From 796d1aa7c546e2fcf6b821e140e41cde6d4b5319 Mon Sep 17 00:00:00 2001 From: Seth Jennings Date: Fri, 16 Aug 2019 13:14:59 -0500 Subject: [PATCH 1/5] glide: point github.com/apcera/gssapi dep to openshift fork --- glide.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/glide.yaml b/glide.yaml index d0413d331433..9fe1b1b5d3f5 100644 --- a/glide.yaml +++ b/glide.yaml @@ -183,6 +183,7 @@ import: version: a3acf13e802c358d65f249324d14ed24aac11370 # auth (for oc kerberos on linux + mac) - package: github.com/apcera/gssapi + repo: https://github.com/openshift/gssapi.git version: release-2.6.3 # auth (for oc kerberos on windows) - package: github.com/alexbrainman/sspi From a19494707f6e61ac1c403e2185f3ed06f578851f Mon Sep 17 00:00:00 2001 From: Seth Jennings Date: Fri, 16 Aug 2019 15:56:31 -0500 Subject: [PATCH 2/5] remove DefaultServingCertificate validation --- .../apiserver/validate_apiserver.go | 24 ------------------- 1 file changed, 24 deletions(-) diff --git a/pkg/admission/customresourcevalidation/apiserver/validate_apiserver.go b/pkg/admission/customresourcevalidation/apiserver/validate_apiserver.go index c978158b024d..85236a956ec6 100644 --- a/pkg/admission/customresourcevalidation/apiserver/validate_apiserver.go +++ b/pkg/admission/customresourcevalidation/apiserver/validate_apiserver.go @@ -41,7 +41,6 @@ func (a apiserverV1) ValidateCreate(uncastObj runtime.Object) field.ErrorList { } errs = append(errs, validation.ValidateObjectMeta(&obj.ObjectMeta, false, customresourcevalidation.RequireNameCluster, field.NewPath("metadata"))...) - errs = append(errs, validateAPIServerSpecCreate(obj.Spec)...) errs = append(errs, a.validateSNINames(obj)...) return errs @@ -90,7 +89,6 @@ func (a apiserverV1) ValidateUpdate(uncastObj runtime.Object, uncastOldObj runti } errs = append(errs, validation.ValidateObjectMetaUpdate(&obj.ObjectMeta, &oldObj.ObjectMeta, field.NewPath("metadata"))...) - errs = append(errs, validateAPIServerSpecUpdate(obj.Spec, oldObj.Spec)...) errs = append(errs, a.validateSNINames(obj)...) return errs @@ -113,28 +111,6 @@ func (apiserverV1) ValidateStatusUpdate(uncastObj runtime.Object, uncastOldObj r return errs } -func validateAPIServerSpecCreate(spec configv1.APIServerSpec) field.ErrorList { - errs := field.ErrorList{} - - // we rely on fall through for the service network - if len(spec.ServingCerts.DefaultServingCertificate.Name) > 0 { - errs = append(errs, field.Forbidden(field.NewPath("spec").Child("servingCerts").Child("defaultServingCertificate").Child("name"), "may not be set")) - } - - return errs -} - -func validateAPIServerSpecUpdate(newSpec, oldSpec configv1.APIServerSpec) field.ErrorList { - errs := field.ErrorList{} - - // we rely on fall through for the service network - if len(newSpec.ServingCerts.DefaultServingCertificate.Name) > 0 { - errs = append(errs, field.Forbidden(field.NewPath("spec").Child("servingCerts").Child("defaultServingCertificate").Child("name"), "may not be set")) - } - - return errs -} - func validateAPIServerStatus(status configv1.APIServerStatus) field.ErrorList { errs := field.ErrorList{} From a29f95f397654193377969a530f1ee5c83253d8b Mon Sep 17 00:00:00 2001 From: Seth Jennings Date: Fri, 16 Aug 2019 15:58:01 -0500 Subject: [PATCH 3/5] bump(*) --- glide.lock | 13 +- .../api/config/v1/types_apiserver.go | 9 -- .../api/config/v1/zz_generated.deepcopy.go | 1 - .../v1/zz_generated.swagger_doc_generated.go | 3 +- .../operator/resource/resourceapply/core.go | 23 +++- .../remove_stale_conditions.go | 116 ++++++++++++++++++ .../photon-controller-go-sdk/photon/client.go | 4 +- .../photon/deployments_test.go | 6 +- .../photon/lightwave/oidcclient_test.go | 2 +- 9 files changed, 152 insertions(+), 25 deletions(-) create mode 100644 vendor/github.com/openshift/library-go/pkg/operator/staleconditions/remove_stale_conditions.go diff --git a/glide.lock b/glide.lock index 5b9efd80d206..4122467e67bb 100644 --- a/glide.lock +++ b/glide.lock @@ -1,5 +1,5 @@ -hash: 77f25154aedfa407df78dfee253ba73dd2c7efaaaf63abcb20cefd4d16d05c4a -updated: 2019-07-10T16:08:05.181813755-04:00 +hash: 1ed0811f212ed316fcb759046742b217c8e0289a37cab9fed9d8f5c5db5677fb +updated: 2019-08-16T15:57:39.489055046-05:00 imports: - name: bitbucket.org/ww/goautoneg version: 75cd24fc2f2c2a2088577d12123ddee5f54e0675 @@ -15,6 +15,7 @@ imports: - negotiate - name: github.com/apcera/gssapi version: 5fb4217df13b8e6878046fe1e5c10e560e1b86dc + repo: https://github.com/openshift/gssapi.git - name: github.com/armon/circbuf version: bbbad097214e2918d8543d5201d12bfd7bca254d - name: github.com/asaskevich/govalidator @@ -849,7 +850,7 @@ imports: - go-selinux - go-selinux/label - name: github.com/openshift/api - version: 81d064c11ff2d62705dbb09ed9ac200ef9557716 + version: 9ea19f9dd57858bb3fd8ec7051a99ca5e1ae88d6 subpackages: - apps - apps/v1 @@ -1024,7 +1025,7 @@ imports: - user/informers/externalversions/user/v1 - user/listers/user/v1 - name: github.com/openshift/library-go - version: 2467051efd29fec85731629f925b82f3c477db30 + version: a8b3af87bfde83643053d9d1c1da9b9593ffe20e subpackages: - pkg/assets - pkg/assets/create @@ -1458,7 +1459,7 @@ imports: - name: gopkg.in/yaml.v2 version: 5420a8b6744d3b0345ab293f6fcba19c978f1183 - name: k8s.io/api - version: 91a629a47dd4b8816f5d974f41ae0335b6468ec1 + version: b18e97b54e4005d2ff259a96a0b5d06f11779b9d repo: https://github.com/openshift/kubernetes-api.git subpackages: - admission/v1beta1 @@ -2040,7 +2041,7 @@ imports: subpackages: - config/v1beta1 - name: k8s.io/kubernetes - version: cc2afe3181bd5593ad5c03e9a768e3ff270ec343 + version: fd7008ebbbb179b36367d02fc929ca7eb514d0b0 repo: https://github.com/openshift/kubernetes.git subpackages: - cmd/cloud-controller-manager/app/apis/config diff --git a/vendor/github.com/openshift/api/config/v1/types_apiserver.go b/vendor/github.com/openshift/api/config/v1/types_apiserver.go index 9a13b85274d1..52018d20bb95 100644 --- a/vendor/github.com/openshift/api/config/v1/types_apiserver.go +++ b/vendor/github.com/openshift/api/config/v1/types_apiserver.go @@ -33,15 +33,6 @@ type APIServerSpec struct { } type APIServerServingCerts struct { - // defaultServingCertificate references a kubernetes.io/tls type secret containing the default TLS cert info for - // serving secure traffic. If no named certificates match the server name as understood by a client, this default - // certificate will be used. If defaultServingCertificate is not specified, then a operator managed certificate will - // be used. - // The secret must exist in the openshift-config namespace and contain the following required fields: - // - Secret.Data["tls.key"] - TLS private key. - // - Secret.Data["tls.crt"] - TLS certificate. - // +optional - DefaultServingCertificate SecretNameReference `json:"defaultServingCertificate"` // namedCertificates references secrets containing the TLS cert info for serving secure traffic to specific hostnames. // If no named certificates are provided, or no named certificates match the server name as understood by a client, // the defaultServingCertificate will be used. diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go index bb944cd89f54..2addbc310ecd 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.deepcopy.go @@ -95,7 +95,6 @@ func (in *APIServerNamedServingCert) DeepCopy() *APIServerNamedServingCert { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *APIServerServingCerts) DeepCopyInto(out *APIServerServingCerts) { *out = *in - out.DefaultServingCertificate = in.DefaultServingCertificate if in.NamedCertificates != nil { in, out := &in.NamedCertificates, &out.NamedCertificates *out = make([]APIServerNamedServingCert, len(*in)) diff --git a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go index 18e6fb47b9de..67c118265d8d 100644 --- a/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go +++ b/vendor/github.com/openshift/api/config/v1/zz_generated.swagger_doc_generated.go @@ -262,8 +262,7 @@ func (APIServerNamedServingCert) SwaggerDoc() map[string]string { } var map_APIServerServingCerts = map[string]string{ - "defaultServingCertificate": "defaultServingCertificate references a kubernetes.io/tls type secret containing the default TLS cert info for serving secure traffic. If no named certificates match the server name as understood by a client, this default certificate will be used. If defaultServingCertificate is not specified, then a operator managed certificate will be used. The secret must exist in the openshift-config namespace and contain the following required fields: - Secret.Data[\"tls.key\"] - TLS private key. - Secret.Data[\"tls.crt\"] - TLS certificate.", - "namedCertificates": "namedCertificates references secrets containing the TLS cert info for serving secure traffic to specific hostnames. If no named certificates are provided, or no named certificates match the server name as understood by a client, the defaultServingCertificate will be used.", + "namedCertificates": "namedCertificates references secrets containing the TLS cert info for serving secure traffic to specific hostnames. If no named certificates are provided, or no named certificates match the server name as understood by a client, the defaultServingCertificate will be used.", } func (APIServerServingCerts) SwaggerDoc() map[string]string { diff --git a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go index 870b7ceb6422..36777d6eb474 100644 --- a/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go +++ b/vendor/github.com/openshift/library-go/pkg/operator/resource/resourceapply/core.go @@ -196,6 +196,10 @@ func ApplyConfigMap(client coreclientv1.ConfigMapsGetter, recorder events.Record // ApplySecret merges objectmeta, requires data func ApplySecret(client coreclientv1.SecretsGetter, recorder events.Recorder, required *corev1.Secret) (*corev1.Secret, bool, error) { + if len(required.StringData) > 0 { + return nil, false, fmt.Errorf("Secret.stringData is not supported") + } + existing, err := client.Secrets(required.Namespace).Get(required.Name, metav1.GetOptions{}) if apierrors.IsNotFound(err) { actual, err := client.Secrets(required.Namespace).Create(required) @@ -210,6 +214,7 @@ func ApplySecret(client coreclientv1.SecretsGetter, recorder events.Recorder, re existingCopy := existing.DeepCopy() resourcemerge.EnsureObjectMeta(modified, &existingCopy.ObjectMeta, required.ObjectMeta) + dataSame := equality.Semantic.DeepEqual(existingCopy.Data, required.Data) if dataSame && !*modified { return existingCopy, false, nil @@ -217,7 +222,23 @@ func ApplySecret(client coreclientv1.SecretsGetter, recorder events.Recorder, re existingCopy.Data = required.Data if klog.V(4) { - klog.Infof("Secret %q changes: %v", required.Namespace+"/"+required.Name, JSONPatch(existing, required)) + safeRequired := required.DeepCopy() + safeExisting := existing.DeepCopy() + + for s := range safeExisting.Data { + safeExisting.Data[s] = []byte("OLD") + } + for s := range safeRequired.Data { + if _, preexisting := existing.Data[s]; !preexisting { + safeRequired.Data[s] = []byte("NEW") + } else if !equality.Semantic.DeepEqual(existing.Data[s], safeRequired.Data[s]) { + safeRequired.Data[s] = []byte("MODIFIED") + } else { + safeRequired.Data[s] = []byte("OLD") + } + } + + klog.Infof("Secret %q changes: %v", required.Namespace+"/"+required.Name, JSONPatch(safeExisting, safeRequired)) } actual, err := client.Secrets(required.Namespace).Update(existingCopy) diff --git a/vendor/github.com/openshift/library-go/pkg/operator/staleconditions/remove_stale_conditions.go b/vendor/github.com/openshift/library-go/pkg/operator/staleconditions/remove_stale_conditions.go new file mode 100644 index 000000000000..f9b94d82763f --- /dev/null +++ b/vendor/github.com/openshift/library-go/pkg/operator/staleconditions/remove_stale_conditions.go @@ -0,0 +1,116 @@ +package staleconditions + +import ( + "fmt" + "time" + + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/util/workqueue" + "k8s.io/klog" + + operatorv1 "github.com/openshift/api/operator/v1" + "github.com/openshift/library-go/pkg/operator/events" + "github.com/openshift/library-go/pkg/operator/v1helpers" +) + +const workQueueKey = "key" + +type RemoveStaleConditions struct { + conditions []string + + operatorClient v1helpers.OperatorClient + cachesToSync []cache.InformerSynced + + eventRecorder events.Recorder + // queue only ever has one item, but it has nice error handling backoff/retry semantics + queue workqueue.RateLimitingInterface +} + +func NewRemoveStaleConditions( + conditions []string, + operatorClient v1helpers.OperatorClient, + eventRecorder events.Recorder, +) *RemoveStaleConditions { + c := &RemoveStaleConditions{ + conditions: conditions, + + operatorClient: operatorClient, + eventRecorder: eventRecorder, + cachesToSync: []cache.InformerSynced{operatorClient.Informer().HasSynced}, + + queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "RemoveStaleConditions"), + } + + operatorClient.Informer().AddEventHandler(c.eventHandler()) + + return c +} + +func (c RemoveStaleConditions) sync() error { + removeStaleConditionsFn := func(status *operatorv1.OperatorStatus) error { + for _, condition := range c.conditions { + v1helpers.RemoveOperatorCondition(&status.Conditions, condition) + } + return nil + } + + if _, _, err := v1helpers.UpdateStatus(c.operatorClient, removeStaleConditionsFn); err != nil { + return err + } + + return nil +} + +// Run starts the kube-scheduler and blocks until stopCh is closed. +func (c *RemoveStaleConditions) Run(workers int, stopCh <-chan struct{}) { + defer utilruntime.HandleCrash() + defer c.queue.ShutDown() + + klog.Infof("Starting RemoveStaleConditions") + defer klog.Infof("Shutting down RemoveStaleConditions") + + if !cache.WaitForCacheSync(stopCh, c.cachesToSync...) { + utilruntime.HandleError(fmt.Errorf("caches did not sync")) + return + } + + // doesn't matter what workers say, only start one. + go wait.Until(c.runWorker, time.Second, stopCh) + + <-stopCh +} + +func (c *RemoveStaleConditions) runWorker() { + for c.processNextWorkItem() { + } +} + +func (c *RemoveStaleConditions) processNextWorkItem() bool { + dsKey, quit := c.queue.Get() + if quit { + return false + } + defer c.queue.Done(dsKey) + + err := c.sync() + if err == nil { + c.queue.Forget(dsKey) + return true + } + + utilruntime.HandleError(fmt.Errorf("%v failed with : %v", dsKey, err)) + c.queue.AddRateLimited(dsKey) + + return true +} + +// eventHandler queues the operator to check spec and status +func (c *RemoveStaleConditions) eventHandler() cache.ResourceEventHandler { + return cache.ResourceEventHandlerFuncs{ + AddFunc: func(obj interface{}) { c.queue.Add(workQueueKey) }, + UpdateFunc: func(old, new interface{}) { c.queue.Add(workQueueKey) }, + DeleteFunc: func(obj interface{}) { c.queue.Add(workQueueKey) }, + } +} diff --git a/vendor/github.com/vmware/photon-controller-go-sdk/photon/client.go b/vendor/github.com/vmware/photon-controller-go-sdk/photon/client.go index fb48c59820b9..5e0faac7bd6c 100644 --- a/vendor/github.com/vmware/photon-controller-go-sdk/photon/client.go +++ b/vendor/github.com/vmware/photon-controller-go-sdk/photon/client.go @@ -142,8 +142,8 @@ func NewClient(endpoint string, options *ClientOptions, logger *log.Logger) (c * } restClient := &restClient{ - httpClient: &http.Client{Transport: tr}, - logger: logger, + httpClient: &http.Client{Transport: tr}, + logger: logger, UpdateAccessTokenCallback: tokenCallback, } diff --git a/vendor/github.com/vmware/photon-controller-go-sdk/photon/deployments_test.go b/vendor/github.com/vmware/photon-controller-go-sdk/photon/deployments_test.go index cbbd5f681089..dbfc8f85da86 100644 --- a/vendor/github.com/vmware/photon-controller-go-sdk/photon/deployments_test.go +++ b/vendor/github.com/vmware/photon-controller-go-sdk/photon/deployments_test.go @@ -32,7 +32,7 @@ var _ = Describe("Deployment", func() { deploymentSpec = &DeploymentCreateSpec{ ImageDatastores: []string{randomString(10, "go-sdk-deployment-")}, UseImageDatastoreForVms: true, - Auth: &AuthInfo{}, + Auth: &AuthInfo{}, } }) @@ -59,8 +59,8 @@ var _ = Describe("Deployment", func() { mockDeployment := Deployment{ ImageDatastores: deploymentSpec.ImageDatastores, UseImageDatastoreForVms: deploymentSpec.UseImageDatastoreForVms, - Auth: &AuthInfo{}, - NetworkConfiguration: &NetworkConfiguration{Enabled: false}, + Auth: &AuthInfo{}, + NetworkConfiguration: &NetworkConfiguration{Enabled: false}, } server.SetResponseJson(200, mockDeployment) deployment, err := client.Deployments.Get(task.Entity.ID) diff --git a/vendor/github.com/vmware/photon-controller-go-sdk/photon/lightwave/oidcclient_test.go b/vendor/github.com/vmware/photon-controller-go-sdk/photon/lightwave/oidcclient_test.go index 68bc89ad608f..976f6c7afb03 100644 --- a/vendor/github.com/vmware/photon-controller-go-sdk/photon/lightwave/oidcclient_test.go +++ b/vendor/github.com/vmware/photon-controller-go-sdk/photon/lightwave/oidcclient_test.go @@ -66,7 +66,7 @@ var _ = Describe("OIDCClient", func() { Context("when server responds with valid certificate", func() { BeforeEach(func() { template := &x509.Certificate{ - IsCA: true, + IsCA: true, BasicConstraintsValid: true, SubjectKeyId: []byte{1, 2, 3}, SerialNumber: big.NewInt(1234), From 95930b62e9c20e32a3805fbaab1d8d69bfcf9640 Mon Sep 17 00:00:00 2001 From: Seth Jennings Date: Wed, 28 Aug 2019 15:49:12 -0500 Subject: [PATCH 4/5] regen openapi --- pkg/openapi/zz_generated.openapi.go | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/pkg/openapi/zz_generated.openapi.go b/pkg/openapi/zz_generated.openapi.go index 9d1ab980996d..9ddde8a8a05d 100644 --- a/pkg/openapi/zz_generated.openapi.go +++ b/pkg/openapi/zz_generated.openapi.go @@ -7063,12 +7063,6 @@ func schema_openshift_api_config_v1_APIServerServingCerts(ref common.ReferenceCa SchemaProps: spec.SchemaProps{ Type: []string{"object"}, Properties: map[string]spec.Schema{ - "defaultServingCertificate": { - SchemaProps: spec.SchemaProps{ - Description: "defaultServingCertificate references a kubernetes.io/tls type secret containing the default TLS cert info for serving secure traffic. If no named certificates match the server name as understood by a client, this default certificate will be used. If defaultServingCertificate is not specified, then a operator managed certificate will be used. The secret must exist in the openshift-config namespace and contain the following required fields: - Secret.Data[\"tls.key\"] - TLS private key. - Secret.Data[\"tls.crt\"] - TLS certificate.", - Ref: ref("github.com/openshift/api/config/v1.SecretNameReference"), - }, - }, "namedCertificates": { SchemaProps: spec.SchemaProps{ Description: "namedCertificates references secrets containing the TLS cert info for serving secure traffic to specific hostnames. If no named certificates are provided, or no named certificates match the server name as understood by a client, the defaultServingCertificate will be used.", @@ -7086,7 +7080,7 @@ func schema_openshift_api_config_v1_APIServerServingCerts(ref common.ReferenceCa }, }, Dependencies: []string{ - "github.com/openshift/api/config/v1.APIServerNamedServingCert", "github.com/openshift/api/config/v1.SecretNameReference"}, + "github.com/openshift/api/config/v1.APIServerNamedServingCert"}, } } From ea5682acd4b6e88f4b9dacb766462bfb56536b66 Mon Sep 17 00:00:00 2001 From: Seth Jennings Date: Fri, 16 Aug 2019 16:00:20 -0500 Subject: [PATCH 5/5] bump(github.com/google/cadvisor): 5fa6b13d2628c5c85c8508082cc1bdfa3373e8a9 --- glide.lock | 7 ++-- glide.yaml | 7 +++- .../google/cadvisor/container/crio/handler.go | 41 ++++++++++++++++++- 3 files changed, 49 insertions(+), 6 deletions(-) diff --git a/glide.lock b/glide.lock index 4122467e67bb..971229119958 100644 --- a/glide.lock +++ b/glide.lock @@ -1,5 +1,5 @@ -hash: 1ed0811f212ed316fcb759046742b217c8e0289a37cab9fed9d8f5c5db5677fb -updated: 2019-08-16T15:57:39.489055046-05:00 +hash: 7fd17f328c54a53ec499a89f8237c51737763dc6e02de1aae81831870ceb9faa +updated: 2019-08-16T15:59:50.809151648-05:00 imports: - name: bitbucket.org/ww/goautoneg version: 75cd24fc2f2c2a2088577d12123ddee5f54e0675 @@ -522,7 +522,8 @@ imports: - name: github.com/google/btree version: 20236160a414454a9c64b6c8829381c6f4bddcaa - name: github.com/google/cadvisor - version: 8949c822ea91fa6b4996614a5ad6ade840be24ee + version: 5fa6b13d2628c5c85c8508082cc1bdfa3373e8a9 + repo: https://github.com/openshift/google-cadvisor.git subpackages: - accelerators - cache/memory diff --git a/glide.yaml b/glide.yaml index 9fe1b1b5d3f5..ef06b7580d7f 100644 --- a/glide.yaml +++ b/glide.yaml @@ -76,8 +76,6 @@ import: version: v1.3.0 - package: github.com/coreos/bbolt version: v1.3.1-coreos.6 -- package: github.com/google/cadvisor - version: v0.32.0 # openshift second - package: github.com/openshift/api @@ -105,6 +103,11 @@ import: - package: github.com/opencontainers/runc repo: https://github.com/openshift/opencontainers-runc.git version: 7c7775178c25e952571573f44a8df281824cf8e1 + # pod - sjenning +# openshift-4.1-cadvisor-v0.32.0 +- package: github.com/google/cadvisor + repo: https://github.com/openshift/google-cadvisor.git + version: 5fa6b13d2628c5c85c8508082cc1bdfa3373e8a9 # cli - package: github.com/docker/distribution repo: https://github.com/openshift/docker-distribution.git diff --git a/vendor/github.com/google/cadvisor/container/crio/handler.go b/vendor/github.com/google/cadvisor/container/crio/handler.go index d17ba6d932f3..92c9c36b5fd2 100644 --- a/vendor/github.com/google/cadvisor/container/crio/handler.go +++ b/vendor/github.com/google/cadvisor/container/crio/handler.go @@ -33,6 +33,9 @@ import ( ) type crioContainerHandler struct { + client crioClient + name string + machineInfoFactory info.MachineInfoFactory // Absolute path to the cgroup hierarchies of this container. @@ -68,6 +71,9 @@ type crioContainerHandler struct { reference info.ContainerReference libcontainerHandler *containerlibcontainer.Handler + cgroupManager *cgroupfs.Manager + rootFs string + pidKnown bool } var _ container.ContainerHandler = &crioContainerHandler{} @@ -106,11 +112,20 @@ func newCrioContainerHandler( } id := ContainerNameToCrioId(name) + pidKnown := true cInfo, err := client.ContainerInfo(id) if err != nil { return nil, err } + if cInfo.Pid == 0 { + // If pid is not known yet, network related stats can not be retrieved by the + // libcontainer handler GetStats(). In this case, the crio handler GetStats() + // will reattempt to get the pid and, if now known, will construct the libcontainer + // handler. This libcontainer handler is then cached and reused without additional + // calls to crio. + pidKnown = false + } // passed to fs handler below ... // XXX: this is using the full container logpath, as constructed by the CRI @@ -145,6 +160,8 @@ func newCrioContainerHandler( // TODO: extract object mother method handler := &crioContainerHandler{ + client: client, + name: name, machineInfoFactory: machineInfoFactory, cgroupPaths: cgroupPaths, storageDriver: storageDriver, @@ -155,6 +172,9 @@ func newCrioContainerHandler( includedMetrics: includedMetrics, reference: containerReference, libcontainerHandler: libcontainerHandler, + cgroupManager: cgroupManager, + rootFs: rootFs, + pidKnown: pidKnown, } handler.image = cInfo.Image @@ -266,8 +286,27 @@ func (self *crioContainerHandler) getFsStats(stats *info.ContainerStats) error { return nil } +func (self *crioContainerHandler) getLibcontainerHandler() *containerlibcontainer.Handler { + if self.pidKnown { + return self.libcontainerHandler + } + + id := ContainerNameToCrioId(self.name) + + cInfo, err := self.client.ContainerInfo(id) + if err != nil || cInfo.Pid == 0 { + return self.libcontainerHandler + } + + self.pidKnown = true + self.libcontainerHandler = containerlibcontainer.NewHandler(self.cgroupManager, self.rootFs, cInfo.Pid, self.includedMetrics) + + return self.libcontainerHandler +} + func (self *crioContainerHandler) GetStats() (*info.ContainerStats, error) { - stats, err := self.libcontainerHandler.GetStats() + libcontainerHandler := self.getLibcontainerHandler() + stats, err := libcontainerHandler.GetStats() if err != nil { return stats, err }