Use gluster client filter

This commit is contained in:
Jordan Liggitt 2021-01-11 11:26:28 -05:00
parent 8ddd9ef759
commit 25ba5c5480
2 changed files with 21 additions and 3 deletions

View File

@ -17,6 +17,7 @@ go_library(
importpath = "k8s.io/kubernetes/pkg/volume/glusterfs", importpath = "k8s.io/kubernetes/pkg/volume/glusterfs",
deps = [ deps = [
"//pkg/apis/core/v1/helper:go_default_library", "//pkg/apis/core/v1/helper:go_default_library",
"//pkg/proxy/util:go_default_library",
"//pkg/volume:go_default_library", "//pkg/volume:go_default_library",
"//pkg/volume/util:go_default_library", "//pkg/volume/util:go_default_library",
"//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/api/core/v1:go_default_library",

View File

@ -18,10 +18,12 @@ package glusterfs
import ( import (
"context" "context"
"crypto/tls"
"fmt" "fmt"
"math" "math"
"math/rand" "math/rand"
"net" "net"
"net/http"
"os" "os"
"path/filepath" "path/filepath"
"runtime" "runtime"
@ -46,6 +48,7 @@ import (
clientset "k8s.io/client-go/kubernetes" clientset "k8s.io/client-go/kubernetes"
volumehelpers "k8s.io/cloud-provider/volume/helpers" volumehelpers "k8s.io/cloud-provider/volume/helpers"
v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper" v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
proxyutil "k8s.io/kubernetes/pkg/proxy/util"
"k8s.io/kubernetes/pkg/volume" "k8s.io/kubernetes/pkg/volume"
volutil "k8s.io/kubernetes/pkg/volume/util" volutil "k8s.io/kubernetes/pkg/volume/util"
) )
@ -662,7 +665,7 @@ func (d *glusterfsVolumeDeleter) Delete() error {
return fmt.Errorf("failed to release gid %v: %v", gid, err) return fmt.Errorf("failed to release gid %v: %v", gid, err)
} }
} }
cli := gcli.NewClient(d.url, d.user, d.secretValue) cli := filterClient(gcli.NewClient(d.url, d.user, d.secretValue), d.plugin.host.GetFilteredDialOptions())
if cli == nil { if cli == nil {
klog.Errorf("failed to create glusterfs REST client") klog.Errorf("failed to create glusterfs REST client")
return fmt.Errorf("failed to create glusterfs REST client, REST server authentication failed") return fmt.Errorf("failed to create glusterfs REST client, REST server authentication failed")
@ -703,6 +706,20 @@ func (d *glusterfsVolumeDeleter) Delete() error {
return nil return nil
} }
func filterClient(client *gcli.Client, opts *proxyutil.FilteredDialOptions) *gcli.Client {
if opts == nil {
return client
}
dialer := proxyutil.NewFilteredDialContext(nil, nil, opts)
client.SetClientFunc(func(tlsConfig *tls.Config, checkRedirect gcli.CheckRedirectFunc) (gcli.HttpPerformer, error) {
transport := http.DefaultTransport.(*http.Transport).Clone()
transport.DialContext = dialer
transport.TLSClientConfig = tlsConfig
return &http.Client{Transport: transport, CheckRedirect: checkRedirect}, nil
})
return client
}
func (p *glusterfsVolumeProvisioner) Provision(selectedNode *v1.Node, allowedTopologies []v1.TopologySelectorTerm) (*v1.PersistentVolume, error) { func (p *glusterfsVolumeProvisioner) Provision(selectedNode *v1.Node, allowedTopologies []v1.TopologySelectorTerm) (*v1.PersistentVolume, error) {
if !volutil.AccessModesContainedInAll(p.plugin.GetAccessModes(), p.options.PVC.Spec.AccessModes) { if !volutil.AccessModesContainedInAll(p.plugin.GetAccessModes(), p.options.PVC.Spec.AccessModes) {
return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", p.options.PVC.Spec.AccessModes, p.plugin.GetAccessModes()) return nil, fmt.Errorf("invalid AccessModes %v: only AccessModes %v are supported", p.options.PVC.Spec.AccessModes, p.plugin.GetAccessModes())
@ -794,7 +811,7 @@ func (p *glusterfsVolumeProvisioner) CreateVolume(gid int) (r *v1.GlusterfsPersi
if p.url == "" { if p.url == "" {
return nil, 0, "", fmt.Errorf("failed to create glusterfs REST client, REST URL is empty") return nil, 0, "", fmt.Errorf("failed to create glusterfs REST client, REST URL is empty")
} }
cli := gcli.NewClient(p.url, p.user, p.secretValue) cli := filterClient(gcli.NewClient(p.url, p.user, p.secretValue), p.plugin.host.GetFilteredDialOptions())
if cli == nil { if cli == nil {
return nil, 0, "", fmt.Errorf("failed to create glusterfs REST client, REST server authentication failed") return nil, 0, "", fmt.Errorf("failed to create glusterfs REST client, REST server authentication failed")
} }
@ -1205,7 +1222,7 @@ func (plugin *glusterfsPlugin) ExpandVolumeDevice(spec *volume.Spec, newSize res
klog.V(4).Infof("expanding volume: %q", volumeID) klog.V(4).Infof("expanding volume: %q", volumeID)
//Create REST server connection //Create REST server connection
cli := gcli.NewClient(cfg.url, cfg.user, cfg.secretValue) cli := filterClient(gcli.NewClient(cfg.url, cfg.user, cfg.secretValue), plugin.host.GetFilteredDialOptions())
if cli == nil { if cli == nil {
klog.Errorf("failed to create glusterfs REST client") klog.Errorf("failed to create glusterfs REST client")
return oldSize, fmt.Errorf("failed to create glusterfs REST client, REST server authentication failed") return oldSize, fmt.Errorf("failed to create glusterfs REST client, REST server authentication failed")