github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #87515 from Sh4d1/proxy_agg

Browse Source 
Use network proxy for aggregator api
This commit is contained in:
Kubernetes Prow Robot 2020-02-03 01:53:21 -08:00 committed by GitHub
commit 4c3aa3f26b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
staging/src/k8s.io/kube-aggregator/pkg/apiserver/BUILD
View File

@ -62,6 +62,7 @@ go_library(
"//staging/src/k8s.io/apiserver/pkg/endpoints/request:go_default_library", "//staging/src/k8s.io/apiserver/pkg/endpoints/request:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/features:go_default_library", "//staging/src/k8s.io/apiserver/pkg/features:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/server:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/server/egressselector:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/server/storage:go_default_library", "//staging/src/k8s.io/apiserver/pkg/server/storage:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/feature:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/util/proxy:go_default_library", "//staging/src/k8s.io/apiserver/pkg/util/proxy:go_default_library",

8
staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go
View File

@ -25,6 +25,7 @@ import (
"k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/sets"
genericapiserver "k8s.io/apiserver/pkg/server" genericapiserver "k8s.io/apiserver/pkg/server"
"k8s.io/apiserver/pkg/server/egressselector"
serverstorage "k8s.io/apiserver/pkg/server/storage" serverstorage "k8s.io/apiserver/pkg/server/storage"
"k8s.io/client-go/pkg/version" "k8s.io/client-go/pkg/version"
openapicommon "k8s.io/kube-openapi/pkg/common" openapicommon "k8s.io/kube-openapi/pkg/common"
@ -133,6 +134,10 @@ type APIAggregator struct {
// openAPIAggregationController downloads and merges OpenAPI specs. // openAPIAggregationController downloads and merges OpenAPI specs.
openAPIAggregationController *openapicontroller.AggregationController openAPIAggregationController *openapicontroller.AggregationController
// egressSelector selects the proper egress dialer to communicate with the custom apiserver
// overwrites proxyTransport dialer if not nil
egressSelector *egressselector.EgressSelector
} }
// Complete fills in any fields not set that are required to have valid data. It's mutating the receiver. // Complete fills in any fields not set that are required to have valid data. It's mutating the receiver.
@ -184,6 +189,7 @@ func (c completedConfig) NewWithDelegate(delegationTarget genericapiserver.Deleg
APIRegistrationInformers: informerFactory, APIRegistrationInformers: informerFactory,
serviceResolver: c.ExtraConfig.ServiceResolver, serviceResolver: c.ExtraConfig.ServiceResolver,
openAPIConfig: openAPIConfig, openAPIConfig: openAPIConfig,
egressSelector: c.GenericConfig.EgressSelector,
} }
apiGroupInfo := apiservicerest.NewRESTStorage(c.GenericConfig.MergedResourceConfig, c.GenericConfig.RESTOptionsGetter) apiGroupInfo := apiservicerest.NewRESTStorage(c.GenericConfig.MergedResourceConfig, c.GenericConfig.RESTOptionsGetter)
@ -217,6 +223,7 @@ func (c completedConfig) NewWithDelegate(delegationTarget genericapiserver.Deleg
c.ExtraConfig.ProxyClientCert, c.ExtraConfig.ProxyClientCert,
c.ExtraConfig.ProxyClientKey, c.ExtraConfig.ProxyClientKey,
s.serviceResolver, s.serviceResolver,
c.GenericConfig.EgressSelector,
) )
if err != nil { if err != nil {
return nil, err return nil, err
@ -301,6 +308,7 @@ func (s *APIAggregator) AddAPIService(apiService *v1.APIService) error {
proxyClientKey: s.proxyClientKey, proxyClientKey: s.proxyClientKey,
proxyTransport: s.proxyTransport, proxyTransport: s.proxyTransport,
serviceResolver: s.serviceResolver, serviceResolver: s.serviceResolver,
egressSelector: s.egressSelector,
} }
proxyHandler.updateAPIService(apiService) proxyHandler.updateAPIService(apiService)
if s.openAPIAggregationController != nil { if s.openAPIAggregationController != nil {

16
staging/src/k8s.io/kube-aggregator/pkg/apiserver/handler_proxy.go
View File

@ -33,6 +33,7 @@ import (
endpointmetrics "k8s.io/apiserver/pkg/endpoints/metrics" endpointmetrics "k8s.io/apiserver/pkg/endpoints/metrics"
genericapirequest "k8s.io/apiserver/pkg/endpoints/request" genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
genericfeatures "k8s.io/apiserver/pkg/features" genericfeatures "k8s.io/apiserver/pkg/features"
"k8s.io/apiserver/pkg/server/egressselector"
utilfeature "k8s.io/apiserver/pkg/util/feature" utilfeature "k8s.io/apiserver/pkg/util/feature"
restclient "k8s.io/client-go/rest" restclient "k8s.io/client-go/rest"
"k8s.io/client-go/transport" "k8s.io/client-go/transport"
@ -63,6 +64,10 @@ type proxyHandler struct {
serviceResolver ServiceResolver serviceResolver ServiceResolver
handlingInfo atomic.Value handlingInfo atomic.Value
// egressSelector selects the proper egress dialer to communicate with the custom apiserver
// overwrites proxyTransport dialer if not nil
egressSelector *egressselector.EgressSelector
} }
type proxyHandlingInfo struct { type proxyHandlingInfo struct {
@ -259,7 +264,16 @@ func (r *proxyHandler) updateAPIService(apiService *apiregistrationv1api.APIServ
servicePort: *apiService.Spec.Service.Port, servicePort: *apiService.Spec.Service.Port,
serviceAvailable: apiregistrationv1apihelper.IsAPIServiceConditionTrue(apiService, apiregistrationv1api.Available), serviceAvailable: apiregistrationv1apihelper.IsAPIServiceConditionTrue(apiService, apiregistrationv1api.Available),
} }
if r.proxyTransport != nil && r.proxyTransport.DialContext != nil { if r.egressSelector != nil {
networkContext := egressselector.Cluster.AsNetworkContext()
var egressDialer utilnet.DialFunc
egressDialer, err := r.egressSelector.Lookup(networkContext)
if err != nil {
klog.Warning(err.Error())
} else {
newInfo.restConfig.Dial = egressDialer
}
} else if r.proxyTransport != nil && r.proxyTransport.DialContext != nil {
newInfo.restConfig.Dial = r.proxyTransport.DialContext newInfo.restConfig.Dial = r.proxyTransport.DialContext
} }
newInfo.proxyRoundTripper, newInfo.transportBuildingError = restclient.TransportFor(newInfo.restConfig) newInfo.proxyRoundTripper, newInfo.transportBuildingError = restclient.TransportFor(newInfo.restConfig)

2
staging/src/k8s.io/kube-aggregator/pkg/controllers/status/BUILD
View File

@ -17,8 +17,10 @@ go_library(
"//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/labels:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/util/net:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/server/egressselector:go_default_library",
"//staging/src/k8s.io/client-go/informers/core/v1:go_default_library", "//staging/src/k8s.io/client-go/informers/core/v1:go_default_library",
"//staging/src/k8s.io/client-go/listers/core/v1:go_default_library", "//staging/src/k8s.io/client-go/listers/core/v1:go_default_library",
"//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library",

15
staging/src/k8s.io/kube-aggregator/pkg/controllers/status/available_controller.go
View File

@ -31,8 +31,10 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/labels"
"k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime"
utilnet "k8s.io/apimachinery/pkg/util/net"
utilruntime "k8s.io/apimachinery/pkg/util/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime"
"k8s.io/apimachinery/pkg/util/wait" "k8s.io/apimachinery/pkg/util/wait"
"k8s.io/apiserver/pkg/server/egressselector"
v1informers "k8s.io/client-go/informers/core/v1" v1informers "k8s.io/client-go/informers/core/v1"
v1listers "k8s.io/client-go/listers/core/v1" v1listers "k8s.io/client-go/listers/core/v1"
"k8s.io/client-go/rest" "k8s.io/client-go/rest"
@ -90,6 +92,7 @@ func NewAvailableConditionController(
proxyClientCert []byte, proxyClientCert []byte,
proxyClientKey []byte, proxyClientKey []byte,
serviceResolver ServiceResolver, serviceResolver ServiceResolver,
egressSelector *egressselector.EgressSelector,
) (*AvailableConditionController, error) { ) (*AvailableConditionController, error) {
c := &AvailableConditionController{ c := &AvailableConditionController{
apiServiceClient: apiServiceClient, apiServiceClient: apiServiceClient,
@ -118,9 +121,19 @@ func NewAvailableConditionController(
KeyData: proxyClientKey, KeyData: proxyClientKey,
}, },
} }
if proxyTransport != nil && proxyTransport.DialContext != nil {
if egressSelector != nil {
networkContext := egressselector.Cluster.AsNetworkContext()
var egressDialer utilnet.DialFunc
egressDialer, err := egressSelector.Lookup(networkContext)
if err != nil {
return nil, err
}
restConfig.Dial = egressDialer
} else if proxyTransport != nil && proxyTransport.DialContext != nil {
restConfig.Dial = proxyTransport.DialContext restConfig.Dial = proxyTransport.DialContext
} }
transport, err := rest.TransportFor(restConfig) transport, err := rest.TransportFor(restConfig)
if err != nil { if err != nil {
return nil, err return nil, err