Refactor kube-proxy configuration #34727
Conversation
k8s-github-robot
added
kind/api-change
ncdc
force-pushed
the
kube-proxy-config
branch
from
6f5b2a6
to
375ba9e
Compare
|
Bootstrap GCE e2e failed for commit 375ba9e. Full PR test history. The magic incantation to run this job again is |
|
@thockin can you sign to someone on networking for review? |
|
@mikedanese @thockin ideally the iptables/proxier bits would be refactored so that they have distinct I also think I need to add a validation check to |
|
@marun would you have time to take a look. I know you won't be able to do an adequate review of the whole idea, but you can at least review the code here I think... |
Don't we have to go through at least 1 release where we mark as deprecated? Not that I'm opposed to what you're doing, as flags have gone feral. Just trying to ensure customer expectations are congruent with policy. |
timothysc
added
area/kube-proxy
release-note-action-required
|
@timothysc this is currently just a proof of concept of what the end state could look like. I will do whatever we all agree upon re a deprecation period and behavior. |
cmd/kube-proxy/app/server_test.go
Outdated
| assert.NotNil(t, proxyserver.IptInterface) | ||
| } | ||
|
|
||
| func TestGetConntrackMax(t *testing.T) { | ||
| ncores := runtime.NumCPU() | ||
| testCases := []struct { | ||
| config componentconfig.KubeProxyConfiguration | ||
| config componentconfig.KubeProxyConntrackConfiguration |
There was a problem hiding this comment.
Unrelated, but whenever I see tests written like this I want to simplify as follows:
testCases := []struct {
max int32
maxPerCore int32
expected int
err string
}{
{
expected: 0,
},
...
}
for i, tc:= range testCases {
config := componentConfig.KubeProxyConntrackConfiguration{
Max: tc.max,
MaxPerCore: tc.maxPerCore,
}
...
}Or is it preferable to define objects in test tables?
There was a problem hiding this comment.
It depends on the particular test, its cases, and how much flexibility you need.
|
I like the separation of concerns this POC promotes. It makes the code easier to reason about and should allow for cleaner testing. An open question is how much work it will be to remove side-effects at configuration time (and the potential for breakage that represents), but I think it should be worth it. |
k8s-github-robot
added
the
needs-rebase
cmd/kube-proxy/app/server.go
Outdated
| Conntracker: conntracker, | ||
| ProxyMode: proxyMode, | ||
| }, nil | ||
| type KubeProxyOptions struct { |
There was a problem hiding this comment.
We are in the kube-proxy package here. Any need for the KubeProxy prefix?
There was a problem hiding this comment.
Agree, though "Options" is as meaningless as "Config".
cmd/kube-proxy/app/server.go
Outdated
| flags := cmd.Flags() | ||
| BindKubeProxyOptions(&opts, flags) | ||
|
|
||
| cmd.MarkFlagFilename("config", "yaml", "yml") |
There was a problem hiding this comment.
No json? Then I would expect a hint for yaml in the flags description.
cmd/kube-proxy/app/server.go
Outdated
| glog.Errorf("unable to register configz: %s", err) | ||
| } | ||
|
|
||
| glog.V(4).Infof("using configuration: %#v", config) |
There was a problem hiding this comment.
nit: capital first letter in logs.
| Recorder record.EventRecorder | ||
| ConntrackConfiguration componentconfig.KubeProxyConntrackConfiguration | ||
| Conntracker Conntracker // if nil, ignored | ||
| ProxyMode string |
There was a problem hiding this comment.
Is it intentional to duplicate all the config values here? Feels like a lot of bloat instead of just leaving the config reference in here (we have that at many places in other component as well, unfortunately).
There was a problem hiding this comment.
I tend to agree - the more places this is replicated the harder it becomes to keep correct.
There was a problem hiding this comment.
Though I feel lik the definition of the struct should be in the callee - it is the Server package's job to define what args it needs, and the main package's job to provide those args..
There was a problem hiding this comment.
This is intentional. There is 1 struct for configuration (componentconfig.KubeProxyConfiguration) and 1 struct for runtime (ProxyServer). The runtime struct is used to run the component, and the config struct is the source of the configuration that is used to generate the runtime struct. We do not want to include the config struct inside the runtime struct.
There was a problem hiding this comment.
Also, it's not required that you go from config struct to runtime struct. You could create only a runtime struct and use that to run the component. That is the contract for running. The config struct is a helper to go from a human-editable config file to runtime.
cmd/kube-proxy/proxy.go
Outdated
| "os" | ||
|
|
||
| "github.com/spf13/pflag" | ||
|
|
||
| goflag "flag" |
hack/local-up-cluster.sh
Outdated
| --hostname-override="${HOSTNAME_OVERRIDE}" \ | ||
| --feature-gates="${FEATURE_GATES}" \ | ||
| --master="http://${API_HOST}:${API_PORT}" >"${PROXY_LOG}" 2>&1 & | ||
| --config /tmp/kube-proxy.yaml \ |
There was a problem hiding this comment.
This seems to lose feature-gates, which is a flag defined in a different lib, and pretty important :)
There was a problem hiding this comment.
|
Automatic merge from submit-queue (batch tested with PRs 45077, 45180, 34727, 45079, 45177) |
|
#45227 is out for review |
Automatic merge from submit-queue Fix hollow proxy to watch services and endpoints Ref #34727
|
Where are the docs for this change, please? |
|
Not written yet. If you can direct me to the appropriate file, I will
submit a docs PR. Thanks!
…On Tue, Jun 13, 2017 at 6:50 AM, Bryan Boreham ***@***.***> wrote:
Where are the docs for this change, please?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#34727 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAABYjP_WCGqSRuFlwKek4rmVk9IAtGoks5sDmlggaJpZM4KV_3w>
.
|
|
@ncdc kube-proxy docs are in https://github.com/kubernetes/kubernetes.github.io/blob/master/docs/admin/kube-proxy.md |
|
@bboreham I believe that file is autogenerated (it basically comes from |
|
Where can we find the procedure for using the new --config approach? The official addon seems to be creating an empty configmap |
|
I still owe a PR to put this in the docs. I've been on vacation but am back
and hope to get to it soon.
…On Thu, Sep 7, 2017 at 4:23 PM, Sylvain Boily ***@***.***> wrote:
Where can we find the procedure for using the new --config approach?
The official addon seems to be creating an empty configmap
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#34727 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAABYpK6P-w5XL-lZ_TGtndnrouCWSNDks5sgFDcgaJpZM4KV_3w>
.
|
Refactor the kube-scheduler configuration API, command setup, and server setup according to the guidelines established in kubernetes#32215 and using the kube-proxy refactor (kubernetes#34727) as a model of a well factored component adhering to said guidelines. * Config API: clarify meaning and use of algorithm source by replacing modality derived from bools and string emptiness checks with an explicit AlgorithmSource type hierarchy. * Config API: consolidate client connection config with common structs. * Config API: split and simplify healthz/metrics server configuration. * Config API: clarify leader election configuration. * Config API: improve defaulting. * CLI: deprecate all flags except `--config`. * CLI: port all flags to new config API. * CLI: refactor to match kube-proxy Cobra command style. * Server: refactor away configurator.go to clarify application wiring. * Server: refactor to more clearly separate wiring/setup from running. Fixes kubernetes#52428.
Automatic merge from submit-queue (batch tested with PRs 53592, 52562, 55175, 55213). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Refactor kube-scheduler config API, command, and server setup Refactor the kube-scheduler configuration API, command setup, and server setup according to the guidelines established in #32215 and using the kube-proxy refactor (#34727) as a model of a well factored component adhering to said guidelines. * Config API: clarify meaning and use of algorithm source by replacing modality derived from bools and string emptiness checks with an explicit AlgorithmSource type hierarchy. * Config API: consolidate client connection config with common structs. * Config API: split and simplify healthz/metrics server configuration. * Config API: clarify leader election configuration. * Config API: improve defaulting. * CLI: deprecate all flags except `--config`. * CLI: port all flags to new config API. * CLI: refactor to match kube-proxy Cobra command style. * Server: refactor away configurator.go to clarify application wiring. * Server: refactor to more clearly separate wiring/setup from running. Fixes #52428. @kubernetes/api-reviewers @kubernetes/sig-cluster-lifecycle-pr-reviews @kubernetes/sig-scheduling-pr-reviews /cc @ncdc @timothysc @bsalamat ```release-note The kube-scheduler command now supports a `--config` flag which is the location of a file containing a serialized scheduler configuration. Most other kube-scheduler flags are now deprecated. ```
Refactor the kube-scheduler configuration API, command setup, and server setup according to the guidelines established in kubernetes#32215 and using the kube-proxy refactor (kubernetes#34727) as a model of a well factored component adhering to said guidelines. * Config API: clarify meaning and use of algorithm source by replacing modality derived from bools and string emptiness checks with an explicit AlgorithmSource type hierarchy. * Config API: consolidate client connection config with common structs. * Config API: split and simplify healthz/metrics server configuration. * Config API: clarify leader election configuration. * Config API: improve defaulting. * CLI: deprecate all flags except `--config`. * CLI: port all flags to new config API. * CLI: refactor to match kube-proxy Cobra command style. * Server: refactor away configurator.go to clarify application wiring. * Server: refactor to more clearly separate wiring/setup from running. Fixes kubernetes#52428.
This is a proof of concept refactoring of the configuration and startup of kube-proxy. Most flags have been removed and replaced by a single config file, specified by
--config. This is in regards to the component configuration improvement suggestions listed in #32215.Also during this effort, I discovered that Hyperkube is roughly reimplementing portions of cobra, and that the current cobra command definitions are solely used to generated docs and man pages. I would like to move the individual commands as well as Hyperkube to using cobra, but that is a separate issue and discussion.
cc @mikedanese @liggitt @deads2k @eparis @sttts @smarterclayton @dgoodwin @timothysc
This change is