From 9a8bf348a6469160159d1123d285c72b0af40178 Mon Sep 17 00:00:00 2001 From: deads2k Date: Mon, 9 Jan 2017 13:27:59 -0500 Subject: [PATCH] move tunneler out of generic --- cmd/kube-apiserver/app/BUILD | 1 + cmd/kube-apiserver/app/server.go | 23 ++++----- pkg/genericapiserver/BUILD | 8 ---- pkg/master/BUILD | 2 + pkg/master/master.go | 11 +++-- pkg/master/tunneler/BUILD | 47 +++++++++++++++++++ .../tunneler.go => master/tunneler/ssh.go} | 4 +- .../tunneler/ssh_test.go} | 2 +- 8 files changed, 71 insertions(+), 27 deletions(-) create mode 100644 pkg/master/tunneler/BUILD rename pkg/{genericapiserver/tunneler.go => master/tunneler/ssh.go} (97%) rename pkg/{genericapiserver/tunneler_test.go => master/tunneler/ssh_test.go} (99%) diff --git a/cmd/kube-apiserver/app/BUILD b/cmd/kube-apiserver/app/BUILD index e634942ef86..84c65962a3c 100644 --- a/cmd/kube-apiserver/app/BUILD +++ b/cmd/kube-apiserver/app/BUILD @@ -33,6 +33,7 @@ go_library( "//pkg/kubeapiserver/admission:go_default_library", "//pkg/kubeapiserver/authenticator:go_default_library", "//pkg/master:go_default_library", + "//pkg/master/tunneler:go_default_library", "//pkg/registry/cachesize:go_default_library", "//pkg/version:go_default_library", "//plugin/pkg/admission/admit:go_default_library", diff --git a/cmd/kube-apiserver/app/server.go b/cmd/kube-apiserver/app/server.go index d732bd44c42..bc2a9e46d97 100644 --- a/cmd/kube-apiserver/app/server.go +++ b/cmd/kube-apiserver/app/server.go @@ -57,6 +57,7 @@ import ( kubeadmission "k8s.io/kubernetes/pkg/kubeapiserver/admission" kubeauthenticator "k8s.io/kubernetes/pkg/kubeapiserver/authenticator" "k8s.io/kubernetes/pkg/master" + "k8s.io/kubernetes/pkg/master/tunneler" "k8s.io/kubernetes/pkg/registry/cachesize" "k8s.io/kubernetes/pkg/version" ) @@ -123,19 +124,19 @@ func Run(s *options.ServerRunOptions) error { PerConnectionBandwidthLimitBytesPerSec: s.MaxConnectionBytesPerSec, }) - // Setup tunneler if needed - var tunneler genericapiserver.Tunneler + // Setup nodeTunneler if needed + var nodeTunneler tunneler.Tunneler var proxyDialerFn utilnet.DialFunc if len(s.SSHUser) > 0 { // Get ssh key distribution func, if supported - var installSSH genericapiserver.InstallSSHKey + var installSSHKey tunneler.InstallSSHKey cloud, err := cloudprovider.InitCloudProvider(s.CloudProvider.CloudProvider, s.CloudProvider.CloudConfigFile) if err != nil { return fmt.Errorf("cloud provider could not be initialized: %v", err) } if cloud != nil { if instances, supported := cloud.Instances(); supported { - installSSH = instances.AddSSHKeyToAllInstances + installSSHKey = instances.AddSSHKeyToAllInstances } } if s.KubeletConfig.Port == 0 { @@ -144,7 +145,7 @@ func Run(s *options.ServerRunOptions) error { if s.KubeletConfig.ReadOnlyPort == 0 { return fmt.Errorf("must enable kubelet readonly port if proxy ssh-tunneling is specified") } - // Set up the tunneler + // Set up the nodeTunneler // TODO(cjcullen): If we want this to handle per-kubelet ports or other // kubelet listen-addresses, we need to plumb through options. healthCheckPath := &url.URL{ @@ -152,12 +153,12 @@ func Run(s *options.ServerRunOptions) error { Host: net.JoinHostPort("127.0.0.1", strconv.FormatUint(uint64(s.KubeletConfig.ReadOnlyPort), 10)), Path: "healthz", } - tunneler = genericapiserver.NewSSHTunneler(s.SSHUser, s.SSHKeyfile, healthCheckPath, installSSH) + nodeTunneler = tunneler.New(s.SSHUser, s.SSHKeyfile, healthCheckPath, installSSHKey) - // Use the tunneler's dialer to connect to the kubelet - s.KubeletConfig.Dial = tunneler.Dial - // Use the tunneler's dialer when proxying to pods, services, and nodes - proxyDialerFn = tunneler.Dial + // Use the nodeTunneler's dialer to connect to the kubelet + s.KubeletConfig.Dial = nodeTunneler.Dial + // Use the nodeTunneler's dialer when proxying to pods, services, and nodes + proxyDialerFn = nodeTunneler.Dial } // Proxying to pods and services is IP-based... don't expect to be able to verify the hostname @@ -311,7 +312,7 @@ func Run(s *options.ServerRunOptions) error { EnableLogsSupport: true, ProxyTransport: proxyTransport, - Tunneler: tunneler, + Tunneler: nodeTunneler, ServiceIPRange: serviceIPRange, APIServerServiceIP: apiServerServiceIP, diff --git a/pkg/genericapiserver/BUILD b/pkg/genericapiserver/BUILD index 6288e290ce2..97b536f66a8 100644 --- a/pkg/genericapiserver/BUILD +++ b/pkg/genericapiserver/BUILD @@ -23,7 +23,6 @@ go_library( "resource_encoding_config.go", "serve.go", "storage_factory.go", - "tunneler.go", ], tags = ["automanaged"], deps = [ @@ -42,11 +41,8 @@ go_library( "//pkg/genericapiserver/mux:go_default_library", "//pkg/genericapiserver/options:go_default_library", "//pkg/genericapiserver/routes:go_default_library", - "//pkg/ssh:go_default_library", "//pkg/storage/storagebackend:go_default_library", - "//pkg/util:go_default_library", "//pkg/util/cert:go_default_library", - "//pkg/util/clock:go_default_library", "//pkg/util/config:go_default_library", "//pkg/version:go_default_library", "//vendor:github.com/coreos/go-systemd/daemon", @@ -56,7 +52,6 @@ go_library( "//vendor:github.com/golang/glog", "//vendor:github.com/pborman/uuid", "//vendor:github.com/pkg/errors", - "//vendor:github.com/prometheus/client_golang/prometheus", "//vendor:gopkg.in/natefinch/lumberjack.v2", "//vendor:k8s.io/apimachinery/pkg/apimachinery", "//vendor:k8s.io/apimachinery/pkg/apimachinery/registered", @@ -69,7 +64,6 @@ go_library( "//vendor:k8s.io/apimachinery/pkg/util/runtime", "//vendor:k8s.io/apimachinery/pkg/util/sets", "//vendor:k8s.io/apimachinery/pkg/util/validation", - "//vendor:k8s.io/apimachinery/pkg/util/wait", "//vendor:k8s.io/apiserver/pkg/authentication/authenticator", "//vendor:k8s.io/apiserver/pkg/authentication/request/union", "//vendor:k8s.io/apiserver/pkg/authentication/user", @@ -88,7 +82,6 @@ go_test( "serve_test.go", "server_run_options_test.go", "storage_factory_test.go", - "tunneler_test.go", ], library = ":go_default_library", tags = ["automanaged"], @@ -107,7 +100,6 @@ go_test( "//pkg/storage/etcd/testing:go_default_library", "//pkg/storage/storagebackend:go_default_library", "//pkg/util/cert:go_default_library", - "//pkg/util/clock:go_default_library", "//pkg/util/config:go_default_library", "//pkg/version:go_default_library", "//vendor:github.com/go-openapi/spec", diff --git a/pkg/master/BUILD b/pkg/master/BUILD index 9a051caccef..495c3dbba0a 100644 --- a/pkg/master/BUILD +++ b/pkg/master/BUILD @@ -52,6 +52,7 @@ go_library( "//pkg/genericapiserver:go_default_library", "//pkg/kubelet/client:go_default_library", "//pkg/master/thirdparty:go_default_library", + "//pkg/master/tunneler:go_default_library", "//pkg/registry/apps/rest:go_default_library", "//pkg/registry/authentication/rest:go_default_library", "//pkg/registry/authorization/rest:go_default_library", @@ -148,6 +149,7 @@ filegroup( ":package-srcs", "//pkg/master/ports:all-srcs", "//pkg/master/thirdparty:all-srcs", + "//pkg/master/tunneler:all-srcs", ], tags = ["automanaged"], ) diff --git a/pkg/master/master.go b/pkg/master/master.go index e4c7a73baab..72a07f58031 100644 --- a/pkg/master/master.go +++ b/pkg/master/master.go @@ -45,6 +45,7 @@ import ( "k8s.io/kubernetes/pkg/genericapiserver" kubeletclient "k8s.io/kubernetes/pkg/kubelet/client" "k8s.io/kubernetes/pkg/master/thirdparty" + "k8s.io/kubernetes/pkg/master/tunneler" "k8s.io/kubernetes/pkg/registry/generic" genericregistry "k8s.io/kubernetes/pkg/registry/generic/registry" "k8s.io/kubernetes/pkg/routes" @@ -86,7 +87,7 @@ type Config struct { KubeletClientConfig kubeletclient.KubeletClientConfig // Used to start and monitor tunneling - Tunneler genericapiserver.Tunneler + Tunneler tunneler.Tunneler EnableUISupport bool EnableLogsSupport bool ProxyTransport http.RoundTripper @@ -283,13 +284,13 @@ func (m *Master) InstallLegacyAPI(c *Config, restOptionsGetter generic.RESTOptio } } -func (m *Master) installTunneler(tunneler genericapiserver.Tunneler, nodeClient corev1client.NodeInterface) { - tunneler.Run(nodeAddressProvider{nodeClient}.externalAddresses) - m.GenericAPIServer.AddHealthzChecks(healthz.NamedCheck("SSH Tunnel Check", genericapiserver.TunnelSyncHealthChecker(tunneler))) +func (m *Master) installTunneler(nodeTunneler tunneler.Tunneler, nodeClient corev1client.NodeInterface) { + nodeTunneler.Run(nodeAddressProvider{nodeClient}.externalAddresses) + m.GenericAPIServer.AddHealthzChecks(healthz.NamedCheck("SSH Tunnel Check", tunneler.TunnelSyncHealthChecker(nodeTunneler))) prometheus.NewGaugeFunc(prometheus.GaugeOpts{ Name: "apiserver_proxy_tunnel_sync_latency_secs", Help: "The time since the last successful synchronization of the SSH tunnels for proxy requests.", - }, func() float64 { return float64(tunneler.SecondsSinceSync()) }) + }, func() float64 { return float64(nodeTunneler.SecondsSinceSync()) }) } // RESTStorageProvider is a factory type for REST storage. diff --git a/pkg/master/tunneler/BUILD b/pkg/master/tunneler/BUILD new file mode 100644 index 00000000000..c0b65ffb437 --- /dev/null +++ b/pkg/master/tunneler/BUILD @@ -0,0 +1,47 @@ +package(default_visibility = ["//visibility:public"]) + +licenses(["notice"]) + +load( + "@io_bazel_rules_go//go:def.bzl", + "go_library", + "go_test", +) + +go_test( + name = "go_default_test", + srcs = ["ssh_test.go"], + library = ":go_default_library", + tags = ["automanaged"], + deps = [ + "//pkg/util/clock:go_default_library", + "//vendor:github.com/stretchr/testify/assert", + ], +) + +go_library( + name = "go_default_library", + srcs = ["ssh.go"], + tags = ["automanaged"], + deps = [ + "//pkg/ssh:go_default_library", + "//pkg/util:go_default_library", + "//pkg/util/clock:go_default_library", + "//vendor:github.com/golang/glog", + "//vendor:github.com/prometheus/client_golang/prometheus", + "//vendor:k8s.io/apimachinery/pkg/util/wait", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [":package-srcs"], + tags = ["automanaged"], +) diff --git a/pkg/genericapiserver/tunneler.go b/pkg/master/tunneler/ssh.go similarity index 97% rename from pkg/genericapiserver/tunneler.go rename to pkg/master/tunneler/ssh.go index 8359c659ea8..73d0059ba7a 100644 --- a/pkg/genericapiserver/tunneler.go +++ b/pkg/master/tunneler/ssh.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package genericapiserver +package tunneler import ( "fmt" @@ -85,7 +85,7 @@ type SSHTunneler struct { stopChan chan struct{} } -func NewSSHTunneler(sshUser, sshKeyfile string, healthCheckURL *url.URL, installSSHKey InstallSSHKey) Tunneler { +func New(sshUser, sshKeyfile string, healthCheckURL *url.URL, installSSHKey InstallSSHKey) Tunneler { return &SSHTunneler{ SSHUser: sshUser, SSHKeyfile: sshKeyfile, diff --git a/pkg/genericapiserver/tunneler_test.go b/pkg/master/tunneler/ssh_test.go similarity index 99% rename from pkg/genericapiserver/tunneler_test.go rename to pkg/master/tunneler/ssh_test.go index e37c4630f45..a169028d7f9 100644 --- a/pkg/genericapiserver/tunneler_test.go +++ b/pkg/master/tunneler/ssh_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package genericapiserver +package tunneler import ( "fmt"