scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-02 11:18:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

kube-apiserver: split admission initializers into generic and non-generic

Browse Source 
Signed-off-by: Dr. Stefan Schimanski <stefan.schimanski@gmail.com>
This commit is contained in:
Dr. Stefan Schimanski
2024-04-29 22:06:01 +02:00
parent b5fc001bba
commit acbb89d9b9
9 changed files with 215 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
cmd/kube-apiserver/app/server.go
View File

@@ -56,6 +56,7 @@ import (
"k8s.io/klog/v2"
aggregatorapiserver "k8s.io/kube-aggregator/pkg/apiserver"
aggregatorscheme "k8s.io/kube-aggregator/pkg/apiserver/scheme"
controlplaneadmission "k8s.io/kubernetes/pkg/controlplane/apiserver/admission"
"k8s.io/kubernetes/cmd/kube-apiserver/app/options"
"k8s.io/kubernetes/pkg/api/legacyscheme"
@@ -221,9 +222,30 @@ func CreateKubeAPIServerConfig(opts options.CompletedOptions) (
generatedopenapi.GetOpenAPIDefinitions,
)
if err != nil {
return nil, nil, nil, err
return nil, nil, nil, fmt.Errorf("failed to create generic config: %w", err)
}
// generic controlplane admission initializers
controlPlaneAdmissionConfig := &controlplaneadmission.Config{
ExternalInformers: versionedInformers,
LoopbackClientConfig: genericConfig.LoopbackClientConfig,
}
serviceResolver := buildServiceResolver(opts.EnableAggregatorRouting, genericConfig.LoopbackClientConfig.Host, versionedInformers)
pluginInitializers, err := controlPlaneAdmissionConfig.New(proxyTransport, genericConfig.EgressSelector, serviceResolver, genericConfig.TracerProvider)
if err != nil {
return nil, nil, nil, fmt.Errorf("failed to create admission plugin initializer: %w", err)
}
// additional kube admission initializers
kubeAdmissionConfig := &kubeapiserveradmission.Config{
CloudConfigFile: opts.CloudProvider.CloudConfigFile,
}
kubeInitializers, err := kubeAdmissionConfig.New()
if err != nil {
return nil, nil, nil, fmt.Errorf("failed to create admission plugin initializer: %w", err)
}
pluginInitializers = append(pluginInitializers, kubeInitializers...)
capabilities.Setup(opts.AllowPrivileged, opts.MaxConnectionBytesPerSec)
opts.Metrics.Apply()
@@ -298,16 +320,6 @@ func CreateKubeAPIServerConfig(opts options.CompletedOptions) (
}
// setup admission
admissionConfig := &kubeapiserveradmission.Config{
ExternalInformers: versionedInformers,
LoopbackClientConfig: genericConfig.LoopbackClientConfig,
CloudConfigFile: opts.CloudProvider.CloudConfigFile,
}
serviceResolver := buildServiceResolver(opts.EnableAggregatorRouting, genericConfig.LoopbackClientConfig.Host, versionedInformers)
pluginInitializers, err := admissionConfig.New(proxyTransport, genericConfig.EgressSelector, serviceResolver, genericConfig.TracerProvider)
if err != nil {
return nil, nil, nil, fmt.Errorf("failed to create admission plugin initializer: %v", err)
}
clientgoExternalClient, err := clientset.NewForConfig(genericConfig.LoopbackClientConfig)
if err != nil {
return nil, nil, nil, fmt.Errorf("failed to create real client-go external client: %w", err)