Skip to content
Permalink
Browse files

bootstrap flow-control objects

  • Loading branch information
yue9944882 committed Nov 14, 2019
1 parent cf48800 commit 02c675f204f91143acba7de880ca34130f4de63f
@@ -11,10 +11,16 @@ go_library(
"//pkg/registry/flowcontrol/flowschema/storage:go_default_library",
"//pkg/registry/flowcontrol/prioritylevelconfiguration/storage:go_default_library",
"//staging/src/k8s.io/api/flowcontrol/v1alpha1:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/api/errors:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/registry/generic:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/registry/rest:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/server:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/server/storage:go_default_library",
"//staging/src/k8s.io/client-go/kubernetes/typed/flowcontrol/v1alpha1:go_default_library",
"//vendor/k8s.io/klog:go_default_library",
],
)

@@ -17,20 +17,34 @@ limitations under the License.
package rest

import (
"fmt"
"time"

flowcontrolv1alpha1 "k8s.io/api/flowcontrol/v1alpha1"
apierrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/util/wait"
flowcontrolbootstrap "k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap"
"k8s.io/apiserver/pkg/registry/generic"
"k8s.io/apiserver/pkg/registry/rest"
genericapiserver "k8s.io/apiserver/pkg/server"
serverstorage "k8s.io/apiserver/pkg/server/storage"
flowcontrolclient "k8s.io/client-go/kubernetes/typed/flowcontrol/v1alpha1"
"k8s.io/klog"
"k8s.io/kubernetes/pkg/api/legacyscheme"
"k8s.io/kubernetes/pkg/apis/flowcontrol"
flowschemastore "k8s.io/kubernetes/pkg/registry/flowcontrol/flowschema/storage"
prioritylevelconfigurationstore "k8s.io/kubernetes/pkg/registry/flowcontrol/prioritylevelconfiguration/storage"
)

// RESTStorageProvider implements
var _ genericapiserver.PostStartHookProvider = RESTStorageProvider{}

// RESTStorageProvider is a provider of REST storage
type RESTStorageProvider struct{}

// PostStartHookName is the name of the post-start-hook provided by flow-control storage
const PostStartHookName = "apiserver/bootstrap-system-flowcontrol-configuration"

// NewRESTStorage creates a new rest storage for flow-control api models.
func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, bool, error) {
apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(flowcontrol.GroupName, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs)
@@ -71,3 +85,89 @@ func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstora
func (p RESTStorageProvider) GroupName() string {
return flowcontrol.GroupName
}

func (p RESTStorageProvider) PostStartHook() (string, genericapiserver.PostStartHookFunc, error) {
return PostStartHookName, func(hookContext genericapiserver.PostStartHookContext) error {
flowcontrolClientSet := flowcontrolclient.NewForConfigOrDie(hookContext.LoopbackClientConfig)
// ensure the pre-defined objects if the exempt flow-schema is present.
shouldEnsure, err := shouldEnsureAllPredefined(flowcontrolClientSet)
if err != nil {
return err
}
if shouldEnsure {
return ensureAllPredefined(
flowcontrolClientSet,
flowcontrolbootstrap.PredefinedFlowSchemas(),
// Note: the "exempt" priority-level is supposed tobe the last item in the pre-defined
// list, so that a crash in the midst of the first kube-apiserver startup does not prevent
// the full initial set of objects from being created.
flowcontrolbootstrap.PredefinedPriorityLevelConfigurations(),
)
}
return nil
}, nil
}

// Returns false if there's a "exempt" priority-level existing in the cluster, otherwise returns a true
// if the "exempt" priority-level is not found.
func shouldEnsureAllPredefined(flowcontrolClientSet flowcontrolclient.FlowcontrolV1alpha1Interface) (bool, error) {
if _, err := flowcontrolClientSet.PriorityLevelConfigurations().Get(flowcontrol.PriorityLevelConfigurationNameExempt, metav1.GetOptions{}); err != nil {
if apierrors.IsNotFound(err) {
return true, nil
}
return false, err
}
return false, nil
}

// Creates the pre-defined priority-levels and then the flow-schemas the creation are supposed to be done in
// 30s, otherwise an error will be returned.
func ensureAllPredefined(flowcontrolClientSet flowcontrolclient.FlowcontrolV1alpha1Interface, flowSchemas []*flowcontrolv1alpha1.FlowSchema, priorityLevels []*flowcontrolv1alpha1.PriorityLevelConfiguration) error {
err := wait.PollImmediate(time.Second, 30*time.Second, func() (done bool, err error) {
for _, flowSchema := range flowSchemas {
_, err := flowcontrolClientSet.FlowSchemas().Get(flowSchema.Name, metav1.GetOptions{})
if err != nil {
if apierrors.IsNotFound(err) {
_, err := flowcontrolClientSet.FlowSchemas().Create(flowSchema)
if err != nil && !apierrors.IsAlreadyExists(err) {
return false, err
} else if err == nil {
klog.V(3).Infof("created system preset FlowSchema %s", flowSchema.Name)
} else {
klog.V(3).Infof("system preset FlowSchema %s already exists, skipping creating", flowSchema.Name)
}
} else {
// Unable to get the priority class for reasons other than "not found".
klog.Warningf("unable to get FlowSchema %v: %v. Retrying...", flowSchema.Name, err)
return false, nil
}
}
}
for _, priorityLevelConfiguration := range priorityLevels {
_, err := flowcontrolClientSet.PriorityLevelConfigurations().Get(priorityLevelConfiguration.Name, metav1.GetOptions{})
if err != nil {
if apierrors.IsNotFound(err) {
_, err := flowcontrolClientSet.PriorityLevelConfigurations().Create(priorityLevelConfiguration)
if err != nil && !apierrors.IsAlreadyExists(err) {
return false, err
} else if err == nil {
klog.V(3).Infof("created system preset PriorityLevelConfiguration %s", priorityLevelConfiguration.Name)
} else {
klog.V(3).Infof("system preset PriorityLevelConfiguration %s already exists, skipping creating", priorityLevelConfiguration.Name)
}
} else {
// Unable to get the priority class for reasons other than "not found".
klog.Warningf("unable to get PriorityLevelConfiguration %v: %v. Retrying...", priorityLevelConfiguration.Name, err)
return false, nil
}
}
}
klog.V(4).Infof("all system flow-control settings are created successfully or already exist.")
return true, nil
})
// if we're never able to make it through initialization, kill the API server.
if err != nil {
return fmt.Errorf("unable to add default system flow-control settings: %v", err)
}
return nil
}
@@ -15,6 +15,7 @@ filegroup(
"//staging/src/k8s.io/apiserver/pkg/apis/config:all-srcs",
"//staging/src/k8s.io/apiserver/pkg/apis/example:all-srcs",
"//staging/src/k8s.io/apiserver/pkg/apis/example2:all-srcs",
"//staging/src/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap:all-srcs",
"//staging/src/k8s.io/apiserver/pkg/audit:all-srcs",
"//staging/src/k8s.io/apiserver/pkg/authentication/authenticator:all-srcs",
"//staging/src/k8s.io/apiserver/pkg/authentication/authenticatorfactory:all-srcs",
@@ -0,0 +1,31 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")

go_library(
name = "go_default_library",
srcs = ["default.go"],
importmap = "k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap",
importpath = "k8s.io/apiserver/pkg/apis/flowcontrol/bootstrap",
visibility = ["//visibility:public"],
deps = [
"//staging/src/k8s.io/api/coordination/v1:go_default_library",
"//staging/src/k8s.io/api/core/v1:go_default_library",
"//staging/src/k8s.io/api/flowcontrol/v1alpha1:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/authentication/serviceaccount:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/authentication/user:go_default_library",
],
)

filegroup(
name = "package-srcs",
srcs = glob(["**"]),
tags = ["automanaged"],
visibility = ["//visibility:private"],
)

filegroup(
name = "all-srcs",
srcs = [":package-srcs"],
tags = ["automanaged"],
visibility = ["//visibility:public"],
)

0 comments on commit 02c675f

Please sign in to comment.
You can’t perform that action at this time.