github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
121,390 Commits 1 Branch 31 Tags 1,019 MiB
fcd6c19c24
Commit Graph

16 Commits

Author SHA1 Message Date
Abu Kashem
430c226709
apiserver: fix lint issue, defaulting and validation test for flowcontrol v1 2023-10-30 08:18:40 -04:00
Abu Kashem
17bda3c3e0
apiserver: apf controller, bootstrap, tests should use flowcontrol v1 API 2023-10-30 08:18:35 -04:00
Mike Spreitzer
2069835094 Tolerate only the two allowed field changes 
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>
 2023-07-14 01:01:43 +00:00
Abu Kashem
3754d2da20 apf: allow admin to change the Exempt field only of the exempt pl 
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>
 2023-07-14 01:01:29 +00:00
Patrick Ohly
a5df442be7 flowcontrol: copy object before passing it to client-go Create to avoid data race 
This is similar to 5e1c6cd0d4, except that here generics are involved:
because client-go Create under the hood mutates its input value temporarily,
callers must make a copy if the object is read from some other goroutine.

The race as reported by "go test -race" for
test/integration/examples.TestAggregatedAPIServerRejectRedirectResponse is:

WARNING: DATA RACE
Read at 0x00c000556010 by goroutine 16128:
  reflect.Value.String()
      /usr/local/go/src/reflect/value.go:2565 +0x216
  encoding/json.stringEncoder()
      /usr/local/go/src/encoding/json/encode.go:645 +0x223
  encoding/json.structEncoder.encode()
      /usr/local/go/src/encoding/json/encode.go:759 +0x2ba
  encoding/json.structEncoder.encode-fm()
      <autogenerated>:1 +0xdb
  encoding/json.ptrEncoder.encode()
      /usr/local/go/src/encoding/json/encode.go:943 +0x382
  encoding/json.ptrEncoder.encode-fm()
      <autogenerated>:1 +0x90
  encoding/json.(*encodeState).reflectValue()
      /usr/local/go/src/encoding/json/encode.go:358 +0x88
  encoding/json.(*encodeState).marshal()
      /usr/local/go/src/encoding/json/encode.go:330 +0x224
  encoding/json.Marshal()
      /usr/local/go/src/encoding/json/encode.go:161 +0xf9
  k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/util/flowcontrol/format.ToJSON()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/util/flowcontrol/format/formatting.go:81 +0x44
  k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/util/flowcontrol/format.Stringer.String()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/util/flowcontrol/format/formatting.go:68 +0x5a4
  k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/util/flowcontrol/format.(*Stringer).String()
      <autogenerated>:1 +0x4b
  fmt.(*pp).handleMethods()
      /usr/local/go/src/fmt/print.go:673 +0x4db
  fmt.(*pp).printArg()
      /usr/local/go/src/fmt/print.go:756 +0xce4
  fmt.(*pp).doPrintf()
      /usr/local/go/src/fmt/print.go:1077 +0x599
  fmt.Fprintf()
      /usr/local/go/src/fmt/print.go:224 +0x7e
  k8s.io/kubernetes/vendor/k8s.io/klog/v2.(*loggingT).printfDepth()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/klog/v2/klog.go:733 +0x216
  k8s.io/kubernetes/vendor/k8s.io/klog/v2.(*loggingT).printf()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/klog/v2/klog.go:718 +0xcc
  k8s.io/kubernetes/vendor/k8s.io/klog/v2.Verbose.Infof()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/klog/v2/klog.go:1418 +0x64
  k8s.io/kubernetes/vendor/k8s.io/apiserver/pkg/util/flowcontrol.(*cfgMeal).digestFlowSchemasLocked()
...
Previous write at 0x00c000556010 by goroutine 15271:
  k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/apis/meta/v1.(*TypeMeta).SetGroupVersionKind()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/apis/meta/v1/meta.go:121 +0x193
  k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/runtime.WithVersionEncoder.Encode()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/runtime/helper.go:239 +0x325
  k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/runtime.(*WithVersionEncoder).Encode()
      <autogenerated>:1 +0xfb
  k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/runtime.Encode()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/runtime/codec.go:49 +0xb3
  k8s.io/kubernetes/vendor/k8s.io/client-go/rest.(*Request).Body()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/client-go/rest/request.go:470 +0x884
  k8s.io/kubernetes/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta3.(*flowSchemas).Create()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/client-go/kubernetes/typed/flowcontrol/v1beta3/flowschema.go:118 +0x23c
  k8s.io/kubernetes/pkg/registry/flowcontrol/ensurer.(*objectOps[...]).Create()
      <autogenerated>:1 +0x10f
  k8s.io/kubernetes/pkg/registry/flowcontrol/ensurer.EnsureConfiguration[...]()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/pkg/registry/flowcontrol/ensurer/strategy.go:272 +0x1b5
  k8s.io/kubernetes/pkg/registry/flowcontrol/ensurer.EnsureConfigurations[...]()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/pkg/registry/flowcontrol/ensurer/strategy.go:247 +0xf3
  k8s.io/kubernetes/pkg/registry/flowcontrol/rest.ensureMandatoryConfiguration()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/pkg/registry/flowcontrol/rest/storage_flowcontrol.go:230 +0x59e
  k8s.io/kubernetes/pkg/registry/flowcontrol/rest.ensure()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/pkg/registry/flowcontrol/rest/storage_flowcontrol.go:202 +0x1b2
  k8s.io/kubernetes/pkg/registry/flowcontrol/rest.(*bootstrapConfigurationEnsurer).ensureAPFBootstrapConfiguration.func1.1()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/pkg/registry/flowcontrol/rest/storage_flowcontrol.go:159 +0xe4
  k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait.runConditionWithCrashProtectionWithContext()
      /home/prow/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/vendor/k8s.io/apimachinery/pkg/util/wait/wait.go:154 +0x7b
 2023-06-30 09:55:25 +02:00
Mike Spreitzer
92a35f5bca Usse generics to simplify pkg/registry/flowcontrol/ensurer 
Signed-off-by: Mike Spreitzer <mspreitz@us.ibm.com>
 2023-06-22 00:56:54 -04:00
Abu Kashem
672614b57e
apf: refactor bootstrap ensure strategy 2023-06-09 13:31:23 -04:00
Mike Spreitzer
008576da07 Improve and simplify maintenance of APF bootstrap objects 
Prepare to make deletion of unwanted object conditional on ResourceVersion.

Remove unnecessary split between finding unwanted objects and removing
them.

Remove unnecessary layers of indirection to reach constant logic.

Use interfaces to remove need for type assertions.

Threaded context into APF object maintenance

Note and respect immutability of desired bootstrap objects
 2023-05-05 09:36:48 -04:00
Abu Kashem
0a99e6ebb1
apiserver: update apf logic to use v1beta3 2022-09-21 18:54:20 -04:00
Davanum Srinivas
a9593d634c
Generate and format files 
- Run hack/update-codegen.sh
- Run hack/update-generated-device-plugin.sh
- Run hack/update-generated-protobuf.sh
- Run hack/update-generated-runtime.sh
- Run hack/update-generated-swagger-docs.sh
- Run hack/update-openapi-spec.sh
- Run hack/update-gofmt.sh

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
 2022-07-26 13:14:05 -04:00
Abu Kashem
df41fe5d84
apf: clarify with comment 2022-01-19 17:38:31 -05:00
Patrick Ohly
9eaa2dc554 avoid klog Info calls without verbosity 
In the following code pattern, the log message will get logged with v=0 in JSON
output although conceptually it has a higher verbosity:

   if klog.V(5).Enabled() {
       klog.Info("hello world")
   }

Having the actual verbosity in the JSON output is relevant, for example for
filtering out only the important info messages. The solution is to use
klog.V(5).Info or something similar.

Whether the outer if is necessary at all depends on how complex the parameters
are. The return value of klog.V can be captured in a variable and be used
multiple times to avoid the overhead for that function call and to avoid
repeating the verbosity level.
 2022-01-12 07:48:36 +01:00
Mike Spreitzer
72403c8814 Concurrentize pkg/registry/flowcontrol/ensurer/strategy.go 
Stop logging error messages when surprised by concurrent activity.
Concurrent activity is not an error, it is normal.
 2022-01-04 22:55:21 -05:00
Abu Kashem
f30a34bc01
apf: use v1beta2 for registry 2021-12-17 10:35:37 -05:00
Abu Kashem
f9ee64007e
apf: always create missing bootstrap configuration object(s) 2021-05-17 12:08:39 -04:00
Abu Kashem
759a64136b
add auto update for apf bootstrap configuration 
Take the following approach:
On a fresh install, all bootstrap configuration objects will
have auto update enabled via the following annotation :
`apf.kubernetes.io/autoupdate: 'true'`

The kube-apiserver periodically checks the bootstrap configuration
objects on the cluster and applies update if necessary.

We enforce an 'always auto-update' policy for the mandatory
configuration object(s).

We update the suggested configuration objects when:
- auto update is enabled (`apf.kubernetes.io/autoupdate: 'true'`) or
- auto update annotation key is missing but `generation` is `1`

If the configuration object is missing the annotation key, we add
it appropriately:
it is set to `true` if `generation` is `1`, `false` otherwise.

The above approach ensures that we don't squash changes made by an
operator. Please note, we can't protect the changes made by the
operator in the following scenario:
- the user changes the spec and then deletes and recreates
  the same object. (generation resets to 1)

remove using a marker
 2021-05-07 14:23:17 -04:00