github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #53477 from caesarxuchao/genenic-initializer 

Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Move initializer plugin to the generic apiserver

* Moves `k8s.io/kuberentes/plugin/pkg/admission/initialization` to `k8s.io/apiserver/pkg/admission/plugin/initialization`
* Moves `k8s.io/kubernetes/pkg/kubeapiserver/admission/configuration` to `k8s.io/apiserver/pkg/admission/configuration`
* The initializer plugin used to depend on `k8s.io/kubernetes` because it does a type assertion of `api.Pod`. It tries to skip mirror pod. I converted that code to use the generic accessor pattern.
pull/6/head
Kubernetes Submit Queue 2017-10-10 09:46:00 -07:00 committed by GitHub
parent 73d1b38604 bbac32c299
commit 6154a9e16c
29 changed files with 57 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cmd/kube-apiserver/app/options/BUILD
View File

@ -31,7 +31,6 @@ go_library(
"//plugin/pkg/admission/exec:go_default_library",
"//plugin/pkg/admission/gc:go_default_library",
"//plugin/pkg/admission/imagepolicy:go_default_library",
"//plugin/pkg/admission/initialization:go_default_library",
"//plugin/pkg/admission/initialresources:go_default_library",
"//plugin/pkg/admission/limitranger:go_default_library",
"//plugin/pkg/admission/namespace/autoprovision:go_default_library",

3
cmd/kube-apiserver/app/options/options_test.go
View File

@ -103,7 +103,8 @@ func TestAddFlags(t *testing.T) {
MinRequestTimeout: 1800,
},
Admission: &apiserveroptions.AdmissionOptions{
RecommendedPluginOrder: []string{"NamespaceLifecycle"},
RecommendedPluginOrder: []string{"NamespaceLifecycle", "Initializers"},
DefaultOffPlugins: []string{"Initializers"},
PluginNames: []string{"AlwaysDeny"},
ConfigFile: "/admission-control-config",
Plugins: s.Admission.Plugins,

2
cmd/kube-apiserver/app/options/plugins.go
View File

@ -34,7 +34,6 @@ import (
"k8s.io/kubernetes/plugin/pkg/admission/exec"
"k8s.io/kubernetes/plugin/pkg/admission/gc"
"k8s.io/kubernetes/plugin/pkg/admission/imagepolicy"
"k8s.io/kubernetes/plugin/pkg/admission/initialization"
"k8s.io/kubernetes/plugin/pkg/admission/initialresources"
"k8s.io/kubernetes/plugin/pkg/admission/limitranger"
"k8s.io/kubernetes/plugin/pkg/admission/namespace/autoprovision"
@ -65,7 +64,6 @@ func RegisterAllAdmissionPlugins(plugins *admission.Plugins) {
exec.Register(plugins)
gc.Register(plugins)
imagepolicy.Register(plugins)
initialization.Register(plugins)
initialresources.Register(plugins)
limitranger.Register(plugins)
autoprovision.Register(plugins)

1
federation/cmd/federation-apiserver/app/BUILD
View File

@ -61,7 +61,6 @@ go_library(
"//plugin/pkg/admission/admit:go_default_library",
"//plugin/pkg/admission/deny:go_default_library",
"//plugin/pkg/admission/gc:go_default_library",
"//plugin/pkg/admission/initialization:go_default_library",
"//vendor/github.com/go-openapi/spec:go_default_library",
"//vendor/github.com/golang/glog:go_default_library",
"//vendor/github.com/spf13/cobra:go_default_library",

2
federation/cmd/federation-apiserver/app/plugins.go
View File

@ -29,7 +29,6 @@ import (
"k8s.io/kubernetes/plugin/pkg/admission/admit"
"k8s.io/kubernetes/plugin/pkg/admission/deny"
"k8s.io/kubernetes/plugin/pkg/admission/gc"
"k8s.io/kubernetes/plugin/pkg/admission/initialization"
)
// RegisterAllAdmissionPlugins registers all admission plugins
@ -37,6 +36,5 @@ func RegisterAllAdmissionPlugins(plugins *admission.Plugins) {
admit.Register(plugins)
deny.Register(plugins)
gc.Register(plugins)
initialization.Register(plugins)
schedulingpolicy.Register(plugins)
}

4
hack/.golint_failures
View File

@ -183,7 +183,6 @@ pkg/credentialprovider/rancher
pkg/features
pkg/kubeapiserver
pkg/kubeapiserver/admission
pkg/kubeapiserver/admission/configuration
pkg/kubeapiserver/authenticator
pkg/kubeapiserver/authorizer
pkg/kubeapiserver/authorizer/modes
@ -450,7 +449,6 @@ plugin/cmd/kube-scheduler/app
plugin/pkg/admission/antiaffinity
plugin/pkg/admission/eventratelimit/apis/eventratelimit
plugin/pkg/admission/eventratelimit/apis/eventratelimit/v1alpha1
plugin/pkg/admission/initialization
plugin/pkg/admission/initialresources
plugin/pkg/admission/limitranger
plugin/pkg/admission/noderestriction
@ -586,6 +584,8 @@ staging/src/k8s.io/apimachinery/pkg/util/validation
staging/src/k8s.io/apimachinery/pkg/util/wait
staging/src/k8s.io/apimachinery/pkg/util/yaml
staging/src/k8s.io/apiserver/pkg/admission
staging/src/k8s.io/apiserver/pkg/admission/configuration
staging/src/k8s.io/apiserver/pkg/admission/plugin/initialization
staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle
staging/src/k8s.io/apiserver/pkg/apis/apiserver
staging/src/k8s.io/apiserver/pkg/apis/apiserver/v1alpha1

1
pkg/kubeapiserver/admission/BUILD
View File

@ -38,7 +38,6 @@ filegroup(
name = "all-srcs",
srcs = [
":package-srcs",
"//pkg/kubeapiserver/admission/configuration:all-srcs",
"//pkg/kubeapiserver/admission/util:all-srcs",
],
tags = ["automanaged"],

1
plugin/BUILD
View File

@ -21,7 +21,6 @@ filegroup(
"//plugin/pkg/admission/exec:all-srcs",
"//plugin/pkg/admission/gc:all-srcs",
"//plugin/pkg/admission/imagepolicy:all-srcs",
"//plugin/pkg/admission/initialization:all-srcs",
"//plugin/pkg/admission/initialresources:all-srcs",
"//plugin/pkg/admission/limitranger:all-srcs",
"//plugin/pkg/admission/namespace/autoprovision:all-srcs",

2
plugin/pkg/admission/webhook/BUILD
View File

@ -14,7 +14,6 @@ go_library(
"//pkg/api:go_default_library",
"//pkg/apis/admission/install:go_default_library",
"//pkg/kubeapiserver/admission:go_default_library",
"//pkg/kubeapiserver/admission/configuration:go_default_library",
"//vendor/github.com/golang/glog:go_default_library",
"//vendor/k8s.io/api/admission/v1alpha1:go_default_library",
"//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
@ -27,6 +26,7 @@ go_library(
"//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission/configuration:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission/initializer:go_default_library",
"//vendor/k8s.io/client-go/kubernetes:go_default_library",
"//vendor/k8s.io/client-go/rest:go_default_library",

2
plugin/pkg/admission/webhook/admission.go
View File

@ -38,12 +38,12 @@ import (
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
"k8s.io/apimachinery/pkg/util/wait"
"k8s.io/apiserver/pkg/admission"
"k8s.io/apiserver/pkg/admission/configuration"
genericadmissioninit "k8s.io/apiserver/pkg/admission/initializer"
clientset "k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
"k8s.io/kubernetes/pkg/api"
admissioninit "k8s.io/kubernetes/pkg/kubeapiserver/admission"
"k8s.io/kubernetes/pkg/kubeapiserver/admission/configuration"
// install the clientgo admission API for use with api registry
_ "k8s.io/kubernetes/pkg/apis/admission/install"

8
staging/src/k8s.io/apiextensions-apiserver/Godeps/Godeps.json generated
View File

@ -846,10 +846,18 @@
"ImportPath": "k8s.io/apiserver/pkg/admission",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/configuration",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/initializer",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/plugin/initialization",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

2
staging/src/k8s.io/apiserver/pkg/admission/BUILD
View File

@ -62,7 +62,9 @@ filegroup(
name = "all-srcs",
srcs = [
":package-srcs",
"//staging/src/k8s.io/apiserver/pkg/admission/configuration:all-srcs",
"//staging/src/k8s.io/apiserver/pkg/admission/initializer:all-srcs",
"//staging/src/k8s.io/apiserver/pkg/admission/plugin/initialization:all-srcs",
"//staging/src/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle:all-srcs",
],
tags = ["automanaged"],

0
pkg/kubeapiserver/admission/configuration/BUILD → staging/src/k8s.io/apiserver/pkg/admission/configuration/BUILD
View File

0
pkg/kubeapiserver/admission/configuration/configuration_manager.go → staging/src/k8s.io/apiserver/pkg/admission/configuration/configuration_manager.go
View File

0
pkg/kubeapiserver/admission/configuration/configuration_manager_test.go → staging/src/k8s.io/apiserver/pkg/admission/configuration/configuration_manager_test.go
View File

0
pkg/kubeapiserver/admission/configuration/external_admission_hook_manager.go → staging/src/k8s.io/apiserver/pkg/admission/configuration/external_admission_hook_manager.go
View File

0
pkg/kubeapiserver/admission/configuration/external_admission_hook_manager_test.go → staging/src/k8s.io/apiserver/pkg/admission/configuration/external_admission_hook_manager_test.go
View File

0
pkg/kubeapiserver/admission/configuration/initializer_manager.go → staging/src/k8s.io/apiserver/pkg/admission/configuration/initializer_manager.go
View File

0
pkg/kubeapiserver/admission/configuration/initializer_manager_test.go → staging/src/k8s.io/apiserver/pkg/admission/configuration/initializer_manager_test.go
View File

4
plugin/pkg/admission/initialization/BUILD → staging/src/k8s.io/apiserver/pkg/admission/plugin/initialization/BUILD
View File

@ -10,10 +10,9 @@ go_library(
name = "go_default_library",
srcs = ["initialization.go"],
deps = [
"//pkg/api:go_default_library",
"//pkg/kubeapiserver/admission/configuration:go_default_library",
"//vendor/github.com/golang/glog:go_default_library",
"//vendor/k8s.io/api/admissionregistration/v1alpha1:go_default_library",
"//vendor/k8s.io/api/core/v1:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/api/validation:go_default_library",
@ -22,6 +21,7 @@ go_library(
"//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission/configuration:go_default_library",
"//vendor/k8s.io/apiserver/pkg/authorization/authorizer:go_default_library",
"//vendor/k8s.io/apiserver/pkg/features:go_default_library",
"//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",

20
plugin/pkg/admission/initialization/initialization.go → staging/src/k8s.io/apiserver/pkg/admission/plugin/initialization/initialization.go
View File

@ -24,6 +24,7 @@ import (
"github.com/golang/glog"
"k8s.io/api/admissionregistration/v1alpha1"
"k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/api/meta"
"k8s.io/apimachinery/pkg/api/validation"
@ -32,17 +33,21 @@ import (
"k8s.io/apimachinery/pkg/util/validation/field"
"k8s.io/apimachinery/pkg/util/wait"
"k8s.io/apiserver/pkg/admission"
"k8s.io/apiserver/pkg/admission/configuration"
"k8s.io/apiserver/pkg/authorization/authorizer"
"k8s.io/apiserver/pkg/features"
utilfeature "k8s.io/apiserver/pkg/util/feature"
clientset "k8s.io/client-go/kubernetes"
"k8s.io/kubernetes/pkg/api"
"k8s.io/kubernetes/pkg/kubeapiserver/admission/configuration"
)
const (
// Name of admission plug-in
PluginName = "Initializers"
)
// Register registers a plugin
func Register(plugins *admission.Plugins) {
plugins.Register("Initializers", func(config io.Reader) (admission.Interface, error) {
plugins.Register(PluginName, func(config io.Reader) (admission.Interface, error) {
return NewInitializer(), nil
})
}
@ -183,8 +188,13 @@ func (i *initializer) Admit(a admission.Attributes) (err error) {
// Mirror pods are exempt from initialization because they are created and initialized
// on the Kubelet before they appear in the API.
// TODO: once this moves to REST storage layer, this becomes a pod specific concern
if pod, ok := a.GetObject().(*api.Pod); ok && pod != nil {
if _, isMirror := pod.Annotations[api.MirrorPodAnnotationKey]; isMirror {
if a.GetKind().GroupKind() == v1.SchemeGroupVersion.WithKind("Pod").GroupKind() {
accessor, err := meta.Accessor(a.GetObject())
if err != nil {
return err
}
annotations := accessor.GetAnnotations()
if _, isMirror := annotations[v1.MirrorPodAnnotationKey]; isMirror {
return nil
}
}

0
plugin/pkg/admission/initialization/initialization_test.go → staging/src/k8s.io/apiserver/pkg/admission/plugin/initialization/initialization_test.go
View File

1
staging/src/k8s.io/apiserver/pkg/server/BUILD
View File

@ -80,6 +80,7 @@ go_library(
"//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/version:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission/plugin/initialization:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle:go_default_library",
"//vendor/k8s.io/apiserver/pkg/apis/apiserver/install:go_default_library",
"//vendor/k8s.io/apiserver/pkg/audit:go_default_library",

1
staging/src/k8s.io/apiserver/pkg/server/options/BUILD
View File

@ -29,6 +29,7 @@ go_library(
"//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission/initializer:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission/plugin/initialization:go_default_library",
"//vendor/k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle:go_default_library",
"//vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1:go_default_library",
"//vendor/k8s.io/apiserver/pkg/audit:go_default_library",

4
staging/src/k8s.io/apiserver/pkg/server/options/admission.go
View File

@ -23,6 +23,7 @@ import (
"github.com/spf13/pflag"
"k8s.io/apiserver/pkg/admission"
"k8s.io/apiserver/pkg/admission/initializer"
"k8s.io/apiserver/pkg/admission/plugin/initialization"
"k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle"
"k8s.io/apiserver/pkg/server"
"k8s.io/client-go/informers"
@ -53,7 +54,8 @@ func NewAdmissionOptions() *AdmissionOptions {
options := &AdmissionOptions{
Plugins: &admission.Plugins{},
PluginNames: []string{},
RecommendedPluginOrder: []string{lifecycle.PluginName},
RecommendedPluginOrder: []string{lifecycle.PluginName, initialization.PluginName},
DefaultOffPlugins: []string{initialization.PluginName},
}
server.RegisterAllAdmissionPlugins(options.Plugins)
return options

2
staging/src/k8s.io/apiserver/pkg/server/options/admission_test.go
View File

@ -56,7 +56,7 @@ func TestEnabledPluginNamesMethod(t *testing.T) {
actualPluginNames := target.enabledPluginNames()
if len(actualPluginNames) != len(scenario.expectedPluginNames) {
t.Errorf("incorrect number of items, got %d, expected = %d", len(actualPluginNames), len(scenario.expectedPluginNames))
t.Fatalf("incorrect number of items, got %d, expected = %d", len(actualPluginNames), len(scenario.expectedPluginNames))
}
for i := range actualPluginNames {
if scenario.expectedPluginNames[i] != actualPluginNames[i] {

2
staging/src/k8s.io/apiserver/pkg/server/plugins.go
View File

@ -19,10 +19,12 @@ package server
// This file exists to force the desired plugin implementations to be linked into genericapi pkg.
import (
"k8s.io/apiserver/pkg/admission"
"k8s.io/apiserver/pkg/admission/plugin/initialization"
"k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle"
)
// RegisterAllAdmissionPlugins registers all admission plugins
func RegisterAllAdmissionPlugins(plugins *admission.Plugins) {
lifecycle.Register(plugins)
initialization.Register(plugins)
}

8
staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json generated
View File

@ -814,10 +814,18 @@
"ImportPath": "k8s.io/apiserver/pkg/admission",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/configuration",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/initializer",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/plugin/initialization",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"

8
staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json generated
View File

@ -810,10 +810,18 @@
"ImportPath": "k8s.io/apiserver/pkg/admission",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/configuration",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/initializer",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/plugin/initialization",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
{
"ImportPath": "k8s.io/apiserver/pkg/admission/plugin/namespace/lifecycle",
"Rev": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"