kube-aggregator: use shared informers from RecommendedConfig

cmd/kube-apiserver/app/aggregator.go

@@ -81,11 +81,10 @@ func createAggregatorConfig(kubeAPIServerConfig genericapiserver.Config, command
 			SharedInformerFactory: externalInformers,
 		},
 		ExtraConfig: aggregatorapiserver.ExtraConfig{
-			CoreKubeInformers: externalInformers,
+			ProxyClientCert: certBytes,
-			ProxyClientCert:   certBytes,
+			ProxyClientKey:  keyBytes,
-			ProxyClientKey:    keyBytes,
+			ServiceResolver: serviceResolver,
-			ServiceResolver:   serviceResolver,
+			ProxyTransport:  proxyTransport,
-			ProxyTransport:    proxyTransport,
 		},
 	}
 

staging/src/k8s.io/kube-aggregator/artifacts/hostpath-pods/insecure-etcd-pod.yaml

@@ -12,7 +12,7 @@ spec:
     args:
     - "/usr/local/bin/kube-aggregator"
     - "--secure-port=9443"
-    - "--core-kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig"
+    - "--kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig"
     - "--authentication-kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig"
     - "--authorization-kubeconfig=/var/run/auth-client/kube-aggregator.kubeconfig"
     - "--proxy-client-cert-file=/var/run/auth-proxy-client/client-auth-proxy.crt"

staging/src/k8s.io/kube-aggregator/pkg/apiserver/apiserver.go

@@ -30,7 +30,6 @@ import (
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/registry/rest"
 	genericapiserver "k8s.io/apiserver/pkg/server"
-	kubeinformers "k8s.io/client-go/informers"
 	"k8s.io/client-go/pkg/version"
 
 	"k8s.io/kube-aggregator/pkg/apis/apiregistration"
@@ -71,9 +70,6 @@ func init() {
 const legacyAPIServiceName = "v1."
 
 type ExtraConfig struct {
-	// CoreKubeInformers is used to watch kube resources
-	CoreKubeInformers kubeinformers.SharedInformerFactory
-
 	// ProxyClientCert/Key are the client cert used to identify this proxy. Backing APIServices use
 	// this to confirm the proxy's identity
 	ProxyClientCert []byte
@@ -205,17 +201,17 @@ func (c completedConfig) NewWithDelegate(delegationTarget genericapiserver.Deleg
 	s.GenericAPIServer.Handler.NonGoRestfulMux.Handle("/apis", apisHandler)
 	s.GenericAPIServer.Handler.NonGoRestfulMux.UnlistedHandle("/apis/", apisHandler)
 
-	apiserviceRegistrationController := NewAPIServiceRegistrationController(informerFactory.Apiregistration().InternalVersion().APIServices(), c.ExtraConfig.CoreKubeInformers.Core().V1().Services(), s)
+	apiserviceRegistrationController := NewAPIServiceRegistrationController(informerFactory.Apiregistration().InternalVersion().APIServices(), c.GenericConfig.SharedInformerFactory.Core().V1().Services(), s)
 	availableController := statuscontrollers.NewAvailableConditionController(
 		informerFactory.Apiregistration().InternalVersion().APIServices(),
-		c.ExtraConfig.CoreKubeInformers.Core().V1().Services(),
+		c.GenericConfig.SharedInformerFactory.Core().V1().Services(),
-		c.ExtraConfig.CoreKubeInformers.Core().V1().Endpoints(),
+		c.GenericConfig.SharedInformerFactory.Core().V1().Endpoints(),
 		apiregistrationClient.Apiregistration(),
 	)
 
 	s.GenericAPIServer.AddPostStartHook("start-kube-aggregator-informers", func(context genericapiserver.PostStartHookContext) error {
 		informerFactory.Start(context.StopCh)
-		c.ExtraConfig.CoreKubeInformers.Start(context.StopCh)
+		c.GenericConfig.SharedInformerFactory.Start(context.StopCh)
 		return nil
 	})
 	s.GenericAPIServer.AddPostStartHook("apiservice-registration-controller", func(context genericapiserver.PostStartHookContext) error {

staging/src/k8s.io/kube-aggregator/pkg/cmd/server/start.go

@@ -20,7 +20,6 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
-	"time"
 
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
@@ -30,10 +29,6 @@ import (
 	genericapiserver "k8s.io/apiserver/pkg/server"
 	"k8s.io/apiserver/pkg/server/filters"
 	genericoptions "k8s.io/apiserver/pkg/server/options"
-	kubeinformers "k8s.io/client-go/informers"
-	kubeclientset "k8s.io/client-go/kubernetes"
-	"k8s.io/client-go/rest"
-	"k8s.io/client-go/tools/clientcmd"
 	"k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1"
 	"k8s.io/kube-aggregator/pkg/apiserver"
 )
@@ -48,10 +43,6 @@ type AggregatorOptions struct {
 	ProxyClientCertFile string
 	ProxyClientKeyFile  string
 
-	// CoreAPIKubeconfig is a filename for a kubeconfig file to contact the core API server with
-	// If it is not set, the in cluster config is used
-	CoreAPIKubeconfig string
-
 	StdOut io.Writer
 	StdErr io.Writer
 }
@@ -86,9 +77,6 @@ func (o *AggregatorOptions) AddFlags(fs *pflag.FlagSet) {
 	o.RecommendedOptions.AddFlags(fs)
 	fs.StringVar(&o.ProxyClientCertFile, "proxy-client-cert-file", o.ProxyClientCertFile, "client certificate used identify the proxy to the API server")
 	fs.StringVar(&o.ProxyClientKeyFile, "proxy-client-key-file", o.ProxyClientKeyFile, "client certificate key used identify the proxy to the API server")
-	fs.StringVar(&o.CoreAPIKubeconfig, "core-kubeconfig", o.CoreAPIKubeconfig, ""+
-		"kubeconfig file pointing at the 'core' kubernetes server with enough rights to get,list,watch "+
-		" services,endpoints.  If not set, the in-cluster config is used")
 }
 
 // NewDefaultOptions builds a "normal" set of options.  You wouldn't normally expose this, but hyperkube isn't cobra compatible
@@ -100,9 +88,6 @@ func NewDefaultOptions(out, err io.Writer) *AggregatorOptions {
 		StdErr: err,
 	}
 
-	// the shared informer is not needed for kube-aggregator. Disable the kubeconfig flag and the client creation.
-	o.RecommendedOptions.CoreAPI = nil
-
 	return o
 }
 
@@ -132,36 +117,16 @@ func (o AggregatorOptions) RunAggregator(stopCh <-chan struct{}) error {
 		sets.NewString("attach", "exec", "proxy", "log", "portforward"),
 	)
 
-	var kubeconfig *rest.Config
+	serviceResolver := apiserver.NewClusterIPServiceResolver(serverConfig.SharedInformerFactory.Core().V1().Services().Lister())
-	var err error
-	if len(o.CoreAPIKubeconfig) > 0 {
-		loadingRules := &clientcmd.ClientConfigLoadingRules{ExplicitPath: o.CoreAPIKubeconfig}
-		loader := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loadingRules, &clientcmd.ConfigOverrides{})
-
-		kubeconfig, err = loader.ClientConfig()
-
-	} else {
-		kubeconfig, err = rest.InClusterConfig()
-	}
-	if err != nil {
-		return err
-	}
-
-	coreAPIServerClient, err := kubeclientset.NewForConfig(kubeconfig)
-	if err != nil {
-		return err
-	}
-	kubeInformers := kubeinformers.NewSharedInformerFactory(coreAPIServerClient, 5*time.Minute)
-	serviceResolver := apiserver.NewClusterIPServiceResolver(kubeInformers.Core().V1().Services().Lister())
 
 	config := apiserver.Config{
 		GenericConfig: serverConfig,
 		ExtraConfig: apiserver.ExtraConfig{
-			CoreKubeInformers: kubeInformers,
+			ServiceResolver: serviceResolver,
-			ServiceResolver:   serviceResolver,
 		},
 	}
 
+	var err error
 	config.ExtraConfig.ProxyClientCert, err = ioutil.ReadFile(o.ProxyClientCertFile)
 	if err != nil {
 		return err

test/integration/examples/apiserver_test.go

@@ -264,7 +264,7 @@ func TestAggregatedAPIServer(t *testing.T) {
 				"--requestheader-username-headers", "",
 				"--proxy-client-cert-file", proxyClientCertFile.Name(),
 				"--proxy-client-key-file", proxyClientKeyFile.Name(),
-				"--core-kubeconfig", kubeconfigFile.Name(),
+				"--kubeconfig", kubeconfigFile.Name(),
 				"--authentication-kubeconfig", kubeconfigFile.Name(),
 				"--authorization-kubeconfig", kubeconfigFile.Name(),
 				"--etcd-servers", framework.GetEtcdURL(),