Merge pull request #21411 from juanvallejo/jvallejo/switch-projectcac…

…he-external-informers

switch to use kcorev1 informers in project cache

pkg/cmd/openshift-apiserver/openshiftapiserver/config.go

@@ -144,11 +144,12 @@ func NewOpenshiftAPIConfig(config *openshiftcontrolplanev1.OpenShiftAPIServerCon
 	}); err != nil {
 		return nil, err
 	}
-	projectCache, err := NewProjectCache(informers.internalKubernetesInformers.Core().InternalVersion().Namespaces(), kubeClientConfig, config.ProjectConfig.DefaultNodeSelector)
+
+	projectCache, err := NewProjectCache(informers.kubernetesInformers.Core().V1().Namespaces(), kubeClientConfig, config.ProjectConfig.DefaultNodeSelector)
 	if err != nil {
 		return nil, err
 	}
-	clusterQuotaMappingController := NewClusterQuotaMappingController(informers.internalKubernetesInformers.Core().InternalVersion().Namespaces(), informers.quotaInformers.Quota().InternalVersion().ClusterResourceQuotas())
+	clusterQuotaMappingController := NewClusterQuotaMappingController(informers.kubernetesInformers.Core().V1().Namespaces(), informers.quotaInformers.Quota().InternalVersion().ClusterResourceQuotas())
 	discoveryClient := cacheddiscovery.NewMemCacheClient(kubeClient.Discovery())
 	restMapper := restmapper.NewDeferredDiscoveryRESTMapper(discoveryClient)
 	admissionInitializer, err := originadmission.NewPluginInitializer(config.ImagePolicyConfig.ExternalRegistryHostname, config.ImagePolicyConfig.InternalRegistryHostname, config.CloudProviderFile, kubeClientConfig, informers, genericConfig.Authorization.Authorizer, projectCache, restMapper, clusterQuotaMappingController)

pkg/cmd/openshift-apiserver/openshiftapiserver/project.go

@@ -1,11 +1,11 @@
 package openshiftapiserver
 
 import (
+	corev1informers "k8s.io/client-go/informers/core/v1"
 	rbacinformers "k8s.io/client-go/informers/rbac/v1"
+	"k8s.io/client-go/kubernetes"
 	restclient "k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/cache"
-	kclientsetinternal "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
-	kinternalinformers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion/core/internalversion"
 	rbacauthorizer "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac"
 
 	projectauth "github.com/openshift/origin/pkg/project/auth"
@@ -14,18 +14,18 @@ import (
 	quotainformer "github.com/openshift/origin/pkg/quota/generated/informers/internalversion/quota/internalversion"
 )
 
-func NewClusterQuotaMappingController(nsInternalInformer kinternalinformers.NamespaceInformer, cqInternalInformer quotainformer.ClusterResourceQuotaInformer) *clusterquotamapping.ClusterQuotaMappingController {
-	return clusterquotamapping.NewClusterQuotaMappingControllerInternal(nsInternalInformer, cqInternalInformer)
+func NewClusterQuotaMappingController(nsInternalInformer corev1informers.NamespaceInformer, cqInternalInformer quotainformer.ClusterResourceQuotaInformer) *clusterquotamapping.ClusterQuotaMappingController {
+	return clusterquotamapping.NewClusterQuotaMappingController(nsInternalInformer, cqInternalInformer)
 }
 
-func NewProjectCache(nsInternalInformer kinternalinformers.NamespaceInformer, privilegedLoopbackConfig *restclient.Config, defaultNodeSelector string) (*projectcache.ProjectCache, error) {
-	kubeInternalClient, err := kclientsetinternal.NewForConfig(privilegedLoopbackConfig)
+func NewProjectCache(nsInformer corev1informers.NamespaceInformer, privilegedLoopbackConfig *restclient.Config, defaultNodeSelector string) (*projectcache.ProjectCache, error) {
+	kubeClient, err := kubernetes.NewForConfig(privilegedLoopbackConfig)
 	if err != nil {
 		return nil, err
 	}
 	return projectcache.NewProjectCache(
-			nsInternalInformer.Informer(),
-			kubeInternalClient.Core().Namespaces(),
+			nsInformer.Informer(),
+			kubeClient.CoreV1().Namespaces(),
 			defaultNodeSelector),
 		nil
 }

pkg/cmd/openshift-kube-apiserver/openshiftkubeapiserver/patch.go

@@ -15,7 +15,6 @@ import (
 	"k8s.io/client-go/tools/cache"
 	"k8s.io/kubernetes/cmd/kube-apiserver/app"
 	internalinformers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
-	kinternalinformers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
 	"k8s.io/kubernetes/pkg/master"
 	"k8s.io/kubernetes/pkg/quota/generic"
 	"k8s.io/kubernetes/pkg/quota/install"
@@ -50,7 +49,7 @@ func NewOpenShiftKubeAPIServerConfigPatch(delegateAPIServer genericapiserver.Del
 		postStartHooks: map[string]genericapiserver.PostStartHookFunc{},
 	}
 	return func(genericConfig *genericapiserver.Config, internalInformers internalinformers.SharedInformerFactory, kubeInformers clientgoinformers.SharedInformerFactory, pluginInitializers *[]admission.PluginInitializer) (genericapiserver.DelegationTarget, error) {
-		kubeAPIServerInformers, err := NewInformers(internalInformers, kubeInformers, genericConfig.LoopbackClientConfig)
+		kubeAPIServerInformers, err := NewInformers(kubeInformers, genericConfig.LoopbackClientConfig)
 		if err != nil {
 			return nil, err
 		}
@@ -78,11 +77,11 @@ func NewOpenShiftKubeAPIServerConfigPatch(delegateAPIServer genericapiserver.Del
 		// END AUTHORIZER
 
 		// ADMISSION
-		projectCache, err := openshiftapiserver.NewProjectCache(kubeAPIServerInformers.InternalKubernetesInformers.Core().InternalVersion().Namespaces(), genericConfig.LoopbackClientConfig, kubeAPIServerConfig.ProjectConfig.DefaultNodeSelector)
+		projectCache, err := openshiftapiserver.NewProjectCache(kubeAPIServerInformers.KubernetesInformers.Core().V1().Namespaces(), genericConfig.LoopbackClientConfig, kubeAPIServerConfig.ProjectConfig.DefaultNodeSelector)
 		if err != nil {
 			return nil, err
 		}
-		clusterQuotaMappingController := openshiftapiserver.NewClusterQuotaMappingController(kubeAPIServerInformers.InternalKubernetesInformers.Core().InternalVersion().Namespaces(), kubeAPIServerInformers.InternalOpenshiftQuotaInformers.Quota().InternalVersion().ClusterResourceQuotas())
+		clusterQuotaMappingController := openshiftapiserver.NewClusterQuotaMappingController(kubeAPIServerInformers.KubernetesInformers.Core().V1().Namespaces(), kubeAPIServerInformers.InternalOpenshiftQuotaInformers.Quota().InternalVersion().ClusterResourceQuotas())
 		patchContext.postStartHooks["quota.openshift.io-clusterquotamapping"] = func(context genericapiserver.PostStartHookContext) error {
 			go clusterQuotaMappingController.Run(5, context.StopCh)
 			return nil
@@ -144,7 +143,7 @@ func NewOpenShiftKubeAPIServerConfigPatch(delegateAPIServer genericapiserver.Del
 		}
 		// END CONSTRUCT DELEGATE
 
-		patchContext.informerStartFuncs = append(patchContext.informerStartFuncs, kubeAPIServerInformers.Start)
+		patchContext.informerStartFuncs = append(patchContext.informerStartFuncs, kubeAPIServerInformers.Start, internalInformers.Start)
 		patchContext.initialized = true
 
 		return openshiftNonAPIServer.GenericAPIServer, nil
@@ -170,7 +169,7 @@ func (c *KubeAPIServerServerPatchContext) PatchServer(server *master.Master) err
 }
 
 // NewInformers is only exposed for the build's integration testing until it can be fixed more appropriately.
-func NewInformers(internalInformers internalinformers.SharedInformerFactory, versionedInformers clientgoinformers.SharedInformerFactory, loopbackClientConfig *rest.Config) (*KubeAPIServerInformers, error) {
+func NewInformers(versionedInformers clientgoinformers.SharedInformerFactory, loopbackClientConfig *rest.Config) (*KubeAPIServerInformers, error) {
 	oauthClient, err := oauthclient.NewForConfig(loopbackClientConfig)
 	if err != nil {
 		return nil, err
@@ -193,7 +192,6 @@ func NewInformers(internalInformers internalinformers.SharedInformerFactory, ver
 	const defaultInformerResyncPeriod = 10 * time.Minute
 
 	ret := &KubeAPIServerInformers{
-		InternalKubernetesInformers:     internalInformers,
 		KubernetesInformers:             versionedInformers,
 		OpenshiftOAuthInformers:         oauthinformer.NewSharedInformerFactory(oauthClient, defaultInformerResyncPeriod),
 		InternalOpenshiftQuotaInformers: quotainformer.NewSharedInformerFactory(quotaClient, defaultInformerResyncPeriod),
@@ -210,17 +208,13 @@ func NewInformers(internalInformers internalinformers.SharedInformerFactory, ver
 }
 
 type KubeAPIServerInformers struct {
-	InternalKubernetesInformers     kinternalinformers.SharedInformerFactory
 	KubernetesInformers             kexternalinformers.SharedInformerFactory
 	OpenshiftOAuthInformers         oauthinformer.SharedInformerFactory
 	InternalOpenshiftQuotaInformers quotainformer.SharedInformerFactory
 	OpenshiftSecurityInformers      securityv1informer.SharedInformerFactory
 	OpenshiftUserInformers          userinformer.SharedInformerFactory
 }
 
-func (i *KubeAPIServerInformers) GetInternalKubernetesInformers() kinternalinformers.SharedInformerFactory {
-	return i.InternalKubernetesInformers
-}
 func (i *KubeAPIServerInformers) GetKubernetesInformers() kexternalinformers.SharedInformerFactory {
 	return i.KubernetesInformers
 }
@@ -235,7 +229,6 @@ func (i *KubeAPIServerInformers) GetOpenshiftUserInformers() userinformer.Shared
 }
 
 func (i *KubeAPIServerInformers) Start(stopCh <-chan struct{}) {
-	i.InternalKubernetesInformers.Start(stopCh)
 	i.KubernetesInformers.Start(stopCh)
 	i.OpenshiftOAuthInformers.Start(stopCh)
 	i.InternalOpenshiftQuotaInformers.Start(stopCh)

pkg/cmd/server/origin/master_config.go

@@ -144,11 +144,11 @@ func BuildMasterConfig(
 		return nil, err
 	}
 	authorizer := openshiftkubeapiserver.NewAuthorizer(informers.GetInternalKubernetesInformers(), informers.GetKubernetesInformers())
-	projectCache, err := openshiftapiserver.NewProjectCache(informers.GetInternalKubernetesInformers().Core().InternalVersion().Namespaces(), privilegedLoopbackConfig, options.ProjectConfig.DefaultNodeSelector)
+	projectCache, err := openshiftapiserver.NewProjectCache(informers.GetKubernetesInformers().Core().V1().Namespaces(), privilegedLoopbackConfig, options.ProjectConfig.DefaultNodeSelector)
 	if err != nil {
 		return nil, err
 	}
-	clusterQuotaMappingController := openshiftapiserver.NewClusterQuotaMappingController(informers.GetInternalKubernetesInformers().Core().InternalVersion().Namespaces(), informers.GetInternalOpenshiftQuotaInformers().Quota().InternalVersion().ClusterResourceQuotas())
+	clusterQuotaMappingController := openshiftapiserver.NewClusterQuotaMappingController(informers.GetKubernetesInformers().Core().V1().Namespaces(), informers.GetInternalOpenshiftQuotaInformers().Quota().InternalVersion().ClusterResourceQuotas())
 	discoveryClient := cacheddiscovery.NewMemCacheClient(privilegedLoopbackKubeClientsetExternal.Discovery())
 	restMapper := restmapper.NewDeferredDiscoveryRESTMapper(discoveryClient)
 	cloudConfigFile, err := configprocessing.GetCloudProviderConfigFile(options.KubernetesMasterConfig.APIServerArguments)

pkg/image/apiserver/admission/imagepolicy/imagepolicy_test.go

@@ -8,17 +8,18 @@ import (
 	"testing"
 	"time"
 
+	corev1 "k8s.io/api/core/v1"
 	kerrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/diff"
 	"k8s.io/apiserver/pkg/admission"
+	fakev1 "k8s.io/client-go/kubernetes/fake"
 	clientgotesting "k8s.io/client-go/testing"
 	kcache "k8s.io/client-go/tools/cache"
 	kapi "k8s.io/kubernetes/pkg/apis/core"
 	kapiextensions "k8s.io/kubernetes/pkg/apis/extensions"
-	"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/fake"
 
 	"github.com/openshift/api/image"
 	buildapi "github.com/openshift/origin/pkg/build/apis/build"
@@ -49,9 +50,9 @@ func (fn resolveFunc) ResolveObjectReference(ref *kapi.ObjectReference, defaultN
 }
 
 func setDefaultCache(p *imagePolicyPlugin) kcache.Indexer {
-	kclient := fake.NewSimpleClientset()
+	kclient := fakev1.NewSimpleClientset()
 	store := cache.NewCacheStore(kcache.MetaNamespaceKeyFunc)
-	p.SetProjectCache(cache.NewFake(kclient.Core().Namespaces(), store, ""))
+	p.SetProjectCache(cache.NewFake(kclient.CoreV1().Namespaces(), store, ""))
 	return store
 }
 
@@ -359,7 +360,7 @@ func TestDefaultPolicy(t *testing.T) {
 	}
 
 	// setting a namespace annotation should allow the rule to be skipped immediately
-	store.Add(&kapi.Namespace{
+	store.Add(&corev1.Namespace{
 		ObjectMeta: metav1.ObjectMeta{
 			Namespace: "",
 			Name:      "default",

pkg/project/apiserver/admission/nodeenv/admission_test.go

@@ -4,8 +4,10 @@ import (
 	"strings"
 	"testing"
 
+	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apiserver/pkg/admission"
+	fakev1 "k8s.io/client-go/kubernetes/fake"
 	"k8s.io/client-go/tools/cache"
 	kapi "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/fake"
@@ -16,7 +18,7 @@ import (
 
 // TestPodAdmission verifies various scenarios involving pod/project/global node label selectors
 func TestPodAdmission(t *testing.T) {
-	project := &kapi.Namespace{
+	project := &corev1.Namespace{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      "testProject",
 			Namespace: "",
@@ -25,6 +27,7 @@ func TestPodAdmission(t *testing.T) {
 	projectStore := projectcache.NewCacheStore(cache.IndexFuncToKeyFuncAdapter(cache.MetaNamespaceIndexFunc))
 	projectStore.Add(project)
 
+	externalMockClientset := fakev1.NewSimpleClientset()
 	mockClientset := fake.NewSimpleClientset()
 	handler := &podNodeEnvironment{client: mockClientset}
 	pod := &kapi.Pod{
@@ -106,7 +109,7 @@ func TestPodAdmission(t *testing.T) {
 		},
 	}
 	for _, test := range tests {
-		cache := projectcache.NewFake(mockClientset.Core().Namespaces(), projectStore, test.defaultNodeSelector)
+		cache := projectcache.NewFake(externalMockClientset.CoreV1().Namespaces(), projectStore, test.defaultNodeSelector)
 		handler.SetProjectCache(cache)
 		if !test.ignoreProjectNodeSelector {
 			project.ObjectMeta.Annotations = map[string]string{"openshift.io/node-selector": test.projectNodeSelector}

pkg/project/apiserver/admission/requestlimit/admission.go

@@ -6,13 +6,13 @@ import (
 
 	"github.com/golang/glog"
 
+	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/authentication/serviceaccount"
 	"k8s.io/client-go/rest"
-	kapi "k8s.io/kubernetes/pkg/apis/core"
 
 	"github.com/openshift/api/project"
 	usertypedclient "github.com/openshift/client-go/user/clientset/versioned/typed/user/v1"
@@ -156,11 +156,11 @@ func (o *projectRequestLimit) projectCountByRequester(userName string) (int, err
 
 	terminatingCount := 0
 	for _, obj := range namespaces {
-		ns, ok := obj.(*kapi.Namespace)
+		ns, ok := obj.(*corev1.Namespace)
 		if !ok {
 			return 0, fmt.Errorf("object in cache is not a namespace: %#v", obj)
 		}
-		if ns.Status.Phase == kapi.NamespaceTerminating {
+		if ns.Status.Phase == corev1.NamespaceTerminating {
 			terminatingCount++
 		}
 	}

pkg/project/apiserver/admission/requestlimit/admission_test.go

@@ -4,15 +4,15 @@ import (
 	"bytes"
 	"testing"
 
+	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/apiserver/pkg/authentication/user"
 	"k8s.io/apiserver/pkg/storage/names"
+	"k8s.io/client-go/kubernetes/fake"
 	clientgotesting "k8s.io/client-go/testing"
 	"k8s.io/client-go/tools/cache"
-	kapi "k8s.io/kubernetes/pkg/apis/core"
-	"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/fake"
 
 	"github.com/openshift/api/project"
 	userapi "github.com/openshift/api/user/v1"
@@ -341,14 +341,14 @@ func configEquals(a, b *requestlimitapi.ProjectRequestLimitConfig) bool {
 	return true
 }
 
-func fakeNs(name string, terminating bool) *kapi.Namespace {
-	ns := &kapi.Namespace{}
+func fakeNs(name string, terminating bool) *corev1.Namespace {
+	ns := &corev1.Namespace{}
 	ns.Name = names.SimpleNameGenerator.GenerateName("testns")
 	ns.Annotations = map[string]string{
 		"openshift.io/requester": name,
 	}
 	if terminating {
-		ns.Status.Phase = kapi.NamespaceTerminating
+		ns.Status.Phase = corev1.NamespaceTerminating
 	}
 	return ns
 }
@@ -367,7 +367,7 @@ type projectCount struct {
 
 func fakeProjectCache(requesters map[string]projectCount) *projectcache.ProjectCache {
 	kclientset := &fake.Clientset{}
-	pCache := projectcache.NewFake(kclientset.Core().Namespaces(), projectcache.NewCacheStore(cache.MetaNamespaceKeyFunc), "")
+	pCache := projectcache.NewFake(kclientset.CoreV1().Namespaces(), projectcache.NewCacheStore(cache.MetaNamespaceKeyFunc), "")
 	for requester, count := range requesters {
 		for i := 0; i < count.active; i++ {
 			pCache.Store.Add(fakeNs(requester, false))

pkg/project/auth/watch.go

@@ -149,7 +149,7 @@ func (w *userProjectWatcher) GroupMembershipChanged(namespaceName string, users,
 
 		event := watch.Event{
 			Type:   watch.Added,
-			Object: projectutil.ConvertNamespace(namespace),
+			Object: projectutil.ConvertNamespaceFromExternal(namespace),
 		}
 
 		// if we already have this in our list, then we're getting notified because the object changed

pkg/project/auth/watch_test.go

@@ -4,6 +4,7 @@ import (
 	"testing"
 	"time"
 
+	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/labels"
@@ -13,27 +14,27 @@ import (
 	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/apiserver/pkg/authentication/user"
 	"k8s.io/apiserver/pkg/storage"
+	informersv1 "k8s.io/client-go/informers"
+	fakev1 "k8s.io/client-go/kubernetes/fake"
 	kapi "k8s.io/kubernetes/pkg/apis/core"
-	"k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/fake"
-	informers "k8s.io/kubernetes/pkg/client/informers/informers_generated/internalversion"
 	"k8s.io/kubernetes/pkg/controller"
 
 	projectapi "github.com/openshift/origin/pkg/project/apis/project"
 	projectcache "github.com/openshift/origin/pkg/project/cache"
 	projectutil "github.com/openshift/origin/pkg/project/util"
 )
 
-func newTestWatcher(username string, groups []string, predicate storage.SelectionPredicate, namespaces ...*kapi.Namespace) (*userProjectWatcher, *fakeAuthCache, chan struct{}) {
+func newTestWatcher(username string, groups []string, predicate storage.SelectionPredicate, namespaces ...*corev1.Namespace) (*userProjectWatcher, *fakeAuthCache, chan struct{}) {
 	objects := []runtime.Object{}
 	for i := range namespaces {
 		objects = append(objects, namespaces[i])
 	}
-	mockClient := fake.NewSimpleClientset(objects...)
+	mockClient := fakev1.NewSimpleClientset(objects...)
 
-	informers := informers.NewSharedInformerFactory(mockClient, controller.NoResyncPeriodFunc())
+	informers := informersv1.NewSharedInformerFactory(mockClient, controller.NoResyncPeriodFunc())
 	projectCache := projectcache.NewProjectCache(
-		informers.Core().InternalVersion().Namespaces().Informer(),
-		mockClient.Core().Namespaces(),
+		informers.Core().V1().Namespaces().Informer(),
+		mockClient.CoreV1().Namespaces(),
 		"",
 	)
 	fakeAuthCache := &fakeAuthCache{}
@@ -259,10 +260,10 @@ func TestAddModifyDeleteEventsByGroup(t *testing.T) {
 	}
 }
 
-func newNamespaces(names ...string) []*kapi.Namespace {
-	ret := []*kapi.Namespace{}
+func newNamespaces(names ...string) []*corev1.Namespace {
+	ret := []*corev1.Namespace{}
 	for _, name := range names {
-		ret = append(ret, &kapi.Namespace{ObjectMeta: metav1.ObjectMeta{Name: name}})
+		ret = append(ret, &corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: name}})
 	}
 
 	return ret