From 7267299c3c4517ebcd0d0440c9491618e6e5bda9 Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Tue, 6 Dec 2016 12:22:49 +0100 Subject: [PATCH 1/6] genericapiserver: move MasterCount and service options into master --- cmd/kube-apiserver/app/options/options.go | 49 ++++++++++++++++--- .../kube-apiserver/app/options/validation.go | 13 +++-- cmd/kube-apiserver/app/server.go | 14 ++++-- examples/apiserver/apiserver.go | 6 +-- hack/update-federation-openapi-spec.sh | 3 +- pkg/genericapiserver/config.go | 3 -- .../options/server_run_options.go | 33 ------------- pkg/master/master.go | 3 +- test/e2e_node/services/apiserver.go | 2 +- test/integration/federation/server_test.go | 3 -- 10 files changed, 63 insertions(+), 66 deletions(-) rename pkg/genericapiserver/validation/universal_validation.go => cmd/kube-apiserver/app/options/validation.go (84%) diff --git a/cmd/kube-apiserver/app/options/options.go b/cmd/kube-apiserver/app/options/options.go index 8a412bb130a..cbfcd221c68 100644 --- a/cmd/kube-apiserver/app/options/options.go +++ b/cmd/kube-apiserver/app/options/options.go @@ -18,6 +18,7 @@ limitations under the License. package options import ( + "net" "time" "k8s.io/kubernetes/pkg/api" @@ -25,10 +26,14 @@ import ( genericoptions "k8s.io/kubernetes/pkg/genericapiserver/options" kubeletclient "k8s.io/kubernetes/pkg/kubelet/client" "k8s.io/kubernetes/pkg/master/ports" + utilnet "k8s.io/kubernetes/pkg/util/net" "github.com/spf13/pflag" ) +// DefaultServiceNodePortRange is the default port range for NodePort services. +var DefaultServiceNodePortRange = utilnet.PortRange{Base: 30000, Size: 2768} + // ServerRunOptions runs a kubernetes api server. type ServerRunOptions struct { GenericServerRunOptions *genericoptions.ServerRunOptions @@ -38,12 +43,16 @@ type ServerRunOptions struct { Authentication *genericoptions.BuiltInAuthenticationOptions Authorization *genericoptions.BuiltInAuthorizationOptions - AllowPrivileged bool - EventTTL time.Duration - KubeletConfig kubeletclient.KubeletClientConfig - MaxConnectionBytesPerSec int64 - SSHKeyfile string - SSHUser string + AllowPrivileged bool + EventTTL time.Duration + KubeletConfig kubeletclient.KubeletClientConfig + KubernetesServiceNodePort int + MasterCount int + MaxConnectionBytesPerSec int64 + ServiceClusterIPRange net.IPNet // TODO: make this a list + ServiceNodePortRange utilnet.PortRange + SSHKeyfile string + SSHUser string } // NewServerRunOptions creates a new ServerRunOptions object with default parameters @@ -56,7 +65,8 @@ func NewServerRunOptions() *ServerRunOptions { Authentication: genericoptions.NewBuiltInAuthenticationOptions().WithAll(), Authorization: genericoptions.NewBuiltInAuthorizationOptions(), - EventTTL: 1 * time.Hour, + EventTTL: 1 * time.Hour, + MasterCount: 1, KubeletConfig: kubeletclient.KubeletClientConfig{ Port: ports.KubeletPort, PreferredAddressTypes: []string{ @@ -68,6 +78,7 @@ func NewServerRunOptions() *ServerRunOptions { EnableHttps: true, HTTPTimeout: time.Duration(5) * time.Second, }, + ServiceNodePortRange: DefaultServiceNodePortRange, } return &s } @@ -104,6 +115,30 @@ func (s *ServerRunOptions) AddFlags(fs *pflag.FlagSet) { "If non-zero, throttle each user connection to this number of bytes/sec. "+ "Currently only applies to long-running requests.") + fs.IntVar(&s.MasterCount, "apiserver-count", s.MasterCount, + "The number of apiservers running in the cluster.") + + // See #14282 for details on how to test/try this option out. + // TODO: remove this comment once this option is tested in CI. + fs.IntVar(&s.KubernetesServiceNodePort, "kubernetes-service-node-port", s.KubernetesServiceNodePort, ""+ + "If non-zero, the Kubernetes master service (which apiserver creates/maintains) will be "+ + "of type NodePort, using this as the value of the port. If zero, the Kubernetes master "+ + "service will be of type ClusterIP.") + + fs.IPNetVar(&s.ServiceClusterIPRange, "service-cluster-ip-range", s.ServiceClusterIPRange, ""+ + "A CIDR notation IP range from which to assign service cluster IPs. This must not "+ + "overlap with any IP ranges assigned to nodes for pods.") + + fs.IPNetVar(&s.ServiceClusterIPRange, "portal-net", s.ServiceClusterIPRange, + "DEPRECATED: see --service-cluster-ip-range instead.") + fs.MarkDeprecated("portal-net", "see --service-cluster-ip-range instead") + + fs.Var(&s.ServiceNodePortRange, "service-node-port-range", ""+ + "A port range to reserve for services with NodePort visibility. "+ + "Example: '30000-32767'. Inclusive at both ends of the range.") + fs.Var(&s.ServiceNodePortRange, "service-node-ports", "DEPRECATED: see --service-node-port-range instead") + fs.MarkDeprecated("service-node-ports", "see --service-node-port-range instead") + // Kubelet related flags: fs.BoolVar(&s.KubeletConfig.EnableHttps, "kubelet-https", s.KubeletConfig.EnableHttps, "Use https for kubelet connections.") diff --git a/pkg/genericapiserver/validation/universal_validation.go b/cmd/kube-apiserver/app/options/validation.go similarity index 84% rename from pkg/genericapiserver/validation/universal_validation.go rename to cmd/kube-apiserver/app/options/validation.go index 72e683acfc3..de273a1f442 100644 --- a/pkg/genericapiserver/validation/universal_validation.go +++ b/cmd/kube-apiserver/app/options/validation.go @@ -14,18 +14,16 @@ See the License for the specific language governing permissions and limitations under the License. */ -package validation +package options import ( "fmt" - "github.com/golang/glog" - "k8s.io/kubernetes/pkg/genericapiserver/options" utilerrors "k8s.io/kubernetes/pkg/util/errors" ) // TODO: Longer term we should read this from some config store, rather than a flag. -func verifyClusterIPFlags(options *options.ServerRunOptions) []error { +func verifyClusterIPFlags(options *ServerRunOptions) []error { errors := []error{} if options.ServiceClusterIPRange.IP == nil { errors = append(errors, fmt.Errorf("No --service-cluster-ip-range specified")) @@ -37,7 +35,7 @@ func verifyClusterIPFlags(options *options.ServerRunOptions) []error { return errors } -func verifyServiceNodePort(options *options.ServerRunOptions) []error { +func verifyServiceNodePort(options *ServerRunOptions) []error { errors := []error{} if options.KubernetesServiceNodePort < 0 || options.KubernetesServiceNodePort > 65535 { errors = append(errors, fmt.Errorf("--kubernetes-service-node-port %v must be between 0 and 65535, inclusive. If 0, the Kubernetes master service will be of type ClusterIP.", options.KubernetesServiceNodePort)) @@ -49,7 +47,7 @@ func verifyServiceNodePort(options *options.ServerRunOptions) []error { return errors } -func ValidateRunOptions(options *options.ServerRunOptions) { +func ValidateRunOptions(options *ServerRunOptions) error { errors := []error{} if errs := verifyClusterIPFlags(options); len(errs) > 0 { errors = append(errors, errs...) @@ -58,6 +56,7 @@ func ValidateRunOptions(options *options.ServerRunOptions) { errors = append(errors, errs...) } if err := utilerrors.NewAggregate(errors); err != nil { - glog.Fatalf("Validate server run options failed: %v", err) + return fmt.Errorf("validate server run options failed: %v", err) } + return nil } diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go index 7e22f3dfc08..8c9d7b1c573 100644 --- a/cmd/kube-apiserver/app/server.go +++ b/cmd/kube-apiserver/app/server.go @@ -88,7 +88,7 @@ func Run(s *options.ServerRunOptions) error { return err } - serviceIPRange, apiServerServiceIP, err := master.DefaultServiceIPRange(s.GenericServerRunOptions.ServiceClusterIPRange) + serviceIPRange, apiServerServiceIP, err := master.DefaultServiceIPRange(s.ServiceClusterIPRange) if err != nil { return fmt.Errorf("error determining service IP ranges: %v", err) } @@ -97,8 +97,14 @@ func Run(s *options.ServerRunOptions) error { return fmt.Errorf("error creating self-signed certificates: %v", err) } + // TODO(sttts): change signature of DefaultAndValidateRunOptions to aggregate errors genericapiserver.DefaultAndValidateRunOptions(s.GenericServerRunOptions) + // TODO(sttts): move all defaulting and validation above into cmd/kube-apiserver/app/options.DefaultAndValidateRunOptions() + if err != options.ValidateRunOptions(s) { + return err + } + genericConfig := genericapiserver.NewConfig(). // create the new config ApplyOptions(s.GenericServerRunOptions). // apply the options selected ApplyInsecureServingOptions(s.InsecureServing) @@ -313,10 +319,10 @@ func Run(s *options.ServerRunOptions) error { APIServerServiceIP: apiServerServiceIP, APIServerServicePort: 443, - ServiceNodePortRange: s.GenericServerRunOptions.ServiceNodePortRange, - KubernetesServiceNodePort: s.GenericServerRunOptions.KubernetesServiceNodePort, + ServiceNodePortRange: s.ServiceNodePortRange, + KubernetesServiceNodePort: s.KubernetesServiceNodePort, - MasterCount: s.GenericServerRunOptions.MasterCount, + MasterCount: s.MasterCount, } if s.GenericServerRunOptions.EnableWatchCache { diff --git a/examples/apiserver/apiserver.go b/examples/apiserver/apiserver.go index e5f95b58673..873a149998c 100644 --- a/examples/apiserver/apiserver.go +++ b/examples/apiserver/apiserver.go @@ -80,12 +80,10 @@ func NewServerRunOptions() *ServerRunOptions { } func (serverOptions *ServerRunOptions) Run(stopCh <-chan struct{}) error { - // Set ServiceClusterIPRange - _, serviceClusterIPRange, _ := net.ParseCIDR("10.0.0.0/24") - serverOptions.GenericServerRunOptions.ServiceClusterIPRange = *serviceClusterIPRange serverOptions.Etcd.StorageConfig.ServerList = []string{"http://127.0.0.1:2379"} - genericvalidation.ValidateRunOptions(serverOptions.GenericServerRunOptions) + // TODO(sttts): unify signature of DefaultAndValidateRunOptions with the others + genericapiserver.DefaultAndValidateRunOptions(serverOptions.GenericServerRunOptions) if errs := serverOptions.Etcd.Validate(); len(errs) > 0 { return utilerrors.NewAggregate(errs) } diff --git a/hack/update-federation-openapi-spec.sh b/hack/update-federation-openapi-spec.sh index 2faf3571971..68a4a534a17 100755 --- a/hack/update-federation-openapi-spec.sh +++ b/hack/update-federation-openapi-spec.sh @@ -61,8 +61,7 @@ kube::log::status "Starting federation-apiserver" --etcd-servers="http://${ETCD_HOST}:${ETCD_PORT}" \ --advertise-address="10.10.10.10" \ --cert-dir="${TMP_DIR}/certs" \ - --token-auth-file=$TMP_DIR/tokenauth.csv \ - --service-cluster-ip-range="10.0.0.0/24" >/tmp/openapi-federation-api-server.log 2>&1 & + --token-auth-file=$TMP_DIR/tokenauth.csv >/tmp/openapi-federation-api-server.log 2>&1 & APISERVER_PID=$! kube::util::wait_for_url "${API_HOST}:${API_PORT}/" "apiserver: " diff --git a/pkg/genericapiserver/config.go b/pkg/genericapiserver/config.go index f0c2c6b6319..bf8333773e6 100644 --- a/pkg/genericapiserver/config.go +++ b/pkg/genericapiserver/config.go @@ -59,7 +59,6 @@ import ( openapicommon "k8s.io/kubernetes/pkg/genericapiserver/openapi/common" "k8s.io/kubernetes/pkg/genericapiserver/options" "k8s.io/kubernetes/pkg/genericapiserver/routes" - genericvalidation "k8s.io/kubernetes/pkg/genericapiserver/validation" "k8s.io/kubernetes/pkg/healthz" "k8s.io/kubernetes/pkg/runtime" certutil "k8s.io/kubernetes/pkg/util/cert" @@ -631,8 +630,6 @@ func (s *GenericAPIServer) installAPI(c *Config) { } func DefaultAndValidateRunOptions(options *options.ServerRunOptions) { - genericvalidation.ValidateRunOptions(options) - glog.Infof("Will report %v as public IP address.", options.AdvertiseAddress) // Set default value for ExternalAddress if not specified. diff --git a/pkg/genericapiserver/options/server_run_options.go b/pkg/genericapiserver/options/server_run_options.go index 042013317ae..64308cc0538 100644 --- a/pkg/genericapiserver/options/server_run_options.go +++ b/pkg/genericapiserver/options/server_run_options.go @@ -26,13 +26,10 @@ import ( "k8s.io/kubernetes/pkg/apimachinery/registered" "k8s.io/kubernetes/pkg/runtime/schema" "k8s.io/kubernetes/pkg/util/config" - utilnet "k8s.io/kubernetes/pkg/util/net" "github.com/spf13/pflag" ) -var DefaultServiceNodePortRange = utilnet.PortRange{Base: 30000, Size: 2768} - // ServerRunOptions contains the options while running a generic api server. type ServerRunOptions struct { AdmissionControl string @@ -54,14 +51,10 @@ type ServerRunOptions struct { EnableSwaggerUI bool EnableWatchCache bool ExternalHost string - KubernetesServiceNodePort int - MasterCount int MaxRequestsInFlight int MaxMutatingRequestsInFlight int MinRequestTimeout int RuntimeConfig config.ConfigurationMap - ServiceClusterIPRange net.IPNet // TODO: make this a list - ServiceNodePortRange utilnet.PortRange StorageVersions string // The default values for StorageVersions. StorageVersions overrides // these; you can change this if you want to change the defaults (e.g., @@ -81,12 +74,10 @@ func NewServerRunOptions() *ServerRunOptions { EnableProfiling: true, EnableContentionProfiling: false, EnableWatchCache: true, - MasterCount: 1, MaxRequestsInFlight: 400, MaxMutatingRequestsInFlight: 200, MinRequestTimeout: 1800, RuntimeConfig: make(config.ConfigurationMap), - ServiceNodePortRange: DefaultServiceNodePortRange, StorageVersions: registered.AllPreferredGroupVersions(), } } @@ -227,22 +218,12 @@ func (s *ServerRunOptions) AddUniversalFlags(fs *pflag.FlagSet) { fs.StringVar(&s.ExternalHost, "external-hostname", s.ExternalHost, "The hostname to use when generating externalized URLs for this master (e.g. Swagger API Docs).") - // See #14282 for details on how to test/try this option out. - // TODO: remove this comment once this option is tested in CI. - fs.IntVar(&s.KubernetesServiceNodePort, "kubernetes-service-node-port", s.KubernetesServiceNodePort, ""+ - "If non-zero, the Kubernetes master service (which apiserver creates/maintains) will be "+ - "of type NodePort, using this as the value of the port. If zero, the Kubernetes master "+ - "service will be of type ClusterIP.") - // TODO: remove post-1.6 fs.String("long-running-request-regexp", "", ""+ "A regular expression matching long running requests which should "+ "be excluded from maximum inflight request handling.") fs.MarkDeprecated("long-running-request-regexp", "regular expression matching of long-running requests is no longer supported") - fs.IntVar(&s.MasterCount, "apiserver-count", s.MasterCount, - "The number of apiservers running in the cluster.") - deprecatedMasterServiceNamespace := api.NamespaceDefault fs.StringVar(&deprecatedMasterServiceNamespace, "master-service-namespace", deprecatedMasterServiceNamespace, ""+ "DEPRECATED: the namespace from which the kubernetes master services should be injected into pods.") @@ -267,20 +248,6 @@ func (s *ServerRunOptions) AddUniversalFlags(fs *pflag.FlagSet) { "apis// can be used to turn on/off specific resources. api/all and "+ "api/legacy are special keys to control all and legacy api versions respectively.") - fs.IPNetVar(&s.ServiceClusterIPRange, "service-cluster-ip-range", s.ServiceClusterIPRange, ""+ - "A CIDR notation IP range from which to assign service cluster IPs. This must not "+ - "overlap with any IP ranges assigned to nodes for pods.") - - fs.IPNetVar(&s.ServiceClusterIPRange, "portal-net", s.ServiceClusterIPRange, - "DEPRECATED: see --service-cluster-ip-range instead.") - fs.MarkDeprecated("portal-net", "see --service-cluster-ip-range instead") - - fs.Var(&s.ServiceNodePortRange, "service-node-port-range", ""+ - "A port range to reserve for services with NodePort visibility. "+ - "Example: '30000-32767'. Inclusive at both ends of the range.") - fs.Var(&s.ServiceNodePortRange, "service-node-ports", "DEPRECATED: see --service-node-port-range instead") - fs.MarkDeprecated("service-node-ports", "see --service-node-port-range instead") - deprecatedStorageVersion := "" fs.StringVar(&deprecatedStorageVersion, "storage-version", deprecatedStorageVersion, "DEPRECATED: the version to store the legacy v1 resources with. Defaults to server preferred.") diff --git a/pkg/master/master.go b/pkg/master/master.go index 90dd647abbc..ddcbef1a07a 100644 --- a/pkg/master/master.go +++ b/pkg/master/master.go @@ -24,6 +24,7 @@ import ( "strconv" "time" + "k8s.io/kubernetes/cmd/kube-apiserver/app/options" "k8s.io/kubernetes/pkg/api" apiv1 "k8s.io/kubernetes/pkg/api/v1" appsapi "k8s.io/kubernetes/pkg/apis/apps/v1beta1" @@ -39,7 +40,6 @@ import ( corev1client "k8s.io/kubernetes/pkg/client/clientset_generated/clientset/typed/core/v1" coreclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion" "k8s.io/kubernetes/pkg/genericapiserver" - "k8s.io/kubernetes/pkg/genericapiserver/options" "k8s.io/kubernetes/pkg/healthz" kubeletclient "k8s.io/kubernetes/pkg/kubelet/client" "k8s.io/kubernetes/pkg/master/thirdparty" @@ -116,7 +116,6 @@ type Config struct { // Port names should align with ports defined in ExtraServicePorts ExtraEndpointPorts []api.EndpointPort // If non-zero, the "kubernetes" services uses this port as NodePort. - // TODO(sttts): move into master KubernetesServiceNodePort int // Number of masters running; all masters must be started with the diff --git a/test/e2e_node/services/apiserver.go b/test/e2e_node/services/apiserver.go index 7e7eeee4982..02a0f8acf70 100644 --- a/test/e2e_node/services/apiserver.go +++ b/test/e2e_node/services/apiserver.go @@ -46,7 +46,7 @@ func (a *APIServer) Start() error { if err != nil { return err } - config.GenericServerRunOptions.ServiceClusterIPRange = *ipnet + config.ServiceClusterIPRange = *ipnet config.AllowPrivileged = true errCh := make(chan error) go func() { diff --git a/test/integration/federation/server_test.go b/test/integration/federation/server_test.go index 5110aa0c94a..1c494a6092e 100644 --- a/test/integration/federation/server_test.go +++ b/test/integration/federation/server_test.go @@ -20,7 +20,6 @@ import ( "encoding/json" "fmt" "io/ioutil" - "net" "net/http" "testing" "time" @@ -48,8 +47,6 @@ func TestRun(t *testing.T) { s := options.NewServerRunOptions() s.SecureServing.ServingOptions.BindPort = securePort s.InsecureServing.BindPort = insecurePort - _, ipNet, _ := net.ParseCIDR("10.10.10.0/24") - s.GenericServerRunOptions.ServiceClusterIPRange = *ipNet s.Etcd.StorageConfig.ServerList = []string{"http://localhost:2379"} go func() { if err := app.Run(s); err != nil { From 5e8ca29a76eb19517044fa54fe8ede28a199e488 Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Wed, 14 Dec 2016 10:37:20 +0100 Subject: [PATCH 2/6] Clean up apiserver and federation defaulting and validation --- cmd/kube-apiserver/app/options/validation.go | 36 +++++++++------- cmd/kube-apiserver/app/server.go | 29 ++++++------- examples/apiserver/apiserver.go | 17 +++++--- .../app/options/validation.go | 32 ++++++++++++++ .../cmd/federation-apiserver/app/server.go | 17 +++++--- pkg/genericapiserver/config.go | 41 ------------------ .../options/server_run_options.go | 43 ++++++++++++++++++- pkg/genericapiserver/validation/BUILD | 19 -------- 8 files changed, 128 insertions(+), 106 deletions(-) create mode 100644 federation/cmd/federation-apiserver/app/options/validation.go delete mode 100644 pkg/genericapiserver/validation/BUILD diff --git a/cmd/kube-apiserver/app/options/validation.go b/cmd/kube-apiserver/app/options/validation.go index de273a1f442..df4c124ffdb 100644 --- a/cmd/kube-apiserver/app/options/validation.go +++ b/cmd/kube-apiserver/app/options/validation.go @@ -1,5 +1,5 @@ /* -Copyright 2014 The Kubernetes Authors. +Copyright 2016 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -18,45 +18,49 @@ package options import ( "fmt" - - utilerrors "k8s.io/kubernetes/pkg/util/errors" ) // TODO: Longer term we should read this from some config store, rather than a flag. -func verifyClusterIPFlags(options *ServerRunOptions) []error { +func validateClusterIPFlags(options *ServerRunOptions) []error { errors := []error{} if options.ServiceClusterIPRange.IP == nil { - errors = append(errors, fmt.Errorf("No --service-cluster-ip-range specified")) + errors = append(errors, fmt.Errorf("no --service-cluster-ip-range specified")) } var ones, bits = options.ServiceClusterIPRange.Mask.Size() if bits-ones > 20 { - errors = append(errors, fmt.Errorf("Specified --service-cluster-ip-range is too large")) + errors = append(errors, fmt.Errorf("specified --service-cluster-ip-range is too large")) } return errors } -func verifyServiceNodePort(options *ServerRunOptions) []error { +func validateServiceNodePort(options *ServerRunOptions) []error { errors := []error{} if options.KubernetesServiceNodePort < 0 || options.KubernetesServiceNodePort > 65535 { - errors = append(errors, fmt.Errorf("--kubernetes-service-node-port %v must be between 0 and 65535, inclusive. If 0, the Kubernetes master service will be of type ClusterIP.", options.KubernetesServiceNodePort)) + errors = append(errors, fmt.Errorf("--kubernetes-service-node-port %v must be between 0 and 65535, inclusive. If 0, the Kubernetes master service will be of type ClusterIP", options.KubernetesServiceNodePort)) } if options.KubernetesServiceNodePort > 0 && !options.ServiceNodePortRange.Contains(options.KubernetesServiceNodePort) { - errors = append(errors, fmt.Errorf("Kubernetes service port range %v doesn't contain %v", options.ServiceNodePortRange, (options.KubernetesServiceNodePort))) + errors = append(errors, fmt.Errorf("kubernetes service port range %v doesn't contain %v", options.ServiceNodePortRange, (options.KubernetesServiceNodePort))) } return errors } -func ValidateRunOptions(options *ServerRunOptions) error { - errors := []error{} - if errs := verifyClusterIPFlags(options); len(errs) > 0 { +func (options *ServerRunOptions) Validate() []error { + var errors []error + if errs := options.Etcd.Validate(); len(errs) > 0 { errors = append(errors, errs...) } - if errs := verifyServiceNodePort(options); len(errs) > 0 { + if errs := validateClusterIPFlags(options); len(errs) > 0 { errors = append(errors, errs...) } - if err := utilerrors.NewAggregate(errors); err != nil { - return fmt.Errorf("validate server run options failed: %v", err) + if errs := validateServiceNodePort(options); len(errs) > 0 { + errors = append(errors, errs...) } - return nil + if errs := options.SecureServing.Validate(); len(errs) > 0 { + errors = append(errors, errs...) + } + if errs := options.InsecureServing.Validate("insecure-port"); len(errs) > 0 { + errors = append(errors, errs...) + } + return errors } diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go index 8c9d7b1c573..dc3115718ce 100644 --- a/cmd/kube-apiserver/app/server.go +++ b/cmd/kube-apiserver/app/server.go @@ -81,33 +81,30 @@ cluster's shared state through which all other components interact.`, // Run runs the specified APIServer. This should never exit. func Run(s *options.ServerRunOptions) error { - if errs := s.Etcd.Validate(); len(errs) > 0 { - return utilerrors.NewAggregate(errs) - } - if err := s.GenericServerRunOptions.DefaultExternalAddress(s.SecureServing, s.InsecureServing); err != nil { + // set defaults + if err := s.GenericServerRunOptions.DefaultAdvertiseAddress(s.SecureServing, s.InsecureServing); err != nil { return err } - serviceIPRange, apiServerServiceIP, err := master.DefaultServiceIPRange(s.ServiceClusterIPRange) if err != nil { return fmt.Errorf("error determining service IP ranges: %v", err) } - if err := s.SecureServing.MaybeDefaultWithSelfSignedCerts(s.GenericServerRunOptions.AdvertiseAddress.String(), apiServerServiceIP); err != nil { return fmt.Errorf("error creating self-signed certificates: %v", err) } - - // TODO(sttts): change signature of DefaultAndValidateRunOptions to aggregate errors - genericapiserver.DefaultAndValidateRunOptions(s.GenericServerRunOptions) - - // TODO(sttts): move all defaulting and validation above into cmd/kube-apiserver/app/options.DefaultAndValidateRunOptions() - if err != options.ValidateRunOptions(s) { - return err + if err := s.GenericServerRunOptions.DefaultExternalHost(); err != nil { + return fmt.Errorf("error setting the external host value: %v", err) } - genericConfig := genericapiserver.NewConfig(). // create the new config - ApplyOptions(s.GenericServerRunOptions). // apply the options selected - ApplyInsecureServingOptions(s.InsecureServing) + // validate options + if errs := s.Validate(); len(errs) != 0 { + return utilerrors.NewAggregate(errs) + } + + // create config from options + genericConfig := genericapiserver.NewConfig(). + ApplyOptions(s.GenericServerRunOptions). + ApplyInsecureServingOptions(s.InsecureServing) if _, err := genericConfig.ApplySecureServingOptions(s.SecureServing); err != nil { return fmt.Errorf("failed to configure https: %s", err) diff --git a/examples/apiserver/apiserver.go b/examples/apiserver/apiserver.go index 873a149998c..61abfca47e7 100644 --- a/examples/apiserver/apiserver.go +++ b/examples/apiserver/apiserver.go @@ -18,7 +18,6 @@ package apiserver import ( "fmt" - "net" "k8s.io/kubernetes/cmd/libs/go2idl/client-gen/test_apis/testgroup/v1" testgroupetcd "k8s.io/kubernetes/examples/apiserver/rest" @@ -28,7 +27,6 @@ import ( "k8s.io/kubernetes/pkg/genericapiserver" "k8s.io/kubernetes/pkg/genericapiserver/authorizer" genericoptions "k8s.io/kubernetes/pkg/genericapiserver/options" - genericvalidation "k8s.io/kubernetes/pkg/genericapiserver/validation" "k8s.io/kubernetes/pkg/registry/generic" "k8s.io/kubernetes/pkg/runtime/schema" "k8s.io/kubernetes/pkg/storage/storagebackend" @@ -82,8 +80,15 @@ func NewServerRunOptions() *ServerRunOptions { func (serverOptions *ServerRunOptions) Run(stopCh <-chan struct{}) error { serverOptions.Etcd.StorageConfig.ServerList = []string{"http://127.0.0.1:2379"} - // TODO(sttts): unify signature of DefaultAndValidateRunOptions with the others - genericapiserver.DefaultAndValidateRunOptions(serverOptions.GenericServerRunOptions) + // set defaults + if err := serverOptions.GenericServerRunOptions.DefaultExternalHost(); err != nil { + return err + } + if err := serverOptions.SecureServing.MaybeDefaultWithSelfSignedCerts(serverOptions.GenericServerRunOptions.AdvertiseAddress.String()); err != nil { + glog.Fatalf("Error creating self-signed certificates: %v", err) + } + + // validate options if errs := serverOptions.Etcd.Validate(); len(errs) > 0 { return utilerrors.NewAggregate(errs) } @@ -93,10 +98,8 @@ func (serverOptions *ServerRunOptions) Run(stopCh <-chan struct{}) error { if errs := serverOptions.InsecureServing.Validate("insecure-port"); len(errs) > 0 { return utilerrors.NewAggregate(errs) } - if err := serverOptions.SecureServing.MaybeDefaultWithSelfSignedCerts(serverOptions.GenericServerRunOptions.AdvertiseAddress.String()); err != nil { - glog.Fatalf("Error creating self-signed certificates: %v", err) - } + // create config from options config := genericapiserver.NewConfig(). ApplyOptions(serverOptions.GenericServerRunOptions). ApplyInsecureServingOptions(serverOptions.InsecureServing) diff --git a/federation/cmd/federation-apiserver/app/options/validation.go b/federation/cmd/federation-apiserver/app/options/validation.go new file mode 100644 index 00000000000..a2044377e61 --- /dev/null +++ b/federation/cmd/federation-apiserver/app/options/validation.go @@ -0,0 +1,32 @@ +/* +Copyright 2016 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package options + +func (options *ServerRunOptions) Validate() []error { + var errors []error + if errs := options.Etcd.Validate(); len(errs) > 0 { + errors = append(errors, errs...) + } + if errs := options.SecureServing.Validate(); len(errs) > 0 { + errors = append(errors, errs...) + } + if errs := options.InsecureServing.Validate("insecure-port"); len(errs) > 0 { + errors = append(errors, errs...) + } + // TODO: add more checks + return errors +} diff --git a/federation/cmd/federation-apiserver/app/server.go b/federation/cmd/federation-apiserver/app/server.go index 213a7f21dc3..955ddfff7ae 100644 --- a/federation/cmd/federation-apiserver/app/server.go +++ b/federation/cmd/federation-apiserver/app/server.go @@ -68,18 +68,23 @@ cluster's shared state through which all other components interact.`, // Run runs the specified APIServer. This should never exit. func Run(s *options.ServerRunOptions) error { - if errs := s.Etcd.Validate(); len(errs) > 0 { - utilerrors.NewAggregate(errs) - } - if err := s.GenericServerRunOptions.DefaultExternalAddress(s.SecureServing, s.InsecureServing); err != nil { + // set defaults + if err := s.GenericServerRunOptions.DefaultAdvertiseAddress(s.SecureServing, s.InsecureServing); err != nil { return err } - if err := s.SecureServing.MaybeDefaultWithSelfSignedCerts(s.GenericServerRunOptions.AdvertiseAddress.String()); err != nil { return fmt.Errorf("error creating self-signed certificates: %v", err) } + if err := s.GenericServerRunOptions.DefaultExternalHost(); err != nil { + return fmt.Errorf("error setting the external host value: %v", err) + } - genericapiserver.DefaultAndValidateRunOptions(s.GenericServerRunOptions) + // validate options + if errs := s.Validate(); len(errs) != 0 { + return utilerrors.NewAggregate(errs) + } + + // create config from options genericConfig := genericapiserver.NewConfig(). // create the new config ApplyOptions(s.GenericServerRunOptions). // apply the options selected ApplyInsecureServingOptions(s.InsecureServing) diff --git a/pkg/genericapiserver/config.go b/pkg/genericapiserver/config.go index bf8333773e6..35d0ad5e4ad 100644 --- a/pkg/genericapiserver/config.go +++ b/pkg/genericapiserver/config.go @@ -25,7 +25,6 @@ import ( "io/ioutil" "net" "net/http" - "os" goruntime "runtime" "sort" "strconv" @@ -34,13 +33,11 @@ import ( "github.com/emicklei/go-restful/swagger" "github.com/go-openapi/spec" - "github.com/golang/glog" "github.com/pborman/uuid" "gopkg.in/natefinch/lumberjack.v2" "k8s.io/kubernetes/pkg/admission" "k8s.io/kubernetes/pkg/api" - "k8s.io/kubernetes/pkg/api/v1" metav1 "k8s.io/kubernetes/pkg/apis/meta/v1" apiserverauthenticator "k8s.io/kubernetes/pkg/apiserver/authenticator" apiserverfilters "k8s.io/kubernetes/pkg/apiserver/filters" @@ -52,7 +49,6 @@ import ( authhandlers "k8s.io/kubernetes/pkg/auth/handlers" "k8s.io/kubernetes/pkg/auth/user" "k8s.io/kubernetes/pkg/client/restclient" - "k8s.io/kubernetes/pkg/cloudprovider" apiserverauthorizer "k8s.io/kubernetes/pkg/genericapiserver/authorizer" genericfilters "k8s.io/kubernetes/pkg/genericapiserver/filters" "k8s.io/kubernetes/pkg/genericapiserver/mux" @@ -629,43 +625,6 @@ func (s *GenericAPIServer) installAPI(c *Config) { s.HandlerContainer.Add(s.DynamicApisDiscovery()) } -func DefaultAndValidateRunOptions(options *options.ServerRunOptions) { - glog.Infof("Will report %v as public IP address.", options.AdvertiseAddress) - - // Set default value for ExternalAddress if not specified. - if len(options.ExternalHost) == 0 { - // TODO: extend for other providers - if options.CloudProvider == "gce" || options.CloudProvider == "aws" { - cloud, err := cloudprovider.InitCloudProvider(options.CloudProvider, options.CloudConfigFile) - if err != nil { - glog.Fatalf("Cloud provider could not be initialized: %v", err) - } - instances, supported := cloud.Instances() - if !supported { - glog.Fatalf("%q cloud provider has no instances. this shouldn't happen. exiting.", options.CloudProvider) - } - hostname, err := os.Hostname() - if err != nil { - glog.Fatalf("Failed to get hostname: %v", err) - } - nodeName, err := instances.CurrentNodeName(hostname) - if err != nil { - glog.Fatalf("Failed to get NodeName: %v", err) - } - addrs, err := instances.NodeAddresses(nodeName) - if err != nil { - glog.Warningf("Unable to obtain external host address from cloud provider: %v", err) - } else { - for _, addr := range addrs { - if addr.Type == v1.NodeExternalIP { - options.ExternalHost = addr.Address - } - } - } - } - } -} - func NewRequestInfoResolver(c *Config) *request.RequestInfoFactory { apiPrefixes := sets.NewString(strings.Trim(APIGroupPrefix, "/")) // all possible API prefixes legacyAPIPrefixes := sets.String{} // APIPrefixes that won't have groups (legacy) diff --git a/pkg/genericapiserver/options/server_run_options.go b/pkg/genericapiserver/options/server_run_options.go index 64308cc0538..65d025d0b15 100644 --- a/pkg/genericapiserver/options/server_run_options.go +++ b/pkg/genericapiserver/options/server_run_options.go @@ -19,11 +19,14 @@ package options import ( "fmt" "net" + "os" "strings" "k8s.io/kubernetes/pkg/admission" "k8s.io/kubernetes/pkg/api" + "k8s.io/kubernetes/pkg/api/v1" "k8s.io/kubernetes/pkg/apimachinery/registered" + "k8s.io/kubernetes/pkg/cloudprovider" "k8s.io/kubernetes/pkg/runtime/schema" "k8s.io/kubernetes/pkg/util/config" @@ -82,7 +85,7 @@ func NewServerRunOptions() *ServerRunOptions { } } -func (s *ServerRunOptions) DefaultExternalAddress(secure *SecureServingOptions, insecure *ServingOptions) error { +func (s *ServerRunOptions) DefaultAdvertiseAddress(secure *SecureServingOptions, insecure *ServingOptions) error { if s.AdvertiseAddress == nil || s.AdvertiseAddress.IsUnspecified() { switch { case secure != nil: @@ -106,6 +109,44 @@ func (s *ServerRunOptions) DefaultExternalAddress(secure *SecureServingOptions, return nil } +func (options *ServerRunOptions) DefaultExternalHost() error { + if len(options.ExternalHost) != 0 { + return nil + } + + // TODO: extend for other providers + if options.CloudProvider == "gce" || options.CloudProvider == "aws" { + cloud, err := cloudprovider.InitCloudProvider(options.CloudProvider, options.CloudConfigFile) + if err != nil { + return fmt.Errorf("%q cloud provider could not be initialized: %v", options.CloudProvider, err) + } + instances, supported := cloud.Instances() + if !supported { + return fmt.Errorf("%q cloud provider has no instances", options.CloudProvider) + } + hostname, err := os.Hostname() + if err != nil { + return fmt.Errorf("failed to get hostname: %v", err) + } + nodeName, err := instances.CurrentNodeName(hostname) + if err != nil { + return fmt.Errorf("failed to get NodeName from %q cloud provider: %v", options.CloudProvider, err) + } + addrs, err := instances.NodeAddresses(nodeName) + if err != nil { + return fmt.Errorf("failed to get external host address from %q cloud provider: %v", options.CloudProvider, err) + } else { + for _, addr := range addrs { + if addr.Type == v1.NodeExternalIP { + options.ExternalHost = addr.Address + } + } + } + } + + return nil +} + // StorageGroupsToEncodingVersion returns a map from group name to group version, // computed from s.StorageVersions flag. func (s *ServerRunOptions) StorageGroupsToEncodingVersion() (map[string]schema.GroupVersion, error) { diff --git a/pkg/genericapiserver/validation/BUILD b/pkg/genericapiserver/validation/BUILD deleted file mode 100644 index fd2bc5aab00..00000000000 --- a/pkg/genericapiserver/validation/BUILD +++ /dev/null @@ -1,19 +0,0 @@ -package(default_visibility = ["//visibility:public"]) - -licenses(["notice"]) - -load( - "@io_bazel_rules_go//go:def.bzl", - "go_library", -) - -go_library( - name = "go_default_library", - srcs = ["universal_validation.go"], - tags = ["automanaged"], - deps = [ - "//pkg/genericapiserver/options:go_default_library", - "//pkg/util/errors:go_default_library", - "//vendor:github.com/golang/glog", - ], -) From 3be6b3c0453a28a96ec66c370b94341572c34f12 Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Wed, 14 Dec 2016 10:44:11 +0100 Subject: [PATCH 3/6] pkg/apiserver: remove unused code --- cmd/kube-apiserver/app/server.go | 3 +-- pkg/apiserver/apiserver.go | 11 ----------- pkg/kubelet/client/kubelet_client.go | 3 +-- pkg/util/proxy/dial_test.go | 2 +- 4 files changed, 3 insertions(+), 16 deletions(-) diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go index dc3115718ce..1f0780ed59f 100644 --- a/cmd/kube-apiserver/app/server.go +++ b/cmd/kube-apiserver/app/server.go @@ -41,7 +41,6 @@ import ( "k8s.io/kubernetes/pkg/apis/autoscaling" "k8s.io/kubernetes/pkg/apis/batch" "k8s.io/kubernetes/pkg/apis/extensions" - "k8s.io/kubernetes/pkg/apiserver" "k8s.io/kubernetes/pkg/apiserver/authenticator" "k8s.io/kubernetes/pkg/capabilities" "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset" @@ -126,7 +125,7 @@ func Run(s *options.ServerRunOptions) error { // Setup tunneler if needed var tunneler genericapiserver.Tunneler - var proxyDialerFn apiserver.ProxyDialerFunc + var proxyDialerFn utilnet.DialFunc if len(s.SSHUser) > 0 { // Get ssh key distribution func, if supported var installSSH genericapiserver.InstallSSHKey diff --git a/pkg/apiserver/apiserver.go b/pkg/apiserver/apiserver.go index d4c91d7d377..04be53ac1f9 100644 --- a/pkg/apiserver/apiserver.go +++ b/pkg/apiserver/apiserver.go @@ -22,7 +22,6 @@ import ( "fmt" "io" "io/ioutil" - "net" "net/http" "path" rt "runtime" @@ -106,16 +105,6 @@ type APIGroupVersion struct { ResourceLister APIResourceLister } -type ProxyDialerFunc func(network, addr string) (net.Conn, error) - -// TODO: Pipe these in through the apiserver cmd line -const ( - // Minimum duration before timing out read/write requests - MinTimeoutSecs = 300 - // Maximum duration before timing out read/write requests - MaxTimeoutSecs = 600 -) - // staticLister implements the APIResourceLister interface type staticLister struct { list []metav1.APIResource diff --git a/pkg/kubelet/client/kubelet_client.go b/pkg/kubelet/client/kubelet_client.go index 612dca57e97..a1265caf3b8 100644 --- a/pkg/kubelet/client/kubelet_client.go +++ b/pkg/kubelet/client/kubelet_client.go @@ -17,7 +17,6 @@ limitations under the License. package client import ( - "net" "net/http" "strconv" "time" @@ -50,7 +49,7 @@ type KubeletClientConfig struct { HTTPTimeout time.Duration // Dial is a custom dialer used for the client - Dial func(net, addr string) (net.Conn, error) + Dial utilnet.DialFunc } // ConnectionInfo provides the information needed to connect to a kubelet diff --git a/pkg/util/proxy/dial_test.go b/pkg/util/proxy/dial_test.go index d5103452044..e9aeb9fa9cb 100644 --- a/pkg/util/proxy/dial_test.go +++ b/pkg/util/proxy/dial_test.go @@ -44,7 +44,7 @@ func TestDialURL(t *testing.T) { testcases := map[string]struct { TLSConfig *tls.Config - Dial func(network, addr string) (net.Conn, error) + Dial utilnet.DialFunc ExpectError string }{ "insecure": { From aa81e1d51dd349a85db88588eff7b1a54ba0e55b Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Wed, 14 Dec 2016 11:11:25 +0100 Subject: [PATCH 4/6] pkg/apiserver: move validation.go into pkg/registry --- cmd/kube-apiserver/app/options/validation.go | 3 ++- pkg/registry/core/componentstatus/rest.go | 9 ++++----- pkg/registry/core/componentstatus/rest_test.go | 5 ++--- .../core/componentstatus}/validator.go | 2 +- .../core/componentstatus}/validator_test.go | 18 +----------------- pkg/registry/core/rest/storage_core.go | 7 +++---- 6 files changed, 13 insertions(+), 31 deletions(-) rename pkg/{apiserver => registry/core/componentstatus}/validator.go (98%) rename pkg/{apiserver => registry/core/componentstatus}/validator_test.go (85%) diff --git a/cmd/kube-apiserver/app/options/validation.go b/cmd/kube-apiserver/app/options/validation.go index df4c124ffdb..63d5a46d9dd 100644 --- a/cmd/kube-apiserver/app/options/validation.go +++ b/cmd/kube-apiserver/app/options/validation.go @@ -1,5 +1,5 @@ /* -Copyright 2016 The Kubernetes Authors. +Copyright 2014 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -45,6 +45,7 @@ func validateServiceNodePort(options *ServerRunOptions) []error { return errors } +// Validate checks ServerRunOptions and return a slice of found errors. func (options *ServerRunOptions) Validate() []error { var errors []error if errs := options.Etcd.Validate(); len(errs) > 0 { diff --git a/pkg/registry/core/componentstatus/rest.go b/pkg/registry/core/componentstatus/rest.go index a92d9ae9a41..a40a2a4a2e5 100644 --- a/pkg/registry/core/componentstatus/rest.go +++ b/pkg/registry/core/componentstatus/rest.go @@ -23,19 +23,18 @@ import ( "k8s.io/kubernetes/pkg/api" metav1 "k8s.io/kubernetes/pkg/apis/meta/v1" - "k8s.io/kubernetes/pkg/apiserver" "k8s.io/kubernetes/pkg/probe" httpprober "k8s.io/kubernetes/pkg/probe/http" "k8s.io/kubernetes/pkg/runtime" ) type REST struct { - GetServersToValidate func() map[string]apiserver.Server + GetServersToValidate func() map[string]Server prober httpprober.HTTPProber } // NewStorage returns a new REST. -func NewStorage(serverRetriever func() map[string]apiserver.Server) *REST { +func NewStorage(serverRetriever func() map[string]Server) *REST { return &REST{ GetServersToValidate: serverRetriever, prober: httpprober.New(), @@ -59,7 +58,7 @@ func (rs *REST) List(ctx api.Context, options *api.ListOptions) (runtime.Object, wait.Add(len(servers)) statuses := make(chan api.ComponentStatus, len(servers)) for k, v := range servers { - go func(name string, server apiserver.Server) { + go func(name string, server Server) { defer wait.Done() status := rs.getComponentStatus(name, server) statuses <- *status @@ -96,7 +95,7 @@ func ToConditionStatus(s probe.Result) api.ConditionStatus { } } -func (rs *REST) getComponentStatus(name string, server apiserver.Server) *api.ComponentStatus { +func (rs *REST) getComponentStatus(name string, server Server) *api.ComponentStatus { status, msg, err := server.DoServerCheck(rs.prober) errorMsg := "" if err != nil { diff --git a/pkg/registry/core/componentstatus/rest_test.go b/pkg/registry/core/componentstatus/rest_test.go index 6a31b3777e3..1206db27b02 100644 --- a/pkg/registry/core/componentstatus/rest_test.go +++ b/pkg/registry/core/componentstatus/rest_test.go @@ -28,7 +28,6 @@ import ( "k8s.io/kubernetes/pkg/api" metav1 "k8s.io/kubernetes/pkg/apis/meta/v1" - "k8s.io/kubernetes/pkg/apiserver" "k8s.io/kubernetes/pkg/probe" "k8s.io/kubernetes/pkg/util/diff" ) @@ -51,8 +50,8 @@ type testResponse struct { func NewTestREST(resp testResponse) *REST { return &REST{ - GetServersToValidate: func() map[string]apiserver.Server { - return map[string]apiserver.Server{ + GetServersToValidate: func() map[string]Server { + return map[string]Server{ "test1": {Addr: "testserver1", Port: 8000, Path: "/healthz"}, } }, diff --git a/pkg/apiserver/validator.go b/pkg/registry/core/componentstatus/validator.go similarity index 98% rename from pkg/apiserver/validator.go rename to pkg/registry/core/componentstatus/validator.go index d5f3cdb113e..1b24153af2b 100644 --- a/pkg/apiserver/validator.go +++ b/pkg/registry/core/componentstatus/validator.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package apiserver +package componentstatus import ( "net/http" diff --git a/pkg/apiserver/validator_test.go b/pkg/registry/core/componentstatus/validator_test.go similarity index 85% rename from pkg/apiserver/validator_test.go rename to pkg/registry/core/componentstatus/validator_test.go index 7d7bc13ead4..3c0f69eddea 100644 --- a/pkg/apiserver/validator_test.go +++ b/pkg/registry/core/componentstatus/validator_test.go @@ -14,32 +14,16 @@ See the License for the specific language governing permissions and limitations under the License. */ -package apiserver +package componentstatus import ( "errors" "fmt" "testing" - "net/http" - "net/url" - "time" - "k8s.io/kubernetes/pkg/probe" ) -type fakeHttpProber struct { - result probe.Result - body string - err error -} - -func (f *fakeHttpProber) Probe(*url.URL, http.Header, time.Duration) (probe.Result, string, error) { - return f.result, f.body, f.err -} - -func alwaysError([]byte) error { return errors.New("test error") } - func matchError(data []byte) error { if string(data) != "bar" { return errors.New("match error") diff --git a/pkg/registry/core/rest/storage_core.go b/pkg/registry/core/rest/storage_core.go index f17f68ca66d..dc82c46751d 100644 --- a/pkg/registry/core/rest/storage_core.go +++ b/pkg/registry/core/rest/storage_core.go @@ -30,7 +30,6 @@ import ( "k8s.io/kubernetes/pkg/api" "k8s.io/kubernetes/pkg/api/rest" "k8s.io/kubernetes/pkg/apimachinery/registered" - "k8s.io/kubernetes/pkg/apiserver" policyclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/policy/internalversion" "k8s.io/kubernetes/pkg/client/restclient" "k8s.io/kubernetes/pkg/genericapiserver" @@ -243,8 +242,8 @@ type componentStatusStorage struct { storageFactory genericapiserver.StorageFactory } -func (s componentStatusStorage) serversToValidate() map[string]apiserver.Server { - serversToValidate := map[string]apiserver.Server{ +func (s componentStatusStorage) serversToValidate() map[string]componentstatus.Server { + serversToValidate := map[string]componentstatus.Server{ "controller-manager": {Addr: "127.0.0.1", Port: ports.ControllerManagerPort, Path: "/healthz"}, "scheduler": {Addr: "127.0.0.1", Port: ports.SchedulerPort, Path: "/healthz"}, } @@ -270,7 +269,7 @@ func (s componentStatusStorage) serversToValidate() map[string]apiserver.Server port = 2379 } // TODO: etcd health checking should be abstracted in the storage tier - serversToValidate[fmt.Sprintf("etcd-%d", ix)] = apiserver.Server{ + serversToValidate[fmt.Sprintf("etcd-%d", ix)] = componentstatus.Server{ Addr: addr, EnableHTTPS: etcdUrl.Scheme == "https", Port: port, From 423db16bd29793b825fb6a3544b80878bd0a4d60 Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Fri, 16 Dec 2016 17:30:28 +0100 Subject: [PATCH 5/6] Fix federation unit tests as non-root --- test/integration/federation/server_test.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/test/integration/federation/server_test.go b/test/integration/federation/server_test.go index 1c494a6092e..f4da7cbfb25 100644 --- a/test/integration/federation/server_test.go +++ b/test/integration/federation/server_test.go @@ -21,6 +21,7 @@ import ( "fmt" "io/ioutil" "net/http" + "os" "testing" "time" @@ -44,10 +45,18 @@ var groupVersions = []schema.GroupVersion{ } func TestRun(t *testing.T) { + certDir, err := ioutil.TempDir("", "") + if err != nil { + t.Fatalf("Failed to create temporary certificate directory: %v", err) + } + defer os.RemoveAll(certDir) + s := options.NewServerRunOptions() s.SecureServing.ServingOptions.BindPort = securePort s.InsecureServing.BindPort = insecurePort s.Etcd.StorageConfig.ServerList = []string{"http://localhost:2379"} + s.SecureServing.ServerCert.CertDirectory = certDir + go func() { if err := app.Run(s); err != nil { t.Fatalf("Error in bringing up the server: %v", err) From 7adaac79cae6e20f7e9ea5cd97a373fb897abd1f Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Fri, 16 Dec 2016 17:14:15 +0100 Subject: [PATCH 6/6] Update bazel --- cmd/kube-apiserver/app/BUILD | 1 - cmd/kube-apiserver/app/options/BUILD | 6 +++++- examples/apiserver/BUILD | 1 - federation/cmd/federation-apiserver/app/options/BUILD | 5 ++++- pkg/apiserver/BUILD | 5 ----- pkg/genericapiserver/BUILD | 3 --- pkg/genericapiserver/options/BUILD | 2 ++ pkg/master/BUILD | 2 +- pkg/registry/core/componentstatus/BUILD | 9 ++++++--- pkg/registry/core/rest/BUILD | 1 - 10 files changed, 18 insertions(+), 17 deletions(-) diff --git a/cmd/kube-apiserver/app/BUILD b/cmd/kube-apiserver/app/BUILD index 902c8045b48..7a9c479fe22 100644 --- a/cmd/kube-apiserver/app/BUILD +++ b/cmd/kube-apiserver/app/BUILD @@ -21,7 +21,6 @@ go_library( "//pkg/apis/autoscaling:go_default_library", "//pkg/apis/batch:go_default_library", "//pkg/apis/extensions:go_default_library", - "//pkg/apiserver:go_default_library", "//pkg/apiserver/authenticator:go_default_library", "//pkg/capabilities:go_default_library", "//pkg/client/clientset_generated/internalclientset:go_default_library", diff --git a/cmd/kube-apiserver/app/options/BUILD b/cmd/kube-apiserver/app/options/BUILD index 7bbcd99449d..6ee21db5681 100644 --- a/cmd/kube-apiserver/app/options/BUILD +++ b/cmd/kube-apiserver/app/options/BUILD @@ -10,7 +10,10 @@ load( go_library( name = "go_default_library", - srcs = ["options.go"], + srcs = [ + "options.go", + "validation.go", + ], tags = ["automanaged"], deps = [ "//pkg/api:go_default_library", @@ -18,6 +21,7 @@ go_library( "//pkg/genericapiserver/options:go_default_library", "//pkg/kubelet/client:go_default_library", "//pkg/master/ports:go_default_library", + "//pkg/util/net:go_default_library", "//vendor:github.com/spf13/pflag", ], ) diff --git a/examples/apiserver/BUILD b/examples/apiserver/BUILD index 9bbadc7012f..002164598eb 100644 --- a/examples/apiserver/BUILD +++ b/examples/apiserver/BUILD @@ -21,7 +21,6 @@ go_library( "//pkg/genericapiserver:go_default_library", "//pkg/genericapiserver/authorizer:go_default_library", "//pkg/genericapiserver/options:go_default_library", - "//pkg/genericapiserver/validation:go_default_library", "//pkg/registry/generic:go_default_library", "//pkg/runtime/schema:go_default_library", "//pkg/storage/storagebackend:go_default_library", diff --git a/federation/cmd/federation-apiserver/app/options/BUILD b/federation/cmd/federation-apiserver/app/options/BUILD index 12688e222ce..cfe6761af25 100644 --- a/federation/cmd/federation-apiserver/app/options/BUILD +++ b/federation/cmd/federation-apiserver/app/options/BUILD @@ -9,7 +9,10 @@ load( go_library( name = "go_default_library", - srcs = ["options.go"], + srcs = [ + "options.go", + "validation.go", + ], tags = ["automanaged"], deps = [ "//pkg/genericapiserver/options:go_default_library", diff --git a/pkg/apiserver/BUILD b/pkg/apiserver/BUILD index 133bc48f615..a0987a4c948 100644 --- a/pkg/apiserver/BUILD +++ b/pkg/apiserver/BUILD @@ -19,7 +19,6 @@ go_library( "proxy.go", "resthandler.go", "serviceerror.go", - "validator.go", "watch.go", ], tags = ["automanaged"], @@ -36,8 +35,6 @@ go_library( "//pkg/conversion:go_default_library", "//pkg/fields:go_default_library", "//pkg/httplog:go_default_library", - "//pkg/probe:go_default_library", - "//pkg/probe/http:go_default_library", "//pkg/runtime:go_default_library", "//pkg/runtime/schema:go_default_library", "//pkg/runtime/serializer/streaming:go_default_library", @@ -73,7 +70,6 @@ go_test( "negotiate_test.go", "proxy_test.go", "resthandler_test.go", - "validator_test.go", "watch_test.go", ], library = "go_default_library", @@ -93,7 +89,6 @@ go_test( "//pkg/apiserver/testing:go_default_library", "//pkg/fields:go_default_library", "//pkg/labels:go_default_library", - "//pkg/probe:go_default_library", "//pkg/runtime:go_default_library", "//pkg/runtime/schema:go_default_library", "//pkg/runtime/serializer/streaming:go_default_library", diff --git a/pkg/genericapiserver/BUILD b/pkg/genericapiserver/BUILD index 1f2f57b9ff2..e5cf0acf179 100644 --- a/pkg/genericapiserver/BUILD +++ b/pkg/genericapiserver/BUILD @@ -30,7 +30,6 @@ go_library( "//pkg/admission:go_default_library", "//pkg/api:go_default_library", "//pkg/api/rest:go_default_library", - "//pkg/api/v1:go_default_library", "//pkg/apimachinery:go_default_library", "//pkg/apimachinery/registered:go_default_library", "//pkg/apis/meta/v1:go_default_library", @@ -45,14 +44,12 @@ go_library( "//pkg/auth/handlers:go_default_library", "//pkg/auth/user:go_default_library", "//pkg/client/restclient:go_default_library", - "//pkg/cloudprovider:go_default_library", "//pkg/genericapiserver/authorizer:go_default_library", "//pkg/genericapiserver/filters:go_default_library", "//pkg/genericapiserver/mux:go_default_library", "//pkg/genericapiserver/openapi/common:go_default_library", "//pkg/genericapiserver/options:go_default_library", "//pkg/genericapiserver/routes:go_default_library", - "//pkg/genericapiserver/validation:go_default_library", "//pkg/healthz:go_default_library", "//pkg/runtime:go_default_library", "//pkg/runtime/schema:go_default_library", diff --git a/pkg/genericapiserver/options/BUILD b/pkg/genericapiserver/options/BUILD index 369dca98bda..609152fc0ba 100644 --- a/pkg/genericapiserver/options/BUILD +++ b/pkg/genericapiserver/options/BUILD @@ -21,11 +21,13 @@ go_library( deps = [ "//pkg/admission:go_default_library", "//pkg/api:go_default_library", + "//pkg/api/v1:go_default_library", "//pkg/apimachinery/registered:go_default_library", "//pkg/apiserver/authenticator:go_default_library", "//pkg/client/clientset_generated/clientset/typed/authentication/v1beta1:go_default_library", "//pkg/client/clientset_generated/clientset/typed/authorization/v1beta1:go_default_library", "//pkg/client/unversioned/clientcmd:go_default_library", + "//pkg/cloudprovider:go_default_library", "//pkg/controller/informers:go_default_library", "//pkg/genericapiserver/authorizer:go_default_library", "//pkg/runtime/schema:go_default_library", diff --git a/pkg/master/BUILD b/pkg/master/BUILD index 3af06dfb377..05e3d1ca9b9 100644 --- a/pkg/master/BUILD +++ b/pkg/master/BUILD @@ -19,6 +19,7 @@ go_library( ], tags = ["automanaged"], deps = [ + "//cmd/kube-apiserver/app/options:go_default_library", "//pkg/api:go_default_library", "//pkg/api/endpoints:go_default_library", "//pkg/api/errors:go_default_library", @@ -51,7 +52,6 @@ go_library( "//pkg/client/clientset_generated/clientset/typed/core/v1:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/core/internalversion:go_default_library", "//pkg/genericapiserver:go_default_library", - "//pkg/genericapiserver/options:go_default_library", "//pkg/healthz:go_default_library", "//pkg/kubelet/client:go_default_library", "//pkg/master/thirdparty:go_default_library", diff --git a/pkg/registry/core/componentstatus/BUILD b/pkg/registry/core/componentstatus/BUILD index ba9f17949ac..2e719907c94 100644 --- a/pkg/registry/core/componentstatus/BUILD +++ b/pkg/registry/core/componentstatus/BUILD @@ -13,27 +13,30 @@ go_library( srcs = [ "doc.go", "rest.go", + "validator.go", ], tags = ["automanaged"], deps = [ "//pkg/api:go_default_library", "//pkg/apis/meta/v1:go_default_library", - "//pkg/apiserver:go_default_library", "//pkg/probe:go_default_library", "//pkg/probe/http:go_default_library", "//pkg/runtime:go_default_library", + "//pkg/util/net:go_default_library", ], ) go_test( name = "go_default_test", - srcs = ["rest_test.go"], + srcs = [ + "rest_test.go", + "validator_test.go", + ], library = "go_default_library", tags = ["automanaged"], deps = [ "//pkg/api:go_default_library", "//pkg/apis/meta/v1:go_default_library", - "//pkg/apiserver:go_default_library", "//pkg/probe:go_default_library", "//pkg/util/diff:go_default_library", ], diff --git a/pkg/registry/core/rest/BUILD b/pkg/registry/core/rest/BUILD index 87e3da39c6b..1249b30b20a 100644 --- a/pkg/registry/core/rest/BUILD +++ b/pkg/registry/core/rest/BUILD @@ -16,7 +16,6 @@ go_library( "//pkg/api:go_default_library", "//pkg/api/rest:go_default_library", "//pkg/apimachinery/registered:go_default_library", - "//pkg/apiserver:go_default_library", "//pkg/client/clientset_generated/internalclientset/typed/policy/internalversion:go_default_library", "//pkg/client/restclient:go_default_library", "//pkg/genericapiserver:go_default_library",