From a4574bbb042402974a0269651ca42bc9e8137c72 Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Wed, 4 Oct 2017 12:03:13 -0400 Subject: [PATCH 1/8] Make sure pkg/controller/service does not depend on cmd/kubeadm/app --- cmd/kubeadm/app/constants/BUILD | 1 + cmd/kubeadm/app/constants/constants.go | 8 ++------ pkg/controller/service/BUILD | 1 - pkg/controller/service/service_controller.go | 13 ++++++++++--- 4 files changed, 13 insertions(+), 10 deletions(-) diff --git a/cmd/kubeadm/app/constants/BUILD b/cmd/kubeadm/app/constants/BUILD index 1e7597d46fa..4176128bb49 100644 --- a/cmd/kubeadm/app/constants/BUILD +++ b/cmd/kubeadm/app/constants/BUILD @@ -10,6 +10,7 @@ go_library( name = "go_default_library", srcs = ["constants.go"], deps = [ + "//pkg/controller/service:go_default_library", "//pkg/util/version:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", ], diff --git a/cmd/kubeadm/app/constants/constants.go b/cmd/kubeadm/app/constants/constants.go index 5e947811999..6ffa35ad0e9 100644 --- a/cmd/kubeadm/app/constants/constants.go +++ b/cmd/kubeadm/app/constants/constants.go @@ -24,6 +24,7 @@ import ( "time" "k8s.io/api/core/v1" + "k8s.io/kubernetes/pkg/controller/service" "k8s.io/kubernetes/pkg/util/version" ) @@ -131,12 +132,7 @@ const ( DefaultTokenDuration = 24 * time.Hour // LabelNodeRoleMaster specifies that a node is a master - // It's copied over to kubeadm until it's merged in core: https://github.com/kubernetes/kubernetes/pull/39112 - LabelNodeRoleMaster = "node-role.kubernetes.io/master" - - // LabelNodeRoleExcludeBalancer specifies that the node should be - // exclude from load balancers created by a cloud provider. - LabelNodeRoleExcludeBalancer = "alpha.node-role.kubernetes.io/exclude-balancer" + LabelNodeRoleMaster = service.LabelNodeRoleMaster // MasterConfigurationConfigMap specifies in what ConfigMap in the kube-system namespace the `kubeadm init` configuration should be stored MasterConfigurationConfigMap = "kubeadm-config" diff --git a/pkg/controller/service/BUILD b/pkg/controller/service/BUILD index 43d3495d439..4a0d2f17a19 100644 --- a/pkg/controller/service/BUILD +++ b/pkg/controller/service/BUILD @@ -13,7 +13,6 @@ go_library( "service_controller.go", ], deps = [ - "//cmd/kubeadm/app/constants:go_default_library", "//pkg/api/v1/helper:go_default_library", "//pkg/cloudprovider:go_default_library", "//pkg/controller:go_default_library", diff --git a/pkg/controller/service/service_controller.go b/pkg/controller/service/service_controller.go index b0429bad605..569d409d69c 100644 --- a/pkg/controller/service/service_controller.go +++ b/pkg/controller/service/service_controller.go @@ -37,7 +37,6 @@ import ( "k8s.io/client-go/tools/cache" "k8s.io/client-go/tools/record" "k8s.io/client-go/util/workqueue" - "k8s.io/kubernetes/cmd/kubeadm/app/constants" v1helper "k8s.io/kubernetes/pkg/api/v1/helper" "k8s.io/kubernetes/pkg/cloudprovider" "k8s.io/kubernetes/pkg/controller" @@ -63,6 +62,14 @@ const ( notRetryable = false doNotRetry = time.Duration(0) + + // LabelNodeRoleMaster specifies that a node is a master + // It's copied over to kubeadm until it's merged in core: https://github.com/kubernetes/kubernetes/pull/39112 + LabelNodeRoleMaster = "node-role.kubernetes.io/master" + + // LabelNodeRoleExcludeBalancer specifies that the node should be + // exclude from load balancers created by a cloud provider. + LabelNodeRoleExcludeBalancer = "node.role.kubernetes.io/exclude-balancer" ) type cachedService struct { @@ -595,11 +602,11 @@ func getNodeConditionPredicate() corelisters.NodeConditionPredicate { // As of 1.6, we will taint the master, but not necessarily mark it unschedulable. // Recognize nodes labeled as master, and filter them also, as we were doing previously. - if _, hasMasterRoleLabel := node.Labels[constants.LabelNodeRoleMaster]; hasMasterRoleLabel { + if _, hasMasterRoleLabel := node.Labels[LabelNodeRoleMaster]; hasMasterRoleLabel { return false } - if _, hasExcludeBalancerLabel := node.Labels[constants.LabelNodeRoleExcludeBalancer]; hasExcludeBalancerLabel { + if _, hasExcludeBalancerLabel := node.Labels[LabelNodeRoleExcludeBalancer]; hasExcludeBalancerLabel { return false } From 26b11474ca1fa5a7e449ed655342c14365668b31 Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Wed, 4 Oct 2017 12:26:29 -0400 Subject: [PATCH 2/8] Remove cmd/kubeadm from pkg/controller --- cmd/kube-apiserver/app/options/options.go | 5 +--- .../app/options/options_test.go | 2 +- pkg/kubeapiserver/options/BUILD | 1 + pkg/kubeapiserver/options/options.go | 24 +++++++++++++++++++ pkg/master/BUILD | 2 +- pkg/master/master.go | 4 ++-- 6 files changed, 30 insertions(+), 8 deletions(-) create mode 100644 pkg/kubeapiserver/options/options.go diff --git a/cmd/kube-apiserver/app/options/options.go b/cmd/kube-apiserver/app/options/options.go index 785ac3ca91c..727edd15edf 100644 --- a/cmd/kube-apiserver/app/options/options.go +++ b/cmd/kube-apiserver/app/options/options.go @@ -38,9 +38,6 @@ import ( "github.com/spf13/pflag" ) -// DefaultServiceNodePortRange is the default port range for NodePort services. -var DefaultServiceNodePortRange = utilnet.PortRange{Base: 30000, Size: 2768} - // ServerRunOptions runs a kubernetes api server. type ServerRunOptions struct { GenericServerRunOptions *genericoptions.ServerRunOptions @@ -114,7 +111,7 @@ func NewServerRunOptions() *ServerRunOptions { EnableHttps: true, HTTPTimeout: time.Duration(5) * time.Second, }, - ServiceNodePortRange: DefaultServiceNodePortRange, + ServiceNodePortRange: kubeoptions.DefaultServiceNodePortRange, } // Overwrite the default for storage data format. s.Etcd.DefaultStorageMediaType = "application/vnd.kubernetes.protobuf" diff --git a/cmd/kube-apiserver/app/options/options_test.go b/cmd/kube-apiserver/app/options/options_test.go index e594e0e84b2..59320114c2d 100644 --- a/cmd/kube-apiserver/app/options/options_test.go +++ b/cmd/kube-apiserver/app/options/options_test.go @@ -90,7 +90,7 @@ func TestAddFlags(t *testing.T) { // This is a snapshot of expected options parsed by args. expected := &ServerRunOptions{ - ServiceNodePortRange: DefaultServiceNodePortRange, + ServiceNodePortRange: kubeoptions.DefaultServiceNodePortRange, MasterCount: 5, EndpointReconcilerType: string(reconcilers.MasterCountReconcilerType), AllowPrivileged: false, diff --git a/pkg/kubeapiserver/options/BUILD b/pkg/kubeapiserver/options/BUILD index 83d1a3793bf..d337d2fab6f 100644 --- a/pkg/kubeapiserver/options/BUILD +++ b/pkg/kubeapiserver/options/BUILD @@ -13,6 +13,7 @@ go_library( "authentication.go", "authorization.go", "cloudprovider.go", + "options.go", "serving.go", "storage_versions.go", ], diff --git a/pkg/kubeapiserver/options/options.go b/pkg/kubeapiserver/options/options.go new file mode 100644 index 00000000000..acc1c91f9f2 --- /dev/null +++ b/pkg/kubeapiserver/options/options.go @@ -0,0 +1,24 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package options + +import ( + utilnet "k8s.io/apimachinery/pkg/util/net" +) + +// DefaultServiceNodePortRange is the default port range for NodePort services. +var DefaultServiceNodePortRange = utilnet.PortRange{Base: 30000, Size: 2768} diff --git a/pkg/master/BUILD b/pkg/master/BUILD index d700f117f7f..8ca5d681518 100644 --- a/pkg/master/BUILD +++ b/pkg/master/BUILD @@ -17,7 +17,6 @@ go_library( "services.go", ], deps = [ - "//cmd/kube-apiserver/app/options:go_default_library", "//pkg/api:go_default_library", "//pkg/api/install:go_default_library", "//pkg/apis/admission/install:go_default_library", @@ -38,6 +37,7 @@ go_library( "//pkg/apis/settings/install:go_default_library", "//pkg/apis/storage/install:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/core/internalversion:go_default_library", + "//pkg/kubeapiserver/options:go_default_library", "//pkg/kubelet/client:go_default_library", "//pkg/master/reconcilers:go_default_library", "//pkg/master/tunneler:go_default_library", diff --git a/pkg/master/master.go b/pkg/master/master.go index 6e3dfe248c4..b5a559dfd05 100644 --- a/pkg/master/master.go +++ b/pkg/master/master.go @@ -53,10 +53,10 @@ import ( serverstorage "k8s.io/apiserver/pkg/server/storage" storagefactory "k8s.io/apiserver/pkg/storage/storagebackend/factory" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" - "k8s.io/kubernetes/cmd/kube-apiserver/app/options" "k8s.io/kubernetes/pkg/api" kapi "k8s.io/kubernetes/pkg/api" coreclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion" + kubeoptions "k8s.io/kubernetes/pkg/kubeapiserver/options" kubeletclient "k8s.io/kubernetes/pkg/kubelet/client" "k8s.io/kubernetes/pkg/master/reconcilers" "k8s.io/kubernetes/pkg/master/tunneler" @@ -265,7 +265,7 @@ func (cfg *Config) Complete(informers informers.SharedInformerFactory) Completed // We should probably allow this for clouds that don't require NodePort to do load-balancing (GCE) // but then that breaks the strict nestedness of ServiceType. // Review post-v1 - c.ExtraConfig.ServiceNodePortRange = options.DefaultServiceNodePortRange + c.ExtraConfig.ServiceNodePortRange = kubeoptions.DefaultServiceNodePortRange glog.Infof("Node port range unspecified. Defaulting to %v.", c.ExtraConfig.ServiceNodePortRange) } From 2a2b0cbffa11dc6926f36fa4d5e1f533dca01fbf Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Wed, 4 Oct 2017 14:31:46 -0400 Subject: [PATCH 3/8] Remove cmd/kubelet dependency from pkg/kubelet/volumemanager --- cmd/kubelet/app/options/options.go | 7 ------ pkg/kubelet/config/BUILD | 1 + pkg/kubelet/config/defaults.go | 24 +++++++++++++++++++ pkg/kubelet/kubelet_getters.go | 12 +++++----- pkg/kubelet/volumemanager/reconciler/BUILD | 2 +- .../volumemanager/reconciler/reconciler.go | 4 ++-- 6 files changed, 34 insertions(+), 16 deletions(-) create mode 100644 pkg/kubelet/config/defaults.go diff --git a/cmd/kubelet/app/options/options.go b/cmd/kubelet/app/options/options.go index 0cf139c4196..b82ee9cc357 100644 --- a/cmd/kubelet/app/options/options.go +++ b/cmd/kubelet/app/options/options.go @@ -37,13 +37,6 @@ import ( utiltaints "k8s.io/kubernetes/pkg/util/taints" ) -const ( - DefaultKubeletPodsDirName = "pods" - DefaultKubeletVolumesDirName = "volumes" - DefaultKubeletPluginsDirName = "plugins" - DefaultKubeletContainersDirName = "containers" -) - // A configuration field should go in KubeletFlags instead of KubeletConfiguration if any of these are true: // - its value will never, or cannot safely be changed during the lifetime of a node // - its value cannot be safely shared between nodes at the same time (e.g. a hostname) diff --git a/pkg/kubelet/config/BUILD b/pkg/kubelet/config/BUILD index defc45f72d3..4d575869de9 100644 --- a/pkg/kubelet/config/BUILD +++ b/pkg/kubelet/config/BUILD @@ -12,6 +12,7 @@ go_library( "apiserver.go", "common.go", "config.go", + "defaults.go", "doc.go", "file.go", "file_unsupported.go", diff --git a/pkg/kubelet/config/defaults.go b/pkg/kubelet/config/defaults.go new file mode 100644 index 00000000000..b000b60b11f --- /dev/null +++ b/pkg/kubelet/config/defaults.go @@ -0,0 +1,24 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package config + +const ( + DefaultKubeletPodsDirName = "pods" + DefaultKubeletVolumesDirName = "volumes" + DefaultKubeletPluginsDirName = "plugins" + DefaultKubeletContainersDirName = "containers" +) diff --git a/pkg/kubelet/kubelet_getters.go b/pkg/kubelet/kubelet_getters.go index 7737229507e..525f94cb717 100644 --- a/pkg/kubelet/kubelet_getters.go +++ b/pkg/kubelet/kubelet_getters.go @@ -27,8 +27,8 @@ import ( "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" - "k8s.io/kubernetes/cmd/kubelet/app/options" "k8s.io/kubernetes/pkg/kubelet/cm" + "k8s.io/kubernetes/pkg/kubelet/config" kubecontainer "k8s.io/kubernetes/pkg/kubelet/container" utilfile "k8s.io/kubernetes/pkg/util/file" utilnode "k8s.io/kubernetes/pkg/util/node" @@ -46,7 +46,7 @@ func (kl *Kubelet) getRootDir() string { // getPodsDir returns the full path to the directory under which pod // directories are created. func (kl *Kubelet) getPodsDir() string { - return filepath.Join(kl.getRootDir(), options.DefaultKubeletPodsDirName) + return filepath.Join(kl.getRootDir(), config.DefaultKubeletPodsDirName) } // getPluginsDir returns the full path to the directory under which plugin @@ -54,7 +54,7 @@ func (kl *Kubelet) getPodsDir() string { // they need to persist. Plugins should create subdirectories under this named // after their own names. func (kl *Kubelet) getPluginsDir() string { - return filepath.Join(kl.getRootDir(), options.DefaultKubeletPluginsDirName) + return filepath.Join(kl.getRootDir(), config.DefaultKubeletPluginsDirName) } // getPluginDir returns a data directory name for a given plugin name. @@ -80,7 +80,7 @@ func (kl *Kubelet) getPodDir(podUID types.UID) string { // which volumes are created for the specified pod. This directory may not // exist if the pod does not exist. func (kl *Kubelet) getPodVolumesDir(podUID types.UID) string { - return filepath.Join(kl.getPodDir(podUID), options.DefaultKubeletVolumesDirName) + return filepath.Join(kl.getPodDir(podUID), config.DefaultKubeletVolumesDirName) } // getPodVolumeDir returns the full path to the directory which represents the @@ -94,7 +94,7 @@ func (kl *Kubelet) getPodVolumeDir(podUID types.UID, pluginName string, volumeNa // which plugins may store data for the specified pod. This directory may not // exist if the pod does not exist. func (kl *Kubelet) getPodPluginsDir(podUID types.UID) string { - return filepath.Join(kl.getPodDir(podUID), options.DefaultKubeletPluginsDirName) + return filepath.Join(kl.getPodDir(podUID), config.DefaultKubeletPluginsDirName) } // getPodPluginDir returns a data directory name for a given plugin name for a @@ -108,7 +108,7 @@ func (kl *Kubelet) getPodPluginDir(podUID types.UID, pluginName string) string { // which container data is held for the specified pod. This directory may not // exist if the pod or container does not exist. func (kl *Kubelet) getPodContainerDir(podUID types.UID, ctrName string) string { - return filepath.Join(kl.getPodDir(podUID), options.DefaultKubeletContainersDirName, ctrName) + return filepath.Join(kl.getPodDir(podUID), config.DefaultKubeletContainersDirName, ctrName) } // GetPods returns all pods bound to the kubelet and their spec, and the mirror diff --git a/pkg/kubelet/volumemanager/reconciler/BUILD b/pkg/kubelet/volumemanager/reconciler/BUILD index 97065574636..b4a1d36b0a2 100644 --- a/pkg/kubelet/volumemanager/reconciler/BUILD +++ b/pkg/kubelet/volumemanager/reconciler/BUILD @@ -10,7 +10,7 @@ go_library( name = "go_default_library", srcs = ["reconciler.go"], deps = [ - "//cmd/kubelet/app/options:go_default_library", + "//pkg/kubelet/config:go_default_library", "//pkg/kubelet/volumemanager/cache:go_default_library", "//pkg/util/file:go_default_library", "//pkg/util/goroutinemap/exponentialbackoff:go_default_library", diff --git a/pkg/kubelet/volumemanager/reconciler/reconciler.go b/pkg/kubelet/volumemanager/reconciler/reconciler.go index 73ac4da99c8..81642fb6a29 100644 --- a/pkg/kubelet/volumemanager/reconciler/reconciler.go +++ b/pkg/kubelet/volumemanager/reconciler/reconciler.go @@ -31,7 +31,7 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/wait" clientset "k8s.io/client-go/kubernetes" - "k8s.io/kubernetes/cmd/kubelet/app/options" + "k8s.io/kubernetes/pkg/kubelet/config" "k8s.io/kubernetes/pkg/kubelet/volumemanager/cache" utilfile "k8s.io/kubernetes/pkg/util/file" "k8s.io/kubernetes/pkg/util/goroutinemap/exponentialbackoff" @@ -574,7 +574,7 @@ func getVolumesFromPodDir(podDir string) ([]podVolume, error) { } podName := podsDirInfo[i].Name() podDir := path.Join(podDir, podName) - volumesDir := path.Join(podDir, options.DefaultKubeletVolumesDirName) + volumesDir := path.Join(podDir, config.DefaultKubeletVolumesDirName) volumesDirInfo, err := ioutil.ReadDir(volumesDir) if err != nil { glog.Errorf("Could not read volume directory %q: %v", volumesDir, err) From 48433c87739afb34d73d22a67ab49fb7e9a0d374 Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Wed, 4 Oct 2017 14:56:27 -0400 Subject: [PATCH 4/8] Remove cmd/kubelet dependency from pkg/kubelet --- cmd/kubelet/app/options/BUILD | 1 + cmd/kubelet/app/options/container_runtime.go | 88 +------------------- cmd/kubelet/app/options/options.go | 3 +- cmd/kubelet/app/server.go | 2 +- pkg/kubelet/BUILD | 1 - pkg/kubelet/config/BUILD | 2 + pkg/kubelet/config/flags.go | 87 +++++++++++++++++++ pkg/kubelet/kubelet.go | 5 +- 8 files changed, 98 insertions(+), 91 deletions(-) create mode 100644 pkg/kubelet/config/flags.go diff --git a/cmd/kubelet/app/options/BUILD b/cmd/kubelet/app/options/BUILD index 079dfc02a36..5b3d9395188 100644 --- a/cmd/kubelet/app/options/BUILD +++ b/cmd/kubelet/app/options/BUILD @@ -19,6 +19,7 @@ go_library( "//pkg/kubelet/apis/kubeletconfig/scheme:go_default_library", "//pkg/kubelet/apis/kubeletconfig/v1alpha1:go_default_library", "//pkg/kubelet/apis/kubeletconfig/validation:go_default_library", + "//pkg/kubelet/config:go_default_library", "//pkg/util/taints:go_default_library", "//vendor/github.com/spf13/pflag:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", diff --git a/cmd/kubelet/app/options/container_runtime.go b/cmd/kubelet/app/options/container_runtime.go index fb2843062e3..00c46fe57b5 100644 --- a/cmd/kubelet/app/options/container_runtime.go +++ b/cmd/kubelet/app/options/container_runtime.go @@ -20,9 +20,8 @@ import ( "runtime" "time" - "github.com/spf13/pflag" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/kubernetes/pkg/kubelet/config" ) const ( @@ -39,68 +38,15 @@ var ( defaultPodSandboxImageVersion ) -type ContainerRuntimeOptions struct { - // Docker-specific options. - - // DockershimRootDirectory is the path to the dockershim root directory. Defaults to - // /var/lib/dockershim if unset. Exposed for integration testing (e.g. in OpenShift). - DockershimRootDirectory string - // Enable dockershim only mode. - ExperimentalDockershim bool - // This flag, if set, disables use of a shared PID namespace for pods running in the docker CRI runtime. - // A shared PID namespace is the only option in non-docker runtimes and is required by the CRI. The ability to - // disable it for docker will be removed unless a compelling use case is discovered with widespread use. - // TODO: Remove once we no longer support disabling shared PID namespace (https://issues.k8s.io/41938) - DockerDisableSharedPID bool - // PodSandboxImage is the image whose network/ipc namespaces - // containers in each pod will use. - PodSandboxImage string - // DockerEndpoint is the path to the docker endpoint to communicate with. - DockerEndpoint string - // If no pulling progress is made before the deadline imagePullProgressDeadline, - // the image pulling will be cancelled. Defaults to 1m0s. - // +optional - ImagePullProgressDeadline metav1.Duration - - // Network plugin options. - - // networkPluginName is the name of the network plugin to be invoked for - // various events in kubelet/pod lifecycle - NetworkPluginName string - // NetworkPluginMTU is the MTU to be passed to the network plugin, - // and overrides the default MTU for cases where it cannot be automatically - // computed (such as IPSEC). - NetworkPluginMTU int32 - // NetworkPluginDir is the full path of the directory in which to search - // for network plugins (and, for backwards-compat, CNI config files) - NetworkPluginDir string - // CNIConfDir is the full path of the directory in which to search for - // CNI config files - CNIConfDir string - // CNIBinDir is the full path of the directory in which to search for - // CNI plugin binaries - CNIBinDir string - - // rkt-specific options. - - // rktPath is the path of rkt binary. Leave empty to use the first rkt in $PATH. - RktPath string - // rktApiEndpoint is the endpoint of the rkt API service to communicate with. - RktAPIEndpoint string - // rktStage1Image is the image to use as stage1. Local paths and - // http/https URLs are supported. - RktStage1Image string -} - // NewContainerRuntimeOptions will create a new ContainerRuntimeOptions with // default values. -func NewContainerRuntimeOptions() *ContainerRuntimeOptions { +func NewContainerRuntimeOptions() *config.ContainerRuntimeOptions { dockerEndpoint := "" if runtime.GOOS != "windows" { dockerEndpoint = "unix:///var/run/docker.sock" } - return &ContainerRuntimeOptions{ + return &config.ContainerRuntimeOptions{ DockerEndpoint: dockerEndpoint, DockershimRootDirectory: "/var/lib/dockershim", DockerDisableSharedPID: true, @@ -110,31 +56,3 @@ func NewContainerRuntimeOptions() *ContainerRuntimeOptions { ExperimentalDockershim: false, } } - -func (s *ContainerRuntimeOptions) AddFlags(fs *pflag.FlagSet) { - // Docker-specific settings. - fs.BoolVar(&s.ExperimentalDockershim, "experimental-dockershim", s.ExperimentalDockershim, "Enable dockershim only mode. In this mode, kubelet will only start dockershim without any other functionalities. This flag only serves test purpose, please do not use it unless you are conscious of what you are doing. [default=false]") - fs.MarkHidden("experimental-dockershim") - fs.StringVar(&s.DockershimRootDirectory, "experimental-dockershim-root-directory", s.DockershimRootDirectory, "Path to the dockershim root directory.") - fs.MarkHidden("experimental-dockershim-root-directory") - fs.BoolVar(&s.DockerDisableSharedPID, "docker-disable-shared-pid", s.DockerDisableSharedPID, "The Container Runtime Interface (CRI) defaults to using a shared PID namespace for containers in a pod when running with Docker 1.13.1 or higher. Setting this flag reverts to the previous behavior of isolated PID namespaces. This ability will be removed in a future Kubernetes release.") - fs.StringVar(&s.PodSandboxImage, "pod-infra-container-image", s.PodSandboxImage, "The image whose network/ipc namespaces containers in each pod will use.") - fs.StringVar(&s.DockerEndpoint, "docker-endpoint", s.DockerEndpoint, "Use this for the docker endpoint to communicate with") - fs.DurationVar(&s.ImagePullProgressDeadline.Duration, "image-pull-progress-deadline", s.ImagePullProgressDeadline.Duration, "If no pulling progress is made before this deadline, the image pulling will be cancelled.") - - // Network plugin settings. Shared by both docker and rkt. - fs.StringVar(&s.NetworkPluginName, "network-plugin", s.NetworkPluginName, " The name of the network plugin to be invoked for various events in kubelet/pod lifecycle") - //TODO(#46410): Remove the network-plugin-dir flag. - fs.StringVar(&s.NetworkPluginDir, "network-plugin-dir", s.NetworkPluginDir, " The full path of the directory in which to search for network plugins or CNI config") - fs.MarkDeprecated("network-plugin-dir", "Use --cni-bin-dir instead. This flag will be removed in a future version.") - fs.StringVar(&s.CNIConfDir, "cni-conf-dir", s.CNIConfDir, " The full path of the directory in which to search for CNI config files. Default: /etc/cni/net.d") - fs.StringVar(&s.CNIBinDir, "cni-bin-dir", s.CNIBinDir, " The full path of the directory in which to search for CNI plugin binaries. Default: /opt/cni/bin") - fs.Int32Var(&s.NetworkPluginMTU, "network-plugin-mtu", s.NetworkPluginMTU, " The MTU to be passed to the network plugin, to override the default. Set to 0 to use the default 1460 MTU.") - - // Rkt-specific settings. - fs.StringVar(&s.RktPath, "rkt-path", s.RktPath, "Path of rkt binary. Leave empty to use the first rkt in $PATH. Only used if --container-runtime='rkt'.") - fs.StringVar(&s.RktAPIEndpoint, "rkt-api-endpoint", s.RktAPIEndpoint, "The endpoint of the rkt API service to communicate with. Only used if --container-runtime='rkt'.") - fs.StringVar(&s.RktStage1Image, "rkt-stage1-image", s.RktStage1Image, "image to use as stage1. Local paths and http/https URLs are supported. If empty, the 'stage1.aci' in the same directory as '--rkt-path' will be used.") - fs.MarkDeprecated("rkt-stage1-image", "Will be removed in a future version. The default stage1 image will be specified by the rkt configurations, see https://github.com/coreos/rkt/blob/master/Documentation/configuration.md for more details.") - -} diff --git a/cmd/kubelet/app/options/options.go b/cmd/kubelet/app/options/options.go index b82ee9cc357..539e3785b16 100644 --- a/cmd/kubelet/app/options/options.go +++ b/cmd/kubelet/app/options/options.go @@ -34,6 +34,7 @@ import ( kubeletscheme "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/scheme" "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/v1alpha1" kubeletconfigvalidation "k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig/validation" + "k8s.io/kubernetes/pkg/kubelet/config" utiltaints "k8s.io/kubernetes/pkg/util/taints" ) @@ -72,7 +73,7 @@ type KubeletFlags struct { ProviderID string // Container-runtime-specific options. - ContainerRuntimeOptions + config.ContainerRuntimeOptions // certDirectory is the directory where the TLS certs are located (by // default /var/run/kubernetes). If tlsCertFile and tlsPrivateKeyFile diff --git a/cmd/kubelet/app/server.go b/cmd/kubelet/app/server.go index 8238ce7110e..099b5f50da3 100644 --- a/cmd/kubelet/app/server.go +++ b/cmd/kubelet/app/server.go @@ -766,7 +766,7 @@ func startKubelet(k kubelet.Bootstrap, podCfg *config.PodConfig, kubeCfg *kubele func CreateAndInitKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *kubelet.Dependencies, - crOptions *options.ContainerRuntimeOptions, + crOptions *config.ContainerRuntimeOptions, hostnameOverride string, nodeIP string, providerID string, diff --git a/pkg/kubelet/BUILD b/pkg/kubelet/BUILD index fe059937264..90c794bf7f1 100644 --- a/pkg/kubelet/BUILD +++ b/pkg/kubelet/BUILD @@ -29,7 +29,6 @@ go_library( "volume_host.go", ], deps = [ - "//cmd/kubelet/app/options:go_default_library", "//pkg/api:go_default_library", "//pkg/api/v1:go_default_library", "//pkg/api/v1/helper:go_default_library", diff --git a/pkg/kubelet/config/BUILD b/pkg/kubelet/config/BUILD index 4d575869de9..df074727cb9 100644 --- a/pkg/kubelet/config/BUILD +++ b/pkg/kubelet/config/BUILD @@ -16,6 +16,7 @@ go_library( "doc.go", "file.go", "file_unsupported.go", + "flags.go", "http.go", "sources.go", ] + select({ @@ -37,6 +38,7 @@ go_library( "//pkg/util/config:go_default_library", "//pkg/util/hash:go_default_library", "//vendor/github.com/golang/glog:go_default_library", + "//vendor/github.com/spf13/pflag:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/fields:go_default_library", diff --git a/pkg/kubelet/config/flags.go b/pkg/kubelet/config/flags.go new file mode 100644 index 00000000000..7c9f6e19166 --- /dev/null +++ b/pkg/kubelet/config/flags.go @@ -0,0 +1,87 @@ +package config + +import ( + "github.com/spf13/pflag" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type ContainerRuntimeOptions struct { + // Docker-specific options. + + // DockershimRootDirectory is the path to the dockershim root directory. Defaults to + // /var/lib/dockershim if unset. Exposed for integration testing (e.g. in OpenShift). + DockershimRootDirectory string + // Enable dockershim only mode. + ExperimentalDockershim bool + // This flag, if set, disables use of a shared PID namespace for pods running in the docker CRI runtime. + // A shared PID namespace is the only option in non-docker runtimes and is required by the CRI. The ability to + // disable it for docker will be removed unless a compelling use case is discovered with widespread use. + // TODO: Remove once we no longer support disabling shared PID namespace (https://issues.k8s.io/41938) + DockerDisableSharedPID bool + // PodSandboxImage is the image whose network/ipc namespaces + // containers in each pod will use. + PodSandboxImage string + // DockerEndpoint is the path to the docker endpoint to communicate with. + DockerEndpoint string + // If no pulling progress is made before the deadline imagePullProgressDeadline, + // the image pulling will be cancelled. Defaults to 1m0s. + // +optional + ImagePullProgressDeadline metav1.Duration + + // Network plugin options. + + // networkPluginName is the name of the network plugin to be invoked for + // various events in kubelet/pod lifecycle + NetworkPluginName string + // NetworkPluginMTU is the MTU to be passed to the network plugin, + // and overrides the default MTU for cases where it cannot be automatically + // computed (such as IPSEC). + NetworkPluginMTU int32 + // NetworkPluginDir is the full path of the directory in which to search + // for network plugins (and, for backwards-compat, CNI config files) + NetworkPluginDir string + // CNIConfDir is the full path of the directory in which to search for + // CNI config files + CNIConfDir string + // CNIBinDir is the full path of the directory in which to search for + // CNI plugin binaries + CNIBinDir string + + // rkt-specific options. + + // rktPath is the path of rkt binary. Leave empty to use the first rkt in $PATH. + RktPath string + // rktApiEndpoint is the endpoint of the rkt API service to communicate with. + RktAPIEndpoint string + // rktStage1Image is the image to use as stage1. Local paths and + // http/https URLs are supported. + RktStage1Image string +} + +func (s *ContainerRuntimeOptions) AddFlags(fs *pflag.FlagSet) { + // Docker-specific settings. + fs.BoolVar(&s.ExperimentalDockershim, "experimental-dockershim", s.ExperimentalDockershim, "Enable dockershim only mode. In this mode, kubelet will only start dockershim without any other functionalities. This flag only serves test purpose, please do not use it unless you are conscious of what you are doing. [default=false]") + fs.MarkHidden("experimental-dockershim") + fs.StringVar(&s.DockershimRootDirectory, "experimental-dockershim-root-directory", s.DockershimRootDirectory, "Path to the dockershim root directory.") + fs.MarkHidden("experimental-dockershim-root-directory") + fs.BoolVar(&s.DockerDisableSharedPID, "docker-disable-shared-pid", s.DockerDisableSharedPID, "The Container Runtime Interface (CRI) defaults to using a shared PID namespace for containers in a pod when running with Docker 1.13.1 or higher. Setting this flag reverts to the previous behavior of isolated PID namespaces. This ability will be removed in a future Kubernetes release.") + fs.StringVar(&s.PodSandboxImage, "pod-infra-container-image", s.PodSandboxImage, "The image whose network/ipc namespaces containers in each pod will use.") + fs.StringVar(&s.DockerEndpoint, "docker-endpoint", s.DockerEndpoint, "Use this for the docker endpoint to communicate with") + fs.DurationVar(&s.ImagePullProgressDeadline.Duration, "image-pull-progress-deadline", s.ImagePullProgressDeadline.Duration, "If no pulling progress is made before this deadline, the image pulling will be cancelled.") + + // Network plugin settings. Shared by both docker and rkt. + fs.StringVar(&s.NetworkPluginName, "network-plugin", s.NetworkPluginName, " The name of the network plugin to be invoked for various events in kubelet/pod lifecycle") + //TODO(#46410): Remove the network-plugin-dir flag. + fs.StringVar(&s.NetworkPluginDir, "network-plugin-dir", s.NetworkPluginDir, " The full path of the directory in which to search for network plugins or CNI config") + fs.MarkDeprecated("network-plugin-dir", "Use --cni-bin-dir instead. This flag will be removed in a future version.") + fs.StringVar(&s.CNIConfDir, "cni-conf-dir", s.CNIConfDir, " The full path of the directory in which to search for CNI config files. Default: /etc/cni/net.d") + fs.StringVar(&s.CNIBinDir, "cni-bin-dir", s.CNIBinDir, " The full path of the directory in which to search for CNI plugin binaries. Default: /opt/cni/bin") + fs.Int32Var(&s.NetworkPluginMTU, "network-plugin-mtu", s.NetworkPluginMTU, " The MTU to be passed to the network plugin, to override the default. Set to 0 to use the default 1460 MTU.") + + // Rkt-specific settings. + fs.StringVar(&s.RktPath, "rkt-path", s.RktPath, "Path of rkt binary. Leave empty to use the first rkt in $PATH. Only used if --container-runtime='rkt'.") + fs.StringVar(&s.RktAPIEndpoint, "rkt-api-endpoint", s.RktAPIEndpoint, "The endpoint of the rkt API service to communicate with. Only used if --container-runtime='rkt'.") + fs.StringVar(&s.RktStage1Image, "rkt-stage1-image", s.RktStage1Image, "image to use as stage1. Local paths and http/https URLs are supported. If empty, the 'stage1.aci' in the same directory as '--rkt-path' will be used.") + fs.MarkDeprecated("rkt-stage1-image", "Will be removed in a future version. The default stage1 image will be specified by the rkt configurations, see https://github.com/coreos/rkt/blob/master/Documentation/configuration.md for more details.") + +} diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go index 68b8fc4b629..51986ac0aa0 100644 --- a/pkg/kubelet/kubelet.go +++ b/pkg/kubelet/kubelet.go @@ -57,7 +57,6 @@ import ( "k8s.io/client-go/util/certificate" "k8s.io/client-go/util/flowcontrol" "k8s.io/client-go/util/integer" - "k8s.io/kubernetes/cmd/kubelet/app/options" "k8s.io/kubernetes/pkg/api" "k8s.io/kubernetes/pkg/cloudprovider" "k8s.io/kubernetes/pkg/features" @@ -197,7 +196,7 @@ type Bootstrap interface { // Builder creates and initializes a Kubelet instance type Builder func(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *Dependencies, - crOptions *options.ContainerRuntimeOptions, + crOptions *config.ContainerRuntimeOptions, hostnameOverride string, nodeIP string, providerID string, @@ -318,7 +317,7 @@ func getRuntimeAndImageServices(remoteRuntimeEndpoint string, remoteImageEndpoin // No initialization of Kubelet and its modules should happen here. func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *Dependencies, - crOptions *options.ContainerRuntimeOptions, + crOptions *config.ContainerRuntimeOptions, hostnameOverride string, nodeIP string, providerID string, From fce40cf8ade03c6681ff46a3a7c23e0a463bebe9 Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Wed, 4 Oct 2017 16:35:40 -0400 Subject: [PATCH 5/8] Fix license boilerplate --- pkg/kubelet/config/flags.go | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/pkg/kubelet/config/flags.go b/pkg/kubelet/config/flags.go index 7c9f6e19166..e63b2322547 100644 --- a/pkg/kubelet/config/flags.go +++ b/pkg/kubelet/config/flags.go @@ -1,3 +1,19 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package config import ( From 6d5e1d2bea848747115f7761898db2282f208e93 Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Thu, 5 Oct 2017 08:04:08 -0400 Subject: [PATCH 6/8] Drop cmd/gke-certificates-controller from bazel build script --- pkg/controller/certificates/BUILD | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/pkg/controller/certificates/BUILD b/pkg/controller/certificates/BUILD index e81b0fcdbbc..6298f5474ed 100644 --- a/pkg/controller/certificates/BUILD +++ b/pkg/controller/certificates/BUILD @@ -10,10 +10,7 @@ go_library( "certificate_controller.go", "certificate_controller_utils.go", ], - visibility = [ - ":__subpackages__", - "//cmd/gke-certificates-controller:__subpackages__", - ], + visibility = ["//visibility:public"], deps = [ "//pkg/controller:go_default_library", "//vendor/github.com/golang/glog:go_default_library", From 21fdd1c5ed85fe18cd1dacbdb2e402fbb92239e6 Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Thu, 5 Oct 2017 19:52:29 -0400 Subject: [PATCH 7/8] Add import-boss directives The pkg/api/testing can be removed whem kubeadm splits into its own repository. The pkg/kubemark probably will remain as is for the foreseeable future. --- pkg/.import-restrictions | 13 +++++++++++++ pkg/api/testing/.import-restrictions | 12 ++++++++++++ pkg/kubemark/.import-restrictions | 13 +++++++++++++ 3 files changed, 38 insertions(+) create mode 100644 pkg/.import-restrictions create mode 100644 pkg/api/testing/.import-restrictions create mode 100644 pkg/kubemark/.import-restrictions diff --git a/pkg/.import-restrictions b/pkg/.import-restrictions new file mode 100644 index 00000000000..77cc61216cd --- /dev/null +++ b/pkg/.import-restrictions @@ -0,0 +1,13 @@ +{ + "Rules": [ + { + "SelectorRegexp": "k8s[.]io/kubernetes", + "AllowedPrefixes": [ + "" + ], + "ForbiddenPrefixes": [ + "k8s.io/kubernetes/cmd" + ] + } + ] +} diff --git a/pkg/api/testing/.import-restrictions b/pkg/api/testing/.import-restrictions new file mode 100644 index 00000000000..d2624cf48bd --- /dev/null +++ b/pkg/api/testing/.import-restrictions @@ -0,0 +1,12 @@ +{ + "Rules": [ + { + "SelectorRegexp": "k8s[.]io/kubernetes/cmd", + "AllowedPrefixes": [ + "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" + ], + "ForbiddenPrefixes": [ + ] + } + ] +} \ No newline at end of file diff --git a/pkg/kubemark/.import-restrictions b/pkg/kubemark/.import-restrictions new file mode 100644 index 00000000000..79aca70ba8b --- /dev/null +++ b/pkg/kubemark/.import-restrictions @@ -0,0 +1,13 @@ +{ + "Rules": [ + { + "SelectorRegexp": "k8s[.]io/kubernetes/cmd", + "AllowedPrefixes": [ + "k8s.io/kubernetes/cmd/kube-proxy/app", + "k8s.io/kubernetes/cmd/kubelet/app" + ], + "ForbiddenPrefixes": [ + ] + } + ] +} \ No newline at end of file From eda7fbd16a882998839d5d7c6fbf12330e5ce4fb Mon Sep 17 00:00:00 2001 From: Davanum Srinivas Date: Fri, 6 Oct 2017 06:56:09 -0400 Subject: [PATCH 8/8] Ignore .import-restrictions when checking against generated docs --- hack/verify-generated-swagger-docs.sh | 2 +- pkg/controller/service/service_controller.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hack/verify-generated-swagger-docs.sh b/hack/verify-generated-swagger-docs.sh index e787aae35bc..ef93c4e0613 100755 --- a/hack/verify-generated-swagger-docs.sh +++ b/hack/verify-generated-swagger-docs.sh @@ -55,7 +55,7 @@ cp -a "${DIFFROOT}"/* "${TMP_DIFFROOT}/" "${KUBE_ROOT}/hack/update-generated-swagger-docs.sh" echo "diffing ${DIFFROOT} against freshly generated swagger type documentation" ret=0 -diff -Naupr -I 'Auto generated by' "${DIFFROOT}" "${TMP_DIFFROOT}" || ret=$? +diff --exclude=".import-restrictions" -Naupr -I 'Auto generated by' "${DIFFROOT}" "${TMP_DIFFROOT}" || ret=$? cp -a "${TMP_DIFFROOT}"/* "${DIFFROOT}/" if [[ $ret -eq 0 ]] then diff --git a/pkg/controller/service/service_controller.go b/pkg/controller/service/service_controller.go index 569d409d69c..0f7c1f686b8 100644 --- a/pkg/controller/service/service_controller.go +++ b/pkg/controller/service/service_controller.go @@ -69,7 +69,7 @@ const ( // LabelNodeRoleExcludeBalancer specifies that the node should be // exclude from load balancers created by a cloud provider. - LabelNodeRoleExcludeBalancer = "node.role.kubernetes.io/exclude-balancer" + LabelNodeRoleExcludeBalancer = "alpha.node.role.kubernetes.io/exclude-balancer" ) type cachedService struct {