From ec3b2c44f60239f6d8e0eddb53adf7ae1b508771 Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Tue, 6 Dec 2016 09:38:55 +0100 Subject: [PATCH 1/3] Fix logic in loopback client creation --- pkg/genericapiserver/config_selfclient.go | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/pkg/genericapiserver/config_selfclient.go b/pkg/genericapiserver/config_selfclient.go index 6a1d86df377..15eaa16f741 100644 --- a/pkg/genericapiserver/config_selfclient.go +++ b/pkg/genericapiserver/config_selfclient.go @@ -31,13 +31,17 @@ import ( // NewSelfClientConfig returns a clientconfig which can be used to talk to this apiserver. func NewSelfClientConfig(secureServingInfo *SecureServingInfo, insecureServingInfo *ServingInfo, token string) (*restclient.Config, error) { - if cfg, err := secureServingInfo.NewSelfClientConfig(token); err != nil || cfg != nil { + cfg, err := secureServingInfo.NewSelfClientConfig(token) + if cfg != nil && err == nil { + return cfg, nil + } + if err != nil { if insecureServingInfo == nil { // be fatal if insecure port is not available - return cfg, err - } else { - glog.Warningf("Failed to create secure local client, falling back to insecure local connection: %v", err) + return nil, err } + + glog.Warningf("Failed to create secure local client, falling back to insecure local connection: %v", err) } if cfg, err := insecureServingInfo.NewSelfClientConfig(token); err != nil || cfg != nil { return cfg, err From 543417dbf055d0c6a3d96b684418136a8e21271d Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Tue, 6 Dec 2016 08:08:39 +0100 Subject: [PATCH 2/3] Replace apiserver glog.Fatals with fmt.Errorfs --- cmd/kube-apiserver/app/server.go | 2 +- federation/cmd/federation-apiserver/app/server.go | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go index 688017f0233..546c05dfd25 100644 --- a/cmd/kube-apiserver/app/server.go +++ b/cmd/kube-apiserver/app/server.go @@ -246,7 +246,7 @@ func Run(s *options.ServerRunOptions) error { } client, err := internalclientset.NewForConfig(selfClientConfig) if err != nil { - glog.Errorf("Failed to create clientset: %v", err) + return fmt.Errorf("failed to create clientset: %v", err) } sharedInformers := informers.NewSharedInformerFactory(nil, client, 10*time.Minute) diff --git a/federation/cmd/federation-apiserver/app/server.go b/federation/cmd/federation-apiserver/app/server.go index 73ca7866cea..542b6ec9793 100644 --- a/federation/cmd/federation-apiserver/app/server.go +++ b/federation/cmd/federation-apiserver/app/server.go @@ -100,14 +100,14 @@ func Run(s *options.ServerRunOptions) error { } storageGroupsToEncodingVersion, err := s.GenericServerRunOptions.StorageGroupsToEncodingVersion() if err != nil { - glog.Fatalf("error generating storage version map: %s", err) + return fmt.Errorf("error generating storage version map: %s", err) } storageFactory, err := genericapiserver.BuildDefaultStorageFactory( s.Etcd.StorageConfig, s.GenericServerRunOptions.DefaultStorageMediaType, api.Codecs, genericapiserver.NewDefaultResourceEncodingConfig(), storageGroupsToEncodingVersion, []schema.GroupVersionResource{}, resourceConfig, s.GenericServerRunOptions.RuntimeConfig) if err != nil { - glog.Fatalf("error in initializing storage factory: %s", err) + return fmt.Errorf("error in initializing storage factory: %s", err) } for _, override := range s.Etcd.EtcdServersOverrides { @@ -132,31 +132,31 @@ func Run(s *options.ServerRunOptions) error { apiAuthenticator, securityDefinitions, err := authenticator.New(s.Authentication.ToAuthenticationConfig()) if err != nil { - glog.Fatalf("Invalid Authentication Config: %v", err) + return fmt.Errorf("invalid Authentication Config: %v", err) } privilegedLoopbackToken := uuid.NewRandom().String() selfClientConfig, err := genericapiserver.NewSelfClientConfig(genericConfig.SecureServingInfo, genericConfig.InsecureServingInfo, privilegedLoopbackToken) if err != nil { - glog.Fatalf("Failed to create clientset: %v", err) + return fmt.Errorf("failed to create clientset: %v", err) } client, err := internalclientset.NewForConfig(selfClientConfig) if err != nil { - glog.Errorf("Failed to create clientset: %v", err) + return fmt.Errorf("failed to create clientset: %v", err) } sharedInformers := informers.NewSharedInformerFactory(nil, client, 10*time.Minute) authorizerconfig := s.Authorization.ToAuthorizationConfig(sharedInformers) apiAuthorizer, err := authorizer.NewAuthorizerFromAuthorizationConfig(authorizerconfig) if err != nil { - glog.Fatalf("Invalid Authorization Config: %v", err) + return fmt.Errorf("invalid Authorization Config: %v", err) } admissionControlPluginNames := strings.Split(s.GenericServerRunOptions.AdmissionControl, ",") pluginInitializer := admission.NewPluginInitializer(sharedInformers, apiAuthorizer) admissionController, err := admission.NewFromPlugins(client, admissionControlPluginNames, s.GenericServerRunOptions.AdmissionControlConfigFile, pluginInitializer) if err != nil { - glog.Fatalf("Failed to initialize plugins: %v", err) + return fmt.Errorf("failed to initialize plugins: %v", err) } kubeVersion := version.Get() From e57ef4327f1eb471ac84f208c30ef1e4fc71b608 Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Tue, 13 Dec 2016 09:22:48 +0100 Subject: [PATCH 3/3] Document broken behaviour with KUBE_API_VERSIONS --- cmd/kube-apiserver/app/server.go | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go index 546c05dfd25..c1a3cc322ce 100644 --- a/cmd/kube-apiserver/app/server.go +++ b/cmd/kube-apiserver/app/server.go @@ -25,6 +25,7 @@ import ( "net" "net/http" "net/url" + "os" "strconv" "strings" "time" @@ -246,7 +247,15 @@ func Run(s *options.ServerRunOptions) error { } client, err := internalclientset.NewForConfig(selfClientConfig) if err != nil { - return fmt.Errorf("failed to create clientset: %v", err) + kubeAPIVersions := os.Getenv("KUBE_API_VERSIONS") + if len(kubeAPIVersions) == 0 { + return fmt.Errorf("failed to create clientset: %v", err) + } + + // KUBE_API_VERSIONS is used in test-update-storage-objects.sh, disabling a number of API + // groups. This leads to a nil client above and undefined behaviour further down. + // TODO: get rid of KUBE_API_VERSIONS or define sane behaviour if set + glog.Errorf("Failed to create clientset with KUBE_API_VERSIONS=%q. KUBE_API_VERSIONS is only for testing. Things will break.", kubeAPIVersions) } sharedInformers := informers.NewSharedInformerFactory(nil, client, 10*time.Minute)