forked from kubernetes/kubernetes
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
分析SA控制器启动流程
- Loading branch information
Showing
8 changed files
with
274 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,96 @@ | ||
# 特性列表 | ||
|
||
基于`v.18.6` | ||
|
||
## 默认开启 | ||
|
||
- `BETA` | ||
-`APIListChunking`: 启用`API`客户端以块的形式从`API`服务器检索(`LIST`或`GET`)资源 | ||
-`APIResponseCompression`: 压缩`LIST`或`GET`请求的`API`响应 | ||
- `AllowInsecureBackendProxy`: 当尝试获取`Pod`的日志时,`Kubelet`可能有一个过期的服务证书。开启该特性配置,允许最终用户可以绕过`Kubernetes API Server`的默认行为,并跳过`Kubelet`的`TLS`验证来收集日志。 | ||
- | ||
|
||
## 默认关闭 | ||
|
||
- `ALPHA` | ||
- `APIPriorityAndFairness`: 在每个服务器上启用优先级和公平性来管理请求并发 | ||
- `AllAlpha`: 开启所有`Alpha`阶段特性 | ||
- `AllBeta`: 开启所有`Beta`阶段特性 | ||
|
||
```shell script | ||
AnyVolumeDataSource=true|false (ALPHA - default=false) | ||
AppArmor=true|false (BETA - default=true) | ||
BalanceAttachedNodeVolumes=true|false (ALPHA - default=false) | ||
BoundServiceAccountTokenVolume=true|false (ALPHA - default=false) | ||
CPUManager=true|false (BETA - default=true) | ||
CRIContainerLogRotation=true|false (BETA - default=true) | ||
CSIInlineVolume=true|false (BETA - default=true) | ||
CSIMigration=true|false (BETA - default=true) | ||
CSIMigrationAWS=true|false (BETA - default=false) | ||
CSIMigrationAWSComplete=true|false (ALPHA - default=false) | ||
CSIMigrationAzureDisk=true|false (ALPHA - default=false) | ||
CSIMigrationAzureDiskComplete=true|false (ALPHA - default=false) | ||
CSIMigrationAzureFile=true|false (ALPHA - default=false) | ||
CSIMigrationAzureFileComplete=true|false (ALPHA - default=false) | ||
CSIMigrationGCE=true|false (BETA - default=false) | ||
CSIMigrationGCEComplete=true|false (ALPHA - default=false) | ||
CSIMigrationOpenStack=true|false (BETA - default=false) | ||
CSIMigrationOpenStackComplete=true|false (ALPHA - default=false) | ||
ConfigurableFSGroupPolicy=true|false (ALPHA - default=false) | ||
CustomCPUCFSQuotaPeriod=true|false (ALPHA - default=false) | ||
DefaultIngressClass=true|false (BETA - default=true) | ||
DevicePlugins=true|false (BETA - default=true) | ||
DryRun=true|false (BETA - default=true) | ||
DynamicAuditing=true|false (ALPHA - default=false) | ||
DynamicKubeletConfig=true|false (BETA - default=true) | ||
EndpointSlice=true|false (BETA - default=true) | ||
EndpointSliceProxying=true|false (ALPHA - default=false) | ||
EphemeralContainers=true|false (ALPHA - default=false) | ||
EvenPodsSpread=true|false (BETA - default=true) | ||
ExpandCSIVolumes=true|false (BETA - default=true) | ||
ExpandInUsePersistentVolumes=true|false (BETA - default=true) | ||
ExpandPersistentVolumes=true|false (BETA - default=true) | ||
ExperimentalHostUserNamespaceDefaulting=true|false (BETA - default=false) | ||
HPAScaleToZero=true|false (ALPHA - default=false) | ||
HugePageStorageMediumSize=true|false (ALPHA - default=false) | ||
HyperVContainer=true|false (ALPHA - default=false) | ||
IPv6DualStack=true|false (ALPHA - default=false) | ||
ImmutableEphemeralVolumes=true|false (ALPHA - default=false) | ||
KubeletPodResources=true|false (BETA - default=true) | ||
LegacyNodeRoleBehavior=true|false (ALPHA - default=true) | ||
LocalStorageCapacityIsolation=true|false (BETA - default=true) | ||
LocalStorageCapacityIsolationFSQuotaMonitoring=true|false (ALPHA - default=false) | ||
NodeDisruptionExclusion=true|false (ALPHA - default=false) | ||
NonPreemptingPriority=true|false (ALPHA - default=false) | ||
PodDisruptionBudget=true|false (BETA - default=true) | ||
PodOverhead=true|false (BETA - default=true) | ||
ProcMountType=true|false (ALPHA - default=false) | ||
QOSReserved=true|false (ALPHA - default=false) | ||
RemainingItemCount=true|false (BETA - default=true) | ||
RemoveSelfLink=true|false (ALPHA - default=false) | ||
ResourceLimitsPriorityFunction=true|false (ALPHA - default=false) | ||
RotateKubeletClientCertificate=true|false (BETA - default=true) | ||
RotateKubeletServerCertificate=true|false (BETA - default=true) | ||
RunAsGroup=true|false (BETA - default=true) | ||
RuntimeClass=true|false (BETA - default=true) | ||
SCTPSupport=true|false (ALPHA - default=false) | ||
SelectorIndex=true|false (ALPHA - default=false) | ||
ServerSideApply=true|false (BETA - default=true) | ||
ServiceAccountIssuerDiscovery=true|false (ALPHA - default=false) | ||
ServiceAppProtocol=true|false (ALPHA - default=false) | ||
ServiceNodeExclusion=true|false (ALPHA - default=false) | ||
ServiceTopology=true|false (ALPHA - default=false) | ||
StartupProbe=true|false (BETA - default=true) | ||
StorageVersionHash=true|false (BETA - default=true) | ||
SupportNodePidsLimit=true|false (BETA - default=true) | ||
SupportPodPidsLimit=true|false (BETA - default=true) | ||
Sysctls=true|false (BETA - default=true) | ||
TTLAfterFinished=true|false (ALPHA - default=false) | ||
TokenRequest=true|false (BETA - default=true) | ||
TokenRequestProjection=true|false (BETA - default=true) | ||
TopologyManager=true|false (BETA - default=true) | ||
ValidateProxyRedirects=true|false (BETA - default=true) | ||
VolumeSnapshotDataSource=true|false (BETA - default=true) | ||
WinDSR=true|false (ALPHA - default=false) | ||
WinOverlay=true|false (ALPHA - default=false) | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,134 @@ | ||
# | ||
# NewControllerManagerCommand() | ||
## 函数主体 | ||
|
||
```shell script | ||
// NewControllerManagerCommand creates a *cobra.Command object with default parameters | ||
func NewControllerManagerCommand() *cobra.Command { | ||
s, err := options.NewKubeControllerManagerOptions() | ||
if err != nil { | ||
klog.Fatalf("unable to initialize command options: %v", err) | ||
} | ||
|
||
cmd := &cobra.Command{ | ||
Use: "kube-controller-manager", | ||
Long: `The Kubernetes controller manager is a daemon that embeds | ||
the core control loops shipped with Kubernetes. In applications of robotics and | ||
automation, a control loop is a non-terminating loop that regulates the state of | ||
the system. In Kubernetes, a controller is a control loop that watches the shared | ||
state of the cluster through the apiserver and makes changes attempting to move the | ||
current state towards the desired state. Examples of controllers that ship with | ||
Kubernetes today are the replication controller, endpoints controller, namespace | ||
controller, and serviceaccounts controller.`, | ||
Run: func(cmd *cobra.Command, args []string) { | ||
// 输出版本 | ||
verflag.PrintAndExitIfRequested() | ||
// 输出可选标识 | ||
utilflag.PrintFlags(cmd.Flags()) | ||
|
||
// 配置kube-controller-manager | ||
c, err := s.Config(KnownControllers(), ControllersDisabledByDefault.List()) | ||
if err != nil { | ||
fmt.Fprintf(os.Stderr, "%v\n", err) | ||
os.Exit(1) | ||
} | ||
// c.Complete() -> api-server对控制器服务认证授权 | ||
// 执行控制器启动流程 | ||
if err := Run(c.Complete(), wait.NeverStop); err != nil { | ||
fmt.Fprintf(os.Stderr, "%v\n", err) | ||
os.Exit(1) | ||
} | ||
}, | ||
} | ||
|
||
// 获取flags集合 | ||
fs := cmd.Flags() | ||
// | ||
namedFlagSets := s.Flags(KnownControllers(), ControllersDisabledByDefault.List()) | ||
|
||
verflag.AddFlags(namedFlagSets.FlagSet("global")) | ||
globalflag.AddGlobalFlags(namedFlagSets.FlagSet("global"), cmd.Name()) | ||
registerLegacyGlobalFlags(namedFlagSets) | ||
for _, f := range namedFlagSets.FlagSets { | ||
fs.AddFlagSet(f) | ||
} | ||
usageFmt := "Usage:\n %s\n" | ||
cols, _, _ := term.TerminalSize(cmd.OutOrStdout()) | ||
|
||
cmd.SetUsageFunc(func(cmd *cobra.Command) error { | ||
fmt.Fprintf(cmd.OutOrStderr(), usageFmt, cmd.UseLine()) | ||
cliflag.PrintSections(cmd.OutOrStderr(), namedFlagSets, cols) | ||
return nil | ||
}) | ||
|
||
// 设置帮助指令 | ||
cmd.SetHelpFunc(func(cmd *cobra.Command, args []string) { | ||
fmt.Fprintf(cmd.OutOrStdout(), "%s\n\n"+usageFmt, cmd.Long, cmd.UseLine()) | ||
cliflag.PrintSections(cmd.OutOrStdout(), namedFlagSets, cols) | ||
}) | ||
|
||
return cmd | ||
} | ||
``` | ||
## 调用分析 | ||
> [1.初始化控制器](ncmc-ncmo.md) | ||
初始化`kube-controller-manager`,附带默认配置(`flags`) | ||
```shell script | ||
s, err := options.NewKubeControllerManagerOptions() | ||
``` | ||
> 2.命令参数绑定 | ||
```shell script | ||
// 获取flags集合 | ||
fs := cmd.Flags() | ||
// | ||
namedFlagSets := s.Flags(KnownControllers(), ControllersDisabledByDefault.List()) | ||
|
||
verflag.AddFlags(namedFlagSets.FlagSet("global")) | ||
globalflag.AddGlobalFlags(namedFlagSets.FlagSet("global"), cmd.Name()) | ||
registerLegacyGlobalFlags(namedFlagSets) | ||
for _, f := range namedFlagSets.FlagSets { | ||
fs.AddFlagSet(f) | ||
} | ||
usageFmt := "Usage:\n %s\n" | ||
cols, _, _ := term.TerminalSize(cmd.OutOrStdout()) | ||
|
||
cmd.SetUsageFunc(func(cmd *cobra.Command) error { | ||
fmt.Fprintf(cmd.OutOrStderr(), usageFmt, cmd.UseLine()) | ||
cliflag.PrintSections(cmd.OutOrStderr(), namedFlagSets, cols) | ||
return nil | ||
}) | ||
|
||
// 设置帮助指令 | ||
cmd.SetHelpFunc(func(cmd *cobra.Command, args []string) { | ||
fmt.Fprintf(cmd.OutOrStdout(), "%s\n\n"+usageFmt, cmd.Long, cmd.UseLine()) | ||
cliflag.PrintSections(cmd.OutOrStdout(), namedFlagSets, cols) | ||
}) | ||
``` | ||
> 3.执行命令主体逻辑 | ||
```shell script | ||
Run: func(cmd *cobra.Command, args []string) { | ||
// 输出版本 | ||
verflag.PrintAndExitIfRequested() | ||
// 输出可选标识 | ||
utilflag.PrintFlags(cmd.Flags()) | ||
|
||
// 配置kube-controller-manager | ||
c, err := s.Config(KnownControllers(), ControllersDisabledByDefault.List()) | ||
if err != nil { | ||
fmt.Fprintf(os.Stderr, "%v\n", err) | ||
os.Exit(1) | ||
} | ||
// c.Complete() -> api-server对控制器服务认证授权 | ||
// 执行控制器启动流程 | ||
if err := Run(c.Complete(), wait.NeverStop); err != nil { | ||
fmt.Fprintf(os.Stderr, "%v\n", err) | ||
os.Exit(1) | ||
} | ||
}, | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters