Merge pull request #38123 from deads2k/api-48-remove-fields

Automatic merge from submit-queue (batch tested with PRs 38194, 37594, 38123, 37831, 37084)

remove unnecessary fields from genericapiserver config

Cleans up some unnecessary fields in the genericapiserver config.

cmd/kube-apiserver/app/server.go

@@ -272,7 +272,6 @@ func Run(s *options.ServerRunOptions) error {
 	genericConfig.Authenticator = apiAuthenticator
 	genericConfig.Authorizer = apiAuthorizer
 	genericConfig.AdmissionControl = admissionController
-	genericConfig.APIResourceConfigSource = storageFactory.APIResourceConfigSource
 	genericConfig.OpenAPIConfig.Info.Title = "Kubernetes"
 	genericConfig.OpenAPIConfig.Definitions = generatedopenapi.OpenAPIDefinitions
 	genericConfig.EnableOpenAPISupport = true
@@ -282,6 +281,7 @@ func Run(s *options.ServerRunOptions) error {
 	config := &master.Config{
 		GenericConfig: genericConfig,
 
+		APIResourceConfigSource: storageFactory.APIResourceConfigSource,
 		StorageFactory:          storageFactory,
 		EnableWatchCache:        s.GenericServerRunOptions.EnableWatchCache,
 		EnableCoreControllers:   true,

federation/cmd/federation-apiserver/app/server.go

@@ -163,7 +163,6 @@ func Run(s *options.ServerRunOptions) error {
 	genericConfig.Authenticator = apiAuthenticator
 	genericConfig.Authorizer = apiAuthorizer
 	genericConfig.AdmissionControl = admissionController
-	genericConfig.APIResourceConfigSource = storageFactory.APIResourceConfigSource
 	genericConfig.OpenAPIConfig.Definitions = openapi.OpenAPIDefinitions
 	genericConfig.EnableOpenAPISupport = true
 	genericConfig.OpenAPIConfig.SecurityDefinitions = securityDefinitions

pkg/genericapiserver/config.go

@@ -76,87 +76,93 @@ const (
 )
 
 // Config is a structure used to configure a GenericAPIServer.
+// It's members are sorted rougly in order of importance for composers.
 type Config struct {
-	// Destination for audit logs
+	// SecureServingInfo is required to serve https
-	AuditWriter io.Writer
+	SecureServingInfo *SecureServingInfo
-	// Allow downstream consumers to disable swagger.
+
-	// This includes returning the generated swagger spec at /swaggerapi and swagger ui at /swagger-ui.
+	// LoopbackClientConfig is a config for a privileged loopback connection to the API server
+	// This is required for proper functioning of the PostStartHooks on a GenericAPIServer
+	LoopbackClientConfig *restclient.Config
+	// Authenticator determines which subject is making the request
+	Authenticator authenticator.Request
+	// Authorizer determines whether the subject is allowed to make the request based only
+	// on the RequestURI
+	Authorizer authorizer.Authorizer
+	// AdmissionControl performs deep inspection of a given request (including content)
+	// to set values and determine whether its allowed
+	AdmissionControl      admission.Interface
+	CorsAllowedOriginList []string
+
 	EnableSwaggerSupport bool
-	// Allow downstream consumers to disable swagger ui.
-	// Note that this is ignored if EnableSwaggerSupport is false
 	EnableSwaggerUI      bool
-	// Allows api group versions or specific resources to be conditionally enabled/disabled.
-	APIResourceConfigSource APIResourceConfigSource
-	// allow downstream consumers to disable the index route
 	EnableIndex          bool
 	EnableProfiling      bool
 	// Requires generic profiling enabled
 	EnableContentionProfiling bool
-	EnableMetrics             bool
 	EnableGarbageCollection   bool
+	EnableMetrics             bool
+	EnableOpenAPISupport      bool
 
+	// Version will enable the /version endpoint if non-nil
 	Version *version.Info
-	CorsAllowedOriginList []string
+	// AuditWriter is the destination for audit logs.  If nil, they will not be written.
-	Authenticator         authenticator.Request
+	AuditWriter io.Writer
+	// SupportsBasicAuth indicates that's at least one Authenticator supports basic auth
+	// If this is true, a basic auth challenge is returned on authentication failure
 	// TODO(roberthbailey): Remove once the server no longer supports http basic auth.
 	SupportsBasicAuth bool
-	Authorizer        authorizer.Authorizer
+	// ExternalAddress is the host name to use for external (public internet) facing URLs (e.g. Swagger)
-	AdmissionControl  admission.Interface
+	// Will default to a value based on secure serving info and available ipv4 IPs.
+	ExternalAddress string
 
-	// LoopbackClientConfig is a config for a privileged loopback connection to the API server
+	//===========================================================================
-	LoopbackClientConfig *restclient.Config
+	// Fields you probably don't care about changing
-
+	//===========================================================================
-	// Map requests to contexts. Exported so downstream consumers can provider their own mappers
-	RequestContextMapper api.RequestContextMapper
-
-	// Required, the interface for serializing and converting objects to and from the wire
-	Serializer runtime.NegotiatedSerializer
-
-	// If specified, requests will be allocated a random timeout between this value, and twice this value.
-	// Note that it is up to the request handlers to ignore or honor this timeout. In seconds.
-	MinRequestTimeout int
-
-	SecureServingInfo   *SecureServingInfo
-	InsecureServingInfo *ServingInfo
 
+	// BuildHandlerChainsFunc allows you to build custom handler chains by decorating the apiHandler.
+	BuildHandlerChainsFunc func(apiHandler http.Handler, c *Config) (secure, insecure http.Handler)
 	// DiscoveryAddresses is used to build the IPs pass to discovery.  If nil, the ExternalAddress is
 	// always reported
 	DiscoveryAddresses DiscoveryAddresses
-
+	// LegacyAPIGroupPrefixes is used to set up URL parsing for authorization and for validating requests
-	// The port on PublicAddress where a read-write server will be installed.
+	// to InstallLegacyAPIGroup.  New API servers don't generally have legacy groups at all.
-	// Defaults to 6443 if not set.
+	LegacyAPIGroupPrefixes sets.String
-	ReadWritePort int
+	// RequestContextMapper maps requests to contexts. Exported so downstream consumers can provider their own mappers
-
+	// TODO confirm that anyone downstream actually uses this and doesn't just need an accessor
-	// ExternalAddress is the host name to use for external (public internet) facing URLs (e.g. Swagger)
+	RequestContextMapper api.RequestContextMapper
-	ExternalAddress string
+	// Serializer is required and provides the interface for serializing and converting objects to and from the wire
-
+	// The default (api.Codecs) usually works fine.
-	// PublicAddress is the IP address where members of the cluster (kubelet,
+	Serializer runtime.NegotiatedSerializer
-	// kube-proxy, services, etc.) can reach the GenericAPIServer.
+	// OpenAPIConfig will be used in generating OpenAPI spec.  This has "working" defaults.
-	// If nil or 0.0.0.0, the host's default interface will be used.
-	PublicAddress net.IP
-
-	// EnableOpenAPISupport enables OpenAPI support. Allow downstream customers to disable OpenAPI spec.
-	EnableOpenAPISupport bool
-
-	// OpenAPIConfig will be used in generating OpenAPI spec.
 	OpenAPIConfig *common.Config
-
+	// If specified, requests will be allocated a random timeout between this value, and twice this value.
+	// Note that it is up to the request handlers to ignore or honor this timeout. In seconds.
+	MinRequestTimeout int
 	// MaxRequestsInFlight is the maximum number of parallel non-long-running requests. Every further
 	// request has to wait. Applies only to non-mutating requests.
 	MaxRequestsInFlight int
 	// MaxMutatingRequestsInFlight is the maximum number of parallel mutating requests. Every further
 	// request has to wait.
 	MaxMutatingRequestsInFlight int
-
 	// Predicate which is true for paths of long-running http requests
 	LongRunningFunc genericfilters.LongRunningRequestCheck
 
-	// Build the handler chains by decorating the apiHandler.
+	// InsecureServingInfo is required to serve http.  HTTP does NOT include authentication or authorization.
-	BuildHandlerChainsFunc func(apiHandler http.Handler, c *Config) (secure, insecure http.Handler)
+	// You shouldn't be using this.  It makes sig-auth sad.
+	InsecureServingInfo *ServingInfo
 
-	// LegacyAPIGroupPrefixes is used to set up URL parsing for authorization and for validating requests
+	//===========================================================================
-	// to InstallLegacyAPIGroup
+	// values below here are targets for removal
-	LegacyAPIGroupPrefixes sets.String
+	//===========================================================================
+
+	// The port on PublicAddress where a read-write server will be installed.
+	// Defaults to 6443 if not set.
+	ReadWritePort int
+	// PublicAddress is the IP address where members of the cluster (kubelet,
+	// kube-proxy, services, etc.) can reach the GenericAPIServer.
+	// If nil or 0.0.0.0, the host's default interface will be used.
+	PublicAddress net.IP
 }
 
 type ServingInfo struct {

pkg/master/master.go

@@ -77,6 +77,7 @@ const (
 type Config struct {
 	GenericConfig *genericapiserver.Config
 
+	APIResourceConfigSource  genericapiserver.APIResourceConfigSource
 	StorageFactory           genericapiserver.StorageFactory
 	EnableWatchCache         bool
 	EnableCoreControllers    bool
@@ -231,7 +232,7 @@ func (c completedConfig) New() (*Master, error) {
 	}
 
 	// install legacy rest storage
-	if c.GenericConfig.APIResourceConfigSource.AnyResourcesForVersionEnabled(apiv1.SchemeGroupVersion) {
+	if c.APIResourceConfigSource.AnyResourcesForVersionEnabled(apiv1.SchemeGroupVersion) {
 		legacyRESTStorageProvider := corerest.LegacyRESTStorageProvider{
 			StorageFactory:       c.StorageFactory,
 			ProxyTransport:       c.ProxyTransport,
@@ -256,7 +257,7 @@ func (c completedConfig) New() (*Master, error) {
 		rbacrest.RESTStorageProvider{},
 		storagerest.RESTStorageProvider{},
 	}
-	m.InstallAPIs(c.Config.GenericConfig.APIResourceConfigSource, restOptionsFactory.NewFor, restStorageProviders...)
+	m.InstallAPIs(c.Config.APIResourceConfigSource, restOptionsFactory.NewFor, restStorageProviders...)
 
 	if c.Tunneler != nil {
 		m.installTunneler(c.Tunneler, corev1client.NewForConfigOrDie(c.GenericConfig.LoopbackClientConfig).Nodes())

pkg/master/master_test.go

@@ -67,6 +67,7 @@ func setUp(t *testing.T) (*Master, *etcdtesting.EtcdTestServer, Config, *assert.
 
 	config := &Config{
 		GenericConfig:           genericapiserver.NewConfig(),
+		APIResourceConfigSource: DefaultAPIResourceConfigSource(),
 		APIServerServicePort:    443,
 		MasterCount:             1,
 	}
@@ -85,10 +86,8 @@ func setUp(t *testing.T) (*Master, *etcdtesting.EtcdTestServer, Config, *assert.
 	config.GenericConfig.Version = &kubeVersion
 	config.StorageFactory = storageFactory
 	config.GenericConfig.LoopbackClientConfig = &restclient.Config{APIPath: "/api", ContentConfig: restclient.ContentConfig{NegotiatedSerializer: api.Codecs}}
-	config.GenericConfig.APIResourceConfigSource = DefaultAPIResourceConfigSource()
 	config.GenericConfig.PublicAddress = net.ParseIP("192.168.10.4")
 	config.GenericConfig.LegacyAPIGroupPrefixes = sets.NewString("/api")
-	config.GenericConfig.APIResourceConfigSource = DefaultAPIResourceConfigSource()
 	config.GenericConfig.RequestContextMapper = api.NewRequestContextMapper()
 	config.GenericConfig.LoopbackClientConfig = &restclient.Config{APIPath: "/api", ContentConfig: restclient.ContentConfig{NegotiatedSerializer: api.Codecs}}
 	config.GenericConfig.EnableMetrics = true
@@ -135,7 +134,7 @@ func limitedAPIResourceConfigSource() *genericapiserver.ResourceConfig {
 // newLimitedMaster only enables the core group, the extensions group, the batch group, and the autoscaling group.
 func newLimitedMaster(t *testing.T) (*Master, *etcdtesting.EtcdTestServer, Config, *assert.Assertions) {
 	_, etcdserver, config, assert := setUp(t)
-	config.GenericConfig.APIResourceConfigSource = limitedAPIResourceConfigSource()
+	config.APIResourceConfigSource = limitedAPIResourceConfigSource()
 	master, err := config.Complete().New()
 	if err != nil {
 		t.Fatalf("Error in bringing up the master: %v", err)

test/integration/framework/master_utils.go

@@ -357,13 +357,13 @@ func NewMasterConfig() *master.Config {
 	genericConfig := genericapiserver.NewConfig()
 	kubeVersion := version.Get()
 	genericConfig.Version = &kubeVersion
-	genericConfig.APIResourceConfigSource = master.DefaultAPIResourceConfigSource()
 	genericConfig.Authorizer = authorizer.NewAlwaysAllowAuthorizer()
 	genericConfig.AdmissionControl = admit.NewAlwaysAdmit()
 	genericConfig.EnableMetrics = true
 
 	return &master.Config{
 		GenericConfig:           genericConfig,
+		APIResourceConfigSource: master.DefaultAPIResourceConfigSource(),
 		StorageFactory:          storageFactory,
 		EnableCoreControllers:   true,
 		EnableWatchCache:        true,
@@ -378,7 +378,7 @@ func NewIntegrationTestMasterConfig() *master.Config {
 	masterConfig := NewMasterConfig()
 	masterConfig.EnableCoreControllers = true
 	masterConfig.GenericConfig.PublicAddress = net.ParseIP("192.168.10.4")
-	masterConfig.GenericConfig.APIResourceConfigSource = master.DefaultAPIResourceConfigSource()
+	masterConfig.APIResourceConfigSource = master.DefaultAPIResourceConfigSource()
 	return masterConfig
 }