Merge pull request #15354 from liggitt/sdn-register-order-3.6

Register SDN informers synchronously

Author: liggitt

pkg/cmd/server/origin/controller/network.go

@@ -5,7 +5,8 @@ import (
 	"net"
 	"time"
 
-	"github.com/golang/glog"
+	kclientsetinternal "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
+
 	osclient "github.com/openshift/origin/pkg/client"
 	configapi "github.com/openshift/origin/pkg/cmd/server/api"
 	"github.com/openshift/origin/pkg/cmd/server/bootstrappolicy"
@@ -19,25 +20,27 @@ type SDNControllerConfig struct {
 
 func (c *SDNControllerConfig) RunController(ctx ControllerContext) (bool, error) {
 	// TODO: Switch SDN to use client.Interface
-	osClientConfig, err := ctx.ClientBuilder.Config(bootstrappolicy.InfraSDNControllerServiceAccountName)
+	clientConfig, err := ctx.ClientBuilder.Config(bootstrappolicy.InfraSDNControllerServiceAccountName)
+	if err != nil {
+		return false, err
+	}
+	osClient, err := osclient.New(clientConfig)
 	if err != nil {
 		return false, err
 	}
-	osClient, err := osclient.New(osClientConfig)
+	kClient, err := kclientsetinternal.NewForConfig(clientConfig)
 	if err != nil {
 		return false, err
 	}
-	go func() {
-		err := sdnplugin.StartMaster(
-			c.NetworkConfig,
-			osClient,
-			ctx.ClientBuilder.KubeInternalClientOrDie(bootstrappolicy.InfraSDNControllerServiceAccountName),
-			ctx.InternalKubeInformers,
-		)
-		if err != nil {
-			glog.Errorf("failed to start SDN plugin controller: %v", err)
-		}
-	}()
+	err = sdnplugin.StartMaster(
+		c.NetworkConfig,
+		osClient,
+		kClient,
+		ctx.InternalKubeInformers,
+	)
+	if err != nil {
+		return false, fmt.Errorf("failed to start SDN plugin controller: %v", err)
+	}
 	return true, nil
 }
 

pkg/cmd/server/origin/ensure.go

@@ -54,6 +54,54 @@ func (c *MasterConfig) ensureOpenShiftInfraNamespace() {
 		return
 	}
 
+	controllerRoles := []authorizationapi.ClusterRole{}
+	if roles, err := bootstrappolicy.GetKubeControllerBootstrapClusterRoles(); err != nil {
+		glog.Error(err)
+	} else {
+		controllerRoles = append(controllerRoles, roles...)
+	}
+	if roles, err := bootstrappolicy.GetOpenshiftControllerBootstrapClusterRoles(); err != nil {
+		glog.Error(err)
+	} else {
+		controllerRoles = append(controllerRoles, roles...)
+	}
+	for _, role := range controllerRoles {
+		reconcileRole := &policy.ReconcileClusterRolesOptions{
+			RolesToReconcile: []string{role.Name},
+			Confirmed:        true,
+			Union:            true,
+			Out:              ioutil.Discard,
+			RoleClient:       c.PrivilegedLoopbackOpenShiftClient.ClusterRoles(),
+		}
+		if err := reconcileRole.RunReconcileClusterRoles(nil, nil); err != nil {
+			glog.Errorf("Could not reconcile %v: %v\n", role.Name, err)
+		}
+	}
+
+	controllerRoleBindings := []authorizationapi.ClusterRoleBinding{}
+	if bindings, err := bootstrappolicy.GetKubeControllerBootstrapClusterRoleBindings(); err != nil {
+		glog.Error(err)
+	} else {
+		controllerRoleBindings = append(controllerRoleBindings, bindings...)
+	}
+	if bindings, err := bootstrappolicy.GetOpenshiftControllerBootstrapClusterRoleBindings(); err != nil {
+		glog.Error(err)
+	} else {
+		controllerRoleBindings = append(controllerRoleBindings, bindings...)
+	}
+	for _, binding := range controllerRoleBindings {
+		reconcileRoleBinding := &policy.ReconcileClusterRoleBindingsOptions{
+			RolesToReconcile:  []string{binding.RoleRef.Name},
+			Confirmed:         true,
+			Union:             true,
+			Out:               ioutil.Discard,
+			RoleBindingClient: c.PrivilegedLoopbackOpenShiftClient.ClusterRoleBindings(),
+		}
+		if err := reconcileRoleBinding.RunReconcileClusterRoleBindings(nil, nil); err != nil {
+			glog.Errorf("Could not reconcile %v: %v\n", binding.RoleRef.Name, err)
+		}
+	}
+
 	roleAccessor := policy.NewClusterRoleBindingAccessor(c.ServiceAccountRoleBindingClient())
 	for _, saName := range bootstrappolicy.InfraSAs.GetServiceAccounts() {
 		_, err := c.KubeClientsetInternal().Core().ServiceAccounts(ns).Create(&kapi.ServiceAccount{ObjectMeta: metav1.ObjectMeta{Name: saName}})

pkg/sdn/plugin/master.go

@@ -67,7 +67,7 @@ func StartMaster(networkConfig osconfigapi.MasterNetworkConfig, osClient *osclie
 
 	// try this for a while before just dying
 	var getError error
-	err = wait.PollImmediate(1*time.Second, 30*time.Second, func() (bool, error) {
+	err = wait.PollImmediate(1*time.Second, time.Minute, func() (bool, error) {
 		// reset this so that failures come through correctly.
 		getError = nil
 		existingCN, err := master.osClient.ClusterNetwork().Get(osapi.ClusterNetworkDefault, metav1.GetOptions{})