* Shush autogomaxproc.
I am not as sure about this change, but those logs are not following the standard formt
and given we need to inject the logger in init() makes this next to impossible.
Corollary, is that we set cpu limits on all our binaries, except QP, so it only mattered there
since otherwise the package logs nothing.
* m
* Allow override QPS and Burst via flag.
Add `--kube-api-qps` and `--kube-api-burst` command-line flags
to control client QPS and Burst respectively.
The default value is set to 0 to keep backward compatibility.
Signed-off-by: Pierangelo Di Pilato <pierangelodipilato@gmail.com>
* Inline validation functions
Signed-off-by: Pierangelo Di Pilato <pierangelodipilato@gmail.com>
* put EnableInjectionOrDie back on the main path
* nil check pointer type
* move enable injeciton out of sharedmain
* lint
* nit picking fmt....
* add documentation
* feedback cleanup
* injection.GetRESTConfig
* redirect code that moved:
The EnableInjectionOrDie starts informers immedidately in a go
routine, which changes the order of informer start and controller
setup. As a result setting resync period to informer handler will
be ignored as the informer is already started. Though this will
likely affect more components, changing the EnableInjectionOrDie
function will break the API, so this is a temporary solution to
fix all the controllers depending on sharedmain.
* Enable HA by default.
This consolidates the core of sharedmain around the new leaderelection logic, which will now be **enabled by default**.
This can now be disabled with `--disable-ha` or by passing `sharedmain.WithHADisabled(ctx)` to `sharedmain.MainWithConfig`.
* vagababov comments, build failure
* Open an issue for enabledComponents removal.
* Move the configmap watcher startup.
This race was uncovered by the chaos duck on knative/serving! When we have enabled a feature flag, e.g. multi-container, and the webhook pods are restarted, there is a brief window where the webhook is up and healthy before the configmaps have synchronized and the new webhook pod realizes the feature is enabled.
* Drop the import alias
This change allows for (just webhook for now) controllers going through sharedmain to opt into Yanwei's logic by setting several environment variables.
I was able to pull this change in downstream and change the webhook to use a StatefulSet with the following environment:
```
+ # These settings are used for statefulset-based
+ # leader selection.
+ - name: CONTROLLER_ORDINAL
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: STATEFUL_SERVICE_NAME
+ value: "webhook"
```
Running the above with 10 replicas and 10 buckets worked as intended (keys were evenly distributed across the replicas).
* generate krshaped logic
* add logic to the tag
* Update injection/README.md
Co-authored-by: Matt Moore <mattmoor@vmware.com>
* move var to reconciler
Co-authored-by: Matt Moore <mattmoor@vmware.com>
- use more performant functions (mostly remove formatters were possible)
- move zap.Error() to the call site, rather than creating a new sugared logger with a key attached (not cheap)
- fix *w usages where the key was not provided.
This makes the config used to start all the clients available on the context starting the controllers. That enables us to use that config to create secondary clients in the controllers with the same config.
* Change StartAll to take context.
This has bugged me since we started using `ctx`, which containers a `stopCh` of sorts as `Done()`. This is somewhat for consistency, but by using `ctx` explicitly we enable ourselves to take advantage of more contextual information.
I did a quick scan of call sites and the good news is that the `sharedmain` change should be the place through which the vast majority of calls occur, however, the one outlier here is the KPA which calls this manually. I will stage a PR to manually import pkg into serving to fix this once this lands.
* Add a Run shim for back-compat
* Retry to get logging configmap when failed
When deploying pods with Istio sidecar, it takes a few seconds until
network is configured. In fact, Serving's system pods always fail when
Istio sidecar is enbled.
To fix it, this patch changes to retry to get logging configmap for 5
seconds.
* Add IsNotFound error check
* Remove if error condition
* Start the webhook before informers sync.
Some webhooks (e.g. conversion) are required to list resources, so by delaying those until after informers have synced, we create a deadlock when they run in the same process. This change has two key parts:
1. Start the webhook immediately when our process starts, and issue a callback from sharedmain when the informers have synced.
2. Block `Admit` calls until informers have synced (all conversions are exempt), unless they have been designated by implementing `webhook.StatelessAdmissionController`.
Our built-in admission controllers (defaulting, validation, configmap validation) have all been marked as stateless, the main case where we want to block `Admit` calls is when we require the informer to have synchronized to populate indices for Bindings.
* Add missing err declaration
* Add leader election config and to sharedmain
* Add new dependencies
* Extract method for RunLeaderElected
* Make leader election config constructor validate
* Rename leader election files
* Always start profiling server whether component has LE lock or not
* Fix entering unreachable section when leader election is disabled
* Address PR feedback
* Revert "Add support for client TLS to pkg/metrics (#1045)"
This reverts commit 945b556708.
* Roll forward "Add support for client TLS to pkg/metrics (#1045)"
Adds support for client TLS certs for opencensus export
* Switch sharedmain to only pass a getter rather than an all-namespace lister.
* Add a TODO about using a cached copy if this generates undue load
* Update deps per build failure.
* Refactor per @anniefu suggestion
Gallardot
Markus Thömmes
Scott Nichols
Josh Soref
Julian Friedman
Victor Agababov
Pierangelo Di Pilato
Zhongduo Lin (Jimmy)
Zbynek Roubalik
chen zhengwei
Adam Harwayne
Matt Moore
Ville Aikas
Weston Haught
Matthew Broomfield
Kenjiro Nakayama
Knative Prow Robot
Andrew Su
Paul Morie
Evan Anderson