From 8ab898f8583fd12fc1eff086fd8d43346a48d9df Mon Sep 17 00:00:00 2001 From: Matt Moyer Date: Thu, 26 Oct 2017 10:52:03 -0500 Subject: [PATCH] Fix `kubeadm init --token-ttl=0`/config `tokenTTL: "0"`. This was broken because the API machinery defaulting mechanism couldn't differentiate between an unset value (which should default to 24 hours) and a value explicitly set to 0 (which should mean infinite). The fix is to change `TokenTTL` from a `metav1.Duration` to `*metav1.Duration` so that `nil` can represent the unspecified value. This bug was introduced in https://github.com/kubernetes/kubernetes/pull/48783. --- cmd/kubeadm/app/apis/kubeadm/fuzzer/BUILD | 1 + cmd/kubeadm/app/apis/kubeadm/fuzzer/fuzzer.go | 4 ++++ cmd/kubeadm/app/apis/kubeadm/types.go | 2 +- cmd/kubeadm/app/apis/kubeadm/v1alpha1/defaults.go | 4 ++-- cmd/kubeadm/app/apis/kubeadm/v1alpha1/types.go | 4 ++-- .../apis/kubeadm/v1alpha1/zz_generated.conversion.go | 5 +++-- .../apis/kubeadm/v1alpha1/zz_generated.deepcopy.go | 11 ++++++++++- cmd/kubeadm/app/apis/kubeadm/zz_generated.deepcopy.go | 11 ++++++++++- cmd/kubeadm/app/cmd/BUILD | 1 + cmd/kubeadm/app/cmd/cmd.go | 4 ++++ cmd/kubeadm/app/cmd/upgrade/common_test.go | 3 --- 11 files changed, 38 insertions(+), 12 deletions(-) diff --git a/cmd/kubeadm/app/apis/kubeadm/fuzzer/BUILD b/cmd/kubeadm/app/apis/kubeadm/fuzzer/BUILD index b87eee90077..5964d9097e9 100644 --- a/cmd/kubeadm/app/apis/kubeadm/fuzzer/BUILD +++ b/cmd/kubeadm/app/apis/kubeadm/fuzzer/BUILD @@ -12,6 +12,7 @@ go_library( deps = [ "//cmd/kubeadm/app/apis/kubeadm:go_default_library", "//vendor/github.com/google/gofuzz:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", ], ) diff --git a/cmd/kubeadm/app/apis/kubeadm/fuzzer/fuzzer.go b/cmd/kubeadm/app/apis/kubeadm/fuzzer/fuzzer.go index de5393da94b..fbf0090c265 100644 --- a/cmd/kubeadm/app/apis/kubeadm/fuzzer/fuzzer.go +++ b/cmd/kubeadm/app/apis/kubeadm/fuzzer/fuzzer.go @@ -17,8 +17,11 @@ limitations under the License. package fuzzer import ( + "time" + "github.com/google/gofuzz" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtimeserializer "k8s.io/apimachinery/pkg/runtime/serializer" "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" ) @@ -30,6 +33,7 @@ func Funcs(codecs runtimeserializer.CodecFactory) []interface{} { c.FuzzNoCustom(obj) obj.KubernetesVersion = "v10" obj.API.BindPort = 20 + obj.TokenTTL = &metav1.Duration{Duration: 1 * time.Hour} obj.API.AdvertiseAddress = "foo" obj.Networking.ServiceSubnet = "foo" obj.Networking.DNSDomain = "foo" diff --git a/cmd/kubeadm/app/apis/kubeadm/types.go b/cmd/kubeadm/app/apis/kubeadm/types.go index 31e66fe12d1..72f6d2b3438 100644 --- a/cmd/kubeadm/app/apis/kubeadm/types.go +++ b/cmd/kubeadm/app/apis/kubeadm/types.go @@ -36,7 +36,7 @@ type MasterConfiguration struct { AuthorizationModes []string Token string - TokenTTL metav1.Duration + TokenTTL *metav1.Duration APIServerExtraArgs map[string]string ControllerManagerExtraArgs map[string]string diff --git a/cmd/kubeadm/app/apis/kubeadm/v1alpha1/defaults.go b/cmd/kubeadm/app/apis/kubeadm/v1alpha1/defaults.go index f67f5bdbcaf..6edb7785fb5 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1alpha1/defaults.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1alpha1/defaults.go @@ -83,8 +83,8 @@ func SetDefaults_MasterConfiguration(obj *MasterConfiguration) { obj.CertificatesDir = DefaultCertificatesDir } - if obj.TokenTTL.Duration == 0 { - obj.TokenTTL = metav1.Duration{ + if obj.TokenTTL == nil { + obj.TokenTTL = &metav1.Duration{ Duration: constants.DefaultTokenDuration, } } diff --git a/cmd/kubeadm/app/apis/kubeadm/v1alpha1/types.go b/cmd/kubeadm/app/apis/kubeadm/v1alpha1/types.go index d75d3cdd146..b8e8f09fb30 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1alpha1/types.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1alpha1/types.go @@ -35,8 +35,8 @@ type MasterConfiguration struct { NodeName string `json:"nodeName"` AuthorizationModes []string `json:"authorizationModes,omitempty"` - Token string `json:"token"` - TokenTTL metav1.Duration `json:"tokenTTL"` + Token string `json:"token"` + TokenTTL *metav1.Duration `json:"tokenTTL,omitempty"` APIServerExtraArgs map[string]string `json:"apiServerExtraArgs,omitempty"` ControllerManagerExtraArgs map[string]string `json:"controllerManagerExtraArgs,omitempty"` diff --git a/cmd/kubeadm/app/apis/kubeadm/v1alpha1/zz_generated.conversion.go b/cmd/kubeadm/app/apis/kubeadm/v1alpha1/zz_generated.conversion.go index 345aef4d56e..e61368cdbc8 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1alpha1/zz_generated.conversion.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1alpha1/zz_generated.conversion.go @@ -21,6 +21,7 @@ limitations under the License. package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" kubeadm "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm" @@ -149,7 +150,7 @@ func autoConvert_v1alpha1_MasterConfiguration_To_kubeadm_MasterConfiguration(in out.NodeName = in.NodeName out.AuthorizationModes = *(*[]string)(unsafe.Pointer(&in.AuthorizationModes)) out.Token = in.Token - out.TokenTTL = in.TokenTTL + out.TokenTTL = (*v1.Duration)(unsafe.Pointer(in.TokenTTL)) out.APIServerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.APIServerExtraArgs)) out.ControllerManagerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ControllerManagerExtraArgs)) out.SchedulerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.SchedulerExtraArgs)) @@ -184,7 +185,7 @@ func autoConvert_kubeadm_MasterConfiguration_To_v1alpha1_MasterConfiguration(in out.NodeName = in.NodeName out.AuthorizationModes = *(*[]string)(unsafe.Pointer(&in.AuthorizationModes)) out.Token = in.Token - out.TokenTTL = in.TokenTTL + out.TokenTTL = (*v1.Duration)(unsafe.Pointer(in.TokenTTL)) out.APIServerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.APIServerExtraArgs)) out.ControllerManagerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.ControllerManagerExtraArgs)) out.SchedulerExtraArgs = *(*map[string]string)(unsafe.Pointer(&in.SchedulerExtraArgs)) diff --git a/cmd/kubeadm/app/apis/kubeadm/v1alpha1/zz_generated.deepcopy.go b/cmd/kubeadm/app/apis/kubeadm/v1alpha1/zz_generated.deepcopy.go index 7f49b3aeb52..0cdc0810d8b 100644 --- a/cmd/kubeadm/app/apis/kubeadm/v1alpha1/zz_generated.deepcopy.go +++ b/cmd/kubeadm/app/apis/kubeadm/v1alpha1/zz_generated.deepcopy.go @@ -21,6 +21,7 @@ limitations under the License. package v1alpha1 import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" reflect "reflect" @@ -147,7 +148,15 @@ func (in *MasterConfiguration) DeepCopyInto(out *MasterConfiguration) { *out = make([]string, len(*in)) copy(*out, *in) } - out.TokenTTL = in.TokenTTL + if in.TokenTTL != nil { + in, out := &in.TokenTTL, &out.TokenTTL + if *in == nil { + *out = nil + } else { + *out = new(v1.Duration) + **out = **in + } + } if in.APIServerExtraArgs != nil { in, out := &in.APIServerExtraArgs, &out.APIServerExtraArgs *out = make(map[string]string, len(*in)) diff --git a/cmd/kubeadm/app/apis/kubeadm/zz_generated.deepcopy.go b/cmd/kubeadm/app/apis/kubeadm/zz_generated.deepcopy.go index e860b61de36..13cd1bd0b12 100644 --- a/cmd/kubeadm/app/apis/kubeadm/zz_generated.deepcopy.go +++ b/cmd/kubeadm/app/apis/kubeadm/zz_generated.deepcopy.go @@ -21,6 +21,7 @@ limitations under the License. package kubeadm import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" reflect "reflect" @@ -152,7 +153,15 @@ func (in *MasterConfiguration) DeepCopyInto(out *MasterConfiguration) { *out = make([]string, len(*in)) copy(*out, *in) } - out.TokenTTL = in.TokenTTL + if in.TokenTTL != nil { + in, out := &in.TokenTTL, &out.TokenTTL + if *in == nil { + *out = nil + } else { + *out = new(v1.Duration) + **out = **in + } + } if in.APIServerExtraArgs != nil { in, out := &in.APIServerExtraArgs, &out.APIServerExtraArgs *out = make(map[string]string, len(*in)) diff --git a/cmd/kubeadm/app/cmd/BUILD b/cmd/kubeadm/app/cmd/BUILD index d34b8e2eb89..a7d3d92dde1 100644 --- a/cmd/kubeadm/app/cmd/BUILD +++ b/cmd/kubeadm/app/cmd/BUILD @@ -21,6 +21,7 @@ go_library( importpath = "k8s.io/kubernetes/cmd/kubeadm/app/cmd", deps = [ "//cmd/kubeadm/app/apis/kubeadm:go_default_library", + "//cmd/kubeadm/app/apis/kubeadm/install:go_default_library", "//cmd/kubeadm/app/apis/kubeadm/v1alpha1:go_default_library", "//cmd/kubeadm/app/apis/kubeadm/validation:go_default_library", "//cmd/kubeadm/app/cmd/phases:go_default_library", diff --git a/cmd/kubeadm/app/cmd/cmd.go b/cmd/kubeadm/app/cmd/cmd.go index aa51b2bfce2..95a0c5d637f 100644 --- a/cmd/kubeadm/app/cmd/cmd.go +++ b/cmd/kubeadm/app/cmd/cmd.go @@ -25,6 +25,10 @@ import ( "k8s.io/apiserver/pkg/util/flag" "k8s.io/kubernetes/cmd/kubeadm/app/cmd/phases" "k8s.io/kubernetes/cmd/kubeadm/app/cmd/upgrade" + + // Register the kubeadm configuration types because CLI flag generation + // depends on the generated defaults. + _ "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/install" ) // NewKubeadmCommand return cobra.Command to run kubeadm command diff --git a/cmd/kubeadm/app/cmd/upgrade/common_test.go b/cmd/kubeadm/app/cmd/upgrade/common_test.go index 0f07ce2a672..ce00399b2cb 100644 --- a/cmd/kubeadm/app/cmd/upgrade/common_test.go +++ b/cmd/kubeadm/app/cmd/upgrade/common_test.go @@ -58,7 +58,6 @@ func TestPrintConfiguration(t *testing.T) { serviceSubnet: "" nodeName: "" token: "" - tokenTTL: 0s unifiedControlPlaneImage: "" `), }, @@ -90,7 +89,6 @@ func TestPrintConfiguration(t *testing.T) { serviceSubnet: 10.96.0.1/12 nodeName: "" token: "" - tokenTTL: 0s unifiedControlPlaneImage: "" `), }, @@ -132,7 +130,6 @@ func TestPrintConfiguration(t *testing.T) { serviceSubnet: "" nodeName: "" token: "" - tokenTTL: 0s unifiedControlPlaneImage: "" `), },