From 4c7da3d4232b5d32bd5270fe3aa1fd80a668dd1a Mon Sep 17 00:00:00 2001 From: Thomas Jackson Date: Tue, 2 Jul 2019 16:21:04 -0700 Subject: [PATCH 1/2] Use NodeAuthorizer config options instead of soely hard-codes Without this patch the timeout is 5m and the interval is 10m -- hard-coded with no mechanism to change, even though the config struct already had a timeout option (which was completely unused) --- nodeup/pkg/model/node_authorizer.go | 6 ++++++ pkg/apis/kops/cluster.go | 2 ++ pkg/apis/kops/v1alpha1/cluster.go | 2 ++ pkg/apis/kops/v1alpha2/cluster.go | 2 ++ 4 files changed, 12 insertions(+) diff --git a/nodeup/pkg/model/node_authorizer.go b/nodeup/pkg/model/node_authorizer.go index faa90ea76d520..086d5e3fe81fd 100644 --- a/nodeup/pkg/model/node_authorizer.go +++ b/nodeup/pkg/model/node_authorizer.go @@ -89,7 +89,13 @@ func (b *NodeAuthorizationBuilder) Build(c *fi.ModelBuilderContext) error { man.Set("Service", "ExecStartPre", "/bin/bash -c 'while [ ! -f "+clientCert+" ]; do sleep 5; done; sleep 5'") interval := 10 * time.Second + if na.Interval != nil { + interval = na.Interval.Duration + } timeout := 5 * time.Minute + if na.Timeout != nil { + timeout = na.Timeout.Duration + } // @node: using a string array just to make it easier to read dockerCmd := []string{ diff --git a/pkg/apis/kops/cluster.go b/pkg/apis/kops/cluster.go index 2c82b589432ad..aa0050f5ec7a9 100644 --- a/pkg/apis/kops/cluster.go +++ b/pkg/apis/kops/cluster.go @@ -189,6 +189,8 @@ type NodeAuthorizerSpec struct { NodeURL string `json:"nodeURL,omitempty"` // Port is the port the service is running on the master Port int `json:"port,omitempty"` + // Interval the time between retires for authorization request + Interval *metav1.Duration `json:"interval,omitempty"` // Timeout the max time for authorization request Timeout *metav1.Duration `json:"timeout,omitempty"` // TokenTTL is the max ttl for an issued token diff --git a/pkg/apis/kops/v1alpha1/cluster.go b/pkg/apis/kops/v1alpha1/cluster.go index 4a0c656fc04ca..1cf562e98bf2b 100644 --- a/pkg/apis/kops/v1alpha1/cluster.go +++ b/pkg/apis/kops/v1alpha1/cluster.go @@ -188,6 +188,8 @@ type NodeAuthorizerSpec struct { NodeURL string `json:"nodeURL,omitempty"` // Port is the port the service is running on the master Port int `json:"port,omitempty"` + // Interval the time between retires for authorization request + Interval *metav1.Duration `json:"interval,omitempty"` // Timeout the max time for authorization request Timeout *metav1.Duration `json:"timeout,omitempty"` // TokenTTL is the max ttl for an issued token diff --git a/pkg/apis/kops/v1alpha2/cluster.go b/pkg/apis/kops/v1alpha2/cluster.go index 6f3b3e41119d0..24c33056250e3 100644 --- a/pkg/apis/kops/v1alpha2/cluster.go +++ b/pkg/apis/kops/v1alpha2/cluster.go @@ -189,6 +189,8 @@ type NodeAuthorizerSpec struct { NodeURL string `json:"nodeURL,omitempty"` // Port is the port the service is running on the master Port int `json:"port,omitempty"` + // Interval the time between retires for authorization request + Interval *metav1.Duration `json:"interval,omitempty"` // Timeout the max time for authorization request Timeout *metav1.Duration `json:"timeout,omitempty"` // TokenTTL is the max ttl for an issued token From d7acca2486ad912c37c13a56c9be8e0407c51837 Mon Sep 17 00:00:00 2001 From: Thomas Jackson Date: Wed, 3 Jul 2019 09:57:00 -0700 Subject: [PATCH 2/2] make apimachinery --- pkg/apis/kops/v1alpha1/zz_generated.conversion.go | 2 ++ pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go | 5 +++++ pkg/apis/kops/v1alpha2/zz_generated.conversion.go | 2 ++ pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go | 5 +++++ pkg/apis/kops/zz_generated.deepcopy.go | 5 +++++ 5 files changed, 19 insertions(+) diff --git a/pkg/apis/kops/v1alpha1/zz_generated.conversion.go b/pkg/apis/kops/v1alpha1/zz_generated.conversion.go index 9111f62f17f8a..ba39c3c566c80 100644 --- a/pkg/apis/kops/v1alpha1/zz_generated.conversion.go +++ b/pkg/apis/kops/v1alpha1/zz_generated.conversion.go @@ -3974,6 +3974,7 @@ func autoConvert_v1alpha1_NodeAuthorizerSpec_To_kops_NodeAuthorizerSpec(in *Node out.Image = in.Image out.NodeURL = in.NodeURL out.Port = in.Port + out.Interval = in.Interval out.Timeout = in.Timeout out.TokenTTL = in.TokenTTL return nil @@ -3990,6 +3991,7 @@ func autoConvert_kops_NodeAuthorizerSpec_To_v1alpha1_NodeAuthorizerSpec(in *kops out.Image = in.Image out.NodeURL = in.NodeURL out.Port = in.Port + out.Interval = in.Interval out.Timeout = in.Timeout out.TokenTTL = in.TokenTTL return nil diff --git a/pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go index a10c680261e72..02183760c732a 100644 --- a/pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go @@ -2661,6 +2661,11 @@ func (in *NodeAuthorizerSpec) DeepCopyInto(out *NodeAuthorizerSpec) { copy(*out, *in) } } + if in.Interval != nil { + in, out := &in.Interval, &out.Interval + *out = new(v1.Duration) + **out = **in + } if in.Timeout != nil { in, out := &in.Timeout, &out.Timeout *out = new(v1.Duration) diff --git a/pkg/apis/kops/v1alpha2/zz_generated.conversion.go b/pkg/apis/kops/v1alpha2/zz_generated.conversion.go index 9e46a10475dd3..44bb22fd93089 100644 --- a/pkg/apis/kops/v1alpha2/zz_generated.conversion.go +++ b/pkg/apis/kops/v1alpha2/zz_generated.conversion.go @@ -4244,6 +4244,7 @@ func autoConvert_v1alpha2_NodeAuthorizerSpec_To_kops_NodeAuthorizerSpec(in *Node out.Image = in.Image out.NodeURL = in.NodeURL out.Port = in.Port + out.Interval = in.Interval out.Timeout = in.Timeout out.TokenTTL = in.TokenTTL return nil @@ -4260,6 +4261,7 @@ func autoConvert_kops_NodeAuthorizerSpec_To_v1alpha2_NodeAuthorizerSpec(in *kops out.Image = in.Image out.NodeURL = in.NodeURL out.Port = in.Port + out.Interval = in.Interval out.Timeout = in.Timeout out.TokenTTL = in.TokenTTL return nil diff --git a/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go b/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go index 9181f5ad7f147..3d4f1baad7ec2 100644 --- a/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go +++ b/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go @@ -2732,6 +2732,11 @@ func (in *NodeAuthorizerSpec) DeepCopyInto(out *NodeAuthorizerSpec) { copy(*out, *in) } } + if in.Interval != nil { + in, out := &in.Interval, &out.Interval + *out = new(v1.Duration) + **out = **in + } if in.Timeout != nil { in, out := &in.Timeout, &out.Timeout *out = new(v1.Duration) diff --git a/pkg/apis/kops/zz_generated.deepcopy.go b/pkg/apis/kops/zz_generated.deepcopy.go index bf1cdf2125e31..490dfa3d664d6 100644 --- a/pkg/apis/kops/zz_generated.deepcopy.go +++ b/pkg/apis/kops/zz_generated.deepcopy.go @@ -2930,6 +2930,11 @@ func (in *NodeAuthorizerSpec) DeepCopyInto(out *NodeAuthorizerSpec) { copy(*out, *in) } } + if in.Interval != nil { + in, out := &in.Interval, &out.Interval + *out = new(v1.Duration) + **out = **in + } if in.Timeout != nil { in, out := &in.Timeout, &out.Timeout *out = new(v1.Duration)