From 9578523180050bf4c1c4d4eeb6beda505135f07e Mon Sep 17 00:00:00 2001 From: deads2k Date: Mon, 17 Oct 2016 15:16:58 -0400 Subject: [PATCH] move proxytransport config out of the genericapiserver --- cmd/kube-apiserver/app/server.go | 10 ++++++++-- pkg/genericapiserver/config.go | 13 ------------- pkg/genericapiserver/genericapiserver.go | 3 --- pkg/genericapiserver/genericapiserver_test.go | 12 ------------ pkg/master/master.go | 4 +++- pkg/master/master_test.go | 17 +++++------------ 6 files changed, 16 insertions(+), 43 deletions(-) diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go index 854c23acef9..d47dc007c63 100644 --- a/cmd/kube-apiserver/app/server.go +++ b/cmd/kube-apiserver/app/server.go @@ -22,6 +22,7 @@ package app import ( "crypto/tls" "net" + "net/http" "net/url" "strconv" "strings" @@ -55,6 +56,7 @@ import ( "k8s.io/kubernetes/pkg/master" "k8s.io/kubernetes/pkg/registry/cachesize" "k8s.io/kubernetes/pkg/serviceaccount" + utilnet "k8s.io/kubernetes/pkg/util/net" "k8s.io/kubernetes/pkg/util/wait" "k8s.io/kubernetes/pkg/version" authenticatorunion "k8s.io/kubernetes/plugin/pkg/auth/authenticator/request/union" @@ -288,7 +290,12 @@ func Run(s *options.APIServer) error { glog.Fatalf("Failed to initialize plugins: %v", err) } + proxyTransport := utilnet.SetTransportDefaults(&http.Transport{ + Dial: proxyDialerFn, + TLSClientConfig: proxyTLSClientConfig, + }) kubeVersion := version.Get() + genericConfig.Version = &kubeVersion genericConfig.LoopbackClientConfig = selfClientConfig genericConfig.Authenticator = apiAuthenticator @@ -298,8 +305,6 @@ func Run(s *options.APIServer) error { genericConfig.AdmissionControl = admissionController genericConfig.APIResourceConfigSource = storageFactory.APIResourceConfigSource genericConfig.MasterServiceNamespace = s.MasterServiceNamespace - genericConfig.ProxyDialer = proxyDialerFn - genericConfig.ProxyTLSClientConfig = proxyTLSClientConfig genericConfig.OpenAPIConfig.Info.Title = "Kubernetes" genericConfig.OpenAPIConfig.Definitions = generatedopenapi.OpenAPIDefinitions genericConfig.OpenAPIConfig.GetOperationID = openapi.GetOperationID @@ -316,6 +321,7 @@ func Run(s *options.APIServer) error { KubeletClientConfig: s.KubeletConfig, EnableUISupport: true, EnableLogsSupport: true, + ProxyTransport: proxyTransport, Tunneler: tunneler, } diff --git a/pkg/genericapiserver/config.go b/pkg/genericapiserver/config.go index ca612080c4f..066978b06a5 100644 --- a/pkg/genericapiserver/config.go +++ b/pkg/genericapiserver/config.go @@ -17,7 +17,6 @@ limitations under the License. package genericapiserver import ( - "crypto/tls" "fmt" "io" "net" @@ -36,7 +35,6 @@ import ( "k8s.io/kubernetes/pkg/admission" "k8s.io/kubernetes/pkg/api" "k8s.io/kubernetes/pkg/api/unversioned" - "k8s.io/kubernetes/pkg/apiserver" apiserverfilters "k8s.io/kubernetes/pkg/apiserver/filters" "k8s.io/kubernetes/pkg/apiserver/request" "k8s.io/kubernetes/pkg/auth/authenticator" @@ -139,10 +137,6 @@ type Config struct { // The range of ports to be assigned to services with type=NodePort or greater ServiceNodePortRange utilnet.PortRange - // Used to customize default proxy dial/tls options - ProxyDialer apiserver.ProxyDialerFunc - ProxyTLSClientConfig *tls.Config - // Additional ports to be exposed on the GenericAPIServer service // extraServicePorts is injectable in the event that more ports // (other than the default 443/tcp) are exposed on the GenericAPIServer @@ -399,13 +393,6 @@ func (c completedConfig) New() (*GenericAPIServer, error) { s.HandlerContainer = mux.NewAPIContainer(http.NewServeMux(), c.Serializer) - if c.ProxyDialer != nil || c.ProxyTLSClientConfig != nil { - s.ProxyTransport = utilnet.SetTransportDefaults(&http.Transport{ - Dial: c.ProxyDialer, - TLSClientConfig: c.ProxyTLSClientConfig, - }) - } - s.installAPI(c.Config) s.Handler, s.InsecureHandler = c.BuildHandlerChainsFunc(s.HandlerContainer.ServeMux, c.Config) diff --git a/pkg/genericapiserver/genericapiserver.go b/pkg/genericapiserver/genericapiserver.go index 91980c25d42..7974062b85a 100644 --- a/pkg/genericapiserver/genericapiserver.go +++ b/pkg/genericapiserver/genericapiserver.go @@ -132,9 +132,6 @@ type GenericAPIServer struct { Handler http.Handler InsecureHandler http.Handler - // Used for custom proxy dialing, and proxy TLS options - ProxyTransport http.RoundTripper - // Map storing information about all groups to be exposed in discovery response. // The map is from name to the group. apiGroupsForDiscoveryLock sync.RWMutex diff --git a/pkg/genericapiserver/genericapiserver_test.go b/pkg/genericapiserver/genericapiserver_test.go index 5439d7cc3d0..f3ae4331908 100644 --- a/pkg/genericapiserver/genericapiserver_test.go +++ b/pkg/genericapiserver/genericapiserver_test.go @@ -17,7 +17,6 @@ limitations under the License. package genericapiserver import ( - "crypto/tls" "encoding/json" "fmt" "io" @@ -40,7 +39,6 @@ import ( genericmux "k8s.io/kubernetes/pkg/genericapiserver/mux" ipallocator "k8s.io/kubernetes/pkg/registry/core/service/ipallocator" etcdtesting "k8s.io/kubernetes/pkg/storage/etcd/testing" - utilnet "k8s.io/kubernetes/pkg/util/net" "k8s.io/kubernetes/pkg/util/sets" "k8s.io/kubernetes/pkg/version" @@ -54,8 +52,6 @@ func setUp(t *testing.T) (*etcdtesting.EtcdTestServer, Config, *assert.Assertion config := NewConfig() config.PublicAddress = net.ParseIP("192.168.10.4") config.RequestContextMapper = api.NewRequestContextMapper() - config.ProxyDialer = func(network, addr string) (net.Conn, error) { return nil, nil } - config.ProxyTLSClientConfig = &tls.Config{} config.LegacyAPIGroupPrefixes = sets.NewString("/api") return etcdServer, *config, assert.New(t) @@ -88,14 +84,6 @@ func TestNew(t *testing.T) { serviceReadWriteIP, _ := ipallocator.GetIndexedIP(serviceClusterIPRange, 1) assert.Equal(s.ServiceReadWriteIP, serviceReadWriteIP) assert.Equal(s.ExternalAddress, net.JoinHostPort(config.PublicAddress.String(), "6443")) - - // These functions should point to the same memory location - serverDialer, _ := utilnet.Dialer(s.ProxyTransport) - serverDialerFunc := fmt.Sprintf("%p", serverDialer) - configDialerFunc := fmt.Sprintf("%p", config.ProxyDialer) - assert.Equal(serverDialerFunc, configDialerFunc) - - assert.Equal(s.ProxyTransport.(*http.Transport).TLSClientConfig, config.ProxyTLSClientConfig) } // Verifies that AddGroupVersions works as expected. diff --git a/pkg/master/master.go b/pkg/master/master.go index 250b488dd2a..f3672c71e51 100644 --- a/pkg/master/master.go +++ b/pkg/master/master.go @@ -19,6 +19,7 @@ package master import ( "fmt" "net" + "net/http" "net/url" "reflect" "strconv" @@ -99,6 +100,7 @@ type Config struct { Tunneler genericapiserver.Tunneler EnableUISupport bool EnableLogsSupport bool + ProxyTransport http.RoundTripper } // EndpointReconcilerConfig holds the endpoint reconciler and endpoint reconciliation interval to be @@ -197,7 +199,7 @@ func (c completedConfig) New() (*Master, error) { if c.GenericConfig.APIResourceConfigSource.AnyResourcesForVersionEnabled(apiv1.SchemeGroupVersion) { legacyRESTStorageProvider := corerest.LegacyRESTStorageProvider{ StorageFactory: c.StorageFactory, - ProxyTransport: s.ProxyTransport, + ProxyTransport: c.ProxyTransport, KubeletClientConfig: c.KubeletClientConfig, EventTTL: c.EventTTL, ServiceClusterIPRange: c.GenericConfig.ServiceClusterIPRange, diff --git a/pkg/master/master_test.go b/pkg/master/master_test.go index 559dd6c2bd3..bcf76d8596c 100644 --- a/pkg/master/master_test.go +++ b/pkg/master/master_test.go @@ -19,7 +19,6 @@ package master import ( "crypto/tls" "encoding/json" - "fmt" "io/ioutil" "net" "net/http" @@ -91,12 +90,14 @@ func setUp(t *testing.T) (*Master, *etcdtesting.EtcdTestServer, Config, *assert. config.GenericConfig.PublicAddress = net.ParseIP("192.168.10.4") config.GenericConfig.LegacyAPIGroupPrefixes = sets.NewString("/api") config.GenericConfig.APIResourceConfigSource = DefaultAPIResourceConfigSource() - config.GenericConfig.ProxyDialer = func(network, addr string) (net.Conn, error) { return nil, nil } - config.GenericConfig.ProxyTLSClientConfig = &tls.Config{} config.GenericConfig.RequestContextMapper = api.NewRequestContextMapper() config.GenericConfig.LoopbackClientConfig = &restclient.Config{APIPath: "/api", ContentConfig: restclient.ContentConfig{NegotiatedSerializer: api.Codecs}} config.EnableCoreControllers = false config.KubeletClientConfig = kubeletclient.KubeletClientConfig{Port: 10250} + config.ProxyTransport = utilnet.SetTransportDefaults(&http.Transport{ + Dial: func(network, addr string) (net.Conn, error) { return nil, nil }, + TLSClientConfig: &tls.Config{}, + }) master, err := config.Complete().New() if err != nil { @@ -149,7 +150,7 @@ func newLimitedMaster(t *testing.T) (*Master, *etcdtesting.EtcdTestServer, Confi // TestNew verifies that the New function returns a Master // using the configuration properly. func TestNew(t *testing.T) { - master, etcdserver, config, assert := newMaster(t) + master, etcdserver, _, assert := newMaster(t) defer etcdserver.Terminate(t) // these values get defaulted @@ -157,14 +158,6 @@ func TestNew(t *testing.T) { serviceReadWriteIP, _ := ipallocator.GetIndexedIP(serviceClusterIPRange, 1) assert.Equal(master.GenericAPIServer.MasterCount, 1) assert.Equal(master.GenericAPIServer.ServiceReadWriteIP, serviceReadWriteIP) - - // These functions should point to the same memory location - masterDialer, _ := utilnet.Dialer(master.GenericAPIServer.ProxyTransport) - masterDialerFunc := fmt.Sprintf("%p", masterDialer) - configDialerFunc := fmt.Sprintf("%p", config.GenericConfig.ProxyDialer) - assert.Equal(masterDialerFunc, configDialerFunc) - - assert.Equal(master.GenericAPIServer.ProxyTransport.(*http.Transport).TLSClientConfig, config.GenericConfig.ProxyTLSClientConfig) } // TestVersion tests /version