[Federation][(Un)join-00] Implement federation/cluster resource generator. #35153
Conversation
madhusudancs
added
area/cluster-federation
release-note-none
k8s-github-robot
added
the
size/L
madhusudancs
force-pushed
the
federation-kubectl-register-00
branch
from
4c1eb90
to
69f4b8f
Compare
|
Jenkins verification failed for commit 69f4b8f. Full PR test history. The magic incantation to run this job again is |
| // Name of the cluster context (required) | ||
| Name string | ||
| // ServerAddress is the APIServer address of the Kubernetes cluster | ||
| // that is being registered (optional) |
There was a problem hiding this comment.
Why optional? What happens when this is not specified? Is there a default value?
There was a problem hiding this comment.
There is no default value, but it could be an empty string right?
Anyway, made it "required" here and added validation.
| // that is being registered (optional) | ||
| ServerAddress string | ||
| // SecretName is the name of the secret that stores the credentials | ||
| // for the Kubernetes cluster that is being registered (optional) |
There was a problem hiding this comment.
Same question for what happens when not specified
There was a problem hiding this comment.
Same as above.
| Spec: federationapi.ClusterSpec{ | ||
| ServerAddressByClientCIDRs: []federationapi.ServerAddressByClientCIDR{ | ||
| { | ||
| ServerAddress: s.ServerAddress, |
There was a problem hiding this comment.
I dont think ClientCIDR is optional
| params: map[string]interface{}{ | ||
| "name": "foo", | ||
| }, | ||
| expected: &federationapi.Cluster{ |
There was a problem hiding this comment.
I am not sure if this is a valid cluster spec, that the apiserver will accept
| func (s ClusterGeneratorV1Beta1) ParamNames() []GeneratorParam { | ||
| return []GeneratorParam{ | ||
| {"name", true}, | ||
| {"serverAddress", false}, |
There was a problem hiding this comment.
Is this a command line flag? Should it be server-address in that case?
There was a problem hiding this comment.
It isn't a flag. There is no direct kubectl create user for this generator right now. But there could be one in the future and they might define a flag with that name. So making it look like a flag to be safe.
| func (s ClusterGeneratorV1Beta1) ParamNames() []GeneratorParam { | ||
| return []GeneratorParam{ | ||
| {"name", true}, | ||
| {"serverAddress", false}, |
There was a problem hiding this comment.
It isn't a flag. There is no direct kubectl create user for this generator right now. But there could be one in the future and they might define a flag with that name. So making it look like a flag to be safe.
| // Name of the cluster context (required) | ||
| Name string | ||
| // ServerAddress is the APIServer address of the Kubernetes cluster | ||
| // that is being registered (optional) |
There was a problem hiding this comment.
There is no default value, but it could be an empty string right?
Anyway, made it "required" here and added validation.
| // that is being registered (optional) | ||
| ServerAddress string | ||
| // SecretName is the name of the secret that stores the credentials | ||
| // for the Kubernetes cluster that is being registered (optional) |
There was a problem hiding this comment.
Same as above.
| Spec: federationapi.ClusterSpec{ | ||
| ServerAddressByClientCIDRs: []federationapi.ServerAddressByClientCIDR{ | ||
| { | ||
| ServerAddress: s.ServerAddress, |
| params: map[string]interface{}{ | ||
| "name": "foo", | ||
| }, | ||
| expected: &federationapi.Cluster{ |
| return fmt.Errorf("name must be specified") | ||
| } | ||
| if len(s.ClientCIDR) == 0 { | ||
| return fmt.Errorf("client CIDR must be specified") |
There was a problem hiding this comment.
We can use "0.0.0.0/0" as the default CIDR (matches everything)
There was a problem hiding this comment.
My original plan was to do this defaulting in the caller. It doesn't hurt to default at both the places. So done.
| return fmt.Errorf("server address must be specified") | ||
| } | ||
| if len(s.SecretName) == 0 { | ||
| return fmt.Errorf("secret name must be specified") |
There was a problem hiding this comment.
We can use cluster name as default secret name
There was a problem hiding this comment.
Same as above. Done.
| return []GeneratorParam{ | ||
| {"name", true}, | ||
| {"client-cidr", false}, | ||
| {"server-address", false}, |
There was a problem hiding this comment.
Shouldnt the second parameter be true here?
|
I think cluster name and server-address should only be required. secretName and clientCIDR can be optional. Looks good otherwise |
| return []GeneratorParam{ | ||
| {"name", true}, | ||
| {"client-cidr", false}, | ||
| {"server-address", false}, |
| return fmt.Errorf("name must be specified") | ||
| } | ||
| if len(s.ClientCIDR) == 0 { | ||
| return fmt.Errorf("client CIDR must be specified") |
There was a problem hiding this comment.
My original plan was to do this defaulting in the caller. It doesn't hurt to default at both the places. So done.
| return fmt.Errorf("server address must be specified") | ||
| } | ||
| if len(s.SecretName) == 0 { | ||
| return fmt.Errorf("secret name must be specified") |
There was a problem hiding this comment.
Same as above. Done.
|
Jenkins GKE smoke e2e failed for commit b9c4a8142b26d324447c1e388ee283ad20b41f13. Full PR test history. The magic incantation to run this job again is |
|
Jenkins GCI GCE e2e failed for commit b9c4a8142b26d324447c1e388ee283ad20b41f13. Full PR test history. The magic incantation to run this job again is |
|
Jenkins Kubemark GCE e2e failed for commit b9c4a8142b26d324447c1e388ee283ad20b41f13. Full PR test history. The magic incantation to run this job again is |
madhusudancs
force-pushed
the
federation-kubectl-register-00
branch
from
b9c4a81
to
aa22ed6
Compare
ghost
added
the
lgtm
|
Thx for addressing the comments. |
madhusudancs
force-pushed
the
federation-kubectl-register-00
branch
from
aa22ed6
to
1712a19
Compare
|
@nikhiljindal squashed the commits and rebased. Thank you very much for a thorough review. |
k8s-github-robot
removed
the
lgtm
madhusudancs
added
the
lgtm
|
Jenkins GCE Node e2e failed for commit 1712a19. Full PR test history. The magic incantation to run this job again is |
|
@k8s-bot node e2e test this |
|
@k8s-bot node e2e test this |
|
@k8s-bot test this [submit-queue is verifying that this PR is safe to merge] |
|
Jenkins unit/integration failed for commit 1712a19. Full PR test history. The magic incantation to run this job again is |
|
@k8s-bot unit test this |
4 similar comments
|
@k8s-bot unit test this |
|
@k8s-bot unit test this |
|
@k8s-bot unit test this |
|
@k8s-bot unit test this |
|
@k8s-oncall pinging k8s-bot doesn't seem to work. Any idea what's going on? |
|
@k8s-bot unit test this |
|
@kubernetes/test-infra-admins Any ideas why k8s-bot is not responding? |
|
Manually merging to unblock--failing unit test is due to #35898. All other tests are green. |
|
@saad-ali thanks! |
|
it looks like the tests were run several times (per https://k8s-gubernator.appspot.com/pr/35153), but I don't know why it didn't update the commit status here. @spxtr any ideas? |
Design Doc: PR #34484
cc @kubernetes/sig-cluster-federation @nikhiljindal
This change is