-
Notifications
You must be signed in to change notification settings - Fork 38.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Federation][(Un)join-00] Implement federation/cluster resource generator. #35153
[Federation][(Un)join-00] Implement federation/cluster resource generator. #35153
Conversation
4c1eb90
to
69f4b8f
Compare
Jenkins verification failed for commit 69f4b8f. Full PR test history. The magic incantation to run this job again is |
// Name of the cluster context (required) | ||
Name string | ||
// ServerAddress is the APIServer address of the Kubernetes cluster | ||
// that is being registered (optional) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why optional? What happens when this is not specified? Is there a default value?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is no default value, but it could be an empty string right?
Anyway, made it "required" here and added validation.
// that is being registered (optional) | ||
ServerAddress string | ||
// SecretName is the name of the secret that stores the credentials | ||
// for the Kubernetes cluster that is being registered (optional) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same question for what happens when not specified
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as above.
Spec: federationapi.ClusterSpec{ | ||
ServerAddressByClientCIDRs: []federationapi.ServerAddressByClientCIDR{ | ||
{ | ||
ServerAddress: s.ServerAddress, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I dont think ClientCIDR is optional
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed.
params: map[string]interface{}{ | ||
"name": "foo", | ||
}, | ||
expected: &federationapi.Cluster{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am not sure if this is a valid cluster spec, that the apiserver will accept
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed.
func (s ClusterGeneratorV1Beta1) ParamNames() []GeneratorParam { | ||
return []GeneratorParam{ | ||
{"name", true}, | ||
{"serverAddress", false}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this a command line flag? Should it be server-address
in that case?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It isn't a flag. There is no direct kubectl create
user for this generator right now. But there could be one in the future and they might define a flag with that name. So making it look like a flag to be safe.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nikhiljindal addressed the comments. PTAL.
func (s ClusterGeneratorV1Beta1) ParamNames() []GeneratorParam { | ||
return []GeneratorParam{ | ||
{"name", true}, | ||
{"serverAddress", false}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It isn't a flag. There is no direct kubectl create
user for this generator right now. But there could be one in the future and they might define a flag with that name. So making it look like a flag to be safe.
// Name of the cluster context (required) | ||
Name string | ||
// ServerAddress is the APIServer address of the Kubernetes cluster | ||
// that is being registered (optional) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is no default value, but it could be an empty string right?
Anyway, made it "required" here and added validation.
// that is being registered (optional) | ||
ServerAddress string | ||
// SecretName is the name of the secret that stores the credentials | ||
// for the Kubernetes cluster that is being registered (optional) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as above.
Spec: federationapi.ClusterSpec{ | ||
ServerAddressByClientCIDRs: []federationapi.ServerAddressByClientCIDR{ | ||
{ | ||
ServerAddress: s.ServerAddress, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed.
params: map[string]interface{}{ | ||
"name": "foo", | ||
}, | ||
expected: &federationapi.Cluster{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed.
return fmt.Errorf("name must be specified") | ||
} | ||
if len(s.ClientCIDR) == 0 { | ||
return fmt.Errorf("client CIDR must be specified") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can use "0.0.0.0/0" as the default CIDR (matches everything)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My original plan was to do this defaulting in the caller. It doesn't hurt to default at both the places. So done.
return fmt.Errorf("server address must be specified") | ||
} | ||
if len(s.SecretName) == 0 { | ||
return fmt.Errorf("secret name must be specified") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can use cluster name as default secret name
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as above. Done.
return []GeneratorParam{ | ||
{"name", true}, | ||
{"client-cidr", false}, | ||
{"server-address", false}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldnt the second parameter be true here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
I think cluster name and server-address should only be required. secretName and clientCIDR can be optional. Looks good otherwise |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nikhiljindal addressed the comments. PTAL.
return []GeneratorParam{ | ||
{"name", true}, | ||
{"client-cidr", false}, | ||
{"server-address", false}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
return fmt.Errorf("name must be specified") | ||
} | ||
if len(s.ClientCIDR) == 0 { | ||
return fmt.Errorf("client CIDR must be specified") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My original plan was to do this defaulting in the caller. It doesn't hurt to default at both the places. So done.
return fmt.Errorf("server address must be specified") | ||
} | ||
if len(s.SecretName) == 0 { | ||
return fmt.Errorf("secret name must be specified") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as above. Done.
Jenkins GKE smoke e2e failed for commit b9c4a8142b26d324447c1e388ee283ad20b41f13. Full PR test history. The magic incantation to run this job again is |
Jenkins GCI GCE e2e failed for commit b9c4a8142b26d324447c1e388ee283ad20b41f13. Full PR test history. The magic incantation to run this job again is |
Jenkins Kubemark GCE e2e failed for commit b9c4a8142b26d324447c1e388ee283ad20b41f13. Full PR test history. The magic incantation to run this job again is |
b9c4a81
to
aa22ed6
Compare
Thx for addressing the comments. |
aa22ed6
to
1712a19
Compare
@nikhiljindal squashed the commits and rebased. Thank you very much for a thorough review. |
Jenkins GCE Node e2e failed for commit 1712a19. Full PR test history. The magic incantation to run this job again is |
@k8s-bot node e2e test this |
@k8s-bot node e2e test this |
@k8s-bot test this [submit-queue is verifying that this PR is safe to merge] |
Jenkins unit/integration failed for commit 1712a19. Full PR test history. The magic incantation to run this job again is |
@k8s-bot unit test this |
4 similar comments
@k8s-bot unit test this |
@k8s-bot unit test this |
@k8s-bot unit test this |
@k8s-bot unit test this |
@k8s-oncall pinging k8s-bot doesn't seem to work. Any idea what's going on? |
@k8s-bot unit test this |
@kubernetes/test-infra-admins Any ideas why k8s-bot is not responding? |
Manually merging to unblock--failing unit test is due to #35898. All other tests are green. |
@saad-ali thanks! |
it looks like the tests were run several times (per https://k8s-gubernator.appspot.com/pr/35153), but I don't know why it didn't update the commit status here. @spxtr any ideas? |
Design Doc: PR #34484
cc @kubernetes/sig-cluster-federation @nikhiljindal
This change is![Reviewable](https://camo.githubusercontent.com/2d899f4291d07d3cd2fa4aaae1e3b243f164c23fce87d30a589ace0d496a444c/68747470733a2f2f72657669657761626c652e6b756265726e657465732e696f2f7265766965775f627574746f6e2e737667)