mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-20 10:20:51 +00:00
part1 of e2e: master to apiserver/control-plane
Signed-off-by: pacoxu <paco.xu@daocloud.io>
This commit is contained in:
pacoxu
parent
bb89384f39
commit
ce50018a76
@ -123,8 +123,8 @@ func DefaultOpenAPIConfig() *openapicommon.Config {
|
||||
return openAPIConfig
|
||||
}
|
||||
|
||||
// startMasterOrDie starts a kubernetes master and an httpserver to handle api requests
|
||||
func startMasterOrDie(masterConfig *controlplane.Config, incomingServer *httptest.Server, masterReceiver MasterReceiver) (*controlplane.Instance, *httptest.Server, CloseFunc) {
|
||||
// startApiserverOrDie starts a kubernetes master and an httpserver to handle api requests
|
||||
func startApiserverOrDie(controlPlaneConfig *controlplane.Config, incomingServer *httptest.Server, masterReceiver MasterReceiver) (*controlplane.Instance, *httptest.Server, CloseFunc) {
|
||||
var m *controlplane.Instance
|
||||
var s *httptest.Server
|
||||
|
||||
@ -152,16 +152,16 @@ func startMasterOrDie(masterConfig *controlplane.Config, incomingServer *httptes
|
||||
s.Close()
|
||||
}
|
||||
|
||||
if masterConfig == nil {
|
||||
masterConfig = NewMasterConfig()
|
||||
masterConfig.GenericConfig.OpenAPIConfig = DefaultOpenAPIConfig()
|
||||
if controlPlaneConfig == nil {
|
||||
controlPlaneConfig = NewMasterConfig()
|
||||
controlPlaneConfig.GenericConfig.OpenAPIConfig = DefaultOpenAPIConfig()
|
||||
}
|
||||
|
||||
// set the loopback client config
|
||||
if masterConfig.GenericConfig.LoopbackClientConfig == nil {
|
||||
masterConfig.GenericConfig.LoopbackClientConfig = &restclient.Config{QPS: 50, Burst: 100, ContentConfig: restclient.ContentConfig{NegotiatedSerializer: legacyscheme.Codecs}}
|
||||
if controlPlaneConfig.GenericConfig.LoopbackClientConfig == nil {
|
||||
controlPlaneConfig.GenericConfig.LoopbackClientConfig = &restclient.Config{QPS: 50, Burst: 100, ContentConfig: restclient.ContentConfig{NegotiatedSerializer: legacyscheme.Codecs}}
|
||||
}
|
||||
masterConfig.GenericConfig.LoopbackClientConfig.Host = s.URL
|
||||
controlPlaneConfig.GenericConfig.LoopbackClientConfig.Host = s.URL
|
||||
|
||||
privilegedLoopbackToken := uuid.New().String()
|
||||
// wrap any available authorizer
|
||||
@ -173,41 +173,41 @@ func startMasterOrDie(masterConfig *controlplane.Config, incomingServer *httptes
|
||||
}
|
||||
|
||||
tokenAuthenticator := authenticatorfactory.NewFromTokens(tokens)
|
||||
if masterConfig.GenericConfig.Authentication.Authenticator == nil {
|
||||
masterConfig.GenericConfig.Authentication.Authenticator = authenticatorunion.New(tokenAuthenticator, authauthenticator.RequestFunc(alwaysEmpty))
|
||||
if controlPlaneConfig.GenericConfig.Authentication.Authenticator == nil {
|
||||
controlPlaneConfig.GenericConfig.Authentication.Authenticator = authenticatorunion.New(tokenAuthenticator, authauthenticator.RequestFunc(alwaysEmpty))
|
||||
} else {
|
||||
masterConfig.GenericConfig.Authentication.Authenticator = authenticatorunion.New(tokenAuthenticator, masterConfig.GenericConfig.Authentication.Authenticator)
|
||||
controlPlaneConfig.GenericConfig.Authentication.Authenticator = authenticatorunion.New(tokenAuthenticator, controlPlaneConfig.GenericConfig.Authentication.Authenticator)
|
||||
}
|
||||
|
||||
if masterConfig.GenericConfig.Authorization.Authorizer != nil {
|
||||
if controlPlaneConfig.GenericConfig.Authorization.Authorizer != nil {
|
||||
tokenAuthorizer := authorizerfactory.NewPrivilegedGroups(user.SystemPrivilegedGroup)
|
||||
masterConfig.GenericConfig.Authorization.Authorizer = authorizerunion.New(tokenAuthorizer, masterConfig.GenericConfig.Authorization.Authorizer)
|
||||
controlPlaneConfig.GenericConfig.Authorization.Authorizer = authorizerunion.New(tokenAuthorizer, controlPlaneConfig.GenericConfig.Authorization.Authorizer)
|
||||
} else {
|
||||
masterConfig.GenericConfig.Authorization.Authorizer = alwaysAllow{}
|
||||
controlPlaneConfig.GenericConfig.Authorization.Authorizer = alwaysAllow{}
|
||||
}
|
||||
|
||||
masterConfig.GenericConfig.LoopbackClientConfig.BearerToken = privilegedLoopbackToken
|
||||
controlPlaneConfig.GenericConfig.LoopbackClientConfig.BearerToken = privilegedLoopbackToken
|
||||
|
||||
clientset, err := clientset.NewForConfig(masterConfig.GenericConfig.LoopbackClientConfig)
|
||||
clientset, err := clientset.NewForConfig(controlPlaneConfig.GenericConfig.LoopbackClientConfig)
|
||||
if err != nil {
|
||||
klog.Fatal(err)
|
||||
}
|
||||
|
||||
masterConfig.ExtraConfig.VersionedInformers = informers.NewSharedInformerFactory(clientset, masterConfig.GenericConfig.LoopbackClientConfig.Timeout)
|
||||
controlPlaneConfig.ExtraConfig.VersionedInformers = informers.NewSharedInformerFactory(clientset, controlPlaneConfig.GenericConfig.LoopbackClientConfig.Timeout)
|
||||
|
||||
if utilfeature.DefaultFeatureGate.Enabled(genericfeatures.APIPriorityAndFairness) {
|
||||
masterConfig.GenericConfig.FlowControl = utilflowcontrol.New(
|
||||
masterConfig.ExtraConfig.VersionedInformers,
|
||||
controlPlaneConfig.GenericConfig.FlowControl = utilflowcontrol.New(
|
||||
controlPlaneConfig.ExtraConfig.VersionedInformers,
|
||||
clientset.FlowcontrolV1beta1(),
|
||||
masterConfig.GenericConfig.MaxRequestsInFlight+masterConfig.GenericConfig.MaxMutatingRequestsInFlight,
|
||||
masterConfig.GenericConfig.RequestTimeout/4,
|
||||
controlPlaneConfig.GenericConfig.MaxRequestsInFlight+controlPlaneConfig.GenericConfig.MaxMutatingRequestsInFlight,
|
||||
controlPlaneConfig.GenericConfig.RequestTimeout/4,
|
||||
)
|
||||
}
|
||||
|
||||
if masterConfig.ExtraConfig.ServiceIPRange.IP == nil {
|
||||
masterConfig.ExtraConfig.ServiceIPRange = net.IPNet{IP: net.ParseIP("10.0.0.0"), Mask: net.CIDRMask(24, 32)}
|
||||
if controlPlaneConfig.ExtraConfig.ServiceIPRange.IP == nil {
|
||||
controlPlaneConfig.ExtraConfig.ServiceIPRange = net.IPNet{IP: net.ParseIP("10.0.0.0"), Mask: net.CIDRMask(24, 32)}
|
||||
}
|
||||
m, err = masterConfig.Complete().New(genericapiserver.NewEmptyDelegate())
|
||||
m, err = controlPlaneConfig.Complete().New(genericapiserver.NewEmptyDelegate())
|
||||
if err != nil {
|
||||
// We log the error first so that even if closeFn crashes, the error is shown
|
||||
klog.Errorf("error in bringing up the master: %v", err)
|
||||
@ -224,7 +224,7 @@ func startMasterOrDie(masterConfig *controlplane.Config, incomingServer *httptes
|
||||
m.GenericAPIServer.PrepareRun()
|
||||
m.GenericAPIServer.RunPostStartHooks(stopCh)
|
||||
|
||||
cfg := *masterConfig.GenericConfig.LoopbackClientConfig
|
||||
cfg := *controlPlaneConfig.GenericConfig.LoopbackClientConfig
|
||||
cfg.ContentConfig.GroupVersion = &schema.GroupVersion{}
|
||||
privilegedClient, err := restclient.RESTClientFor(&cfg)
|
||||
if err != nil {
|
||||
@ -341,12 +341,12 @@ func RunAMaster(masterConfig *controlplane.Config) (*controlplane.Instance, *htt
|
||||
masterConfig = NewMasterConfig()
|
||||
masterConfig.GenericConfig.EnableProfiling = true
|
||||
}
|
||||
return startMasterOrDie(masterConfig, nil, nil)
|
||||
return startApiserverOrDie(masterConfig, nil, nil)
|
||||
}
|
||||
|
||||
// RunAMasterUsingServer starts up a master using the provided config on the specified server.
|
||||
func RunAMasterUsingServer(masterConfig *controlplane.Config, s *httptest.Server, masterReceiver MasterReceiver) (*controlplane.Instance, *httptest.Server, CloseFunc) {
|
||||
return startMasterOrDie(masterConfig, s, masterReceiver)
|
||||
// RunAnApiserverUsingServer starts up an instance using the provided config on the specified server.
|
||||
func RunAnApiserverUsingServer(controlPlaneConfig *controlplane.Config, s *httptest.Server, masterReceiver MasterReceiver) (*controlplane.Instance, *httptest.Server, CloseFunc) {
|
||||
return startApiserverOrDie(controlPlaneConfig, s, masterReceiver)
|
||||
}
|
||||
|
||||
// SharedEtcd creates a storage config for a shared etcd instance, with a unique prefix.
|
||||
|
||||
@ -114,8 +114,8 @@ func TestPerformance(t *testing.T) {
|
||||
t.Skip("Skipping because we want to run short tests")
|
||||
}
|
||||
|
||||
apiURL, masterShutdown := util.StartApiserver()
|
||||
defer masterShutdown()
|
||||
apiURL, apiserverShutdown := util.StartApiserver()
|
||||
defer apiserverShutdown()
|
||||
|
||||
_, clusterCIDR, _ := net.ParseCIDR("10.96.0.0/11") // allows up to 8K nodes
|
||||
_, serviceCIDR, _ := net.ParseCIDR("10.94.0.0/24") // does not matter for test - pick upto 250 services
|
||||
|
||||
@ -143,13 +143,13 @@ func TestEmptyList(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func initStatusForbiddenMasterCongfig() *controlplane.Config {
|
||||
func initStatusForbiddenControlPlaneConfig() *controlplane.Config {
|
||||
masterConfig := framework.NewIntegrationTestMasterConfig()
|
||||
masterConfig.GenericConfig.Authorization.Authorizer = authorizerfactory.NewAlwaysDenyAuthorizer()
|
||||
return masterConfig
|
||||
}
|
||||
|
||||
func initUnauthorizedMasterCongfig() *controlplane.Config {
|
||||
func initUnauthorizedControlPlaneConfig() *controlplane.Config {
|
||||
masterConfig := framework.NewIntegrationTestMasterConfig()
|
||||
tokenAuthenticator := tokentest.New()
|
||||
tokenAuthenticator.Tokens[AliceToken] = &user.DefaultInfo{Name: "alice", UID: "1"}
|
||||
@ -178,7 +178,7 @@ func TestStatus(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "403",
|
||||
masterConfig: initStatusForbiddenMasterCongfig(),
|
||||
masterConfig: initStatusForbiddenControlPlaneConfig(),
|
||||
statusCode: http.StatusForbidden,
|
||||
reqPath: "/apis",
|
||||
reason: "Forbidden",
|
||||
@ -186,7 +186,7 @@ func TestStatus(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "401",
|
||||
masterConfig: initUnauthorizedMasterCongfig(),
|
||||
masterConfig: initUnauthorizedControlPlaneConfig(),
|
||||
statusCode: http.StatusUnauthorized,
|
||||
reqPath: "/apis",
|
||||
reason: "Unauthorized",
|
||||
|
||||
@ -23,9 +23,9 @@ import (
|
||||
"k8s.io/kubernetes/pkg/controlplane"
|
||||
)
|
||||
|
||||
// This test references methods that OpenShift uses to customize the master on startup, that
|
||||
// are not referenced directly by a master.
|
||||
func TestMasterExportsSymbols(t *testing.T) {
|
||||
// This test references methods that OpenShift uses to customize the apiserver on startup, that
|
||||
// are not referenced directly by an instance.
|
||||
func TestApiserverExportsSymbols(t *testing.T) {
|
||||
_ = &controlplane.Config{
|
||||
GenericConfig: &genericapiserver.Config{
|
||||
EnableMetrics: true,
|
||||
|
||||
@ -77,7 +77,7 @@ func TestQuota(t *testing.T) {
|
||||
|
||||
masterConfig := framework.NewIntegrationTestMasterConfig()
|
||||
masterConfig.GenericConfig.AdmissionControl = admission
|
||||
_, _, closeFn := framework.RunAMasterUsingServer(masterConfig, s, h)
|
||||
_, _, closeFn := framework.RunAnApiserverUsingServer(masterConfig, s, h)
|
||||
defer closeFn()
|
||||
|
||||
ns := framework.CreateTestingNamespace("quotaed", s, t)
|
||||
@ -277,7 +277,7 @@ func TestQuotaLimitedResourceDenial(t *testing.T) {
|
||||
|
||||
masterConfig := framework.NewIntegrationTestMasterConfig()
|
||||
masterConfig.GenericConfig.AdmissionControl = admission
|
||||
_, _, closeFn := framework.RunAMasterUsingServer(masterConfig, s, h)
|
||||
_, _, closeFn := framework.RunAnApiserverUsingServer(masterConfig, s, h)
|
||||
defer closeFn()
|
||||
|
||||
ns := framework.CreateTestingNamespace("quota", s, t)
|
||||
|
||||
@ -446,7 +446,7 @@ func startServiceAccountTestServer(t *testing.T) (*clientset.Clientset, restclie
|
||||
masterConfig.GenericConfig.Authentication.Authenticator = authenticator
|
||||
masterConfig.GenericConfig.Authorization.Authorizer = authorizer
|
||||
masterConfig.GenericConfig.AdmissionControl = serviceAccountAdmission
|
||||
_, _, kubeAPIServerCloseFn := framework.RunAMasterUsingServer(masterConfig, apiServer, h)
|
||||
_, _, kubeAPIServerCloseFn := framework.RunAnApiserverUsingServer(masterConfig, apiServer, h)
|
||||
|
||||
// Start the service account and service account token controllers
|
||||
stopCh := make(chan struct{})
|
||||
|
||||
@ -62,7 +62,7 @@ func StartApiserver() (string, ShutdownFunc) {
|
||||
h.M.GenericAPIServer.Handler.ServeHTTP(w, req)
|
||||
}))
|
||||
|
||||
_, _, closeFn := framework.RunAMasterUsingServer(framework.NewIntegrationTestMasterConfig(), s, h)
|
||||
_, _, closeFn := framework.RunAnApiserverUsingServer(framework.NewIntegrationTestMasterConfig(), s, h)
|
||||
|
||||
shutdownFunc := func() {
|
||||
klog.Infof("destroying API server")
|
||||
@ -340,7 +340,7 @@ func InitTestMaster(t *testing.T, nsPrefix string, admission admission.Interface
|
||||
masterConfig.GenericConfig.AdmissionControl = admission
|
||||
}
|
||||
|
||||
_, testCtx.HTTPServer, testCtx.CloseFn = framework.RunAMasterUsingServer(masterConfig, s, h)
|
||||
_, testCtx.HTTPServer, testCtx.CloseFn = framework.RunAnApiserverUsingServer(masterConfig, s, h)
|
||||
|
||||
if nsPrefix != "default" {
|
||||
testCtx.NS = framework.CreateTestingNamespace(nsPrefix+string(uuid.NewUUID()), s, t)
|
||||
|
||||
@ -85,7 +85,7 @@ func initTestMaster(t *testing.T, nsPrefix string, admission admission.Interface
|
||||
masterConfig.GenericConfig.AdmissionControl = admission
|
||||
}
|
||||
|
||||
_, testCtx.httpServer, testCtx.closeFn = framework.RunAMasterUsingServer(masterConfig, s, h)
|
||||
_, testCtx.httpServer, testCtx.closeFn = framework.RunAnApiserverUsingServer(masterConfig, s, h)
|
||||
|
||||
if nsPrefix != "default" {
|
||||
testCtx.ns = framework.CreateTestingNamespace(nsPrefix+string(uuid.NewUUID()), s, t)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user