Browse code
Merge pull request #2323 from csrwng/upstream_kubelet_start
| ... | ... |
@@ -4,20 +4,17 @@ import ( |
| 4 | 4 |
"crypto/tls" |
| 5 | 5 |
"fmt" |
| 6 | 6 |
"net" |
| 7 |
- "net/http" |
|
| 8 | 7 |
"os" |
| 9 | 8 |
"os/exec" |
| 10 | 9 |
"path/filepath" |
| 10 |
+ "strconv" |
|
| 11 | 11 |
"strings" |
| 12 | 12 |
"time" |
| 13 | 13 |
|
| 14 |
+ kapp "github.com/GoogleCloudPlatform/kubernetes/cmd/kubelet/app" |
|
| 14 | 15 |
kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api" |
| 15 |
- "github.com/GoogleCloudPlatform/kubernetes/pkg/capabilities" |
|
| 16 |
- "github.com/GoogleCloudPlatform/kubernetes/pkg/client/record" |
|
| 17 | 16 |
"github.com/GoogleCloudPlatform/kubernetes/pkg/kubelet" |
| 18 | 17 |
"github.com/GoogleCloudPlatform/kubernetes/pkg/kubelet/cadvisor" |
| 19 |
- kconfig "github.com/GoogleCloudPlatform/kubernetes/pkg/kubelet/config" |
|
| 20 |
- kubecontainer "github.com/GoogleCloudPlatform/kubernetes/pkg/kubelet/container" |
|
| 21 | 18 |
"github.com/GoogleCloudPlatform/kubernetes/pkg/kubelet/dockertools" |
| 22 | 19 |
"github.com/GoogleCloudPlatform/kubernetes/pkg/proxy" |
| 23 | 20 |
pconfig "github.com/GoogleCloudPlatform/kubernetes/pkg/proxy/config" |
| ... | ... |
@@ -89,6 +86,7 @@ func (c *NodeConfig) EnsureDocker(docker *dockerutil.Helper) {
|
| 89 | 89 |
c.DockerClient = dockerClient |
| 90 | 90 |
} |
| 91 | 91 |
|
| 92 |
+// HandleDockerError handles an an error from the docker daemon |
|
| 92 | 93 |
func (c *NodeConfig) HandleDockerError(message string) {
|
| 93 | 94 |
if !c.AllowDisabledDocker {
|
| 94 | 95 |
glog.Fatalf("ERROR: %s", message)
|
| ... | ... |
@@ -144,42 +142,12 @@ func (c *NodeConfig) RunKubelet() {
|
| 144 | 144 |
} |
| 145 | 145 |
|
| 146 | 146 |
cadvisorInterface, err := cadvisor.New(4194) |
| 147 |
- if err == nil {
|
|
| 148 |
- // TODO: use VersionInfo after the next rebase |
|
| 149 |
- _, err = cadvisorInterface.MachineInfo() |
|
| 150 |
- } |
|
| 151 | 147 |
if err != nil {
|
| 152 |
- glog.Errorf("WARNING: cAdvisor cannot be started: %v", err)
|
|
| 153 |
- cadvisorInterface = &cadvisor.Fake{}
|
|
| 148 |
+ glog.Fatalf("Error instantiating cadvisor: %v", err)
|
|
| 154 | 149 |
} |
| 155 | 150 |
|
| 156 | 151 |
hostNetworkCapabilities := []string{kubelet.ApiserverSource, kubelet.FileSource}
|
| 157 |
- // initialize Kubelet |
|
| 158 |
- // Allow privileged containers |
|
| 159 |
- // TODO: make this configurable and not the default https://github.com/openshift/origin/issues/662 |
|
| 160 |
- capabilities.Setup(true, hostNetworkCapabilities) |
|
| 161 |
- recorder := record.NewBroadcaster().NewRecorder(kapi.EventSource{Component: "kubelet", Host: c.NodeHost})
|
|
| 162 |
- |
|
| 163 |
- cfg := kconfig.NewPodConfig(kconfig.PodConfigNotificationSnapshotAndUpdates, recorder) |
|
| 164 |
- kconfig.NewSourceApiserver(c.Client, c.NodeHost, cfg.Channel(kubelet.ApiserverSource)) |
|
| 165 |
- // define manifest file source for pods, if specified |
|
| 166 |
- if len(c.PodManifestPath) > 0 {
|
|
| 167 |
- _, err = os.Stat(c.PodManifestPath) |
|
| 168 |
- if err == nil {
|
|
| 169 |
- glog.Infof("Adding pod manifest file/dir: %v", c.PodManifestPath)
|
|
| 170 |
- kconfig.NewSourceFile(c.PodManifestPath, c.NodeHost, |
|
| 171 |
- time.Duration(c.PodManifestCheckIntervalSeconds)*time.Second, |
|
| 172 |
- cfg.Channel(kubelet.FileSource)) |
|
| 173 |
- } else {
|
|
| 174 |
- glog.Errorf("WARNING: PodManifestPath specified is not a valid file/directory: %v", err)
|
|
| 175 |
- } |
|
| 176 |
- } |
|
| 177 | 152 |
|
| 178 |
- gcPolicy := kubelet.ContainerGCPolicy{
|
|
| 179 |
- MinAge: 10 * time.Second, |
|
| 180 |
- MaxPerPodContainer: 5, |
|
| 181 |
- MaxContainers: 100, |
|
| 182 |
- } |
|
| 183 | 153 |
imageGCPolicy := kubelet.ImageGCPolicy{
|
| 184 | 154 |
HighThresholdPercent: 90, |
| 185 | 155 |
LowThresholdPercent: 80, |
| ... | ... |
@@ -188,75 +156,78 @@ func (c *NodeConfig) RunKubelet() {
|
| 188 | 188 |
DockerFreeDiskMB: 256, |
| 189 | 189 |
RootFreeDiskMB: 256, |
| 190 | 190 |
} |
| 191 |
- |
|
| 192 |
- k, err := kubelet.NewMainKubelet( |
|
| 193 |
- c.NodeHost, |
|
| 194 |
- c.DockerClient, |
|
| 195 |
- c.Client, |
|
| 196 |
- c.VolumeDir, |
|
| 197 |
- c.ImageFor("pod"),
|
|
| 198 |
- 3*time.Second, |
|
| 199 |
- 0.0, |
|
| 200 |
- 10, |
|
| 201 |
- gcPolicy, |
|
| 202 |
- cfg.SeenAllSources, |
|
| 203 |
- c.ClusterDomain, |
|
| 204 |
- clusterDNS, |
|
| 205 |
- kapi.NamespaceDefault, |
|
| 206 |
- app.ProbeVolumePlugins(), |
|
| 207 |
- app.ProbeNetworkPlugins(), |
|
| 208 |
- c.NetworkPluginName, |
|
| 209 |
- 5*time.Minute, |
|
| 210 |
- recorder, |
|
| 211 |
- cadvisorInterface, |
|
| 212 |
- imageGCPolicy, |
|
| 213 |
- diskSpacePolicy, |
|
| 214 |
- nil, |
|
| 215 |
- 15*time.Second, |
|
| 216 |
- "/kubelet", |
|
| 217 |
- kubecontainer.RealOS{},
|
|
| 218 |
- "", |
|
| 219 |
- "docker", |
|
| 220 |
- mount.New(), |
|
| 221 |
- "", // docker daemon container |
|
| 222 |
- false, |
|
| 223 |
- 200, |
|
| 224 |
- ) |
|
| 191 |
+ kubeAddress, kubePortStr, err := net.SplitHostPort(c.BindAddress) |
|
| 225 | 192 |
if err != nil {
|
| 226 |
- glog.Fatalf("Couldn't run kubelet: %s", err)
|
|
| 193 |
+ glog.Fatalf("Cannot parse node address: %v", err)
|
|
| 227 | 194 |
} |
| 228 |
- go util.Forever(func() { k.Run(cfg.Updates()) }, 0)
|
|
| 229 |
- |
|
| 230 |
- handler := kubelet.NewServer(k, true) |
|
| 231 |
- |
|
| 232 |
- server := &http.Server{
|
|
| 233 |
- Addr: c.BindAddress, |
|
| 234 |
- Handler: &handler, |
|
| 235 |
- ReadTimeout: 5 * time.Minute, |
|
| 236 |
- WriteTimeout: 5 * time.Minute, |
|
| 237 |
- MaxHeaderBytes: 1 << 20, |
|
| 195 |
+ kubePort, err := strconv.Atoi(kubePortStr) |
|
| 196 |
+ if err != nil {
|
|
| 197 |
+ glog.Fatalf("Cannot parse node port: %v", err)
|
|
| 238 | 198 |
} |
| 239 | 199 |
|
| 240 |
- go util.Forever(func() {
|
|
| 241 |
- glog.Infof("Started Kubelet for node %s, server at %s, tls=%v", c.NodeHost, c.BindAddress, c.TLS)
|
|
| 242 |
- if clusterDNS != nil {
|
|
| 243 |
- glog.Infof(" Kubelet is setting %s as a DNS nameserver for domain %q", clusterDNS, c.ClusterDomain)
|
|
| 244 |
- } |
|
| 245 |
- k.BirthCry() |
|
| 246 |
- |
|
| 247 |
- if c.TLS {
|
|
| 248 |
- server.TLSConfig = &tls.Config{
|
|
| 200 |
+ var tlsOptions *kubelet.TLSOptions |
|
| 201 |
+ if c.TLS {
|
|
| 202 |
+ tlsOptions = &kubelet.TLSOptions{
|
|
| 203 |
+ Config: &tls.Config{
|
|
| 249 | 204 |
// Change default from SSLv3 to TLSv1.0 (because of POODLE vulnerability) |
| 250 | 205 |
MinVersion: tls.VersionTLS10, |
| 251 | 206 |
// RequireAndVerifyClientCert lets us limit requests to ones with a valid client certificate |
| 252 | 207 |
ClientAuth: tls.RequireAndVerifyClientCert, |
| 253 | 208 |
ClientCAs: c.ClientCAs, |
| 254 |
- } |
|
| 255 |
- glog.Fatal(server.ListenAndServeTLS(c.KubeletCertFile, c.KubeletKeyFile)) |
|
| 256 |
- } else {
|
|
| 257 |
- glog.Fatal(server.ListenAndServe()) |
|
| 209 |
+ }, |
|
| 210 |
+ CertFile: c.KubeletCertFile, |
|
| 211 |
+ KeyFile: c.KubeletKeyFile, |
|
| 258 | 212 |
} |
| 259 |
- }, 0) |
|
| 213 |
+ } |
|
| 214 |
+ |
|
| 215 |
+ kcfg := kapp.KubeletConfig{
|
|
| 216 |
+ Address: util.IP(net.ParseIP(kubeAddress)), |
|
| 217 |
+ // Allow privileged containers |
|
| 218 |
+ // TODO: make this configurable and not the default https://github.com/openshift/origin/issues/662 |
|
| 219 |
+ AllowPrivileged: true, |
|
| 220 |
+ HostNetworkSources: hostNetworkCapabilities, |
|
| 221 |
+ HostnameOverride: c.NodeHost, |
|
| 222 |
+ RootDirectory: c.VolumeDir, |
|
| 223 |
+ ConfigFile: c.PodManifestPath, |
|
| 224 |
+ ManifestURL: "", |
|
| 225 |
+ FileCheckFrequency: time.Duration(c.PodManifestCheckIntervalSeconds) * time.Second, |
|
| 226 |
+ HTTPCheckFrequency: 0, |
|
| 227 |
+ PodInfraContainerImage: c.ImageFor("pod"),
|
|
| 228 |
+ SyncFrequency: 10 * time.Second, |
|
| 229 |
+ RegistryPullQPS: 0.0, |
|
| 230 |
+ RegistryBurst: 10, |
|
| 231 |
+ MinimumGCAge: 10 * time.Second, |
|
| 232 |
+ MaxPerPodContainerCount: 5, |
|
| 233 |
+ MaxContainerCount: 100, |
|
| 234 |
+ ClusterDomain: c.ClusterDomain, |
|
| 235 |
+ ClusterDNS: util.IP(clusterDNS), |
|
| 236 |
+ Runonce: false, |
|
| 237 |
+ Port: uint(kubePort), |
|
| 238 |
+ ReadOnlyPort: 0, |
|
| 239 |
+ CadvisorInterface: cadvisorInterface, |
|
| 240 |
+ EnableServer: true, |
|
| 241 |
+ EnableDebuggingHandlers: true, |
|
| 242 |
+ DockerClient: c.DockerClient, |
|
| 243 |
+ KubeClient: c.Client, |
|
| 244 |
+ MasterServiceNamespace: kapi.NamespaceDefault, |
|
| 245 |
+ VolumePlugins: app.ProbeVolumePlugins(), |
|
| 246 |
+ NetworkPlugins: app.ProbeNetworkPlugins(), |
|
| 247 |
+ NetworkPluginName: c.NetworkPluginName, |
|
| 248 |
+ StreamingConnectionIdleTimeout: 5 * time.Minute, |
|
| 249 |
+ TLSOptions: tlsOptions, |
|
| 250 |
+ ImageGCPolicy: imageGCPolicy, |
|
| 251 |
+ DiskSpacePolicy: diskSpacePolicy, |
|
| 252 |
+ Cloud: nil, |
|
| 253 |
+ NodeStatusUpdateFrequency: 15 * time.Second, |
|
| 254 |
+ ResourceContainer: "/kubelet", |
|
| 255 |
+ CgroupRoot: "", |
|
| 256 |
+ ContainerRuntime: "docker", |
|
| 257 |
+ Mounter: mount.New(), |
|
| 258 |
+ DockerDaemonContainer: "", |
|
| 259 |
+ ConfigureCBR0: false, |
|
| 260 |
+ MaxPods: 200, |
|
| 261 |
+ } |
|
| 262 |
+ kapp.RunKubelet(&kcfg, nil) |
|
| 260 | 263 |
} |
| 261 | 264 |
|
| 262 | 265 |
// RunProxy starts the proxy |