Merge pull request #82279 from deads2k/which-cert

add identification for particular certificate controllers

cmd/kube-controller-manager/app/certificates.go

@@ -45,6 +45,7 @@ func startCSRSigningController(ctx ControllerContext) (http.Handler, bool, error
 		return nil, false, nil
 	}
 	if ctx.ComponentConfig.CSRSigningController.ClusterSigningCertFile == "" || ctx.ComponentConfig.CSRSigningController.ClusterSigningKeyFile == "" {
+		klog.V(2).Info("skipping CSR signer controller because no csr cert/key was specified")
 		return nil, false, nil
 	}
 
@@ -79,6 +80,7 @@ func startCSRSigningController(ctx ControllerContext) (http.Handler, bool, error
 		// setting up the signing controller. This isn't
 		// actually a problem since the signer is not a
 		// required controller.
+		klog.V(2).Info("skipping CSR signer controller because no csr cert/key was specified and the default files are missing")
 		return nil, false, nil
 	default:
 		// Note that '!filesExist && !usesDefaults' is obviously

pkg/controller/certificates/approver/sarapprove.go

@@ -49,6 +49,7 @@ func NewCSRApprovingController(client clientset.Interface, csrInformer certifica
 		recognizers: recognizers(),
 	}
 	return certificates.NewCertificateController(
+		"csrapproving",
 		client,
 		csrInformer,
 		approver.handle,

pkg/controller/certificates/certificate_controller.go

@@ -40,6 +40,9 @@ import (
 )
 
 type CertificateController struct {
+	// name is an identifier for this particular controller instance.
+	name string
+
 	kubeClient clientset.Interface
 
 	csrLister  certificateslisters.CertificateSigningRequestLister
@@ -51,6 +54,7 @@ type CertificateController struct {
 }
 
 func NewCertificateController(
+	name string,
 	kubeClient clientset.Interface,
 	csrInformer certificatesinformers.CertificateSigningRequestInformer,
 	handler func(*certificates.CertificateSigningRequest) error,
@@ -61,6 +65,7 @@ func NewCertificateController(
 	eventBroadcaster.StartRecordingToSink(&v1core.EventSinkImpl{Interface: kubeClient.CoreV1().Events("")})
 
 	cc := &CertificateController{
+		name:       name,
 		kubeClient: kubeClient,
 		queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewMaxOfRateLimiter(
 			workqueue.NewItemExponentialFailureRateLimiter(200*time.Millisecond, 1000*time.Second),
@@ -110,10 +115,10 @@ func (cc *CertificateController) Run(workers int, stopCh <-chan struct{}) {
 	defer utilruntime.HandleCrash()
 	defer cc.queue.ShutDown()
 
-	klog.Infof("Starting certificate controller")
-	defer klog.Infof("Shutting down certificate controller")
+	klog.Infof("Starting certificate controller %q", cc.name)
+	defer klog.Infof("Shutting down certificate controller %q", cc.name)
 
-	if !cache.WaitForNamedCacheSync("certificate", stopCh, cc.csrsSynced) {
+	if !cache.WaitForNamedCacheSync(fmt.Sprintf("certificate-%s", cc.name), stopCh, cc.csrsSynced) {
 		return
 	}
 

pkg/controller/certificates/certificate_controller_test.go

@@ -55,6 +55,7 @@ func TestCertificateController(t *testing.T) {
 	}
 
 	controller := NewCertificateController(
+		"test",
 		client,
 		informerFactory.Certificates().V1beta1().CertificateSigningRequests(),
 		handler,

pkg/controller/certificates/signer/cfssl_signer.go

@@ -47,6 +47,7 @@ func NewCSRSigningController(
 		return nil, err
 	}
 	return certificates.NewCertificateController(
+		"csrsigning",
 		client,
 		csrInformer,
 		signer.handle,