From 6746ccadda26f5e23b1d97b4650f6fc4b692d9ba Mon Sep 17 00:00:00 2001 From: Andrew Sy Kim Date: Mon, 26 Oct 2020 10:24:16 -0400 Subject: [PATCH] apiserver: support egress selection name 'controlplane' and deprecate 'master' Signed-off-by: Andrew Sy Kim Kubernetes-commit: a0aebf96ec2eef6517e2611335f0e6c9375dd807 --- pkg/apis/apiserver/types.go | 3 ++- pkg/apis/apiserver/v1alpha1/types.go | 3 ++- pkg/apis/apiserver/v1beta1/types.go | 3 ++- pkg/server/egressselector/egress_selector.go | 15 ++++++++++----- pkg/server/egressselector/egress_selector_test.go | 2 +- pkg/server/options/audit.go | 2 +- pkg/util/webhook/authentication.go | 2 +- 7 files changed, 19 insertions(+), 11 deletions(-) diff --git a/pkg/apis/apiserver/types.go b/pkg/apis/apiserver/types.go index 4e4149441..f0614be3a 100644 --- a/pkg/apis/apiserver/types.go +++ b/pkg/apis/apiserver/types.go @@ -62,7 +62,8 @@ type EgressSelectorConfiguration struct { // EgressSelection provides the configuration for a single egress selection client. type EgressSelection struct { // Name is the name of the egress selection. - // Currently supported values are "Master", "Etcd" and "Cluster" + // Currently supported values are "ControlPlane", "Master", "Etcd" and "Cluster" + // The "Master" egress selector is deprecated in favor of "ControlPlane" Name string // Connection is the exact information used to configure the egress selection diff --git a/pkg/apis/apiserver/v1alpha1/types.go b/pkg/apis/apiserver/v1alpha1/types.go index 7b9aacae8..53e559596 100644 --- a/pkg/apis/apiserver/v1alpha1/types.go +++ b/pkg/apis/apiserver/v1alpha1/types.go @@ -62,7 +62,8 @@ type EgressSelectorConfiguration struct { // EgressSelection provides the configuration for a single egress selection client. type EgressSelection struct { // name is the name of the egress selection. - // Currently supported values are "Master", "Etcd" and "Cluster" + // Currently supported values are "ControlPlane", "Master", "Etcd" and "Cluster" + // The "Master" egress selector is deprecated in favor of "ControlPlane" Name string `json:"name"` // connection is the exact information used to configure the egress selection diff --git a/pkg/apis/apiserver/v1beta1/types.go b/pkg/apis/apiserver/v1beta1/types.go index 0a6fd0732..03bac01bd 100644 --- a/pkg/apis/apiserver/v1beta1/types.go +++ b/pkg/apis/apiserver/v1beta1/types.go @@ -33,7 +33,8 @@ type EgressSelectorConfiguration struct { // EgressSelection provides the configuration for a single egress selection client. type EgressSelection struct { // name is the name of the egress selection. - // Currently supported values are "Master", "Etcd" and "Cluster" + // Currently supported values are "ControlPlane", "Master", "Etcd" and "Cluster" + // The "Master" egress selector is deprecated in favor of "ControlPlane" Name string `json:"name"` // connection is the exact information used to configure the egress selection diff --git a/pkg/server/egressselector/egress_selector.go b/pkg/server/egressselector/egress_selector.go index a41a85403..a849575b8 100644 --- a/pkg/server/egressselector/egress_selector.go +++ b/pkg/server/egressselector/egress_selector.go @@ -51,8 +51,8 @@ type EgressSelector struct { type EgressType int const ( - // Master is the EgressType for traffic intended to go to the control plane. - Master EgressType = iota + // ControlPlane is the EgressType for traffic intended to go to the control plane. + ControlPlane EgressType = iota // Etcd is the EgressType for traffic intended to go to Kubernetes persistence store. Etcd // Cluster is the EgressType for traffic intended to go to the system being managed by Kubernetes. @@ -73,8 +73,8 @@ type Lookup func(networkContext NetworkContext) (utilnet.DialFunc, error) // String returns the canonical string representation of the egress type func (s EgressType) String() string { switch s { - case Master: - return "master" + case ControlPlane: + return "controlplane" case Etcd: return "etcd" case Cluster: @@ -91,8 +91,12 @@ func (s EgressType) AsNetworkContext() NetworkContext { func lookupServiceName(name string) (EgressType, error) { switch strings.ToLower(name) { + // 'master' is deprecated, interpret "master" as controlplane internally until removed in v1.22. case "master": - return Master, nil + klog.Warning("EgressSelection name 'master' is deprecated, use 'controlplane' instead") + return ControlPlane, nil + case "controlplane": + return ControlPlane, nil case "etcd": return Etcd, nil case "cluster": @@ -364,5 +368,6 @@ func (cs *EgressSelector) Lookup(networkContext NetworkContext) (utilnet.DialFun // The round trip wrapper will over-ride the dialContext method appropriately return nil, nil } + return cs.egressToDialer[networkContext.EgressSelectionName], nil } diff --git a/pkg/server/egressselector/egress_selector_test.go b/pkg/server/egressselector/egress_selector_test.go index 8ff72fe8a..2b31ccc41 100644 --- a/pkg/server/egressselector/egress_selector_test.go +++ b/pkg/server/egressselector/egress_selector_test.go @@ -90,7 +90,7 @@ func TestEgressSelector(t *testing.T) { nil, }, { - Master, + ControlPlane, validateDirectDialer, nil, nil, diff --git a/pkg/server/options/audit.go b/pkg/server/options/audit.go index 06ff8a3ef..1798eb71a 100644 --- a/pkg/server/options/audit.go +++ b/pkg/server/options/audit.go @@ -306,7 +306,7 @@ func (o *AuditOptions) ApplyTo( klog.V(2).Info("No audit policy file provided, no events will be recorded for webhook backend") } else { if c.EgressSelector != nil { - egressDialer, err := c.EgressSelector.Lookup(egressselector.Master.AsNetworkContext()) + egressDialer, err := c.EgressSelector.Lookup(egressselector.ControlPlane.AsNetworkContext()) if err != nil { return err } diff --git a/pkg/util/webhook/authentication.go b/pkg/util/webhook/authentication.go index 042879dad..965bc8b58 100644 --- a/pkg/util/webhook/authentication.go +++ b/pkg/util/webhook/authentication.go @@ -55,7 +55,7 @@ func NewDefaultAuthenticationInfoResolverWrapper( } if egressSelector != nil { - networkContext := egressselector.Master.AsNetworkContext() + networkContext := egressselector.ControlPlane.AsNetworkContext() var egressDialer utilnet.DialFunc egressDialer, err = egressSelector.Lookup(networkContext)