github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-05 02:09:56 +00:00
Code Issues Projects Releases Wiki Activity

services must listen on port 443

Browse Source
This commit is contained in:
David Eads 2018-05-29 08:28:41 -04:00
parent 07e6410cf7
commit b3ce7a9935
2 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
staging/src/k8s.io/kube-aggregator/pkg/controllers/status/available_controller.go
View File

@ -176,6 +176,22 @@ func (c *AvailableConditionController) sync(key string) error {
} }
if service.Spec.Type == v1.ServiceTypeClusterIP { if service.Spec.Type == v1.ServiceTypeClusterIP {
// if we have a cluster IP service, it must be listening on 443 and we can check that
foundPort := false
for _, port := range service.Spec.Ports {
if port.Port == 443 {
foundPort = true
}
}
if !foundPort {
availableCondition.Status = apiregistration.ConditionFalse
availableCondition.Reason = "ServicePortError"
availableCondition.Message = fmt.Sprintf("service/%s in %q is not listening on port 443", apiService.Spec.Service.Name, apiService.Spec.Service.Namespace)
apiregistration.SetAPIServiceCondition(apiService, availableCondition)
_, err := c.apiServiceClient.APIServices().UpdateStatus(apiService)
return err
}
endpoints, err := c.endpointsLister.Endpoints(apiService.Spec.Service.Namespace).Get(apiService.Spec.Service.Name) endpoints, err := c.endpointsLister.Endpoints(apiService.Spec.Service.Namespace).Get(apiService.Spec.Service.Name)
if apierrors.IsNotFound(err) { if apierrors.IsNotFound(err) {
availableCondition.Status = apiregistration.ConditionFalse availableCondition.Status = apiregistration.ConditionFalse

24
staging/src/k8s.io/kube-aggregator/pkg/controllers/status/available_controller_test.go
View File

@ -55,6 +55,9 @@ func newService(namespace, name string) *v1.Service {
ObjectMeta: metav1.ObjectMeta{Namespace: namespace, Name: name}, ObjectMeta: metav1.ObjectMeta{Namespace: namespace, Name: name},
Spec: v1.ServiceSpec{ Spec: v1.ServiceSpec{
Type: v1.ServiceTypeClusterIP, Type: v1.ServiceTypeClusterIP,
Ports: []v1.ServicePort{
{Port: 443},
},
}, },
} }
} }
@ -110,6 +113,27 @@ func TestSync(t *testing.T) {
Message: `service/bar in "foo" is not present`, Message: `service/bar in "foo" is not present`,
}, },
}, },
{
name: "service on bad port",
apiServiceName: "remote.group",
apiServices: []*apiregistration.APIService{newRemoteAPIService("remote.group")},
services: []*v1.Service{{
ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "bar"},
Spec: v1.ServiceSpec{
Type: v1.ServiceTypeClusterIP,
Ports: []v1.ServicePort{
{Port: 6443},
},
},
}},
endpoints: []*v1.Endpoints{newEndpointsWithAddress("foo", "bar")},
expectedAvailability: apiregistration.APIServiceCondition{
Type: apiregistration.Available,
Status: apiregistration.ConditionFalse,
Reason: "ServicePortError",
Message: `service/bar in "foo" is not listening on port 443`,
},
},
{ {
name: "no endpoints", name: "no endpoints",
apiServiceName: "remote.group", apiServiceName: "remote.group",