mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-22 11:21:47 +00:00
apiserver: update lease label key to apiserver.kubernetes.io/identity
Signed-off-by: Andrew Sy Kim <andrewsy@google.com>
This commit is contained in:
Andrew Sy Kim
parent
2ca95b4df9
commit
3da0f1809c
@ -48,7 +48,7 @@ func newKubeApiserverLease(name, holderIdentity string) *coordinationv1.Lease {
|
|||||||
Name: name,
|
Name: name,
|
||||||
Namespace: metav1.NamespaceSystem,
|
Namespace: metav1.NamespaceSystem,
|
||||||
Labels: map[string]string{
|
Labels: map[string]string{
|
||||||
"k8s.io/component": "kube-apiserver",
|
"apiserver.kubernetes.io/identity": "kube-apiserver",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
Spec: coordinationv1.LeaseSpec{
|
Spec: coordinationv1.LeaseSpec{
|
||||||
|
|||||||
@ -44,7 +44,7 @@ func Test_Controller(t *testing.T) {
|
|||||||
Name: "kube-apiserver-12345",
|
Name: "kube-apiserver-12345",
|
||||||
Namespace: metav1.NamespaceSystem,
|
Namespace: metav1.NamespaceSystem,
|
||||||
Labels: map[string]string{
|
Labels: map[string]string{
|
||||||
"k8s.io/component": "kube-apiserver",
|
"apiserver.kubernetes.io/identity": "kube-apiserver",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
Spec: coordinationv1.LeaseSpec{
|
Spec: coordinationv1.LeaseSpec{
|
||||||
@ -62,7 +62,7 @@ func Test_Controller(t *testing.T) {
|
|||||||
Name: "kube-apiserver-12345",
|
Name: "kube-apiserver-12345",
|
||||||
Namespace: metav1.NamespaceSystem,
|
Namespace: metav1.NamespaceSystem,
|
||||||
Labels: map[string]string{
|
Labels: map[string]string{
|
||||||
"k8s.io/component": "kube-controller-manager",
|
"apiserver.kubernetes.io/identity": "kube-controller-manager",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
Spec: coordinationv1.LeaseSpec{
|
Spec: coordinationv1.LeaseSpec{
|
||||||
@ -80,7 +80,7 @@ func Test_Controller(t *testing.T) {
|
|||||||
Name: "kube-apiserver-12345",
|
Name: "kube-apiserver-12345",
|
||||||
Namespace: metav1.NamespaceSystem,
|
Namespace: metav1.NamespaceSystem,
|
||||||
Labels: map[string]string{
|
Labels: map[string]string{
|
||||||
"k8s.io/component": "kube-apiserver",
|
"apiserver.kubernetes.io/identity": "kube-apiserver",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
Spec: coordinationv1.LeaseSpec{
|
Spec: coordinationv1.LeaseSpec{
|
||||||
@ -98,7 +98,7 @@ func Test_Controller(t *testing.T) {
|
|||||||
Name: "kube-apiserver-12345",
|
Name: "kube-apiserver-12345",
|
||||||
Namespace: metav1.NamespaceSystem,
|
Namespace: metav1.NamespaceSystem,
|
||||||
Labels: map[string]string{
|
Labels: map[string]string{
|
||||||
"k8s.io/component": "kube-apiserver",
|
"apiserver.kubernetes.io/identity": "kube-apiserver",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
Spec: coordinationv1.LeaseSpec{
|
Spec: coordinationv1.LeaseSpec{
|
||||||
@ -116,7 +116,7 @@ func Test_Controller(t *testing.T) {
|
|||||||
Name: "kube-apiserver-12345",
|
Name: "kube-apiserver-12345",
|
||||||
Namespace: metav1.NamespaceSystem,
|
Namespace: metav1.NamespaceSystem,
|
||||||
Labels: map[string]string{
|
Labels: map[string]string{
|
||||||
"k8s.io/component": "kube-apiserver",
|
"apiserver.kubernetes.io/identity": "kube-apiserver",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
Spec: coordinationv1.LeaseSpec{
|
Spec: coordinationv1.LeaseSpec{
|
||||||
@ -132,7 +132,7 @@ func Test_Controller(t *testing.T) {
|
|||||||
for _, test := range tests {
|
for _, test := range tests {
|
||||||
t.Run(test.name, func(t *testing.T) {
|
t.Run(test.name, func(t *testing.T) {
|
||||||
clientset := fake.NewSimpleClientset(test.lease)
|
clientset := fake.NewSimpleClientset(test.lease)
|
||||||
controller := NewAPIServerLeaseGC(clientset, 100*time.Millisecond, metav1.NamespaceSystem, "k8s.io/component=kube-apiserver")
|
controller := NewAPIServerLeaseGC(clientset, 100*time.Millisecond, metav1.NamespaceSystem, "apiserver.kubernetes.io/identity=kube-apiserver")
|
||||||
go controller.Run(nil)
|
go controller.Run(nil)
|
||||||
|
|
||||||
time.Sleep(time.Second)
|
time.Sleep(time.Second)
|
||||||
|
|||||||
@ -123,9 +123,11 @@ const (
|
|||||||
// IdentityLeaseComponentLabelKey is used to apply a component label to identity lease objects, indicating:
|
// IdentityLeaseComponentLabelKey is used to apply a component label to identity lease objects, indicating:
|
||||||
// 1. the lease is an identity lease (different from leader election leases)
|
// 1. the lease is an identity lease (different from leader election leases)
|
||||||
// 2. which component owns this lease
|
// 2. which component owns this lease
|
||||||
IdentityLeaseComponentLabelKey = "k8s.io/component"
|
IdentityLeaseComponentLabelKey = "apiserver.kubernetes.io/identity"
|
||||||
// KubeAPIServer defines variable used internally when referring to kube-apiserver component
|
// KubeAPIServer defines variable used internally when referring to kube-apiserver component
|
||||||
KubeAPIServer = "kube-apiserver"
|
KubeAPIServer = "kube-apiserver"
|
||||||
|
// DeprecatedKubeAPIServerIdentityLeaseLabelSelector selects kube-apiserver identity leases
|
||||||
|
DeprecatedKubeAPIServerIdentityLeaseLabelSelector = "k8s.io/component=kube-apiserver"
|
||||||
// KubeAPIServerIdentityLeaseLabelSelector selects kube-apiserver identity leases
|
// KubeAPIServerIdentityLeaseLabelSelector selects kube-apiserver identity leases
|
||||||
KubeAPIServerIdentityLeaseLabelSelector = IdentityLeaseComponentLabelKey + "=" + KubeAPIServer
|
KubeAPIServerIdentityLeaseLabelSelector = IdentityLeaseComponentLabelKey + "=" + KubeAPIServer
|
||||||
// repairLoopInterval defines the interval used to run the Services ClusterIP and NodePort repair loops
|
// repairLoopInterval defines the interval used to run the Services ClusterIP and NodePort repair loops
|
||||||
@ -509,6 +511,23 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget)
|
|||||||
go controller.Run(hookContext.StopCh)
|
go controller.Run(hookContext.StopCh)
|
||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
|
// Labels for apiserver idenitiy leases switched from k8s.io/component=kube-apiserver to apiserver.kubernetes.io/identity=kube-apiserver.
|
||||||
|
// For compatibility, garbage collect leases with both labels for at least 1 release
|
||||||
|
// TODO: remove in Kubernetes 1.28
|
||||||
|
m.GenericAPIServer.AddPostStartHookOrDie("start-deprecated-kube-apiserver-identity-lease-garbage-collector", func(hookContext genericapiserver.PostStartHookContext) error {
|
||||||
|
kubeClient, err := kubernetes.NewForConfig(hookContext.LoopbackClientConfig)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
go apiserverleasegc.NewAPIServerLeaseGC(
|
||||||
|
kubeClient,
|
||||||
|
IdentityLeaseGCPeriod,
|
||||||
|
metav1.NamespaceSystem,
|
||||||
|
DeprecatedKubeAPIServerIdentityLeaseLabelSelector,
|
||||||
|
).Run(hookContext.StopCh)
|
||||||
|
return nil
|
||||||
|
})
|
||||||
|
// TODO: move this into generic apiserver and make the lease identity value configurable
|
||||||
m.GenericAPIServer.AddPostStartHookOrDie("start-kube-apiserver-identity-lease-garbage-collector", func(hookContext genericapiserver.PostStartHookContext) error {
|
m.GenericAPIServer.AddPostStartHookOrDie("start-kube-apiserver-identity-lease-garbage-collector", func(hookContext genericapiserver.PostStartHookContext) error {
|
||||||
kubeClient, err := kubernetes.NewForConfig(hookContext.LoopbackClientConfig)
|
kubeClient, err := kubernetes.NewForConfig(hookContext.LoopbackClientConfig)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@ -115,7 +115,7 @@ var _ = SIGDescribe("kube-apiserver identity [Feature:APIServerIdentity]", func(
|
|||||||
}
|
}
|
||||||
|
|
||||||
leases, err := client.CoordinationV1().Leases(metav1.NamespaceSystem).List(context.TODO(), metav1.ListOptions{
|
leases, err := client.CoordinationV1().Leases(metav1.NamespaceSystem).List(context.TODO(), metav1.ListOptions{
|
||||||
LabelSelector: "k8s.io/component=kube-apiserver",
|
LabelSelector: "apiserver.kubernetes.io/identity=kube-apiserver",
|
||||||
})
|
})
|
||||||
framework.ExpectNoError(err)
|
framework.ExpectNoError(err)
|
||||||
framework.ExpectEqual(len(leases.Items), len(controlPlaneNodes), "unexpected number of leases")
|
framework.ExpectEqual(len(leases.Items), len(controlPlaneNodes), "unexpected number of leases")
|
||||||
@ -161,7 +161,7 @@ var _ = SIGDescribe("kube-apiserver identity [Feature:APIServerIdentity]", func(
|
|||||||
// As long as the hostname of kube-apiserver is unchanged, a restart should not result in new Lease objects.
|
// As long as the hostname of kube-apiserver is unchanged, a restart should not result in new Lease objects.
|
||||||
// Check that the number of lease objects remains the same after restarting kube-apiserver.
|
// Check that the number of lease objects remains the same after restarting kube-apiserver.
|
||||||
leases, err = client.CoordinationV1().Leases(metav1.NamespaceSystem).List(context.TODO(), metav1.ListOptions{
|
leases, err = client.CoordinationV1().Leases(metav1.NamespaceSystem).List(context.TODO(), metav1.ListOptions{
|
||||||
LabelSelector: "k8s.io/component=kube-apiserver",
|
LabelSelector: "apiserver.kubernetes.io/identity=kube-apiserver",
|
||||||
})
|
})
|
||||||
framework.ExpectNoError(err)
|
framework.ExpectNoError(err)
|
||||||
framework.ExpectEqual(len(leases.Items), len(controlPlaneNodes), "unexpected number of leases")
|
framework.ExpectEqual(len(leases.Items), len(controlPlaneNodes), "unexpected number of leases")
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user