// startAPI starts the components of the master that are considered part of the API - the Kubernetes
// API and core controllers, the Origin API, the group, policy, project, and authorization caches,
// etcd, the asset server (for the UI), the OAuth server endpoints, and the DNS server.
// TODO: allow to be more granularly targeted
func startAPI(oc *origin.MasterConfig, kc *kubernetes.MasterConfig) error {
// start etcd
if oc.Options.EtcdConfig != nil {
etcd.RunEtcd(oc.Options.EtcdConfig)
}
// verify we can connect to etcd with the provided config
if err := etcd.TestEtcdClient(oc.EtcdClient); err != nil {
return err
}
// Must start policy caching immediately
oc.RunGroupCache()
oc.RunPolicyCache()
oc.RunProjectCache()
unprotectedInstallers := []origin.APIInstaller{}
if oc.Options.OAuthConfig != nil {
authConfig, err := origin.BuildAuthConfig(oc.Options)
if err != nil {
return err
}
unprotectedInstallers = append(unprotectedInstallers, authConfig)
}
var standaloneAssetConfig *origin.AssetConfig
if oc.WebConsoleEnabled() {
config, err := origin.BuildAssetConfig(*oc.Options.AssetConfig)
if err != nil {
return err
}
if oc.Options.AssetConfig.ServingInfo.BindAddress == oc.Options.ServingInfo.BindAddress {
unprotectedInstallers = append(unprotectedInstallers, config)
} else {
standaloneAssetConfig = config
}
}
if kc != nil {
oc.Run([]origin.APIInstaller{kc}, unprotectedInstallers)
} else {
_, kubeClientConfig, err := configapi.GetKubeClient(oc.Options.MasterClients.ExternalKubernetesKubeConfig)
if err != nil {
return err
}
proxy := &kubernetes.ProxyConfig{
ClientConfig: kubeClientConfig,
}
oc.Run([]origin.APIInstaller{proxy}, unprotectedInstallers)
}
oc.InitializeObjects()
if standaloneAssetConfig != nil {
standaloneAssetConfig.Run()
}
if oc.Options.DNSConfig != nil {
oc.RunDNSServer()
}
oc.RunProjectAuthorizationCache()
return nil
}
// StartAPI starts the components of the master that are considered part of the API - the Kubernetes
// API and core controllers, the Origin API, the group, policy, project, and authorization caches,
// etcd, the asset server (for the UI), the OAuth server endpoints, and the DNS server.
// TODO: allow to be more granularly targeted
func StartAPI(oc *origin.MasterConfig, kc *kubernetes.MasterConfig) error {
// start etcd
if oc.Options.EtcdConfig != nil {
etcdserver.RunEtcd(oc.Options.EtcdConfig)
}
// verify we can connect to etcd with the provided config
if etcdClient, err := etcd.GetAndTestEtcdClient(oc.Options.EtcdClientInfo); err != nil {
return err
} else {
etcdClient.Close()
}
// Must start policy caching immediately
oc.RunGroupCache()
oc.RunPolicyCache()
oc.RunProjectCache()
unprotectedInstallers := []origin.APIInstaller{}
if oc.Options.OAuthConfig != nil {
authConfig, err := origin.BuildAuthConfig(oc)
if err != nil {
return err
}
unprotectedInstallers = append(unprotectedInstallers, authConfig)
}
var standaloneAssetConfig *origin.AssetConfig
if oc.WebConsoleEnabled() {
var overrideConfig *overrideapi.ClusterResourceOverrideConfig = nil
if oc.Options.KubernetesMasterConfig != nil { // external kube gets you a nil pointer here
if overridePluginConfigFile, err := pluginconfig.GetPluginConfigFile(oc.Options.KubernetesMasterConfig.AdmissionConfig.PluginConfig, overrideapi.PluginName, ""); err != nil {
return err
} else if overridePluginConfigFile != "" {
configFile, err := os.Open(overridePluginConfigFile)
if err != nil {
return err
}
if overrideConfig, err = override.ReadConfig(configFile); err != nil {
return err
}
}
}
config, err := origin.NewAssetConfig(*oc.Options.AssetConfig, overrideConfig)
if err != nil {
return err
}
if oc.Options.AssetConfig.ServingInfo.BindAddress == oc.Options.ServingInfo.BindAddress {
unprotectedInstallers = append(unprotectedInstallers, config)
} else {
standaloneAssetConfig = config
}
}
if kc != nil {
oc.Run([]origin.APIInstaller{kc}, unprotectedInstallers)
} else {
_, kubeClientConfig, err := configapi.GetKubeClient(oc.Options.MasterClients.ExternalKubernetesKubeConfig)
if err != nil {
return err
}
proxy := &kubernetes.ProxyConfig{
ClientConfig: kubeClientConfig,
}
oc.Run([]origin.APIInstaller{proxy}, unprotectedInstallers)
}
oc.InitializeObjects()
if standaloneAssetConfig != nil {
standaloneAssetConfig.Run()
}
if oc.Options.DNSConfig != nil {
oc.RunDNSServer()
}
oc.RunProjectAuthorizationCache()
return nil
}
// StartAPI starts the components of the master that are considered part of the API - the Kubernetes
// API and core controllers, the Origin API, the group, policy, project, and authorization caches,
// etcd, the asset server (for the UI), the OAuth server endpoints, and the DNS server.
// TODO: allow to be more granularly targeted
func StartAPI(oc *origin.MasterConfig, kc *kubernetes.MasterConfig) error {
// start etcd
if oc.Options.EtcdConfig != nil {
etcdserver.RunEtcd(oc.Options.EtcdConfig)
}
// verify we can connect to etcd with the provided config
if _, err := etcd.GetAndTestEtcdClient(oc.Options.EtcdClientInfo); err != nil {
return err
}
// Must start policy caching immediately
oc.Informers.StartCore(utilwait.NeverStop)
oc.RunClusterQuotaMappingController()
oc.RunGroupCache()
oc.RunProjectCache()
unprotectedInstallers := []origin.APIInstaller{}
if oc.Options.OAuthConfig != nil {
authConfig, err := origin.BuildAuthConfig(oc)
if err != nil {
return err
}
unprotectedInstallers = append(unprotectedInstallers, authConfig)
}
var standaloneAssetConfig *origin.AssetConfig
if oc.WebConsoleEnabled() {
overrideConfig, err := getResourceOverrideConfig(oc)
if err != nil {
return err
}
config, err := origin.NewAssetConfig(*oc.Options.AssetConfig, overrideConfig)
if err != nil {
return err
}
if oc.Options.AssetConfig.ServingInfo.BindAddress == oc.Options.ServingInfo.BindAddress {
unprotectedInstallers = append(unprotectedInstallers, config)
} else {
standaloneAssetConfig = config
}
}
if kc != nil {
oc.Run([]origin.APIInstaller{kc}, unprotectedInstallers)
} else {
_, kubeClientConfig, err := configapi.GetKubeClient(oc.Options.MasterClients.ExternalKubernetesKubeConfig, oc.Options.MasterClients.ExternalKubernetesClientConnectionOverrides)
if err != nil {
return err
}
proxy := &kubernetes.ProxyConfig{
ClientConfig: kubeClientConfig,
}
oc.Run([]origin.APIInstaller{proxy}, unprotectedInstallers)
}
// start up the informers that we're trying to use in the API server
oc.Informers.Start(utilwait.NeverStop)
oc.InitializeObjects()
if standaloneAssetConfig != nil {
standaloneAssetConfig.Run()
}
if oc.Options.DNSConfig != nil {
oc.RunDNSServer()
}
oc.RunProjectAuthorizationCache()
return nil
}