clean up construction to make creating types more obvious

Author: deads2k

pkg/cmd/openshift-apiserver/openshiftapiserver/configprocessing/cloud.go

@@ -0,0 +1,15 @@
+package configprocessing
+
+import "fmt"
+
+func GetCloudProviderConfigFile(args map[string][]string) (string, error) {
+	filenames, ok := args["cloud-config"]
+	if !ok {
+		return "", nil
+	}
+	if len(filenames) != 1 {
+		return "", fmt.Errorf(`one or zero "--cloud-config" required, not %v`, filenames)
+	}
+
+	return filenames[0], nil
+}

pkg/cmd/openshift-apiserver/server.go

@@ -14,7 +14,6 @@ import (
 	configapi "github.com/openshift/origin/pkg/cmd/server/apis/config"
 	"github.com/openshift/origin/pkg/cmd/server/apis/config/validation"
 	"github.com/openshift/origin/pkg/cmd/util"
-	"github.com/openshift/origin/pkg/cmd/util/variable"
 )
 
 func RunOpenShiftAPIServer(masterConfig *configapi.MasterConfig) error {
@@ -51,11 +50,6 @@ func RunOpenShiftAPIServer(masterConfig *configapi.MasterConfig) error {
 	preparedOpenshiftAPIServer := openshiftAPIServer.GenericAPIServer.PrepareRun()
 
 	glog.Infof("Starting master on %s (%s)", masterConfig.ServingInfo.BindAddress, version.Get().String())
-	glog.Infof("Public master address is %s", masterConfig.MasterPublicURL)
-	imageTemplate := variable.NewDefaultImageTemplate()
-	imageTemplate.Format = masterConfig.ImageConfig.Format
-	imageTemplate.Latest = masterConfig.ImageConfig.Latest
-	glog.Infof("Using images from %q", imageTemplate.ExpandOrDie("<component>"))
 
 	if err := preparedOpenshiftAPIServer.Run(utilwait.NeverStop); err != nil {
 		return err

pkg/cmd/openshift-controller-manager/controller_manager.go

@@ -10,6 +10,7 @@ import (
 	origincontrollers "github.com/openshift/origin/pkg/cmd/openshift-controller-manager/controller"
 	configapi "github.com/openshift/origin/pkg/cmd/server/apis/config"
 	"github.com/openshift/origin/pkg/cmd/util"
+	"github.com/openshift/origin/pkg/cmd/util/variable"
 	"github.com/openshift/origin/pkg/version"
 	"k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/util/wait"
@@ -38,6 +39,19 @@ func RunOpenShiftControllerManager(config *configapi.OpenshiftControllerConfig,
 		}
 	}
 
+	{
+		imageTemplate := variable.NewDefaultImageTemplate()
+		imageTemplate.Format = config.Deployer.ImageTemplateFormat.Format
+		imageTemplate.Latest = config.Deployer.ImageTemplateFormat.Latest
+		glog.Infof("DeploymentConfig controller using images from %q", imageTemplate.ExpandOrDie("<component>"))
+	}
+	{
+		imageTemplate := variable.NewDefaultImageTemplate()
+		imageTemplate.Format = config.Build.ImageTemplateFormat.Format
+		imageTemplate.Latest = config.Build.ImageTemplateFormat.Latest
+		glog.Infof("Build controller using images from %q", imageTemplate.ExpandOrDie("<component>"))
+	}
+
 	originControllerManager := func(stopCh <-chan struct{}) {
 		if err := waitForHealthyAPIServer(kubeClient.Discovery().RESTClient()); err != nil {
 			glog.Fatal(err)

pkg/cmd/server/kubernetes/master/master_config.go

@@ -30,7 +30,6 @@ import (
 	apiserverstorage "k8s.io/apiserver/pkg/server/storage"
 	"k8s.io/apiserver/pkg/storage"
 	storagefactory "k8s.io/apiserver/pkg/storage/storagebackend/factory"
-	utilflag "k8s.io/apiserver/pkg/util/flag"
 	"k8s.io/client-go/rest"
 	"k8s.io/kube-aggregator/pkg/apis/apiregistration"
 	apiregistrationv1beta1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1"
@@ -73,15 +72,6 @@ var LegacyAPIGroupPrefixes = sets.NewString(apiserver.DefaultLegacyAPIPrefix, le
 // BuildKubeAPIserverOptions constructs the appropriate kube-apiserver run options.
 // It returns an error if no KubernetesMasterConfig was defined.
 func BuildKubeAPIserverOptions(masterConfig configapi.MasterConfig) (*kapiserveroptions.ServerRunOptions, error) {
-	host, portString, err := net.SplitHostPort(masterConfig.ServingInfo.BindAddress)
-	if err != nil {
-		return nil, err
-	}
-	port, err := strconv.Atoi(portString)
-	if err != nil {
-		return nil, err
-	}
-
 	portRange, err := knet.ParsePortRange(masterConfig.KubernetesMasterConfig.ServicesNodePortRange)
 	if err != nil {
 		return nil, err
@@ -97,11 +87,10 @@ func BuildKubeAPIserverOptions(masterConfig configapi.MasterConfig) (*kapiserver
 	server.ServiceNodePortRange = *portRange
 	server.Features.EnableProfiling = true
 
-	server.SecureServing.BindAddress = net.ParseIP(host)
-	server.SecureServing.BindPort = port
-	server.SecureServing.BindNetwork = masterConfig.ServingInfo.BindNetwork
-	server.SecureServing.ServerCert.CertKey.CertFile = masterConfig.ServingInfo.ServerCert.CertFile
-	server.SecureServing.ServerCert.CertKey.KeyFile = masterConfig.ServingInfo.ServerCert.KeyFile
+	server.SecureServing, err = configprocessing.ToServingOptions(masterConfig.ServingInfo)
+	if err != nil {
+		return nil, err
+	}
 	server.InsecureServing.BindPort = 0
 
 	// disable anonymous authentication
@@ -130,14 +119,6 @@ func BuildKubeAPIserverOptions(masterConfig configapi.MasterConfig) (*kapiserver
 	server.GenericServerRunOptions.MaxRequestsInFlight = masterConfig.ServingInfo.MaxRequestsInFlight
 	server.GenericServerRunOptions.MaxMutatingRequestsInFlight = masterConfig.ServingInfo.MaxRequestsInFlight / 2
 	server.GenericServerRunOptions.MinRequestTimeout = masterConfig.ServingInfo.RequestTimeoutSeconds
-	for _, nc := range masterConfig.ServingInfo.NamedCertificates {
-		sniCert := utilflag.NamedCertKey{
-			CertFile: nc.CertFile,
-			KeyFile:  nc.KeyFile,
-			Names:    nc.Names,
-		}
-		server.SecureServing.SNICertKeys = append(server.SecureServing.SNICertKeys, sniCert)
-	}
 
 	server.KubeletConfig.ReadOnlyPort = 0
 	server.KubeletConfig.Port = masterConfig.KubeletClientInfo.Port

pkg/cmd/server/origin/admission/plugin_initializer.go

@@ -23,9 +23,9 @@ import (
 	"k8s.io/kubernetes/pkg/quota/install"
 
 	userinformer "github.com/openshift/client-go/user/informers/externalversions"
+	"github.com/openshift/origin/pkg/cmd/openshift-apiserver/openshiftapiserver/configprocessing"
 	oadmission "github.com/openshift/origin/pkg/cmd/server/admission"
 	configapi "github.com/openshift/origin/pkg/cmd/server/apis/config"
-	kubernetes "github.com/openshift/origin/pkg/cmd/server/kubernetes/master"
 	"github.com/openshift/origin/pkg/image/apiserver/registryhostname"
 	imageinformer "github.com/openshift/origin/pkg/image/generated/informers/internalversion"
 	imageclient "github.com/openshift/origin/pkg/image/generated/internalclientset"
@@ -46,7 +46,7 @@ type InformerAccess interface {
 }
 
 func NewPluginInitializer(
-	options configapi.MasterConfig,
+	masterConfig configapi.MasterConfig,
 	privilegedLoopbackConfig *rest.Config,
 	informers InformerAccess,
 	authorizer authorizer.Authorizer,
@@ -77,24 +77,21 @@ func NewPluginInitializer(
 		quotaRegistry.Add(imageEvaluators[i])
 	}
 
-	registryHostnameRetriever, err := registryhostname.DefaultRegistryHostnameRetriever(privilegedLoopbackConfig, options.ImagePolicyConfig.ExternalRegistryHostname, options.ImagePolicyConfig.InternalRegistryHostname)
+	registryHostnameRetriever, err := registryhostname.DefaultRegistryHostnameRetriever(privilegedLoopbackConfig, masterConfig.ImagePolicyConfig.ExternalRegistryHostname, masterConfig.ImagePolicyConfig.InternalRegistryHostname)
 	if err != nil {
 		return nil, err
 	}
 
-	// punch through layers to build this in order to get a string for a cloud provider file
-	// TODO refactor us into a forward building flow with a side channel like this
-	kubeOptions, err := kubernetes.BuildKubeAPIserverOptions(options)
+	var cloudConfig []byte
+	cloudConfigFile, err := configprocessing.GetCloudProviderConfigFile(masterConfig.KubernetesMasterConfig.APIServerArguments)
 	if err != nil {
 		return nil, err
 	}
-
-	var cloudConfig []byte
-	if kubeOptions.CloudProvider.CloudConfigFile != "" {
+	if cloudConfigFile != "" {
 		var err error
-		cloudConfig, err = ioutil.ReadFile(kubeOptions.CloudProvider.CloudConfigFile)
+		cloudConfig, err = ioutil.ReadFile(cloudConfigFile)
 		if err != nil {
-			return nil, fmt.Errorf("Error reading from cloud configuration file %s: %v", kubeOptions.CloudProvider.CloudConfigFile, err)
+			return nil, fmt.Errorf("Error reading from cloud configuration file %s: %v", cloudConfigFile, err)
 		}
 	}
 	// note: we are passing a combined quota registry here...
@@ -136,7 +133,7 @@ func NewPluginInitializer(
 	openshiftPluginInitializer := &oadmission.PluginInitializer{
 		ProjectCache:                 projectCache,
 		OriginQuotaRegistry:          quotaRegistry,
-		JenkinsPipelineConfig:        options.JenkinsPipelineConfig,
+		JenkinsPipelineConfig:        masterConfig.JenkinsPipelineConfig,
 		RESTClientConfig:             *privilegedLoopbackConfig,
 		ClusterResourceQuotaInformer: informers.GetInternalOpenshiftQuotaInformers().Quota().InternalVersion().ClusterResourceQuotas(),
 		ClusterQuotaMapper:           clusterQuotaMappingController.GetClusterQuotaMapper(),
@@ -147,31 +144,3 @@ func NewPluginInitializer(
 
 	return admission.PluginInitializers{genericInitializer, webhookInitializer, kubePluginInitializer, openshiftPluginInitializer}, nil
 }
-
-type DefaultInformerAccess struct {
-	InternalKubernetesInformers        kinternalinformers.SharedInformerFactory
-	KubernetesInformers                kexternalinformers.SharedInformerFactory
-	InternalOpenshiftImageInformers    imageinformer.SharedInformerFactory
-	InternalOpenshiftQuotaInformers    quotainformer.SharedInformerFactory
-	InternalOpenshiftSecurityInformers securityinformer.SharedInformerFactory
-	OpenshiftUserInformers             userinformer.SharedInformerFactory
-}
-
-func (i *DefaultInformerAccess) GetInternalKubernetesInformers() kinternalinformers.SharedInformerFactory {
-	return i.InternalKubernetesInformers
-}
-func (i *DefaultInformerAccess) GetKubernetesInformers() kexternalinformers.SharedInformerFactory {
-	return i.KubernetesInformers
-}
-func (i *DefaultInformerAccess) GetInternalOpenshiftImageInformers() imageinformer.SharedInformerFactory {
-	return i.InternalOpenshiftImageInformers
-}
-func (i *DefaultInformerAccess) GetInternalOpenshiftQuotaInformers() quotainformer.SharedInformerFactory {
-	return i.InternalOpenshiftQuotaInformers
-}
-func (i *DefaultInformerAccess) GetInternalOpenshiftSecurityInformers() securityinformer.SharedInformerFactory {
-	return i.InternalOpenshiftSecurityInformers
-}
-func (i *DefaultInformerAccess) GetOpenshiftUserInformers() userinformer.SharedInformerFactory {
-	return i.OpenshiftUserInformers
-}

pkg/cmd/server/origin/master.go

@@ -14,29 +14,29 @@ import (
 	aggregatorapiserver "k8s.io/kube-aggregator/pkg/apiserver"
 	kubeapiserver "k8s.io/kubernetes/pkg/master"
 	kcorestorage "k8s.io/kubernetes/pkg/registry/core/rest"
-	rbacrest "k8s.io/kubernetes/pkg/registry/rbac/rest"
 
 	"github.com/openshift/origin/pkg/cmd/openshift-apiserver/openshiftapiserver"
 	"github.com/openshift/origin/pkg/cmd/openshift-apiserver/openshiftapiserver/configprocessing"
 	"github.com/openshift/origin/pkg/cmd/openshift-kube-apiserver/openshiftkubeapiserver"
-	"github.com/openshift/origin/pkg/cmd/server/bootstrappolicy"
 	kubernetes "github.com/openshift/origin/pkg/cmd/server/kubernetes/master"
 	cmdutil "github.com/openshift/origin/pkg/cmd/util"
 	sccstorage "github.com/openshift/origin/pkg/security/apiserver/registry/securitycontextconstraints/etcd"
-	"k8s.io/apimachinery/pkg/util/wait"
 	kapiserveroptions "k8s.io/kubernetes/cmd/kube-apiserver/app/options"
 )
 
 func (c *MasterConfig) newOpenshiftAPIConfig(kubeAPIServerConfig apiserver.Config) (*openshiftapiserver.OpenshiftAPIConfig, error) {
+	var err error
 	// sccStorage must use the upstream RESTOptionsGetter to be in the correct location
 	// this probably creates a duplicate cache, but there are not very many SCCs, so live with it to avoid further linkage
 	sccStorage := sccstorage.NewREST(kubeAPIServerConfig.RESTOptionsGetter)
 
 	// make a shallow copy to let us twiddle a few things
 	// most of the config actually remains the same.  We only need to mess with a couple items
 	genericConfig := kubeAPIServerConfig
-	// TODO try to stop special casing these.  We should all agree on them.
-	genericConfig.RESTOptionsGetter = c.RESTOptionsGetter
+	genericConfig.RESTOptionsGetter, err = openshiftapiserver.NewRESTOptionsGetter(c.Options)
+	if err != nil {
+		return nil, err
+	}
 
 	var caData []byte
 	if len(c.Options.ImagePolicyConfig.AdditionalTrustedCA) != 0 {
@@ -237,90 +237,3 @@ func (c *MasterConfig) Run(stopCh <-chan struct{}) error {
 	// Attempt to verify the server came up for 20 seconds (100 tries * 100ms, 100ms timeout per try)
 	return cmdutil.WaitForSuccessfulDial(true, c.Options.ServingInfo.BindNetwork, c.Options.ServingInfo.BindAddress, 100*time.Millisecond, 100*time.Millisecond, 100)
 }
-
-func (c *MasterConfig) RunKubeAPIServer(stopCh <-chan struct{}) error {
-	var err error
-	var apiExtensionsInformers apiextensionsinformers.SharedInformerFactory
-	var delegateAPIServer apiserver.DelegationTarget
-	var extraPostStartHooks map[string]apiserver.PostStartHookFunc
-
-	c.kubeAPIServerConfig.GenericConfig.BuildHandlerChainFunc, extraPostStartHooks, err = openshiftkubeapiserver.BuildHandlerChain(c.kubeAPIServerConfig.GenericConfig, c.ClientGoKubeInformers, &c.Options)
-	if err != nil {
-		return err
-	}
-
-	kubeAPIServerOptions, err := kubernetes.BuildKubeAPIserverOptions(c.Options)
-	if err != nil {
-		return err
-	}
-
-	delegateAPIServer = apiserver.NewEmptyDelegate()
-	delegateAPIServer, apiExtensionsInformers, err = c.withAPIExtensions(delegateAPIServer, kubeAPIServerOptions, *c.kubeAPIServerConfig.GenericConfig)
-	if err != nil {
-		return err
-	}
-	delegateAPIServer, err = c.withNonAPIRoutes(delegateAPIServer, *c.kubeAPIServerConfig.GenericConfig)
-	if err != nil {
-		return err
-	}
-	delegateAPIServer, err = c.withKubeAPI(delegateAPIServer, *c.kubeAPIServerConfig)
-	if err != nil {
-		return err
-	}
-	aggregatedAPIServer, err := c.withAggregator(delegateAPIServer, kubeAPIServerOptions, *c.kubeAPIServerConfig.GenericConfig, apiExtensionsInformers)
-	if err != nil {
-		return err
-	}
-
-	// Start the audit backend before any request comes in. This means we cannot turn it into a
-	// post start hook because without calling Backend.Run the Backend.ProcessEvents call might block.
-	if c.AuditBackend != nil {
-		if err := c.AuditBackend.Run(stopCh); err != nil {
-			return fmt.Errorf("failed to run the audit backend: %v", err)
-		}
-	}
-
-	aggregatedAPIServer.GenericAPIServer.AddPostStartHookOrDie("authorization.openshift.io-bootstrapclusterroles", bootstrapData(bootstrappolicy.Policy()).EnsureRBACPolicy())
-	aggregatedAPIServer.GenericAPIServer.AddPostStartHookOrDie("openshift.io-startinformers", func(context apiserver.PostStartHookContext) error {
-		c.InformerStart(context.StopCh)
-		return nil
-	})
-	aggregatedAPIServer.GenericAPIServer.AddPostStartHookOrDie("openshift.io-restmapperupdater", func(context apiserver.PostStartHookContext) error {
-		c.RESTMapper.Reset()
-		go func() {
-			wait.Until(func() {
-				c.RESTMapper.Reset()
-			}, 10*time.Second, context.StopCh)
-		}()
-		return nil
-	})
-	aggregatedAPIServer.GenericAPIServer.AddPostStartHookOrDie("quota.openshift.io-clusterquotamapping", func(context apiserver.PostStartHookContext) error {
-		go c.ClusterQuotaMappingController.Run(5, context.StopCh)
-		return nil
-	})
-
-	// add post-start hooks
-	for name, fn := range c.additionalPostStartHooks {
-		aggregatedAPIServer.GenericAPIServer.AddPostStartHookOrDie(name, fn)
-	}
-	for name, fn := range extraPostStartHooks {
-		aggregatedAPIServer.GenericAPIServer.AddPostStartHookOrDie(name, fn)
-	}
-
-	go aggregatedAPIServer.GenericAPIServer.PrepareRun().Run(stopCh)
-
-	// Attempt to verify the server came up for 20 seconds (100 tries * 100ms, 100ms timeout per try)
-	return cmdutil.WaitForSuccessfulDial(true, c.Options.ServingInfo.BindNetwork, c.Options.ServingInfo.BindAddress, 100*time.Millisecond, 100*time.Millisecond, 100)
-}
-
-// bootstrapData casts our policy data to the rbacrest helper that can
-// materialize the policy.
-func bootstrapData(data *bootstrappolicy.PolicyData) *rbacrest.PolicyData {
-	return &rbacrest.PolicyData{
-		ClusterRoles:            data.ClusterRoles,
-		ClusterRoleBindings:     data.ClusterRoleBindings,
-		Roles:                   data.Roles,
-		RoleBindings:            data.RoleBindings,
-		ClusterRolesToAggregate: data.ClusterRolesToAggregate,
-	}
-}

pkg/cmd/server/origin/master_config.go

@@ -8,7 +8,6 @@ import (
 	"k8s.io/apiserver/pkg/admission"
 	admissionmetrics "k8s.io/apiserver/pkg/admission/metrics"
 	"k8s.io/apiserver/pkg/audit"
-	genericregistry "k8s.io/apiserver/pkg/registry/generic"
 	genericapiserver "k8s.io/apiserver/pkg/server"
 	cacheddiscovery "k8s.io/client-go/discovery/cached"
 	kinformers "k8s.io/client-go/informers"
@@ -51,9 +50,6 @@ type MasterConfig struct {
 	kubeAPIServerConfig      *kubeapiserver.Config
 	additionalPostStartHooks map[string]genericapiserver.PostStartHookFunc
 
-	// RESTOptionsGetter provides access to storage and RESTOptions for a particular resource
-	RESTOptionsGetter genericregistry.RESTOptionsGetter
-
 	RuleResolver   rbacregistryvalidation.AuthorizationRuleResolver
 	SubjectLocator rbacauthorizer.SubjectLocator
 
@@ -71,12 +67,6 @@ type MasterConfig struct {
 	// To apply different access control to a system component, create a client config specifically for that component.
 	PrivilegedLoopbackClientConfig restclient.Config
 
-	// PrivilegedLoopbackKubernetesClientsetExternal is the client used to call Kubernetes APIs from system components,
-	// built from KubeClientConfig. It should only be accessed via the *TestingClient() helper methods. To apply
-	// different access control to a system component, create a separate client/config specifically for
-	// that component.
-	PrivilegedLoopbackKubernetesClientsetExternal kclientsetexternal.Interface
-
 	AuditBackend audit.Backend
 
 	// TODO inspect uses to eliminate them
@@ -130,11 +120,6 @@ func BuildMasterConfig(
 		informers = realLoopbackInformers
 	}
 
-	restOptsGetter, err := openshiftapiserver.NewRESTOptionsGetter(options)
-	if err != nil {
-		return nil, err
-	}
-
 	privilegedLoopbackConfig, err := configapi.GetClientConfig(options.MasterClients.OpenShiftLoopbackKubeConfig, options.MasterClients.OpenShiftLoopbackClientConnectionOverrides)
 	if err != nil {
 		return nil, err
@@ -199,8 +184,6 @@ func BuildMasterConfig(
 		kubeAPIServerConfig:      kubeAPIServerConfig,
 		additionalPostStartHooks: map[string]genericapiserver.PostStartHookFunc{},
 
-		RESTOptionsGetter: restOptsGetter,
-
 		RuleResolver:   openshiftapiserver.NewRuleResolver(informers.GetKubernetesInformers().Rbac().V1()),
 		SubjectLocator: subjectLocator,
 
@@ -215,8 +198,7 @@ func BuildMasterConfig(
 
 		RegistryHostnameRetriever: registryHostnameRetriever,
 
-		PrivilegedLoopbackClientConfig:                *privilegedLoopbackConfig,
-		PrivilegedLoopbackKubernetesClientsetExternal: privilegedLoopbackKubeClientsetExternal,
+		PrivilegedLoopbackClientConfig: *privilegedLoopbackConfig,
 
 		InternalKubeInformers:  informers.GetInternalKubernetesInformers(),
 		ClientGoKubeInformers:  informers.GetKubernetesInformers(),