mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 19:56:01 +00:00
Merge pull request #64795 from mikedanese/fixgke
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. auth: standalone kubelets shouldn't start a token manager fixes https://github.com/kubernetes/kubernetes/issues/64789
This commit is contained in:
commit
f54593b740
@ -781,7 +781,7 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
|
||||
containerRefManager,
|
||||
kubeDeps.Recorder)
|
||||
|
||||
tokenManager := token.NewManager(kubeDeps.KubeClient.CoreV1())
|
||||
tokenManager := token.NewManager(kubeDeps.KubeClient)
|
||||
|
||||
klet.volumePluginMgr, err =
|
||||
NewInitializedVolumePluginMgr(klet, secretManager, configMapManager, tokenManager, kubeDeps.VolumePlugins, kubeDeps.DynamicPluginProber)
|
||||
|
@ -326,7 +326,7 @@ func newTestKubeletWithImageList(
|
||||
|
||||
var prober volume.DynamicPluginProber = nil // TODO (#51147) inject mock
|
||||
kubelet.volumePluginMgr, err =
|
||||
NewInitializedVolumePluginMgr(kubelet, kubelet.secretManager, kubelet.configMapManager, token.NewManager(kubelet.kubeClient.CoreV1()), allPlugins, prober)
|
||||
NewInitializedVolumePluginMgr(kubelet, kubelet.secretManager, kubelet.configMapManager, token.NewManager(kubelet.kubeClient), allPlugins, prober)
|
||||
require.NoError(t, err, "Failed to initialize VolumePluginMgr")
|
||||
|
||||
kubelet.mounter = &mount.FakeMounter{}
|
||||
|
@ -24,7 +24,7 @@ go_library(
|
||||
"//vendor/k8s.io/api/authentication/v1:go_default_library",
|
||||
"//vendor/k8s.io/apimachinery/pkg/util/clock:go_default_library",
|
||||
"//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
|
||||
"//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
|
||||
"//vendor/k8s.io/client-go/kubernetes:go_default_library",
|
||||
],
|
||||
)
|
||||
|
||||
|
@ -19,6 +19,7 @@ limitations under the License.
|
||||
package token
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"sync"
|
||||
"time"
|
||||
@ -27,7 +28,7 @@ import (
|
||||
authenticationv1 "k8s.io/api/authentication/v1"
|
||||
"k8s.io/apimachinery/pkg/util/clock"
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
corev1 "k8s.io/client-go/kubernetes/typed/core/v1"
|
||||
clientset "k8s.io/client-go/kubernetes"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -36,10 +37,13 @@ const (
|
||||
)
|
||||
|
||||
// NewManager returns a new token manager.
|
||||
func NewManager(c corev1.CoreV1Interface) *Manager {
|
||||
func NewManager(c clientset.Interface) *Manager {
|
||||
m := &Manager{
|
||||
getToken: func(name, namespace string, tr *authenticationv1.TokenRequest) (*authenticationv1.TokenRequest, error) {
|
||||
return c.ServiceAccounts(namespace).CreateToken(name, tr)
|
||||
if c == nil {
|
||||
return nil, errors.New("cannot use TokenManager when kubelet is in standalone mode")
|
||||
}
|
||||
return c.CoreV1().ServiceAccounts(namespace).CreateToken(name, tr)
|
||||
},
|
||||
cache: make(map[string]*authenticationv1.TokenRequest),
|
||||
clock: clock.RealClock{},
|
||||
|
Loading…
Reference in New Issue
Block a user