Startsida Utforska Hjälp
Logga in
tzeneto
/
custom-kube-scheduler
Bevaka 1
Stjärnmärk 0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: ce844b639a
Grenar Taggar
custom-kube-...
/
kubernetes-v1.15.4
/
cmd
/
kubeadm
/
app
/
util
/
system
/
kernel_validator.go

kernel_validator.go 8.0 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267 
  1. /*
    2. 

  2. Copyright 2016 The Kubernetes Authors.
    3. 

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5. you may not use this file except in compliance with the License.
    6. 

  6. You may obtain a copy of the License at
    7. 

  7. 

  8.     http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9. 

  10. Unless required by applicable law or agreed to in writing, software
    11. 

  11. distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13. See the License for the specific language governing permissions and
    14. 

  14. limitations under the License.
    15. 

  15. */
    16. 

  16. 

  17. package system
    18. 

  18. 

  19. import (
    20. 

  20. 	"bufio"
    21. 

  21. 	"bytes"
    22. 

  22. 	"compress/gzip"
    23. 

  23. 	"fmt"
    24. 

  24. 	"io"
    25. 

  25. 	"io/ioutil"
    26. 

  26. 	"os"
    27. 

  27. 	"os/exec"
    28. 

  28. 	"path/filepath"
    29. 

  29. 	"regexp"
    30. 

  30. 	"strings"
    31. 

  31. 

  32. 	"github.com/pkg/errors"
    33. 

  33. 

  34. 	errorsutil "k8s.io/apimachinery/pkg/util/errors"
    35. 

  35. 	"k8s.io/klog"
    36. 

  36. )
    37. 

  37. 

  38. var _ Validator = &KernelValidator{}
    39. 

  39. 

  40. // KernelValidator validates kernel. Currently only validate kernel version
    41. 

  41. // and kernel configuration.
    42. 

  42. type KernelValidator struct {
    43. 

  43. 	kernelRelease string
    44. 

  44. 	Reporter      Reporter
    45. 

  45. }
    46. 

  46. 

  47. // Name is part of the system.Validator interface.
    48. 

  48. func (k *KernelValidator) Name() string {
    49. 

  49. 	return "kernel"
    50. 

  50. }
    51. 

  51. 

  52. // kConfigOption is the possible kernel config option.
    53. 

  53. type kConfigOption string
    54. 

  54. 

  55. const (
    56. 

  56. 	builtIn  kConfigOption = "y"
    57. 

  57. 	asModule kConfigOption = "m"
    58. 

  58. 	leftOut  kConfigOption = "n"
    59. 

  59. 

  60. 	// validKConfigRegex is the regex matching kernel configuration line.
    61. 

  61. 	validKConfigRegex = "^CONFIG_[A-Z0-9_]+=[myn]"
    62. 

  62. 	// kernelConfigPrefix is the prefix of kernel configuration.
    63. 

  63. 	kernelConfigPrefix = "CONFIG_"
    64. 

  64. )
    65. 

  65. 

  66. // Validate is part of the system.Validator interface.
    67. 

  67. func (k *KernelValidator) Validate(spec SysSpec) (error, error) {
    68. 

  68. 	helper := KernelValidatorHelperImpl{}
    69. 

  69. 	release, err := helper.GetKernelReleaseVersion()
    70. 

  70. 	if err != nil {
    71. 

  71. 		return nil, errors.Wrap(err, "failed to get kernel release")
    72. 

  72. 	}
    73. 

  73. 	k.kernelRelease = release
    74. 

  74. 	var errs []error
    75. 

  75. 	errs = append(errs, k.validateKernelVersion(spec.KernelSpec))
    76. 

  76. 	// only validate kernel config when necessary (currently no kernel config for windows)
    77. 

  77. 	if len(spec.KernelSpec.Required) > 0 || len(spec.KernelSpec.Forbidden) > 0 || len(spec.KernelSpec.Optional) > 0 {
    78. 

  78. 		errs = append(errs, k.validateKernelConfig(spec.KernelSpec))
    79. 

  79. 	}
    80. 

  80. 	return nil, errorsutil.NewAggregate(errs)
    81. 

  81. }
    82. 

  82. 

  83. // validateKernelVersion validates the kernel version.
    84. 

  84. func (k *KernelValidator) validateKernelVersion(kSpec KernelSpec) error {
    85. 

  85. 	versionRegexps := kSpec.Versions
    86. 

  86. 	for _, versionRegexp := range versionRegexps {
    87. 

  87. 		r := regexp.MustCompile(versionRegexp)
    88. 

  88. 		if r.MatchString(k.kernelRelease) {
    89. 

  89. 			k.Reporter.Report("KERNEL_VERSION", k.kernelRelease, good)
    90. 

  90. 			return nil
    91. 

  91. 		}
    92. 

  92. 	}
    93. 

  93. 	k.Reporter.Report("KERNEL_VERSION", k.kernelRelease, bad)
    94. 

  94. 	return errors.Errorf("unsupported kernel release: %s", k.kernelRelease)
    95. 

  95. }
    96. 

  96. 

  97. // validateKernelConfig validates the kernel configurations.
    98. 

  98. func (k *KernelValidator) validateKernelConfig(kSpec KernelSpec) error {
    99. 

  99. 	allConfig, err := k.getKernelConfig()
    100. 

  100. 	if err != nil {
    101. 

  101. 		return errors.Wrap(err, "failed to parse kernel config")
    102. 

  102. 	}
    103. 

  103. 	return k.validateCachedKernelConfig(allConfig, kSpec)
    104. 

  104. }
    105. 

  105. 

  106. // validateCachedKernelConfig validates the kernel confgiurations cached in internal data type.
    107. 

  107. func (k *KernelValidator) validateCachedKernelConfig(allConfig map[string]kConfigOption, kSpec KernelSpec) error {
    108. 

  108. 	badConfigs := []string{}
    109. 

  109. 	// reportAndRecord is a helper function to record bad config when
    110. 

  110. 	// report.
    111. 

  111. 	reportAndRecord := func(name, msg, desc string, result ValidationResultType) {
    112. 

  112. 		if result == bad {
    113. 

  113. 			badConfigs = append(badConfigs, name)
    114. 

  114. 		}
    115. 

  115. 		// report description when the config is bad or warn.
    116. 

  116. 		if result != good && desc != "" {
    117. 

  117. 			msg = msg + " - " + desc
    118. 

  118. 		}
    119. 

  119. 		k.Reporter.Report(name, msg, result)
    120. 

  120. 	}
    121. 

  121. 	const (
    122. 

  122. 		required = iota
    123. 

  123. 		optional
    124. 

  124. 		forbidden
    125. 

  125. 	)
    126. 

  126. 	validateOpt := func(config KernelConfig, expect int) {
    127. 

  127. 		var found, missing ValidationResultType
    128. 

  128. 		switch expect {
    129. 

  129. 		case required:
    130. 

  130. 			found, missing = good, bad
    131. 

  131. 		case optional:
    132. 

  132. 			found, missing = good, warn
    133. 

  133. 		case forbidden:
    134. 

  134. 			found, missing = bad, good
    135. 

  135. 		}
    136. 

  136. 		var name string
    137. 

  137. 		var opt kConfigOption
    138. 

  138. 		var ok bool
    139. 

  139. 		for _, name = range append([]string{config.Name}, config.Aliases...) {
    140. 

  140. 			name = kernelConfigPrefix + name
    141. 

  141. 			if opt, ok = allConfig[name]; ok {
    142. 

  142. 				break
    143. 

  143. 			}
    144. 

  144. 		}
    145. 

  145. 		if !ok {
    146. 

  146. 			reportAndRecord(name, "not set", config.Description, missing)
    147. 

  147. 			return
    148. 

  148. 		}
    149. 

  149. 		switch opt {
    150. 

  150. 		case builtIn:
    151. 

  151. 			reportAndRecord(name, "enabled", config.Description, found)
    152. 

  152. 		case asModule:
    153. 

  153. 			reportAndRecord(name, "enabled (as module)", config.Description, found)
    154. 

  154. 		case leftOut:
    155. 

  155. 			reportAndRecord(name, "disabled", config.Description, missing)
    156. 

  156. 		default:
    157. 

  157. 			reportAndRecord(name, fmt.Sprintf("unknown option: %s", opt), config.Description, missing)
    158. 

  158. 		}
    159. 

  159. 	}
    160. 

  160. 	for _, config := range kSpec.Required {
    161. 

  161. 		validateOpt(config, required)
    162. 

  162. 	}
    163. 

  163. 	for _, config := range kSpec.Optional {
    164. 

  164. 		validateOpt(config, optional)
    165. 

  165. 	}
    166. 

  166. 	for _, config := range kSpec.Forbidden {
    167. 

  167. 		validateOpt(config, forbidden)
    168. 

  168. 	}
    169. 

  169. 	if len(badConfigs) > 0 {
    170. 

  170. 		return errors.Errorf("unexpected kernel config: %s", strings.Join(badConfigs, " "))
    171. 

  171. 	}
    172. 

  172. 	return nil
    173. 

  173. }
    174. 

  174. 

  175. // getKernelConfigReader search kernel config file in a predefined list. Once the kernel config
    176. 

  176. // file is found it will read the configurations into a byte buffer and return. If the kernel
    177. 

  177. // config file is not found, it will try to load kernel config module and retry again.
    178. 

  178. func (k *KernelValidator) getKernelConfigReader() (io.Reader, error) {
    179. 

  179. 	possibePaths := []string{
    180. 

  180. 		"/proc/config.gz",
    181. 

  181. 		"/boot/config-" + k.kernelRelease,
    182. 

  182. 		"/usr/src/linux-" + k.kernelRelease + "/.config",
    183. 

  183. 		"/usr/src/linux/.config",
    184. 

  184. 		"/usr/lib/modules/" + k.kernelRelease + "/config",
    185. 

  185. 		"/usr/lib/ostree-boot/config-" + k.kernelRelease,
    186. 

  186. 		"/usr/lib/kernel/config-" + k.kernelRelease,
    187. 

  187. 		"/usr/src/linux-headers-" + k.kernelRelease + "/.config",
    188. 

  188. 		"/lib/modules/" + k.kernelRelease + "/build/.config",
    189. 

  189. 	}
    190. 

  190. 	configsModule := "configs"
    191. 

  191. 	modprobeCmd := "modprobe"
    192. 

  192. 	// loadModule indicates whether we've tried to load kernel config module ourselves.
    193. 

  193. 	loadModule := false
    194. 

  194. 	for {
    195. 

  195. 		for _, path := range possibePaths {
    196. 

  196. 			_, err := os.Stat(path)
    197. 

  197. 			if err != nil {
    198. 

  198. 				continue
    199. 

  199. 			}
    200. 

  200. 			// Buffer the whole file, so that we can close the file and unload
    201. 

  201. 			// kernel config module in this function.
    202. 

  202. 			b, err := ioutil.ReadFile(path)
    203. 

  203. 			if err != nil {
    204. 

  204. 				return nil, err
    205. 

  205. 			}
    206. 

  206. 			var r io.Reader
    207. 

  207. 			r = bytes.NewReader(b)
    208. 

  208. 			// This is a gzip file (config.gz), unzip it.
    209. 

  209. 			if filepath.Ext(path) == ".gz" {
    210. 

  210. 				r, err = gzip.NewReader(r)
    211. 

  211. 				if err != nil {
    212. 

  212. 					return nil, err
    213. 

  213. 				}
    214. 

  214. 			}
    215. 

  215. 			return r, nil
    216. 

  216. 		}
    217. 

  217. 		// If we've tried to load kernel config module, break and return error.
    218. 

  218. 		if loadModule {
    219. 

  219. 			break
    220. 

  220. 		}
    221. 

  221. 		// If the kernel config file is not found, try to load the kernel
    222. 

  222. 		// config module and check again.
    223. 

  223. 		output, err := exec.Command(modprobeCmd, configsModule).CombinedOutput()
    224. 

  224. 		if err != nil {
    225. 

  225. 			return nil, errors.Wrapf(err, "unable to load kernel module: %q, output: %q, err",
    226. 

  226. 				configsModule, output)
    227. 

  227. 		}
    228. 

  228. 		// Unload the kernel config module to make sure the validation have no side effect.
    229. 

  229. 		defer exec.Command(modprobeCmd, "-r", configsModule).Run()
    230. 

  230. 		loadModule = true
    231. 

  231. 	}
    232. 

  232. 	return nil, errors.Errorf("no config path in %v is available", possibePaths)
    233. 

  233. }
    234. 

  234. 

  235. // getKernelConfig gets kernel config from kernel config file and convert kernel config to internal type.
    236. 

  236. func (k *KernelValidator) getKernelConfig() (map[string]kConfigOption, error) {
    237. 

  237. 	r, err := k.getKernelConfigReader()
    238. 

  238. 	if err != nil {
    239. 

  239. 		return nil, err
    240. 

  240. 	}
    241. 

  241. 	return k.parseKernelConfig(r)
    242. 

  242. }
    243. 

  243. 

  244. // parseKernelConfig converts kernel config to internal type.
    245. 

  245. func (k *KernelValidator) parseKernelConfig(r io.Reader) (map[string]kConfigOption, error) {
    246. 

  246. 	config := map[string]kConfigOption{}
    247. 

  247. 	regex := regexp.MustCompile(validKConfigRegex)
    248. 

  248. 	s := bufio.NewScanner(r)
    249. 

  249. 	for s.Scan() {
    250. 

  250. 		if err := s.Err(); err != nil {
    251. 

  251. 			return nil, err
    252. 

  252. 		}
    253. 

  253. 		line := strings.TrimSpace(s.Text())
    254. 

  254. 		if !regex.MatchString(line) {
    255. 

  255. 			continue
    256. 

  256. 		}
    257. 

  257. 		fields := strings.Split(line, "=")
    258. 

  258. 		if len(fields) != 2 {
    259. 

  259. 			klog.Errorf("Unexpected fields number in config %q", line)
    260. 

  260. 			continue
    261. 

  261. 		}
    262. 

  262. 		config[fields[0]] = kConfigOption(fields[1])
    263. 

  263. 	}
    264. 

  264. 	return config, nil
    265. 

  265. 

  266. }
    267. 

  267.