remove deprecated kube-apiserver identity lease garbage collector
This commit is contained in:
SataQiu
@@ -128,8 +128,6 @@ const (
|
|||||||
IdentityLeaseComponentLabelKey = "apiserver.kubernetes.io/identity"
|
IdentityLeaseComponentLabelKey = "apiserver.kubernetes.io/identity"
|
||||||
// KubeAPIServer defines variable used internally when referring to kube-apiserver component
|
// KubeAPIServer defines variable used internally when referring to kube-apiserver component
|
||||||
KubeAPIServer = "kube-apiserver"
|
KubeAPIServer = "kube-apiserver"
|
||||||
// DeprecatedKubeAPIServerIdentityLeaseLabelSelector selects kube-apiserver identity leases
|
|
||||||
DeprecatedKubeAPIServerIdentityLeaseLabelSelector = "k8s.io/component=kube-apiserver"
|
|
||||||
// KubeAPIServerIdentityLeaseLabelSelector selects kube-apiserver identity leases
|
// KubeAPIServerIdentityLeaseLabelSelector selects kube-apiserver identity leases
|
||||||
KubeAPIServerIdentityLeaseLabelSelector = IdentityLeaseComponentLabelKey + "=" + KubeAPIServer
|
KubeAPIServerIdentityLeaseLabelSelector = IdentityLeaseComponentLabelKey + "=" + KubeAPIServer
|
||||||
// repairLoopInterval defines the interval used to run the Services ClusterIP and NodePort repair loops
|
// repairLoopInterval defines the interval used to run the Services ClusterIP and NodePort repair loops
|
||||||
@@ -606,22 +604,6 @@ func (c completedConfig) New(delegationTarget genericapiserver.DelegationTarget)
|
|||||||
go controller.Run(ctx)
|
go controller.Run(ctx)
|
||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
// Labels for apiserver idenitiy leases switched from k8s.io/component=kube-apiserver to apiserver.kubernetes.io/identity=kube-apiserver.
|
|
||||||
// For compatibility, garbage collect leases with both labels for at least 1 release
|
|
||||||
// TODO: remove in Kubernetes 1.28
|
|
||||||
m.GenericAPIServer.AddPostStartHookOrDie("start-deprecated-kube-apiserver-identity-lease-garbage-collector", func(hookContext genericapiserver.PostStartHookContext) error {
|
|
||||||
kubeClient, err := kubernetes.NewForConfig(hookContext.LoopbackClientConfig)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
go apiserverleasegc.NewAPIServerLeaseGC(
|
|
||||||
kubeClient,
|
|
||||||
IdentityLeaseGCPeriod,
|
|
||||||
metav1.NamespaceSystem,
|
|
||||||
DeprecatedKubeAPIServerIdentityLeaseLabelSelector,
|
|
||||||
).Run(hookContext.StopCh)
|
|
||||||
return nil
|
|
||||||
})
|
|
||||||
// TODO: move this into generic apiserver and make the lease identity value configurable
|
// TODO: move this into generic apiserver and make the lease identity value configurable
|
||||||
m.GenericAPIServer.AddPostStartHookOrDie("start-kube-apiserver-identity-lease-garbage-collector", func(hookContext genericapiserver.PostStartHookContext) error {
|
m.GenericAPIServer.AddPostStartHookOrDie("start-kube-apiserver-identity-lease-garbage-collector", func(hookContext genericapiserver.PostStartHookContext) error {
|
||||||
kubeClient, err := kubernetes.NewForConfig(hookContext.LoopbackClientConfig)
|
kubeClient, err := kubernetes.NewForConfig(hookContext.LoopbackClientConfig)
|
||||||
|
|||||||
@@ -154,48 +154,6 @@ func TestLeaseGarbageCollection(t *testing.T) {
|
|||||||
testLeaseNotGarbageCollected(t, kubeclient, expiredNonKubeSystemLease))
|
testLeaseNotGarbageCollected(t, kubeclient, expiredNonKubeSystemLease))
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestLeaseGarbageCollectionWithDeprecatedLabels(t *testing.T) {
|
|
||||||
oldIdentityLeaseDurationSeconds := controlplane.IdentityLeaseDurationSeconds
|
|
||||||
oldIdentityLeaseGCPeriod := controlplane.IdentityLeaseGCPeriod
|
|
||||||
oldIdentityLeaseRenewIntervalPeriod := controlplane.IdentityLeaseRenewIntervalPeriod
|
|
||||||
defer func() {
|
|
||||||
// reset the default values for leases after this test
|
|
||||||
controlplane.IdentityLeaseDurationSeconds = oldIdentityLeaseDurationSeconds
|
|
||||||
controlplane.IdentityLeaseGCPeriod = oldIdentityLeaseGCPeriod
|
|
||||||
controlplane.IdentityLeaseRenewIntervalPeriod = oldIdentityLeaseRenewIntervalPeriod
|
|
||||||
}()
|
|
||||||
|
|
||||||
// Shorten lease parameters so GC behavior can be exercised in integration tests
|
|
||||||
controlplane.IdentityLeaseDurationSeconds = 1
|
|
||||||
controlplane.IdentityLeaseGCPeriod = time.Second
|
|
||||||
controlplane.IdentityLeaseRenewIntervalPeriod = time.Second
|
|
||||||
|
|
||||||
defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.APIServerIdentity, true)()
|
|
||||||
result := kubeapiservertesting.StartTestServerOrDie(t, nil, nil, framework.SharedEtcd())
|
|
||||||
defer result.TearDownFn()
|
|
||||||
|
|
||||||
kubeclient, err := kubernetes.NewForConfig(result.ClientConfig)
|
|
||||||
if err != nil {
|
|
||||||
t.Fatalf("Unexpected error: %v", err)
|
|
||||||
}
|
|
||||||
expiredLease := newTestLeaseWithDeprecatedLabels(time.Now().Add(-2*time.Hour), metav1.NamespaceSystem)
|
|
||||||
t.Run("expired apiserver lease should be garbage collected",
|
|
||||||
testLeaseGarbageCollected(t, kubeclient, expiredLease))
|
|
||||||
|
|
||||||
freshLease := newTestLeaseWithDeprecatedLabels(time.Now().Add(-2*time.Minute), metav1.NamespaceSystem)
|
|
||||||
t.Run("fresh apiserver lease should not be garbage collected",
|
|
||||||
testLeaseNotGarbageCollected(t, kubeclient, freshLease))
|
|
||||||
|
|
||||||
expiredLease.Labels = nil
|
|
||||||
t.Run("expired non-identity lease should not be garbage collected",
|
|
||||||
testLeaseNotGarbageCollected(t, kubeclient, expiredLease))
|
|
||||||
|
|
||||||
// identity leases (with k8s.io/component label) created in user namespaces should not be GC'ed
|
|
||||||
expiredNonKubeSystemLease := newTestLeaseWithDeprecatedLabels(time.Now().Add(-2*time.Hour), metav1.NamespaceDefault)
|
|
||||||
t.Run("expired non-system identity lease should not be garbage collected",
|
|
||||||
testLeaseNotGarbageCollected(t, kubeclient, expiredNonKubeSystemLease))
|
|
||||||
}
|
|
||||||
|
|
||||||
func testLeaseGarbageCollected(t *testing.T, client kubernetes.Interface, lease *coordinationv1.Lease) func(t *testing.T) {
|
func testLeaseGarbageCollected(t *testing.T, client kubernetes.Interface, lease *coordinationv1.Lease) func(t *testing.T) {
|
||||||
return func(t *testing.T) {
|
return func(t *testing.T) {
|
||||||
ns := lease.Namespace
|
ns := lease.Namespace
|
||||||
@@ -259,21 +217,3 @@ func newTestLease(acquireTime time.Time, namespace string) *coordinationv1.Lease
|
|||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func newTestLeaseWithDeprecatedLabels(acquireTime time.Time, namespace string) *coordinationv1.Lease {
|
|
||||||
return &coordinationv1.Lease{
|
|
||||||
ObjectMeta: metav1.ObjectMeta{
|
|
||||||
Name: testLeaseName,
|
|
||||||
Namespace: namespace,
|
|
||||||
Labels: map[string]string{
|
|
||||||
"k8s.io/component": "kube-apiserver",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
Spec: coordinationv1.LeaseSpec{
|
|
||||||
HolderIdentity: pointer.StringPtr(testLeaseName),
|
|
||||||
LeaseDurationSeconds: pointer.Int32(3600),
|
|
||||||
AcquireTime: &metav1.MicroTime{Time: acquireTime},
|
|
||||||
RenewTime: &metav1.MicroTime{Time: acquireTime},
|
|
||||||
},
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|||||||
Reference in New Issue
Block a user