeClient,
|
||||||
time.Duration(c.ExtraConfig.IdentityLeaseDurationSeconds)*time.Second,
|
identityLeaseGCPeriod,
|
||||||
metav1.NamespaceSystem,
|
metav1.NamespaceSystem,
|
||||||
KubeAPIServerIdentityLeaseLabelSelector,
|
KubeAPIServerIdentityLeaseLabelSelector,
|
||||||
).Run(hookContext.StopCh)
|
).Run(hookContext.StopCh)
|
||||||
|
Loading…
Reference in New Issue
Block a user