Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

restore ability to run against secured etcd #21535

Merged
merged 1 commit into from
Mar 11, 2016
Merged

restore ability to run against secured etcd #21535

merged 1 commit into from
Mar 11, 2016

Conversation

adohe-zz
Copy link

Fixes #18760

@k8s-github-robot
Copy link

Labelling this PR as size/M

@k8s-github-robot k8s-github-robot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Feb 19, 2016
@adohe-zz
Copy link
Author

@lavalamp First I want to say I am sorry about opening this PR without carefully test since I have some questions and just want to confirm: 1) why we keep EtcdQuorumRead in ServerRunOption while put other etcd related attributes in APIServer struct? 2) After restore etcd secure ability, there are totally 7 fields about etcd configuration in APIServer, also this make newEtcdFunc signature two long, how about refactoring these 7 fields to one struct, for example EtcdConfig(three are already one) 3) for now all of etcd storage tests are with insecure etcd server, shall we add the same test cases but with secure enable? 4) finally I just want to ask something about e2e test setting. I run below commands to do e2e tests, but just failed.

sudo ./hack/local-up-cluster.sh
make all
_output/local/bin/linux/amd64/e2e.test --host="127.0.0.1:8080" --provider="local" --ginkgo.v=true -ginkgo.dryRun=true --kubeconfig="/home/tony/.kubernetes_auth" --repo-root="/home/tony/Documents/go/src/k8s.io/kubernetes/"

Also the .kubernetes_auth has such content:

{
  "User": "root",
  "Password": ""
}

And the e2e result is:

------------------------------
SchedulerPredicates [Serial] 
  validates MaxPods limit number of pods that are allowed to run [Slow]
  /home/tony/Documents/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/scheduler_predicates.go:278
•
------------------------------
Pods 
  should get a host IP [Conformance]
  /home/tony/Documents/go/src/k8s.io/kubernetes/_output/local/go/src/k8s.io/kubernetes/test/e2e/pods.go:227
•
Ran 173 of 235 Specs in 0.016 seconds
SUCCESS! -- 0 Passed | 0 Failed | 0 Pending | 62 Skipped PASS

It seems nothing happen.
Just hope to get your feedback.

@k8s-bot
Copy link

k8s-bot commented Feb 19, 2016

GCE e2e build/test failed for commit 4f07378b59a7e27b7fba0df23349905ab1e265d9.

timothysc
timothysc reviewed Feb 19, 2016
View reviewed changes
pkg/storage/etcd/etcd_helper.go
}
}

func (c *EtcdConfig) newHttpTransport() etcd.CancelableTransport {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@xiang90 care to comment here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A big TODO for a test. I'm not sure the best way. I'm assuming you manually tried it and it works? :)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@lavalamp of course, I am setting up a real test cluster to test this.

@lavalamp lavalamp assigned lavalamp and unassigned dchen1107 Feb 19, 2016
@lavalamp
Copy link
Member

Thank you for throwing this together.

@lavalamp
Copy link
Member

Sorry, totally didn't see your comment with the question. I'm not sure what's wrong, but you can try adding the -ginkgo.focus= parameter to get it to run a specific test.

@k8s-github-robot
Copy link

Labelling this PR as size/L

@k8s-github-robot k8s-github-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Feb 22, 2016
@k8s-bot
Copy link

k8s-bot commented Feb 22, 2016

GCE e2e test build/test passed for commit 5d99a15e44f257e5b0b658354d388251758f12af.

@k8s-github-robot
Copy link

PR needs rebase

@k8s-github-robot k8s-github-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 22, 2016
@k8s-github-robot k8s-github-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 22, 2016
@k8s-bot
Copy link

k8s-bot commented Feb 22, 2016

GCE e2e test build/test passed for commit f6cc7db6add481ebfe9c8f09b841c59d14164d7b.

lavalamp
lavalamp reviewed Feb 22, 2016
View reviewed changes
pkg/storage/etcd/etcd_helper.go
client etcd.KeysAPI
codec runtime.Codec
copier runtime.ObjectCopier
mapi etcd.MembersAPI
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

etcdMembers or etcdMembersClient or membersClient. Same for 'kapi'.

(IMO: short abbreviations help readability in short function local variables and hurt it in structs as member variables)

@lavalamp
Copy link
Member

New config struct is looking good, but I guess you have a bit more to do on this?

@adohe-zz
Copy link
Author

@lavalamp of course, I am keep going.

@k8s-bot
Copy link

k8s-bot commented Feb 23, 2016

GCE e2e test build/test passed for commit 76cc3f753f4f9cdfbf46d5864c1e201583d9fa97.

@bgrant0607
Copy link
Member

Is this ready to LGTM @liggitt ? I see a comment above that suggests that it is.

@liggitt
Copy link
Member

liggitt commented Mar 11, 2016

Yes, LGTM

@liggitt liggitt added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Mar 11, 2016
@adohe-zz adohe-zz mentioned this pull request Mar 11, 2016
Closed
@adohe-zz
Copy link
Author

seems the rkt unit test failed #22856. Besides I opened a follow-up issue to decide on InsecureSkipVerifyTLS here #22858

@k8s-bot
Copy link

k8s-bot commented Mar 11, 2016

GCE e2e build/test passed for commit 7228b9b.

@eparis
Copy link
Contributor

eparis commented Mar 11, 2016

@bgrant0607 is right. kind/old-docs is pretty meaningless at this point. I might get rid of it.

@bgrant0607
Copy link
Member

I'm fine with that @eparis

@bgrant0607 bgrant0607 added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label Mar 11, 2016
@bgrant0607
Copy link
Member

@k8s-bot unit test this issue: #22856

@adohe-zz
Copy link
Author

seems ready to merge. @bgrant0607

@k8s-github-robot
Copy link

@k8s-bot test this [submit-queue is verifying that this PR is safe to merge]

@k8s-bot
Copy link

k8s-bot commented Mar 11, 2016

GCE e2e build/test passed for commit 7228b9b.

@bgrant0607
Copy link
Member

e2e flaked again. Manually merging @k8s-oncall

bgrant0607 added a commit that referenced this pull request Mar 11, 2016
@bgrant0607
Merge pull request #21535 from AdoHe/restore_secure_etcd
532ba5a 
restore ability to run against secured etcd
@bgrant0607 bgrant0607 merged commit 532ba5a into kubernetes:master Mar 11, 2016
@bgrant0607 bgrant0607 added cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. and removed cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. labels Mar 11, 2016
eparis pushed a commit to eparis/kubernetes that referenced this pull request Mar 11, 2016
@bgrant0607 @eparis
Merge pull request kubernetes#21535 from AdoHe/restore_secure_etcd
d106abd 
restore ability to run against secured etcd
@eparis eparis mentioned this pull request Mar 11, 2016
Merged
@eparis
Copy link
Contributor

eparis commented Mar 11, 2016

This PR is included in #22874 which is slated to be included in the release-1.2 branch.
Please verify that the cherry-pick in that PR looks correct.

@eparis eparis removed cherrypick-candidate cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. labels Mar 11, 2016
@adohe-zz adohe-zz deleted the restore_secure_etcd branch March 14, 2016 02:04
@liggitt liggitt mentioned this pull request Mar 23, 2016
Closed
metahertz pushed a commit to metahertz/kubernetes that referenced this pull request Apr 4, 2016
@bgrant0607 @TrXuk
Merge pull request kubernetes#21535 from AdoHe/restore_secure_etcd
3bc17a2 
restore ability to run against secured etcd
@david-mcmahon david-mcmahon added the release-note-action-required Denotes a PR that introduces potentially breaking changes that require user action. label Apr 8, 2016
@timothysc timothysc mentioned this pull request Apr 21, 2016
Merged
shyamjvs pushed a commit to shyamjvs/kubernetes that referenced this pull request Dec 1, 2016
@bgrant0607 @eparis
Merge pull request kubernetes#21535 from AdoHe/restore_secure_etcd
e46cc4a 
restore ability to run against secured etcd
shouhong pushed a commit to shouhong/kubernetes that referenced this pull request Feb 14, 2017
@bgrant0607 @eparis
Merge pull request kubernetes#21535 from AdoHe/restore_secure_etcd
de3d2cc 
restore ability to run against secured etcd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@lavalamp lavalamp

Labels
lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. release-note-action-required Denotes a PR that introduces potentially breaking changes that require user action. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
v1.2
Development

Successfully merging this pull request may close these issues.