-
Notifications
You must be signed in to change notification settings - Fork 140
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace k8sapiserver startAPIServer to use Kubernetes createServerChain #121
Conversation
Hi @matthewygf. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/assign @sanposhiho |
@sanposhiho , to build my branch successfully locally, I had to use "go mod vendor", and then generate the openAPI definition in kubernetes/hack/update-generated-openapi.sh to make it work. I suspect this is why the test is failling, and I am not sure how to fix this test... would you be able to advise ... ? |
/ok-to-test |
@matthewygf I think we need to use
Then, after running (We are using And btw, I found another bug on
|
@sanposhiho Thanks for the suggestion ! Your method did work ! however I thought the make kube-apiserver took too long. So I have borrowed the hack/open-api sh into my branch, which speeds up the gen open-api by a bit. (See the updated hack/openapi.sh) The test currently fails because the env $GOPATH seems to be not set for make test. Do you know how to set the env in github action ? :') |
k8sapiserver/k8sapiserver.go
Outdated
Port: 443, | ||
func createK8SAPIChainedServer(etcdURL, frontendURL string) (*apiserver.APIAggregator, error) { | ||
serverOpts, cleanupFunc, err := createK8SAPIServerOpts(etcdURL, frontendURL) | ||
defer cleanupFunc() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We shouldn't register cleanupFunc
to defer here since cleanup will be executed when createK8SAPIChainedServer is finished.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Make sense, I am going to pass the cleanupFunc all the way up to the shutdown Func instead.
@matthewygf Could you check if the panic occurs on your machine as well or not? |
It seems that only requests from Web UI doesn't work well. So this change is related probably. |
Can send a request via kubectl. Hmmm, only requests from web client have the issue 🤔
|
/IR3qCXyThP/dbCiHrF3v1cuhBOHY8CLVg== | ||
-----END EC PRIVATE KEY-----` | ||
|
||
// StartAPIServer starts both the secure k8sAPIServer and proxy server to handle insecure serving, and it make panic when a error happen. | ||
func StartAPIServer(kubeAPIServerURL, etcdURL, frontendURL string) (*restclient.Config, func(), error) { | ||
h := &APIServerHolder{Initialized: make(chan struct{})} | ||
handler := http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay, finally found work-around... It seems that user-agent causes the panic. I don't know why 🤷♂️🤷♂️🤷♂️
Let's overwrite this. This work-around works for me. (Other good work-around is welcome)
handler := http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { | |
handler := http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { | |
// work-around: we need to overwrite user-agent from client. | |
// some user-agents causes a panic on kube-apiserver. | |
req.Header.Set("User-Agent", "kubectl/v1.21.5 (darwin/amd64) kubernetes/aea7bba") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I0414 21:43:43.780933 1 trace.go:205] Trace[354409240]: "Delete" url:/api/v1/namespaces/default/pods,user-agent:simulator/v0.0.0 (linux/amd64) kubernetes/$Format,audit-id:7b1c1668-a971-440e-a841-eff8aeee635e,client:127.0.0.1,accept:application/json, */*,protocol:HTTP/1.1 (14-Apr-2022 21:43:42.177) (total time: 1603ms)
- I am not sure how or why you have to set the user-agent😲, in the kube-apiserver trace, it seems the user-agent is always set to simulator/v0.0.0. 🤔
My requests are from WebUI, hitting the reset button.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No panic with kubectl either 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How about something like this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From my investigation, we need to overwrite user-agent. Some user-agent (chrome is one of them) breaks api-server. 🤔
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let me check if I can run simulator successfully on docker container.
Co-authored-by: Kensei Nakada <handbomusic@gmail.com>
Co-authored-by: Kensei Nakada <handbomusic@gmail.com>
Hmmm, @sanposhiho I haven't got any panic when making request via webUI... 🤔 I run the simulator-server using docker compose, how do you run the simulator server ? |
Run locally with |
Okay, I also could run the simulator without panic in docker container. Hmmmmmm. 🤷♂️🤷♂️ Could you run the simulator locally with |
@sanposhiho I wasn't able to build the webui from Maybe another issue is the apple user agent ? My machine is a windows, and I start the simulator in wsl (windows subsystem for linux). |
Sorry, I didn't update master in my fork. The latest master also has this problem.
Yes. When I use docker ( Also, I tried "one in docker, the other locally":
So, this problem is only happens when we run backend locally. |
k8sapiserver/k8sapiserver.go
Outdated
if req.UserAgent() == "" { | ||
req.Header.Set("User-Agent", restclient.DefaultKubernetesUserAgent()) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, could you please revert this? I'll try to fix this issue in another PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
reverted :)
@matthewygf @sanposhiho |
This reverts commit b06408a.
@matthewygf /lgtm |
/hold cancel |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: matthewygf, sanposhiho The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind feature
What this PR does / why we need it:
This PR tries to extend the simulator apiserver to accept CRDs, this is useful because some scheduler-plugins uses CRDs. #77
Additionally, we can directly use the Kubernetes/api-server/createServerChain method to reduce the burden of maintaining API code.
This is a PR spawned from a discussion in PR #113
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
After this extension, user can use kubectl to apply CRDs.
/label tide/merge-method-squash