mirror of https://github.com/k3s-io/k3s
Clayton Coleman
commit
41f0929384
|
|
@ -197,7 +197,6 @@ func main() {
|
|||
}
|
||||
|
||||
n := net.IPNet(portalNet)
|
||||
mux := http.NewServeMux()
|
||||
config := &master.Config{
|
||||
Client: client,
|
||||
Cloud: cloud,
|
||||
|
|
@ -215,7 +214,6 @@ func main() {
|
|||
},
|
||||
},
|
||||
PortalNet: &n,
|
||||
Mux: mux,
|
||||
EnableLogsSupport: *enableLogsSupport,
|
||||
EnableUISupport: true,
|
||||
APIPrefix: *apiPrefix,
|
||||
|
|
|
|||
|
|
@ -137,14 +137,12 @@ func startComponents(manifestURL string) (apiServerURL string) {
|
|||
if err != nil {
|
||||
glog.Fatalf("Nonnumeric port? %v", err)
|
||||
}
|
||||
mux := http.NewServeMux()
|
||||
// Create a master and install handlers into mux.
|
||||
master.New(&master.Config{
|
||||
m := master.New(&master.Config{
|
||||
Client: cl,
|
||||
EtcdHelper: helper,
|
||||
Minions: machineList,
|
||||
KubeletClient: fakeKubeletClient{},
|
||||
Mux: mux,
|
||||
EnableLogsSupport: false,
|
||||
APIPrefix: "/api",
|
||||
|
||||
|
|
@ -152,7 +150,7 @@ func startComponents(manifestURL string) (apiServerURL string) {
|
|||
ReadOnlyPort: portNumber,
|
||||
PublicAddress: host,
|
||||
})
|
||||
handler.delegate = mux
|
||||
handler.delegate = m.Handler
|
||||
|
||||
// Scheduler
|
||||
schedulerConfigFactory := &factory.ConfigFactory{cl}
|
||||
|
|
|
|||
|
|
@ -180,7 +180,28 @@ func setDefaults(c *Config) {
|
|||
}
|
||||
}
|
||||
|
||||
// New returns a new instance of Master connected to the given etcd server.
|
||||
// New returns a new instance of Master from the given config.
|
||||
// Certain config fields will be set to a default value if unset,
|
||||
// including:
|
||||
// PortalNet
|
||||
// MasterCount
|
||||
// ReadOnlyPort
|
||||
// ReadWritePort
|
||||
// PublicAddress
|
||||
// Certain config fields must be specified, including:
|
||||
// KubeletClient
|
||||
// Public fields:
|
||||
// Handler -- The returned master has a field TopHandler which is an
|
||||
// http.Handler which handles all the endpoints provided by the master,
|
||||
// including the API, the UI, and miscelaneous debugging endpoints. All
|
||||
// these are subject to authorization and authentication.
|
||||
// Public methods:
|
||||
// HandleWithAuth -- Allows caller to add an http.Handler for an endpoint
|
||||
// that uses the same authentication and authorization (if any is configured)
|
||||
// as the master's built-in endpoints.
|
||||
// If the caller wants to add additional endpoints not using the master's
|
||||
// auth, then the caller should create a handler for those endpoints, which delegates the
|
||||
// any unhandled paths to "Handler".
|
||||
func New(c *Config) *Master {
|
||||
setDefaults(c)
|
||||
minionRegistry := makeMinionRegistry(c)
|
||||
|
|
@ -198,7 +219,7 @@ func New(c *Config) *Master {
|
|||
minionRegistry: minionRegistry,
|
||||
client: c.Client,
|
||||
portalNet: c.PortalNet,
|
||||
mux: c.Mux,
|
||||
mux: http.NewServeMux(),
|
||||
enableLogsSupport: c.EnableLogsSupport,
|
||||
enableUISupport: c.EnableUISupport,
|
||||
apiPrefix: c.APIPrefix,
|
||||
|
|
@ -213,6 +234,24 @@ func New(c *Config) *Master {
|
|||
return m
|
||||
}
|
||||
|
||||
// HandleWithAuth adds an http.Handler for pattern to an http.ServeMux
|
||||
// Applies the same authentication and authorization (if any is configured)
|
||||
// to the request is used for the master's built-in endpoints.
|
||||
func (m *Master) HandleWithAuth(pattern string, handler http.Handler) {
|
||||
// TODO: Add a way for plugged-in endpoints to translate their
|
||||
// URLs into attributes that an Authorizer can understand, and have
|
||||
// sensible policy defaults for plugged-in endpoints. This will be different
|
||||
// for generic endpoints versus REST object endpoints.
|
||||
m.mux.Handle(pattern, handler)
|
||||
}
|
||||
|
||||
// HandleFuncWithAuth adds an http.Handler for pattern to an http.ServeMux
|
||||
// Applies the same authentication and authorization (if any is configured)
|
||||
// to the request is used for the master's built-in endpoints.
|
||||
func (m *Master) HandleFuncWithAuth(pattern string, handler func(http.ResponseWriter, *http.Request)) {
|
||||
m.mux.HandleFunc(pattern, handler)
|
||||
}
|
||||
|
||||
func makeMinionRegistry(c *Config) minion.Registry {
|
||||
var minionRegistry minion.Registry = etcd.NewRegistry(c.EtcdHelper, nil)
|
||||
if c.HealthCheckMinions {
|
||||
|
|
|
|||
|
|
@ -63,18 +63,16 @@ xyz987,bob,2
|
|||
if err != nil {
|
||||
t.Fatalf("unexpected error: %v", err)
|
||||
}
|
||||
mux := http.NewServeMux()
|
||||
|
||||
master.New(&master.Config{
|
||||
m := master.New(&master.Config{
|
||||
EtcdHelper: helper,
|
||||
Mux: mux,
|
||||
EnableLogsSupport: false,
|
||||
EnableUISupport: false,
|
||||
APIPrefix: "/api",
|
||||
TokenAuthFile: f.Name(),
|
||||
})
|
||||
|
||||
s := httptest.NewServer(mux)
|
||||
s := httptest.NewServer(m.Handler)
|
||||
defer s.Close()
|
||||
|
||||
// TODO: also test TLS, using e.g NewUnsafeTLSTransport() and NewClientCertTLSTransport() (see pkg/client/helper.go)
|
||||
|
|
@ -84,10 +82,11 @@ xyz987,bob,2
|
|||
name string
|
||||
token string
|
||||
expected string
|
||||
succeeds bool
|
||||
}{
|
||||
{"Valid token", "abc123", "AUTHENTICATED AS alice"},
|
||||
{"Unknown token", "456jkl", "NOT AUTHENTICATED"},
|
||||
{"Empty token", "", "NOT AUTHENTICATED"},
|
||||
{"Valid token", "abc123", "AUTHENTICATED AS alice", true},
|
||||
{"Unknown token", "456jkl", "", false},
|
||||
{"No token", "", "", false},
|
||||
}
|
||||
for _, tc := range testCases {
|
||||
req, err := http.NewRequest("GET", s.URL+"/_whoami", nil)
|
||||
|
|
@ -101,14 +100,21 @@ xyz987,bob,2
|
|||
t.Fatalf("unexpected error: %v", err)
|
||||
}
|
||||
|
||||
body, err := ioutil.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
t.Fatalf("unexpected error: %v", err)
|
||||
}
|
||||
if tc.succeeds {
|
||||
body, err := ioutil.ReadAll(resp.Body)
|
||||
if err != nil {
|
||||
t.Fatalf("unexpected error: %v", err)
|
||||
}
|
||||
|
||||
actual := string(body)
|
||||
if tc.expected != actual {
|
||||
t.Errorf("case: %s expected: %v got: %v", tc.name, tc.expected, actual)
|
||||
}
|
||||
} else {
|
||||
if resp.StatusCode != http.StatusUnauthorized {
|
||||
t.Errorf("case: %s expected Unauthorized, got: %v", tc.name, resp.StatusCode)
|
||||
}
|
||||
|
||||
actual := string(body)
|
||||
if tc.expected != actual {
|
||||
t.Errorf("case: %s expected: %v got: %v", tc.name, tc.expected, actual)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,7 +19,6 @@ limitations under the License.
|
|||
package integration
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"reflect"
|
||||
"testing"
|
||||
|
|
@ -40,17 +39,14 @@ func TestClient(t *testing.T) {
|
|||
if err != nil {
|
||||
t.Fatalf("unexpected error: %v", err)
|
||||
}
|
||||
mux := http.NewServeMux()
|
||||
|
||||
master.New(&master.Config{
|
||||
m := master.New(&master.Config{
|
||||
EtcdHelper: helper,
|
||||
Mux: mux,
|
||||
EnableLogsSupport: false,
|
||||
EnableUISupport: false,
|
||||
APIPrefix: "/api",
|
||||
})
|
||||
|
||||
s := httptest.NewServer(mux)
|
||||
s := httptest.NewServer(m.Handler)
|
||||
|
||||
testCases := []string{
|
||||
"v1beta1",
|
||||
|
|
|
|||
Loading…
Reference in New Issue