From 7d47897b5530e3e85ae47f5fc941ed4f8bb36f8d Mon Sep 17 00:00:00 2001 From: "Dr. Stefan Schimanski" Date: Wed, 12 Sep 2018 10:59:01 +0200 Subject: [PATCH] apiserver: separate transport setting from storagebackend.Config Kubernetes-commit: 7b242533a217bd809e2c846c3e3fadf7bf6edee8 --- pkg/server/options/etcd.go | 10 ++-- pkg/server/options/etcd_test.go | 54 +++++++++++-------- pkg/server/storage/storage_factory.go | 12 ++--- pkg/server/storage/storage_factory_test.go | 16 +++--- pkg/storage/etcd/testing/utils.go | 10 ++-- pkg/storage/storagebackend/config.go | 21 +++++--- pkg/storage/storagebackend/factory/etcd3.go | 6 +-- .../storagebackend/factory/tls_test.go | 14 ++--- 8 files changed, 82 insertions(+), 61 deletions(-) diff --git a/pkg/server/options/etcd.go b/pkg/server/options/etcd.go index 26173eb72..f1fe2c3b4 100644 --- a/pkg/server/options/etcd.go +++ b/pkg/server/options/etcd.go @@ -81,7 +81,7 @@ func (s *EtcdOptions) Validate() []error { } allErrors := []error{} - if len(s.StorageConfig.ServerList) == 0 { + if len(s.StorageConfig.Transport.ServerList) == 0 { allErrors = append(allErrors, fmt.Errorf("--etcd-servers must be specified")) } @@ -148,19 +148,19 @@ func (s *EtcdOptions) AddFlags(fs *pflag.FlagSet) { fs.IntVar(&dummyCacheSize, "deserialization-cache-size", 0, "Number of deserialized json objects to cache in memory.") fs.MarkDeprecated("deserialization-cache-size", "the deserialization cache was dropped in 1.13 with support for etcd2") - fs.StringSliceVar(&s.StorageConfig.ServerList, "etcd-servers", s.StorageConfig.ServerList, + fs.StringSliceVar(&s.StorageConfig.Transport.ServerList, "etcd-servers", s.StorageConfig.Transport.ServerList, "List of etcd servers to connect with (scheme://ip:port), comma separated.") fs.StringVar(&s.StorageConfig.Prefix, "etcd-prefix", s.StorageConfig.Prefix, "The prefix to prepend to all resource paths in etcd.") - fs.StringVar(&s.StorageConfig.KeyFile, "etcd-keyfile", s.StorageConfig.KeyFile, + fs.StringVar(&s.StorageConfig.Transport.KeyFile, "etcd-keyfile", s.StorageConfig.Transport.KeyFile, "SSL key file used to secure etcd communication.") - fs.StringVar(&s.StorageConfig.CertFile, "etcd-certfile", s.StorageConfig.CertFile, + fs.StringVar(&s.StorageConfig.Transport.CertFile, "etcd-certfile", s.StorageConfig.Transport.CertFile, "SSL certification file used to secure etcd communication.") - fs.StringVar(&s.StorageConfig.CAFile, "etcd-cafile", s.StorageConfig.CAFile, + fs.StringVar(&s.StorageConfig.Transport.CAFile, "etcd-cafile", s.StorageConfig.Transport.CAFile, "SSL Certificate Authority file used to secure etcd communication.") fs.StringVar(&s.EncryptionProviderConfigFilepath, "experimental-encryption-provider-config", s.EncryptionProviderConfigFilepath, diff --git a/pkg/server/options/etcd_test.go b/pkg/server/options/etcd_test.go index 7f772f5b3..5600d5438 100644 --- a/pkg/server/options/etcd_test.go +++ b/pkg/server/options/etcd_test.go @@ -36,12 +36,14 @@ func TestEtcdOptionsValidate(t *testing.T) { name: "test when ServerList is not specified", testOptions: &EtcdOptions{ StorageConfig: storagebackend.Config{ - Type: "etcd3", - ServerList: nil, - Prefix: "/registry", - KeyFile: "/var/run/kubernetes/etcd.key", - CAFile: "/var/run/kubernetes/etcdca.crt", - CertFile: "/var/run/kubernetes/etcdce.crt", + Type: "etcd3", + Prefix: "/registry", + Transport: storagebackend.TransportConfig{ + ServerList: nil, + KeyFile: "/var/run/kubernetes/etcd.key", + CAFile: "/var/run/kubernetes/etcdca.crt", + CertFile: "/var/run/kubernetes/etcdce.crt", + }, CompactionInterval: storagebackend.DefaultCompactInterval, CountMetricPollPeriod: time.Minute, }, @@ -58,12 +60,14 @@ func TestEtcdOptionsValidate(t *testing.T) { name: "test when storage-backend is invalid", testOptions: &EtcdOptions{ StorageConfig: storagebackend.Config{ - Type: "etcd4", - ServerList: []string{"http://127.0.0.1"}, - Prefix: "/registry", - KeyFile: "/var/run/kubernetes/etcd.key", - CAFile: "/var/run/kubernetes/etcdca.crt", - CertFile: "/var/run/kubernetes/etcdce.crt", + Type: "etcd4", + Prefix: "/registry", + Transport: storagebackend.TransportConfig{ + ServerList: []string{"http://127.0.0.1"}, + KeyFile: "/var/run/kubernetes/etcd.key", + CAFile: "/var/run/kubernetes/etcdca.crt", + CertFile: "/var/run/kubernetes/etcdce.crt", + }, CompactionInterval: storagebackend.DefaultCompactInterval, CountMetricPollPeriod: time.Minute, }, @@ -80,12 +84,14 @@ func TestEtcdOptionsValidate(t *testing.T) { name: "test when etcd-servers-overrides is invalid", testOptions: &EtcdOptions{ StorageConfig: storagebackend.Config{ - Type: "etcd3", - ServerList: []string{"http://127.0.0.1"}, + Type: "etcd3", + Transport: storagebackend.TransportConfig{ + ServerList: []string{"http://127.0.0.1"}, + KeyFile: "/var/run/kubernetes/etcd.key", + CAFile: "/var/run/kubernetes/etcdca.crt", + CertFile: "/var/run/kubernetes/etcdce.crt", + }, Prefix: "/registry", - KeyFile: "/var/run/kubernetes/etcd.key", - CAFile: "/var/run/kubernetes/etcdca.crt", - CertFile: "/var/run/kubernetes/etcdce.crt", CompactionInterval: storagebackend.DefaultCompactInterval, CountMetricPollPeriod: time.Minute, }, @@ -102,12 +108,14 @@ func TestEtcdOptionsValidate(t *testing.T) { name: "test when EtcdOptions is valid", testOptions: &EtcdOptions{ StorageConfig: storagebackend.Config{ - Type: "etcd3", - ServerList: []string{"http://127.0.0.1"}, - Prefix: "/registry", - KeyFile: "/var/run/kubernetes/etcd.key", - CAFile: "/var/run/kubernetes/etcdca.crt", - CertFile: "/var/run/kubernetes/etcdce.crt", + Type: "etcd3", + Prefix: "/registry", + Transport: storagebackend.TransportConfig{ + ServerList: []string{"http://127.0.0.1"}, + KeyFile: "/var/run/kubernetes/etcd.key", + CAFile: "/var/run/kubernetes/etcdca.crt", + CertFile: "/var/run/kubernetes/etcdce.crt", + }, CompactionInterval: storagebackend.DefaultCompactInterval, CountMetricPollPeriod: time.Minute, }, diff --git a/pkg/server/storage/storage_factory.go b/pkg/server/storage/storage_factory.go index a87ce4a5e..c3bb6ecd6 100644 --- a/pkg/server/storage/storage_factory.go +++ b/pkg/server/storage/storage_factory.go @@ -121,7 +121,7 @@ type groupResourceOverrides struct { // Apply overrides the provided config and options if the override has a value in that position func (o groupResourceOverrides) Apply(config *storagebackend.Config, options *StorageCodecConfig) { if len(o.etcdLocation) > 0 { - config.ServerList = o.etcdLocation + config.Transport.ServerList = o.etcdLocation } if len(o.etcdPrefix) > 0 { config.Prefix = o.etcdPrefix @@ -290,7 +290,7 @@ func (s *DefaultStorageFactory) NewConfig(groupResource schema.GroupResource) (* // Backends returns all backends for all registered storage destinations. // Used for getting all instances for health validations. func (s *DefaultStorageFactory) Backends() []Backend { - servers := sets.NewString(s.StorageConfig.ServerList...) + servers := sets.NewString(s.StorageConfig.Transport.ServerList...) for _, overrides := range s.Overrides { servers.Insert(overrides.etcdLocation...) @@ -299,16 +299,16 @@ func (s *DefaultStorageFactory) Backends() []Backend { tlsConfig := &tls.Config{ InsecureSkipVerify: true, } - if len(s.StorageConfig.CertFile) > 0 && len(s.StorageConfig.KeyFile) > 0 { - cert, err := tls.LoadX509KeyPair(s.StorageConfig.CertFile, s.StorageConfig.KeyFile) + if len(s.StorageConfig.Transport.CertFile) > 0 && len(s.StorageConfig.Transport.KeyFile) > 0 { + cert, err := tls.LoadX509KeyPair(s.StorageConfig.Transport.CertFile, s.StorageConfig.Transport.KeyFile) if err != nil { klog.Errorf("failed to load key pair while getting backends: %s", err) } else { tlsConfig.Certificates = []tls.Certificate{cert} } } - if len(s.StorageConfig.CAFile) > 0 { - if caCert, err := ioutil.ReadFile(s.StorageConfig.CAFile); err != nil { + if len(s.StorageConfig.Transport.CAFile) > 0 { + if caCert, err := ioutil.ReadFile(s.StorageConfig.Transport.CAFile); err != nil { klog.Errorf("failed to read ca file while getting backends: %s", err) } else { caPool := x509.NewCertPool() diff --git a/pkg/server/storage/storage_factory_test.go b/pkg/server/storage/storage_factory_test.go index 197ff6b79..3c8c1c2d3 100644 --- a/pkg/server/storage/storage_factory_test.go +++ b/pkg/server/storage/storage_factory_test.go @@ -104,7 +104,7 @@ func TestConfigurableStorageFactory(t *testing.T) { if err != nil { t.Fatal(err) } - if config.Prefix != "/prefix_for_test" || !reflect.DeepEqual(config.ServerList, []string{"/server2"}) { + if config.Prefix != "/prefix_for_test" || !reflect.DeepEqual(config.Transport.ServerList, []string{"/server2"}) { t.Errorf("unexpected config %#v", config) } if !called { @@ -136,8 +136,10 @@ func TestUpdateEtcdOverrides(t *testing.T) { defaultEtcdLocation := []string{"http://127.0.0.1"} for i, test := range testCases { defaultConfig := storagebackend.Config{ - Prefix: "/registry", - ServerList: defaultEtcdLocation, + Prefix: "/registry", + Transport: storagebackend.TransportConfig{ + ServerList: defaultEtcdLocation, + }, } storageFactory := NewDefaultStorageFactory(defaultConfig, "", codecs, NewDefaultResourceEncodingConfig(scheme), NewResourceConfig(), nil) storageFactory.SetEtcdLocation(test.resource, test.servers) @@ -148,8 +150,8 @@ func TestUpdateEtcdOverrides(t *testing.T) { t.Errorf("%d: unexpected error %v", i, err) continue } - if !reflect.DeepEqual(config.ServerList, test.servers) { - t.Errorf("%d: expected %v, got %v", i, test.servers, config.ServerList) + if !reflect.DeepEqual(config.Transport.ServerList, test.servers) { + t.Errorf("%d: expected %v, got %v", i, test.servers, config.Transport.ServerList) continue } @@ -158,8 +160,8 @@ func TestUpdateEtcdOverrides(t *testing.T) { t.Errorf("%d: unexpected error %v", i, err) continue } - if !reflect.DeepEqual(config.ServerList, defaultEtcdLocation) { - t.Errorf("%d: expected %v, got %v", i, defaultEtcdLocation, config.ServerList) + if !reflect.DeepEqual(config.Transport.ServerList, defaultEtcdLocation) { + t.Errorf("%d: expected %v, got %v", i, defaultEtcdLocation, config.Transport.ServerList) continue } diff --git a/pkg/storage/etcd/testing/utils.go b/pkg/storage/etcd/testing/utils.go index 493abaa2f..77a6db452 100644 --- a/pkg/storage/etcd/testing/utils.go +++ b/pkg/storage/etcd/testing/utils.go @@ -293,10 +293,12 @@ func NewUnsecuredEtcd3TestClientServer(t *testing.T) (*EtcdTestServer, *storageb } server.V3Client = server.v3Cluster.RandClient() config := &storagebackend.Config{ - Type: "etcd3", - Prefix: etcdtest.PathPrefix(), - ServerList: server.V3Client.Endpoints(), - Paging: true, + Type: "etcd3", + Prefix: etcdtest.PathPrefix(), + Transport: storagebackend.TransportConfig{ + ServerList: server.V3Client.Endpoints(), + }, + Paging: true, } return server, config } diff --git a/pkg/storage/storagebackend/config.go b/pkg/storage/storagebackend/config.go index f18ac76dd..c36a10394 100644 --- a/pkg/storage/storagebackend/config.go +++ b/pkg/storage/storagebackend/config.go @@ -30,18 +30,26 @@ const ( DefaultCompactInterval = 5 * time.Minute ) -// Config is configuration for creating a storage backend. -type Config struct { - // Type defines the type of storage backend. Default ("") is "etcd3". - Type string - // Prefix is the prefix to all keys passed to storage.Interface methods. - Prefix string +// TransportConfig holds all connection related info, i.e. equal TransportConfig means equal servers we talk to. +type TransportConfig struct { // ServerList is the list of storage servers to connect with. ServerList []string // TLS credentials KeyFile string CertFile string CAFile string +} + +// Config is configuration for creating a storage backend. +type Config struct { + // Type defines the type of storage backend. Default ("") is "etcd3". + Type string + // Prefix is the prefix to all keys passed to storage.Interface methods. + Prefix string + // Transport holds all connection related info, i.e. equal TransportConfig means equal servers we talk to. + Transport TransportConfig + // Quorum indicates that whether read operations should be quorum-level consistent. + Quorum bool // Paging indicates whether the server implementation should allow paging (if it is // supported). This is generally configured by feature gating, or by a specific // resource type not wishing to allow paging, and is not intended for end users to @@ -55,7 +63,6 @@ type Config struct { // CompactionInterval is an interval of requesting compaction from apiserver. // If the value is 0, no compaction will be issued. CompactionInterval time.Duration - // CountMetricPollPeriod specifies how often should count metric be updated CountMetricPollPeriod time.Duration } diff --git a/pkg/storage/storagebackend/factory/etcd3.go b/pkg/storage/storagebackend/factory/etcd3.go index e18fe9acd..a41f09de1 100644 --- a/pkg/storage/storagebackend/factory/etcd3.go +++ b/pkg/storage/storagebackend/factory/etcd3.go @@ -54,7 +54,7 @@ func newETCD3HealthCheck(c storagebackend.Config) (func() error, error) { clientErrMsg.Store("etcd client connection not yet established") go wait.PollUntil(time.Second, func() (bool, error) { - client, err := newETCD3Client(c) + client, err := newETCD3Client(c.Transport) if err != nil { clientErrMsg.Store(err.Error()) return false, nil @@ -78,7 +78,7 @@ func newETCD3HealthCheck(c storagebackend.Config) (func() error, error) { }, nil } -func newETCD3Client(c storagebackend.Config) (*clientv3.Client, error) { +func newETCD3Client(c storagebackend.TransportConfig) (*clientv3.Client, error) { tlsInfo := transport.TLSInfo{ CertFile: c.CertFile, KeyFile: c.KeyFile, @@ -109,7 +109,7 @@ func newETCD3Client(c storagebackend.Config) (*clientv3.Client, error) { } func newETCD3Storage(c storagebackend.Config) (storage.Interface, DestroyFunc, error) { - client, err := newETCD3Client(c) + client, err := newETCD3Client(c.Transport) if err != nil { return nil, nil, err } diff --git a/pkg/storage/storagebackend/factory/tls_test.go b/pkg/storage/storagebackend/factory/tls_test.go index 9286c7bc2..0646de89b 100644 --- a/pkg/storage/storagebackend/factory/tls_test.go +++ b/pkg/storage/storagebackend/factory/tls_test.go @@ -66,12 +66,14 @@ func TestTLSConnection(t *testing.T) { defer cluster.Terminate(t) cfg := storagebackend.Config{ - Type: storagebackend.StorageTypeETCD3, - ServerList: []string{cluster.Members[0].GRPCAddr()}, - CertFile: certFile, - KeyFile: keyFile, - CAFile: caFile, - Codec: codec, + Type: storagebackend.StorageTypeETCD3, + Transport: storagebackend.TransportConfig{ + ServerList: []string{cluster.Members[0].GRPCAddr()}, + CertFile: certFile, + KeyFile: keyFile, + CAFile: caFile, + }, + Codec: codec, } storage, destroyFunc, err := newETCD3Storage(cfg) defer destroyFunc()