Without this, tests which create a master
will panic with a nil pointer when the periodic
podCache update runs.
Deleted unused FakePodInfoGetter.
Added FakeKubeletClient.
Passed to master.New.
Required a KubeletClient in master.New.
Added basic interface for authorizer implementations.
Added default "authorize everything" and "authorize nothing
implementations.
Added authorization check immediately after authentication check.
Added an integration test of authorization at the HTTP level of
abstraction.
Callsites no longer allocate a mux.
Master now exposes method to install handlers
which use the master's auth code. Not used
but forks (openshift) are expected to use these
methods. These methods will later be a point
for additional plug-in functionality.
Integration tests now use the master-provided
handler which has auth, rather than using the mux,
which didn't. Fix TestWhoAmI now that /_whoami
sits behind auth.
Added new endpoint /_whoami for debugging authentication.
Added integration test which checks that a user is authenticated
using token authentication.
Rearranged initialization of authenticator to support preceeding.
Create a new MetadataAccessor interface that combines both
and use it where previously latest.ResourceVersioner and SelfLinker
were being used.
Adds Namespace to the get/set interface. Adds TODO about future
fast path for metadata (as per thockin's comment)
Moved code from cmd/apiserver to pkg/master.
test/integration/client_test made to use a master object,
instead of an apiserver.Handle.
Subsequent PRs will move more handler-installation into
pkg/master, with the goal that every http.Handler of a
standalone apiserver process can also be tested
in a "testing"-style go test.
In particular, a subsequent PR will test
authorization.
Allows us to define different watch versioning regimes in the future
as well as to encode information with the resource version.
This changes /watch/resources?resourceVersion=3 to start the watch at
4 instead of 3, which means clients can read a resource version and
then send it back to the server. Clients should no longer do math on
resource versions.
* Defaults to v1beta1
* apiserver takes -storage_version which controls etcd storage version
and the version of the client used to connect to other apiservers
* Changed signature of client.New to add version parameter
* All controller code and component code prefers the oldest (most common)
server version
* Make Codec separate from Scheme
* Move EncodeOrDie off Scheme to take a Codec
* Make Copy work without a Codec
* Create a "latest" package that imports all versions and
sets global defaults for "most recent encoding"
* v1beta1 is the current "latest", v1beta2 exists
* Kill DefaultCodec, replace it with "latest.Codec"
* This updates the client and etcd to store the latest known version
* EmbeddedObject is per schema and per package now
* Move runtime.DefaultScheme to api.Scheme
* Split out WatchEvent since it's not an API object today, treat it
like a special object in api
* Kill DefaultResourceVersioner, instead place it on "latest" (as the
package that understands all packages)
* Move objDiff to runtime.ObjectDiff
This is some cleanup that has been needed for a while.
There's still one more step that could usefully be done, which is to
split up our api package into the part that provides the helper
functions and the part that provides the internal types. That can come
later.
The v1beta1 package is now a good example of what an api plugin should
do to version its types.
Prepare for running multiple API versions on the same HTTP server
by decoupling some of the mechanics of apiserver. Define a new
APIGroup object which represents a version of the API.
Currently all registry implementations live in a single package,
which makes it bit harder to maintain. The different registry
implementations do not follow the same coding style and naming
conventions, which makes the code harder to read.
Breakup the registry package into smaller packages based on
the registry implementation. Refactor the registry packages
to follow a similar coding style and naming convention.
This patch does not introduce any changes in behavior.
This commit adds a Binding object. The idea is that schedulers can write
these to cause pods to be asssigned to hosts. I'll provide an implementation
along with a rudimentary scheduler plugin.
This continues k8s' tradition of phrasing all APIs as RESTful handlers.
The apiserver on initialization must be provided with a codec
for encoding and decoding all handled objects including api.Status
and api.ServerOp. In addition, the RESTStorage Extract() method
has been changed to New(), which returns a pointer object that the
codec must decode into (the internal object). Switched registry
methods to use pointers for Create/Update instead of values.
Setting up a new master.Master instance requires passing
around too many arguments.
Add a master.Config type and group related master configs.
Refactor all commands to instantiate new masters using a
master.Config struct.
