Home Explore Help
Sign In
tzeneto
/
custom-kube-scheduler
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 6343814d4b
Branches Tags
custom-kube-...
/
kubernetes-v1.17
/
cmd
/
cloud-controller-manager
/
app
/
options
/
options.go

options.go 11 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275 
  1. /*
    2. 

  2. Copyright 2016 The Kubernetes Authors.
    3. 

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5. you may not use this file except in compliance with the License.
    6. 

  6. You may obtain a copy of the License at
    7. 

  7. 

  8.     http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9. 

  10. Unless required by applicable law or agreed to in writing, software
    11. 

  11. distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13. See the License for the specific language governing permissions and
    14. 

  14. limitations under the License.
    15. 

  15. */
    16. 

  16. 

  17. package options
    18. 

  18. 

  19. import (
    20. 

  20. 	"fmt"
    21. 

  21. 	"math/rand"
    22. 

  22. 	"net"
    23. 

  23. 	"time"
    24. 

  24. 

  25. 	v1 "k8s.io/api/core/v1"
    26. 

  26. 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    27. 

  27. 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
    28. 

  28. 	apiserveroptions "k8s.io/apiserver/pkg/server/options"
    29. 

  29. 	utilfeature "k8s.io/apiserver/pkg/util/feature"
    30. 

  30. 	"k8s.io/client-go/informers"
    31. 

  31. 	clientset "k8s.io/client-go/kubernetes"
    32. 

  32. 	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
    33. 

  33. 	restclient "k8s.io/client-go/rest"
    34. 

  34. 	"k8s.io/client-go/tools/clientcmd"
    35. 

  35. 	"k8s.io/client-go/tools/record"
    36. 

  36. 	cliflag "k8s.io/component-base/cli/flag"
    37. 

  37. 	"k8s.io/klog"
    38. 

  38. 	ccmconfig "k8s.io/kubernetes/cmd/cloud-controller-manager/app/apis/config"
    39. 

  39. 	ccmconfigscheme "k8s.io/kubernetes/cmd/cloud-controller-manager/app/apis/config/scheme"
    40. 

  40. 	ccmconfigv1alpha1 "k8s.io/kubernetes/cmd/cloud-controller-manager/app/apis/config/v1alpha1"
    41. 

  41. 	cloudcontrollerconfig "k8s.io/kubernetes/cmd/cloud-controller-manager/app/config"
    42. 

  42. 	cmoptions "k8s.io/kubernetes/cmd/controller-manager/app/options"
    43. 

  43. 	"k8s.io/kubernetes/pkg/api/legacyscheme"
    44. 

  44. 	"k8s.io/kubernetes/pkg/controller"
    45. 

  45. 	"k8s.io/kubernetes/pkg/master/ports"
    46. 

  46. 

  47. 	// add the kubernetes feature gates
    48. 

  48. 	_ "k8s.io/kubernetes/pkg/features"
    49. 

  49. )
    50. 

  50. 

  51. const (
    52. 

  52. 	// CloudControllerManagerUserAgent is the userAgent name when starting cloud-controller managers.
    53. 

  53. 	CloudControllerManagerUserAgent = "cloud-controller-manager"
    54. 

  54. 	// DefaultInsecureCloudControllerManagerPort is the default insecure cloud-controller manager port.
    55. 

  55. 	DefaultInsecureCloudControllerManagerPort = 0
    56. 

  56. )
    57. 

  57. 

  58. // CloudControllerManagerOptions is the main context object for the controller manager.
    59. 

  59. type CloudControllerManagerOptions struct {
    60. 

  60. 	Generic           *cmoptions.GenericControllerManagerConfigurationOptions
    61. 

  61. 	KubeCloudShared   *cmoptions.KubeCloudSharedOptions
    62. 

  62. 	ServiceController *cmoptions.ServiceControllerOptions
    63. 

  63. 

  64. 	SecureServing *apiserveroptions.SecureServingOptionsWithLoopback
    65. 

  65. 	// TODO: remove insecure serving mode
    66. 

  66. 	InsecureServing *apiserveroptions.DeprecatedInsecureServingOptionsWithLoopback
    67. 

  67. 	Authentication  *apiserveroptions.DelegatingAuthenticationOptions
    68. 

  68. 	Authorization   *apiserveroptions.DelegatingAuthorizationOptions
    69. 

  69. 

  70. 	Master     string
    71. 

  71. 	Kubeconfig string
    72. 

  72. 

  73. 	// NodeStatusUpdateFrequency is the frequency at which the controller updates nodes' status
    74. 

  74. 	NodeStatusUpdateFrequency metav1.Duration
    75. 

  75. }
    76. 

  76. 

  77. // NewCloudControllerManagerOptions creates a new ExternalCMServer with a default config.
    78. 

  78. func NewCloudControllerManagerOptions() (*CloudControllerManagerOptions, error) {
    79. 

  79. 	componentConfig, err := NewDefaultComponentConfig(DefaultInsecureCloudControllerManagerPort)
    80. 

  80. 	if err != nil {
    81. 

  81. 		return nil, err
    82. 

  82. 	}
    83. 

  83. 

  84. 	s := CloudControllerManagerOptions{
    85. 

  85. 		Generic:         cmoptions.NewGenericControllerManagerConfigurationOptions(&componentConfig.Generic),
    86. 

  86. 		KubeCloudShared: cmoptions.NewKubeCloudSharedOptions(&componentConfig.KubeCloudShared),
    87. 

  87. 		ServiceController: &cmoptions.ServiceControllerOptions{
    88. 

  88. 			ServiceControllerConfiguration: &componentConfig.ServiceController,
    89. 

  89. 		},
    90. 

  90. 		SecureServing: apiserveroptions.NewSecureServingOptions().WithLoopback(),
    91. 

  91. 		InsecureServing: (&apiserveroptions.DeprecatedInsecureServingOptions{
    92. 

  92. 			BindAddress: net.ParseIP(componentConfig.Generic.Address),
    93. 

  93. 			BindPort:    int(componentConfig.Generic.Port),
    94. 

  94. 			BindNetwork: "tcp",
    95. 

  95. 		}).WithLoopback(),
    96. 

  96. 		Authentication:            apiserveroptions.NewDelegatingAuthenticationOptions(),
    97. 

  97. 		Authorization:             apiserveroptions.NewDelegatingAuthorizationOptions(),
    98. 

  98. 		NodeStatusUpdateFrequency: componentConfig.NodeStatusUpdateFrequency,
    99. 

  99. 	}
    100. 

  100. 

  101. 	s.Authentication.RemoteKubeConfigFileOptional = true
    102. 

  102. 	s.Authorization.RemoteKubeConfigFileOptional = true
    103. 

  103. 	s.Authorization.AlwaysAllowPaths = []string{"/healthz"}
    104. 

  104. 

  105. 	// Set the PairName but leave certificate directory blank to generate in-memory by default
    106. 

  106. 	s.SecureServing.ServerCert.CertDirectory = ""
    107. 

  107. 	s.SecureServing.ServerCert.PairName = "cloud-controller-manager"
    108. 

  108. 	s.SecureServing.BindPort = ports.CloudControllerManagerPort
    109. 

  109. 

  110. 	s.Generic.LeaderElection.ResourceName = "cloud-controller-manager"
    111. 

  111. 	s.Generic.LeaderElection.ResourceNamespace = "kube-system"
    112. 

  112. 

  113. 	return &s, nil
    114. 

  114. }
    115. 

  115. 

  116. // NewDefaultComponentConfig returns cloud-controller manager configuration object.
    117. 

  117. func NewDefaultComponentConfig(insecurePort int32) (*ccmconfig.CloudControllerManagerConfiguration, error) {
    118. 

  118. 	versioned := &ccmconfigv1alpha1.CloudControllerManagerConfiguration{}
    119. 

  119. 	ccmconfigscheme.Scheme.Default(versioned)
    120. 

  120. 

  121. 	internal := &ccmconfig.CloudControllerManagerConfiguration{}
    122. 

  122. 	if err := ccmconfigscheme.Scheme.Convert(versioned, internal, nil); err != nil {
    123. 

  123. 		return nil, err
    124. 

  124. 	}
    125. 

  125. 	internal.Generic.Port = insecurePort
    126. 

  126. 	return internal, nil
    127. 

  127. }
    128. 

  128. 

  129. // Flags returns flags for a specific APIServer by section name
    130. 

  130. func (o *CloudControllerManagerOptions) Flags(allControllers, disabledByDefaultControllers []string) cliflag.NamedFlagSets {
    131. 

  131. 	fss := cliflag.NamedFlagSets{}
    132. 

  132. 	o.Generic.AddFlags(&fss, allControllers, disabledByDefaultControllers)
    133. 

  133. 	o.KubeCloudShared.AddFlags(fss.FlagSet("generic"))
    134. 

  134. 	o.ServiceController.AddFlags(fss.FlagSet("service controller"))
    135. 

  135. 

  136. 	o.SecureServing.AddFlags(fss.FlagSet("secure serving"))
    137. 

  137. 	o.InsecureServing.AddUnqualifiedFlags(fss.FlagSet("insecure serving"))
    138. 

  138. 	o.Authentication.AddFlags(fss.FlagSet("authentication"))
    139. 

  139. 	o.Authorization.AddFlags(fss.FlagSet("authorization"))
    140. 

  140. 

  141. 	fs := fss.FlagSet("misc")
    142. 

  142. 	fs.StringVar(&o.Master, "master", o.Master, "The address of the Kubernetes API server (overrides any value in kubeconfig).")
    143. 

  143. 	fs.StringVar(&o.Kubeconfig, "kubeconfig", o.Kubeconfig, "Path to kubeconfig file with authorization and master location information.")
    144. 

  144. 	fs.DurationVar(&o.NodeStatusUpdateFrequency.Duration, "node-status-update-frequency", o.NodeStatusUpdateFrequency.Duration, "Specifies how often the controller updates nodes' status.")
    145. 

  145. 

  146. 	utilfeature.DefaultMutableFeatureGate.AddFlag(fss.FlagSet("generic"))
    147. 

  147. 

  148. 	return fss
    149. 

  149. }
    150. 

  150. 

  151. // ApplyTo fills up cloud controller manager config with options.
    152. 

  152. func (o *CloudControllerManagerOptions) ApplyTo(c *cloudcontrollerconfig.Config, userAgent string) error {
    153. 

  153. 	var err error
    154. 

  154. 	if err = o.Generic.ApplyTo(&c.ComponentConfig.Generic); err != nil {
    155. 

  155. 		return err
    156. 

  156. 	}
    157. 

  157. 	if err = o.KubeCloudShared.ApplyTo(&c.ComponentConfig.KubeCloudShared); err != nil {
    158. 

  158. 		return err
    159. 

  159. 	}
    160. 

  160. 	if err = o.ServiceController.ApplyTo(&c.ComponentConfig.ServiceController); err != nil {
    161. 

  161. 		return err
    162. 

  162. 	}
    163. 

  163. 	if err = o.InsecureServing.ApplyTo(&c.InsecureServing, &c.LoopbackClientConfig); err != nil {
    164. 

  164. 		return err
    165. 

  165. 	}
    166. 

  166. 	if err = o.SecureServing.ApplyTo(&c.SecureServing, &c.LoopbackClientConfig); err != nil {
    167. 

  167. 		return err
    168. 

  168. 	}
    169. 

  169. 	if o.SecureServing.BindPort != 0 || o.SecureServing.Listener != nil {
    170. 

  170. 		if err = o.Authentication.ApplyTo(&c.Authentication, c.SecureServing, nil); err != nil {
    171. 

  171. 			return err
    172. 

  172. 		}
    173. 

  173. 		if err = o.Authorization.ApplyTo(&c.Authorization); err != nil {
    174. 

  174. 			return err
    175. 

  175. 		}
    176. 

  176. 	}
    177. 

  177. 

  178. 	c.Kubeconfig, err = clientcmd.BuildConfigFromFlags(o.Master, o.Kubeconfig)
    179. 

  179. 	if err != nil {
    180. 

  180. 		return err
    181. 

  181. 	}
    182. 

  182. 	c.Kubeconfig.DisableCompression = true
    183. 

  183. 	c.Kubeconfig.ContentConfig.AcceptContentTypes = o.Generic.ClientConnection.AcceptContentTypes
    184. 

  184. 	c.Kubeconfig.ContentConfig.ContentType = o.Generic.ClientConnection.ContentType
    185. 

  185. 	c.Kubeconfig.QPS = o.Generic.ClientConnection.QPS
    186. 

  186. 	c.Kubeconfig.Burst = int(o.Generic.ClientConnection.Burst)
    187. 

  187. 

  188. 	c.Client, err = clientset.NewForConfig(restclient.AddUserAgent(c.Kubeconfig, userAgent))
    189. 

  189. 	if err != nil {
    190. 

  190. 		return err
    191. 

  191. 	}
    192. 

  192. 

  193. 	c.LeaderElectionClient = clientset.NewForConfigOrDie(restclient.AddUserAgent(c.Kubeconfig, "leader-election"))
    194. 

  194. 

  195. 	c.EventRecorder = createRecorder(c.Client, userAgent)
    196. 

  196. 

  197. 	rootClientBuilder := controller.SimpleControllerClientBuilder{
    198. 

  198. 		ClientConfig: c.Kubeconfig,
    199. 

  199. 	}
    200. 

  200. 	if c.ComponentConfig.KubeCloudShared.UseServiceAccountCredentials {
    201. 

  201. 		c.ClientBuilder = controller.SAControllerClientBuilder{
    202. 

  202. 			ClientConfig:         restclient.AnonymousClientConfig(c.Kubeconfig),
    203. 

  203. 			CoreClient:           c.Client.CoreV1(),
    204. 

  204. 			AuthenticationClient: c.Client.AuthenticationV1(),
    205. 

  205. 			Namespace:            metav1.NamespaceSystem,
    206. 

  206. 		}
    207. 

  207. 	} else {
    208. 

  208. 		c.ClientBuilder = rootClientBuilder
    209. 

  209. 	}
    210. 

  210. 	c.VersionedClient = rootClientBuilder.ClientOrDie("shared-informers")
    211. 

  211. 	c.SharedInformers = informers.NewSharedInformerFactory(c.VersionedClient, resyncPeriod(c)())
    212. 

  212. 

  213. 	// sync back to component config
    214. 

  214. 	// TODO: find more elegant way than syncing back the values.
    215. 

  215. 	c.ComponentConfig.Generic.Port = int32(o.InsecureServing.BindPort)
    216. 

  216. 	c.ComponentConfig.Generic.Address = o.InsecureServing.BindAddress.String()
    217. 

  217. 

  218. 	c.ComponentConfig.NodeStatusUpdateFrequency = o.NodeStatusUpdateFrequency
    219. 

  219. 

  220. 	return nil
    221. 

  221. }
    222. 

  222. 

  223. // Validate is used to validate config before launching the cloud controller manager
    224. 

  224. func (o *CloudControllerManagerOptions) Validate(allControllers, disabledByDefaultControllers []string) error {
    225. 

  225. 	errors := []error{}
    226. 

  226. 

  227. 	errors = append(errors, o.Generic.Validate(allControllers, disabledByDefaultControllers)...)
    228. 

  228. 	errors = append(errors, o.KubeCloudShared.Validate()...)
    229. 

  229. 	errors = append(errors, o.ServiceController.Validate()...)
    230. 

  230. 	errors = append(errors, o.SecureServing.Validate()...)
    231. 

  231. 	errors = append(errors, o.InsecureServing.Validate()...)
    232. 

  232. 	errors = append(errors, o.Authentication.Validate()...)
    233. 

  233. 	errors = append(errors, o.Authorization.Validate()...)
    234. 

  234. 

  235. 	if len(o.KubeCloudShared.CloudProvider.Name) == 0 {
    236. 

  236. 		errors = append(errors, fmt.Errorf("--cloud-provider cannot be empty"))
    237. 

  237. 	}
    238. 

  238. 

  239. 	return utilerrors.NewAggregate(errors)
    240. 

  240. }
    241. 

  241. 

  242. // resyncPeriod computes the time interval a shared informer waits before resyncing with the api server
    243. 

  243. func resyncPeriod(c *cloudcontrollerconfig.Config) func() time.Duration {
    244. 

  244. 	return func() time.Duration {
    245. 

  245. 		factor := rand.Float64() + 1
    246. 

  246. 		return time.Duration(float64(c.ComponentConfig.Generic.MinResyncPeriod.Nanoseconds()) * factor)
    247. 

  247. 	}
    248. 

  248. }
    249. 

  249. 

  250. // Config return a cloud controller manager config objective
    251. 

  251. func (o *CloudControllerManagerOptions) Config(allControllers, disabledByDefaultControllers []string) (*cloudcontrollerconfig.Config, error) {
    252. 

  252. 	if err := o.Validate(allControllers, disabledByDefaultControllers); err != nil {
    253. 

  253. 		return nil, err
    254. 

  254. 	}
    255. 

  255. 

  256. 	if err := o.SecureServing.MaybeDefaultWithSelfSignedCerts("localhost", nil, []net.IP{net.ParseIP("127.0.0.1")}); err != nil {
    257. 

  257. 		return nil, fmt.Errorf("error creating self-signed certificates: %v", err)
    258. 

  258. 	}
    259. 

  259. 

  260. 	c := &cloudcontrollerconfig.Config{}
    261. 

  261. 	if err := o.ApplyTo(c, CloudControllerManagerUserAgent); err != nil {
    262. 

  262. 		return nil, err
    263. 

  263. 	}
    264. 

  264. 

  265. 	return c, nil
    266. 

  266. }
    267. 

  267. 

  268. func createRecorder(kubeClient clientset.Interface, userAgent string) record.EventRecorder {
    269. 

  269. 	eventBroadcaster := record.NewBroadcaster()
    270. 

  270. 	eventBroadcaster.StartLogging(klog.Infof)
    271. 

  271. 	eventBroadcaster.StartRecordingToSink(&v1core.EventSinkImpl{Interface: kubeClient.CoreV1().Events("")})
    272. 

  272. 	// TODO: remove dependence on the legacyscheme
    273. 

  273. 	return eventBroadcaster.NewRecorder(legacyscheme.Scheme, v1.EventSource{Component: userAgent})
    274. 

  274. }
    275. 

  275.