Merged by openshift-bot
OpenShift Bot authored on 2015/05/20 03:32:40... | ... |
@@ -4,20 +4,17 @@ import ( |
4 | 4 |
"crypto/tls" |
5 | 5 |
"fmt" |
6 | 6 |
"net" |
7 |
- "net/http" |
|
8 | 7 |
"os" |
9 | 8 |
"os/exec" |
10 | 9 |
"path/filepath" |
10 |
+ "strconv" |
|
11 | 11 |
"strings" |
12 | 12 |
"time" |
13 | 13 |
|
14 |
+ kapp "github.com/GoogleCloudPlatform/kubernetes/cmd/kubelet/app" |
|
14 | 15 |
kapi "github.com/GoogleCloudPlatform/kubernetes/pkg/api" |
15 |
- "github.com/GoogleCloudPlatform/kubernetes/pkg/capabilities" |
|
16 |
- "github.com/GoogleCloudPlatform/kubernetes/pkg/client/record" |
|
17 | 16 |
"github.com/GoogleCloudPlatform/kubernetes/pkg/kubelet" |
18 | 17 |
"github.com/GoogleCloudPlatform/kubernetes/pkg/kubelet/cadvisor" |
19 |
- kconfig "github.com/GoogleCloudPlatform/kubernetes/pkg/kubelet/config" |
|
20 |
- kubecontainer "github.com/GoogleCloudPlatform/kubernetes/pkg/kubelet/container" |
|
21 | 18 |
"github.com/GoogleCloudPlatform/kubernetes/pkg/kubelet/dockertools" |
22 | 19 |
"github.com/GoogleCloudPlatform/kubernetes/pkg/proxy" |
23 | 20 |
pconfig "github.com/GoogleCloudPlatform/kubernetes/pkg/proxy/config" |
... | ... |
@@ -89,6 +86,7 @@ func (c *NodeConfig) EnsureDocker(docker *dockerutil.Helper) { |
89 | 89 |
c.DockerClient = dockerClient |
90 | 90 |
} |
91 | 91 |
|
92 |
+// HandleDockerError handles an an error from the docker daemon |
|
92 | 93 |
func (c *NodeConfig) HandleDockerError(message string) { |
93 | 94 |
if !c.AllowDisabledDocker { |
94 | 95 |
glog.Fatalf("ERROR: %s", message) |
... | ... |
@@ -144,42 +142,12 @@ func (c *NodeConfig) RunKubelet() { |
144 | 144 |
} |
145 | 145 |
|
146 | 146 |
cadvisorInterface, err := cadvisor.New(4194) |
147 |
- if err == nil { |
|
148 |
- // TODO: use VersionInfo after the next rebase |
|
149 |
- _, err = cadvisorInterface.MachineInfo() |
|
150 |
- } |
|
151 | 147 |
if err != nil { |
152 |
- glog.Errorf("WARNING: cAdvisor cannot be started: %v", err) |
|
153 |
- cadvisorInterface = &cadvisor.Fake{} |
|
148 |
+ glog.Fatalf("Error instantiating cadvisor: %v", err) |
|
154 | 149 |
} |
155 | 150 |
|
156 | 151 |
hostNetworkCapabilities := []string{kubelet.ApiserverSource, kubelet.FileSource} |
157 |
- // initialize Kubelet |
|
158 |
- // Allow privileged containers |
|
159 |
- // TODO: make this configurable and not the default https://github.com/openshift/origin/issues/662 |
|
160 |
- capabilities.Setup(true, hostNetworkCapabilities) |
|
161 |
- recorder := record.NewBroadcaster().NewRecorder(kapi.EventSource{Component: "kubelet", Host: c.NodeHost}) |
|
162 |
- |
|
163 |
- cfg := kconfig.NewPodConfig(kconfig.PodConfigNotificationSnapshotAndUpdates, recorder) |
|
164 |
- kconfig.NewSourceApiserver(c.Client, c.NodeHost, cfg.Channel(kubelet.ApiserverSource)) |
|
165 |
- // define manifest file source for pods, if specified |
|
166 |
- if len(c.PodManifestPath) > 0 { |
|
167 |
- _, err = os.Stat(c.PodManifestPath) |
|
168 |
- if err == nil { |
|
169 |
- glog.Infof("Adding pod manifest file/dir: %v", c.PodManifestPath) |
|
170 |
- kconfig.NewSourceFile(c.PodManifestPath, c.NodeHost, |
|
171 |
- time.Duration(c.PodManifestCheckIntervalSeconds)*time.Second, |
|
172 |
- cfg.Channel(kubelet.FileSource)) |
|
173 |
- } else { |
|
174 |
- glog.Errorf("WARNING: PodManifestPath specified is not a valid file/directory: %v", err) |
|
175 |
- } |
|
176 |
- } |
|
177 | 152 |
|
178 |
- gcPolicy := kubelet.ContainerGCPolicy{ |
|
179 |
- MinAge: 10 * time.Second, |
|
180 |
- MaxPerPodContainer: 5, |
|
181 |
- MaxContainers: 100, |
|
182 |
- } |
|
183 | 153 |
imageGCPolicy := kubelet.ImageGCPolicy{ |
184 | 154 |
HighThresholdPercent: 90, |
185 | 155 |
LowThresholdPercent: 80, |
... | ... |
@@ -188,75 +156,78 @@ func (c *NodeConfig) RunKubelet() { |
188 | 188 |
DockerFreeDiskMB: 256, |
189 | 189 |
RootFreeDiskMB: 256, |
190 | 190 |
} |
191 |
- |
|
192 |
- k, err := kubelet.NewMainKubelet( |
|
193 |
- c.NodeHost, |
|
194 |
- c.DockerClient, |
|
195 |
- c.Client, |
|
196 |
- c.VolumeDir, |
|
197 |
- c.ImageFor("pod"), |
|
198 |
- 3*time.Second, |
|
199 |
- 0.0, |
|
200 |
- 10, |
|
201 |
- gcPolicy, |
|
202 |
- cfg.SeenAllSources, |
|
203 |
- c.ClusterDomain, |
|
204 |
- clusterDNS, |
|
205 |
- kapi.NamespaceDefault, |
|
206 |
- app.ProbeVolumePlugins(), |
|
207 |
- app.ProbeNetworkPlugins(), |
|
208 |
- c.NetworkPluginName, |
|
209 |
- 5*time.Minute, |
|
210 |
- recorder, |
|
211 |
- cadvisorInterface, |
|
212 |
- imageGCPolicy, |
|
213 |
- diskSpacePolicy, |
|
214 |
- nil, |
|
215 |
- 15*time.Second, |
|
216 |
- "/kubelet", |
|
217 |
- kubecontainer.RealOS{}, |
|
218 |
- "", |
|
219 |
- "docker", |
|
220 |
- mount.New(), |
|
221 |
- "", // docker daemon container |
|
222 |
- false, |
|
223 |
- 200, |
|
224 |
- ) |
|
191 |
+ kubeAddress, kubePortStr, err := net.SplitHostPort(c.BindAddress) |
|
225 | 192 |
if err != nil { |
226 |
- glog.Fatalf("Couldn't run kubelet: %s", err) |
|
193 |
+ glog.Fatalf("Cannot parse node address: %v", err) |
|
227 | 194 |
} |
228 |
- go util.Forever(func() { k.Run(cfg.Updates()) }, 0) |
|
229 |
- |
|
230 |
- handler := kubelet.NewServer(k, true) |
|
231 |
- |
|
232 |
- server := &http.Server{ |
|
233 |
- Addr: c.BindAddress, |
|
234 |
- Handler: &handler, |
|
235 |
- ReadTimeout: 5 * time.Minute, |
|
236 |
- WriteTimeout: 5 * time.Minute, |
|
237 |
- MaxHeaderBytes: 1 << 20, |
|
195 |
+ kubePort, err := strconv.Atoi(kubePortStr) |
|
196 |
+ if err != nil { |
|
197 |
+ glog.Fatalf("Cannot parse node port: %v", err) |
|
238 | 198 |
} |
239 | 199 |
|
240 |
- go util.Forever(func() { |
|
241 |
- glog.Infof("Started Kubelet for node %s, server at %s, tls=%v", c.NodeHost, c.BindAddress, c.TLS) |
|
242 |
- if clusterDNS != nil { |
|
243 |
- glog.Infof(" Kubelet is setting %s as a DNS nameserver for domain %q", clusterDNS, c.ClusterDomain) |
|
244 |
- } |
|
245 |
- k.BirthCry() |
|
246 |
- |
|
247 |
- if c.TLS { |
|
248 |
- server.TLSConfig = &tls.Config{ |
|
200 |
+ var tlsOptions *kubelet.TLSOptions |
|
201 |
+ if c.TLS { |
|
202 |
+ tlsOptions = &kubelet.TLSOptions{ |
|
203 |
+ Config: &tls.Config{ |
|
249 | 204 |
// Change default from SSLv3 to TLSv1.0 (because of POODLE vulnerability) |
250 | 205 |
MinVersion: tls.VersionTLS10, |
251 | 206 |
// RequireAndVerifyClientCert lets us limit requests to ones with a valid client certificate |
252 | 207 |
ClientAuth: tls.RequireAndVerifyClientCert, |
253 | 208 |
ClientCAs: c.ClientCAs, |
254 |
- } |
|
255 |
- glog.Fatal(server.ListenAndServeTLS(c.KubeletCertFile, c.KubeletKeyFile)) |
|
256 |
- } else { |
|
257 |
- glog.Fatal(server.ListenAndServe()) |
|
209 |
+ }, |
|
210 |
+ CertFile: c.KubeletCertFile, |
|
211 |
+ KeyFile: c.KubeletKeyFile, |
|
258 | 212 |
} |
259 |
- }, 0) |
|
213 |
+ } |
|
214 |
+ |
|
215 |
+ kcfg := kapp.KubeletConfig{ |
|
216 |
+ Address: util.IP(net.ParseIP(kubeAddress)), |
|
217 |
+ // Allow privileged containers |
|
218 |
+ // TODO: make this configurable and not the default https://github.com/openshift/origin/issues/662 |
|
219 |
+ AllowPrivileged: true, |
|
220 |
+ HostNetworkSources: hostNetworkCapabilities, |
|
221 |
+ HostnameOverride: c.NodeHost, |
|
222 |
+ RootDirectory: c.VolumeDir, |
|
223 |
+ ConfigFile: c.PodManifestPath, |
|
224 |
+ ManifestURL: "", |
|
225 |
+ FileCheckFrequency: time.Duration(c.PodManifestCheckIntervalSeconds) * time.Second, |
|
226 |
+ HTTPCheckFrequency: 0, |
|
227 |
+ PodInfraContainerImage: c.ImageFor("pod"), |
|
228 |
+ SyncFrequency: 10 * time.Second, |
|
229 |
+ RegistryPullQPS: 0.0, |
|
230 |
+ RegistryBurst: 10, |
|
231 |
+ MinimumGCAge: 10 * time.Second, |
|
232 |
+ MaxPerPodContainerCount: 5, |
|
233 |
+ MaxContainerCount: 100, |
|
234 |
+ ClusterDomain: c.ClusterDomain, |
|
235 |
+ ClusterDNS: util.IP(clusterDNS), |
|
236 |
+ Runonce: false, |
|
237 |
+ Port: uint(kubePort), |
|
238 |
+ ReadOnlyPort: 0, |
|
239 |
+ CadvisorInterface: cadvisorInterface, |
|
240 |
+ EnableServer: true, |
|
241 |
+ EnableDebuggingHandlers: true, |
|
242 |
+ DockerClient: c.DockerClient, |
|
243 |
+ KubeClient: c.Client, |
|
244 |
+ MasterServiceNamespace: kapi.NamespaceDefault, |
|
245 |
+ VolumePlugins: app.ProbeVolumePlugins(), |
|
246 |
+ NetworkPlugins: app.ProbeNetworkPlugins(), |
|
247 |
+ NetworkPluginName: c.NetworkPluginName, |
|
248 |
+ StreamingConnectionIdleTimeout: 5 * time.Minute, |
|
249 |
+ TLSOptions: tlsOptions, |
|
250 |
+ ImageGCPolicy: imageGCPolicy, |
|
251 |
+ DiskSpacePolicy: diskSpacePolicy, |
|
252 |
+ Cloud: nil, |
|
253 |
+ NodeStatusUpdateFrequency: 15 * time.Second, |
|
254 |
+ ResourceContainer: "/kubelet", |
|
255 |
+ CgroupRoot: "", |
|
256 |
+ ContainerRuntime: "docker", |
|
257 |
+ Mounter: mount.New(), |
|
258 |
+ DockerDaemonContainer: "", |
|
259 |
+ ConfigureCBR0: false, |
|
260 |
+ MaxPods: 200, |
|
261 |
+ } |
|
262 |
+ kapp.RunKubelet(&kcfg, nil) |
|
260 | 263 |
} |
261 | 264 |
|
262 | 265 |
// RunProxy starts the proxy |