From 7a6fec3ea7646be2dc36711b75aa035f89a71f88 Mon Sep 17 00:00:00 2001 From: Daman Arora Date: Sat, 13 Jul 2024 19:17:34 +0530 Subject: [PATCH] kube-proxy: internal config: add Windows section Introduce Windows section for internal configuration of kube-proxy adhering to the v1alpha2 version specifications as detailed in https://kep.k8s.io/784. This also introduces WindowsRunAsService to v1alpha1 configuration. Signed-off-by: Daman Arora --- cmd/kube-proxy/app/init_windows.go | 2 +- cmd/kube-proxy/app/options.go | 3 -- cmd/kube-proxy/app/server.go | 2 +- pkg/generated/openapi/zz_generated.openapi.go | 7 ++++ pkg/proxy/apis/config/types.go | 10 +++++ pkg/proxy/apis/config/v1alpha1/conversion.go | 41 +++++++++++++++++++ .../v1alpha1/zz_generated.conversion.go | 38 +++++++---------- .../apis/config/zz_generated.deepcopy.go | 17 ++++++++ .../kube-proxy/config/v1alpha1/types.go | 3 ++ 9 files changed, 95 insertions(+), 28 deletions(-) create mode 100644 pkg/proxy/apis/config/v1alpha1/conversion.go diff --git a/cmd/kube-proxy/app/init_windows.go b/cmd/kube-proxy/app/init_windows.go index 210c7da5672..8b450cd2ff5 100644 --- a/cmd/kube-proxy/app/init_windows.go +++ b/cmd/kube-proxy/app/init_windows.go @@ -37,7 +37,7 @@ func initForOS(windowsService bool) error { } func (o *Options) addOSFlags(fs *pflag.FlagSet) { - fs.BoolVar(&o.WindowsService, "windows-service", o.WindowsService, "Enable Windows Service Control Manager API integration") + fs.BoolVar(&o.config.Windows.RunAsService, "windows-service", o.config.Windows.RunAsService, "Enable Windows Service Control Manager API integration") fs.StringVar(&o.config.Winkernel.SourceVip, "source-vip", o.config.Winkernel.SourceVip, "The IP address of the source VIP for non-DSR.") fs.StringVar(&o.config.Winkernel.NetworkName, "network-name", o.config.Winkernel.NetworkName, "The name of the cluster network.") fs.BoolVar(&o.config.Winkernel.EnableDSR, "enable-dsr", o.config.Winkernel.EnableDSR, "If true make kube-proxy apply DSR policies for service VIP") diff --git a/cmd/kube-proxy/app/options.go b/cmd/kube-proxy/app/options.go index b7a127b915f..21dd45c4b5c 100644 --- a/cmd/kube-proxy/app/options.go +++ b/cmd/kube-proxy/app/options.go @@ -54,9 +54,6 @@ type Options struct { CleanupAndExit bool // InitAndExit, when true, makes the proxy server makes configurations that need privileged access, then exit. InitAndExit bool - // WindowsService should be set to true if kube-proxy is running as a service on Windows. - // Its corresponding flag only gets registered in Windows builds - WindowsService bool // config is the proxy server's configuration object. config *kubeproxyconfig.KubeProxyConfiguration // watcher is used to watch on the update change of ConfigFile diff --git a/cmd/kube-proxy/app/server.go b/cmd/kube-proxy/app/server.go index ffa9e0ead06..b09f83e2931 100644 --- a/cmd/kube-proxy/app/server.go +++ b/cmd/kube-proxy/app/server.go @@ -104,7 +104,7 @@ with the apiserver API to configure the proxy.`, RunE: func(cmd *cobra.Command, args []string) error { verflag.PrintAndExitIfRequested() - if err := initForOS(opts.WindowsService); err != nil { + if err := initForOS(opts.config.Windows.RunAsService); err != nil { return fmt.Errorf("failed os init: %w", err) } diff --git a/pkg/generated/openapi/zz_generated.openapi.go b/pkg/generated/openapi/zz_generated.openapi.go index 34df5729ad8..738e281a5b8 100644 --- a/pkg/generated/openapi/zz_generated.openapi.go +++ b/pkg/generated/openapi/zz_generated.openapi.go @@ -59491,6 +59491,13 @@ func schema_k8sio_kube_proxy_config_v1alpha1_KubeProxyConfiguration(ref common.R Format: "", }, }, + "windowsRunAsService": { + SchemaProps: spec.SchemaProps{ + Description: "windowsRunAsService, if true, enables Windows service control manager API integration.", + Type: []string{"boolean"}, + Format: "", + }, + }, }, Required: []string{"clientConnection", "hostnameOverride", "bindAddress", "healthzBindAddress", "metricsBindAddress", "bindAddressHardFail", "enableProfiling", "showHiddenMetricsForVersion", "mode", "iptables", "ipvs", "nftables", "winkernel", "detectLocalMode", "detectLocal", "clusterCIDR", "nodePortAddresses", "oomScoreAdj", "conntrack", "configSyncPeriod", "portRange"}, }, diff --git a/pkg/proxy/apis/config/types.go b/pkg/proxy/apis/config/types.go index 4e303936b8f..1f6a62de694 100644 --- a/pkg/proxy/apis/config/types.go +++ b/pkg/proxy/apis/config/types.go @@ -22,6 +22,13 @@ import ( logsapi "k8s.io/component-base/logs/api/v1" ) +// KubeProxyWindowsConfiguration contains Windows platform related configuration details for the +// Kubernetes proxy server that aren't specific to a particular backend +type KubeProxyWindowsConfiguration struct { + // runAsService, if true, enables Windows service control manager API integration. + RunAsService bool +} + // KubeProxyIPTablesConfiguration contains iptables-related configuration // details for the Kubernetes proxy server. type KubeProxyIPTablesConfiguration struct { @@ -165,6 +172,9 @@ type DetectLocalConfiguration struct { type KubeProxyConfiguration struct { metav1.TypeMeta + // windows contains Windows-related configuration options. + Windows KubeProxyWindowsConfiguration + // featureGates is a map of feature names to bools that enable or disable alpha/experimental features. FeatureGates map[string]bool diff --git a/pkg/proxy/apis/config/v1alpha1/conversion.go b/pkg/proxy/apis/config/v1alpha1/conversion.go new file mode 100644 index 00000000000..071cb5db452 --- /dev/null +++ b/pkg/proxy/apis/config/v1alpha1/conversion.go @@ -0,0 +1,41 @@ +/* +Copyright 2024 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + "k8s.io/apimachinery/pkg/conversion" + "k8s.io/kube-proxy/config/v1alpha1" + "k8s.io/kubernetes/pkg/proxy/apis/config" +) + +// Convert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration is defined here, because public conversion is not auto-generated due to existing warnings. +func Convert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration(in *config.KubeProxyConfiguration, out *v1alpha1.KubeProxyConfiguration, scope conversion.Scope) error { + if err := autoConvert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration(in, out, scope); err != nil { + return err + } + out.WindowsRunAsService = in.Windows.RunAsService + return nil +} + +// Convert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguration is defined here, because public conversion is not auto-generated due to existing warnings. +func Convert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguration(in *v1alpha1.KubeProxyConfiguration, out *config.KubeProxyConfiguration, scope conversion.Scope) error { + if err := autoConvert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguration(in, out, scope); err != nil { + return err + } + out.Windows.RunAsService = in.WindowsRunAsService + return nil +} diff --git a/pkg/proxy/apis/config/v1alpha1/zz_generated.conversion.go b/pkg/proxy/apis/config/v1alpha1/zz_generated.conversion.go index 6df45d415e1..c3a6d6b9dce 100644 --- a/pkg/proxy/apis/config/v1alpha1/zz_generated.conversion.go +++ b/pkg/proxy/apis/config/v1alpha1/zz_generated.conversion.go @@ -27,7 +27,7 @@ import ( v1 "k8s.io/apimachinery/pkg/apis/meta/v1" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" - configv1alpha1 "k8s.io/component-base/config/v1alpha1" + componentbaseconfigv1alpha1 "k8s.io/component-base/config/v1alpha1" v1alpha1 "k8s.io/kube-proxy/config/v1alpha1" config "k8s.io/kubernetes/pkg/proxy/apis/config" ) @@ -49,16 +49,6 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } - if err := s.AddGeneratedConversionFunc((*v1alpha1.KubeProxyConfiguration)(nil), (*config.KubeProxyConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguration(a.(*v1alpha1.KubeProxyConfiguration), b.(*config.KubeProxyConfiguration), scope) - }); err != nil { - return err - } - if err := s.AddGeneratedConversionFunc((*config.KubeProxyConfiguration)(nil), (*v1alpha1.KubeProxyConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { - return Convert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration(a.(*config.KubeProxyConfiguration), b.(*v1alpha1.KubeProxyConfiguration), scope) - }); err != nil { - return err - } if err := s.AddGeneratedConversionFunc((*v1alpha1.KubeProxyConntrackConfiguration)(nil), (*config.KubeProxyConntrackConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { return Convert_v1alpha1_KubeProxyConntrackConfiguration_To_config_KubeProxyConntrackConfiguration(a.(*v1alpha1.KubeProxyConntrackConfiguration), b.(*config.KubeProxyConntrackConfiguration), scope) }); err != nil { @@ -109,6 +99,16 @@ func RegisterConversions(s *runtime.Scheme) error { }); err != nil { return err } + if err := s.AddConversionFunc((*config.KubeProxyConfiguration)(nil), (*v1alpha1.KubeProxyConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration(a.(*config.KubeProxyConfiguration), b.(*v1alpha1.KubeProxyConfiguration), scope) + }); err != nil { + return err + } + if err := s.AddConversionFunc((*v1alpha1.KubeProxyConfiguration)(nil), (*config.KubeProxyConfiguration)(nil), func(a, b interface{}, scope conversion.Scope) error { + return Convert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguration(a.(*v1alpha1.KubeProxyConfiguration), b.(*config.KubeProxyConfiguration), scope) + }); err != nil { + return err + } return nil } @@ -136,7 +136,7 @@ func Convert_config_DetectLocalConfiguration_To_v1alpha1_DetectLocalConfiguratio func autoConvert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguration(in *v1alpha1.KubeProxyConfiguration, out *config.KubeProxyConfiguration, s conversion.Scope) error { out.FeatureGates = *(*map[string]bool)(unsafe.Pointer(&in.FeatureGates)) - if err := configv1alpha1.Convert_v1alpha1_ClientConnectionConfiguration_To_config_ClientConnectionConfiguration(&in.ClientConnection, &out.ClientConnection, s); err != nil { + if err := componentbaseconfigv1alpha1.Convert_v1alpha1_ClientConnectionConfiguration_To_config_ClientConnectionConfiguration(&in.ClientConnection, &out.ClientConnection, s); err != nil { return err } out.Logging = in.Logging @@ -172,17 +172,14 @@ func autoConvert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguratio } out.ConfigSyncPeriod = in.ConfigSyncPeriod out.PortRange = in.PortRange + // WARNING: in.WindowsRunAsService requires manual conversion: does not exist in peer-type return nil } -// Convert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguration is an autogenerated conversion function. -func Convert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguration(in *v1alpha1.KubeProxyConfiguration, out *config.KubeProxyConfiguration, s conversion.Scope) error { - return autoConvert_v1alpha1_KubeProxyConfiguration_To_config_KubeProxyConfiguration(in, out, s) -} - func autoConvert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration(in *config.KubeProxyConfiguration, out *v1alpha1.KubeProxyConfiguration, s conversion.Scope) error { + // WARNING: in.Windows requires manual conversion: does not exist in peer-type out.FeatureGates = *(*map[string]bool)(unsafe.Pointer(&in.FeatureGates)) - if err := configv1alpha1.Convert_config_ClientConnectionConfiguration_To_v1alpha1_ClientConnectionConfiguration(&in.ClientConnection, &out.ClientConnection, s); err != nil { + if err := componentbaseconfigv1alpha1.Convert_config_ClientConnectionConfiguration_To_v1alpha1_ClientConnectionConfiguration(&in.ClientConnection, &out.ClientConnection, s); err != nil { return err } out.Logging = in.Logging @@ -221,11 +218,6 @@ func autoConvert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguratio return nil } -// Convert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration is an autogenerated conversion function. -func Convert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration(in *config.KubeProxyConfiguration, out *v1alpha1.KubeProxyConfiguration, s conversion.Scope) error { - return autoConvert_config_KubeProxyConfiguration_To_v1alpha1_KubeProxyConfiguration(in, out, s) -} - func autoConvert_v1alpha1_KubeProxyConntrackConfiguration_To_config_KubeProxyConntrackConfiguration(in *v1alpha1.KubeProxyConntrackConfiguration, out *config.KubeProxyConntrackConfiguration, s conversion.Scope) error { out.MaxPerCore = (*int32)(unsafe.Pointer(in.MaxPerCore)) out.Min = (*int32)(unsafe.Pointer(in.Min)) diff --git a/pkg/proxy/apis/config/zz_generated.deepcopy.go b/pkg/proxy/apis/config/zz_generated.deepcopy.go index fb95d451c95..671eba121e8 100644 --- a/pkg/proxy/apis/config/zz_generated.deepcopy.go +++ b/pkg/proxy/apis/config/zz_generated.deepcopy.go @@ -46,6 +46,7 @@ func (in *DetectLocalConfiguration) DeepCopy() *DetectLocalConfiguration { func (in *KubeProxyConfiguration) DeepCopyInto(out *KubeProxyConfiguration) { *out = *in out.TypeMeta = in.TypeMeta + out.Windows = in.Windows if in.FeatureGates != nil { in, out := &in.FeatureGates, &out.FeatureGates *out = make(map[string]bool, len(*in)) @@ -208,6 +209,22 @@ func (in *KubeProxyNFTablesConfiguration) DeepCopy() *KubeProxyNFTablesConfigura return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeProxyWindowsConfiguration) DeepCopyInto(out *KubeProxyWindowsConfiguration) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeProxyWindowsConfiguration. +func (in *KubeProxyWindowsConfiguration) DeepCopy() *KubeProxyWindowsConfiguration { + if in == nil { + return nil + } + out := new(KubeProxyWindowsConfiguration) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KubeProxyWinkernelConfiguration) DeepCopyInto(out *KubeProxyWinkernelConfiguration) { *out = *in diff --git a/staging/src/k8s.io/kube-proxy/config/v1alpha1/types.go b/staging/src/k8s.io/kube-proxy/config/v1alpha1/types.go index 25e65830dc6..65418e4f8e7 100644 --- a/staging/src/k8s.io/kube-proxy/config/v1alpha1/types.go +++ b/staging/src/k8s.io/kube-proxy/config/v1alpha1/types.go @@ -243,6 +243,9 @@ type KubeProxyConfiguration struct { // portRange was previously used to configure the userspace proxy, but is now unused. PortRange string `json:"portRange"` + + // windowsRunAsService, if true, enables Windows service control manager API integration. + WindowsRunAsService bool `json:"windowsRunAsService,omitempty"` } // ProxyMode represents modes used by the Kubernetes proxy server.