Merge pull request #21027 from deads2k/controller-06-external-types

 make openshift use smaller controller manager config

Author: openshift-merge-robot

glide.lock

@@ -39,38 +39,42 @@ objects:
       spec:
         serviceAccountName: openshift-controller-manager
         restartPolicy: Always
-        hostNetwork: true
         containers:
-        - name: c
+        - name: controller-manager
           image: ${IMAGE}
           imagePullPolicy: ${OPENSHIFT_PULL_POLICY}
           command: ["hypershift", "openshift-controller-manager"]
           args:
-          - "--config=/etc/origin/master/master-config.yaml"
+          - "--config=/var/run/configmaps/config/config.json"
           - "--v=${LOGLEVEL}"
           ports:
-          - containerPort: 8444
+          - containerPort: 8443
           securityContext:
             privileged: true
             runAsUser: 0
           volumeMounts:
-           - mountPath: /etc/origin/master/
-             name: master-config
-           - mountPath: /etc/origin/cloudprovider/
-             name: master-cloud-provider
+          - mountPath: /var/run/configmaps/config
+            name: config
+          - mountPath: /var/run/configmaps/client-ca
+            name: client-ca
+          - mountPath: /var/run/secrets/serving-cert
+            name: serving-cert
           readinessProbe:
             httpGet:
               path: /healthz
-              port: 8444
+              port: 8443
               scheme: HTTPS
         # sensitive files still sit on disk for now
         volumes:
-        - name: master-config
+        - name: config
           hostPath:
             path: ${OPENSHIFT_CONTROLLER_MANAGER_CONFIG_HOST_PATH}
-        - name: master-cloud-provider
+        - name: client-ca
           hostPath:
-            path: /etc/origin/cloudprovider
+            path: ${OPENSHIFT_CONTROLLER_MANAGER_CONFIG_HOST_PATH}
+        - name: serving-cert
+          secret:
+            secretName: serving-cert
 
 
 # to be able to assign powers to the process
@@ -80,3 +84,18 @@ objects:
     namespace: ${NAMESPACE}
     name: openshift-controller-manager
 
+
+- apiVersion: v1
+  kind: Service
+  metadata:
+    namespace: ${NAMESPACE}
+    name: controller-manager
+    annotations:
+      service.alpha.openshift.io/serving-cert-secret-name: serving-cert
+  spec:
+    selector:
+      openshift.io/component: controllers
+    ports:
+    - name: https
+      port: 443
+      targetPort: 8443

install/openshift-controller-manager/install.yaml

@@ -0,0 +1,5 @@
+{
+  "apiVersion": "openshiftcontrolplane.config.openshift.io/v1",
+  "kind": "OpenShiftControllerManagerConfig",
+  "controllers": ["*", "-openshift.io/service-serving-cert"]
+}

install/openshift-controller-manager/static-config.json

@@ -7,14 +7,14 @@ import (
 	corev1 "k8s.io/api/core/v1"
 
 	buildv1 "github.com/openshift/api/build/v1"
+	openshiftcontrolplanev1 "github.com/openshift/api/openshiftcontrolplane/v1"
 	"github.com/openshift/origin/pkg/build/controller/common"
 	"github.com/openshift/origin/pkg/build/util"
 	buildutil "github.com/openshift/origin/pkg/build/util"
-	configapi "github.com/openshift/origin/pkg/cmd/server/apis/config"
 )
 
 type BuildDefaults struct {
-	Config *configapi.BuildDefaultsConfig
+	Config *openshiftcontrolplanev1.BuildDefaultsConfig
 }
 
 // ApplyDefaults applies configured build defaults to a build pod

pkg/build/controller/build/defaults/defaults.go

@@ -6,21 +6,17 @@ import (
 
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
-	"k8s.io/kubernetes/pkg/api/legacyscheme"
-	internalcore "k8s.io/kubernetes/pkg/apis/core"
-	kapi "k8s.io/kubernetes/pkg/apis/core"
 	kapihelper "k8s.io/kubernetes/pkg/apis/core/helper"
 
 	buildv1 "github.com/openshift/api/build/v1"
-	buildapi "github.com/openshift/origin/pkg/build/apis/build"
+	openshiftcontrolplanev1 "github.com/openshift/api/openshiftcontrolplane/v1"
 	"github.com/openshift/origin/pkg/build/controller/common"
 	testutil "github.com/openshift/origin/pkg/build/controller/common/testutil"
 	buildutil "github.com/openshift/origin/pkg/build/util"
-	configapi "github.com/openshift/origin/pkg/cmd/server/apis/config"
 )
 
 func TestProxyDefaults(t *testing.T) {
-	defaultsConfig := &configapi.BuildDefaultsConfig{
+	defaultsConfig := &openshiftcontrolplanev1.BuildDefaultsConfig{
 		GitHTTPProxy:  "http",
 		GitHTTPSProxy: "https",
 		GitNoProxy:    "no",
@@ -49,8 +45,8 @@ func TestProxyDefaults(t *testing.T) {
 }
 
 func TestEnvDefaults(t *testing.T) {
-	defaultsConfig := &configapi.BuildDefaultsConfig{
-		Env: []internalcore.EnvVar{
+	defaultsConfig := &openshiftcontrolplanev1.BuildDefaultsConfig{
+		Env: []corev1.EnvVar{
 			{
 				Name:  "VAR1",
 				Value: "VALUE1",
@@ -152,8 +148,8 @@ func TestEnvDefaults(t *testing.T) {
 
 func TestIncrementalDefaults(t *testing.T) {
 	bool_t := true
-	defaultsConfig := &configapi.BuildDefaultsConfig{
-		SourceStrategyDefaults: &configapi.SourceStrategyDefaultsConfig{
+	defaultsConfig := &openshiftcontrolplanev1.BuildDefaultsConfig{
+		SourceStrategyDefaults: &openshiftcontrolplanev1.SourceStrategyDefaultsConfig{
 			Incremental: &bool_t,
 		},
 	}
@@ -303,16 +299,8 @@ func TestLabelDefaults(t *testing.T) {
 	}
 
 	for i, test := range tests {
-		internalLabels := []buildapi.ImageLabel{}
-		for _, l := range test.defaultLabels {
-			internalLabel := buildapi.ImageLabel{}
-			if err := legacyscheme.Scheme.Convert(&l, &internalLabel, nil); err != nil {
-				panic(err)
-			}
-			internalLabels = append(internalLabels, internalLabel)
-		}
-		defaultsConfig := &configapi.BuildDefaultsConfig{
-			ImageLabels: internalLabels,
+		defaultsConfig := &openshiftcontrolplanev1.BuildDefaultsConfig{
+			ImageLabels: test.defaultLabels,
 		}
 
 		admitter := BuildDefaults{defaultsConfig}
@@ -361,7 +349,7 @@ func TestBuildDefaultsNodeSelector(t *testing.T) {
 	}
 
 	for _, test := range tests {
-		defaults := BuildDefaults{Config: &configapi.BuildDefaultsConfig{NodeSelector: test.defaults}}
+		defaults := BuildDefaults{Config: &openshiftcontrolplanev1.BuildDefaultsConfig{NodeSelector: test.defaults}}
 		pod := testutil.Pod().WithBuild(t, test.build)
 		// normally the pod will have the nodeselectors from the build, due to the pod creation logic
 		// in the build controller flow. fake it out here.
@@ -413,7 +401,7 @@ func TestBuildDefaultsAnnotations(t *testing.T) {
 	}
 
 	for _, test := range tests {
-		defaults := BuildDefaults{Config: &configapi.BuildDefaultsConfig{Annotations: test.defaults}}
+		defaults := BuildDefaults{Config: &openshiftcontrolplanev1.BuildDefaultsConfig{Annotations: test.defaults}}
 		pod := testutil.Pod().WithBuild(t, test.build)
 		pod.Annotations = test.annotations
 		err := defaults.ApplyDefaults((*corev1.Pod)(pod))
@@ -432,19 +420,19 @@ func TestBuildDefaultsAnnotations(t *testing.T) {
 }
 func TestResourceDefaults(t *testing.T) {
 	tests := map[string]struct {
-		DefaultResource  kapi.ResourceRequirements
+		DefaultResource  corev1.ResourceRequirements
 		BuildResource    corev1.ResourceRequirements
 		ExpectedResource corev1.ResourceRequirements
 	}{
 		"BuildDefaults plugin and Build object both defined resource limits and requests": {
-			DefaultResource: kapi.ResourceRequirements{
-				Limits: kapi.ResourceList{
-					kapi.ResourceName(kapi.ResourceCPU):    resource.MustParse("10"),
-					kapi.ResourceName(kapi.ResourceMemory): resource.MustParse("1G"),
+			DefaultResource: corev1.ResourceRequirements{
+				Limits: corev1.ResourceList{
+					corev1.ResourceName(corev1.ResourceCPU):    resource.MustParse("10"),
+					corev1.ResourceName(corev1.ResourceMemory): resource.MustParse("1G"),
 				},
-				Requests: kapi.ResourceList{
-					kapi.ResourceName(kapi.ResourceCPU):    resource.MustParse("20"),
-					kapi.ResourceName(kapi.ResourceMemory): resource.MustParse("2G"),
+				Requests: corev1.ResourceList{
+					corev1.ResourceName(corev1.ResourceCPU):    resource.MustParse("20"),
+					corev1.ResourceName(corev1.ResourceMemory): resource.MustParse("2G"),
 				},
 			},
 			BuildResource: corev1.ResourceRequirements{
@@ -469,14 +457,14 @@ func TestResourceDefaults(t *testing.T) {
 			},
 		},
 		"BuildDefaults plugin defined limits and requests, Build object defined resource requests": {
-			DefaultResource: kapi.ResourceRequirements{
-				Limits: kapi.ResourceList{
-					kapi.ResourceName(kapi.ResourceCPU):    resource.MustParse("10"),
-					kapi.ResourceName(kapi.ResourceMemory): resource.MustParse("1G"),
+			DefaultResource: corev1.ResourceRequirements{
+				Limits: corev1.ResourceList{
+					corev1.ResourceName(corev1.ResourceCPU):    resource.MustParse("10"),
+					corev1.ResourceName(corev1.ResourceMemory): resource.MustParse("1G"),
 				},
-				Requests: kapi.ResourceList{
-					kapi.ResourceName(kapi.ResourceCPU):    resource.MustParse("20"),
-					kapi.ResourceName(kapi.ResourceMemory): resource.MustParse("2G"),
+				Requests: corev1.ResourceList{
+					corev1.ResourceName(corev1.ResourceCPU):    resource.MustParse("20"),
+					corev1.ResourceName(corev1.ResourceMemory): resource.MustParse("2G"),
 				},
 			},
 			BuildResource: corev1.ResourceRequirements{
@@ -497,14 +485,14 @@ func TestResourceDefaults(t *testing.T) {
 			},
 		},
 		"BuildDefaults plugin defined limits and requests, Build object defined resource limits": {
-			DefaultResource: kapi.ResourceRequirements{
-				Limits: kapi.ResourceList{
-					kapi.ResourceName(kapi.ResourceCPU):    resource.MustParse("10"),
-					kapi.ResourceName(kapi.ResourceMemory): resource.MustParse("1G"),
+			DefaultResource: corev1.ResourceRequirements{
+				Limits: corev1.ResourceList{
+					corev1.ResourceName(corev1.ResourceCPU):    resource.MustParse("10"),
+					corev1.ResourceName(corev1.ResourceMemory): resource.MustParse("1G"),
 				},
-				Requests: kapi.ResourceList{
-					kapi.ResourceName(kapi.ResourceCPU):    resource.MustParse("20"),
-					kapi.ResourceName(kapi.ResourceMemory): resource.MustParse("2G"),
+				Requests: corev1.ResourceList{
+					corev1.ResourceName(corev1.ResourceCPU):    resource.MustParse("20"),
+					corev1.ResourceName(corev1.ResourceMemory): resource.MustParse("2G"),
 				},
 			},
 			BuildResource: corev1.ResourceRequirements{
@@ -525,7 +513,7 @@ func TestResourceDefaults(t *testing.T) {
 			},
 		},
 		"BuildDefaults plugin defined nothing, Build object defined resource limits": {
-			DefaultResource: kapi.ResourceRequirements{},
+			DefaultResource: corev1.ResourceRequirements{},
 			BuildResource: corev1.ResourceRequirements{
 				Limits: corev1.ResourceList{
 					corev1.ResourceName(corev1.ResourceCPU):    resource.MustParse("10"),
@@ -548,19 +536,19 @@ func TestResourceDefaults(t *testing.T) {
 			},
 		},
 		"BuildDefaults plugin and Build object defined nothing": {
-			DefaultResource:  kapi.ResourceRequirements{},
+			DefaultResource:  corev1.ResourceRequirements{},
 			BuildResource:    corev1.ResourceRequirements{},
 			ExpectedResource: corev1.ResourceRequirements{},
 		},
 		"BuildDefaults plugin defined limits and requests, Build object defined nothing": {
-			DefaultResource: kapi.ResourceRequirements{
-				Limits: kapi.ResourceList{
-					kapi.ResourceName(kapi.ResourceCPU):    resource.MustParse("10"),
-					kapi.ResourceName(kapi.ResourceMemory): resource.MustParse("1G"),
+			DefaultResource: corev1.ResourceRequirements{
+				Limits: corev1.ResourceList{
+					corev1.ResourceName(corev1.ResourceCPU):    resource.MustParse("10"),
+					corev1.ResourceName(corev1.ResourceMemory): resource.MustParse("1G"),
 				},
-				Requests: kapi.ResourceList{
-					kapi.ResourceName(kapi.ResourceCPU):    resource.MustParse("20"),
-					kapi.ResourceName(kapi.ResourceMemory): resource.MustParse("2G"),
+				Requests: corev1.ResourceList{
+					corev1.ResourceName(corev1.ResourceCPU):    resource.MustParse("20"),
+					corev1.ResourceName(corev1.ResourceMemory): resource.MustParse("2G"),
 				},
 			},
 			BuildResource: corev1.ResourceRequirements{},
@@ -576,12 +564,12 @@ func TestResourceDefaults(t *testing.T) {
 			},
 		},
 		"BuildDefaults plugin defined part of limits and requests, Build object defined part of limits and  requests": {
-			DefaultResource: kapi.ResourceRequirements{
-				Limits: kapi.ResourceList{
-					kapi.ResourceName(kapi.ResourceCPU): resource.MustParse("10"),
+			DefaultResource: corev1.ResourceRequirements{
+				Limits: corev1.ResourceList{
+					corev1.ResourceName(corev1.ResourceCPU): resource.MustParse("10"),
 				},
-				Requests: kapi.ResourceList{
-					kapi.ResourceName(kapi.ResourceMemory): resource.MustParse("2G"),
+				Requests: corev1.ResourceList{
+					corev1.ResourceName(corev1.ResourceMemory): resource.MustParse("2G"),
 				},
 			},
 			BuildResource: corev1.ResourceRequirements{
@@ -606,7 +594,7 @@ func TestResourceDefaults(t *testing.T) {
 	}
 
 	for name, test := range tests {
-		defaults := BuildDefaults{Config: &configapi.BuildDefaultsConfig{Resources: test.DefaultResource}}
+		defaults := BuildDefaults{Config: &openshiftcontrolplanev1.BuildDefaultsConfig{Resources: test.DefaultResource}}
 
 		build := testutil.Build().WithSourceStrategy().AsBuild()
 		build.Spec.Resources = test.BuildResource

pkg/build/controller/build/defaults/defaults_test.go

@@ -10,12 +10,12 @@ import (
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 
 	buildv1 "github.com/openshift/api/build/v1"
+	openshiftcontrolplanev1 "github.com/openshift/api/openshiftcontrolplane/v1"
 	"github.com/openshift/origin/pkg/build/controller/common"
-	configapi "github.com/openshift/origin/pkg/cmd/server/apis/config"
 )
 
 type BuildOverrides struct {
-	Config *configapi.BuildOverridesConfig
+	Config *openshiftcontrolplanev1.BuildOverridesConfig
 }
 
 // ApplyOverrides applies configured overrides to a build in a build pod