Merge pull request kubernetes#91625 from pancernik/v1beta1-extender-encoding

Fix API encoding inconsistencies in KubeSchedulerConfig

Author: k8s-ci-robot

api/api-rules/violation_exceptions.list

@@ -375,11 +375,11 @@ API rule violation: list_type_missing,k8s.io/kube-controller-manager/config/v1al
 API rule violation: list_type_missing,k8s.io/kube-controller-manager/config/v1alpha1,GenericControllerManagerConfiguration,Controllers
 API rule violation: list_type_missing,k8s.io/kube-proxy/config/v1alpha1,KubeProxyConfiguration,NodePortAddresses
 API rule violation: list_type_missing,k8s.io/kube-proxy/config/v1alpha1,KubeProxyIPVSConfiguration,ExcludeCIDRs
-API rule violation: list_type_missing,k8s.io/kube-scheduler/config/v1,Extender,ManagedResources
 API rule violation: list_type_missing,k8s.io/kube-scheduler/config/v1,ExtenderTLSConfig,CAData
 API rule violation: list_type_missing,k8s.io/kube-scheduler/config/v1,ExtenderTLSConfig,CertData
 API rule violation: list_type_missing,k8s.io/kube-scheduler/config/v1,ExtenderTLSConfig,KeyData
 API rule violation: list_type_missing,k8s.io/kube-scheduler/config/v1,LabelsPresence,Labels
+API rule violation: list_type_missing,k8s.io/kube-scheduler/config/v1,LegacyExtender,ManagedResources
 API rule violation: list_type_missing,k8s.io/kube-scheduler/config/v1,Policy,Extenders
 API rule violation: list_type_missing,k8s.io/kube-scheduler/config/v1,Policy,Predicates
 API rule violation: list_type_missing,k8s.io/kube-scheduler/config/v1,Policy,Priorities
@@ -585,7 +585,7 @@ API rule violation: names_match,k8s.io/kube-controller-manager/config/v1alpha1,V
 API rule violation: names_match,k8s.io/kube-controller-manager/config/v1alpha1,VolumeConfiguration,FlexVolumePluginDir
 API rule violation: names_match,k8s.io/kube-controller-manager/config/v1alpha1,VolumeConfiguration,PersistentVolumeRecyclerConfiguration
 API rule violation: names_match,k8s.io/kube-proxy/config/v1alpha1,KubeProxyConfiguration,IPTables
-API rule violation: names_match,k8s.io/kube-scheduler/config/v1,Extender,EnableHTTPS
+API rule violation: names_match,k8s.io/kube-scheduler/config/v1,LegacyExtender,EnableHTTPS
 API rule violation: names_match,k8s.io/kubelet/config/v1beta1,KubeletConfiguration,IPTablesDropBit
 API rule violation: names_match,k8s.io/kubelet/config/v1beta1,KubeletConfiguration,IPTablesMasqueradeBit
 API rule violation: names_match,k8s.io/kubelet/config/v1beta1,KubeletConfiguration,ResolverConfig

hack/.golint_failures

@@ -172,6 +172,7 @@ pkg/registry/scheduling/rest
 pkg/registry/settings/rest
 pkg/registry/storage/rest
 pkg/registry/storage/storageclass
+pkg/scheduler/apis/config/v1
 pkg/scheduler/apis/config/v1beta1
 pkg/security/podsecuritypolicy
 pkg/security/podsecuritypolicy/group

pkg/scheduler/apis/config/legacy_types.go

@@ -17,8 +17,6 @@ limitations under the License.
 package config
 
 import (
-	"time"
-
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -135,84 +133,3 @@ type RequestedToCapacityRatioArguments struct {
 	Shape     []UtilizationShapePoint `json:"shape"`
 	Resources []ResourceSpec          `json:"resources,omitempty"`
 }
-
-// ExtenderManagedResource describes the arguments of extended resources
-// managed by an extender.
-type ExtenderManagedResource struct {
-	// Name is the extended resource name.
-	Name string
-	// IgnoredByScheduler indicates whether kube-scheduler should ignore this
-	// resource when applying predicates.
-	IgnoredByScheduler bool
-}
-
-// ExtenderTLSConfig contains settings to enable TLS with extender
-type ExtenderTLSConfig struct {
-	// Server should be accessed without verifying the TLS certificate. For testing only.
-	Insecure bool
-	// ServerName is passed to the server for SNI and is used in the client to check server
-	// certificates against. If ServerName is empty, the hostname used to contact the
-	// server is used.
-	ServerName string
-
-	// Server requires TLS client certificate authentication
-	CertFile string
-	// Server requires TLS client certificate authentication
-	KeyFile string
-	// Trusted root certificates for server
-	CAFile string
-
-	// CertData holds PEM-encoded bytes (typically read from a client certificate file).
-	// CertData takes precedence over CertFile
-	CertData []byte
-	// KeyData holds PEM-encoded bytes (typically read from a client certificate key file).
-	// KeyData takes precedence over KeyFile
-	KeyData []byte
-	// CAData holds PEM-encoded bytes (typically read from a root certificates bundle).
-	// CAData takes precedence over CAFile
-	CAData []byte
-}
-
-// Extender holds the parameters used to communicate with the extender. If a verb is unspecified/empty,
-// it is assumed that the extender chose not to provide that extension.
-type Extender struct {
-	// URLPrefix at which the extender is available
-	URLPrefix string
-	// Verb for the filter call, empty if not supported. This verb is appended to the URLPrefix when issuing the filter call to extender.
-	FilterVerb string
-	// Verb for the preempt call, empty if not supported. This verb is appended to the URLPrefix when issuing the preempt call to extender.
-	PreemptVerb string
-	// Verb for the prioritize call, empty if not supported. This verb is appended to the URLPrefix when issuing the prioritize call to extender.
-	PrioritizeVerb string
-	// The numeric multiplier for the node scores that the prioritize call generates.
-	// The weight should be a positive integer
-	Weight int64
-	// Verb for the bind call, empty if not supported. This verb is appended to the URLPrefix when issuing the bind call to extender.
-	// If this method is implemented by the extender, it is the extender's responsibility to bind the pod to apiserver. Only one extender
-	// can implement this function.
-	BindVerb string
-	// EnableHTTPS specifies whether https should be used to communicate with the extender
-	EnableHTTPS bool
-	// TLSConfig specifies the transport layer security config
-	TLSConfig *ExtenderTLSConfig
-	// HTTPTimeout specifies the timeout duration for a call to the extender. Filter timeout fails the scheduling of the pod. Prioritize
-	// timeout is ignored, k8s/other extenders priorities are used to select the node.
-	HTTPTimeout time.Duration
-	// NodeCacheCapable specifies that the extender is capable of caching node information,
-	// so the scheduler should only send minimal information about the eligible nodes
-	// assuming that the extender already cached full details of all nodes in the cluster
-	NodeCacheCapable bool
-	// ManagedResources is a list of extended resources that are managed by
-	// this extender.
-	// - A pod will be sent to the extender on the Filter, Prioritize and Bind
-	//   (if the extender is the binder) phases iff the pod requests at least
-	//   one of the extended resources in this list. If empty or unspecified,
-	//   all pods will be sent to this extender.
-	// - If IgnoredByScheduler is set to true for a resource, kube-scheduler
-	//   will skip checking the resource in predicates.
-	// +optional
-	ManagedResources []ExtenderManagedResource
-	// Ignorable specifies if the extender is ignorable, i.e. scheduling should not
-	// fail when the extender returns an error or is not reachable.
-	Ignorable bool
-}

pkg/scheduler/apis/config/testing/compatibility_test.go

@@ -513,7 +513,7 @@ func TestCompatibility_v1_Scheduler(t *testing.T) {
 				BindVerb:         "bind", // 1.7 was missing json tags on the BindVerb field and required "BindVerb"
 				EnableHTTPS:      true,
 				TLSConfig:        &config.ExtenderTLSConfig{Insecure: true},
-				HTTPTimeout:      1,
+				HTTPTimeout:      metav1.Duration{Duration: 1},
 				NodeCacheCapable: true,
 			}},
 		},
@@ -611,7 +611,7 @@ func TestCompatibility_v1_Scheduler(t *testing.T) {
 				BindVerb:         "bind", // 1.8 became case-insensitive and tolerated "bindVerb"
 				EnableHTTPS:      true,
 				TLSConfig:        &config.ExtenderTLSConfig{Insecure: true},
-				HTTPTimeout:      1,
+				HTTPTimeout:      metav1.Duration{Duration: 1},
 				NodeCacheCapable: true,
 			}},
 		},
@@ -716,7 +716,7 @@ func TestCompatibility_v1_Scheduler(t *testing.T) {
 				BindVerb:         "bind", // 1.9 was case-insensitive and tolerated "bindVerb"
 				EnableHTTPS:      true,
 				TLSConfig:        &config.ExtenderTLSConfig{Insecure: true},
-				HTTPTimeout:      1,
+				HTTPTimeout:      metav1.Duration{Duration: 1},
 				NodeCacheCapable: true,
 			}},
 		},
@@ -824,7 +824,7 @@ func TestCompatibility_v1_Scheduler(t *testing.T) {
 				BindVerb:         "bind", // 1.10 was case-insensitive and tolerated "bindVerb"
 				EnableHTTPS:      true,
 				TLSConfig:        &config.ExtenderTLSConfig{Insecure: true},
-				HTTPTimeout:      1,
+				HTTPTimeout:      metav1.Duration{Duration: 1},
 				NodeCacheCapable: true,
 				ManagedResources: []config.ExtenderManagedResource{{Name: "example.com/foo", IgnoredByScheduler: true}},
 				Ignorable:        true,
@@ -945,7 +945,7 @@ func TestCompatibility_v1_Scheduler(t *testing.T) {
 				BindVerb:         "bind", // 1.11 restored case-sensitivity, but allowed either "BindVerb" or "bindVerb"
 				EnableHTTPS:      true,
 				TLSConfig:        &config.ExtenderTLSConfig{Insecure: true},
-				HTTPTimeout:      1,
+				HTTPTimeout:      metav1.Duration{Duration: 1},
 				NodeCacheCapable: true,
 				ManagedResources: []config.ExtenderManagedResource{{Name: "example.com/foo", IgnoredByScheduler: true}},
 				Ignorable:        true,
@@ -1068,7 +1068,7 @@ func TestCompatibility_v1_Scheduler(t *testing.T) {
 				BindVerb:         "bind", // 1.11 restored case-sensitivity, but allowed either "BindVerb" or "bindVerb"
 				EnableHTTPS:      true,
 				TLSConfig:        &config.ExtenderTLSConfig{Insecure: true},
-				HTTPTimeout:      1,
+				HTTPTimeout:      metav1.Duration{Duration: 1},
 				NodeCacheCapable: true,
 				ManagedResources: []config.ExtenderManagedResource{{Name: "example.com/foo", IgnoredByScheduler: true}},
 				Ignorable:        true,
@@ -1191,7 +1191,7 @@ func TestCompatibility_v1_Scheduler(t *testing.T) {
 				BindVerb:         "bind", // 1.11 restored case-sensitivity, but allowed either "BindVerb" or "bindVerb"
 				EnableHTTPS:      true,
 				TLSConfig:        &config.ExtenderTLSConfig{Insecure: true},
-				HTTPTimeout:      1,
+				HTTPTimeout:      metav1.Duration{Duration: 1},
 				NodeCacheCapable: true,
 				ManagedResources: []config.ExtenderManagedResource{{Name: "example.com/foo", IgnoredByScheduler: true}},
 				Ignorable:        true,
@@ -1318,7 +1318,7 @@ func TestCompatibility_v1_Scheduler(t *testing.T) {
 				BindVerb:         "bind", // 1.11 restored case-sensitivity, but allowed either "BindVerb" or "bindVerb"
 				EnableHTTPS:      true,
 				TLSConfig:        &config.ExtenderTLSConfig{Insecure: true},
-				HTTPTimeout:      1,
+				HTTPTimeout:      metav1.Duration{Duration: 1},
 				NodeCacheCapable: true,
 				ManagedResources: []config.ExtenderManagedResource{{Name: "example.com/foo", IgnoredByScheduler: true}},
 				Ignorable:        true,

pkg/scheduler/apis/config/testing/policy_test.go

@@ -36,7 +36,7 @@ extenders:
   filterVerb: filter
   prioritizeVerb: prioritize
   weight: 1
-  enableHttps: false
+  enableHttps: true
 `
 )
 
@@ -48,7 +48,7 @@ func TestSchedulerPolicy(t *testing.T) {
 				FilterVerb:     "filter",
 				PrioritizeVerb: "prioritize",
 				Weight:         1,
-				EnableHTTPS:    false,
+				EnableHTTPS:    true,
 			},
 		},
 	}

pkg/scheduler/apis/config/types.go

@@ -340,3 +340,84 @@ func mergePluginSets(defaultPluginSet, customPluginSet *PluginSet) *PluginSet {
 
 	return &PluginSet{Enabled: enabledPlugins}
 }
+
+// Extender holds the parameters used to communicate with the extender. If a verb is unspecified/empty,
+// it is assumed that the extender chose not to provide that extension.
+type Extender struct {
+	// URLPrefix at which the extender is available
+	URLPrefix string
+	// Verb for the filter call, empty if not supported. This verb is appended to the URLPrefix when issuing the filter call to extender.
+	FilterVerb string
+	// Verb for the preempt call, empty if not supported. This verb is appended to the URLPrefix when issuing the preempt call to extender.
+	PreemptVerb string
+	// Verb for the prioritize call, empty if not supported. This verb is appended to the URLPrefix when issuing the prioritize call to extender.
+	PrioritizeVerb string
+	// The numeric multiplier for the node scores that the prioritize call generates.
+	// The weight should be a positive integer
+	Weight int64
+	// Verb for the bind call, empty if not supported. This verb is appended to the URLPrefix when issuing the bind call to extender.
+	// If this method is implemented by the extender, it is the extender's responsibility to bind the pod to apiserver. Only one extender
+	// can implement this function.
+	BindVerb string
+	// EnableHTTPS specifies whether https should be used to communicate with the extender
+	EnableHTTPS bool
+	// TLSConfig specifies the transport layer security config
+	TLSConfig *ExtenderTLSConfig
+	// HTTPTimeout specifies the timeout duration for a call to the extender. Filter timeout fails the scheduling of the pod. Prioritize
+	// timeout is ignored, k8s/other extenders priorities are used to select the node.
+	HTTPTimeout metav1.Duration
+	// NodeCacheCapable specifies that the extender is capable of caching node information,
+	// so the scheduler should only send minimal information about the eligible nodes
+	// assuming that the extender already cached full details of all nodes in the cluster
+	NodeCacheCapable bool
+	// ManagedResources is a list of extended resources that are managed by
+	// this extender.
+	// - A pod will be sent to the extender on the Filter, Prioritize and Bind
+	//   (if the extender is the binder) phases iff the pod requests at least
+	//   one of the extended resources in this list. If empty or unspecified,
+	//   all pods will be sent to this extender.
+	// - If IgnoredByScheduler is set to true for a resource, kube-scheduler
+	//   will skip checking the resource in predicates.
+	// +optional
+	ManagedResources []ExtenderManagedResource
+	// Ignorable specifies if the extender is ignorable, i.e. scheduling should not
+	// fail when the extender returns an error or is not reachable.
+	Ignorable bool
+}
+
+// ExtenderManagedResource describes the arguments of extended resources
+// managed by an extender.
+type ExtenderManagedResource struct {
+	// Name is the extended resource name.
+	Name string
+	// IgnoredByScheduler indicates whether kube-scheduler should ignore this
+	// resource when applying predicates.
+	IgnoredByScheduler bool
+}
+
+// ExtenderTLSConfig contains settings to enable TLS with extender
+type ExtenderTLSConfig struct {
+	// Server should be accessed without verifying the TLS certificate. For testing only.
+	Insecure bool
+	// ServerName is passed to the server for SNI and is used in the client to check server
+	// certificates against. If ServerName is empty, the hostname used to contact the
+	// server is used.
+	ServerName string
+
+	// Server requires TLS client certificate authentication
+	CertFile string
+	// Server requires TLS client certificate authentication
+	KeyFile string
+	// Trusted root certificates for server
+	CAFile string
+
+	// CertData holds PEM-encoded bytes (typically read from a client certificate file).
+	// CertData takes precedence over CertFile
+	CertData []byte
+	// KeyData holds PEM-encoded bytes (typically read from a client certificate key file).
+	// KeyData takes precedence over KeyFile
+	KeyData []byte
+	// CAData holds PEM-encoded bytes (typically read from a root certificates bundle).
+	// CAData takes precedence over CAFile
+	CAData []byte
+}

pkg/scheduler/apis/config/v1/BUILD

@@ -1,8 +1,9 @@
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 
 go_library(
     name = "go_default_library",
     srcs = [
+        "conversion.go",
         "doc.go",
         "register.go",
         "zz_generated.conversion.go",
@@ -33,3 +34,15 @@ filegroup(
     tags = ["automanaged"],
     visibility = ["//visibility:public"],
 )
+
+go_test(
+    name = "go_default_test",
+    srcs = ["conversion_test.go"],
+    embed = [":go_default_library"],
+    deps = [
+        "//pkg/scheduler/apis/config:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//staging/src/k8s.io/kube-scheduler/config/v1:go_default_library",
+        "//vendor/github.com/google/go-cmp/cmp:go_default_library",
+    ],
+)