kubernetes
/
minikube
mirror of https://github.com/kubernetes/minikube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix typo

pull/10823/head
Yanshu Zhao 2021-03-23 15:39:04 +00:00
parent 30287b42ad
commit 14ec53f29f
2 changed files with 7 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cmd/auto-pause/auto-pause-hook/config.go
View File

@ -33,10 +33,11 @@ import (
var ( var (
webhookName = "env-inject-webhook" webhookName = "env-inject-webhook"
webhookConfigName = "env-inject.zyanshu.io" webhookConfigName = "env-inject.zyanshu.io"
skipLabel = "auto-pause-skip"
) )
// Create a clientset with in-cluster config. // Create a clientset with in-cluster config.
func Client() *kubernetes.Clientset { func client() *kubernetes.Clientset {
config, err := rest.InClusterConfig() config, err := rest.InClusterConfig()
if err != nil { if err != nil {
glog.Fatal(err) glog.Fatal(err)
@ -50,7 +51,7 @@ func Client() *kubernetes.Clientset {
// Retrieve the CA cert that will signed the cert used by the // Retrieve the CA cert that will signed the cert used by the
// "GenericAdmissionWebhook" plugin admission controller. // "GenericAdmissionWebhook" plugin admission controller.
func APIServerCert(clientset *kubernetes.Clientset) []byte { func apiServerCert(clientset *kubernetes.Clientset) []byte {
c, err := clientset.CoreV1().ConfigMaps("kube-system").Get("extension-apiserver-authentication", metav1.GetOptions{}) c, err := clientset.CoreV1().ConfigMaps("kube-system").Get("extension-apiserver-authentication", metav1.GetOptions{})
if err != nil { if err != nil {
glog.Fatal(err) glog.Fatal(err)
@ -65,7 +66,7 @@ func APIServerCert(clientset *kubernetes.Clientset) []byte {
} }
func configTLS(clientset *kubernetes.Clientset, serverCert []byte, serverKey []byte) *tls.Config { func configTLS(clientset *kubernetes.Clientset, serverCert []byte, serverKey []byte) *tls.Config {
cert := APIServerCert(clientset) cert := apiServerCert(clientset)
apiserverCA := x509.NewCertPool() apiserverCA := x509.NewCertPool()
apiserverCA.AppendCertsFromPEM(cert) apiserverCA.AppendCertsFromPEM(cert)
@ -122,7 +123,7 @@ func selfRegistration(clientset *kubernetes.Clientset, caCert []byte) {
ObjectSelector: &metav1.LabelSelector{ ObjectSelector: &metav1.LabelSelector{
MatchExpressions: []metav1.LabelSelectorRequirement{ MatchExpressions: []metav1.LabelSelectorRequirement{
{ {
Key: "auto-pause-skip", Key: skipLabel,
Operator: metav1.LabelSelectorOpDoesNotExist, Operator: metav1.LabelSelectorOpDoesNotExist,
}, },
}, },

10
cmd/auto-pause/auto-pause-hook/main.go
View File

@ -44,12 +44,6 @@ var (
var targetIP *string var targetIP *string
var minikubeSystemNamespaces = []string{
metav1.NamespaceSystem,
metav1.NamespacePublic,
"auto-pause",
}
func handler(w http.ResponseWriter, r *http.Request) { func handler(w http.ResponseWriter, r *http.Request) {
log.Println("Handling a request") log.Println("Handling a request")
@ -93,7 +87,7 @@ func admissionError(err error) *v1.AdmissionResponse {
} }
} }
// Create the admission descision for the request // Create the admission decision for the request
func AdmissionDecision(admReq *v1.AdmissionReview) *v1.AdmissionResponse { func AdmissionDecision(admReq *v1.AdmissionReview) *v1.AdmissionResponse {
req := admReq.Request req := admReq.Request
var pod corev1.Pod var pod corev1.Pod
@ -169,7 +163,7 @@ func main() {
log.Printf("Starting HTTPS webhook server on %+v and target ip is %v", *addr, *targetIP) log.Printf("Starting HTTPS webhook server on %+v and target ip is %v", *addr, *targetIP)
cacert, serverCert, serverKey := gencerts() cacert, serverCert, serverKey := gencerts()
clientset := Client() clientset := client()
server := &http.Server{ server := &http.Server{
Addr: *addr, Addr: *addr,
TLSConfig: configTLS(clientset, serverCert, serverKey), TLSConfig: configTLS(clientset, serverCert, serverKey),