From 6149df089e2667fefb740e408ece883fd76dd40e Mon Sep 17 00:00:00 2001 From: xuzhonghu Date: Fri, 1 Dec 2017 11:07:28 +0800 Subject: [PATCH 1/4] add admission into RecommendedOption --- .../pkg/cmd/server/start.go | 2 +- .../test/integration/testserver/start.go | 3 +- .../src/k8s.io/apiserver/pkg/server/config.go | 5 +++ .../apiserver/pkg/server/options/admission.go | 4 ++ .../pkg/server/options/recommended.go | 42 ++++++++++++++++++- .../kube-aggregator/pkg/cmd/server/start.go | 2 +- .../plugin/banflunder/admission_test.go | 5 +-- .../wardleinitializer/wardleinitializer.go | 4 +- .../wardleinitializer_test.go | 6 +-- .../sample-apiserver/pkg/cmd/server/start.go | 37 ++++++++-------- 10 files changed, 76 insertions(+), 34 deletions(-) diff --git a/staging/src/k8s.io/apiextensions-apiserver/pkg/cmd/server/start.go b/staging/src/k8s.io/apiextensions-apiserver/pkg/cmd/server/start.go index 6b41a2e06de..d2096412bfd 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/pkg/cmd/server/start.go +++ b/staging/src/k8s.io/apiextensions-apiserver/pkg/cmd/server/start.go @@ -98,7 +98,7 @@ func (o CustomResourceDefinitionsServerOptions) Config() (*apiserver.Config, err } serverConfig := genericapiserver.NewRecommendedConfig(apiserver.Codecs) - if err := o.RecommendedOptions.ApplyTo(serverConfig); err != nil { + if err := o.RecommendedOptions.ApplyTo(serverConfig, apiserver.Scheme); err != nil { return nil, err } diff --git a/staging/src/k8s.io/apiextensions-apiserver/test/integration/testserver/start.go b/staging/src/k8s.io/apiextensions-apiserver/test/integration/testserver/start.go index 99cbe9b3f85..81314842be3 100644 --- a/staging/src/k8s.io/apiextensions-apiserver/test/integration/testserver/start.go +++ b/staging/src/k8s.io/apiextensions-apiserver/test/integration/testserver/start.go @@ -45,6 +45,7 @@ func DefaultServerConfig() (*extensionsapiserver.Config, error) { options.RecommendedOptions.SecureServing.BindPort = port options.RecommendedOptions.Authentication = nil // disable options.RecommendedOptions.Authorization = nil // disable + options.RecommendedOptions.Admission = nil // disable options.RecommendedOptions.SecureServing.BindAddress = net.ParseIP("127.0.0.1") etcdURL, ok := os.LookupEnv("KUBE_INTEGRATION_ETCD_URL") if !ok { @@ -58,7 +59,7 @@ func DefaultServerConfig() (*extensionsapiserver.Config, error) { if err := options.RecommendedOptions.SecureServing.MaybeDefaultWithSelfSignedCerts("localhost", nil, []net.IP{net.ParseIP("127.0.0.1")}); err != nil { return nil, fmt.Errorf("error creating self-signed certificates: %v", err) } - if err := options.RecommendedOptions.ApplyTo(genericConfig); err != nil { + if err := options.RecommendedOptions.ApplyTo(genericConfig, nil); err != nil { return nil, err } diff --git a/staging/src/k8s.io/apiserver/pkg/server/config.go b/staging/src/k8s.io/apiserver/pkg/server/config.go index 877071ad3b2..cd98717d2c0 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/config.go +++ b/staging/src/k8s.io/apiserver/pkg/server/config.go @@ -188,9 +188,13 @@ type Config struct { PublicAddress net.IP } +type AdmissionInitializersInitFunc func() (admission.PluginInitializer, error) + type RecommendedConfig struct { Config + ExtraAdmissionInitializersInitFunc []AdmissionInitializersInitFunc + // SharedInformerFactory provides shared informers for Kubernetes resources. This value is set by // RecommendedOptions.CoreAPI.ApplyTo called by RecommendedOptions.ApplyTo. It uses an in-cluster client config // by default, or the kubeconfig given with kubeconfig command line flag. @@ -259,6 +263,7 @@ func NewConfig(codecs serializer.CodecFactory) *Config { func NewRecommendedConfig(codecs serializer.CodecFactory) *RecommendedConfig { return &RecommendedConfig{ Config: *NewConfig(codecs), + ExtraAdmissionInitializersInitFunc: make([]AdmissionInitializersInitFunc, 0), } } diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/admission.go b/staging/src/k8s.io/apiserver/pkg/server/options/admission.go index 6232567f7a4..30716869146 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/admission.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/admission.go @@ -100,6 +100,10 @@ func (a *AdmissionOptions) ApplyTo( scheme *runtime.Scheme, pluginInitializers ...admission.PluginInitializer, ) error { + if a == nil { + return nil + } + pluginNames := a.PluginNames if len(a.PluginNames) == 0 { pluginNames = a.enabledPluginNames() diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go b/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go index 21c3dd76159..eff7cde33d3 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go @@ -17,9 +17,12 @@ limitations under the License. package options import ( + "fmt" + "github.com/spf13/pflag" "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apiserver/pkg/admission" "k8s.io/apiserver/pkg/server" "k8s.io/apiserver/pkg/storage/storagebackend" ) @@ -35,6 +38,7 @@ type RecommendedOptions struct { Audit *AuditOptions Features *FeatureOptions CoreAPI *CoreAPIOptions + Admission *AdmissionOptions } func NewRecommendedOptions(prefix string, codec runtime.Codec) *RecommendedOptions { @@ -46,6 +50,7 @@ func NewRecommendedOptions(prefix string, codec runtime.Codec) *RecommendedOptio Audit: NewAuditOptions(), Features: NewFeatureOptions(), CoreAPI: NewCoreAPIOptions(), + Admission: NewAdmissionOptions(), } } @@ -57,9 +62,13 @@ func (o *RecommendedOptions) AddFlags(fs *pflag.FlagSet) { o.Audit.AddFlags(fs) o.Features.AddFlags(fs) o.CoreAPI.AddFlags(fs) + o.Admission.AddFlags(fs) } -func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig) error { +// ApplyTo adds RecommendedOptions to the server configuration. +// scheme is the scheme of the apiserver types that are sent to the admission chain. +// pluginInitializers can be empty, it is only need for additional initializers. +func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig, scheme *runtime.Scheme) error { if err := o.Etcd.ApplyTo(&config.Config); err != nil { return err } @@ -81,6 +90,36 @@ func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig) error { if err := o.CoreAPI.ApplyTo(config); err != nil { return err } + if o.Admission != nil { + // Admission depends on CoreAPI to set SharedInformerFactory and ClientConfig. + if o.CoreAPI == nil { + return fmt.Errorf("admission depends on CoreAPI, so it must be set") + } + // Admission need scheme to construct admission initializer. + if scheme == nil { + return fmt.Errorf("admission depends on shceme, so it must be set") + } + + pluginInitializers := []admission.PluginInitializer{} + for _, initFunc := range config.ExtraAdmissionInitializersInitFunc { + intializer, err := initFunc() + if err != nil { + return err + } + pluginInitializers = append(pluginInitializers, intializer) + } + + err := o.Admission.ApplyTo( + &config.Config, + config.SharedInformerFactory, + config.ClientConfig, + scheme, + pluginInitializers...) + if err != nil { + return err + } + } + return nil } @@ -93,6 +132,7 @@ func (o *RecommendedOptions) Validate() []error { errors = append(errors, o.Audit.Validate()...) errors = append(errors, o.Features.Validate()...) errors = append(errors, o.CoreAPI.Validate()...) + errors = append(errors, o.Admission.Validate()...) return errors } diff --git a/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go b/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go index 3be7856966b..1b1a652febe 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go @@ -109,7 +109,7 @@ func (o AggregatorOptions) RunAggregator(stopCh <-chan struct{}) error { serverConfig := genericapiserver.NewRecommendedConfig(apiserver.Codecs) - if err := o.RecommendedOptions.ApplyTo(serverConfig); err != nil { + if err := o.RecommendedOptions.ApplyTo(serverConfig, apiserver.Scheme); err != nil { return err } serverConfig.LongRunningFunc = filters.BasicLongRunningRequestCheck( diff --git a/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission_test.go b/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission_test.go index 5b08387b0e7..4e21833e046 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission_test.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder/admission_test.go @@ -113,10 +113,7 @@ func TestBanflunderAdmissionPlugin(t *testing.T) { t.Fatalf("scenario %d: failed to create banflunder admission plugin due to = %v", index, err) } - targetInitializer, err := wardleinitializer.New(informersFactory) - if err != nil { - t.Fatalf("scenario %d: failed to crate wardle plugin initializer due to = %v", index, err) - } + targetInitializer := wardleinitializer.New(informersFactory) targetInitializer.Initialize(target) err = admission.ValidateInitialization(target) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer.go b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer.go index c53c8a4944a..b41e3dfba09 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer.go @@ -28,10 +28,10 @@ type pluginInitializer struct { var _ admission.PluginInitializer = pluginInitializer{} // New creates an instance of wardle admission plugins initializer. -func New(informers informers.SharedInformerFactory) (pluginInitializer, error) { +func New(informers informers.SharedInformerFactory) pluginInitializer { return pluginInitializer{ informers: informers, - }, nil + } } // Initialize checks the initialization interfaces implemented by a plugin diff --git a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer_test.go b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer_test.go index 221876a617c..c64ed3ab3e1 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer_test.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/admission/wardleinitializer/wardleinitializer_test.go @@ -31,10 +31,8 @@ import ( func TestWantsInternalWardleInformerFactory(t *testing.T) { cs := &fake.Clientset{} sf := informers.NewSharedInformerFactory(cs, time.Duration(1)*time.Second) - target, err := wardleinitializer.New(sf) - if err != nil { - t.Fatalf("expected to create an instance of initializer but got an error = %s", err.Error()) - } + target := wardleinitializer.New(sf) + wantWardleInformerFactory := &wantInternalWardleInformerFactory{} target.Initialize(wantWardleInformerFactory) if wantWardleInformerFactory.sf != sf { diff --git a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go index ae1e12dc75e..b375d46e609 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go @@ -24,6 +24,7 @@ import ( "github.com/spf13/cobra" utilerrors "k8s.io/apimachinery/pkg/util/errors" + "k8s.io/apiserver/pkg/admission" genericapiserver "k8s.io/apiserver/pkg/server" genericoptions "k8s.io/apiserver/pkg/server/options" "k8s.io/sample-apiserver/pkg/admission/plugin/banflunder" @@ -38,16 +39,15 @@ const defaultEtcdPathPrefix = "/registry/wardle.kubernetes.io" type WardleServerOptions struct { RecommendedOptions *genericoptions.RecommendedOptions - Admission *genericoptions.AdmissionOptions - StdOut io.Writer - StdErr io.Writer + SharedInformerFactory informers.SharedInformerFactory + StdOut io.Writer + StdErr io.Writer } func NewWardleServerOptions(out, errOut io.Writer) *WardleServerOptions { o := &WardleServerOptions{ RecommendedOptions: genericoptions.NewRecommendedOptions(defaultEtcdPathPrefix, apiserver.Codecs.LegacyCodec(v1alpha1.SchemeGroupVersion)), - Admission: genericoptions.NewAdmissionOptions(), StdOut: out, StdErr: errOut, @@ -79,7 +79,6 @@ func NewCommandStartWardleServer(out, errOut io.Writer, stopCh <-chan struct{}) flags := cmd.Flags() o.RecommendedOptions.AddFlags(flags) - o.Admission.AddFlags(flags) return cmd } @@ -87,7 +86,6 @@ func NewCommandStartWardleServer(out, errOut io.Writer, stopCh <-chan struct{}) func (o WardleServerOptions) Validate(args []string) error { errors := []error{} errors = append(errors, o.RecommendedOptions.Validate()...) - errors = append(errors, o.Admission.Validate()...) return utilerrors.NewAggregate(errors) } @@ -95,9 +93,9 @@ func (o *WardleServerOptions) Complete() error { return nil } -func (o WardleServerOptions) Config() (*apiserver.Config, error) { +func (o *WardleServerOptions) Config() (*apiserver.Config, error) { // register admission plugins - banflunder.Register(o.Admission.Plugins) + banflunder.Register(o.RecommendedOptions.Admission.Plugins) // TODO have a "real" external address if err := o.RecommendedOptions.SecureServing.MaybeDefaultWithSelfSignedCerts("localhost", nil, []net.IP{net.ParseIP("127.0.0.1")}); err != nil { @@ -105,21 +103,20 @@ func (o WardleServerOptions) Config() (*apiserver.Config, error) { } serverConfig := genericapiserver.NewRecommendedConfig(apiserver.Codecs) - if err := o.RecommendedOptions.ApplyTo(serverConfig); err != nil { - return nil, err + + admissionInitializerInitFunc := func() (admission.PluginInitializer, error) { + client, err := clientset.NewForConfig(serverConfig.LoopbackClientConfig) + if err != nil { + return nil, err + } + informerFactory := informers.NewSharedInformerFactory(client, serverConfig.LoopbackClientConfig.Timeout) + o.SharedInformerFactory = informerFactory + return wardleinitializer.New(informerFactory), nil } - client, err := clientset.NewForConfig(serverConfig.LoopbackClientConfig) - if err != nil { - return nil, err - } - informerFactory := informers.NewSharedInformerFactory(client, serverConfig.LoopbackClientConfig.Timeout) - admissionInitializer, err := wardleinitializer.New(informerFactory) - if err != nil { - return nil, err - } + serverConfig.ExtraAdmissionInitializersInitFunc = []genericapiserver.AdmissionInitializersInitFunc{admissionInitializerInitFunc} - if err := o.Admission.ApplyTo(&serverConfig.Config, serverConfig.SharedInformerFactory, serverConfig.ClientConfig, apiserver.Scheme, admissionInitializer); err != nil { + if err := o.RecommendedOptions.ApplyTo(serverConfig, apiserver.Scheme); err != nil { return nil, err } From 5dab6bc40a86bf3633bb1f09a048bcc0206b460f Mon Sep 17 00:00:00 2001 From: hzxuzhonghu Date: Fri, 1 Dec 2017 19:39:50 +0800 Subject: [PATCH 2/4] update bazel --- staging/src/k8s.io/sample-apiserver/pkg/cmd/server/BUILD | 1 + 1 file changed, 1 insertion(+) diff --git a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/BUILD b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/BUILD index c969d4b0519..6e54da37f05 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/BUILD +++ b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/BUILD @@ -12,6 +12,7 @@ go_library( deps = [ "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library", + "//vendor/k8s.io/apiserver/pkg/admission:go_default_library", "//vendor/k8s.io/apiserver/pkg/server:go_default_library", "//vendor/k8s.io/apiserver/pkg/server/options:go_default_library", "//vendor/k8s.io/sample-apiserver/pkg/admission/plugin/banflunder:go_default_library", From a8127df3bb396717b4fb2a7f688c1f98e6bef6b4 Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Wed, 20 Dec 2017 12:17:44 +0100 Subject: [PATCH 3/4] Simplify extra initializer logic --- .../src/k8s.io/apiserver/pkg/server/config.go | 5 -- .../apiserver/pkg/server/options/admission.go | 10 ++++ .../pkg/server/options/recommended.go | 57 ++++++------------- .../sample-apiserver/pkg/cmd/server/start.go | 7 +-- 4 files changed, 30 insertions(+), 49 deletions(-) diff --git a/staging/src/k8s.io/apiserver/pkg/server/config.go b/staging/src/k8s.io/apiserver/pkg/server/config.go index cd98717d2c0..877071ad3b2 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/config.go +++ b/staging/src/k8s.io/apiserver/pkg/server/config.go @@ -188,13 +188,9 @@ type Config struct { PublicAddress net.IP } -type AdmissionInitializersInitFunc func() (admission.PluginInitializer, error) - type RecommendedConfig struct { Config - ExtraAdmissionInitializersInitFunc []AdmissionInitializersInitFunc - // SharedInformerFactory provides shared informers for Kubernetes resources. This value is set by // RecommendedOptions.CoreAPI.ApplyTo called by RecommendedOptions.ApplyTo. It uses an in-cluster client config // by default, or the kubeconfig given with kubeconfig command line flag. @@ -263,7 +259,6 @@ func NewConfig(codecs serializer.CodecFactory) *Config { func NewRecommendedConfig(codecs serializer.CodecFactory) *RecommendedConfig { return &RecommendedConfig{ Config: *NewConfig(codecs), - ExtraAdmissionInitializersInitFunc: make([]AdmissionInitializersInitFunc, 0), } } diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/admission.go b/staging/src/k8s.io/apiserver/pkg/server/options/admission.go index 30716869146..2565c0a69cf 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/admission.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/admission.go @@ -104,6 +104,16 @@ func (a *AdmissionOptions) ApplyTo( return nil } + // Admission need scheme to construct admission initializer. + if scheme == nil { + return fmt.Errorf("admission depends on a scheme, it cannot be nil") + } + + // Admission depends on CoreAPI to set SharedInformerFactory and ClientConfig. + if informers == nil { + return fmt.Errorf("admission depends on a Kubernetes core API shared informer, it cannot be nil") + } + pluginNames := a.PluginNames if len(a.PluginNames) == 0 { pluginNames = a.enabledPluginNames() diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go b/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go index eff7cde33d3..829647a2490 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go @@ -17,8 +17,6 @@ limitations under the License. package options import ( - "fmt" - "github.com/spf13/pflag" "k8s.io/apimachinery/pkg/runtime" @@ -38,19 +36,24 @@ type RecommendedOptions struct { Audit *AuditOptions Features *FeatureOptions CoreAPI *CoreAPIOptions - Admission *AdmissionOptions + + // ExtraAdmissionInitializers is called once after all ApplyTo from the options above, to pass the returned + // admission plugin initializers to Admission.ApplyTo. + ExtraAdmissionInitializers func() ([]admission.PluginInitializer, error) + Admission *AdmissionOptions } func NewRecommendedOptions(prefix string, codec runtime.Codec) *RecommendedOptions { return &RecommendedOptions{ - Etcd: NewEtcdOptions(storagebackend.NewDefaultConfig(prefix, codec)), - SecureServing: NewSecureServingOptions(), - Authentication: NewDelegatingAuthenticationOptions(), - Authorization: NewDelegatingAuthorizationOptions(), - Audit: NewAuditOptions(), - Features: NewFeatureOptions(), - CoreAPI: NewCoreAPIOptions(), - Admission: NewAdmissionOptions(), + Etcd: NewEtcdOptions(storagebackend.NewDefaultConfig(prefix, codec)), + SecureServing: NewSecureServingOptions(), + Authentication: NewDelegatingAuthenticationOptions(), + Authorization: NewDelegatingAuthorizationOptions(), + Audit: NewAuditOptions(), + Features: NewFeatureOptions(), + CoreAPI: NewCoreAPIOptions(), + ExtraAdmissionInitializers: func() ([]admission.PluginInitializer, error) { return nil, nil }, + Admission: NewAdmissionOptions(), } } @@ -90,34 +93,10 @@ func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig, scheme *r if err := o.CoreAPI.ApplyTo(config); err != nil { return err } - if o.Admission != nil { - // Admission depends on CoreAPI to set SharedInformerFactory and ClientConfig. - if o.CoreAPI == nil { - return fmt.Errorf("admission depends on CoreAPI, so it must be set") - } - // Admission need scheme to construct admission initializer. - if scheme == nil { - return fmt.Errorf("admission depends on shceme, so it must be set") - } - - pluginInitializers := []admission.PluginInitializer{} - for _, initFunc := range config.ExtraAdmissionInitializersInitFunc { - intializer, err := initFunc() - if err != nil { - return err - } - pluginInitializers = append(pluginInitializers, intializer) - } - - err := o.Admission.ApplyTo( - &config.Config, - config.SharedInformerFactory, - config.ClientConfig, - scheme, - pluginInitializers...) - if err != nil { - return err - } + if initializers, err := o.ExtraAdmissionInitializers(); err != nil { + return err + } else if err := o.Admission.ApplyTo(&config.Config, config.SharedInformerFactory, config.ClientConfig, scheme, initializers...); err != nil { + return err } return nil diff --git a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go index b375d46e609..e38eb749359 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go @@ -104,18 +104,15 @@ func (o *WardleServerOptions) Config() (*apiserver.Config, error) { serverConfig := genericapiserver.NewRecommendedConfig(apiserver.Codecs) - admissionInitializerInitFunc := func() (admission.PluginInitializer, error) { + o.RecommendedOptions.ExtraAdmissionInitializers = func() ([]admission.PluginInitializer, error) { client, err := clientset.NewForConfig(serverConfig.LoopbackClientConfig) if err != nil { return nil, err } informerFactory := informers.NewSharedInformerFactory(client, serverConfig.LoopbackClientConfig.Timeout) o.SharedInformerFactory = informerFactory - return wardleinitializer.New(informerFactory), nil + return []admission.PluginInitializer{wardleinitializer.New(informerFactory)}, nil } - - serverConfig.ExtraAdmissionInitializersInitFunc = []genericapiserver.AdmissionInitializersInitFunc{admissionInitializerInitFunc} - if err := o.RecommendedOptions.ApplyTo(serverConfig, apiserver.Scheme); err != nil { return nil, err } From 5a3cfd27ed818b971f36032d85e2de2db586a4e5 Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Tue, 2 Jan 2018 09:32:04 +0100 Subject: [PATCH 4/4] Pass RecommendedConfig into ExtraAdmissionInitializers --- .../k8s.io/apiserver/pkg/server/options/recommended.go | 6 +++--- .../k8s.io/sample-apiserver/pkg/cmd/server/start.go | 10 +++++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go b/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go index 829647a2490..148bfbdce5a 100644 --- a/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go +++ b/staging/src/k8s.io/apiserver/pkg/server/options/recommended.go @@ -39,7 +39,7 @@ type RecommendedOptions struct { // ExtraAdmissionInitializers is called once after all ApplyTo from the options above, to pass the returned // admission plugin initializers to Admission.ApplyTo. - ExtraAdmissionInitializers func() ([]admission.PluginInitializer, error) + ExtraAdmissionInitializers func(c *server.RecommendedConfig) ([]admission.PluginInitializer, error) Admission *AdmissionOptions } @@ -52,7 +52,7 @@ func NewRecommendedOptions(prefix string, codec runtime.Codec) *RecommendedOptio Audit: NewAuditOptions(), Features: NewFeatureOptions(), CoreAPI: NewCoreAPIOptions(), - ExtraAdmissionInitializers: func() ([]admission.PluginInitializer, error) { return nil, nil }, + ExtraAdmissionInitializers: func(c *server.RecommendedConfig) ([]admission.PluginInitializer, error) { return nil, nil }, Admission: NewAdmissionOptions(), } } @@ -93,7 +93,7 @@ func (o *RecommendedOptions) ApplyTo(config *server.RecommendedConfig, scheme *r if err := o.CoreAPI.ApplyTo(config); err != nil { return err } - if initializers, err := o.ExtraAdmissionInitializers(); err != nil { + if initializers, err := o.ExtraAdmissionInitializers(config); err != nil { return err } else if err := o.Admission.ApplyTo(&config.Config, config.SharedInformerFactory, config.ClientConfig, scheme, initializers...); err != nil { return err diff --git a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go index e38eb749359..0a6188305a1 100644 --- a/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go +++ b/staging/src/k8s.io/sample-apiserver/pkg/cmd/server/start.go @@ -102,17 +102,17 @@ func (o *WardleServerOptions) Config() (*apiserver.Config, error) { return nil, fmt.Errorf("error creating self-signed certificates: %v", err) } - serverConfig := genericapiserver.NewRecommendedConfig(apiserver.Codecs) - - o.RecommendedOptions.ExtraAdmissionInitializers = func() ([]admission.PluginInitializer, error) { - client, err := clientset.NewForConfig(serverConfig.LoopbackClientConfig) + o.RecommendedOptions.ExtraAdmissionInitializers = func(c *genericapiserver.RecommendedConfig) ([]admission.PluginInitializer, error) { + client, err := clientset.NewForConfig(c.LoopbackClientConfig) if err != nil { return nil, err } - informerFactory := informers.NewSharedInformerFactory(client, serverConfig.LoopbackClientConfig.Timeout) + informerFactory := informers.NewSharedInformerFactory(client, c.LoopbackClientConfig.Timeout) o.SharedInformerFactory = informerFactory return []admission.PluginInitializer{wardleinitializer.New(informerFactory)}, nil } + + serverConfig := genericapiserver.NewRecommendedConfig(apiserver.Codecs) if err := o.RecommendedOptions.ApplyTo(serverConfig, apiserver.Scheme); err != nil { return nil, err }