diff --git a/cmd/kube-apiserver/app/aggregator.go b/cmd/kube-apiserver/app/aggregator.go index aab55da9c28..28bb181b71e 100644 --- a/cmd/kube-apiserver/app/aggregator.go +++ b/cmd/kube-apiserver/app/aggregator.go @@ -81,11 +81,10 @@ func createAggregatorConfig(kubeAPIServerConfig genericapiserver.Config, command SharedInformerFactory: externalInformers, }, ExtraConfig: aggregatorapiserver.ExtraConfig{ - CoreKubeInformers: externalInformers, - ProxyClientCert: certBytes, - ProxyClientKey: keyBytes, - ServiceResolver: serviceResolver, - ProxyTransport: proxyTransport, + ProxyClientCert: certBytes, + ProxyClientKey: keyBytes, + ServiceResolver: serviceResolver, + ProxyTransport: proxyTransport, }, } diff --git a/staging/src/k8s.io/kube-aggregator/artifacts/hostpath-pods/insecure-etcd-pod.yaml b/staging/src/k8s.io/kube-aggregator/artifacts/hostpath-pods/insecure-etcd-pod.yaml index af7f2969ea3..4cc60730324 100644 --- a/staging/src/k8s.io/kube-aggregator/artifacts/hostpath-pods/insecure-etcd-pod.yaml +++ b/staging/src/k8s.io/kube-aggregator/artifacts/hostpath-pods/insecure-etcd-pod.yaml @@ -12,7 +12,7 @@ spec: args: - "/usr/local/bin/kube-aggregator" - "--secure-port=9443" - - "--core-kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig" + - "--kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig" - "--authentication-kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig" - "--authorization-kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig" - "--proxy-client-cert-file=/var/run/auth-proxy-client/client-auth-proxy.crt" diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go index a85794e166d..3e70b7a5e22 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go @@ -30,7 +30,6 @@ import ( genericapirequest "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/registry/rest" genericapiserver "k8s.io/apiserver/pkg/server" - kubeinformers "k8s.io/client-go/informers" "k8s.io/client-go/pkg/version" "k8s.io/kube-aggregator/pkg/apis/apiregistration" @@ -71,9 +70,6 @@ func init() { const legacyAPIServiceName = "v1." type ExtraConfig struct { - // CoreKubeInformers is used to watch kube resources - CoreKubeInformers kubeinformers.SharedInformerFactory - // ProxyClientCert/Key are the client cert used to identify this proxy. Backing APIServices use // this to confirm the proxy's identity ProxyClientCert []byte @@ -205,17 +201,17 @@ func (c completedConfig) NewWithDelegate(delegationTarget genericapiserver.Deleg s.GenericAPIServer.Handler.NonGoRestfulMux.Handle("/apis", apisHandler) s.GenericAPIServer.Handler.NonGoRestfulMux.UnlistedHandle("/apis/", apisHandler) - apiserviceRegistrationController := NewAPIServiceRegistrationController(informerFactory.Apiregistration().InternalVersion().APIServices(), c.ExtraConfig.CoreKubeInformers.Core().V1().Services(), s) + apiserviceRegistrationController := NewAPIServiceRegistrationController(informerFactory.Apiregistration().InternalVersion().APIServices(), c.GenericConfig.SharedInformerFactory.Core().V1().Services(), s) availableController := statuscontrollers.NewAvailableConditionController( informerFactory.Apiregistration().InternalVersion().APIServices(), - c.ExtraConfig.CoreKubeInformers.Core().V1().Services(), - c.ExtraConfig.CoreKubeInformers.Core().V1().Endpoints(), + c.GenericConfig.SharedInformerFactory.Core().V1().Services(), + c.GenericConfig.SharedInformerFactory.Core().V1().Endpoints(), apiregistrationClient.Apiregistration(), ) s.GenericAPIServer.AddPostStartHook("start-kube-aggregator-informers", func(context genericapiserver.PostStartHookContext) error { informerFactory.Start(context.StopCh) - c.ExtraConfig.CoreKubeInformers.Start(context.StopCh) + c.GenericConfig.SharedInformerFactory.Start(context.StopCh) return nil }) s.GenericAPIServer.AddPostStartHook("apiservice-registration-controller", func(context genericapiserver.PostStartHookContext) error { diff --git a/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go b/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go index c47bb0654db..66b1ac5f905 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go @@ -20,7 +20,6 @@ import ( "fmt" "io" "io/ioutil" - "time" "github.com/spf13/cobra" "github.com/spf13/pflag" @@ -30,10 +29,6 @@ import ( genericapiserver "k8s.io/apiserver/pkg/server" "k8s.io/apiserver/pkg/server/filters" genericoptions "k8s.io/apiserver/pkg/server/options" - kubeinformers "k8s.io/client-go/informers" - kubeclientset "k8s.io/client-go/kubernetes" - "k8s.io/client-go/rest" - "k8s.io/client-go/tools/clientcmd" "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1" "k8s.io/kube-aggregator/pkg/apiserver" ) @@ -48,10 +43,6 @@ type AggregatorOptions struct { ProxyClientCertFile string ProxyClientKeyFile string - // CoreAPIKubeconfig is a filename for a kubeconfig file to contact the core API server with - // If it is not set, the in cluster config is used - CoreAPIKubeconfig string - StdOut io.Writer StdErr io.Writer } @@ -86,9 +77,6 @@ func (o *AggregatorOptions) AddFlags(fs *pflag.FlagSet) { o.RecommendedOptions.AddFlags(fs) fs.StringVar(&o.ProxyClientCertFile, "proxy-client-cert-file", o.ProxyClientCertFile, "client certificate used identify the proxy to the API server") fs.StringVar(&o.ProxyClientKeyFile, "proxy-client-key-file", o.ProxyClientKeyFile, "client certificate key used identify the proxy to the API server") - fs.StringVar(&o.CoreAPIKubeconfig, "core-kubeconfig", o.CoreAPIKubeconfig, ""+ - "kubeconfig file pointing at the 'core' kubernetes server with enough rights to get,list,watch "+ - " services,endpoints. If not set, the in-cluster config is used") } // NewDefaultOptions builds a "normal" set of options. You wouldn't normally expose this, but hyperkube isn't cobra compatible @@ -100,9 +88,6 @@ func NewDefaultOptions(out, err io.Writer) *AggregatorOptions { StdErr: err, } - // the shared informer is not needed for kube-aggregator. Disable the kubeconfig flag and the client creation. - o.RecommendedOptions.CoreAPI = nil - return o } @@ -132,36 +117,16 @@ func (o AggregatorOptions) RunAggregator(stopCh <-chan struct{}) error { sets.NewString("attach", "exec", "proxy", "log", "portforward"), ) - var kubeconfig *rest.Config - var err error - if len(o.CoreAPIKubeconfig) > 0 { - loadingRules := &clientcmd.ClientConfigLoadingRules{ExplicitPath: o.CoreAPIKubeconfig} - loader := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loadingRules, &clientcmd.ConfigOverrides{}) - - kubeconfig, err = loader.ClientConfig() - - } else { - kubeconfig, err = rest.InClusterConfig() - } - if err != nil { - return err - } - - coreAPIServerClient, err := kubeclientset.NewForConfig(kubeconfig) - if err != nil { - return err - } - kubeInformers := kubeinformers.NewSharedInformerFactory(coreAPIServerClient, 5*time.Minute) - serviceResolver := apiserver.NewClusterIPServiceResolver(kubeInformers.Core().V1().Services().Lister()) + serviceResolver := apiserver.NewClusterIPServiceResolver(serverConfig.SharedInformerFactory.Core().V1().Services().Lister()) config := apiserver.Config{ GenericConfig: serverConfig, ExtraConfig: apiserver.ExtraConfig{ - CoreKubeInformers: kubeInformers, - ServiceResolver: serviceResolver, + ServiceResolver: serviceResolver, }, } + var err error config.ExtraConfig.ProxyClientCert, err = ioutil.ReadFile(o.ProxyClientCertFile) if err != nil { return err diff --git a/test/integration/examples/apiserver_test.go b/test/integration/examples/apiserver_test.go index 512dce8f944..48b052f9ab0 100644 --- a/test/integration/examples/apiserver_test.go +++ b/test/integration/examples/apiserver_test.go @@ -264,7 +264,7 @@ func TestAggregatedAPIServer(t *testing.T) { "--requestheader-username-headers", "", "--proxy-client-cert-file", proxyClientCertFile.Name(), "--proxy-client-key-file", proxyClientKeyFile.Name(), - "--core-kubeconfig", kubeconfigFile.Name(), + "--kubeconfig", kubeconfigFile.Name(), "--authentication-kubeconfig", kubeconfigFile.Name(), "--authorization-kubeconfig", kubeconfigFile.Name(), "--etcd-servers", framework.GetEtcdURL(),