apiserver: separate transport setting from storagebackend.Config
Kubernetes-commit: 7b242533a217bd809e2c846c3e3fadf7bf6edee8
This commit is contained in:
Dr. Stefan Schimanski
Kubernetes Publisher
parent
fdeb778d73
commit
7d47897b55
|
|
@ -81,7 +81,7 @@ func (s *EtcdOptions) Validate() []error {
|
|||
}
|
||||
|
||||
allErrors := []error{}
|
||||
if len(s.StorageConfig.ServerList) == 0 {
|
||||
if len(s.StorageConfig.Transport.ServerList) == 0 {
|
||||
allErrors = append(allErrors, fmt.Errorf("--etcd-servers must be specified"))
|
||||
}
|
||||
|
||||
|
|
@ -148,19 +148,19 @@ func (s *EtcdOptions) AddFlags(fs *pflag.FlagSet) {
|
|||
fs.IntVar(&dummyCacheSize, "deserialization-cache-size", 0, "Number of deserialized json objects to cache in memory.")
|
||||
fs.MarkDeprecated("deserialization-cache-size", "the deserialization cache was dropped in 1.13 with support for etcd2")
|
||||
|
||||
fs.StringSliceVar(&s.StorageConfig.ServerList, "etcd-servers", s.StorageConfig.ServerList,
|
||||
fs.StringSliceVar(&s.StorageConfig.Transport.ServerList, "etcd-servers", s.StorageConfig.Transport.ServerList,
|
||||
"List of etcd servers to connect with (scheme://ip:port), comma separated.")
|
||||
|
||||
fs.StringVar(&s.StorageConfig.Prefix, "etcd-prefix", s.StorageConfig.Prefix,
|
||||
"The prefix to prepend to all resource paths in etcd.")
|
||||
|
||||
fs.StringVar(&s.StorageConfig.KeyFile, "etcd-keyfile", s.StorageConfig.KeyFile,
|
||||
fs.StringVar(&s.StorageConfig.Transport.KeyFile, "etcd-keyfile", s.StorageConfig.Transport.KeyFile,
|
||||
"SSL key file used to secure etcd communication.")
|
||||
|
||||
fs.StringVar(&s.StorageConfig.CertFile, "etcd-certfile", s.StorageConfig.CertFile,
|
||||
fs.StringVar(&s.StorageConfig.Transport.CertFile, "etcd-certfile", s.StorageConfig.Transport.CertFile,
|
||||
"SSL certification file used to secure etcd communication.")
|
||||
|
||||
fs.StringVar(&s.StorageConfig.CAFile, "etcd-cafile", s.StorageConfig.CAFile,
|
||||
fs.StringVar(&s.StorageConfig.Transport.CAFile, "etcd-cafile", s.StorageConfig.Transport.CAFile,
|
||||
"SSL Certificate Authority file used to secure etcd communication.")
|
||||
|
||||
fs.StringVar(&s.EncryptionProviderConfigFilepath, "experimental-encryption-provider-config", s.EncryptionProviderConfigFilepath,
|
||||
|
|
|
|||
|
|
@ -36,12 +36,14 @@ func TestEtcdOptionsValidate(t *testing.T) {
|
|||
name: "test when ServerList is not specified",
|
||||
testOptions: &EtcdOptions{
|
||||
StorageConfig: storagebackend.Config{
|
||||
Type: "etcd3",
|
||||
ServerList: nil,
|
||||
Prefix: "/registry",
|
||||
KeyFile: "/var/run/kubernetes/etcd.key",
|
||||
CAFile: "/var/run/kubernetes/etcdca.crt",
|
||||
CertFile: "/var/run/kubernetes/etcdce.crt",
|
||||
Type: "etcd3",
|
||||
Prefix: "/registry",
|
||||
Transport: storagebackend.TransportConfig{
|
||||
ServerList: nil,
|
||||
KeyFile: "/var/run/kubernetes/etcd.key",
|
||||
CAFile: "/var/run/kubernetes/etcdca.crt",
|
||||
CertFile: "/var/run/kubernetes/etcdce.crt",
|
||||
},
|
||||
CompactionInterval: storagebackend.DefaultCompactInterval,
|
||||
CountMetricPollPeriod: time.Minute,
|
||||
},
|
||||
|
|
@ -58,12 +60,14 @@ func TestEtcdOptionsValidate(t *testing.T) {
|
|||
name: "test when storage-backend is invalid",
|
||||
testOptions: &EtcdOptions{
|
||||
StorageConfig: storagebackend.Config{
|
||||
Type: "etcd4",
|
||||
ServerList: []string{"http://127.0.0.1"},
|
||||
Prefix: "/registry",
|
||||
KeyFile: "/var/run/kubernetes/etcd.key",
|
||||
CAFile: "/var/run/kubernetes/etcdca.crt",
|
||||
CertFile: "/var/run/kubernetes/etcdce.crt",
|
||||
Type: "etcd4",
|
||||
Prefix: "/registry",
|
||||
Transport: storagebackend.TransportConfig{
|
||||
ServerList: []string{"http://127.0.0.1"},
|
||||
KeyFile: "/var/run/kubernetes/etcd.key",
|
||||
CAFile: "/var/run/kubernetes/etcdca.crt",
|
||||
CertFile: "/var/run/kubernetes/etcdce.crt",
|
||||
},
|
||||
CompactionInterval: storagebackend.DefaultCompactInterval,
|
||||
CountMetricPollPeriod: time.Minute,
|
||||
},
|
||||
|
|
@ -80,12 +84,14 @@ func TestEtcdOptionsValidate(t *testing.T) {
|
|||
name: "test when etcd-servers-overrides is invalid",
|
||||
testOptions: &EtcdOptions{
|
||||
StorageConfig: storagebackend.Config{
|
||||
Type: "etcd3",
|
||||
ServerList: []string{"http://127.0.0.1"},
|
||||
Type: "etcd3",
|
||||
Transport: storagebackend.TransportConfig{
|
||||
ServerList: []string{"http://127.0.0.1"},
|
||||
KeyFile: "/var/run/kubernetes/etcd.key",
|
||||
CAFile: "/var/run/kubernetes/etcdca.crt",
|
||||
CertFile: "/var/run/kubernetes/etcdce.crt",
|
||||
},
|
||||
Prefix: "/registry",
|
||||
KeyFile: "/var/run/kubernetes/etcd.key",
|
||||
CAFile: "/var/run/kubernetes/etcdca.crt",
|
||||
CertFile: "/var/run/kubernetes/etcdce.crt",
|
||||
CompactionInterval: storagebackend.DefaultCompactInterval,
|
||||
CountMetricPollPeriod: time.Minute,
|
||||
},
|
||||
|
|
@ -102,12 +108,14 @@ func TestEtcdOptionsValidate(t *testing.T) {
|
|||
name: "test when EtcdOptions is valid",
|
||||
testOptions: &EtcdOptions{
|
||||
StorageConfig: storagebackend.Config{
|
||||
Type: "etcd3",
|
||||
ServerList: []string{"http://127.0.0.1"},
|
||||
Prefix: "/registry",
|
||||
KeyFile: "/var/run/kubernetes/etcd.key",
|
||||
CAFile: "/var/run/kubernetes/etcdca.crt",
|
||||
CertFile: "/var/run/kubernetes/etcdce.crt",
|
||||
Type: "etcd3",
|
||||
Prefix: "/registry",
|
||||
Transport: storagebackend.TransportConfig{
|
||||
ServerList: []string{"http://127.0.0.1"},
|
||||
KeyFile: "/var/run/kubernetes/etcd.key",
|
||||
CAFile: "/var/run/kubernetes/etcdca.crt",
|
||||
CertFile: "/var/run/kubernetes/etcdce.crt",
|
||||
},
|
||||
CompactionInterval: storagebackend.DefaultCompactInterval,
|
||||
CountMetricPollPeriod: time.Minute,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -121,7 +121,7 @@ type groupResourceOverrides struct {
|
|||
// Apply overrides the provided config and options if the override has a value in that position
|
||||
func (o groupResourceOverrides) Apply(config *storagebackend.Config, options *StorageCodecConfig) {
|
||||
if len(o.etcdLocation) > 0 {
|
||||
config.ServerList = o.etcdLocation
|
||||
config.Transport.ServerList = o.etcdLocation
|
||||
}
|
||||
if len(o.etcdPrefix) > 0 {
|
||||
config.Prefix = o.etcdPrefix
|
||||
|
|
@ -290,7 +290,7 @@ func (s *DefaultStorageFactory) NewConfig(groupResource schema.GroupResource) (*
|
|||
// Backends returns all backends for all registered storage destinations.
|
||||
// Used for getting all instances for health validations.
|
||||
func (s *DefaultStorageFactory) Backends() []Backend {
|
||||
servers := sets.NewString(s.StorageConfig.ServerList...)
|
||||
servers := sets.NewString(s.StorageConfig.Transport.ServerList...)
|
||||
|
||||
for _, overrides := range s.Overrides {
|
||||
servers.Insert(overrides.etcdLocation...)
|
||||
|
|
@ -299,16 +299,16 @@ func (s *DefaultStorageFactory) Backends() []Backend {
|
|||
tlsConfig := &tls.Config{
|
||||
InsecureSkipVerify: true,
|
||||
}
|
||||
if len(s.StorageConfig.CertFile) > 0 && len(s.StorageConfig.KeyFile) > 0 {
|
||||
cert, err := tls.LoadX509KeyPair(s.StorageConfig.CertFile, s.StorageConfig.KeyFile)
|
||||
if len(s.StorageConfig.Transport.CertFile) > 0 && len(s.StorageConfig.Transport.KeyFile) > 0 {
|
||||
cert, err := tls.LoadX509KeyPair(s.StorageConfig.Transport.CertFile, s.StorageConfig.Transport.KeyFile)
|
||||
if err != nil {
|
||||
klog.Errorf("failed to load key pair while getting backends: %s", err)
|
||||
} else {
|
||||
tlsConfig.Certificates = []tls.Certificate{cert}
|
||||
}
|
||||
}
|
||||
if len(s.StorageConfig.CAFile) > 0 {
|
||||
if caCert, err := ioutil.ReadFile(s.StorageConfig.CAFile); err != nil {
|
||||
if len(s.StorageConfig.Transport.CAFile) > 0 {
|
||||
if caCert, err := ioutil.ReadFile(s.StorageConfig.Transport.CAFile); err != nil {
|
||||
klog.Errorf("failed to read ca file while getting backends: %s", err)
|
||||
} else {
|
||||
caPool := x509.NewCertPool()
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ func TestConfigurableStorageFactory(t *testing.T) {
|
|||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
if config.Prefix != "/prefix_for_test" || !reflect.DeepEqual(config.ServerList, []string{"/server2"}) {
|
||||
if config.Prefix != "/prefix_for_test" || !reflect.DeepEqual(config.Transport.ServerList, []string{"/server2"}) {
|
||||
t.Errorf("unexpected config %#v", config)
|
||||
}
|
||||
if !called {
|
||||
|
|
@ -136,8 +136,10 @@ func TestUpdateEtcdOverrides(t *testing.T) {
|
|||
defaultEtcdLocation := []string{"http://127.0.0.1"}
|
||||
for i, test := range testCases {
|
||||
defaultConfig := storagebackend.Config{
|
||||
Prefix: "/registry",
|
||||
ServerList: defaultEtcdLocation,
|
||||
Prefix: "/registry",
|
||||
Transport: storagebackend.TransportConfig{
|
||||
ServerList: defaultEtcdLocation,
|
||||
},
|
||||
}
|
||||
storageFactory := NewDefaultStorageFactory(defaultConfig, "", codecs, NewDefaultResourceEncodingConfig(scheme), NewResourceConfig(), nil)
|
||||
storageFactory.SetEtcdLocation(test.resource, test.servers)
|
||||
|
|
@ -148,8 +150,8 @@ func TestUpdateEtcdOverrides(t *testing.T) {
|
|||
t.Errorf("%d: unexpected error %v", i, err)
|
||||
continue
|
||||
}
|
||||
if !reflect.DeepEqual(config.ServerList, test.servers) {
|
||||
t.Errorf("%d: expected %v, got %v", i, test.servers, config.ServerList)
|
||||
if !reflect.DeepEqual(config.Transport.ServerList, test.servers) {
|
||||
t.Errorf("%d: expected %v, got %v", i, test.servers, config.Transport.ServerList)
|
||||
continue
|
||||
}
|
||||
|
||||
|
|
@ -158,8 +160,8 @@ func TestUpdateEtcdOverrides(t *testing.T) {
|
|||
t.Errorf("%d: unexpected error %v", i, err)
|
||||
continue
|
||||
}
|
||||
if !reflect.DeepEqual(config.ServerList, defaultEtcdLocation) {
|
||||
t.Errorf("%d: expected %v, got %v", i, defaultEtcdLocation, config.ServerList)
|
||||
if !reflect.DeepEqual(config.Transport.ServerList, defaultEtcdLocation) {
|
||||
t.Errorf("%d: expected %v, got %v", i, defaultEtcdLocation, config.Transport.ServerList)
|
||||
continue
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -293,10 +293,12 @@ func NewUnsecuredEtcd3TestClientServer(t *testing.T) (*EtcdTestServer, *storageb
|
|||
}
|
||||
server.V3Client = server.v3Cluster.RandClient()
|
||||
config := &storagebackend.Config{
|
||||
Type: "etcd3",
|
||||
Prefix: etcdtest.PathPrefix(),
|
||||
ServerList: server.V3Client.Endpoints(),
|
||||
Paging: true,
|
||||
Type: "etcd3",
|
||||
Prefix: etcdtest.PathPrefix(),
|
||||
Transport: storagebackend.TransportConfig{
|
||||
ServerList: server.V3Client.Endpoints(),
|
||||
},
|
||||
Paging: true,
|
||||
}
|
||||
return server, config
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,18 +30,26 @@ const (
|
|||
DefaultCompactInterval = 5 * time.Minute
|
||||
)
|
||||
|
||||
// Config is configuration for creating a storage backend.
|
||||
type Config struct {
|
||||
// Type defines the type of storage backend. Default ("") is "etcd3".
|
||||
Type string
|
||||
// Prefix is the prefix to all keys passed to storage.Interface methods.
|
||||
Prefix string
|
||||
// TransportConfig holds all connection related info, i.e. equal TransportConfig means equal servers we talk to.
|
||||
type TransportConfig struct {
|
||||
// ServerList is the list of storage servers to connect with.
|
||||
ServerList []string
|
||||
// TLS credentials
|
||||
KeyFile string
|
||||
CertFile string
|
||||
CAFile string
|
||||
}
|
||||
|
||||
// Config is configuration for creating a storage backend.
|
||||
type Config struct {
|
||||
// Type defines the type of storage backend. Default ("") is "etcd3".
|
||||
Type string
|
||||
// Prefix is the prefix to all keys passed to storage.Interface methods.
|
||||
Prefix string
|
||||
// Transport holds all connection related info, i.e. equal TransportConfig means equal servers we talk to.
|
||||
Transport TransportConfig
|
||||
// Quorum indicates that whether read operations should be quorum-level consistent.
|
||||
Quorum bool
|
||||
// Paging indicates whether the server implementation should allow paging (if it is
|
||||
// supported). This is generally configured by feature gating, or by a specific
|
||||
// resource type not wishing to allow paging, and is not intended for end users to
|
||||
|
|
@ -55,7 +63,6 @@ type Config struct {
|
|||
// CompactionInterval is an interval of requesting compaction from apiserver.
|
||||
// If the value is 0, no compaction will be issued.
|
||||
CompactionInterval time.Duration
|
||||
|
||||
// CountMetricPollPeriod specifies how often should count metric be updated
|
||||
CountMetricPollPeriod time.Duration
|
||||
}
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ func newETCD3HealthCheck(c storagebackend.Config) (func() error, error) {
|
|||
clientErrMsg.Store("etcd client connection not yet established")
|
||||
|
||||
go wait.PollUntil(time.Second, func() (bool, error) {
|
||||
client, err := newETCD3Client(c)
|
||||
client, err := newETCD3Client(c.Transport)
|
||||
if err != nil {
|
||||
clientErrMsg.Store(err.Error())
|
||||
return false, nil
|
||||
|
|
@ -78,7 +78,7 @@ func newETCD3HealthCheck(c storagebackend.Config) (func() error, error) {
|
|||
}, nil
|
||||
}
|
||||
|
||||
func newETCD3Client(c storagebackend.Config) (*clientv3.Client, error) {
|
||||
func newETCD3Client(c storagebackend.TransportConfig) (*clientv3.Client, error) {
|
||||
tlsInfo := transport.TLSInfo{
|
||||
CertFile: c.CertFile,
|
||||
KeyFile: c.KeyFile,
|
||||
|
|
@ -109,7 +109,7 @@ func newETCD3Client(c storagebackend.Config) (*clientv3.Client, error) {
|
|||
}
|
||||
|
||||
func newETCD3Storage(c storagebackend.Config) (storage.Interface, DestroyFunc, error) {
|
||||
client, err := newETCD3Client(c)
|
||||
client, err := newETCD3Client(c.Transport)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -66,12 +66,14 @@ func TestTLSConnection(t *testing.T) {
|
|||
defer cluster.Terminate(t)
|
||||
|
||||
cfg := storagebackend.Config{
|
||||
Type: storagebackend.StorageTypeETCD3,
|
||||
ServerList: []string{cluster.Members[0].GRPCAddr()},
|
||||
CertFile: certFile,
|
||||
KeyFile: keyFile,
|
||||
CAFile: caFile,
|
||||
Codec: codec,
|
||||
Type: storagebackend.StorageTypeETCD3,
|
||||
Transport: storagebackend.TransportConfig{
|
||||
ServerList: []string{cluster.Members[0].GRPCAddr()},
|
||||
CertFile: certFile,
|
||||
KeyFile: keyFile,
|
||||
CAFile: caFile,
|
||||
},
|
||||
Codec: codec,
|
||||
}
|
||||
storage, destroyFunc, err := newETCD3Storage(cfg)
|
||||
defer destroyFunc()
|
||||
|
|
|
|||
Loading…
Reference in New Issue