mirror of
https://github.com/k3s-io/kubernetes.git
synced 2026-01-04 15:05:20 +00:00
[kube-controller manager]get rid of GenericControllerManagerOptions sub-struct
This commit is contained in:
stewart-yu
@@ -20,77 +20,236 @@ package options
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net"
|
||||
"strings"
|
||||
|
||||
"k8s.io/api/core/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
utilerrors "k8s.io/apimachinery/pkg/util/errors"
|
||||
"k8s.io/apimachinery/pkg/util/sets"
|
||||
apiserveroptions "k8s.io/apiserver/pkg/server/options"
|
||||
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
clientset "k8s.io/client-go/kubernetes"
|
||||
v1core "k8s.io/client-go/kubernetes/typed/core/v1"
|
||||
restclient "k8s.io/client-go/rest"
|
||||
"k8s.io/client-go/tools/clientcmd"
|
||||
"k8s.io/client-go/tools/record"
|
||||
cmoptions "k8s.io/kubernetes/cmd/controller-manager/app/options"
|
||||
kubecontrollerconfig "k8s.io/kubernetes/cmd/kube-controller-manager/app/config"
|
||||
"k8s.io/kubernetes/pkg/api/legacyscheme"
|
||||
"k8s.io/kubernetes/pkg/apis/componentconfig"
|
||||
componentconfigv1alpha1 "k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1"
|
||||
"k8s.io/kubernetes/pkg/controller/garbagecollector"
|
||||
"k8s.io/kubernetes/pkg/master/ports"
|
||||
|
||||
// add the kubernetes feature gates
|
||||
_ "k8s.io/kubernetes/pkg/features"
|
||||
|
||||
"github.com/golang/glog"
|
||||
"github.com/spf13/pflag"
|
||||
)
|
||||
|
||||
// KubeControllerManagerOptions is the main context object for the controller manager.
|
||||
// KubeControllerManagerOptions is the main context object for the kube-controller manager.
|
||||
type KubeControllerManagerOptions struct {
|
||||
Generic *cmoptions.GenericControllerManagerOptions
|
||||
CloudProvider *cmoptions.CloudProviderOptions
|
||||
Debugging *cmoptions.DebuggingOptions
|
||||
GenericComponent *cmoptions.GenericComponentConfigOptions
|
||||
KubeCloudShared *cmoptions.KubeCloudSharedOptions
|
||||
|
||||
AttachDetachController *cmoptions.AttachDetachControllerOptions
|
||||
CSRSigningController *cmoptions.CSRSigningControllerOptions
|
||||
DaemonSetController *cmoptions.DaemonSetControllerOptions
|
||||
DeploymentController *cmoptions.DeploymentControllerOptions
|
||||
DeprecatedFlags *cmoptions.DeprecatedControllerOptions
|
||||
EndPointController *cmoptions.EndPointControllerOptions
|
||||
GarbageCollectorController *cmoptions.GarbageCollectorControllerOptions
|
||||
HPAController *cmoptions.HPAControllerOptions
|
||||
JobController *cmoptions.JobControllerOptions
|
||||
NamespaceController *cmoptions.NamespaceControllerOptions
|
||||
NodeIpamController *cmoptions.NodeIpamControllerOptions
|
||||
NodeLifecycleController *cmoptions.NodeLifecycleControllerOptions
|
||||
PersistentVolumeBinderController *cmoptions.PersistentVolumeBinderControllerOptions
|
||||
PodGCController *cmoptions.PodGCControllerOptions
|
||||
ReplicaSetController *cmoptions.ReplicaSetControllerOptions
|
||||
ReplicationController *cmoptions.ReplicationControllerOptions
|
||||
ResourceQuotaController *cmoptions.ResourceQuotaControllerOptions
|
||||
SAController *cmoptions.SAControllerOptions
|
||||
ServiceController *cmoptions.ServiceControllerOptions
|
||||
|
||||
Controllers []string
|
||||
ExternalCloudVolumePlugin string
|
||||
|
||||
SecureServing *apiserveroptions.SecureServingOptions
|
||||
// TODO: remove insecure serving mode
|
||||
InsecureServing *cmoptions.InsecureServingOptions
|
||||
Authentication *apiserveroptions.DelegatingAuthenticationOptions
|
||||
Authorization *apiserveroptions.DelegatingAuthorizationOptions
|
||||
|
||||
Master string
|
||||
Kubeconfig string
|
||||
}
|
||||
|
||||
// NewKubeControllerManagerOptions creates a new KubeControllerManagerOptions with a default config.
|
||||
func NewKubeControllerManagerOptions() *KubeControllerManagerOptions {
|
||||
componentConfig := cmoptions.NewDefaultControllerManagerComponentConfig(ports.InsecureKubeControllerManagerPort)
|
||||
componentConfig := NewDefaultComponentConfig(ports.InsecureKubeControllerManagerPort)
|
||||
s := KubeControllerManagerOptions{
|
||||
// The common/default are kept in 'cmd/kube-controller-manager/app/options/util.go'.
|
||||
// Please make common changes there but put anything kube-controller specific here.
|
||||
Generic: cmoptions.NewGenericControllerManagerOptions(componentConfig),
|
||||
CloudProvider: &cmoptions.CloudProviderOptions{},
|
||||
Debugging: &cmoptions.DebuggingOptions{},
|
||||
GenericComponent: cmoptions.NewGenericComponentConfigOptions(componentConfig.GenericComponent),
|
||||
KubeCloudShared: cmoptions.NewKubeCloudSharedOptions(componentConfig.KubeCloudShared),
|
||||
AttachDetachController: &cmoptions.AttachDetachControllerOptions{
|
||||
ReconcilerSyncLoopPeriod: componentConfig.AttachDetachController.ReconcilerSyncLoopPeriod,
|
||||
},
|
||||
CSRSigningController: &cmoptions.CSRSigningControllerOptions{
|
||||
ClusterSigningCertFile: componentConfig.CSRSigningController.ClusterSigningCertFile,
|
||||
ClusterSigningKeyFile: componentConfig.CSRSigningController.ClusterSigningKeyFile,
|
||||
ClusterSigningDuration: componentConfig.CSRSigningController.ClusterSigningDuration,
|
||||
},
|
||||
DaemonSetController: &cmoptions.DaemonSetControllerOptions{
|
||||
ConcurrentDaemonSetSyncs: componentConfig.DaemonSetController.ConcurrentDaemonSetSyncs,
|
||||
},
|
||||
DeploymentController: &cmoptions.DeploymentControllerOptions{
|
||||
ConcurrentDeploymentSyncs: componentConfig.DeploymentController.ConcurrentDeploymentSyncs,
|
||||
DeploymentControllerSyncPeriod: componentConfig.DeploymentController.DeploymentControllerSyncPeriod,
|
||||
},
|
||||
DeprecatedFlags: &cmoptions.DeprecatedControllerOptions{
|
||||
RegisterRetryCount: componentConfig.DeprecatedController.RegisterRetryCount,
|
||||
},
|
||||
EndPointController: &cmoptions.EndPointControllerOptions{
|
||||
ConcurrentEndpointSyncs: componentConfig.EndPointController.ConcurrentEndpointSyncs,
|
||||
},
|
||||
GarbageCollectorController: &cmoptions.GarbageCollectorControllerOptions{
|
||||
ConcurrentGCSyncs: componentConfig.GarbageCollectorController.ConcurrentGCSyncs,
|
||||
EnableGarbageCollector: componentConfig.GarbageCollectorController.EnableGarbageCollector,
|
||||
},
|
||||
HPAController: &cmoptions.HPAControllerOptions{
|
||||
HorizontalPodAutoscalerSyncPeriod: componentConfig.HPAController.HorizontalPodAutoscalerSyncPeriod,
|
||||
HorizontalPodAutoscalerUpscaleForbiddenWindow: componentConfig.HPAController.HorizontalPodAutoscalerUpscaleForbiddenWindow,
|
||||
HorizontalPodAutoscalerDownscaleForbiddenWindow: componentConfig.HPAController.HorizontalPodAutoscalerDownscaleForbiddenWindow,
|
||||
HorizontalPodAutoscalerTolerance: componentConfig.HPAController.HorizontalPodAutoscalerTolerance,
|
||||
HorizontalPodAutoscalerUseRESTClients: componentConfig.HPAController.HorizontalPodAutoscalerUseRESTClients,
|
||||
},
|
||||
JobController: &cmoptions.JobControllerOptions{
|
||||
ConcurrentJobSyncs: componentConfig.JobController.ConcurrentJobSyncs,
|
||||
},
|
||||
NamespaceController: &cmoptions.NamespaceControllerOptions{
|
||||
NamespaceSyncPeriod: componentConfig.NamespaceController.NamespaceSyncPeriod,
|
||||
ConcurrentNamespaceSyncs: componentConfig.NamespaceController.ConcurrentNamespaceSyncs,
|
||||
},
|
||||
NodeIpamController: &cmoptions.NodeIpamControllerOptions{
|
||||
NodeCIDRMaskSize: componentConfig.NodeIpamController.NodeCIDRMaskSize,
|
||||
},
|
||||
NodeLifecycleController: &cmoptions.NodeLifecycleControllerOptions{
|
||||
EnableTaintManager: componentConfig.NodeLifecycleController.EnableTaintManager,
|
||||
NodeMonitorGracePeriod: componentConfig.NodeLifecycleController.NodeMonitorGracePeriod,
|
||||
NodeStartupGracePeriod: componentConfig.NodeLifecycleController.NodeStartupGracePeriod,
|
||||
PodEvictionTimeout: componentConfig.NodeLifecycleController.PodEvictionTimeout,
|
||||
},
|
||||
PersistentVolumeBinderController: &cmoptions.PersistentVolumeBinderControllerOptions{
|
||||
PVClaimBinderSyncPeriod: componentConfig.PersistentVolumeBinderController.PVClaimBinderSyncPeriod,
|
||||
VolumeConfiguration: componentConfig.PersistentVolumeBinderController.VolumeConfiguration,
|
||||
},
|
||||
PodGCController: &cmoptions.PodGCControllerOptions{
|
||||
TerminatedPodGCThreshold: componentConfig.PodGCController.TerminatedPodGCThreshold,
|
||||
},
|
||||
ReplicaSetController: &cmoptions.ReplicaSetControllerOptions{
|
||||
ConcurrentRSSyncs: componentConfig.ReplicaSetController.ConcurrentRSSyncs,
|
||||
},
|
||||
ReplicationController: &cmoptions.ReplicationControllerOptions{
|
||||
ConcurrentRCSyncs: componentConfig.ReplicationController.ConcurrentRCSyncs,
|
||||
},
|
||||
ResourceQuotaController: &cmoptions.ResourceQuotaControllerOptions{
|
||||
ResourceQuotaSyncPeriod: componentConfig.ResourceQuotaController.ResourceQuotaSyncPeriod,
|
||||
ConcurrentResourceQuotaSyncs: componentConfig.ResourceQuotaController.ConcurrentResourceQuotaSyncs,
|
||||
},
|
||||
SAController: &cmoptions.SAControllerOptions{
|
||||
ConcurrentSATokenSyncs: componentConfig.SAController.ConcurrentSATokenSyncs,
|
||||
},
|
||||
ServiceController: &cmoptions.ServiceControllerOptions{
|
||||
ConcurrentServiceSyncs: componentConfig.ServiceController.ConcurrentServiceSyncs,
|
||||
},
|
||||
Controllers: componentConfig.Controllers,
|
||||
SecureServing: apiserveroptions.NewSecureServingOptions(),
|
||||
InsecureServing: &cmoptions.InsecureServingOptions{
|
||||
BindAddress: net.ParseIP(componentConfig.KubeCloudShared.Address),
|
||||
BindPort: int(componentConfig.KubeCloudShared.Port),
|
||||
BindNetwork: "tcp",
|
||||
},
|
||||
Authentication: nil, // TODO: enable with apiserveroptions.NewDelegatingAuthenticationOptions()
|
||||
Authorization: nil, // TODO: enable with apiserveroptions.NewDelegatingAuthorizationOptions()
|
||||
}
|
||||
|
||||
s.Generic.SecureServing.ServerCert.CertDirectory = "/var/run/kubernetes"
|
||||
s.Generic.SecureServing.ServerCert.PairName = "kube-controller-manager"
|
||||
s.SecureServing.ServerCert.CertDirectory = "/var/run/kubernetes"
|
||||
s.SecureServing.ServerCert.PairName = "kube-controller-manager"
|
||||
|
||||
// disable secure serving for now
|
||||
// TODO: enable HTTPS by default
|
||||
s.SecureServing.BindPort = 0
|
||||
|
||||
gcIgnoredResources := make([]componentconfig.GroupResource, 0, len(garbagecollector.DefaultIgnoredResources()))
|
||||
for r := range garbagecollector.DefaultIgnoredResources() {
|
||||
gcIgnoredResources = append(gcIgnoredResources, componentconfig.GroupResource{Group: r.Group, Resource: r.Resource})
|
||||
}
|
||||
|
||||
s.Generic.GarbageCollectorController.GCIgnoredResources = gcIgnoredResources
|
||||
s.GarbageCollectorController.GCIgnoredResources = gcIgnoredResources
|
||||
|
||||
return &s
|
||||
}
|
||||
|
||||
// NewDefaultComponentConfig returns kube-controller manager configuration object.
|
||||
func NewDefaultComponentConfig(insecurePort int32) componentconfig.KubeControllerManagerConfiguration {
|
||||
scheme := runtime.NewScheme()
|
||||
componentconfigv1alpha1.AddToScheme(scheme)
|
||||
componentconfig.AddToScheme(scheme)
|
||||
|
||||
versioned := componentconfigv1alpha1.KubeControllerManagerConfiguration{}
|
||||
scheme.Default(&versioned)
|
||||
|
||||
internal := componentconfig.KubeControllerManagerConfiguration{}
|
||||
scheme.Convert(&versioned, &internal, nil)
|
||||
internal.KubeCloudShared.Port = insecurePort
|
||||
return internal
|
||||
}
|
||||
|
||||
// AddFlags adds flags for a specific KubeControllerManagerOptions to the specified FlagSet
|
||||
func (s *KubeControllerManagerOptions) AddFlags(fs *pflag.FlagSet, allControllers []string, disabledByDefaultControllers []string) {
|
||||
s.Generic.AddFlags(fs)
|
||||
s.Generic.AttachDetachController.AddFlags(fs)
|
||||
s.Generic.CSRSigningController.AddFlags(fs)
|
||||
s.Generic.DeploymentController.AddFlags(fs)
|
||||
s.Generic.DaemonSetController.AddFlags(fs)
|
||||
s.Generic.DeprecatedFlags.AddFlags(fs)
|
||||
s.Generic.EndPointController.AddFlags(fs)
|
||||
s.Generic.GarbageCollectorController.AddFlags(fs)
|
||||
s.Generic.HPAController.AddFlags(fs)
|
||||
s.Generic.JobController.AddFlags(fs)
|
||||
s.Generic.NamespaceController.AddFlags(fs)
|
||||
s.Generic.NodeIpamController.AddFlags(fs)
|
||||
s.Generic.NodeLifecycleController.AddFlags(fs)
|
||||
s.Generic.PersistentVolumeBinderController.AddFlags(fs)
|
||||
s.Generic.PodGCController.AddFlags(fs)
|
||||
s.Generic.ReplicaSetController.AddFlags(fs)
|
||||
s.Generic.ReplicationController.AddFlags(fs)
|
||||
s.Generic.ResourceQuotaController.AddFlags(fs)
|
||||
s.Generic.SAController.AddFlags(fs)
|
||||
s.CloudProvider.AddFlags(fs)
|
||||
s.Debugging.AddFlags(fs)
|
||||
s.GenericComponent.AddFlags(fs)
|
||||
s.KubeCloudShared.AddFlags(fs)
|
||||
s.ServiceController.AddFlags(fs)
|
||||
|
||||
fs.StringSliceVar(&s.Generic.Controllers, "controllers", s.Generic.Controllers, fmt.Sprintf(""+
|
||||
s.SecureServing.AddFlags(fs)
|
||||
s.InsecureServing.AddFlags(fs)
|
||||
s.Authentication.AddFlags(fs)
|
||||
s.Authorization.AddFlags(fs)
|
||||
|
||||
s.AttachDetachController.AddFlags(fs)
|
||||
s.CSRSigningController.AddFlags(fs)
|
||||
s.DeploymentController.AddFlags(fs)
|
||||
s.DaemonSetController.AddFlags(fs)
|
||||
s.DeprecatedFlags.AddFlags(fs)
|
||||
s.EndPointController.AddFlags(fs)
|
||||
s.GarbageCollectorController.AddFlags(fs)
|
||||
s.HPAController.AddFlags(fs)
|
||||
s.JobController.AddFlags(fs)
|
||||
s.NamespaceController.AddFlags(fs)
|
||||
s.NodeIpamController.AddFlags(fs)
|
||||
s.NodeLifecycleController.AddFlags(fs)
|
||||
s.PersistentVolumeBinderController.AddFlags(fs)
|
||||
s.PodGCController.AddFlags(fs)
|
||||
s.ReplicaSetController.AddFlags(fs)
|
||||
s.ReplicationController.AddFlags(fs)
|
||||
s.ResourceQuotaController.AddFlags(fs)
|
||||
s.SAController.AddFlags(fs)
|
||||
|
||||
fs.StringVar(&s.Master, "master", s.Master, "The address of the Kubernetes API server (overrides any value in kubeconfig).")
|
||||
fs.StringVar(&s.Kubeconfig, "kubeconfig", s.Kubeconfig, "Path to kubeconfig file with authorization and master location information.")
|
||||
fs.StringSliceVar(&s.Controllers, "controllers", s.Controllers, fmt.Sprintf(""+
|
||||
"A list of controllers to enable. '*' enables all on-by-default controllers, 'foo' enables the controller "+
|
||||
"named 'foo', '-foo' disables the controller named 'foo'.\nAll controllers: %s\nDisabled-by-default controllers: %s",
|
||||
strings.Join(allControllers, ", "), strings.Join(disabledByDefaultControllers, ", ")))
|
||||
fs.StringVar(&s.Generic.ExternalCloudVolumePlugin, "external-cloud-volume-plugin", s.Generic.ExternalCloudVolumePlugin, "The plugin to use when cloud provider is set to external. Can be empty, should only be set when cloud-provider is external. Currently used to allow node and volume controllers to work for in tree cloud providers.")
|
||||
fs.StringVar(&s.ExternalCloudVolumePlugin, "external-cloud-volume-plugin", s.ExternalCloudVolumePlugin, "The plugin to use when cloud provider is set to external. Can be empty, should only be set when cloud-provider is external. Currently used to allow node and volume controllers to work for in tree cloud providers.")
|
||||
var dummy string
|
||||
fs.MarkDeprecated("insecure-experimental-approve-all-kubelet-csrs-for-group", "This flag does nothing.")
|
||||
fs.StringVar(&dummy, "insecure-experimental-approve-all-kubelet-csrs-for-group", "", "This flag does nothing.")
|
||||
@@ -98,11 +257,114 @@ func (s *KubeControllerManagerOptions) AddFlags(fs *pflag.FlagSet, allController
|
||||
}
|
||||
|
||||
// ApplyTo fills up controller manager config with options.
|
||||
func (s *KubeControllerManagerOptions) ApplyTo(c *kubecontrollerconfig.Config) error {
|
||||
err := s.Generic.ApplyTo(&c.Generic, "controller-manager")
|
||||
func (s *KubeControllerManagerOptions) ApplyTo(c *kubecontrollerconfig.Config, userAgent string) error {
|
||||
if err := s.CloudProvider.ApplyTo(&c.ComponentConfig.CloudProvider); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.Debugging.ApplyTo(&c.ComponentConfig.Debugging); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.GenericComponent.ApplyTo(&c.ComponentConfig.GenericComponent); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.KubeCloudShared.ApplyTo(&c.ComponentConfig.KubeCloudShared); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AttachDetachController.ApplyTo(&c.ComponentConfig.AttachDetachController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.CSRSigningController.ApplyTo(&c.ComponentConfig.CSRSigningController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.DaemonSetController.ApplyTo(&c.ComponentConfig.DaemonSetController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.DeploymentController.ApplyTo(&c.ComponentConfig.DeploymentController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.DeprecatedFlags.ApplyTo(&c.ComponentConfig.DeprecatedController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.EndPointController.ApplyTo(&c.ComponentConfig.EndPointController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.GarbageCollectorController.ApplyTo(&c.ComponentConfig.GarbageCollectorController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.HPAController.ApplyTo(&c.ComponentConfig.HPAController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.JobController.ApplyTo(&c.ComponentConfig.JobController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.NamespaceController.ApplyTo(&c.ComponentConfig.NamespaceController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.NodeIpamController.ApplyTo(&c.ComponentConfig.NodeIpamController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.NodeLifecycleController.ApplyTo(&c.ComponentConfig.NodeLifecycleController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.PersistentVolumeBinderController.ApplyTo(&c.ComponentConfig.PersistentVolumeBinderController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.PodGCController.ApplyTo(&c.ComponentConfig.PodGCController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.ReplicaSetController.ApplyTo(&c.ComponentConfig.ReplicaSetController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.ReplicationController.ApplyTo(&c.ComponentConfig.ReplicationController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.ResourceQuotaController.ApplyTo(&c.ComponentConfig.ResourceQuotaController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.SAController.ApplyTo(&c.ComponentConfig.SAController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.ServiceController.ApplyTo(&c.ComponentConfig.ServiceController); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.SecureServing.ApplyTo(&c.SecureServing); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.InsecureServing.ApplyTo(&c.InsecureServing); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.Authentication.ApplyTo(&c.Authentication, c.SecureServing, nil); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.Authorization.ApplyTo(&c.Authorization); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
c.Generic.ComponentConfig.Controllers = s.Generic.Controllers
|
||||
c.Generic.ComponentConfig.ExternalCloudVolumePlugin = s.Generic.ExternalCloudVolumePlugin
|
||||
// sync back to component config
|
||||
// TODO: find more elegant way than synching back the values.
|
||||
c.ComponentConfig.KubeCloudShared.Port = int32(s.InsecureServing.BindPort)
|
||||
c.ComponentConfig.KubeCloudShared.Address = s.InsecureServing.BindAddress.String()
|
||||
|
||||
var err error
|
||||
c.Kubeconfig, err = clientcmd.BuildConfigFromFlags(s.Master, s.Kubeconfig)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
c.Kubeconfig.ContentConfig.ContentType = s.GenericComponent.ContentType
|
||||
c.Kubeconfig.QPS = s.GenericComponent.KubeAPIQPS
|
||||
c.Kubeconfig.Burst = int(s.GenericComponent.KubeAPIBurst)
|
||||
|
||||
c.Client, err = clientset.NewForConfig(restclient.AddUserAgent(c.Kubeconfig, userAgent))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
c.LeaderElectionClient = clientset.NewForConfigOrDie(restclient.AddUserAgent(c.Kubeconfig, "leader-election"))
|
||||
|
||||
c.EventRecorder = createRecorder(c.Client, userAgent)
|
||||
|
||||
c.ComponentConfig.Controllers = s.Controllers
|
||||
c.ComponentConfig.ExternalCloudVolumePlugin = s.ExternalCloudVolumePlugin
|
||||
|
||||
return err
|
||||
}
|
||||
@@ -111,8 +373,38 @@ func (s *KubeControllerManagerOptions) ApplyTo(c *kubecontrollerconfig.Config) e
|
||||
func (s *KubeControllerManagerOptions) Validate(allControllers []string, disabledByDefaultControllers []string) error {
|
||||
var errs []error
|
||||
|
||||
errs = append(errs, s.CloudProvider.Validate()...)
|
||||
errs = append(errs, s.Debugging.Validate()...)
|
||||
errs = append(errs, s.GenericComponent.Validate()...)
|
||||
errs = append(errs, s.KubeCloudShared.Validate()...)
|
||||
errs = append(errs, s.AttachDetachController.Validate()...)
|
||||
errs = append(errs, s.CSRSigningController.Validate()...)
|
||||
errs = append(errs, s.DaemonSetController.Validate()...)
|
||||
errs = append(errs, s.DeploymentController.Validate()...)
|
||||
errs = append(errs, s.DeprecatedFlags.Validate()...)
|
||||
errs = append(errs, s.EndPointController.Validate()...)
|
||||
errs = append(errs, s.GarbageCollectorController.Validate()...)
|
||||
errs = append(errs, s.HPAController.Validate()...)
|
||||
errs = append(errs, s.JobController.Validate()...)
|
||||
errs = append(errs, s.NamespaceController.Validate()...)
|
||||
errs = append(errs, s.NodeIpamController.Validate()...)
|
||||
errs = append(errs, s.NodeLifecycleController.Validate()...)
|
||||
errs = append(errs, s.PersistentVolumeBinderController.Validate()...)
|
||||
errs = append(errs, s.PodGCController.Validate()...)
|
||||
errs = append(errs, s.ReplicaSetController.Validate()...)
|
||||
errs = append(errs, s.ReplicationController.Validate()...)
|
||||
errs = append(errs, s.ResourceQuotaController.Validate()...)
|
||||
errs = append(errs, s.SAController.Validate()...)
|
||||
errs = append(errs, s.ServiceController.Validate()...)
|
||||
errs = append(errs, s.SecureServing.Validate()...)
|
||||
errs = append(errs, s.InsecureServing.Validate()...)
|
||||
errs = append(errs, s.Authentication.Validate()...)
|
||||
errs = append(errs, s.Authorization.Validate()...)
|
||||
|
||||
// TODO: validate component config, master and kubeconfig
|
||||
|
||||
allControllersSet := sets.NewString(allControllers...)
|
||||
for _, controller := range s.Generic.Controllers {
|
||||
for _, controller := range s.Controllers {
|
||||
if controller == "*" {
|
||||
continue
|
||||
}
|
||||
@@ -135,9 +427,16 @@ func (s KubeControllerManagerOptions) Config(allControllers []string, disabledBy
|
||||
}
|
||||
|
||||
c := &kubecontrollerconfig.Config{}
|
||||
if err := s.ApplyTo(c); err != nil {
|
||||
if err := s.ApplyTo(c, "kube-controller-manager"); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return c, nil
|
||||
}
|
||||
|
||||
func createRecorder(kubeClient kubernetes.Interface, userAgent string) record.EventRecorder {
|
||||
eventBroadcaster := record.NewBroadcaster()
|
||||
eventBroadcaster.StartLogging(glog.Infof)
|
||||
eventBroadcaster.StartRecordingToSink(&v1core.EventSinkImpl{Interface: kubeClient.CoreV1().Events("")})
|
||||
return eventBroadcaster.NewRecorder(legacyscheme.Scheme, v1.EventSource{Component: userAgent})
|
||||
}
|
||||
|
||||
@@ -113,169 +113,167 @@ func TestAddFlags(t *testing.T) {
|
||||
f.Parse(args)
|
||||
// Sort GCIgnoredResources because it's built from a map, which means the
|
||||
// insertion order is random.
|
||||
sort.Sort(sortedGCIgnoredResources(s.Generic.GarbageCollectorController.GCIgnoredResources))
|
||||
sort.Sort(sortedGCIgnoredResources(s.GarbageCollectorController.GCIgnoredResources))
|
||||
|
||||
expected := &KubeControllerManagerOptions{
|
||||
Generic: &cmoptions.GenericControllerManagerOptions{
|
||||
CloudProvider: &cmoptions.CloudProviderOptions{
|
||||
Name: "gce",
|
||||
CloudConfigFile: "/cloud-config",
|
||||
},
|
||||
Debugging: &cmoptions.DebuggingOptions{
|
||||
EnableProfiling: false,
|
||||
EnableContentionProfiling: true,
|
||||
},
|
||||
GenericComponent: &cmoptions.GenericComponentConfigOptions{
|
||||
MinResyncPeriod: metav1.Duration{Duration: 8 * time.Hour},
|
||||
ContentType: "application/json",
|
||||
KubeAPIQPS: 50.0,
|
||||
KubeAPIBurst: 100,
|
||||
ControllerStartInterval: metav1.Duration{Duration: 2 * time.Minute},
|
||||
LeaderElection: componentconfig.LeaderElectionConfiguration{
|
||||
ResourceLock: "configmap",
|
||||
LeaderElect: false,
|
||||
LeaseDuration: metav1.Duration{Duration: 30 * time.Second},
|
||||
RenewDeadline: metav1.Duration{Duration: 15 * time.Second},
|
||||
RetryPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||
},
|
||||
},
|
||||
KubeCloudShared: &cmoptions.KubeCloudSharedOptions{
|
||||
Port: 10252, // Note: InsecureServingOptions.ApplyTo will write the flag value back into the component config + AllocateNodeCIDRs: true,
|
||||
Address: "0.0.0.0", // Note: InsecureServingOptions.ApplyTo will write the flag value back into the component config
|
||||
UseServiceAccountCredentials: true,
|
||||
RouteReconciliationPeriod: metav1.Duration{Duration: 30 * time.Second},
|
||||
NodeMonitorPeriod: metav1.Duration{Duration: 10 * time.Second},
|
||||
ClusterName: "k8s",
|
||||
ClusterCIDR: "1.2.3.4/24",
|
||||
AllocateNodeCIDRs: true,
|
||||
CIDRAllocatorType: "CloudAllocator",
|
||||
ConfigureCloudRoutes: false,
|
||||
ServiceAccountKeyFile: "/service-account-private-key",
|
||||
},
|
||||
AttachDetachController: &cmoptions.AttachDetachControllerOptions{
|
||||
ReconcilerSyncLoopPeriod: metav1.Duration{Duration: 30 * time.Second},
|
||||
DisableAttachDetachReconcilerSync: true,
|
||||
},
|
||||
CSRSigningController: &cmoptions.CSRSigningControllerOptions{
|
||||
ClusterSigningCertFile: "/cluster-signing-cert",
|
||||
ClusterSigningKeyFile: "/cluster-signing-key",
|
||||
ClusterSigningDuration: metav1.Duration{Duration: 10 * time.Hour},
|
||||
},
|
||||
DaemonSetController: &cmoptions.DaemonSetControllerOptions{
|
||||
ConcurrentDaemonSetSyncs: 2,
|
||||
},
|
||||
DeploymentController: &cmoptions.DeploymentControllerOptions{
|
||||
ConcurrentDeploymentSyncs: 10,
|
||||
DeploymentControllerSyncPeriod: metav1.Duration{Duration: 45 * time.Second},
|
||||
},
|
||||
DeprecatedFlags: &cmoptions.DeprecatedControllerOptions{
|
||||
DeletingPodsQPS: 0.1,
|
||||
RegisterRetryCount: 10,
|
||||
},
|
||||
EndPointController: &cmoptions.EndPointControllerOptions{
|
||||
ConcurrentEndpointSyncs: 10,
|
||||
},
|
||||
GarbageCollectorController: &cmoptions.GarbageCollectorControllerOptions{
|
||||
ConcurrentGCSyncs: 30,
|
||||
GCIgnoredResources: []componentconfig.GroupResource{
|
||||
{Group: "extensions", Resource: "replicationcontrollers"},
|
||||
{Group: "", Resource: "bindings"},
|
||||
{Group: "", Resource: "componentstatuses"},
|
||||
{Group: "", Resource: "events"},
|
||||
{Group: "authentication.k8s.io", Resource: "tokenreviews"},
|
||||
{Group: "authorization.k8s.io", Resource: "subjectaccessreviews"},
|
||||
{Group: "authorization.k8s.io", Resource: "selfsubjectaccessreviews"},
|
||||
{Group: "authorization.k8s.io", Resource: "localsubjectaccessreviews"},
|
||||
{Group: "authorization.k8s.io", Resource: "selfsubjectrulesreviews"},
|
||||
{Group: "apiregistration.k8s.io", Resource: "apiservices"},
|
||||
{Group: "apiextensions.k8s.io", Resource: "customresourcedefinitions"},
|
||||
},
|
||||
EnableGarbageCollector: false,
|
||||
},
|
||||
HPAController: &cmoptions.HPAControllerOptions{
|
||||
HorizontalPodAutoscalerSyncPeriod: metav1.Duration{Duration: 45 * time.Second},
|
||||
HorizontalPodAutoscalerUpscaleForbiddenWindow: metav1.Duration{Duration: 1 * time.Minute},
|
||||
HorizontalPodAutoscalerDownscaleForbiddenWindow: metav1.Duration{Duration: 2 * time.Minute},
|
||||
HorizontalPodAutoscalerTolerance: 0.1,
|
||||
HorizontalPodAutoscalerUseRESTClients: true,
|
||||
},
|
||||
JobController: &cmoptions.JobControllerOptions{
|
||||
ConcurrentJobSyncs: 5,
|
||||
},
|
||||
NamespaceController: &cmoptions.NamespaceControllerOptions{
|
||||
NamespaceSyncPeriod: metav1.Duration{Duration: 10 * time.Minute},
|
||||
ConcurrentNamespaceSyncs: 20,
|
||||
},
|
||||
NodeIpamController: &cmoptions.NodeIpamControllerOptions{
|
||||
NodeCIDRMaskSize: 48,
|
||||
},
|
||||
NodeLifecycleController: &cmoptions.NodeLifecycleControllerOptions{
|
||||
EnableTaintManager: false,
|
||||
NodeEvictionRate: 0.2,
|
||||
SecondaryNodeEvictionRate: 0.05,
|
||||
NodeMonitorGracePeriod: metav1.Duration{Duration: 30 * time.Second},
|
||||
NodeStartupGracePeriod: metav1.Duration{Duration: 30 * time.Second},
|
||||
PodEvictionTimeout: metav1.Duration{Duration: 2 * time.Minute},
|
||||
LargeClusterSizeThreshold: 100,
|
||||
UnhealthyZoneThreshold: 0.6,
|
||||
},
|
||||
PersistentVolumeBinderController: &cmoptions.PersistentVolumeBinderControllerOptions{
|
||||
PVClaimBinderSyncPeriod: metav1.Duration{Duration: 30 * time.Second},
|
||||
VolumeConfiguration: componentconfig.VolumeConfiguration{
|
||||
EnableDynamicProvisioning: false,
|
||||
EnableHostPathProvisioning: true,
|
||||
FlexVolumePluginDir: "/flex-volume-plugin",
|
||||
PersistentVolumeRecyclerConfiguration: componentconfig.PersistentVolumeRecyclerConfiguration{
|
||||
MaximumRetry: 3,
|
||||
MinimumTimeoutNFS: 200,
|
||||
IncrementTimeoutNFS: 45,
|
||||
MinimumTimeoutHostPath: 45,
|
||||
IncrementTimeoutHostPath: 45,
|
||||
},
|
||||
},
|
||||
},
|
||||
PodGCController: &cmoptions.PodGCControllerOptions{
|
||||
TerminatedPodGCThreshold: 12000,
|
||||
},
|
||||
ReplicaSetController: &cmoptions.ReplicaSetControllerOptions{
|
||||
ConcurrentRSSyncs: 10,
|
||||
},
|
||||
ReplicationController: &cmoptions.ReplicationControllerOptions{
|
||||
ConcurrentRCSyncs: 10,
|
||||
},
|
||||
ResourceQuotaController: &cmoptions.ResourceQuotaControllerOptions{
|
||||
ResourceQuotaSyncPeriod: metav1.Duration{Duration: 10 * time.Minute},
|
||||
ConcurrentResourceQuotaSyncs: 10,
|
||||
},
|
||||
SAController: &cmoptions.SAControllerOptions{
|
||||
ConcurrentSATokenSyncs: 10,
|
||||
},
|
||||
ServiceController: &cmoptions.ServiceControllerOptions{
|
||||
ConcurrentServiceSyncs: 2,
|
||||
},
|
||||
Controllers: []string{"foo", "bar"},
|
||||
SecureServing: &apiserveroptions.SecureServingOptions{
|
||||
BindPort: 10001,
|
||||
BindAddress: net.ParseIP("192.168.4.21"),
|
||||
ServerCert: apiserveroptions.GeneratableKeyCert{
|
||||
CertDirectory: "/a/b/c",
|
||||
PairName: "kube-controller-manager",
|
||||
},
|
||||
HTTP2MaxStreamsPerConnection: 47,
|
||||
},
|
||||
InsecureServing: &cmoptions.InsecureServingOptions{
|
||||
BindAddress: net.ParseIP("192.168.4.10"),
|
||||
BindPort: int(10000),
|
||||
BindNetwork: "tcp",
|
||||
},
|
||||
Kubeconfig: "/kubeconfig",
|
||||
Master: "192.168.4.20",
|
||||
CloudProvider: &cmoptions.CloudProviderOptions{
|
||||
Name: "gce",
|
||||
CloudConfigFile: "/cloud-config",
|
||||
},
|
||||
Debugging: &cmoptions.DebuggingOptions{
|
||||
EnableProfiling: false,
|
||||
EnableContentionProfiling: true,
|
||||
},
|
||||
GenericComponent: &cmoptions.GenericComponentConfigOptions{
|
||||
MinResyncPeriod: metav1.Duration{Duration: 8 * time.Hour},
|
||||
ContentType: "application/json",
|
||||
KubeAPIQPS: 50.0,
|
||||
KubeAPIBurst: 100,
|
||||
ControllerStartInterval: metav1.Duration{Duration: 2 * time.Minute},
|
||||
LeaderElection: componentconfig.LeaderElectionConfiguration{
|
||||
ResourceLock: "configmap",
|
||||
LeaderElect: false,
|
||||
LeaseDuration: metav1.Duration{Duration: 30 * time.Second},
|
||||
RenewDeadline: metav1.Duration{Duration: 15 * time.Second},
|
||||
RetryPeriod: metav1.Duration{Duration: 5 * time.Second},
|
||||
},
|
||||
},
|
||||
KubeCloudShared: &cmoptions.KubeCloudSharedOptions{
|
||||
Port: 10252, // Note: InsecureServingOptions.ApplyTo will write the flag value back into the component config + AllocateNodeCIDRs: true,
|
||||
Address: "0.0.0.0", // Note: InsecureServingOptions.ApplyTo will write the flag value back into the component config
|
||||
UseServiceAccountCredentials: true,
|
||||
RouteReconciliationPeriod: metav1.Duration{Duration: 30 * time.Second},
|
||||
NodeMonitorPeriod: metav1.Duration{Duration: 10 * time.Second},
|
||||
ClusterName: "k8s",
|
||||
ClusterCIDR: "1.2.3.4/24",
|
||||
AllocateNodeCIDRs: true,
|
||||
CIDRAllocatorType: "CloudAllocator",
|
||||
ConfigureCloudRoutes: false,
|
||||
ServiceAccountKeyFile: "/service-account-private-key",
|
||||
},
|
||||
AttachDetachController: &cmoptions.AttachDetachControllerOptions{
|
||||
ReconcilerSyncLoopPeriod: metav1.Duration{Duration: 30 * time.Second},
|
||||
DisableAttachDetachReconcilerSync: true,
|
||||
},
|
||||
CSRSigningController: &cmoptions.CSRSigningControllerOptions{
|
||||
ClusterSigningCertFile: "/cluster-signing-cert",
|
||||
ClusterSigningKeyFile: "/cluster-signing-key",
|
||||
ClusterSigningDuration: metav1.Duration{Duration: 10 * time.Hour},
|
||||
},
|
||||
DaemonSetController: &cmoptions.DaemonSetControllerOptions{
|
||||
ConcurrentDaemonSetSyncs: 2,
|
||||
},
|
||||
DeploymentController: &cmoptions.DeploymentControllerOptions{
|
||||
ConcurrentDeploymentSyncs: 10,
|
||||
DeploymentControllerSyncPeriod: metav1.Duration{Duration: 45 * time.Second},
|
||||
},
|
||||
DeprecatedFlags: &cmoptions.DeprecatedControllerOptions{
|
||||
DeletingPodsQPS: 0.1,
|
||||
RegisterRetryCount: 10,
|
||||
},
|
||||
EndPointController: &cmoptions.EndPointControllerOptions{
|
||||
ConcurrentEndpointSyncs: 10,
|
||||
},
|
||||
GarbageCollectorController: &cmoptions.GarbageCollectorControllerOptions{
|
||||
ConcurrentGCSyncs: 30,
|
||||
GCIgnoredResources: []componentconfig.GroupResource{
|
||||
{Group: "extensions", Resource: "replicationcontrollers"},
|
||||
{Group: "", Resource: "bindings"},
|
||||
{Group: "", Resource: "componentstatuses"},
|
||||
{Group: "", Resource: "events"},
|
||||
{Group: "authentication.k8s.io", Resource: "tokenreviews"},
|
||||
{Group: "authorization.k8s.io", Resource: "subjectaccessreviews"},
|
||||
{Group: "authorization.k8s.io", Resource: "selfsubjectaccessreviews"},
|
||||
{Group: "authorization.k8s.io", Resource: "localsubjectaccessreviews"},
|
||||
{Group: "authorization.k8s.io", Resource: "selfsubjectrulesreviews"},
|
||||
{Group: "apiregistration.k8s.io", Resource: "apiservices"},
|
||||
{Group: "apiextensions.k8s.io", Resource: "customresourcedefinitions"},
|
||||
},
|
||||
EnableGarbageCollector: false,
|
||||
},
|
||||
HPAController: &cmoptions.HPAControllerOptions{
|
||||
HorizontalPodAutoscalerSyncPeriod: metav1.Duration{Duration: 45 * time.Second},
|
||||
HorizontalPodAutoscalerUpscaleForbiddenWindow: metav1.Duration{Duration: 1 * time.Minute},
|
||||
HorizontalPodAutoscalerDownscaleForbiddenWindow: metav1.Duration{Duration: 2 * time.Minute},
|
||||
HorizontalPodAutoscalerTolerance: 0.1,
|
||||
HorizontalPodAutoscalerUseRESTClients: true,
|
||||
},
|
||||
JobController: &cmoptions.JobControllerOptions{
|
||||
ConcurrentJobSyncs: 5,
|
||||
},
|
||||
NamespaceController: &cmoptions.NamespaceControllerOptions{
|
||||
NamespaceSyncPeriod: metav1.Duration{Duration: 10 * time.Minute},
|
||||
ConcurrentNamespaceSyncs: 20,
|
||||
},
|
||||
NodeIpamController: &cmoptions.NodeIpamControllerOptions{
|
||||
NodeCIDRMaskSize: 48,
|
||||
},
|
||||
NodeLifecycleController: &cmoptions.NodeLifecycleControllerOptions{
|
||||
EnableTaintManager: false,
|
||||
NodeEvictionRate: 0.2,
|
||||
SecondaryNodeEvictionRate: 0.05,
|
||||
NodeMonitorGracePeriod: metav1.Duration{Duration: 30 * time.Second},
|
||||
NodeStartupGracePeriod: metav1.Duration{Duration: 30 * time.Second},
|
||||
PodEvictionTimeout: metav1.Duration{Duration: 2 * time.Minute},
|
||||
LargeClusterSizeThreshold: 100,
|
||||
UnhealthyZoneThreshold: 0.6,
|
||||
},
|
||||
PersistentVolumeBinderController: &cmoptions.PersistentVolumeBinderControllerOptions{
|
||||
PVClaimBinderSyncPeriod: metav1.Duration{Duration: 30 * time.Second},
|
||||
VolumeConfiguration: componentconfig.VolumeConfiguration{
|
||||
EnableDynamicProvisioning: false,
|
||||
EnableHostPathProvisioning: true,
|
||||
FlexVolumePluginDir: "/flex-volume-plugin",
|
||||
PersistentVolumeRecyclerConfiguration: componentconfig.PersistentVolumeRecyclerConfiguration{
|
||||
MaximumRetry: 3,
|
||||
MinimumTimeoutNFS: 200,
|
||||
IncrementTimeoutNFS: 45,
|
||||
MinimumTimeoutHostPath: 45,
|
||||
IncrementTimeoutHostPath: 45,
|
||||
},
|
||||
},
|
||||
},
|
||||
PodGCController: &cmoptions.PodGCControllerOptions{
|
||||
TerminatedPodGCThreshold: 12000,
|
||||
},
|
||||
ReplicaSetController: &cmoptions.ReplicaSetControllerOptions{
|
||||
ConcurrentRSSyncs: 10,
|
||||
},
|
||||
ReplicationController: &cmoptions.ReplicationControllerOptions{
|
||||
ConcurrentRCSyncs: 10,
|
||||
},
|
||||
ResourceQuotaController: &cmoptions.ResourceQuotaControllerOptions{
|
||||
ResourceQuotaSyncPeriod: metav1.Duration{Duration: 10 * time.Minute},
|
||||
ConcurrentResourceQuotaSyncs: 10,
|
||||
},
|
||||
SAController: &cmoptions.SAControllerOptions{
|
||||
ConcurrentSATokenSyncs: 10,
|
||||
},
|
||||
ServiceController: &cmoptions.ServiceControllerOptions{
|
||||
ConcurrentServiceSyncs: 2,
|
||||
},
|
||||
Controllers: []string{"foo", "bar"},
|
||||
SecureServing: &apiserveroptions.SecureServingOptions{
|
||||
BindPort: 10001,
|
||||
BindAddress: net.ParseIP("192.168.4.21"),
|
||||
ServerCert: apiserveroptions.GeneratableKeyCert{
|
||||
CertDirectory: "/a/b/c",
|
||||
PairName: "kube-controller-manager",
|
||||
},
|
||||
HTTP2MaxStreamsPerConnection: 47,
|
||||
},
|
||||
InsecureServing: &cmoptions.InsecureServingOptions{
|
||||
BindAddress: net.ParseIP("192.168.4.10"),
|
||||
BindPort: int(10000),
|
||||
BindNetwork: "tcp",
|
||||
},
|
||||
Kubeconfig: "/kubeconfig",
|
||||
Master: "192.168.4.20",
|
||||
}
|
||||
|
||||
// Sort GCIgnoredResources because it's built from a map, which means the
|
||||
// insertion order is random.
|
||||
sort.Sort(sortedGCIgnoredResources(expected.Generic.GarbageCollectorController.GCIgnoredResources))
|
||||
sort.Sort(sortedGCIgnoredResources(expected.GarbageCollectorController.GCIgnoredResources))
|
||||
|
||||
if !reflect.DeepEqual(expected, s) {
|
||||
t.Errorf("Got different run options than expected.\nDifference detected on:\n%s", diff.ObjectReflectDiff(expected, s))
|
||||
|
||||
Reference in New Issue
Block a user