summaryrefslogtreecommitdiff
path: root/vendor/k8s.io/apiserver
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/k8s.io/apiserver')
-rw-r--r--vendor/k8s.io/apiserver/README.md2
-rw-r--r--vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go4
-rw-r--r--vendor/k8s.io/apiserver/pkg/features/kube_features.go31
-rw-r--r--vendor/k8s.io/apiserver/pkg/util/feature/feature_gate.go157
4 files changed, 158 insertions, 36 deletions
diff --git a/vendor/k8s.io/apiserver/README.md b/vendor/k8s.io/apiserver/README.md
index 96927ae70..130ba87de 100644
--- a/vendor/k8s.io/apiserver/README.md
+++ b/vendor/k8s.io/apiserver/README.md
@@ -25,6 +25,6 @@ Code changes are made in that location, merged into `k8s.io/kubernetes` and late
## Things you should *NOT* do
- 1. Directly modify any files under `pkg` in this repo. Those are driven from `k8s.io/kuberenetes/staging/src/k8s.io/apiserver`.
+ 1. Directly modify any files under `pkg` in this repo. Those are driven from `k8s.io/kubernetes/staging/src/k8s.io/apiserver`.
2. Expect compatibility. This repo is changing quickly in direct support of
Kubernetes and the API isn't yet stable enough for API guarantees.
diff --git a/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go b/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go
index ac3c252b7..1b7bbc139 100644
--- a/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go
+++ b/vendor/k8s.io/apiserver/pkg/authentication/serviceaccount/util.go
@@ -59,8 +59,8 @@ func SplitUsername(username string) (string, string, error) {
return namespace, name, nil
}
-// MakeGroupNames generates service account group names for the given namespace and ServiceAccount name
-func MakeGroupNames(namespace, name string) []string {
+// MakeGroupNames generates service account group names for the given namespace
+func MakeGroupNames(namespace string) []string {
return []string{
AllServiceAccountsGroup,
MakeNamespaceGroupName(namespace),
diff --git a/vendor/k8s.io/apiserver/pkg/features/kube_features.go b/vendor/k8s.io/apiserver/pkg/features/kube_features.go
index 1b896e1e5..57bab8b00 100644
--- a/vendor/k8s.io/apiserver/pkg/features/kube_features.go
+++ b/vendor/k8s.io/apiserver/pkg/features/kube_features.go
@@ -27,20 +27,42 @@ const (
// // alpha: v1.4
// MyFeature() bool
- // owner: timstclair
+ // owner: @tallclair
// alpha: v1.5
//
// StreamingProxyRedirects controls whether the apiserver should intercept (and follow)
// redirects from the backend (Kubelet) for streaming requests (exec/attach/port-forward).
StreamingProxyRedirects utilfeature.Feature = "StreamingProxyRedirects"
- // owner: timstclair
+ // owner: @tallclair
// alpha: v1.7
+ // beta: v1.8
//
// AdvancedAuditing enables a much more general API auditing pipeline, which includes support for
// pluggable output backends and an audit policy specifying how different requests should be
// audited.
AdvancedAuditing utilfeature.Feature = "AdvancedAuditing"
+
+ // owner: @ilackams
+ // alpha: v1.7
+ //
+ // Enables compression of REST responses (GET and LIST only)
+ APIResponseCompression utilfeature.Feature = "APIResponseCompression"
+
+ // owner: @smarterclayton
+ // alpha: v1.7
+ //
+ // Allow asynchronous coordination of object creation.
+ // Auto-enabled by the Initializers admission plugin.
+ Initializers utilfeature.Feature = "Initializers"
+
+ // owner: @smarterclayton
+ // alpha: v1.8
+ // beta: v1.9
+ //
+ // Allow API clients to retrieve resource lists in chunks rather than
+ // all at once.
+ APIListChunking utilfeature.Feature = "APIListChunking"
)
func init() {
@@ -52,5 +74,8 @@ func init() {
// available throughout Kubernetes binaries.
var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureSpec{
StreamingProxyRedirects: {Default: true, PreRelease: utilfeature.Beta},
- AdvancedAuditing: {Default: false, PreRelease: utilfeature.Alpha},
+ AdvancedAuditing: {Default: true, PreRelease: utilfeature.Beta},
+ APIResponseCompression: {Default: false, PreRelease: utilfeature.Alpha},
+ Initializers: {Default: false, PreRelease: utilfeature.Alpha},
+ APIListChunking: {Default: true, PreRelease: utilfeature.Beta},
}
diff --git a/vendor/k8s.io/apiserver/pkg/util/feature/feature_gate.go b/vendor/k8s.io/apiserver/pkg/util/feature/feature_gate.go
index e7226688c..306877124 100644
--- a/vendor/k8s.io/apiserver/pkg/util/feature/feature_gate.go
+++ b/vendor/k8s.io/apiserver/pkg/util/feature/feature_gate.go
@@ -21,6 +21,8 @@ import (
"sort"
"strconv"
"strings"
+ "sync"
+ "sync/atomic"
"github.com/golang/glog"
"github.com/spf13/pflag"
@@ -45,7 +47,7 @@ var (
}
// Special handling for a few gates.
- specialFeatures = map[Feature]func(f *featureGate, val bool){
+ specialFeatures = map[Feature]func(known map[Feature]FeatureSpec, enabled map[Feature]bool, val bool){
allAlphaGate: setUnsetAlphaGates,
}
@@ -65,33 +67,48 @@ const (
Alpha = prerelease("ALPHA")
Beta = prerelease("BETA")
GA = prerelease("")
+
+ // Deprecated
+ Deprecated = prerelease("DEPRECATED")
)
// FeatureGate parses and stores flag gates for known features from
// a string like feature1=true,feature2=false,...
type FeatureGate interface {
+ // AddFlag adds a flag for setting global feature gates to the specified FlagSet.
AddFlag(fs *pflag.FlagSet)
+ // Set parses and stores flag gates for known features
+ // from a string like feature1=true,feature2=false,...
Set(value string) error
+ // SetFromMap stores flag gates for known features from a map[string]bool or returns an error
+ SetFromMap(m map[string]bool) error
+ // Enabled returns true if the key is enabled.
Enabled(key Feature) bool
+ // Add adds features to the featureGate.
Add(features map[Feature]FeatureSpec) error
+ // KnownFeatures returns a slice of strings describing the FeatureGate's known features.
KnownFeatures() []string
}
// featureGate implements FeatureGate as well as pflag.Value for flag parsing.
type featureGate struct {
- known map[Feature]FeatureSpec
- special map[Feature]func(*featureGate, bool)
- enabled map[Feature]bool
-
- // is set to true when AddFlag is called. Note: initialization is not go-routine safe, lookup is
+ special map[Feature]func(map[Feature]FeatureSpec, map[Feature]bool, bool)
+
+ // lock guards writes to known, enabled, and reads/writes of closed
+ lock sync.Mutex
+ // known holds a map[Feature]FeatureSpec
+ known *atomic.Value
+ // enabled holds a map[Feature]bool
+ enabled *atomic.Value
+ // closed is set to true when AddFlag is called, and prevents subsequent calls to Add
closed bool
}
-func setUnsetAlphaGates(f *featureGate, val bool) {
- for k, v := range f.known {
+func setUnsetAlphaGates(known map[Feature]FeatureSpec, enabled map[Feature]bool, val bool) {
+ for k, v := range known {
if v.PreRelease == Alpha {
- if _, found := f.enabled[k]; !found {
- f.enabled[k] = val
+ if _, found := enabled[k]; !found {
+ enabled[k] = val
}
}
}
@@ -101,27 +118,49 @@ func setUnsetAlphaGates(f *featureGate, val bool) {
var _ pflag.Value = &featureGate{}
func NewFeatureGate() *featureGate {
+ known := map[Feature]FeatureSpec{}
+ for k, v := range defaultFeatures {
+ known[k] = v
+ }
+
+ knownValue := &atomic.Value{}
+ knownValue.Store(known)
+
+ enabled := map[Feature]bool{}
+ enabledValue := &atomic.Value{}
+ enabledValue.Store(enabled)
+
f := &featureGate{
- known: map[Feature]FeatureSpec{},
+ known: knownValue,
special: specialFeatures,
- enabled: map[Feature]bool{},
- }
- for k, v := range defaultFeatures {
- f.known[k] = v
+ enabled: enabledValue,
}
return f
}
-// Set Parses a string of the form // "key1=value1,key2=value2,..." into a
+// Set parses a string of the form "key1=value1,key2=value2,..." into a
// map[string]bool of known keys or returns an error.
func (f *featureGate) Set(value string) error {
+ f.lock.Lock()
+ defer f.lock.Unlock()
+
+ // Copy existing state
+ known := map[Feature]FeatureSpec{}
+ for k, v := range f.known.Load().(map[Feature]FeatureSpec) {
+ known[k] = v
+ }
+ enabled := map[Feature]bool{}
+ for k, v := range f.enabled.Load().(map[Feature]bool) {
+ enabled[k] = v
+ }
+
for _, s := range strings.Split(value, ",") {
if len(s) == 0 {
continue
}
arr := strings.SplitN(s, "=", 2)
k := Feature(strings.TrimSpace(arr[0]))
- _, ok := f.known[Feature(k)]
+ featureSpec, ok := known[k]
if !ok {
return fmt.Errorf("unrecognized key: %s", k)
}
@@ -133,21 +172,65 @@ func (f *featureGate) Set(value string) error {
if err != nil {
return fmt.Errorf("invalid value of %s: %s, err: %v", k, v, err)
}
- f.enabled[k] = boolValue
+ enabled[k] = boolValue
+ if boolValue && featureSpec.PreRelease == Deprecated {
+ glog.Warningf("enabling deprecated feature gate %s", k)
+ }
// Handle "special" features like "all alpha gates"
if fn, found := f.special[k]; found {
- fn(f, boolValue)
+ fn(known, enabled, boolValue)
}
}
+ // Persist changes
+ f.known.Store(known)
+ f.enabled.Store(enabled)
+
+ glog.Infof("feature gates: %v", enabled)
+ return nil
+}
+
+// SetFromMap stores flag gates for known features from a map[string]bool or returns an error
+func (f *featureGate) SetFromMap(m map[string]bool) error {
+ f.lock.Lock()
+ defer f.lock.Unlock()
+
+ // Copy existing state
+ known := map[Feature]FeatureSpec{}
+ for k, v := range f.known.Load().(map[Feature]FeatureSpec) {
+ known[k] = v
+ }
+ enabled := map[Feature]bool{}
+ for k, v := range f.enabled.Load().(map[Feature]bool) {
+ enabled[k] = v
+ }
+
+ for k, v := range m {
+ k := Feature(k)
+ _, ok := known[k]
+ if !ok {
+ return fmt.Errorf("unrecognized key: %s", k)
+ }
+ enabled[k] = v
+ // Handle "special" features like "all alpha gates"
+ if fn, found := f.special[k]; found {
+ fn(known, enabled, v)
+ }
+ }
+
+ // Persist changes
+ f.known.Store(known)
+ f.enabled.Store(enabled)
+
glog.Infof("feature gates: %v", f.enabled)
return nil
}
+// String returns a string containing all enabled feature gates, formatted as "key1=value1,key2=value2,...".
func (f *featureGate) String() string {
pairs := []string{}
- for k, v := range f.enabled {
+ for k, v := range f.enabled.Load().(map[Feature]bool) {
pairs = append(pairs, fmt.Sprintf("%s=%t", k, v))
}
sort.Strings(pairs)
@@ -158,37 +241,51 @@ func (f *featureGate) Type() string {
return "mapStringBool"
}
+// Add adds features to the featureGate.
func (f *featureGate) Add(features map[Feature]FeatureSpec) error {
+ f.lock.Lock()
+ defer f.lock.Unlock()
+
if f.closed {
return fmt.Errorf("cannot add a feature gate after adding it to the flag set")
}
+ // Copy existing state
+ known := map[Feature]FeatureSpec{}
+ for k, v := range f.known.Load().(map[Feature]FeatureSpec) {
+ known[k] = v
+ }
+
for name, spec := range features {
- if existingSpec, found := f.known[name]; found {
+ if existingSpec, found := known[name]; found {
if existingSpec == spec {
continue
}
return fmt.Errorf("feature gate %q with different spec already exists: %v", name, existingSpec)
}
- f.known[name] = spec
+ known[name] = spec
}
+
+ // Persist updated state
+ f.known.Store(known)
+
return nil
}
+// Enabled returns true if the key is enabled.
func (f *featureGate) Enabled(key Feature) bool {
- defaultValue := f.known[key].Default
- if f.enabled != nil {
- if v, ok := f.enabled[key]; ok {
- return v
- }
+ if v, ok := f.enabled.Load().(map[Feature]bool)[key]; ok {
+ return v
}
- return defaultValue
+ return f.known.Load().(map[Feature]FeatureSpec)[key].Default
}
// AddFlag adds a flag for setting global feature gates to the specified FlagSet.
func (f *featureGate) AddFlag(fs *pflag.FlagSet) {
+ f.lock.Lock()
f.closed = true
+ f.lock.Unlock()
known := f.KnownFeatures()
fs.Var(f, flagName, ""+
@@ -196,10 +293,10 @@ func (f *featureGate) AddFlag(fs *pflag.FlagSet) {
"Options are:\n"+strings.Join(known, "\n"))
}
-// Returns a string describing the FeatureGate's known features.
+// KnownFeatures returns a slice of strings describing the FeatureGate's known features.
func (f *featureGate) KnownFeatures() []string {
var known []string
- for k, v := range f.known {
+ for k, v := range f.known.Load().(map[Feature]FeatureSpec) {
pre := ""
if v.PreRelease != GA {
pre = fmt.Sprintf("%s - ", v.PreRelease)