Skip to content

Commit

Permalink
Merge pull request #53895 from kad/kubeadm-proxy-transports
Browse files Browse the repository at this point in the history 
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

kubeadm: Utilize transport defaults from API machinery for http calls inside kubeadm

**What this PR does / why we need it**:
Default Go HTTP transport does not allow to use CIDR notations in
NO_PROXY variables, thus for certain HTTP calls that is done inside
kubeadm user needs to put explicitly multiple IP addresses. For most of
calls done via API machinery it is get solved by setting different Proxy
resolver. This patch allows to use CIDR notations in NO_PROXY variables
for currently all other HTTP calls that is made inside kubeadm.

**Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes kubernetes/kubeadm#324

**Special notes for your reviewer**:
Based on discussion in #52788, replacing this patch replacing all calls inside kubeadm that are done via DefaultTransport to explicitly defined and initialized with API machinery defaults Transport and http client.

**Release note**:
```release-note
- kubeadm now supports CIDR notations in NO_PROXY environment variable
```
  • Loading branch information
Kubernetes Submit Queue committed Jan 20, 2018
2 parents 7fb295e + 4bd692a commit 4b41a54
Show file tree
Hide file tree
Showing 7 changed files with 17 additions and 7 deletions.
1 change: 1 addition & 0 deletions cmd/kubeadm/app/discovery/https/BUILD
View file
Expand Up @@ -11,6 +11,7 @@ go_library(
importpath = "k8s.io/kubernetes/cmd/kubeadm/app/discovery/https",
deps = [
"//cmd/kubeadm/app/discovery/file:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
"//vendor/k8s.io/client-go/tools/clientcmd:go_default_library",
"//vendor/k8s.io/client-go/tools/clientcmd/api:go_default_library",
],
Expand Down
4 changes: 3 additions & 1 deletion cmd/kubeadm/app/discovery/https/https.go
View file
Expand Up @@ -20,6 +20,7 @@ import (
"io/ioutil"
"net/http"

netutil "k8s.io/apimachinery/pkg/util/net"
"k8s.io/client-go/tools/clientcmd"
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
"k8s.io/kubernetes/cmd/kubeadm/app/discovery/file"
Expand All @@ -29,7 +30,8 @@ import (
// securely to the API Server using the provided CA cert and
// optionally refreshes the cluster-info information from the cluster-info ConfigMap
func RetrieveValidatedClusterInfo(httpsURL string) (*clientcmdapi.Cluster, error) {
response, err := http.Get(httpsURL)
client := &http.Client{Transport: netutil.SetOldTransportDefaults(&http.Transport{})}
response, err := client.Get(httpsURL)
if err != nil {
return nil, err
}
Expand Down
8 changes: 4 additions & 4 deletions cmd/kubeadm/app/preflight/checks.go
View file
Expand Up @@ -422,7 +422,7 @@ func (hst HTTPProxyCheck) Check() (warnings, errors []error) {
return nil, []error{err}
}

proxy, err := http.DefaultTransport.(*http.Transport).Proxy(req)
proxy, err := netutil.SetOldTransportDefaults(&http.Transport{}).Proxy(req)
if err != nil {
return nil, []error{err}
}
Expand Down Expand Up @@ -798,15 +798,15 @@ func (evc ExternalEtcdVersionCheck) configCertAndKey(config *tls.Config) (*tls.C

func (evc ExternalEtcdVersionCheck) getHTTPClient(config *tls.Config) *http.Client {
if config != nil {
transport := &http.Transport{
transport := netutil.SetOldTransportDefaults(&http.Transport{
TLSClientConfig: config,
}
})
return &http.Client{
Transport: transport,
Timeout: externalEtcdRequestTimeout,
}
}
return &http.Client{Timeout: externalEtcdRequestTimeout}
return &http.Client{Timeout: externalEtcdRequestTimeout, Transport: netutil.SetOldTransportDefaults(&http.Transport{})}
}

func getEtcdVersionResponse(client *http.Client, url string, target interface{}) error {
Expand Down
1 change: 1 addition & 0 deletions cmd/kubeadm/app/util/BUILD
View file
Expand Up @@ -27,6 +27,7 @@ go_library(
"//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
"//vendor/k8s.io/client-go/kubernetes/scheme:go_default_library",
],
)
Expand Down
1 change: 1 addition & 0 deletions cmd/kubeadm/app/util/apiclient/BUILD
View file
Expand Up @@ -28,6 +28,7 @@ go_library(
"//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
"//vendor/k8s.io/client-go/dynamic:go_default_library",
"//vendor/k8s.io/client-go/kubernetes:go_default_library",
Expand Down
4 changes: 3 additions & 1 deletion cmd/kubeadm/app/util/apiclient/wait.go
View file
Expand Up @@ -27,6 +27,7 @@ import (
"k8s.io/api/core/v1"
apierrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
netutil "k8s.io/apimachinery/pkg/util/net"
"k8s.io/apimachinery/pkg/util/wait"
clientset "k8s.io/client-go/kubernetes"
"k8s.io/kubernetes/cmd/kubeadm/app/constants"
Expand Down Expand Up @@ -132,7 +133,8 @@ func (w *KubeWaiter) WaitForPodToDisappear(podName string) error {
func (w *KubeWaiter) WaitForHealthyKubelet(initalTimeout time.Duration, healthzEndpoint string) error {
time.Sleep(initalTimeout)
return TryRunCommand(func() error {
resp, err := http.Get(healthzEndpoint)
client := &http.Client{Transport: netutil.SetOldTransportDefaults(&http.Transport{})}
resp, err := client.Get(healthzEndpoint)
if err != nil {
fmt.Printf("[kubelet-check] It seems like the kubelet isn't running or healthy.\n")
fmt.Printf("[kubelet-check] The HTTP call equal to 'curl -sSL %s' failed with error: %v.\n", healthzEndpoint, err)
Expand Down
5 changes: 4 additions & 1 deletion cmd/kubeadm/app/util/version.go
View file
Expand Up @@ -22,6 +22,8 @@ import (
"net/http"
"regexp"
"strings"

netutil "k8s.io/apimachinery/pkg/util/net"
)

var (
Expand Down Expand Up @@ -131,7 +133,8 @@ func splitVersion(version string) (string, string, error) {

// Internal helper: return content of URL
func fetchFromURL(url string) (string, error) {
resp, err := http.Get(url)
client := &http.Client{Transport: netutil.SetOldTransportDefaults(&http.Transport{})}
resp, err := client.Get(url)
if err != nil {
return "", fmt.Errorf("unable to get URL %q: %s", url, err.Error())
}
Expand Down

0 comments on commit 4b41a54

Please sign in to comment.