forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 1
/
server.go
68 lines (58 loc) · 2.57 KB
/
server.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
package openshift_kube_apiserver
import (
"fmt"
"github.com/golang/glog"
"k8s.io/apimachinery/pkg/util/sets"
utilwait "k8s.io/apimachinery/pkg/util/wait"
"k8s.io/apiserver/pkg/admission"
genericapiserver "k8s.io/apiserver/pkg/server"
"k8s.io/kubernetes/cmd/kube-apiserver/app"
"k8s.io/kubernetes/pkg/capabilities"
kubelettypes "k8s.io/kubernetes/pkg/kubelet/types"
"k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy"
"github.com/openshift/origin/pkg/cmd/openshift-kube-apiserver/openshiftkubeapiserver"
configapi "github.com/openshift/origin/pkg/cmd/server/apis/config"
originadmission "github.com/openshift/origin/pkg/cmd/server/origin/admission"
"k8s.io/kubernetes/pkg/kubeapiserver/options"
)
func RunOpenShiftKubeAPIServerServer(kubeAPIServerConfig *configapi.KubeAPIServerConfig) error {
// Allow privileged containers
capabilities.Initialize(capabilities.Capabilities{
AllowPrivileged: true,
PrivilegedSources: capabilities.PrivilegedSources{
HostNetworkSources: []string{kubelettypes.ApiserverSource, kubelettypes.FileSource},
HostPIDSources: []string{kubelettypes.ApiserverSource, kubelettypes.FileSource},
HostIPCSources: []string{kubelettypes.ApiserverSource, kubelettypes.FileSource},
},
})
bootstrappolicy.ClusterRoles = bootstrappolicy.OpenshiftClusterRoles
bootstrappolicy.ClusterRoleBindings = bootstrappolicy.OpenshiftClusterRoleBindings
options.AllOrderedPlugins = originadmission.CombinedAdmissionControlPlugins
kubeRegisterAdmission := options.RegisterAllAdmissionPlugins
options.RegisterAllAdmissionPlugins = func(plugins *admission.Plugins) {
kubeRegisterAdmission(plugins)
originadmission.RegisterOpenshiftAdmissionPlugins(plugins)
}
kubeDefaultOffAdmission := options.DefaultOffAdmissionPlugins
options.DefaultOffAdmissionPlugins = func() sets.String {
kubeOff := kubeDefaultOffAdmission()
kubeOff.Delete(originadmission.DefaultOnPlugins.List()...)
return kubeOff
}
configPatchFn, serverPatchContext := openshiftkubeapiserver.NewOpenShiftKubeAPIServerConfigPatch(genericapiserver.NewEmptyDelegate(), kubeAPIServerConfig)
app.OpenShiftKubeAPIServerConfigPatch = configPatchFn
app.OpenShiftKubeAPIServerServerPatch = serverPatchContext.PatchServer
cmd := app.NewAPIServerCommand(utilwait.NeverStop)
args, err := openshiftkubeapiserver.ConfigToFlags(kubeAPIServerConfig)
if err != nil {
return err
}
if err := cmd.ParseFlags(args); err != nil {
return err
}
glog.Infof("`kube-apiserver %v`", args)
if err := cmd.RunE(cmd, nil); err != nil {
return err
}
return fmt.Errorf("`kube-apiserver %v` exited", args)
}