github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
9c508f12fbd329cb1e545e320de8d0bdcce80668
kubernetes/staging
History
Kubernetes Submit Queue 42adb9ef25 Merge pull request #50258 from liggitt/token-cache 
Automatic merge from submit-queue (batch tested with PRs 49488, 50407, 46105, 50456, 50258)

Enable caching successful token authentication

Resolves #50472

To support revocation of service account tokens, an etcd lookup of the token and service account is done by the token authenticator. Controllers that make dozens or hundreds of API calls per second (like the endpoints controller) cause this lookup to be done very frequently on the same objects.

This PR:
* Implements a cached token authenticator that conforms to the authenticator.Token interface
* Implements a union token authenticator (same approach as the union request authenticator, conforming to the authenticator.Token interface)
* Cleans up the auth chain construction to group all token authenticators (means we only do bearer and websocket header parsing once)
* Adds a 10-second TTL cache to successful token authentication

```release-note
API server authentication now caches successful bearer token authentication results for a few seconds.
```
2017-08-11 14:14:06 -07:00
..
src/k8s.io
Merge pull request #50258 from liggitt/token-cache
2017-08-11 14:14:06 -07:00
BUILD
Merge pull request #50258 from liggitt/token-cache
2017-08-11 14:14:06 -07:00
godeps-json-updater.go
Clean up staging/godeps-json-updater.go
2017-04-06 09:32:57 +02:00
OWNERS
Add OWNERS for staging and api
2017-04-19 15:58:09 -04:00
prime-apimachinery.sh
Fixup go2idl references
2017-07-20 07:41:37 +02:00
README.md
Add info about staging repos to staging/README.md
2017-08-04 18:00:32 -04:00

README.md

External Repository Staging Area

This directory is the staging area for packages that have been split to their own repository. The content here will be periodically published to respective top-level k8s.io repositories.

Repositories currently staged here:

The code in the staging/ directory is authoritative, i.e. the only copy of the code. You can directly modify such code.

Using staged repositories from Kubernetes code

Kubernetes code uses the repositories in this directory via symlinks in the vendor/k8s.io directory into this staging area. For example, when Kubernetes code imports a package from the k8s.io/client-go repository, that import is resolved to staging/src/k8s.io/client-go relative to the project root:

// pkg/example/some_code.go
package example

import (
  "k8s.io/client-go/dynamic" // resolves to staging/src/k8s.io/client-go/dynamic
)

Once the change-over to external repositories is complete, these repositories will actually be vendored from k8s.io/<package-name>.

Reference in New Issue View Git Blame Copy Permalink