kube-aggregator: use shared informers from RecommendedConfig

This commit is contained in:
Dr. Stefan Schimanski 2017-09-08 14:36:38 +02:00
parent b153268da7
commit d99c7df360
5 changed files with 13 additions and 53 deletions

View File

@ -81,11 +81,10 @@ func createAggregatorConfig(kubeAPIServerConfig genericapiserver.Config, command
SharedInformerFactory: externalInformers,
},
ExtraConfig: aggregatorapiserver.ExtraConfig{
CoreKubeInformers: externalInformers,
ProxyClientCert: certBytes,
ProxyClientKey: keyBytes,
ServiceResolver: serviceResolver,
ProxyTransport: proxyTransport,
ProxyClientCert: certBytes,
ProxyClientKey: keyBytes,
ServiceResolver: serviceResolver,
ProxyTransport: proxyTransport,
},
}

View File

@ -12,7 +12,7 @@ spec:
args:
- "/usr/local/bin/kube-aggregator"
- "--secure-port=9443"
- "--core-kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig"
- "--kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig"
- "--authentication-kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig"
- "--authorization-kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig"
- "--proxy-client-cert-file=/var/run/auth-proxy-client/client-auth-proxy.crt"

View File

@ -30,7 +30,6 @@ import (
genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
"k8s.io/apiserver/pkg/registry/rest"
genericapiserver "k8s.io/apiserver/pkg/server"
kubeinformers "k8s.io/client-go/informers"
"k8s.io/client-go/pkg/version"
"k8s.io/kube-aggregator/pkg/apis/apiregistration"
@ -71,9 +70,6 @@ func init() {
const legacyAPIServiceName = "v1."
type ExtraConfig struct {
// CoreKubeInformers is used to watch kube resources
CoreKubeInformers kubeinformers.SharedInformerFactory
// ProxyClientCert/Key are the client cert used to identify this proxy. Backing APIServices use
// this to confirm the proxy's identity
ProxyClientCert []byte
@ -205,17 +201,17 @@ func (c completedConfig) NewWithDelegate(delegationTarget genericapiserver.Deleg
s.GenericAPIServer.Handler.NonGoRestfulMux.Handle("/apis", apisHandler)
s.GenericAPIServer.Handler.NonGoRestfulMux.UnlistedHandle("/apis/", apisHandler)
apiserviceRegistrationController := NewAPIServiceRegistrationController(informerFactory.Apiregistration().InternalVersion().APIServices(), c.ExtraConfig.CoreKubeInformers.Core().V1().Services(), s)
apiserviceRegistrationController := NewAPIServiceRegistrationController(informerFactory.Apiregistration().InternalVersion().APIServices(), c.GenericConfig.SharedInformerFactory.Core().V1().Services(), s)
availableController := statuscontrollers.NewAvailableConditionController(
informerFactory.Apiregistration().InternalVersion().APIServices(),
c.ExtraConfig.CoreKubeInformers.Core().V1().Services(),
c.ExtraConfig.CoreKubeInformers.Core().V1().Endpoints(),
c.GenericConfig.SharedInformerFactory.Core().V1().Services(),
c.GenericConfig.SharedInformerFactory.Core().V1().Endpoints(),
apiregistrationClient.Apiregistration(),
)
s.GenericAPIServer.AddPostStartHook("start-kube-aggregator-informers", func(context genericapiserver.PostStartHookContext) error {
informerFactory.Start(context.StopCh)
c.ExtraConfig.CoreKubeInformers.Start(context.StopCh)
c.GenericConfig.SharedInformerFactory.Start(context.StopCh)
return nil
})
s.GenericAPIServer.AddPostStartHook("apiservice-registration-controller", func(context genericapiserver.PostStartHookContext) error {

View File

@ -20,7 +20,6 @@ import (
"fmt"
"io"
"io/ioutil"
"time"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
@ -30,10 +29,6 @@ import (
genericapiserver "k8s.io/apiserver/pkg/server"
"k8s.io/apiserver/pkg/server/filters"
genericoptions "k8s.io/apiserver/pkg/server/options"
kubeinformers "k8s.io/client-go/informers"
kubeclientset "k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
"k8s.io/client-go/tools/clientcmd"
"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1"
"k8s.io/kube-aggregator/pkg/apiserver"
)
@ -48,10 +43,6 @@ type AggregatorOptions struct {
ProxyClientCertFile string
ProxyClientKeyFile string
// CoreAPIKubeconfig is a filename for a kubeconfig file to contact the core API server with
// If it is not set, the in cluster config is used
CoreAPIKubeconfig string
StdOut io.Writer
StdErr io.Writer
}
@ -86,9 +77,6 @@ func (o *AggregatorOptions) AddFlags(fs *pflag.FlagSet) {
o.RecommendedOptions.AddFlags(fs)
fs.StringVar(&o.ProxyClientCertFile, "proxy-client-cert-file", o.ProxyClientCertFile, "client certificate used identify the proxy to the API server")
fs.StringVar(&o.ProxyClientKeyFile, "proxy-client-key-file", o.ProxyClientKeyFile, "client certificate key used identify the proxy to the API server")
fs.StringVar(&o.CoreAPIKubeconfig, "core-kubeconfig", o.CoreAPIKubeconfig, ""+
"kubeconfig file pointing at the 'core' kubernetes server with enough rights to get,list,watch "+
" services,endpoints. If not set, the in-cluster config is used")
}
// NewDefaultOptions builds a "normal" set of options. You wouldn't normally expose this, but hyperkube isn't cobra compatible
@ -100,9 +88,6 @@ func NewDefaultOptions(out, err io.Writer) *AggregatorOptions {
StdErr: err,
}
// the shared informer is not needed for kube-aggregator. Disable the kubeconfig flag and the client creation.
o.RecommendedOptions.CoreAPI = nil
return o
}
@ -132,36 +117,16 @@ func (o AggregatorOptions) RunAggregator(stopCh <-chan struct{}) error {
sets.NewString("attach", "exec", "proxy", "log", "portforward"),
)
var kubeconfig *rest.Config
var err error
if len(o.CoreAPIKubeconfig) > 0 {
loadingRules := &clientcmd.ClientConfigLoadingRules{ExplicitPath: o.CoreAPIKubeconfig}
loader := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loadingRules, &clientcmd.ConfigOverrides{})
kubeconfig, err = loader.ClientConfig()
} else {
kubeconfig, err = rest.InClusterConfig()
}
if err != nil {
return err
}
coreAPIServerClient, err := kubeclientset.NewForConfig(kubeconfig)
if err != nil {
return err
}
kubeInformers := kubeinformers.NewSharedInformerFactory(coreAPIServerClient, 5*time.Minute)
serviceResolver := apiserver.NewClusterIPServiceResolver(kubeInformers.Core().V1().Services().Lister())
serviceResolver := apiserver.NewClusterIPServiceResolver(serverConfig.SharedInformerFactory.Core().V1().Services().Lister())
config := apiserver.Config{
GenericConfig: serverConfig,
ExtraConfig: apiserver.ExtraConfig{
CoreKubeInformers: kubeInformers,
ServiceResolver: serviceResolver,
ServiceResolver: serviceResolver,
},
}
var err error
config.ExtraConfig.ProxyClientCert, err = ioutil.ReadFile(o.ProxyClientCertFile)
if err != nil {
return err

View File

@ -264,7 +264,7 @@ func TestAggregatedAPIServer(t *testing.T) {
"--requestheader-username-headers", "",
"--proxy-client-cert-file", proxyClientCertFile.Name(),
"--proxy-client-key-file", proxyClientKeyFile.Name(),
"--core-kubeconfig", kubeconfigFile.Name(),
"--kubeconfig", kubeconfigFile.Name(),
"--authentication-kubeconfig", kubeconfigFile.Name(),
"--authorization-kubeconfig", kubeconfigFile.Name(),
"--etcd-servers", framework.GetEtcdURL(),