ApiServer 代码走读
- 2024-02-03 广东
本文字数:2945 字
阅读完需:约 10 分钟
Kubernetes 的 ApiServer 代码走读
cmd/kube-apiserver/app/server.go:NewAPIServerCommand()-->
completedOptions, err := Complete(s)-->
s.Etcd.WatchCacheSizes, err = serveroptions.WriteWatchCacheSizes(sizes)
Run(completedOptions, genericapiserver.SetupSignalHandler())-->CreateServerChain()-->
CreateServerChain()-->
cmd/kube-apiserver/app/server.go:NewAPIServerCommand()-->
completedOptions, err := Complete(s)-->
s.Etcd.WatchCacheSizes, err = serveroptions.WriteWatchCacheSizes(sizes)
Run(completedOptions, genericapiserver.SetupSignalHandler())-->CreateServerChain()-->
CreateServerChain()-->
CreateKubeAPIServerConfig-->
buildGenericConfig(s.ServerRunOptions, proxyTransport)-->
genericapiserver.NewConfig(legacyscheme.Codecs) // create codec factory for encoding/decoding
controlplane.DefaultAPIResourceConfigSource() // group version: enabled/disabled
storageFactoryConfig.Complete(s.Etcd)
completedStorageFactoryConfig.New()--> // register access path in etcd for all k8s objects
storageFactory.AddCohabitatingResources(networking.Resource("networkpolicies"), extensions.Resource("networkpolicies"))
s.Etcd.ApplyWithStorageFactoryTo(storageFactory, genericConfig)-->
c.AddHealthChecks()
c.RESTOptionsGetter = &StorageFactoryRestOptionsFactory{Options: *s, StorageFactory: factory}
// 认证
s.Authentication.ApplyTo()--> // clientcert, serviceaccount, bootstrap token,
authenticatorConfig.New()-->
newWebhookTokenAuthenticator(config) // webhook
// 鉴权
BuildAuthorizer(s, genericConfig.EgressSelector, versionedInformers)-->
authorizationConfig.New()-->
rbacAuthorizer := rbac.New()--> // if authorizer type is rbac
// 准入
buildServiceResolver(s.EnableAggregatorRouting, genericConfig.LoopbackClientConfig.Host, versionedInformers)
admissionConfig.New(proxyTransport, genericConfig.EgressSelector, serviceResolver)-->
admission.PluginInitializer{webhookPluginInitializer, kubePluginInitializer}
net.SplitHostPort(s.Etcd.StorageConfig.Transport.ServerList[0])
utilwait.PollImmediate(etcdRetryInterval, etcdRetryLimit*etcdRetryInterval, preflight.EtcdConnection{ServerList: s.Etcd.StorageConfig.Transport.ServerList}.CheckEtcdServers)
capabilities.Initialize() // allow privillage?
config := &controlplane.Config{}
createAPIExtensionsConfig()
createAPIExtensionsServer()-->
apiextensionsConfig.Complete().New(delegateAPIServer)-->
s.AddHealthChecks(delegateCheck)
// 注册通用handler
installAPI(s, c.Config) // register generic api handler e.g. index, profiling, metrics, flow control
CreateKubeAPIServer(kubeAPIServerConfig, apiExtensionsServer.GenericAPIServer)
kubeAPIServerConfig.Complete().New(delegateAPIServer)
m.InstallLegacyAPI(&c, c.GenericConfig.RESTOptionsGetter, legacyRESTStorageProvider)-->
m.GenericAPIServer.AddPostStartHookOrDie(controllerName, bootstrapController.PostStartHook)-->
controlplane.controller.Start()-->
async.NewRunner(c.RunKubernetesNamespaces, c.RunKubernetesService, repairClusterIPs.RunUntil, repairNodePorts.RunUntil)
m.GenericAPIServer.AddPreShutdownHookOrDie(controllerName, bootstrapController.PreShutdownHook)
// 注册core group API handler
m.GenericAPIServer.InstallLegacyAPIGroup() // register handler for /api
restStorageProviders := []RESTStorageProvider{appsrest.StorageProvider{}}
m.InstallAPIs(c.ExtraConfig.APIResourceConfigSource, c.GenericConfig.RESTOptionsGetter, restStorageProviders...)-->
// 初始化对应group中对象的watch cache
restStorageBuilder.NewRESTStorage(apiResourceConfigSource, restOptionsGetter)--> // trigger appsrest.StorageProvider
p.v1Storage(apiResourceConfigSource, restOptionsGetter)-->
daemonsetstore.NewREST(restOptionsGetter)-->
store.CompleteWithOptions(options)-->
opts, err := options.RESTOptions.GetRESTOptions(e.DefaultQualifiedResource)--> // etcd.go
ret.Decorator = genericregistry.StorageWithCacher()-->
cacherstorage.NewCacherFromConfig(cacherConfig)-->
watchCache := newWatchCache()-->
// 注册API handler
m.GenericAPIServer.InstallAPIGroups(apiGroupsInfo...)--> // register handler for /apis
s.installAPIResources(APIGroupPrefix, apiGroupInfo, openAPIModels)-->
apiGroupVersion.InstallREST(s.Handler.GoRestfulContainer)-->
discovery.NewAPIVersionHandler(g.Serializer, g.GroupVersion, staticLister{apiResources})
createAggregatorServer(aggregatorConfig, kubeAPIServer.GenericAPIServer, apiExtensionsServer.Informers)-->
apiServices := apiServicesToRegister(delegateAPIServer, autoRegistrationController)
server.PrepareRun()-->
s.GenericAPIServer.PrepareRun()-->
s.installHealthz()
s.installLivez()
s.installReadyz()
prepared.Run(stopCh)-->
s.runnable.Run(stopCh)--> // preparedGenericAPIServer.Run()
s.NonBlockingRun(delayedStopCh)-->
s.SecureServingInfo.Serve(s.Handler, s.ShutdownTimeout, internalStopCh)-->
RunServer(secureServer, s.Listener, shutdownTimeout, stopCh)
复制代码
划线
评论
复制
发布于: 1 小时前阅读数: 10
版权声明: 本文为 InfoQ 作者【GalaxyCreater】的原创文章。
原文链接:【http://xie.infoq.cn/article/5c8851505bf4be2c415cfbf45】。
本文遵守【CC-BY 4.0】协议,转载请保留原文出处及本版权声明。
还未添加个人签名 2019-04-21 加入
还未添加个人简介
评论