Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WIP: Update Kubernetes API to support Debug Containers #46243

Closed
wants to merge 2 commits into from
Closed

WIP: Update Kubernetes API to support Debug Containers #46243

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0191085
Extend pod exec API to support Debug Containers
verb Sep 7, 2017
d38b622
Generated code for PodExecOptions API
verb Sep 7, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions api/openapi-spec/swagger.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4289,6 +4289,13 @@
"name": "container",
"in": "query"
},
{
"uniqueItems": true,
"type": "string",
"description": "Image is an optional container image name that will be used to for the Debug Container in the specified Pod with Command as ENTRYPOINT. If omitted a default image will be used.",
"name": "image",
"in": "query"
},
{
"uniqueItems": true,
"type": "string",
Expand All @@ -4297,6 +4304,13 @@
"in": "path",
"required": true
},
{
"uniqueItems": true,
"type": "string",
"description": "Name is the name of the Debug Container. Its presence will cause exec to create a Debug Container rather than performing a runtime exec.",
"name": "name",
"in": "query"
},
{
"uniqueItems": true,
"type": "string",
Expand Down
32 changes: 32 additions & 0 deletions api/swagger-spec/v1.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10212,6 +10212,22 @@
"required": false,
"allowMultiple": false
},
{
"type": "string",
"paramType": "query",
"name": "name",
"description": "Name is the name of the Debug Container. Its presence will cause exec to create a Debug Container rather than performing a runtime exec.",
"required": false,
"allowMultiple": false
},
{
"type": "string",
"paramType": "query",
"name": "image",
"description": "Image is an optional container image name that will be used to for the Debug Container in the specified Pod with Command as ENTRYPOINT. If omitted a default image will be used.",
"required": false,
"allowMultiple": false
},
{
"type": "string",
"paramType": "path",
Expand Down Expand Up @@ -10290,6 +10306,22 @@
"required": false,
"allowMultiple": false
},
{
"type": "string",
"paramType": "query",
"name": "name",
"description": "Name is the name of the Debug Container. Its presence will cause exec to create a Debug Container rather than performing a runtime exec.",
"required": false,
"allowMultiple": false
},
{
"type": "string",
"paramType": "query",
"name": "image",
"description": "Image is an optional container image name that will be used to for the Debug Container in the specified Pod with Command as ENTRYPOINT. If omitted a default image will be used.",
"required": false,
"allowMultiple": false
},
{
"type": "string",
"paramType": "path",
Expand Down
32 changes: 32 additions & 0 deletions docs/api-reference/v1/operations.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8966,6 +8966,22 @@ <h4 id="_parameters_59">Parameters</h4>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">QueryParameter</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">name</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Name is the name of the Debug Container. Its presence will cause exec to create a Debug Container rather than performing a runtime exec.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">string</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">QueryParameter</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">image</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Image is an optional container image name that will be used to for the Debug Container in the specified Pod with Command as ENTRYPOINT. If omitted a default image will be used.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">string</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">PathParameter</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">namespace</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">object name and auth scope, such as for teams and projects</p></td>
Expand Down Expand Up @@ -9119,6 +9135,22 @@ <h4 id="_parameters_60">Parameters</h4>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">QueryParameter</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">name</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Name is the name of the Debug Container. Its presence will cause exec to create a Debug Container rather than performing a runtime exec.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">string</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">QueryParameter</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">image</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">Image is an optional container image name that will be used to for the Debug Container in the specified Pod with Command as ENTRYPOINT. If omitted a default image will be used.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">string</p></td>
<td class="tableblock halign-left valign-top"></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">PathParameter</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">namespace</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">object name and auth scope, such as for teams and projects</p></td>
Expand Down
14 changes: 14 additions & 0 deletions pkg/api/types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3626,6 +3626,15 @@ type PodExecOptions struct {

// Command is the remote command to execute; argv array; not executed within a shell.
Command []string

// Name is the name of the Debug Container. Its presence will cause
// exec to create a Debug Container rather than performing a runtime exec.
AlphaName string

// Image is an optional container image name that will be used to for the Debug
// Container in the specified Pod with Command as ENTRYPOINT. If omitted a
// default image will be used.
AlphaImage string
}

// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
Expand Down Expand Up @@ -4127,6 +4136,11 @@ const (
ExecTTYParam = "tty"
// Command to run for remote command execution
ExecCommandParam = "command"
// Name of Debug Container when executing container image
// TODO(verb): will this conflict with target container name?
ExecDebugNameParam = "name"
// Container Image for Debug Container
ExecImageParam = "image"

// Name of header that specifies stream type
StreamType = "streamType"
Expand Down
4 changes: 4 additions & 0 deletions pkg/api/v1/zz_generated.conversion.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3420,6 +3420,8 @@ func autoConvert_v1_PodExecOptions_To_api_PodExecOptions(in *v1.PodExecOptions,
out.TTY = in.TTY
out.Container = in.Container
out.Command = *(*[]string)(unsafe.Pointer(&in.Command))
out.AlphaName = in.AlphaName
out.AlphaImage = in.AlphaImage
return nil
}

Expand All @@ -3435,6 +3437,8 @@ func autoConvert_api_PodExecOptions_To_v1_PodExecOptions(in *api.PodExecOptions,
out.TTY = in.TTY
out.Container = in.Container
out.Command = *(*[]string)(unsafe.Pointer(&in.Command))
out.AlphaName = in.AlphaName
out.AlphaImage = in.AlphaImage
return nil
}

Expand Down
1 change: 1 addition & 0 deletions pkg/registry/core/pod/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ go_library(
"//pkg/api/helper/qos:go_default_library",
"//pkg/api/pod:go_default_library",
"//pkg/api/validation:go_default_library",
"//pkg/features:go_default_library",
"//pkg/kubelet/client:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
"//vendor/k8s.io/apimachinery/pkg/api/meta:go_default_library",
Expand Down
26 changes: 23 additions & 3 deletions pkg/registry/core/pod/strategy.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ import (
utilnet "k8s.io/apimachinery/pkg/util/net"
"k8s.io/apimachinery/pkg/util/validation/field"
genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
"k8s.io/apiserver/pkg/features"
genericfeatures "k8s.io/apiserver/pkg/features"
"k8s.io/apiserver/pkg/registry/generic"
"k8s.io/apiserver/pkg/storage"
"k8s.io/apiserver/pkg/storage/names"
Expand All @@ -45,6 +45,7 @@ import (
"k8s.io/kubernetes/pkg/api/helper/qos"
podutil "k8s.io/kubernetes/pkg/api/pod"
"k8s.io/kubernetes/pkg/api/validation"
"k8s.io/kubernetes/pkg/features"
"k8s.io/kubernetes/pkg/kubelet/client"
)

Expand Down Expand Up @@ -100,7 +101,7 @@ func (podStrategy) AllowCreateOnUpdate() bool {
}

func isUpdatingUninitializedPod(old runtime.Object) (bool, error) {
if !utilfeature.DefaultFeatureGate.Enabled(features.Initializers) {
if !utilfeature.DefaultFeatureGate.Enabled(genericfeatures.Initializers) {
return false, nil
}
oldMeta, err := meta.Accessor(old)
Expand Down Expand Up @@ -416,6 +417,12 @@ func streamParams(params url.Values, opts runtime.Object) error {
for _, c := range opts.Command {
params.Add("command", c)
}
if opts.AlphaName != "" {
params.Add(api.ExecDebugNameParam, opts.AlphaName)
}
if opts.AlphaImage != "" {
params.Add(api.ExecImageParam, opts.AlphaImage)
}
case *api.PodAttachOptions:
if opts.Stdin {
params.Add(api.ExecStdinParam, "1")
Expand Down Expand Up @@ -464,7 +471,18 @@ func ExecLocation(
name string,
opts *api.PodExecOptions,
) (*url.URL, http.RoundTripper, error) {
return streamLocation(getter, connInfo, ctx, name, opts, opts.Container, "exec")
kubeletPath := "exec"
if opts.AlphaName != "" || opts.AlphaImage != "" {
if !utilfeature.DefaultFeatureGate.Enabled(features.DebugContainers) {
return nil, nil, errors.NewBadRequest("debug containers feature disabled")
}
if opts.AlphaName == "" {
// TODO(verb): consider allowing either and defaulting/generating the other
return nil, nil, errors.NewBadRequest("Name required when Image specified")
}
kubeletPath = "podDebug"
}
return streamLocation(getter, connInfo, ctx, name, opts, opts.Container, kubeletPath)
}

func streamLocation(
Expand All @@ -490,6 +508,8 @@ func streamLocation(
case 0:
return nil, nil, errors.NewBadRequest(fmt.Sprintf("a container name must be specified for pod %s", name))
default:
// TODO(verb): It will be valid to omit a target container name when using a Debug Container when the entire pod
// shares a PID namespace, but we won't be able to check that here until PID sharing is specified in the pod spec.
containerNames := getContainerNames(pod.Spec.Containers)
initContainerNames := getContainerNames(pod.Spec.InitContainers)
err := fmt.Sprintf("a container name must be specified for pod %s, choose one of: [%s]", name, containerNames)
Expand Down
Loading