diff --git a/cmd/kube-apiserver/app/options/options.go b/cmd/kube-apiserver/app/options/options.go index 408aeaa5afd..c42d7a75bc8 100644 --- a/cmd/kube-apiserver/app/options/options.go +++ b/cmd/kube-apiserver/app/options/options.go @@ -70,7 +70,7 @@ func NewServerRunOptions() *ServerRunOptions { s := ServerRunOptions{ GenericServerRunOptions: genericoptions.NewServerRunOptions(), Etcd: genericoptions.NewEtcdOptions(storagebackend.NewDefaultConfig(kubeoptions.DefaultEtcdPathPrefix, api.Scheme, nil)), - SecureServing: genericoptions.NewSecureServingOptions(), + SecureServing: kubeoptions.NewSecureServingOptions(), InsecureServing: genericoptions.NewInsecureServingOptions(), Audit: genericoptions.NewAuditLogOptions(), Features: genericoptions.NewFeatureOptions(), diff --git a/examples/BUILD b/examples/BUILD index 5fdb14be6ca..111667e038f 100644 --- a/examples/BUILD +++ b/examples/BUILD @@ -69,7 +69,6 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//examples/apiserver:all-srcs", "//examples/explorer:all-srcs", "//examples/guestbook-go:all-srcs", "//examples/https-nginx:all-srcs", diff --git a/examples/apiserver/BUILD b/examples/apiserver/BUILD deleted file mode 100644 index dbd8880d3aa..00000000000 --- a/examples/apiserver/BUILD +++ /dev/null @@ -1,48 +0,0 @@ -package(default_visibility = ["//visibility:public"]) - -licenses(["notice"]) - -load( - "@io_bazel_rules_go//go:def.bzl", - "go_library", -) - -go_library( - name = "go_default_library", - srcs = ["apiserver.go"], - tags = ["automanaged"], - deps = [ - "//cmd/libs/go2idl/client-gen/test_apis/testgroup/install:go_default_library", - "//cmd/libs/go2idl/client-gen/test_apis/testgroup/v1:go_default_library", - "//examples/apiserver/rest:go_default_library", - "//pkg/api:go_default_library", - "//pkg/kubeapiserver/options:go_default_library", - "//vendor:github.com/golang/glog", - "//vendor:k8s.io/apimachinery/pkg/runtime/schema", - "//vendor:k8s.io/apimachinery/pkg/util/errors", - "//vendor:k8s.io/apiserver/pkg/authorization/authorizerfactory", - "//vendor:k8s.io/apiserver/pkg/registry/generic", - "//vendor:k8s.io/apiserver/pkg/registry/rest", - "//vendor:k8s.io/apiserver/pkg/server", - "//vendor:k8s.io/apiserver/pkg/server/options", - "//vendor:k8s.io/apiserver/pkg/server/storage", - "//vendor:k8s.io/apiserver/pkg/storage/storagebackend", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [ - ":package-srcs", - "//examples/apiserver/rest:all-srcs", - "//examples/apiserver/server:all-srcs", - ], - tags = ["automanaged"], -) diff --git a/examples/apiserver/README.md b/examples/apiserver/README.md deleted file mode 100644 index b6072d4fc48..00000000000 --- a/examples/apiserver/README.md +++ /dev/null @@ -1,22 +0,0 @@ -# API Server - -This is a work in progress example for an API Server. -We are working on isolating the generic api server code from kubernetes specific -API objects. Some relevant issues: - -* https://github.com/kubernetes/kubernetes/issues/17412 -* https://github.com/kubernetes/kubernetes/issues/2742 -* https://github.com/kubernetes/kubernetes/issues/13541 - -This code here is to examplify what it takes to write your own API server. - -To start this example api server, run: - -``` -$ go run examples/apiserver/server/main.go -``` - - - -[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/examples/apiserver/README.md?pixel)]() - diff --git a/examples/apiserver/apiserver.go b/examples/apiserver/apiserver.go deleted file mode 100644 index 8158594b147..00000000000 --- a/examples/apiserver/apiserver.go +++ /dev/null @@ -1,159 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package apiserver - -import ( - "fmt" - - "github.com/golang/glog" - - "k8s.io/apimachinery/pkg/runtime/schema" - utilerrors "k8s.io/apimachinery/pkg/util/errors" - "k8s.io/apiserver/pkg/authorization/authorizerfactory" - "k8s.io/apiserver/pkg/registry/generic" - "k8s.io/apiserver/pkg/registry/rest" - genericapiserver "k8s.io/apiserver/pkg/server" - genericoptions "k8s.io/apiserver/pkg/server/options" - serverstorage "k8s.io/apiserver/pkg/server/storage" - "k8s.io/apiserver/pkg/storage/storagebackend" - "k8s.io/kubernetes/cmd/libs/go2idl/client-gen/test_apis/testgroup/v1" - testgroupetcd "k8s.io/kubernetes/examples/apiserver/rest" - "k8s.io/kubernetes/pkg/api" - kubeoptions "k8s.io/kubernetes/pkg/kubeapiserver/options" - - // Install the testgroup API - _ "k8s.io/kubernetes/cmd/libs/go2idl/client-gen/test_apis/testgroup/install" -) - -const ( - // Ports on which to run the server. - // Explicitly setting these to a different value than the default values, to prevent this from clashing with a local cluster. - InsecurePort = 8081 - SecurePort = 6444 -) - -type ServerRunOptions struct { - GenericServerRunOptions *genericoptions.ServerRunOptions - Etcd *genericoptions.EtcdOptions - SecureServing *genericoptions.SecureServingOptions - InsecureServing *genericoptions.ServingOptions - Authentication *kubeoptions.BuiltInAuthenticationOptions - CloudProvider *kubeoptions.CloudProviderOptions -} - -func NewServerRunOptions() *ServerRunOptions { - s := ServerRunOptions{ - GenericServerRunOptions: genericoptions.NewServerRunOptions(), - Etcd: genericoptions.NewEtcdOptions(storagebackend.NewDefaultConfig(kubeoptions.DefaultEtcdPathPrefix, api.Scheme, nil)), - SecureServing: genericoptions.NewSecureServingOptions(), - InsecureServing: genericoptions.NewInsecureServingOptions(), - Authentication: kubeoptions.NewBuiltInAuthenticationOptions().WithAll(), - CloudProvider: kubeoptions.NewCloudProviderOptions(), - } - s.InsecureServing.BindPort = InsecurePort - s.SecureServing.ServingOptions.BindPort = SecurePort - s.Etcd.StorageConfig.ServerList = []string{"http://127.0.0.1:2379"} - - return &s -} - -func (serverOptions *ServerRunOptions) Run(stopCh <-chan struct{}) error { - serverOptions.Etcd.StorageConfig.ServerList = []string{"http://127.0.0.1:2379"} - - // set defaults - if err := serverOptions.CloudProvider.DefaultExternalHost(serverOptions.GenericServerRunOptions); err != nil { - return err - } - if err := serverOptions.SecureServing.MaybeDefaultWithSelfSignedCerts(serverOptions.GenericServerRunOptions.AdvertiseAddress.String()); err != nil { - glog.Fatalf("Error creating self-signed certificates: %v", err) - } - - // validate options - if errs := serverOptions.Etcd.Validate(); len(errs) > 0 { - return utilerrors.NewAggregate(errs) - } - if errs := serverOptions.SecureServing.Validate(); len(errs) > 0 { - return utilerrors.NewAggregate(errs) - } - if errs := serverOptions.InsecureServing.Validate("insecure-port"); len(errs) > 0 { - return utilerrors.NewAggregate(errs) - } - - // create config from options - config := genericapiserver.NewConfig(). - WithSerializer(api.Codecs) - - if err := serverOptions.GenericServerRunOptions.ApplyTo(config); err != nil { - return err - } - if err := serverOptions.InsecureServing.ApplyTo(config); err != nil { - return err - } - if err := serverOptions.SecureServing.ApplyTo(config); err != nil { - return fmt.Errorf("failed to configure https: %s", err) - } - if err := serverOptions.Authentication.ApplyTo(config); err != nil { - return fmt.Errorf("failed to configure authentication: %s", err) - } - - config.Authorizer = authorizerfactory.NewAlwaysAllowAuthorizer() - config.SwaggerConfig = genericapiserver.DefaultSwaggerConfig() - - groupVersion := v1.SchemeGroupVersion - groupName := groupVersion.Group - groupMeta, err := api.Registry.Group(groupName) - if err != nil { - return fmt.Errorf("%v", err) - } - storageFactory := serverstorage.NewDefaultStorageFactory(serverOptions.Etcd.StorageConfig, "application/json", api.Codecs, serverstorage.NewDefaultResourceEncodingConfig(api.Registry), serverstorage.NewResourceConfig()) - storageConfig, err := storageFactory.NewConfig(schema.GroupResource{Group: groupName, Resource: "testtype"}) - if err != nil { - return fmt.Errorf("Unable to get storage config: %v", err) - } - if err := serverOptions.Etcd.ApplyWithStorageFactoryTo(storageFactory, config); err != nil { - return fmt.Errorf("failed to configure authentication: %s", err) - } - - s, err := config.Complete().New() - if err != nil { - return fmt.Errorf("Error in bringing up the server: %v", err) - } - - testTypeOpts := generic.RESTOptions{ - StorageConfig: storageConfig, - Decorator: generic.UndecoratedStorage, - ResourcePrefix: "testtypes", - DeleteCollectionWorkers: 1, - } - - restStorageMap := map[string]rest.Storage{ - "testtypes": testgroupetcd.NewREST(testTypeOpts), - } - apiGroupInfo := genericapiserver.APIGroupInfo{ - GroupMeta: *groupMeta, - VersionedResourcesStorageMap: map[string]map[string]rest.Storage{ - groupVersion.Version: restStorageMap, - }, - Scheme: api.Scheme, - NegotiatedSerializer: api.Codecs, - } - if err := s.InstallAPIGroup(&apiGroupInfo); err != nil { - return fmt.Errorf("Error in installing API: %v", err) - } - s.PrepareRun().Run(stopCh) - return nil -} diff --git a/examples/apiserver/rest/BUILD b/examples/apiserver/rest/BUILD deleted file mode 100644 index b1c8969c60d..00000000000 --- a/examples/apiserver/rest/BUILD +++ /dev/null @@ -1,40 +0,0 @@ -package(default_visibility = ["//visibility:public"]) - -licenses(["notice"]) - -load( - "@io_bazel_rules_go//go:def.bzl", - "go_library", -) - -go_library( - name = "go_default_library", - srcs = ["reststorage.go"], - tags = ["automanaged"], - deps = [ - "//cmd/libs/go2idl/client-gen/test_apis/testgroup:go_default_library", - "//pkg/api:go_default_library", - "//vendor:k8s.io/apimachinery/pkg/fields", - "//vendor:k8s.io/apimachinery/pkg/labels", - "//vendor:k8s.io/apimachinery/pkg/runtime", - "//vendor:k8s.io/apimachinery/pkg/util/validation/field", - "//vendor:k8s.io/apiserver/pkg/endpoints/request", - "//vendor:k8s.io/apiserver/pkg/registry/generic", - "//vendor:k8s.io/apiserver/pkg/registry/generic/registry", - "//vendor:k8s.io/apiserver/pkg/storage", - "//vendor:k8s.io/apiserver/pkg/storage/names", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], -) diff --git a/examples/apiserver/rest/reststorage.go b/examples/apiserver/rest/reststorage.go deleted file mode 100644 index a3ee8f22e47..00000000000 --- a/examples/apiserver/rest/reststorage.go +++ /dev/null @@ -1,92 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package rest - -import ( - "fmt" - - "k8s.io/apimachinery/pkg/fields" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/util/validation/field" - genericapirequest "k8s.io/apiserver/pkg/endpoints/request" - "k8s.io/apiserver/pkg/registry/generic" - genericregistry "k8s.io/apiserver/pkg/registry/generic/registry" - "k8s.io/apiserver/pkg/storage" - "k8s.io/apiserver/pkg/storage/names" - "k8s.io/kubernetes/cmd/libs/go2idl/client-gen/test_apis/testgroup" - "k8s.io/kubernetes/pkg/api" -) - -type REST struct { - *genericregistry.Store -} - -// NewREST returns a RESTStorage object that will work with testtype. -func NewREST(optsGetter generic.RESTOptionsGetter) *REST { - store := &genericregistry.Store{ - Copier: api.Scheme, - NewFunc: func() runtime.Object { return &testgroup.TestType{} }, - // NewListFunc returns an object capable of storing results of an etcd list. - NewListFunc: func() runtime.Object { return &testgroup.TestTypeList{} }, - // Retrieve the name field of the resource. - ObjectNameFunc: func(obj runtime.Object) (string, error) { - return obj.(*testgroup.TestType).Name, nil - }, - // Used to match objects based on labels/fields for list. - PredicateFunc: matcher, - // QualifiedResource should always be plural - QualifiedResource: api.Resource("testtypes"), - - CreateStrategy: strategy, - } - options := &generic.StoreOptions{RESTOptions: optsGetter, AttrFunc: getAttrs} - if err := store.CompleteWithOptions(options); err != nil { - panic(err) // TODO: Propagate error up - } - return &REST{store} -} - -type fakeStrategy struct { - runtime.ObjectTyper - names.NameGenerator -} - -func (*fakeStrategy) NamespaceScoped() bool { return false } -func (*fakeStrategy) PrepareForCreate(ctx genericapirequest.Context, obj runtime.Object) {} -func (*fakeStrategy) Validate(ctx genericapirequest.Context, obj runtime.Object) field.ErrorList { - return nil -} -func (*fakeStrategy) Canonicalize(obj runtime.Object) {} - -var strategy = &fakeStrategy{api.Scheme, names.SimpleNameGenerator} - -func getAttrs(obj runtime.Object) (labels.Set, fields.Set, error) { - testType, ok := obj.(*testgroup.TestType) - if !ok { - return nil, nil, fmt.Errorf("not a TestType") - } - return labels.Set(testType.ObjectMeta.Labels), fields.Set{}, nil -} - -func matcher(label labels.Selector, field fields.Selector) storage.SelectionPredicate { - return storage.SelectionPredicate{ - Label: label, - Field: field, - GetAttrs: getAttrs, - } -} diff --git a/examples/apiserver/server/BUILD b/examples/apiserver/server/BUILD deleted file mode 100644 index 858bece7c72..00000000000 --- a/examples/apiserver/server/BUILD +++ /dev/null @@ -1,41 +0,0 @@ -package(default_visibility = ["//visibility:public"]) - -licenses(["notice"]) - -load( - "@io_bazel_rules_go//go:def.bzl", - "go_binary", - "go_library", -) - -go_binary( - name = "server", - library = ":go_default_library", - tags = ["automanaged"], -) - -go_library( - name = "go_default_library", - srcs = ["main.go"], - tags = ["automanaged"], - deps = [ - "//examples/apiserver:go_default_library", - "//vendor:github.com/golang/glog", - "//vendor:github.com/spf13/pflag", - "//vendor:k8s.io/apimachinery/pkg/util/wait", - "//vendor:k8s.io/apiserver/pkg/util/flag", - ], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], -) diff --git a/examples/apiserver/server/main.go b/examples/apiserver/server/main.go deleted file mode 100644 index 1eb65c2ca65..00000000000 --- a/examples/apiserver/server/main.go +++ /dev/null @@ -1,43 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package main - -import ( - "k8s.io/apimachinery/pkg/util/wait" - "k8s.io/apiserver/pkg/util/flag" - "k8s.io/kubernetes/examples/apiserver" - - "github.com/golang/glog" - "github.com/spf13/pflag" -) - -func main() { - serverRunOptions := apiserver.NewServerRunOptions() - - // Parse command line flags. - serverRunOptions.GenericServerRunOptions.AddUniversalFlags(pflag.CommandLine) - serverRunOptions.Etcd.AddFlags(pflag.CommandLine) - serverRunOptions.SecureServing.AddFlags(pflag.CommandLine) - serverRunOptions.SecureServing.AddDeprecatedFlags(pflag.CommandLine) - serverRunOptions.InsecureServing.AddFlags(pflag.CommandLine) - serverRunOptions.InsecureServing.AddDeprecatedFlags(pflag.CommandLine) - flag.InitFlags() - - if err := serverRunOptions.Run(wait.NeverStop); err != nil { - glog.Fatalf("Error in bringing up the server: %v", err) - } -} diff --git a/federation/cmd/federation-apiserver/app/options/options.go b/federation/cmd/federation-apiserver/app/options/options.go index 4762d26766b..3db6b050318 100644 --- a/federation/cmd/federation-apiserver/app/options/options.go +++ b/federation/cmd/federation-apiserver/app/options/options.go @@ -53,7 +53,7 @@ func NewServerRunOptions() *ServerRunOptions { s := ServerRunOptions{ GenericServerRunOptions: genericoptions.NewServerRunOptions(), Etcd: genericoptions.NewEtcdOptions(storagebackend.NewDefaultConfig(kubeoptions.DefaultEtcdPathPrefix, api.Scheme, nil)), - SecureServing: genericoptions.NewSecureServingOptions(), + SecureServing: kubeoptions.NewSecureServingOptions(), InsecureServing: genericoptions.NewInsecureServingOptions(), Audit: genericoptions.NewAuditLogOptions(), Features: genericoptions.NewFeatureOptions(), diff --git a/hack/.linted_packages b/hack/.linted_packages index 3b77be367c2..779d8153493 100644 --- a/hack/.linted_packages +++ b/hack/.linted_packages @@ -38,7 +38,6 @@ cmd/libs/go2idl/openapi-gen cmd/libs/go2idl/set-gen cmd/linkcheck examples -examples/apiserver/server examples/explorer examples/https-nginx examples/sharing-clusters @@ -385,7 +384,6 @@ test/images/resource-consumer/consume-cpu test/images/serve_hostname test/integration/examples test/integration/federation -test/integration/kubeaggregator test/integration/metrics test/integration/objectmeta test/integration/openshift diff --git a/pkg/kubeapiserver/options/BUILD b/pkg/kubeapiserver/options/BUILD index 488b423880b..71ba4caa865 100644 --- a/pkg/kubeapiserver/options/BUILD +++ b/pkg/kubeapiserver/options/BUILD @@ -15,6 +15,7 @@ go_library( "authentication.go", "authorization.go", "cloudprovider.go", + "serving.go", "storage_versions.go", ], tags = ["automanaged"], diff --git a/pkg/kubeapiserver/options/serving.go b/pkg/kubeapiserver/options/serving.go new file mode 100644 index 00000000000..a7007d37d04 --- /dev/null +++ b/pkg/kubeapiserver/options/serving.go @@ -0,0 +1,39 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package options contains flags and options for initializing an apiserver +package options + +import ( + "net" + + genericoptions "k8s.io/apiserver/pkg/server/options" +) + +// NewSecureServingOptions gives default values for the kube-apiserver and federation-apiserver which are not the options wanted by +// "normal" API servers running on the platform +func NewSecureServingOptions() *genericoptions.SecureServingOptions { + return &genericoptions.SecureServingOptions{ + ServingOptions: genericoptions.ServingOptions{ + BindAddress: net.ParseIP("0.0.0.0"), + BindPort: 6443, + }, + ServerCert: genericoptions.GeneratableKeyCert{ + PairName: "apiserver", + CertDirectory: "/var/run/kubernetes", + }, + } +} diff --git a/staging/src/k8s.io/apiserver/pkg/server/config.go b/staging/src/k8s.io/apiserver/pkg/server/config.go index 507060c80b7..01fc5adc958 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/config.go +++ b/staging/src/k8s.io/apiserver/pkg/server/config.go @@ -193,7 +193,7 @@ type SecureServingInfo struct { // NewConfig returns a Config struct with the default values func NewConfig() *Config { return &Config{ - ReadWritePort: 6443, + ReadWritePort: 443, RequestContextMapper: apirequest.NewRequestContextMapper(), BuildHandlerChainsFunc: DefaultBuildHandlerChain, LegacyAPIGroupPrefixes: sets.NewString(DefaultLegacyAPIPrefix), diff --git a/staging/src/k8s.io/apiserver/pkg/server/genericapiserver_test.go b/staging/src/k8s.io/apiserver/pkg/server/genericapiserver_test.go index 6aea39ae520..d2895b1d5cd 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/genericapiserver_test.go +++ b/staging/src/k8s.io/apiserver/pkg/server/genericapiserver_test.go @@ -126,7 +126,7 @@ func TestNew(t *testing.T) { assert.Equal(s.RequestContextMapper(), config.RequestContextMapper) // these values get defaulted - assert.Equal(net.JoinHostPort(config.PublicAddress.String(), "6443"), s.ExternalAddress) + assert.Equal(net.JoinHostPort(config.PublicAddress.String(), "443"), s.ExternalAddress) assert.NotNil(s.swaggerConfig) assert.Equal("http://"+s.ExternalAddress, s.swaggerConfig.WebServicesUrl) } diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/authentication.go b/staging/src/k8s.io/apiserver/pkg/server/options/authentication.go index 16378fa145b..fcd7c2bd3c3 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/authentication.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/authentication.go @@ -60,7 +60,7 @@ func (s *RequestHeaderAuthenticationOptions) AddFlags(fs *pflag.FlagSet) { // ToAuthenticationRequestHeaderConfig returns a RequestHeaderConfig config object for these options // if necessary, nil otherwise. func (s *RequestHeaderAuthenticationOptions) ToAuthenticationRequestHeaderConfig() *authenticatorfactory.RequestHeaderConfig { - if len(s.UsernameHeaders) == 0 || (len(s.UsernameHeaders) == 1 && len(s.UsernameHeaders[0]) == 0) { + if len(s.ClientCAFile) == 0 { return nil } diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/serving.go b/staging/src/k8s.io/apiserver/pkg/server/options/serving.go index 58a3da55ba2..074cfbbe929 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/serving.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/serving.go @@ -73,11 +73,11 @@ func NewSecureServingOptions() *SecureServingOptions { return &SecureServingOptions{ ServingOptions: ServingOptions{ BindAddress: net.ParseIP("0.0.0.0"), - BindPort: 6443, + BindPort: 443, }, ServerCert: GeneratableKeyCert{ PairName: "apiserver", - CertDirectory: "/var/run/kubernetes", + CertDirectory: "apiserver.local.config/certificates", }, } } diff --git a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go index 5c172e5f0be..f4c5780e943 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go @@ -44,7 +44,6 @@ func NewWardleServerOptions(out, errOut io.Writer) *WardleServerOptions { StdOut: out, StdErr: errOut, } - o.RecommendedOptions.SecureServing.ServingOptions.BindPort = 443 return o } diff --git a/test/integration/BUILD b/test/integration/BUILD index fadbb1c6541..2ebfb15b7f6 100644 --- a/test/integration/BUILD +++ b/test/integration/BUILD @@ -37,7 +37,6 @@ filegroup( "//test/integration/examples:all-srcs", "//test/integration/federation:all-srcs", "//test/integration/framework:all-srcs", - "//test/integration/kubeaggregator:all-srcs", "//test/integration/metrics:all-srcs", "//test/integration/objectmeta:all-srcs", "//test/integration/openshift:all-srcs", diff --git a/test/integration/kubeaggregator/BUILD b/test/integration/kubeaggregator/BUILD deleted file mode 100644 index 80b9612fed8..00000000000 --- a/test/integration/kubeaggregator/BUILD +++ /dev/null @@ -1,28 +0,0 @@ -package(default_visibility = ["//visibility:public"]) - -licenses(["notice"]) - -load( - "@io_bazel_rules_go//go:def.bzl", - "go_test", -) - -go_test( - name = "go_default_test", - srcs = ["aggregator_test.go"], - tags = ["automanaged"], - deps = ["//examples/apiserver:go_default_library"], -) - -filegroup( - name = "package-srcs", - srcs = glob(["**"]), - tags = ["automanaged"], - visibility = ["//visibility:private"], -) - -filegroup( - name = "all-srcs", - srcs = [":package-srcs"], - tags = ["automanaged"], -) diff --git a/test/integration/kubeaggregator/aggregator_test.go b/test/integration/kubeaggregator/aggregator_test.go deleted file mode 100644 index 37acb77ccb2..00000000000 --- a/test/integration/kubeaggregator/aggregator_test.go +++ /dev/null @@ -1,91 +0,0 @@ -/* -Copyright 2016 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package kubeaggregator - -import ( - "fmt" - "io/ioutil" - "net/http" - "os" - "testing" - "time" - - "k8s.io/kubernetes/examples/apiserver" -) - -func waitForServerUp(serverURL string) error { - for start := time.Now(); time.Since(start) < time.Minute; time.Sleep(5 * time.Second) { - _, err := http.Get(serverURL) - if err == nil { - return nil - } - } - return fmt.Errorf("waiting for server timed out") -} - -func testResponse(t *testing.T, serverURL, path string, expectedStatusCode int) { - response, err := http.Get(serverURL + path) - if err != nil { - t.Errorf("unexpected error in GET %s: %v", path, err) - } - if response.StatusCode != expectedStatusCode { - t.Errorf("unexpected status code for %q: %v, expected: %v", path, response.StatusCode, expectedStatusCode) - } -} - -func runAPIServer(t *testing.T, stopCh <-chan struct{}) string { - serverRunOptions := apiserver.NewServerRunOptions() - // Change the ports, because otherwise it will fail if examples/apiserver/apiserver_test and this are run in parallel. - serverRunOptions.SecureServing.ServingOptions.BindPort = 6443 + 3 - serverRunOptions.InsecureServing.BindPort = 8080 + 3 - - // Avoid default cert-dir of /var/run/kubernetes to allow this to run on darwin - certDir, _ := ioutil.TempDir("", "test-integration-kubeaggregator") - defer os.Remove(certDir) - serverRunOptions.SecureServing.ServerCert.CertDirectory = certDir - - go func() { - if err := serverRunOptions.Run(stopCh); err != nil { - t.Fatalf("Error in bringing up the example apiserver: %v", err) - } - }() - - serverURL := fmt.Sprintf("http://localhost:%d", serverRunOptions.InsecureServing.BindPort) - if err := waitForServerUp(serverURL); err != nil { - t.Fatalf("%v", err) - } - return serverURL -} - -// Runs a discovery summarizer server and tests that all endpoints work as expected. -func TestRunKubeAggregator(t *testing.T) { - // Run the APIServer now to test the good case. - stopCh := make(chan struct{}) - discoveryURL := runAPIServer(t, stopCh) - defer close(stopCh) - - // Test /api path. - // There is no server running at that URL, so we will get a 500. - testResponse(t, discoveryURL, "/api", http.StatusNotFound) - - // Test /apis path. - // There is no server running at that URL, so we will get a 500. - testResponse(t, discoveryURL, "/apis", http.StatusOK) - - // Test a random path, which should give a 404. - testResponse(t, discoveryURL, "/randomPath", http.StatusNotFound) -}