Merge pull request #75602 from smarterclayton/kubelet_proto

Kubelet should request protobuf from the apiserver
This commit is contained in:
Kubernetes Prow Robot 2019-03-22 15:46:34 -07:00 committed by GitHub
commit 3312da83c9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 26 additions and 5 deletions

View File

@ -113,6 +113,7 @@ go_library(
"//staging/src/k8s.io/api/core/v1:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/api/resource:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library",

View File

@ -30,6 +30,7 @@ import (
"path"
"path/filepath"
"strconv"
"strings"
"time"
"github.com/coreos/go-systemd/daemon"
@ -40,6 +41,7 @@ import (
v1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/resource"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/types"
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
"k8s.io/apimachinery/pkg/util/sets"
@ -757,6 +759,11 @@ func buildKubeletClientConfig(s *options.KubeletServer, nodeName types.NodeName)
return nil, nil, err
}
// use the correct content type for cert rotation, but don't set QPS
setContentTypeForClient(certConfig, s.ContentType)
kubeClientConfigOverrides(s, clientConfig)
clientCertificateManager, err := buildClientCertificateManager(certConfig, clientConfig, s.CertDirectory, nodeName)
if err != nil {
return nil, nil, err
@ -764,7 +771,6 @@ func buildKubeletClientConfig(s *options.KubeletServer, nodeName types.NodeName)
// the rotating transport will use the cert from the cert manager instead of these files
transportConfig := restclient.AnonymousClientConfig(clientConfig)
kubeClientConfigOverrides(s, transportConfig)
// we set exitAfter to five minutes because we use this client configuration to request new certs - if we are unable
// to request new certs, we will be unable to continue normal operation. Exiting the process allows a wrapper
@ -836,7 +842,7 @@ func buildClientCertificateManager(certConfig, clientConfig *restclient.Config,
}
func kubeClientConfigOverrides(s *options.KubeletServer, clientConfig *restclient.Config) {
clientConfig.ContentType = s.ContentType
setContentTypeForClient(clientConfig, s.ContentType)
// Override kubeconfig qps/burst settings from flags
clientConfig.QPS = float32(s.KubeAPIQPS)
clientConfig.Burst = int(s.KubeAPIBurst)
@ -930,6 +936,21 @@ func InitializeTLS(kf *options.KubeletFlags, kc *kubeletconfiginternal.KubeletCo
return tlsOptions, nil
}
// setContentTypeForClient sets the appropritae content type into the rest config
// and handles defaulting AcceptContentTypes based on that input.
func setContentTypeForClient(cfg *restclient.Config, contentType string) {
if len(contentType) == 0 {
return
}
cfg.ContentType = contentType
switch contentType {
case runtime.ContentTypeProtobuf:
cfg.AcceptContentTypes = strings.Join([]string{runtime.ContentTypeProtobuf, runtime.ContentTypeJSON}, ",")
default:
// otherwise let the rest client perform defaulting
}
}
// RunKubelet is responsible for setting up and running a kubelet. It is used in three different applications:
// 1 Integration tests
// 2 Kubelet binary

View File

@ -41,9 +41,8 @@ type TypeMeta struct {
}
const (
ContentTypeJSON string = "application/json"
ContentTypeYAML string = "application/yaml"
ContentTypeJSON string = "application/json"
ContentTypeYAML string = "application/yaml"
ContentTypeProtobuf string = "application/vnd.kubernetes.protobuf"
)