mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 20:24:09 +00:00
Return InsecureHandler from master.
Subsequent changes will make use of both m.Handler and m.InsecureHandler for different ports.
This commit is contained in:
parent
3b1ef739d1
commit
c068b56919
@ -185,7 +185,7 @@ func main() {
|
|||||||
rl := util.NewTokenBucketRateLimiter(1.0, 20)
|
rl := util.NewTokenBucketRateLimiter(1.0, 20)
|
||||||
readOnlyServer := &http.Server{
|
readOnlyServer := &http.Server{
|
||||||
Addr: roLocation,
|
Addr: roLocation,
|
||||||
Handler: apiserver.RecoverPanics(apiserver.ReadOnly(apiserver.RateLimit(rl, m.Handler))),
|
Handler: apiserver.RecoverPanics(apiserver.ReadOnly(apiserver.RateLimit(rl, m.InsecureHandler))),
|
||||||
ReadTimeout: 5 * time.Minute,
|
ReadTimeout: 5 * time.Minute,
|
||||||
WriteTimeout: 5 * time.Minute,
|
WriteTimeout: 5 * time.Minute,
|
||||||
MaxHeaderBytes: 1 << 20,
|
MaxHeaderBytes: 1 << 20,
|
||||||
@ -203,7 +203,7 @@ func main() {
|
|||||||
|
|
||||||
s := &http.Server{
|
s := &http.Server{
|
||||||
Addr: rwLocation,
|
Addr: rwLocation,
|
||||||
Handler: apiserver.RecoverPanics(m.Handler),
|
Handler: apiserver.RecoverPanics(m.InsecureHandler),
|
||||||
ReadTimeout: 5 * time.Minute,
|
ReadTimeout: 5 * time.Minute,
|
||||||
WriteTimeout: 5 * time.Minute,
|
WriteTimeout: 5 * time.Minute,
|
||||||
MaxHeaderBytes: 1 << 20,
|
MaxHeaderBytes: 1 << 20,
|
||||||
|
@ -106,12 +106,13 @@ type Master struct {
|
|||||||
authorizer authorizer.Authorizer
|
authorizer authorizer.Authorizer
|
||||||
masterCount int
|
masterCount int
|
||||||
|
|
||||||
// "Outputs"
|
|
||||||
Handler http.Handler
|
|
||||||
|
|
||||||
readOnlyServer string
|
readOnlyServer string
|
||||||
readWriteServer string
|
readWriteServer string
|
||||||
masterServices *util.Runner
|
masterServices *util.Runner
|
||||||
|
|
||||||
|
// "Outputs"
|
||||||
|
Handler http.Handler
|
||||||
|
InsecureHandler http.Handler
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewEtcdHelper returns an EtcdHelper for the provided arguments or an error if the version
|
// NewEtcdHelper returns an EtcdHelper for the provided arguments or an error if the version
|
||||||
@ -195,6 +196,8 @@ func setDefaults(c *Config) {
|
|||||||
// http.Handler which handles all the endpoints provided by the master,
|
// http.Handler which handles all the endpoints provided by the master,
|
||||||
// including the API, the UI, and miscelaneous debugging endpoints. All
|
// including the API, the UI, and miscelaneous debugging endpoints. All
|
||||||
// these are subject to authorization and authentication.
|
// these are subject to authorization and authentication.
|
||||||
|
// InsecureHandler -- an http.Handler which handles all the same
|
||||||
|
// endpoints as Handler, but no authorization and authentication is done.
|
||||||
// Public methods:
|
// Public methods:
|
||||||
// HandleWithAuth -- Allows caller to add an http.Handler for an endpoint
|
// HandleWithAuth -- Allows caller to add an http.Handler for an endpoint
|
||||||
// that uses the same authentication and authorization (if any is configured)
|
// that uses the same authentication and authorization (if any is configured)
|
||||||
@ -320,6 +323,8 @@ func (m *Master) init(c *Config) {
|
|||||||
handler = apiserver.CORS(handler, allowedOriginRegexps, nil, nil, "true")
|
handler = apiserver.CORS(handler, allowedOriginRegexps, nil, nil, "true")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
m.InsecureHandler = handler
|
||||||
|
|
||||||
attributeGetter := apiserver.NewRequestAttributeGetter(userContexts)
|
attributeGetter := apiserver.NewRequestAttributeGetter(userContexts)
|
||||||
handler = apiserver.WithAuthorizationCheck(handler, attributeGetter, m.authorizer)
|
handler = apiserver.WithAuthorizationCheck(handler, attributeGetter, m.authorizer)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user