From 92d188a36b87f4a88b2e3fc216db17f895db0d52 Mon Sep 17 00:00:00 2001 From: David Eads Date: Thu, 11 Jan 2018 12:45:06 -0500 Subject: [PATCH] plumb through the clusterresourceoverride settings --- pkg/assets/apiserver/asset_apiserver.go | 40 +++++++------- .../server/origin/asset_apiserver_adapter.go | 52 ++++++++++++++++++- 2 files changed, 73 insertions(+), 19 deletions(-) diff --git a/pkg/assets/apiserver/asset_apiserver.go b/pkg/assets/apiserver/asset_apiserver.go index 2ef4acbb35f1..278b29de6761 100644 --- a/pkg/assets/apiserver/asset_apiserver.go +++ b/pkg/assets/apiserver/asset_apiserver.go @@ -32,6 +32,7 @@ import ( "github.com/openshift/origin/pkg/cmd/server/crypto" cmdutil "github.com/openshift/origin/pkg/cmd/util" oauthutil "github.com/openshift/origin/pkg/oauth/util" + overrideapi "github.com/openshift/origin/pkg/quota/admission/clusterresourceoverride/api" "github.com/openshift/origin/pkg/util/httprequest" oversion "github.com/openshift/origin/pkg/version" ) @@ -43,7 +44,8 @@ const ( type AssetServerConfig struct { GenericConfig *genericapiserver.Config - Options oapi.AssetConfig + Options oapi.AssetConfig + LimitRequestOverrides *overrideapi.ClusterResourceOverrideConfig PublicURL url.URL } @@ -59,7 +61,7 @@ type completedAssetServerConfig struct { *AssetServerConfig } -func NewAssetServerConfig(assetConfig oapi.AssetConfig) (*AssetServerConfig, error) { +func NewAssetServerConfig(assetConfig oapi.AssetConfig, limitRequestOverrides *overrideapi.ClusterResourceOverrideConfig) (*AssetServerConfig, error) { publicURL, err := url.Parse(assetConfig.PublicURL) if err != nil { glog.Fatal(err) @@ -97,9 +99,10 @@ func NewAssetServerConfig(assetConfig oapi.AssetConfig) (*AssetServerConfig, err genericConfig.SecureServingInfo.CipherSuites = crypto.CipherSuitesOrDie(assetConfig.ServingInfo.CipherSuites) return &AssetServerConfig{ - GenericConfig: genericConfig, - Options: assetConfig, - PublicURL: *publicURL, + GenericConfig: genericConfig, + Options: assetConfig, + LimitRequestOverrides: limitRequestOverrides, + PublicURL: *publicURL, }, nil } @@ -216,19 +219,20 @@ func (c *completedAssetServerConfig) addWebConsoleConfig(serverMux *genericmux.P // Generated web console config and server version config := assets.WebConsoleConfig{ - APIGroupAddr: masterURL.Host, - APIGroupPrefix: server.APIGroupPrefix, - MasterAddr: masterURL.Host, - MasterPrefix: api.Prefix, - KubernetesAddr: masterURL.Host, - KubernetesPrefix: server.DefaultLegacyAPIPrefix, - OAuthAuthorizeURI: oauthutil.OpenShiftOAuthAuthorizeURL(masterURL.String()), - OAuthTokenURI: oauthutil.OpenShiftOAuthTokenURL(masterURL.String()), - OAuthRedirectBase: c.Options.PublicURL, - OAuthClientID: OpenShiftWebConsoleClientID, - LogoutURI: c.Options.LogoutURL, - LoggingURL: c.Options.LoggingPublicURL, - MetricsURL: c.Options.MetricsPublicURL, + APIGroupAddr: masterURL.Host, + APIGroupPrefix: server.APIGroupPrefix, + MasterAddr: masterURL.Host, + MasterPrefix: api.Prefix, + KubernetesAddr: masterURL.Host, + KubernetesPrefix: server.DefaultLegacyAPIPrefix, + OAuthAuthorizeURI: oauthutil.OpenShiftOAuthAuthorizeURL(masterURL.String()), + OAuthTokenURI: oauthutil.OpenShiftOAuthTokenURL(masterURL.String()), + OAuthRedirectBase: c.Options.PublicURL, + OAuthClientID: OpenShiftWebConsoleClientID, + LogoutURI: c.Options.LogoutURL, + LoggingURL: c.Options.LoggingPublicURL, + MetricsURL: c.Options.MetricsPublicURL, + LimitRequestOverrides: c.LimitRequestOverrides, } kVersionInfo := kversion.Get() oVersionInfo := oversion.Get() diff --git a/pkg/cmd/server/origin/asset_apiserver_adapter.go b/pkg/cmd/server/origin/asset_apiserver_adapter.go index 6576adb09f81..18b966a86729 100644 --- a/pkg/cmd/server/origin/asset_apiserver_adapter.go +++ b/pkg/cmd/server/origin/asset_apiserver_adapter.go @@ -1,14 +1,24 @@ package origin import ( + "os" + assetapiserver "github.com/openshift/origin/pkg/assets/apiserver" configapi "github.com/openshift/origin/pkg/cmd/server/api" + "github.com/openshift/origin/pkg/cmd/util/pluginconfig" + override "github.com/openshift/origin/pkg/quota/admission/clusterresourceoverride" + overrideapi "github.com/openshift/origin/pkg/quota/admission/clusterresourceoverride/api" ) // TODO this is taking a very large config for a small piece of it. The information must be broken up at some point so that // we can run this in a pod. This is an indication of leaky abstraction because it spent too much time in openshift start func NewAssetServerConfigFromMasterConfig(masterConfigOptions configapi.MasterConfig) (*assetapiserver.AssetServerConfig, error) { - ret, err := assetapiserver.NewAssetServerConfig(*masterConfigOptions.AssetConfig) + clusterResourceOverrideConfig, err := getResourceOverrideConfig(masterConfigOptions) + if err != nil { + return nil, err + } + + ret, err := assetapiserver.NewAssetServerConfig(*masterConfigOptions.AssetConfig, clusterResourceOverrideConfig) if err != nil { return nil, err } @@ -21,3 +31,43 @@ func NewAssetServerConfigFromMasterConfig(masterConfigOptions configapi.MasterCo return ret, nil } + +// All this ugly was removed in 3.9 +// getResourceOverrideConfig looks in two potential places where ClusterResourceOverrideConfig can be specified +func getResourceOverrideConfig(masterConfig configapi.MasterConfig) (*overrideapi.ClusterResourceOverrideConfig, error) { + overrideConfig, err := checkForOverrideConfig(masterConfig.AdmissionConfig) + if err != nil { + return nil, err + } + if overrideConfig != nil { + return overrideConfig, nil + } + if masterConfig.KubernetesMasterConfig == nil { // external kube gets you a nil pointer here + return nil, nil + } + overrideConfig, err = checkForOverrideConfig(masterConfig.KubernetesMasterConfig.AdmissionConfig) + if err != nil { + return nil, err + } + return overrideConfig, nil +} + +// checkForOverrideConfig looks for ClusterResourceOverrideConfig plugin cfg in the admission PluginConfig +func checkForOverrideConfig(ac configapi.AdmissionConfig) (*overrideapi.ClusterResourceOverrideConfig, error) { + overridePluginConfigFile, err := pluginconfig.GetPluginConfigFile(ac.PluginConfig, overrideapi.PluginName, "") + if err != nil { + return nil, err + } + if overridePluginConfigFile == "" { + return nil, nil + } + configFile, err := os.Open(overridePluginConfigFile) + if err != nil { + return nil, err + } + overrideConfig, err := override.ReadConfig(configFile) + if err != nil { + return nil, err + } + return overrideConfig, nil +}