Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 036b11c

Browse files
p0lyn0mialsoltysh
p0lyn0mial
authored and
soltysh
committed
UPSTREAM: <carry>: allows for switching KCM to talk to Kube API over localhost
to force KCM to use localhost set the following flag in kubecontrollermanager (oc edit kubecontrollermanager cluster) unsupportedConfigOverrides: extendedArguments: unsupported-kube-api-over-localhost: - "true" openshift-rebase(v1.24):source=0ac43f622c4 openshift-rebase(v1.24):source=0ac43f622c4 openshift-rebase(v1.24):source=0ac43f622c4
1 parent 4d74b77 commit 036b11c

File tree

4 files changed

+87
-1
lines changed

4 files changed

+87
-1
lines changed

cmd/kube-controller-manager/app/config/patch.go

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,18 @@
11
package config
22

3+
import (
4+
"k8s.io/client-go/transport"
5+
6+
"github.com/openshift/library-go/pkg/monitor/health"
7+
)
8+
39
// OpenShiftContext is additional context that we need to launch the kube-controller-manager for openshift.
410
// Basically, this holds our additional config information.
511
type OpenShiftContext struct {
612
OpenShiftConfig string
713
OpenShiftDefaultProjectNodeSelector string
814
KubeDefaultProjectNodeSelector string
15+
UnsupportedKubeAPIOverPreferredHost bool
16+
PreferredHostRoundTripperWrapperFn transport.WrapperFunc
17+
PreferredHostHealthMonitor *health.Prober
918
}

cmd/kube-controller-manager/app/controllermanager.go

Lines changed: 19 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,8 @@ import (
7373
kubectrlmgrconfig "k8s.io/kubernetes/pkg/controller/apis/config"
7474
serviceaccountcontroller "k8s.io/kubernetes/pkg/controller/serviceaccount"
7575
"k8s.io/kubernetes/pkg/serviceaccount"
76+
77+
libgorestclient "github.com/openshift/library-go/pkg/config/client"
7678
)
7779

7880
func init() {
@@ -130,6 +132,11 @@ controller, and serviceaccounts controller.`,
130132
}
131133
cliflag.PrintFlags(cmd.Flags())
132134

135+
if err := SetUpPreferredHostForOpenShift(s); err != nil {
136+
fmt.Fprintf(os.Stderr, "%v\n", err)
137+
os.Exit(1)
138+
}
139+
133140
c, err := s.Config(KnownControllers(), ControllersDisabledByDefault.List())
134141
if err != nil {
135142
return err
@@ -196,6 +203,17 @@ func Run(c *config.CompletedConfig, stopCh <-chan struct{}) error {
196203
klog.Errorf("unable to register configz: %v", err)
197204
}
198205

206+
// start the localhost health monitor early so that it can be used by the LE client
207+
if c.OpenShiftContext.PreferredHostHealthMonitor != nil {
208+
hmCtx, cancel := context.WithCancel(context.Background())
209+
defer cancel()
210+
go func() {
211+
<-stopCh
212+
cancel()
213+
}()
214+
go c.OpenShiftContext.PreferredHostHealthMonitor.Run(hmCtx)
215+
}
216+
199217
// Setup any healthz checks we will want to use.
200218
var checks []healthz.HealthChecker
201219
var electionChecker *leaderelection.HealthzAdaptor
@@ -717,7 +735,7 @@ func createClientBuilders(c *config.CompletedConfig) (clientBuilder clientbuilde
717735
}
718736

719737
clientBuilder = clientbuilder.NewDynamicClientBuilder(
720-
restclient.AnonymousClientConfig(c.Kubeconfig),
738+
libgorestclient.AnonymousClientConfigWithWrapTransport(c.Kubeconfig),
721739
c.Client.CoreV1(),
722740
metav1.NamespaceSystem)
723741
} else {

cmd/kube-controller-manager/app/options/options.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,8 @@ import (
4747

4848
// add the kubernetes feature gates
4949
_ "k8s.io/kubernetes/pkg/features"
50+
51+
libgorestclient "github.com/openshift/library-go/pkg/config/client"
5052
)
5153

5254
const (
@@ -267,6 +269,7 @@ func (s *KubeControllerManagerOptions) Flags(allControllers []string, disabledBy
267269
fs.StringVar(&dummy, "insecure-experimental-approve-all-kubelet-csrs-for-group", "", "This flag does nothing.")
268270
fs.StringVar(&s.OpenShiftContext.OpenShiftConfig, "openshift-config", s.OpenShiftContext.OpenShiftConfig, "indicates that this process should be compatible with openshift start master")
269271
fs.MarkHidden("openshift-config")
272+
fs.BoolVar(&s.OpenShiftContext.UnsupportedKubeAPIOverPreferredHost, "unsupported-kube-api-over-localhost", false, "when set makes KCM prefer talking to localhost kube-apiserver (when available) instead of LB")
270273
utilfeature.DefaultMutableFeatureGate.AddFlag(fss.FlagSet("generic"))
271274

272275
return fss
@@ -433,6 +436,11 @@ func (s KubeControllerManagerOptions) Config(allControllers []string, disabledBy
433436
kubeconfig.QPS = s.Generic.ClientConnection.QPS
434437
kubeconfig.Burst = int(s.Generic.ClientConnection.Burst)
435438

439+
if s.OpenShiftContext.PreferredHostRoundTripperWrapperFn != nil {
440+
libgorestclient.DefaultServerName(kubeconfig)
441+
kubeconfig.Wrap(s.OpenShiftContext.PreferredHostRoundTripperWrapperFn)
442+
}
443+
436444
client, err := clientset.NewForConfig(restclient.AddUserAgent(kubeconfig, KubeControllerManagerUserAgent))
437445
if err != nil {
438446
return nil, err

cmd/kube-controller-manager/app/patch.go

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,62 @@
11
package app
22

33
import (
4+
"fmt"
45
"io/ioutil"
56
"path"
7+
"time"
68

79
"k8s.io/apimachinery/pkg/util/json"
810
kyaml "k8s.io/apimachinery/pkg/util/yaml"
911
"k8s.io/client-go/informers"
12+
"k8s.io/client-go/rest"
13+
"k8s.io/client-go/tools/clientcmd"
14+
"k8s.io/component-base/metrics/legacyregistry"
1015
"k8s.io/kubernetes/cmd/kube-controller-manager/app/config"
1116
"k8s.io/kubernetes/cmd/kube-controller-manager/app/options"
17+
18+
libgorestclient "github.com/openshift/library-go/pkg/config/client"
19+
"github.com/openshift/library-go/pkg/monitor/health"
1220
)
1321

1422
var InformerFactoryOverride informers.SharedInformerFactory
1523

24+
func SetUpPreferredHostForOpenShift(controllerManagerOptions *options.KubeControllerManagerOptions) error {
25+
if !controllerManagerOptions.OpenShiftContext.UnsupportedKubeAPIOverPreferredHost {
26+
return nil
27+
}
28+
29+
config, err := clientcmd.BuildConfigFromFlags(controllerManagerOptions.Master, controllerManagerOptions.Kubeconfig)
30+
if err != nil {
31+
return err
32+
}
33+
libgorestclient.DefaultServerName(config)
34+
35+
targetProvider := health.StaticTargetProvider{"localhost:6443"}
36+
controllerManagerOptions.OpenShiftContext.PreferredHostHealthMonitor, err = health.New(targetProvider, createRestConfigForHealthMonitor(config))
37+
if err != nil {
38+
return err
39+
}
40+
controllerManagerOptions.OpenShiftContext.PreferredHostHealthMonitor.
41+
WithHealthyProbesThreshold(3).
42+
WithUnHealthyProbesThreshold(5).
43+
WithProbeInterval(5 * time.Second).
44+
WithProbeResponseTimeout(2 * time.Second).
45+
WithMetrics(health.Register(legacyregistry.MustRegister))
46+
47+
controllerManagerOptions.OpenShiftContext.PreferredHostRoundTripperWrapperFn = libgorestclient.NewPreferredHostRoundTripper(func() string {
48+
healthyTargets, _ := controllerManagerOptions.OpenShiftContext.PreferredHostHealthMonitor.Targets()
49+
if len(healthyTargets) == 1 {
50+
return healthyTargets[0]
51+
}
52+
return ""
53+
})
54+
55+
controllerManagerOptions.Authentication.WithCustomRoundTripper(controllerManagerOptions.OpenShiftContext.PreferredHostRoundTripperWrapperFn)
56+
controllerManagerOptions.Authorization.WithCustomRoundTripper(controllerManagerOptions.OpenShiftContext.PreferredHostRoundTripperWrapperFn)
57+
return nil
58+
}
59+
1660
func ShimForOpenShift(controllerManagerOptions *options.KubeControllerManagerOptions, controllerManager *config.Config) error {
1761
if len(controllerManager.OpenShiftContext.OpenShiftConfig) == 0 {
1862
return nil
@@ -82,3 +126,10 @@ func applyOpenShiftConfigDefaultProjectSelector(controllerManagerOptions *option
82126

83127
return nil
84128
}
129+
130+
func createRestConfigForHealthMonitor(restConfig *rest.Config) *rest.Config {
131+
restConfigCopy := *restConfig
132+
rest.AddUserAgent(&restConfigCopy, fmt.Sprintf("%s-health-monitor", options.KubeControllerManagerUserAgent))
133+
134+
return &restConfigCopy
135+
}

0 commit comments

Comments
 (0)