From eafe3c067bbd44891bae199372e9150a4bd703c4 Mon Sep 17 00:00:00 2001 From: lu chen <1813927768@qq.com> Date: Thu, 30 Mar 2023 10:39:51 +0800 Subject: [PATCH] migrate controller poolcoordinatorcert (#1336) --- .../yurt-manager-auto-generated.yaml | 19 +++ charts/openyurt/templates/yurt-manager.yaml | 4 +- charts/openyurt/values.yaml | 13 +- .../app/controllermanager.go | 1 - cmd/yurt-controller-manager/app/core.go | 10 -- .../apps/v1alpha1/zz_generated.deepcopy.go | 2 +- .../apps/v1beta1/zz_generated.deepcopy.go | 2 +- .../raven/v1alpha1/zz_generated.deepcopy.go | 2 +- pkg/controller/add_poolcoordinatorcert.go | 30 ++++ .../poolcoordinator/cert/certificate.go | 16 +- .../poolcoordinator/cert/certificate_test.go | 2 +- ...r.go => poolcoordinatorcert_controller.go} | 151 +++++++++--------- ...=> poolcoordinatorcert_controller_test.go} | 2 +- pkg/controller/poolcoordinator/cert/secret.go | 6 +- .../poolcoordinator/cert/secret_test.go | 2 +- pkg/controller/poolcoordinator/cert/util.go | 6 +- .../poolcoordinator/cert/util_test.go | 2 +- 17 files changed, 152 insertions(+), 118 deletions(-) create mode 100644 pkg/controller/add_poolcoordinatorcert.go rename pkg/controller/poolcoordinator/cert/{poolcoordinator_cert_manager.go => poolcoordinatorcert_controller.go} (76%) rename pkg/controller/poolcoordinator/cert/{poolcoordinator_cert_manager_test.go => poolcoordinatorcert_controller_test.go} (98%) diff --git a/charts/openyurt/templates/yurt-manager-auto-generated.yaml b/charts/openyurt/templates/yurt-manager-auto-generated.yaml index a122f941a7e..ffb36fdb063 100644 --- a/charts/openyurt/templates/yurt-manager-auto-generated.yaml +++ b/charts/openyurt/templates/yurt-manager-auto-generated.yaml @@ -503,6 +503,24 @@ metadata: creationTimestamp: null name: yurt-manager-role rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - secret + verbs: + - create + - get + - list + - patch + - update - apiGroups: - admissionregistration.k8s.io resources: @@ -558,6 +576,7 @@ rules: resources: - certificatesigningrequests verbs: + - create - get - list - watch diff --git a/charts/openyurt/templates/yurt-manager.yaml b/charts/openyurt/templates/yurt-manager.yaml index 4d5cfee2a1c..a1da9ccd6e7 100644 --- a/charts/openyurt/templates/yurt-manager.yaml +++ b/charts/openyurt/templates/yurt-manager.yaml @@ -60,11 +60,11 @@ spec: command: - /usr/local/bin/yurt-manager image: {{ .Values.yurtManager.image.repository }}:{{ .Values.yurtManager.image.tag }} - imagePullPolicy: Always + imagePullPolicy: IfNotPresent name: yurt-manager env: - name: WEBHOOK_PORT - value: {{ .Values.yurtManager.webhook.port }} + value: {{ .Values.yurtManager.webhook.port | quote }} ports: - containerPort: {{ .Values.yurtManager.webhook.port }} name: webhook-server diff --git a/charts/openyurt/values.yaml b/charts/openyurt/values.yaml index 809a7aedc52..c8c097320be 100644 --- a/charts/openyurt/values.yaml +++ b/charts/openyurt/values.yaml @@ -1,4 +1,3 @@ - imagePullSecrets: [] imagePullPolicy: IfNotPresent @@ -57,12 +56,12 @@ yurtManager: requests: cpu: 100m memory: 256Mi - affinity: + affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - - matchExpressions: - - key: openyurt.io/is-edge-worker - operator: In - values: - - "false" + - matchExpressions: + - key: openyurt.io/is-edge-worker + operator: In + values: + - "false" diff --git a/cmd/yurt-controller-manager/app/controllermanager.go b/cmd/yurt-controller-manager/app/controllermanager.go index 28312a436fd..73ef85fac71 100644 --- a/cmd/yurt-controller-manager/app/controllermanager.go +++ b/cmd/yurt-controller-manager/app/controllermanager.go @@ -309,7 +309,6 @@ var ControllersDisabledByDefault = sets.NewString() // paired to their InitFunc. This allows for structured downstream composition and subdivision. func NewControllerInitializers() map[string]InitFunc { controllers := map[string]InitFunc{} - controllers["poolcoordinatorcertmanager"] = startPoolCoordinatorCertManager controllers["poolcoordinator"] = startPoolCoordinatorController controllers["daemonpodupdater"] = startDaemonPodUpdaterController controllers["servicetopologycontroller"] = startServiceTopologyController diff --git a/cmd/yurt-controller-manager/app/core.go b/cmd/yurt-controller-manager/app/core.go index d20b0d4e690..22e54a5fb0c 100644 --- a/cmd/yurt-controller-manager/app/core.go +++ b/cmd/yurt-controller-manager/app/core.go @@ -25,21 +25,11 @@ import ( "net/http" daemonpodupdater "github.com/openyurtio/openyurt/pkg/controller/daemonpodupdater" - poolcoordinatorcertmanager "github.com/openyurtio/openyurt/pkg/controller/poolcoordinator/cert" poolcoordinator "github.com/openyurtio/openyurt/pkg/controller/poolcoordinator/delegatelease" "github.com/openyurtio/openyurt/pkg/controller/poolcoordinator/podbinding" "github.com/openyurtio/openyurt/pkg/controller/servicetopology" ) -func startPoolCoordinatorCertManager(ctx ControllerContext) (http.Handler, bool, error) { - poolcoordinatorCertManager := poolcoordinatorcertmanager.NewPoolCoordinatorCertManager( - ctx.ClientBuilder.ClientOrDie("poolcoordinator-cert-manager"), - ctx.InformerFactory.Core().V1().Pods(), - ) - go poolcoordinatorCertManager.Run(1, ctx.Stop) - return nil, true, nil -} - func startPoolCoordinatorController(ctx ControllerContext) (http.Handler, bool, error) { poolcoordinatorController := poolcoordinator.NewController( ctx.ClientBuilder.ClientOrDie("poolcoordinator-delegate-lease"), diff --git a/pkg/apis/apps/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/apps/v1alpha1/zz_generated.deepcopy.go index 69e3dc08139..00b18209ced 100644 --- a/pkg/apis/apps/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/apps/v1alpha1/zz_generated.deepcopy.go @@ -23,7 +23,7 @@ package v1alpha1 import ( corev1 "k8s.io/api/core/v1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/pkg/apis/apps/v1beta1/zz_generated.deepcopy.go b/pkg/apis/apps/v1beta1/zz_generated.deepcopy.go index a62c4266aa2..ebb32758258 100644 --- a/pkg/apis/apps/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/apps/v1beta1/zz_generated.deepcopy.go @@ -23,7 +23,7 @@ package v1beta1 import ( corev1 "k8s.io/api/core/v1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/pkg/apis/raven/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/raven/v1alpha1/zz_generated.deepcopy.go index d2d42342df3..c736ea956f0 100644 --- a/pkg/apis/raven/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/raven/v1alpha1/zz_generated.deepcopy.go @@ -22,7 +22,7 @@ limitations under the License. package v1alpha1 import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/pkg/controller/add_poolcoordinatorcert.go b/pkg/controller/add_poolcoordinatorcert.go new file mode 100644 index 00000000000..54e3e6b60a1 --- /dev/null +++ b/pkg/controller/add_poolcoordinatorcert.go @@ -0,0 +1,30 @@ +/* +Copyright 2023 The OpenYurt Authors. + +Licensed under the Apache License, Version 2.0 (the License); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an AS IS BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + poolcoordinatorcert "github.com/openyurtio/openyurt/pkg/controller/poolcoordinator/cert" +) + +// Note !!! @kadisi +// Do not change the name of the file @kadisi +// Auto generate by make addcontroller command !!! +// Note !!! + +func init() { + controllerAddFuncs = append(controllerAddFuncs, poolcoordinatorcert.Add) +} diff --git a/pkg/controller/poolcoordinator/cert/certificate.go b/pkg/controller/poolcoordinator/cert/certificate.go index 0105cf1ff18..5beb1d3aefe 100644 --- a/pkg/controller/poolcoordinator/cert/certificate.go +++ b/pkg/controller/poolcoordinator/cert/certificate.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package cert +package poolcoordinatorcert import ( "context" @@ -200,7 +200,7 @@ func IsCertFromCA(cert *x509.Certificate, caCert *x509.Certificate) bool { } if _, err := cert.Verify(verifyOptions); err != nil { - klog.Infof("cert not authorized by current CA: %v", err) + klog.Infof(Format("cert not authorized by current CA: %v", err)) return false } @@ -301,10 +301,10 @@ func GetCertAndKeyFromCertMgr(certManager certificate.Manager, stopCh <-chan str err = wait.PollUntil(5*time.Second, func() (bool, error) { // keep polling until the certificate is signed if certManager.Current() != nil { - klog.Infof("%s certificate signed successfully", ComponentName) + klog.Infof(Format("%s certificate signed successfully", ComponentName)) return true, nil } - klog.Infof("waiting for the master to sign the %s certificate", ComponentName) + klog.Infof(Format("waiting for the master to sign the %s certificate", ComponentName)) return false, nil }, stopCh) @@ -349,7 +349,7 @@ func WriteCertIntoSecret(clientSet client.Interface, certName, secretName string return err } - klog.Infof("successfully write %s cert/key pair into %s", certName, secretName) + klog.Infof(Format("successfully write %s cert/key pair into %s", certName, secretName)) return nil } @@ -385,7 +385,7 @@ func WriteCertAndKeyIntoSecret(clientSet client.Interface, certName, secretName } } - klog.Infof("successfully write %s cert/key into %s", certName, secretName) + klog.Infof(Format("successfully write %s cert/key into %s", certName, secretName)) return nil } @@ -400,7 +400,7 @@ func WriteKubeConfigIntoSecret(clientSet client.Interface, secretName, kubeConfi return err } - klog.Infof("successfully write kubeconfig into secret %s", secretName) + klog.Infof(Format("successfully write kubeconfig into secret %s", secretName)) return nil } @@ -430,7 +430,7 @@ func WriteKeyPairIntoSecret(clientSet client.Interface, secretName, keyName stri return errors.Wrapf(err, "fail to write %s.pub into secret %s", keyName, secretName) } - klog.Infof("successfully write key pair into secret %s", secretName) + klog.Infof(Format("successfully write key pair into secret %s", secretName)) return nil } diff --git a/pkg/controller/poolcoordinator/cert/certificate_test.go b/pkg/controller/poolcoordinator/cert/certificate_test.go index 7bf3e423b5b..1f61f2f3073 100644 --- a/pkg/controller/poolcoordinator/cert/certificate_test.go +++ b/pkg/controller/poolcoordinator/cert/certificate_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package cert +package poolcoordinatorcert import ( "crypto/x509" diff --git a/pkg/controller/poolcoordinator/cert/poolcoordinator_cert_manager.go b/pkg/controller/poolcoordinator/cert/poolcoordinatorcert_controller.go similarity index 76% rename from pkg/controller/poolcoordinator/cert/poolcoordinator_cert_manager.go rename to pkg/controller/poolcoordinator/cert/poolcoordinatorcert_controller.go index eb97eff7601..82a6f15e204 100644 --- a/pkg/controller/poolcoordinator/cert/poolcoordinator_cert_manager.go +++ b/pkg/controller/poolcoordinator/cert/poolcoordinatorcert_controller.go @@ -1,44 +1,54 @@ /* -Copyright 2022 The OpenYurt Authors. +Copyright 2023 The OpenYurt Authors. -Licensed under the Apache License, Version 2.0 (the "License"); +Licensed under the Apache License, Version 2.0 (the License); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, +distributed under the License is distributed on an AS IS BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ -package cert +package poolcoordinatorcert import ( + "context" "crypto" "crypto/x509" + "flag" "fmt" "net" - "time" "github.com/pkg/errors" certificatesv1 "k8s.io/api/certificates/v1" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" - "k8s.io/apimachinery/pkg/util/wait" - coreinformers "k8s.io/client-go/informers/core/v1" client "k8s.io/client-go/kubernetes" - corelisters "k8s.io/client-go/listers/core/v1" - "k8s.io/client-go/tools/cache" - "k8s.io/client-go/util/workqueue" + "k8s.io/client-go/rest" "k8s.io/klog/v2" + "sigs.k8s.io/controller-runtime/pkg/controller" + "sigs.k8s.io/controller-runtime/pkg/manager" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + appconfig "github.com/openyurtio/openyurt/cmd/yurt-manager/app/config" certfactory "github.com/openyurtio/openyurt/pkg/util/certmanager/factory" - ip "github.com/openyurtio/openyurt/pkg/util/ip" + "github.com/openyurtio/openyurt/pkg/util/ip" +) + +func init() { + flag.IntVar(&concurrentReconciles, "poolcoordinatorcert-workers", concurrentReconciles, "Max concurrent workers for Poolcoordinatorcert controller.") +} + +var ( + concurrentReconciles = 3 ) const ( + controllerName = "Poolcoordinatorcert-controller" + // tmp file directory for certmanager to write cert files certDir = "/tmp" @@ -175,84 +185,71 @@ var allSelfSignedCerts []CertConfig = []CertConfig{ }, } -// PoolCoordinatorCertManager manages certificates releted with poolcoordinator pod -type PoolCoordinatorCertManager struct { - kubeclientset client.Interface - podLister corelisters.PodLister - podSynced cache.InformerSynced - podWorkQueue workqueue.RateLimitingInterface +func Format(format string, args ...interface{}) string { + s := fmt.Sprintf(format, args...) + return fmt.Sprintf("%s: %s", controllerName, s) } -func NewPoolCoordinatorCertManager(kc client.Interface, podInformer coreinformers.PodInformer) *PoolCoordinatorCertManager { - - certManager := PoolCoordinatorCertManager{ - kubeclientset: kc, +// Add creates a new Poolcoordinatorcert Controller and adds it to the Manager with default RBAC. The Manager will set fields on the Controller +// and Start it when the Manager is Started. +func Add(c *appconfig.CompletedConfig, mgr manager.Manager) error { + r := &ReconcilePoolcoordinatorcert{} - podLister: podInformer.Lister(), - podSynced: podInformer.Informer().HasSynced, - - podWorkQueue: workqueue.NewRateLimitingQueue(workqueue.DefaultControllerRateLimiter()), + // Create a new controller + _, err := controller.New(controllerName, mgr, controller.Options{ + Reconciler: r, MaxConcurrentReconciles: concurrentReconciles, + }) + if err != nil { + return err } - // Watch for poolcoordinator pod changes to manage related certs (including kubeconfig) - podInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ - AddFunc: func(obj interface{}) {}, - UpdateFunc: func(oldObj, newObj interface{}) {}, - DeleteFunc: func(obj interface{}) {}, - }) + // init PoolCoordinator + // prepare some necessary assets (CA, certs, kubeconfigs) for pool-coordinator + err = initPoolCoordinator(r.Client, nil) + if err != nil { + return err + } - return &certManager + return nil } -func (c *PoolCoordinatorCertManager) Run(threadiness int, stopCh <-chan struct{}) { - defer utilruntime.HandleCrash() +var _ reconcile.Reconciler = &ReconcilePoolcoordinatorcert{} - klog.Info("Starting poolcoordinatorCertManager controller") - defer klog.Info("Shutting down poolcoordinatorCertManager controller") - defer c.podWorkQueue.ShutDown() +// ReconcilePoolcoordinatorcert reconciles a Poolcoordinatorcert object +type ReconcilePoolcoordinatorcert struct { + Client client.Interface +} - // prepare some necessary assets (CA, certs, kubeconfigs) for pool-coordinator - err := initPoolCoordinator(c.kubeclientset, stopCh) +// InjectConfig +func (r *ReconcilePoolcoordinatorcert) InjectConfig(cfg *rest.Config) error { + client, err := client.NewForConfig(cfg) if err != nil { - klog.Errorf("fail to init poolcoordinator %v", err) - } - - // Synchronize the cache before starting to process events - if !cache.WaitForCacheSync(stopCh, c.podSynced) { - klog.Error("sync poolcoordinatorCertManager controller timeout") - } - - // The main Controller loop - for i := 0; i < threadiness; i++ { - go wait.Until(c.runWorker, time.Second, stopCh) + klog.Errorf("failed to create kube client, %v", err) + return err } - - <-stopCh + r.Client = client + return nil } -func (c *PoolCoordinatorCertManager) runWorker() { - for { - obj, shutdown := c.podWorkQueue.Get() - if shutdown { - return - } +// +kubebuilder:rbac:groups=certificates.k8s.io,resources=certificatesigningrequests,verbs=create +// +kubebuilder:rbac:groups="",resources=secret,verbs=get;update;patch;create;list +// +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;watch;list - if err := c.syncHandler(obj.(string)); err != nil { - utilruntime.HandleError(err) - } +// todo: make customized certificate for each poolcoordinator pod +func (r *ReconcilePoolcoordinatorcert) Reconcile(_ context.Context, request reconcile.Request) (reconcile.Result, error) { - c.podWorkQueue.Forget(obj) - c.podWorkQueue.Done(obj) - } -} + // Note !!!!!!!!!! + // We strongly recommend use Format() to encapsulation because Format() can print logs by module + // @kadisi + klog.Infof(Format("Reconcile Poolcoordinatorcert %s/%s", request.Namespace, request.Name)) -func (c *PoolCoordinatorCertManager) syncHandler(key string) error { - // todo: make customized certificate for each poolcoordinator pod - return nil + return reconcile.Result{}, nil } func initPoolCoordinator(clientSet client.Interface, stopCh <-chan struct{}) error { + klog.Infof(Format("init poolcoordinator started")) + // Prepare CA certs caCert, caKey, reuseCA, err := initCA(clientSet) if err != nil { @@ -272,14 +269,14 @@ func initPoolCoordinator(clientSet client.Interface, stopCh <-chan struct{}) err // 1.1 check if cert exist cert, _, err := loadCertAndKeyFromSecret(clientSet, certConf) if err != nil { - klog.Infof("can not load cert %s from %s secret", certConf.CertName, certConf.SecretName) + klog.Infof(Format("can not load cert %s from %s secret", certConf.CertName, certConf.SecretName)) selfSignedCerts = append(selfSignedCerts, certConf) continue } // 1.2 check if cert is autorized by current CA if !IsCertFromCA(cert, caCert) { - klog.Infof("existing cert %s is not authorized by current CA", certConf.CertName) + klog.Infof(Format("existing cert %s is not authorized by current CA", certConf.CertName)) selfSignedCerts = append(selfSignedCerts, certConf) continue } @@ -290,20 +287,20 @@ func initPoolCoordinator(clientSet client.Interface, stopCh <-chan struct{}) err ips, _, err := certConf.certInit(clientSet, stopCh) if err != nil { // if cert init failed, skip this cert - klog.Errorf("fail to init cert %s when checking dynamic attrs: %v", certConf.CertName, err) + klog.Errorf(Format("fail to init cert %s when checking dynamic attrs: %v", certConf.CertName, err)) continue } else { // check if dynamic IP addresses already exist in cert changed := ip.SearchAllIP(cert.IPAddresses, ips) if changed { - klog.Infof("cert %s IP has changed", certConf.CertName) + klog.Infof(Format("cert %s IP has changed", certConf.CertName)) selfSignedCerts = append(selfSignedCerts, certConf) continue } } } - klog.Infof("cert %s not change, reuse it", certConf.CertName) + klog.Infof(Format("cert %s not change, reuse it", certConf.CertName)) } } else { // create all certs with new CA @@ -313,7 +310,7 @@ func initPoolCoordinator(clientSet client.Interface, stopCh <-chan struct{}) err // create self signed certs for _, certConf := range selfSignedCerts { if err := initPoolCoordinatorCert(clientSet, certConf, caCert, caKey, stopCh); err != nil { - klog.Errorf("create cert %s fail: %v", certConf.CertName, err) + klog.Errorf(Format("create cert %s fail: %v", certConf.CertName, err)) return err } } @@ -358,12 +355,12 @@ func initCA(clientSet client.Interface) (caCert *x509.Certificate, caKey crypto. if err == nil { // if CA already exist - klog.Info("CA already exist in secret, reuse it") + klog.Info(Format("CA already exist in secret, reuse it")) return caCert, caKey, true, nil } else { // if not exist // create new CA certs - klog.Infof("fail to get CA from secret: %v, create new CA", err) + klog.Infof(Format("fail to get CA from secret: %v, create new CA", err)) // write it into the secret caCert, caKey, err = NewSelfSignedCA() if err != nil { diff --git a/pkg/controller/poolcoordinator/cert/poolcoordinator_cert_manager_test.go b/pkg/controller/poolcoordinator/cert/poolcoordinatorcert_controller_test.go similarity index 98% rename from pkg/controller/poolcoordinator/cert/poolcoordinator_cert_manager_test.go rename to pkg/controller/poolcoordinator/cert/poolcoordinatorcert_controller_test.go index 90431373e8f..7bbcb9a0c9d 100644 --- a/pkg/controller/poolcoordinator/cert/poolcoordinator_cert_manager_test.go +++ b/pkg/controller/poolcoordinator/cert/poolcoordinatorcert_controller_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package cert +package poolcoordinatorcert import ( "testing" diff --git a/pkg/controller/poolcoordinator/cert/secret.go b/pkg/controller/poolcoordinator/cert/secret.go index 61a9883fb38..2bb49e66542 100644 --- a/pkg/controller/poolcoordinator/cert/secret.go +++ b/pkg/controller/poolcoordinator/cert/secret.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package cert +package poolcoordinatorcert import ( "context" @@ -54,12 +54,12 @@ func NewSecretClient(clientSet client.Interface, ns, name string) (*SecretClient // if this secret already exist, reuse it if kerrors.IsAlreadyExists(err) { secret, _ = clientSet.CoreV1().Secrets(ns).Get(context.TODO(), name, metav1.GetOptions{}) - klog.V(4).Infof("secret %s already exisit: %v", name, secret) + klog.V(4).Infof(Format("secret %s already exisit", secret.Name)) } else { return nil, fmt.Errorf("create secret client %s fail: %v", name, err) } } else { - klog.V(4).Infof("secret %s not exisit, create one: %v", name, secret) + klog.V(4).Infof(Format("secret %s not exisit, create one", secret.Name)) } return &SecretClient{ diff --git a/pkg/controller/poolcoordinator/cert/secret_test.go b/pkg/controller/poolcoordinator/cert/secret_test.go index 2d18bb4b09e..601939a7f8a 100644 --- a/pkg/controller/poolcoordinator/cert/secret_test.go +++ b/pkg/controller/poolcoordinator/cert/secret_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package cert +package poolcoordinatorcert import ( "testing" diff --git a/pkg/controller/poolcoordinator/cert/util.go b/pkg/controller/poolcoordinator/cert/util.go index d7c39abc42f..26f52d0a444 100644 --- a/pkg/controller/poolcoordinator/cert/util.go +++ b/pkg/controller/poolcoordinator/cert/util.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package cert +package poolcoordinatorcert import ( "context" @@ -59,10 +59,10 @@ func waitUntilSVCReady(clientSet client.Interface, serviceName string, stopCh <- if err = wait.PollUntil(1*time.Second, func() (bool, error) { serverSVC, err = clientSet.CoreV1().Services(PoolcoordinatorNS).Get(context.TODO(), serviceName, metav1.GetOptions{}) if err == nil { - klog.Infof("%s service is ready for poolcoordinator_cert_manager", serviceName) + klog.Infof(Format("%s service is ready for poolcoordinator_cert_manager", serviceName)) return true, nil } - klog.Infof("waiting for the poolcoordinator %s service", serviceName) + klog.Infof(Format("waiting for the poolcoordinator %s service", serviceName)) return false, nil }, stopCh); err != nil { return nil, nil, err diff --git a/pkg/controller/poolcoordinator/cert/util_test.go b/pkg/controller/poolcoordinator/cert/util_test.go index ea95c1c7078..85544a660de 100644 --- a/pkg/controller/poolcoordinator/cert/util_test.go +++ b/pkg/controller/poolcoordinator/cert/util_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package cert +package poolcoordinatorcert import ( "testing"