mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
Use v1beta1 VolumeAttachment
This commit is contained in:
NickrenREN
parent
8915e275c0
commit
7b9d2c046f
@ -82,7 +82,7 @@ func (config AuthorizationConfig) New() (authorizer.Authorizer, authorizer.RuleR
|
|||||||
graph,
|
graph,
|
||||||
config.InformerFactory.Core().InternalVersion().Pods(),
|
config.InformerFactory.Core().InternalVersion().Pods(),
|
||||||
config.InformerFactory.Core().InternalVersion().PersistentVolumes(),
|
config.InformerFactory.Core().InternalVersion().PersistentVolumes(),
|
||||||
config.VersionedInformerFactory.Storage().V1alpha1().VolumeAttachments(),
|
config.VersionedInformerFactory.Storage().V1beta1().VolumeAttachments(),
|
||||||
)
|
)
|
||||||
nodeAuthorizer := node.NewAuthorizer(graph, nodeidentifier.NewDefaultNodeIdentifier(), bootstrappolicy.NodeRules())
|
nodeAuthorizer := node.NewAuthorizer(graph, nodeidentifier.NewDefaultNodeIdentifier(), bootstrappolicy.NodeRules())
|
||||||
authorizers = append(authorizers, nodeAuthorizer)
|
authorizers = append(authorizers, nodeAuthorizer)
|
||||||
|
|||||||
@ -132,6 +132,7 @@ go_test(
|
|||||||
"//pkg/apis/core:go_default_library",
|
"//pkg/apis/core:go_default_library",
|
||||||
"//pkg/apis/extensions:go_default_library",
|
"//pkg/apis/extensions:go_default_library",
|
||||||
"//pkg/apis/rbac:go_default_library",
|
"//pkg/apis/rbac:go_default_library",
|
||||||
|
"//pkg/apis/storage:go_default_library",
|
||||||
"//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
|
"//pkg/client/clientset_generated/internalclientset/fake:go_default_library",
|
||||||
"//pkg/generated/openapi:go_default_library",
|
"//pkg/generated/openapi:go_default_library",
|
||||||
"//pkg/kubelet/client:go_default_library",
|
"//pkg/kubelet/client:go_default_library",
|
||||||
|
|||||||
@ -53,6 +53,7 @@ import (
|
|||||||
api "k8s.io/kubernetes/pkg/apis/core"
|
api "k8s.io/kubernetes/pkg/apis/core"
|
||||||
"k8s.io/kubernetes/pkg/apis/extensions"
|
"k8s.io/kubernetes/pkg/apis/extensions"
|
||||||
"k8s.io/kubernetes/pkg/apis/rbac"
|
"k8s.io/kubernetes/pkg/apis/rbac"
|
||||||
|
"k8s.io/kubernetes/pkg/apis/storage"
|
||||||
kubeletclient "k8s.io/kubernetes/pkg/kubelet/client"
|
kubeletclient "k8s.io/kubernetes/pkg/kubelet/client"
|
||||||
"k8s.io/kubernetes/pkg/master/reconcilers"
|
"k8s.io/kubernetes/pkg/master/reconcilers"
|
||||||
certificatesrest "k8s.io/kubernetes/pkg/registry/certificates/rest"
|
certificatesrest "k8s.io/kubernetes/pkg/registry/certificates/rest"
|
||||||
@ -83,6 +84,8 @@ func setUp(t *testing.T) (*etcdtesting.EtcdTestServer, Config, informers.SharedI
|
|||||||
resourceEncoding.SetVersionEncoding(batch.GroupName, *testapi.Batch.GroupVersion(), schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal})
|
resourceEncoding.SetVersionEncoding(batch.GroupName, *testapi.Batch.GroupVersion(), schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal})
|
||||||
// FIXME (soltysh): this GroupVersionResource override should be configurable
|
// FIXME (soltysh): this GroupVersionResource override should be configurable
|
||||||
resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: "batch", Resource: "cronjobs"}, schema.GroupVersion{Group: batch.GroupName, Version: "v1beta1"}, schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal})
|
resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: "batch", Resource: "cronjobs"}, schema.GroupVersion{Group: batch.GroupName, Version: "v1beta1"}, schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal})
|
||||||
|
resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: "storage.k8s.io", Resource: "volumeattachments"}, schema.GroupVersion{Group: storage.GroupName, Version: "v1beta1"}, schema.GroupVersion{Group: storage.GroupName, Version: runtime.APIVersionInternal})
|
||||||
|
|
||||||
resourceEncoding.SetVersionEncoding(apps.GroupName, *testapi.Apps.GroupVersion(), schema.GroupVersion{Group: apps.GroupName, Version: runtime.APIVersionInternal})
|
resourceEncoding.SetVersionEncoding(apps.GroupName, *testapi.Apps.GroupVersion(), schema.GroupVersion{Group: apps.GroupName, Version: runtime.APIVersionInternal})
|
||||||
resourceEncoding.SetVersionEncoding(extensions.GroupName, *testapi.Extensions.GroupVersion(), schema.GroupVersion{Group: extensions.GroupName, Version: runtime.APIVersionInternal})
|
resourceEncoding.SetVersionEncoding(extensions.GroupName, *testapi.Extensions.GroupVersion(), schema.GroupVersion{Group: extensions.GroupName, Version: runtime.APIVersionInternal})
|
||||||
resourceEncoding.SetVersionEncoding(rbac.GroupName, *testapi.Rbac.GroupVersion(), schema.GroupVersion{Group: rbac.GroupName, Version: runtime.APIVersionInternal})
|
resourceEncoding.SetVersionEncoding(rbac.GroupName, *testapi.Rbac.GroupVersion(), schema.GroupVersion{Group: rbac.GroupName, Version: runtime.APIVersionInternal})
|
||||||
|
|||||||
@ -20,7 +20,7 @@ go_library(
|
|||||||
"//vendor/golang.org/x/net/context:go_default_library",
|
"//vendor/golang.org/x/net/context:go_default_library",
|
||||||
"//vendor/google.golang.org/grpc:go_default_library",
|
"//vendor/google.golang.org/grpc:go_default_library",
|
||||||
"//vendor/k8s.io/api/core/v1:go_default_library",
|
"//vendor/k8s.io/api/core/v1:go_default_library",
|
||||||
"//vendor/k8s.io/api/storage/v1alpha1:go_default_library",
|
"//vendor/k8s.io/api/storage/v1beta1:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
|
||||||
@ -46,7 +46,7 @@ go_test(
|
|||||||
"//vendor/golang.org/x/net/context:go_default_library",
|
"//vendor/golang.org/x/net/context:go_default_library",
|
||||||
"//vendor/google.golang.org/grpc:go_default_library",
|
"//vendor/google.golang.org/grpc:go_default_library",
|
||||||
"//vendor/k8s.io/api/core/v1:go_default_library",
|
"//vendor/k8s.io/api/core/v1:go_default_library",
|
||||||
"//vendor/k8s.io/api/storage/v1alpha1:go_default_library",
|
"//vendor/k8s.io/api/storage/v1beta1:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
||||||
|
|||||||
@ -26,7 +26,7 @@ import (
|
|||||||
"github.com/golang/glog"
|
"github.com/golang/glog"
|
||||||
|
|
||||||
"k8s.io/api/core/v1"
|
"k8s.io/api/core/v1"
|
||||||
storage "k8s.io/api/storage/v1alpha1"
|
storage "k8s.io/api/storage/v1beta1"
|
||||||
apierrs "k8s.io/apimachinery/pkg/api/errors"
|
apierrs "k8s.io/apimachinery/pkg/api/errors"
|
||||||
meta "k8s.io/apimachinery/pkg/apis/meta/v1"
|
meta "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/types"
|
"k8s.io/apimachinery/pkg/types"
|
||||||
@ -73,7 +73,7 @@ func (c *csiAttacher) Attach(spec *volume.Spec, nodeName types.NodeName) (string
|
|||||||
Status: storage.VolumeAttachmentStatus{Attached: false},
|
Status: storage.VolumeAttachmentStatus{Attached: false},
|
||||||
}
|
}
|
||||||
|
|
||||||
_, err = c.k8s.StorageV1alpha1().VolumeAttachments().Create(attachment)
|
_, err = c.k8s.StorageV1beta1().VolumeAttachments().Create(attachment)
|
||||||
alreadyExist := false
|
alreadyExist := false
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !apierrs.IsAlreadyExists(err) {
|
if !apierrs.IsAlreadyExists(err) {
|
||||||
@ -128,7 +128,7 @@ func (c *csiAttacher) waitForVolumeAttachment(volumeHandle, attachID string, tim
|
|||||||
select {
|
select {
|
||||||
case <-ticker.C:
|
case <-ticker.C:
|
||||||
glog.V(4).Info(log("probing VolumeAttachment [id=%v]", attachID))
|
glog.V(4).Info(log("probing VolumeAttachment [id=%v]", attachID))
|
||||||
attach, err := c.k8s.StorageV1alpha1().VolumeAttachments().Get(attachID, meta.GetOptions{})
|
attach, err := c.k8s.StorageV1beta1().VolumeAttachments().Get(attachID, meta.GetOptions{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
glog.Error(log("attacher.WaitForAttach failed (will continue to try): %v", err))
|
glog.Error(log("attacher.WaitForAttach failed (will continue to try): %v", err))
|
||||||
continue
|
continue
|
||||||
@ -173,7 +173,7 @@ func (c *csiAttacher) VolumesAreAttached(specs []*volume.Spec, nodeName types.No
|
|||||||
|
|
||||||
attachID := getAttachmentName(source.VolumeHandle, source.Driver, string(nodeName))
|
attachID := getAttachmentName(source.VolumeHandle, source.Driver, string(nodeName))
|
||||||
glog.V(4).Info(log("probing attachment status for VolumeAttachment %v", attachID))
|
glog.V(4).Info(log("probing attachment status for VolumeAttachment %v", attachID))
|
||||||
attach, err := c.k8s.StorageV1alpha1().VolumeAttachments().Get(attachID, meta.GetOptions{})
|
attach, err := c.k8s.StorageV1beta1().VolumeAttachments().Get(attachID, meta.GetOptions{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
glog.Error(log("attacher.VolumesAreAttached failed for attach.ID=%v: %v", attachID, err))
|
glog.Error(log("attacher.VolumesAreAttached failed for attach.ID=%v: %v", attachID, err))
|
||||||
continue
|
continue
|
||||||
@ -212,7 +212,7 @@ func (c *csiAttacher) Detach(volumeName string, nodeName types.NodeName) error {
|
|||||||
driverName := parts[0]
|
driverName := parts[0]
|
||||||
volID := parts[1]
|
volID := parts[1]
|
||||||
attachID := getAttachmentName(volID, driverName, string(nodeName))
|
attachID := getAttachmentName(volID, driverName, string(nodeName))
|
||||||
if err := c.k8s.StorageV1alpha1().VolumeAttachments().Delete(attachID, nil); err != nil {
|
if err := c.k8s.StorageV1beta1().VolumeAttachments().Delete(attachID, nil); err != nil {
|
||||||
glog.Error(log("detacher.Detach failed to delete VolumeAttachment [%s]: %v", attachID, err))
|
glog.Error(log("detacher.Detach failed to delete VolumeAttachment [%s]: %v", attachID, err))
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -236,7 +236,7 @@ func (c *csiAttacher) waitForVolumeDetachment(volumeHandle, attachID string) err
|
|||||||
select {
|
select {
|
||||||
case <-ticker.C:
|
case <-ticker.C:
|
||||||
glog.V(4).Info(log("probing VolumeAttachment [id=%v]", attachID))
|
glog.V(4).Info(log("probing VolumeAttachment [id=%v]", attachID))
|
||||||
attach, err := c.k8s.StorageV1alpha1().VolumeAttachments().Get(attachID, meta.GetOptions{})
|
attach, err := c.k8s.StorageV1beta1().VolumeAttachments().Get(attachID, meta.GetOptions{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if apierrs.IsNotFound(err) {
|
if apierrs.IsNotFound(err) {
|
||||||
//object deleted or never existed, done
|
//object deleted or never existed, done
|
||||||
|
|||||||
@ -22,7 +22,7 @@ import (
|
|||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
storage "k8s.io/api/storage/v1alpha1"
|
storage "k8s.io/api/storage/v1beta1"
|
||||||
apierrs "k8s.io/apimachinery/pkg/api/errors"
|
apierrs "k8s.io/apimachinery/pkg/api/errors"
|
||||||
meta "k8s.io/apimachinery/pkg/apis/meta/v1"
|
meta "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/types"
|
"k8s.io/apimachinery/pkg/types"
|
||||||
@ -129,7 +129,7 @@ func TestAttacherAttach(t *testing.T) {
|
|||||||
// wait for attachment to be saved
|
// wait for attachment to be saved
|
||||||
var attach *storage.VolumeAttachment
|
var attach *storage.VolumeAttachment
|
||||||
for i := 0; i < 100; i++ {
|
for i := 0; i < 100; i++ {
|
||||||
attach, err = csiAttacher.k8s.StorageV1alpha1().VolumeAttachments().Get(tc.attachID, meta.GetOptions{})
|
attach, err = csiAttacher.k8s.StorageV1beta1().VolumeAttachments().Get(tc.attachID, meta.GetOptions{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if apierrs.IsNotFound(err) {
|
if apierrs.IsNotFound(err) {
|
||||||
<-ticker.C
|
<-ticker.C
|
||||||
@ -146,7 +146,7 @@ func TestAttacherAttach(t *testing.T) {
|
|||||||
t.Error("attachment not found")
|
t.Error("attachment not found")
|
||||||
}
|
}
|
||||||
attach.Status.Attached = true
|
attach.Status.Attached = true
|
||||||
_, err = csiAttacher.k8s.StorageV1alpha1().VolumeAttachments().Update(attach)
|
_, err = csiAttacher.k8s.StorageV1beta1().VolumeAttachments().Update(attach)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Error(err)
|
t.Error(err)
|
||||||
}
|
}
|
||||||
@ -188,7 +188,7 @@ func TestAttacherWaitForVolumeAttachment(t *testing.T) {
|
|||||||
csiAttacher.waitSleepTime = tc.sleepTime
|
csiAttacher.waitSleepTime = tc.sleepTime
|
||||||
|
|
||||||
go func() {
|
go func() {
|
||||||
_, err := csiAttacher.k8s.StorageV1alpha1().VolumeAttachments().Create(attachment)
|
_, err := csiAttacher.k8s.StorageV1beta1().VolumeAttachments().Create(attachment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("failed to attach: %v", err)
|
t.Fatalf("failed to attach: %v", err)
|
||||||
}
|
}
|
||||||
@ -239,7 +239,7 @@ func TestAttacherVolumesAreAttached(t *testing.T) {
|
|||||||
attachID := getAttachmentName(volName, testDriver, nodeName)
|
attachID := getAttachmentName(volName, testDriver, nodeName)
|
||||||
attachment := makeTestAttachment(attachID, nodeName, pv.GetName())
|
attachment := makeTestAttachment(attachID, nodeName, pv.GetName())
|
||||||
attachment.Status.Attached = stat
|
attachment.Status.Attached = stat
|
||||||
_, err := csiAttacher.k8s.StorageV1alpha1().VolumeAttachments().Create(attachment)
|
_, err := csiAttacher.k8s.StorageV1beta1().VolumeAttachments().Create(attachment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("failed to attach: %v", err)
|
t.Fatalf("failed to attach: %v", err)
|
||||||
}
|
}
|
||||||
@ -292,7 +292,7 @@ func TestAttacherDetach(t *testing.T) {
|
|||||||
pv := makeTestPV("test-pv", 10, testDriver, tc.volID)
|
pv := makeTestPV("test-pv", 10, testDriver, tc.volID)
|
||||||
spec := volume.NewSpecFromPersistentVolume(pv, pv.Spec.PersistentVolumeSource.CSI.ReadOnly)
|
spec := volume.NewSpecFromPersistentVolume(pv, pv.Spec.PersistentVolumeSource.CSI.ReadOnly)
|
||||||
attachment := makeTestAttachment(tc.attachID, nodeName, "test-pv")
|
attachment := makeTestAttachment(tc.attachID, nodeName, "test-pv")
|
||||||
_, err := csiAttacher.k8s.StorageV1alpha1().VolumeAttachments().Create(attachment)
|
_, err := csiAttacher.k8s.StorageV1beta1().VolumeAttachments().Create(attachment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("failed to attach: %v", err)
|
t.Fatalf("failed to attach: %v", err)
|
||||||
}
|
}
|
||||||
@ -307,7 +307,7 @@ func TestAttacherDetach(t *testing.T) {
|
|||||||
if !tc.shouldFail && err != nil {
|
if !tc.shouldFail && err != nil {
|
||||||
t.Fatalf("unexpected err: %v", err)
|
t.Fatalf("unexpected err: %v", err)
|
||||||
}
|
}
|
||||||
attach, err := csiAttacher.k8s.StorageV1alpha1().VolumeAttachments().Get(tc.attachID, meta.GetOptions{})
|
attach, err := csiAttacher.k8s.StorageV1beta1().VolumeAttachments().Get(tc.attachID, meta.GetOptions{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if !apierrs.IsNotFound(err) {
|
if !apierrs.IsNotFound(err) {
|
||||||
t.Fatalf("unexpected err: %v", err)
|
t.Fatalf("unexpected err: %v", err)
|
||||||
|
|||||||
@ -138,7 +138,7 @@ func (c *csiMountMgr) SetUpAt(dir string, fsGroup *int64) error {
|
|||||||
|
|
||||||
// search for attachment by VolumeAttachment.Spec.Source.PersistentVolumeName
|
// search for attachment by VolumeAttachment.Spec.Source.PersistentVolumeName
|
||||||
if c.volumeInfo == nil {
|
if c.volumeInfo == nil {
|
||||||
attachment, err := c.k8s.StorageV1alpha1().VolumeAttachments().Get(attachID, meta.GetOptions{})
|
attachment, err := c.k8s.StorageV1beta1().VolumeAttachments().Get(attachID, meta.GetOptions{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
glog.Error(log("mounter.SetupAt failed while getting volume attachment [id=%v]: %v", attachID, err))
|
glog.Error(log("mounter.SetupAt failed while getting volume attachment [id=%v]: %v", attachID, err))
|
||||||
return err
|
return err
|
||||||
|
|||||||
@ -26,7 +26,7 @@ import (
|
|||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
api "k8s.io/api/core/v1"
|
api "k8s.io/api/core/v1"
|
||||||
storage "k8s.io/api/storage/v1alpha1"
|
storage "k8s.io/api/storage/v1beta1"
|
||||||
meta "k8s.io/apimachinery/pkg/apis/meta/v1"
|
meta "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/types"
|
"k8s.io/apimachinery/pkg/types"
|
||||||
fakeclient "k8s.io/client-go/kubernetes/fake"
|
fakeclient "k8s.io/client-go/kubernetes/fake"
|
||||||
@ -135,7 +135,7 @@ func TestMounterSetUp(t *testing.T) {
|
|||||||
DetachError: nil,
|
DetachError: nil,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
_, err = csiMounter.k8s.StorageV1alpha1().VolumeAttachments().Create(attachment)
|
_, err = csiMounter.k8s.StorageV1beta1().VolumeAttachments().Create(attachment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("failed to setup VolumeAttachment: %v", err)
|
t.Fatalf("failed to setup VolumeAttachment: %v", err)
|
||||||
}
|
}
|
||||||
|
|||||||
@ -16,7 +16,7 @@ go_test(
|
|||||||
"//pkg/auth/nodeidentifier:go_default_library",
|
"//pkg/auth/nodeidentifier:go_default_library",
|
||||||
"//pkg/features:go_default_library",
|
"//pkg/features:go_default_library",
|
||||||
"//plugin/pkg/auth/authorizer/rbac/bootstrappolicy:go_default_library",
|
"//plugin/pkg/auth/authorizer/rbac/bootstrappolicy:go_default_library",
|
||||||
"//vendor/k8s.io/api/storage/v1alpha1:go_default_library",
|
"//vendor/k8s.io/api/storage/v1beta1:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
||||||
"//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
|
"//vendor/k8s.io/apiserver/pkg/authentication/user:go_default_library",
|
||||||
"//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
|
"//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
|
||||||
@ -46,11 +46,11 @@ go_library(
|
|||||||
"//third_party/forked/gonum/graph/simple:go_default_library",
|
"//third_party/forked/gonum/graph/simple:go_default_library",
|
||||||
"//third_party/forked/gonum/graph/traverse:go_default_library",
|
"//third_party/forked/gonum/graph/traverse:go_default_library",
|
||||||
"//vendor/github.com/golang/glog:go_default_library",
|
"//vendor/github.com/golang/glog:go_default_library",
|
||||||
"//vendor/k8s.io/api/storage/v1alpha1:go_default_library",
|
"//vendor/k8s.io/api/storage/v1beta1:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
|
||||||
"//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
|
"//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
|
||||||
"//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
|
"//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
|
||||||
"//vendor/k8s.io/client-go/informers/storage/v1alpha1:go_default_library",
|
"//vendor/k8s.io/client-go/informers/storage/v1beta1:go_default_library",
|
||||||
"//vendor/k8s.io/client-go/tools/cache:go_default_library",
|
"//vendor/k8s.io/client-go/tools/cache:go_default_library",
|
||||||
],
|
],
|
||||||
)
|
)
|
||||||
|
|||||||
@ -19,9 +19,9 @@ package node
|
|||||||
import (
|
import (
|
||||||
"github.com/golang/glog"
|
"github.com/golang/glog"
|
||||||
|
|
||||||
storagev1alpha1 "k8s.io/api/storage/v1alpha1"
|
storagev1beta1 "k8s.io/api/storage/v1beta1"
|
||||||
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
||||||
storageinformers "k8s.io/client-go/informers/storage/v1alpha1"
|
storageinformers "k8s.io/client-go/informers/storage/v1beta1"
|
||||||
"k8s.io/client-go/tools/cache"
|
"k8s.io/client-go/tools/cache"
|
||||||
api "k8s.io/kubernetes/pkg/apis/core"
|
api "k8s.io/kubernetes/pkg/apis/core"
|
||||||
coreinformers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion"
|
coreinformers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion"
|
||||||
@ -129,10 +129,10 @@ func (g *graphPopulator) addVolumeAttachment(obj interface{}) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (g *graphPopulator) updateVolumeAttachment(oldObj, obj interface{}) {
|
func (g *graphPopulator) updateVolumeAttachment(oldObj, obj interface{}) {
|
||||||
attachment := obj.(*storagev1alpha1.VolumeAttachment)
|
attachment := obj.(*storagev1beta1.VolumeAttachment)
|
||||||
if oldObj != nil {
|
if oldObj != nil {
|
||||||
// skip add if node name is identical
|
// skip add if node name is identical
|
||||||
oldAttachment := oldObj.(*storagev1alpha1.VolumeAttachment)
|
oldAttachment := oldObj.(*storagev1beta1.VolumeAttachment)
|
||||||
if oldAttachment.Spec.NodeName == attachment.Spec.NodeName {
|
if oldAttachment.Spec.NodeName == attachment.Spec.NodeName {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|||||||
@ -24,7 +24,7 @@ import (
|
|||||||
|
|
||||||
"os"
|
"os"
|
||||||
|
|
||||||
storagev1alpha1 "k8s.io/api/storage/v1alpha1"
|
storagev1beta1 "k8s.io/api/storage/v1beta1"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apiserver/pkg/authentication/user"
|
"k8s.io/apiserver/pkg/authentication/user"
|
||||||
"k8s.io/apiserver/pkg/authorization/authorizer"
|
"k8s.io/apiserver/pkg/authorization/authorizer"
|
||||||
@ -429,7 +429,7 @@ func BenchmarkAuthorization(b *testing.B) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func populate(graph *Graph, pods []*api.Pod, pvs []*api.PersistentVolume, attachments []*storagev1alpha1.VolumeAttachment) {
|
func populate(graph *Graph, pods []*api.Pod, pvs []*api.PersistentVolume, attachments []*storagev1beta1.VolumeAttachment) {
|
||||||
p := &graphPopulator{}
|
p := &graphPopulator{}
|
||||||
p.graph = graph
|
p.graph = graph
|
||||||
for _, pod := range pods {
|
for _, pod := range pods {
|
||||||
@ -447,10 +447,10 @@ func populate(graph *Graph, pods []*api.Pod, pvs []*api.PersistentVolume, attach
|
|||||||
// the secret/configmap/pvc/node references in the pod and pv objects are named to indicate the connections between the objects.
|
// the secret/configmap/pvc/node references in the pod and pv objects are named to indicate the connections between the objects.
|
||||||
// for example, secret0-pod0-node0 is a secret referenced by pod0 which is bound to node0.
|
// for example, secret0-pod0-node0 is a secret referenced by pod0 which is bound to node0.
|
||||||
// when populated into the graph, the node authorizer should allow node0 to access that secret, but not node1.
|
// when populated into the graph, the node authorizer should allow node0 to access that secret, but not node1.
|
||||||
func generate(opts sampleDataOpts) ([]*api.Pod, []*api.PersistentVolume, []*storagev1alpha1.VolumeAttachment) {
|
func generate(opts sampleDataOpts) ([]*api.Pod, []*api.PersistentVolume, []*storagev1beta1.VolumeAttachment) {
|
||||||
pods := make([]*api.Pod, 0, opts.nodes*opts.podsPerNode)
|
pods := make([]*api.Pod, 0, opts.nodes*opts.podsPerNode)
|
||||||
pvs := make([]*api.PersistentVolume, 0, (opts.nodes*opts.podsPerNode*opts.uniquePVCsPerPod)+(opts.sharedPVCsPerPod*opts.namespaces))
|
pvs := make([]*api.PersistentVolume, 0, (opts.nodes*opts.podsPerNode*opts.uniquePVCsPerPod)+(opts.sharedPVCsPerPod*opts.namespaces))
|
||||||
attachments := make([]*storagev1alpha1.VolumeAttachment, 0, opts.nodes*opts.attachmentsPerNode)
|
attachments := make([]*storagev1beta1.VolumeAttachment, 0, opts.nodes*opts.attachmentsPerNode)
|
||||||
|
|
||||||
for n := 0; n < opts.nodes; n++ {
|
for n := 0; n < opts.nodes; n++ {
|
||||||
nodeName := fmt.Sprintf("node%d", n)
|
nodeName := fmt.Sprintf("node%d", n)
|
||||||
@ -508,7 +508,7 @@ func generate(opts sampleDataOpts) ([]*api.Pod, []*api.PersistentVolume, []*stor
|
|||||||
pods = append(pods, pod)
|
pods = append(pods, pod)
|
||||||
}
|
}
|
||||||
for a := 0; a < opts.attachmentsPerNode; a++ {
|
for a := 0; a < opts.attachmentsPerNode; a++ {
|
||||||
attachment := &storagev1alpha1.VolumeAttachment{}
|
attachment := &storagev1beta1.VolumeAttachment{}
|
||||||
attachment.Name = fmt.Sprintf("attachment%d-%s", a, nodeName)
|
attachment.Name = fmt.Sprintf("attachment%d-%s", a, nodeName)
|
||||||
attachment.Spec.NodeName = nodeName
|
attachment.Spec.NodeName = nodeName
|
||||||
attachments = append(attachments, attachment)
|
attachments = append(attachments, attachment)
|
||||||
|
|||||||
@ -1033,6 +1033,12 @@ items:
|
|||||||
- get
|
- get
|
||||||
- list
|
- list
|
||||||
- watch
|
- watch
|
||||||
|
- apiGroups:
|
||||||
|
- storage.k8s.io
|
||||||
|
resources:
|
||||||
|
- volumeattachments
|
||||||
|
verbs:
|
||||||
|
- get
|
||||||
- apiVersion: rbac.authorization.k8s.io/v1
|
- apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
metadata:
|
metadata:
|
||||||
|
|||||||
@ -48,6 +48,16 @@ items:
|
|||||||
- create
|
- create
|
||||||
- patch
|
- patch
|
||||||
- update
|
- update
|
||||||
|
- apiGroups:
|
||||||
|
- storage.k8s.io
|
||||||
|
resources:
|
||||||
|
- volumeattachments
|
||||||
|
verbs:
|
||||||
|
- create
|
||||||
|
- delete
|
||||||
|
- get
|
||||||
|
- list
|
||||||
|
- watch
|
||||||
- apiVersion: rbac.authorization.k8s.io/v1
|
- apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
metadata:
|
metadata:
|
||||||
|
|||||||
@ -51,7 +51,7 @@ go_test(
|
|||||||
"//test/integration/framework:go_default_library",
|
"//test/integration/framework:go_default_library",
|
||||||
"//vendor/github.com/golang/glog:go_default_library",
|
"//vendor/github.com/golang/glog:go_default_library",
|
||||||
"//vendor/k8s.io/api/authentication/v1beta1:go_default_library",
|
"//vendor/k8s.io/api/authentication/v1beta1:go_default_library",
|
||||||
"//vendor/k8s.io/api/storage/v1alpha1:go_default_library",
|
"//vendor/k8s.io/api/storage/v1beta1:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/api/resource:go_default_library",
|
||||||
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
||||||
@ -69,7 +69,6 @@ go_test(
|
|||||||
"//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
|
"//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
|
||||||
"//vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory:go_default_library",
|
"//vendor/k8s.io/apiserver/pkg/authorization/authorizerfactory:go_default_library",
|
||||||
"//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
|
"//vendor/k8s.io/apiserver/pkg/registry/generic:go_default_library",
|
||||||
"//vendor/k8s.io/apiserver/pkg/server/storage:go_default_library",
|
|
||||||
"//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
|
"//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
|
||||||
"//vendor/k8s.io/apiserver/pkg/util/feature/testing:go_default_library",
|
"//vendor/k8s.io/apiserver/pkg/util/feature/testing:go_default_library",
|
||||||
"//vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/tokentest:go_default_library",
|
"//vendor/k8s.io/apiserver/plugin/pkg/authenticator/token/tokentest:go_default_library",
|
||||||
|
|||||||
@ -23,7 +23,7 @@ import (
|
|||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
storagev1alpha1 "k8s.io/api/storage/v1alpha1"
|
storagev1beta1 "k8s.io/api/storage/v1beta1"
|
||||||
"k8s.io/apimachinery/pkg/api/errors"
|
"k8s.io/apimachinery/pkg/api/errors"
|
||||||
"k8s.io/apimachinery/pkg/api/resource"
|
"k8s.io/apimachinery/pkg/api/resource"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
@ -32,7 +32,6 @@ import (
|
|||||||
"k8s.io/apiserver/pkg/authentication/request/bearertoken"
|
"k8s.io/apiserver/pkg/authentication/request/bearertoken"
|
||||||
"k8s.io/apiserver/pkg/authentication/token/tokenfile"
|
"k8s.io/apiserver/pkg/authentication/token/tokenfile"
|
||||||
"k8s.io/apiserver/pkg/authentication/user"
|
"k8s.io/apiserver/pkg/authentication/user"
|
||||||
serverstorage "k8s.io/apiserver/pkg/server/storage"
|
|
||||||
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
||||||
utilfeaturetesting "k8s.io/apiserver/pkg/util/feature/testing"
|
utilfeaturetesting "k8s.io/apiserver/pkg/util/feature/testing"
|
||||||
versionedinformers "k8s.io/client-go/informers"
|
versionedinformers "k8s.io/client-go/informers"
|
||||||
@ -106,9 +105,6 @@ func TestNodeAuthorizer(t *testing.T) {
|
|||||||
masterConfig.GenericConfig.Authorizer = nodeRBACAuthorizer
|
masterConfig.GenericConfig.Authorizer = nodeRBACAuthorizer
|
||||||
masterConfig.GenericConfig.AdmissionControl = nodeRestrictionAdmission
|
masterConfig.GenericConfig.AdmissionControl = nodeRestrictionAdmission
|
||||||
|
|
||||||
// enable testing volume attachments
|
|
||||||
masterConfig.ExtraConfig.APIResourceConfigSource.(*serverstorage.ResourceConfig).EnableVersions(storagev1alpha1.SchemeGroupVersion)
|
|
||||||
|
|
||||||
_, _, closeFn := framework.RunAMasterUsingServer(masterConfig, apiServer, h)
|
_, _, closeFn := framework.RunAMasterUsingServer(masterConfig, apiServer, h)
|
||||||
defer closeFn()
|
defer closeFn()
|
||||||
|
|
||||||
@ -140,11 +136,11 @@ func TestNodeAuthorizer(t *testing.T) {
|
|||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
pvName := "mypv"
|
pvName := "mypv"
|
||||||
if _, err := superuserClientExternal.StorageV1alpha1().VolumeAttachments().Create(&storagev1alpha1.VolumeAttachment{
|
if _, err := superuserClientExternal.StorageV1beta1().VolumeAttachments().Create(&storagev1beta1.VolumeAttachment{
|
||||||
ObjectMeta: metav1.ObjectMeta{Name: "myattachment"},
|
ObjectMeta: metav1.ObjectMeta{Name: "myattachment"},
|
||||||
Spec: storagev1alpha1.VolumeAttachmentSpec{
|
Spec: storagev1beta1.VolumeAttachmentSpec{
|
||||||
Attacher: "foo",
|
Attacher: "foo",
|
||||||
Source: storagev1alpha1.VolumeAttachmentSource{PersistentVolumeName: &pvName},
|
Source: storagev1beta1.VolumeAttachmentSource{PersistentVolumeName: &pvName},
|
||||||
NodeName: "node2",
|
NodeName: "node2",
|
||||||
},
|
},
|
||||||
}); err != nil {
|
}); err != nil {
|
||||||
@ -204,7 +200,7 @@ func TestNodeAuthorizer(t *testing.T) {
|
|||||||
}
|
}
|
||||||
getVolumeAttachment := func(client externalclientset.Interface) func() error {
|
getVolumeAttachment := func(client externalclientset.Interface) func() error {
|
||||||
return func() error {
|
return func() error {
|
||||||
_, err := client.StorageV1alpha1().VolumeAttachments().Get("myattachment", metav1.GetOptions{})
|
_, err := client.StorageV1beta1().VolumeAttachments().Get("myattachment", metav1.GetOptions{})
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -298,6 +298,7 @@ var etcdStorageData = map[schema.GroupVersionResource]struct {
|
|||||||
gvr("storage.k8s.io", "v1alpha1", "volumeattachments"): {
|
gvr("storage.k8s.io", "v1alpha1", "volumeattachments"): {
|
||||||
stub: `{"metadata": {"name": "va1"}, "spec": {"attacher": "gce", "nodeName": "localhost", "source": {"persistentVolumeName": "pv1"}}}`,
|
stub: `{"metadata": {"name": "va1"}, "spec": {"attacher": "gce", "nodeName": "localhost", "source": {"persistentVolumeName": "pv1"}}}`,
|
||||||
expectedEtcdPath: "/registry/volumeattachments/va1",
|
expectedEtcdPath: "/registry/volumeattachments/va1",
|
||||||
|
expectedGVK: gvkP("storage.k8s.io", "v1beta1", "VolumeAttachment"),
|
||||||
},
|
},
|
||||||
// --
|
// --
|
||||||
|
|
||||||
|
|||||||
@ -236,9 +236,9 @@ func NewMasterConfig() *master.Config {
|
|||||||
// we need to set both for the whole group and for cronjobs, separately
|
// we need to set both for the whole group and for cronjobs, separately
|
||||||
resourceEncoding.SetVersionEncoding(batch.GroupName, *testapi.Batch.GroupVersion(), schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal})
|
resourceEncoding.SetVersionEncoding(batch.GroupName, *testapi.Batch.GroupVersion(), schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal})
|
||||||
resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: batch.GroupName, Resource: "cronjobs"}, schema.GroupVersion{Group: batch.GroupName, Version: "v1beta1"}, schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal})
|
resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: batch.GroupName, Resource: "cronjobs"}, schema.GroupVersion{Group: batch.GroupName, Version: "v1beta1"}, schema.GroupVersion{Group: batch.GroupName, Version: runtime.APIVersionInternal})
|
||||||
// volumeattachments only exist in storage.k8s.io/v1alpha1
|
// we also need to set both for the storage group and for volumeattachments, separately
|
||||||
resourceEncoding.SetVersionEncoding(storage.GroupName, *testapi.Storage.GroupVersion(), schema.GroupVersion{Group: storage.GroupName, Version: runtime.APIVersionInternal})
|
resourceEncoding.SetVersionEncoding(storage.GroupName, *testapi.Storage.GroupVersion(), schema.GroupVersion{Group: storage.GroupName, Version: runtime.APIVersionInternal})
|
||||||
resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: storage.GroupName, Resource: "volumeattachments"}, schema.GroupVersion{Group: storage.GroupName, Version: "v1alpha1"}, schema.GroupVersion{Group: storage.GroupName, Version: runtime.APIVersionInternal})
|
resourceEncoding.SetResourceEncoding(schema.GroupResource{Group: storage.GroupName, Resource: "volumeattachments"}, schema.GroupVersion{Group: storage.GroupName, Version: "v1beta1"}, schema.GroupVersion{Group: storage.GroupName, Version: runtime.APIVersionInternal})
|
||||||
|
|
||||||
storageFactory := serverstorage.NewDefaultStorageFactory(etcdOptions.StorageConfig, runtime.ContentTypeJSON, ns, resourceEncoding, master.DefaultAPIResourceConfigSource(), nil)
|
storageFactory := serverstorage.NewDefaultStorageFactory(etcdOptions.StorageConfig, runtime.ContentTypeJSON, ns, resourceEncoding, master.DefaultAPIResourceConfigSource(), nil)
|
||||||
storageFactory.SetSerializer(
|
storageFactory.SetSerializer(
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user