kubectl源码分析之taint
欢迎关注我的公众号:
目前刚开始写一个月,一共写了18篇原创文章,文章目录如下:
istio多集群探秘,部署了50次多集群后我得出的结论
istio多集群链路追踪,附实操视频
istio防故障利器,你知道几个,istio新手不要读,太难!
istio业务权限控制,原来可以这么玩
istio实现非侵入压缩,微服务之间如何实现压缩
不懂envoyfilter也敢说精通istio系列-http-rbac-不要只会用AuthorizationPolicy配置权限
不懂envoyfilter也敢说精通istio系列-02-http-corsFilter-不要只会vs
不懂envoyfilter也敢说精通istio系列-03-http-csrf filter-再也不用再代码里写csrf逻辑了
不懂envoyfilter也敢说精通istio系列http-jwt_authn-不要只会RequestAuthorization
不懂envoyfilter也敢说精通istio系列-05-fault-filter-故障注入不止是vs
不懂envoyfilter也敢说精通istio系列-06-http-match-配置路由不只是vs
不懂envoyfilter也敢说精通istio系列-07-负载均衡配置不止是dr
不懂envoyfilter也敢说精通istio系列-08-连接池和断路器
不懂envoyfilter也敢说精通istio系列-09-http-route filter
不懂envoyfilter也敢说精通istio系列-network filter-redis proxy
不懂envoyfilter也敢说精通istio系列-network filter-HttpConnectionManager
不懂envoyfilter也敢说精通istio系列-ratelimit-istio ratelimit完全手册
————————————————
type TaintOptions struct {//taint结构体PrintFlags *genericclioptions.PrintFlagsToPrinter func(string) (printers.ResourcePrinter, error)resources []stringtaintsToAdd []v1.TainttaintsToRemove []v1.Taintbuilder *resource.Builderselector stringoverwrite boolall boolClientForMapping func(*meta.RESTMapping) (resource.RESTClient, error)genericclioptions.IOStreams
}
//创建taint命令
func NewCmdTaint(f cmdutil.Factory, streams genericclioptions.IOStreams) *cobra.Command {options := &TaintOptions{//初始化结构体PrintFlags: genericclioptions.NewPrintFlags("tainted").WithTypeSetter(scheme.Scheme),IOStreams: streams,}validArgs := []string{"node"}cmd := &cobra.Command{//创建cobra命令Use: "taint NODE NAME KEY_1=VAL_1:TAINT_EFFECT_1 ... KEY_N=VAL_N:TAINT_EFFECT_N",DisableFlagsInUseLine: true,Short: i18n.T("Update the taints on one or more nodes"),Long: fmt.Sprintf(taintLong, validation.DNS1123SubdomainMaxLength, validation.LabelValueMaxLength),Example: taintExample,Run: func(cmd *cobra.Command, args []string) {cmdutil.CheckErr(options.Complete(f, cmd, args))//准备cmdutil.CheckErr(options.Validate())//校验cmdutil.CheckErr(options.RunTaint())//运行},ValidArgs: validArgs,//有效参数}options.PrintFlags.AddFlags(cmd)//打印选项cmdutil.AddValidateFlags(cmd)//校验选项cmd.Flags().StringVarP(&options.selector, "selector", "l", options.selector, "Selector (label query) to filter on, supports '=', '==', and '!='.(e.g. -l key1=value1,key2=value2)")//selector选项cmd.Flags().BoolVar(&options.overwrite, "overwrite", options.overwrite, "If true, allow taints to be overwritten, otherwise reject taint updates that overwrite existing taints.")//overwrite选项cmd.Flags().BoolVar(&options.all, "all", options.all, "Select all nodes in the cluster")//all选项return cmd
}
//准备方法
func (o *TaintOptions) Complete(f cmdutil.Factory, cmd *cobra.Command, args []string) (err error) {namespace, _, err := f.ToRawKubeConfigLoader().Namespace()//获取namespaceif err != nil {return err}// retrieves resource and taint args from args// also checks args to verify that all resources are specified before taintstaintArgs := []string{}//taint参数metTaintArg := falsefor _, s := range args {//区分taint和资源isTaint := strings.Contains(s, "=") || strings.HasSuffix(s, "-")switch {case !metTaintArg && isTaint:metTaintArg = truefallthroughcase metTaintArg && isTaint:taintArgs = append(taintArgs, s)case !metTaintArg && !isTaint:o.resources = append(o.resources, s)case metTaintArg && !isTaint:return fmt.Errorf("all resources must be specified before taint changes: %s", s)}}o.ToPrinter = func(operation string) (printers.ResourcePrinter, error) {//printflag转printero.PrintFlags.NamePrintFlags.Operation = operationreturn o.PrintFlags.ToPrinter()}if len(o.resources) < 1 {//资源小于1个报错return fmt.Errorf("one or more resources must be specified as <resource> <name>")}if len(taintArgs) < 1 {//taint参数小于1个报错return fmt.Errorf("at least one taint update is required")}if o.taintsToAdd, o.taintsToRemove, err = parseTaints(taintArgs); err != nil {//解析taint,区分添加和删除return cmdutil.UsageErrorf(cmd, err.Error())}o.builder = f.NewBuilder().WithScheme(scheme.Scheme, scheme.Scheme.PrioritizedVersionsAllGroups()...).ContinueOnError().NamespaceParam(namespace).DefaultNamespace()//构造result对象if o.selector != "" {o.builder = o.builder.LabelSelectorParam(o.selector).ResourceTypes("node")}if o.all {o.builder = o.builder.SelectAllParam(o.all).ResourceTypes("node").Flatten().Latest()}if !o.all && o.selector == "" && len(o.resources) >= 2 {o.builder = o.builder.ResourceNames("node", o.resources[1:]...)}o.builder = o.builder.LabelSelectorParam(o.selector).Flatten().Latest()o.ClientForMapping = f.ClientForMapping//设置clientFormappingreturn nil
}
//校验选项
func (o TaintOptions) validateFlags() error {// Cannot have a non-empty selector and all flag set. They are mutually exclusive.if o.all && o.selector != "" {//all和selector不能同时指定return fmt.Errorf("setting 'all' parameter with a non empty selector is prohibited.")}// If both selector and all are not set.if !o.all && o.selector == "" {//如果没有指定all和selector,资源数量不能小于2个if len(o.resources) < 2 {return fmt.Errorf("at least one resource name must be specified since 'all' parameter is not set")} else {return nil}}return nil
}// Validate checks to the TaintOptions to see if there is sufficient information run the command.
//校验
func (o TaintOptions) Validate() error {resourceType := strings.ToLower(o.resources[0])validResources, isValidResource := []string{"node", "nodes"}, falsefor _, validResource := range validResources {//验证资源是否有效if resourceType == validResource {isValidResource = truebreak}}if !isValidResource {return fmt.Errorf("invalid resource type %s, only %q are supported", o.resources[0], validResources)}// check the format of taint args and checks removed taints aren't in the new taints listvar conflictTaints []stringfor _, taintAdd := range o.taintsToAdd {//判断taintadd和remove是否冲突for _, taintRemove := range o.taintsToRemove {if taintAdd.Key != taintRemove.Key {continue}if len(taintRemove.Effect) == 0 || taintAdd.Effect == taintRemove.Effect {conflictTaint := fmt.Sprintf("{\"%s\":\"%s\"}", taintRemove.Key, taintRemove.Effect)conflictTaints = append(conflictTaints, conflictTaint)}}}if len(conflictTaints) > 0 {return fmt.Errorf("can not both modify and remove the following taint(s) in the same command: %s", strings.Join(conflictTaints, ", "))}return o.validateFlags()//校验选项
}
//运行
func (o TaintOptions) RunTaint() error {r := o.builder.Do()//获取result对象if err := r.Err(); err != nil {return err}return r.Visit(func(info *resource.Info, err error) error {//visit result对象if err != nil {return err}obj := info.Object//得到objname, namespace := info.Name, info.Namespace//得到name和namespaceoldData, err := json.Marshal(obj)//保存改变前的jsonif err != nil {return err}operation, err := o.updateTaints(obj)//执行更新if err != nil {return err}newData, err := json.Marshal(obj)//保存改变后的jsonif err != nil {return err}patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldData, newData, obj)//创建patchcreatedPatch := err == nilif err != nil {klog.V(2).Infof("couldn't compute patch: %v", err)}mapping := info.ResourceMapping()//获取mappingclient, err := o.ClientForMapping(mapping)//获取clientif err != nil {return err}helper := resource.NewHelper(client, mapping)//获取helpervar outputObj runtime.Objectif createdPatch {outputObj, err = helper.Patch(namespace, name, types.StrategicMergePatchType, patchBytes, nil)//应用patch到服务端} else {outputObj, err = helper.Replace(namespace, name, false, obj)//执行替换}if err != nil {return err}printer, err := o.ToPrinter(operation)// print flag转printerif err != nil {return err}return printer.PrintObj(outputObj, o.Out)//打印结果})
}
//更新taint
func (o TaintOptions) updateTaints(obj runtime.Object) (string, error) {node, ok := obj.(*v1.Node)//把对象转为nodeif !ok {return "", fmt.Errorf("unexpected type %T, expected Node", obj)}if !o.overwrite {//如果没有指定ovrewrite,检查是否有冲突if exists := checkIfTaintsAlreadyExists(node.Spec.Taints, o.taintsToAdd); len(exists) != 0 {return "", fmt.Errorf("Node %s already has %v taint(s) with same effect(s) and --overwrite is false", node.Name, exists)}}operation, newTaints, err := reorganizeTaints(node, o.overwrite, o.taintsToAdd, o.taintsToRemove)//重新组织taintif err != nil {return "", err}node.Spec.Taints = newTaints//更新taintreturn operation, nil
}
//重新组织taint
func reorganizeTaints(node *corev1.Node, overwrite bool, taintsToAdd []corev1.Taint, taintsToRemove []corev1.Taint) (string, []corev1.Taint, error) {newTaints := append([]corev1.Taint{}, taintsToAdd...)//新的taintoldTaints := node.Spec.Taints//老的taint// add taints that already existing but not updated to newTaintsadded := addTaints(oldTaints, &newTaints)//添加后的taintallErrs, deleted := deleteTaints(taintsToRemove, &newTaints)//删除后的taintif (added && deleted) || overwrite {return MODIFIED, newTaints, utilerrors.NewAggregate(allErrs)//返回} else if added {return TAINTED, newTaints, utilerrors.NewAggregate(allErrs)}return UNTAINTED, newTaints, utilerrors.NewAggregate(allErrs)
}
kubectl源码分析之taint相关推荐
- kubectl源码分析之config delete-context
欢迎关注我的公众号: 目前刚开始写一个月,一共写了18篇原创文章,文章目录如下: istio多集群探秘,部署了50次多集群后我得出的结论 istio多集群链路追踪,附实操视频 istio防故障利器,你 ...
- kubectl源码分析之cordon and uncordon
欢迎关注我的公众号: 目前刚开始写一个月,一共写了18篇原创文章,文章目录如下: istio多集群探秘,部署了50次多集群后我得出的结论 istio多集群链路追踪,附实操视频 istio防故障利器,你 ...
- kubectl源码分析之auth reconcile
欢迎关注我的公众号: 目前刚开始写一个月,一共写了18篇原创文章,文章目录如下: istio多集群探秘,部署了50次多集群后我得出的结论 istio多集群链路追踪,附实操视频 istio防故障利器,你 ...
- k8s 驱逐eviction机制源码分析
原理部分 1. 驱逐概念介绍 kubelet会定期监控node的内存,磁盘,文件系统等资源,当达到指定的阈值后,就会先尝试回收node级别的资源,比如当磁盘资源不足时会删除不同的image,如果仍然在 ...
- kubeadm源码分析(内含kubernetes离线包,三步安装)
k8s离线安装包 三步安装,简单到难以置信 kubeadm源码分析 说句实在话,kubeadm的代码写的真心一般,质量不是很高. 几个关键点来先说一下kubeadm干的几个核心的事: kubeadm ...
- eureka 之前的服务如何关闭_干货分享 | 服务注册中心Spring Cloud Eureka部分源码分析...
友情提示:全文13000多文字,预计阅读时间10-15分钟 Spring Cloud Eureka作为常用的服务注册中心,我们有必要去了解其内在实现机制,这样出现问题的时候我们可以快速去定位问题.当我 ...
- k8s源码分析 pdf_rook源码分析之一:rook架构解析
rook简介 Rook是一款云原生环境下的开源分布式存储编排系统,目前支持 Ceph.NFS.Edegefs.Cassandra.CockroachDB等存储系统.它实现了一个自动管理的.自动扩容的. ...
- Kube Controller Manager 源码分析
Kube Controller Manager 源码分析 Controller Manager 在k8s 集群中扮演着中心管理的角色,它负责Deployment, StatefulSet, Repli ...
- kubeadm源码分析(kubernetes离线安装包,三步安装)
k8s离线安装包 三步安装,简单到难以置信 kubeadm源码分析 说句实在话,kubeadm的代码写的真心一般,质量不是很高. 几个关键点来先说一下kubeadm干的几个核心的事: kubeadm ...
最新文章
- R语言使用caret包中的createMultiFolds函数对机器学习数据集进行交叉验证抽样、返回的样本列表长度为k×times个、times为组内抽样次数
- 使用node.js构建命令行工具
- Android中removeCallbacks失效原因
- 字符串html在线互转,将string 的字符串转换为HTML的两种方法
- 解决Ubuntu spyder 无法输入中文
- UML实践详细经典教程
- C#中Split用法 转
- Vue.js:监听属性
- golang 远程传输文件
- Netty学习笔记(一)Netty客户端源码分析
- MxNet教程:使用一台机器训练1400万张图片
- 冒泡排序 和 归并排序
- python 24位图转 8位_Python爬取PPT模板小工具下载-Python爬取PPT模板小工具免费版下载v1.0...
- android反编译工具 ApkDec-Release-0.1
- Javascript 中的map/reduce
- php视图,PHP的Yii框架中View视图的使用进阶
- 字典生成工具——crunch
- 一篇文章了解爬虫技术现状
- c++ 模糊搜索 正则表达式_c++中正则表达式(regex)
- 解决fatal error C1060: 编译器的堆空间不足(详解)
热门文章
- 【微信小程序】全局样式文件app.wxss、页面的根元素page、 app.json中的window配置项
- 对话微软小娜负责人:如何撬动移动生态系统?
- 毕业5年决定你的一生_5
- Android开发框架Collection,Android社招面经分享
- 2022-2028年全球啤酒保鲜机行业收入年复合增长率CAGR为 3.9%
- 企业注销,为什么那么难?
- HEVCProfileMain10HDR10 和 非8bit数据位深的一些讨论。
- 机器人C++库(12) Robotics Library 之路径规划算法:PRM、RRT、EET算法
- 美剧 良医---读后感
- 国产开源数据库的讲解