Currently, API server is not aware of the static pods (manifests from
sources other than the API server, e.g. file and http) at all. This is
inconvenient since users cannot check the static pods through kubectl.
It is also sub-optimal because scheduler is unaware of the resource
consumption by these static pods on the node.
This change syncs the information back to the API server by creating a
mirror pod via API server for each static pod.
- Kubelet creates containers for the static pod, as it would do
normally.
- If a mirror pod gets deleted, Kubelet will re-create one. The
containers are sync'd to the static pods, so they will not be
affected.
- If a static pod gets removed from the source (e.g. manifest file
removed from the directory), the orphaned mirror pod will be deleted.
Note that because events are associated with UID, and the mirror pod has
a different UID than the original static pod, the events will not be
shown for the mirror pod when running `kubectl describe pod
<mirror_pod>`.
In order to support graceful deletion, the resource object will
need access to the TTL value in etcd. Also, in the future we
may want to get the creation index (distinct from modifiedindex)
and expose it to clients. Change EtcdResourceVersioner to be
more type specific (objects vs lists) and provide a default
implementation that relies on the internal API convention.
Also, rename etcd_tools.go to etcd_helper.go and split a few
things up.
Previously, this code converted to a string and reparsed back to a
numeric Quantity. Keeping it numeric avoids the overhead, but also
removes a (theoretical) run-time panic if the re-parse failed.
In addition, since Quantity can now store quantities <1, convert
openstack.org/rxTxFactor back to its original ratio, rather than
arbitrarily scaling it up by 1000.
It appears that gophercloud's "AllowReauth" AuthOption doesn't actually
do anything, and the keystone/auth token is never refreshed. Eventually
it expires and all OpenStack calls receive HTTP 401 responses.
This change reauthenticates every time the Instances() or
TCPLoadBalancer() API object is requested. This is more frequently than
required, but exposing token expiry information will require gophercloud
surgery.
Zach Loafman