mirror of
https://github.com/ceph/ceph-csi.git
synced 2025-06-13 18:43:34 +00:00
vendor update for CSI 0.3.0
This commit is contained in:
gman
4
vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/BUILD
generated
vendored
4
vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/BUILD
generated
vendored
@ -16,7 +16,6 @@ go_library(
|
||||
deps = [
|
||||
"//pkg/api/legacyscheme:go_default_library",
|
||||
"//pkg/apis/core:go_default_library",
|
||||
"//pkg/apis/core/validation:go_default_library",
|
||||
"//pkg/features:go_default_library",
|
||||
"//pkg/kubeapiserver/options:go_default_library",
|
||||
"//pkg/kubelet/client:go_default_library",
|
||||
@ -46,7 +45,8 @@ go_test(
|
||||
"//vendor/k8s.io/apiserver/pkg/server/options:go_default_library",
|
||||
"//vendor/k8s.io/apiserver/pkg/storage/storagebackend:go_default_library",
|
||||
"//vendor/k8s.io/apiserver/pkg/util/flag:go_default_library",
|
||||
"//vendor/k8s.io/apiserver/plugin/pkg/audit/webhook:go_default_library",
|
||||
"//vendor/k8s.io/apiserver/plugin/pkg/audit/buffered:go_default_library",
|
||||
"//vendor/k8s.io/apiserver/plugin/pkg/audit/truncate:go_default_library",
|
||||
"//vendor/k8s.io/client-go/rest:go_default_library",
|
||||
],
|
||||
)
|
||||
|
||||
17
vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/options.go
generated
vendored
17
vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/options.go
generated
vendored
@ -26,7 +26,6 @@ import (
|
||||
genericoptions "k8s.io/apiserver/pkg/server/options"
|
||||
"k8s.io/apiserver/pkg/storage/storagebackend"
|
||||
api "k8s.io/kubernetes/pkg/apis/core"
|
||||
"k8s.io/kubernetes/pkg/apis/core/validation"
|
||||
kubeoptions "k8s.io/kubernetes/pkg/kubeapiserver/options"
|
||||
kubeletclient "k8s.io/kubernetes/pkg/kubelet/client"
|
||||
"k8s.io/kubernetes/pkg/master/ports"
|
||||
@ -94,7 +93,7 @@ func NewServerRunOptions() *ServerRunOptions {
|
||||
EnableLogsHandler: true,
|
||||
EventTTL: 1 * time.Hour,
|
||||
MasterCount: 1,
|
||||
EndpointReconcilerType: string(reconcilers.MasterCountReconcilerType),
|
||||
EndpointReconcilerType: string(reconcilers.LeaseEndpointReconcilerType),
|
||||
KubeletConfig: kubeletclient.KubeletClientConfig{
|
||||
Port: ports.KubeletPort,
|
||||
ReadOnlyPort: ports.KubeletReadOnlyPort,
|
||||
@ -167,7 +166,7 @@ func (s *ServerRunOptions) AddFlags(fs *pflag.FlagSet) {
|
||||
"Currently only applies to long-running requests.")
|
||||
|
||||
fs.IntVar(&s.MasterCount, "apiserver-count", s.MasterCount,
|
||||
"The number of apiservers running in the cluster, must be a positive number.")
|
||||
"The number of apiservers running in the cluster, must be a positive number. (In use when --endpoint-reconciler-type=master-count is enabled.)")
|
||||
|
||||
fs.StringVar(&s.EndpointReconcilerType, "endpoint-reconciler-type", string(s.EndpointReconcilerType),
|
||||
"Use an endpoint reconciler ("+strings.Join(reconcilers.AllTypes.Names(), ", ")+")")
|
||||
@ -213,11 +212,10 @@ func (s *ServerRunOptions) AddFlags(fs *pflag.FlagSet) {
|
||||
fs.StringVar(&s.KubeletConfig.CAFile, "kubelet-certificate-authority", s.KubeletConfig.CAFile,
|
||||
"Path to a cert file for the certificate authority.")
|
||||
|
||||
// TODO: delete this flag as soon as we identify and fix all clients that send malformed updates, like #14126.
|
||||
fs.BoolVar(&validation.RepairMalformedUpdates, "repair-malformed-updates", validation.RepairMalformedUpdates, ""+
|
||||
"If true, server will do its best to fix the update request to pass the validation, "+
|
||||
"e.g., setting empty UID in update request to its existing value. This flag can be turned off "+
|
||||
"after we fix all the clients that send malformed updates.")
|
||||
// TODO: delete this flag in 1.13
|
||||
repair := false
|
||||
fs.BoolVar(&repair, "repair-malformed-updates", false, "deprecated")
|
||||
fs.MarkDeprecated("repair-malformed-updates", "This flag will be removed in a future version")
|
||||
|
||||
fs.StringVar(&s.ProxyClientCertFile, "proxy-client-cert-file", s.ProxyClientCertFile, ""+
|
||||
"Client certificate used to prove the identity of the aggregator or kube-apiserver "+
|
||||
@ -236,6 +234,5 @@ func (s *ServerRunOptions) AddFlags(fs *pflag.FlagSet) {
|
||||
"Turns on aggregator routing requests to endoints IP rather than cluster IP.")
|
||||
|
||||
fs.StringVar(&s.ServiceAccountSigningKeyFile, "service-account-signing-key-file", s.ServiceAccountSigningKeyFile, ""+
|
||||
"Path to the file that contains the current private key of the service account token issuer. The issuer will sign issued ID tokens with this private key. (Ignored unless alpha TokenRequest is enabled")
|
||||
|
||||
"Path to the file that contains the current private key of the service account token issuer. The issuer will sign issued ID tokens with this private key. (Requires the 'TokenRequest' feature gate.)")
|
||||
}
|
||||
|
||||
79
vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/options_test.go
generated
vendored
79
vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/options_test.go
generated
vendored
@ -29,7 +29,8 @@ import (
|
||||
genericoptions "k8s.io/apiserver/pkg/server/options"
|
||||
"k8s.io/apiserver/pkg/storage/storagebackend"
|
||||
utilflag "k8s.io/apiserver/pkg/util/flag"
|
||||
auditwebhook "k8s.io/apiserver/plugin/pkg/audit/webhook"
|
||||
auditbuffered "k8s.io/apiserver/plugin/pkg/audit/buffered"
|
||||
audittruncate "k8s.io/apiserver/plugin/pkg/audit/truncate"
|
||||
restclient "k8s.io/client-go/rest"
|
||||
"k8s.io/kubernetes/pkg/api/legacyscheme"
|
||||
kapi "k8s.io/kubernetes/pkg/apis/core"
|
||||
@ -54,18 +55,34 @@ func TestAddFlags(t *testing.T) {
|
||||
"--audit-log-maxbackup=12",
|
||||
"--audit-log-maxsize=13",
|
||||
"--audit-log-path=/var/log",
|
||||
"--audit-log-mode=blocking",
|
||||
"--audit-log-batch-buffer-size=46",
|
||||
"--audit-log-batch-max-size=47",
|
||||
"--audit-log-batch-max-wait=48s",
|
||||
"--audit-log-batch-throttle-enable=true",
|
||||
"--audit-log-batch-throttle-qps=49.5",
|
||||
"--audit-log-batch-throttle-burst=50",
|
||||
"--audit-log-truncate-enabled=true",
|
||||
"--audit-log-truncate-max-batch-size=45",
|
||||
"--audit-log-truncate-max-event-size=44",
|
||||
"--audit-log-version=audit.k8s.io/v1alpha1",
|
||||
"--audit-policy-file=/policy",
|
||||
"--audit-webhook-config-file=/webhook-config",
|
||||
"--audit-webhook-mode=blocking",
|
||||
"--audit-webhook-batch-buffer-size=42",
|
||||
"--audit-webhook-batch-max-size=43",
|
||||
"--audit-webhook-batch-max-wait=1s",
|
||||
"--audit-webhook-batch-throttle-enable=false",
|
||||
"--audit-webhook-batch-throttle-qps=43.5",
|
||||
"--audit-webhook-batch-throttle-burst=44",
|
||||
"--audit-webhook-batch-initial-backoff=2s",
|
||||
"--audit-webhook-truncate-enabled=true",
|
||||
"--audit-webhook-truncate-max-batch-size=43",
|
||||
"--audit-webhook-truncate-max-event-size=42",
|
||||
"--audit-webhook-initial-backoff=2s",
|
||||
"--audit-webhook-version=audit.k8s.io/v1alpha1",
|
||||
"--authentication-token-webhook-cache-ttl=3m",
|
||||
"--authentication-token-webhook-config-file=/token-webhook-config",
|
||||
"--authorization-mode=AlwaysDeny",
|
||||
"--authorization-mode=AlwaysDeny,RBAC",
|
||||
"--authorization-policy-file=/policy",
|
||||
"--authorization-webhook-cache-authorized-ttl=3m",
|
||||
"--authorization-webhook-cache-unauthorized-ttl=1m",
|
||||
@ -79,7 +96,7 @@ func TestAddFlags(t *testing.T) {
|
||||
"--enable-aggregator-routing=true",
|
||||
"--enable-logs-handler=false",
|
||||
"--enable-swagger-ui=true",
|
||||
"--endpoint-reconciler-type=" + string(reconcilers.MasterCountReconcilerType),
|
||||
"--endpoint-reconciler-type=" + string(reconcilers.LeaseEndpointReconcilerType),
|
||||
"--etcd-quorum-read=false",
|
||||
"--etcd-keyfile=/var/run/kubernetes/etcd.key",
|
||||
"--etcd-certfile=/var/run/kubernetes/etcdce.crt",
|
||||
@ -103,7 +120,7 @@ func TestAddFlags(t *testing.T) {
|
||||
ServiceNodePortRange: kubeoptions.DefaultServiceNodePortRange,
|
||||
ServiceClusterIPRange: kubeoptions.DefaultServiceIPCIDR,
|
||||
MasterCount: 5,
|
||||
EndpointReconcilerType: string(reconcilers.MasterCountReconcilerType),
|
||||
EndpointReconcilerType: string(reconcilers.LeaseEndpointReconcilerType),
|
||||
AllowPrivileged: false,
|
||||
GenericServerRunOptions: &apiserveroptions.ServerRunOptions{
|
||||
AdvertiseAddress: net.ParseIP("192.168.10.10"),
|
||||
@ -180,18 +197,48 @@ func TestAddFlags(t *testing.T) {
|
||||
MaxBackups: 12,
|
||||
MaxSize: 13,
|
||||
Format: "json",
|
||||
BatchOptions: apiserveroptions.AuditBatchOptions{
|
||||
Mode: "blocking",
|
||||
BatchConfig: auditbuffered.BatchConfig{
|
||||
BufferSize: 46,
|
||||
MaxBatchSize: 47,
|
||||
MaxBatchWait: 48 * time.Second,
|
||||
ThrottleEnable: true,
|
||||
ThrottleQPS: 49.5,
|
||||
ThrottleBurst: 50,
|
||||
},
|
||||
},
|
||||
TruncateOptions: apiserveroptions.AuditTruncateOptions{
|
||||
Enabled: true,
|
||||
TruncateConfig: audittruncate.Config{
|
||||
MaxBatchSize: 45,
|
||||
MaxEventSize: 44,
|
||||
},
|
||||
},
|
||||
GroupVersionString: "audit.k8s.io/v1alpha1",
|
||||
},
|
||||
WebhookOptions: apiserveroptions.AuditWebhookOptions{
|
||||
Mode: "blocking",
|
||||
ConfigFile: "/webhook-config",
|
||||
BatchConfig: auditwebhook.BatchBackendConfig{
|
||||
BufferSize: 42,
|
||||
MaxBatchSize: 43,
|
||||
MaxBatchWait: 1 * time.Second,
|
||||
ThrottleQPS: 43.5,
|
||||
ThrottleBurst: 44,
|
||||
InitialBackoff: 2 * time.Second,
|
||||
BatchOptions: apiserveroptions.AuditBatchOptions{
|
||||
Mode: "blocking",
|
||||
BatchConfig: auditbuffered.BatchConfig{
|
||||
BufferSize: 42,
|
||||
MaxBatchSize: 43,
|
||||
MaxBatchWait: 1 * time.Second,
|
||||
ThrottleEnable: false,
|
||||
ThrottleQPS: 43.5,
|
||||
ThrottleBurst: 44,
|
||||
},
|
||||
},
|
||||
TruncateOptions: apiserveroptions.AuditTruncateOptions{
|
||||
Enabled: true,
|
||||
TruncateConfig: audittruncate.Config{
|
||||
MaxBatchSize: 43,
|
||||
MaxEventSize: 42,
|
||||
},
|
||||
},
|
||||
InitialBackoff: 2 * time.Second,
|
||||
GroupVersionString: "audit.k8s.io/v1alpha1",
|
||||
},
|
||||
PolicyFile: "/policy",
|
||||
},
|
||||
@ -226,7 +273,7 @@ func TestAddFlags(t *testing.T) {
|
||||
TokenFailureCacheTTL: 0,
|
||||
},
|
||||
Authorization: &kubeoptions.BuiltInAuthorizationOptions{
|
||||
Mode: "AlwaysDeny",
|
||||
Modes: []string{"AlwaysDeny", "RBAC"},
|
||||
PolicyFile: "/policy",
|
||||
WebhookConfigFile: "/webhook-config",
|
||||
WebhookCacheAuthorizedTTL: 180000000000,
|
||||
@ -237,8 +284,8 @@ func TestAddFlags(t *testing.T) {
|
||||
CloudProvider: "azure",
|
||||
},
|
||||
StorageSerialization: &kubeoptions.StorageSerializationOptions{
|
||||
StorageVersions: legacyscheme.Registry.AllPreferredGroupVersions(),
|
||||
DefaultStorageVersions: legacyscheme.Registry.AllPreferredGroupVersions(),
|
||||
StorageVersions: kubeoptions.ToPreferredVersionString(legacyscheme.Scheme.PreferredVersionAllGroups()),
|
||||
DefaultStorageVersions: kubeoptions.ToPreferredVersionString(legacyscheme.Scheme.PreferredVersionAllGroups()),
|
||||
},
|
||||
APIEnablement: &apiserveroptions.APIEnablementOptions{
|
||||
RuntimeConfig: utilflag.ConfigurationMap{},
|
||||
|
||||
27
vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/validation.go
generated
vendored
27
vendor/k8s.io/kubernetes/cmd/kube-apiserver/app/options/validation.go
generated
vendored
@ -50,36 +50,39 @@ func validateServiceNodePort(options *ServerRunOptions) []error {
|
||||
}
|
||||
|
||||
// Validate checks ServerRunOptions and return a slice of found errors.
|
||||
func (options *ServerRunOptions) Validate() []error {
|
||||
func (s *ServerRunOptions) Validate() []error {
|
||||
var errors []error
|
||||
if errs := options.Etcd.Validate(); len(errs) > 0 {
|
||||
if errs := s.Etcd.Validate(); len(errs) > 0 {
|
||||
errors = append(errors, errs...)
|
||||
}
|
||||
if errs := validateClusterIPFlags(options); len(errs) > 0 {
|
||||
if errs := validateClusterIPFlags(s); len(errs) > 0 {
|
||||
errors = append(errors, errs...)
|
||||
}
|
||||
if errs := validateServiceNodePort(options); len(errs) > 0 {
|
||||
if errs := validateServiceNodePort(s); len(errs) > 0 {
|
||||
errors = append(errors, errs...)
|
||||
}
|
||||
if errs := options.SecureServing.Validate(); len(errs) > 0 {
|
||||
if errs := s.SecureServing.Validate(); len(errs) > 0 {
|
||||
errors = append(errors, errs...)
|
||||
}
|
||||
if errs := options.Authentication.Validate(); len(errs) > 0 {
|
||||
if errs := s.Authentication.Validate(); len(errs) > 0 {
|
||||
errors = append(errors, errs...)
|
||||
}
|
||||
if errs := options.Audit.Validate(); len(errs) > 0 {
|
||||
if errs := s.Authorization.Validate(); len(errs) > 0 {
|
||||
errors = append(errors, errs...)
|
||||
}
|
||||
if errs := options.Admission.Validate(); len(errs) > 0 {
|
||||
if errs := s.Audit.Validate(); len(errs) > 0 {
|
||||
errors = append(errors, errs...)
|
||||
}
|
||||
if errs := options.InsecureServing.Validate("insecure-port"); len(errs) > 0 {
|
||||
if errs := s.Admission.Validate(); len(errs) > 0 {
|
||||
errors = append(errors, errs...)
|
||||
}
|
||||
if options.MasterCount <= 0 {
|
||||
errors = append(errors, fmt.Errorf("--apiserver-count should be a positive number, but value '%d' provided", options.MasterCount))
|
||||
if errs := s.InsecureServing.Validate(); len(errs) > 0 {
|
||||
errors = append(errors, errs...)
|
||||
}
|
||||
if errs := options.APIEnablement.Validate(legacyscheme.Registry, apiextensionsapiserver.Registry, aggregatorscheme.Registry); len(errs) > 0 {
|
||||
if s.MasterCount <= 0 {
|
||||
errors = append(errors, fmt.Errorf("--apiserver-count should be a positive number, but value '%d' provided", s.MasterCount))
|
||||
}
|
||||
if errs := s.APIEnablement.Validate(legacyscheme.Scheme, apiextensionsapiserver.Scheme, aggregatorscheme.Scheme); len(errs) > 0 {
|
||||
errors = append(errors, errs...)
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user