1#!/usr/bin/env bash
2
3# Copyright 2020 The Kubernetes Authors.
4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
17# Import required functions. The addon manager is installed to /opt in
18# production use (see the Dockerfile)
19# Disabling shellcheck following files as the full path would be required.
20if [ -f "kube-addons.sh" ]; then
21 # shellcheck disable=SC1091
22 source "kube-addons.sh"
23elif [ -f "/opt/kube-addons.sh" ]; then
24 # shellcheck disable=SC1091
25 source "/opt/kube-addons.sh"
26else
27 # If the required source is missing, we have to fail.
28 log ERR "== Could not find kube-addons.sh (not in working directory or /opt) at $(date -Is) =="
29 exit 1
30fi
31
32# The business logic for whether a given object should be created
33# was already enforced by salt, and /etc/kubernetes/addons is the
34# managed result of that. Start everything below that directory.
35log INFO "== Kubernetes addon manager started at $(date -Is) with ADDON_CHECK_INTERVAL_SEC=${ADDON_CHECK_INTERVAL_SEC} =="
36
37# Wait for the default service account to be created in the kube-system namespace.
38# shellcheck disable=SC2086
39# Disabling because "${KUBECTL_OPTS}" needs to allow for expansion here
40while ! ${KUBECTL} ${KUBECTL_OPTS} get --namespace="${SYSTEM_NAMESPACE}" serviceaccount default; do
41 log WRN "== Error getting default service account, retry in 0.5 second =="
42 sleep 0.5
43done
44
45log INFO "== Default service account in the ${SYSTEM_NAMESPACE} namespace =="
46
47# Create admission_control objects if defined before any other addon services. If the limits
48# are defined in a namespace other than default, we should still create the limits for the
49# default namespace.
50while IFS=$'\n' read -r obj; do
51 start_addon "${obj}" 100 10 default &
52 log INFO "++ obj ${obj} is created ++"
53done < <(find /etc/kubernetes/admission-controls \( -name \*.yaml -o -name \*.json \))
54
55# Start the apply loop.
56# Check if the configuration has changed recently - in case the user
57# created/updated/deleted the files on the master.
58log INFO "== Entering periodical apply loop at $(date -Is) =="
59while true; do
60 start_sec=$(date +"%s")
61 if is_leader; then
62 ensure_addons
63 reconcile_addons
64 else
65 log INFO "Not elected leader, going back to sleep."
66 fi
67 end_sec=$(date +"%s")
68 len_sec=$((end_sec-start_sec))
69 # subtract the time passed from the sleep time
70 if [[ ${len_sec} -lt ${ADDON_CHECK_INTERVAL_SEC} ]]; then
71 sleep_time=$((ADDON_CHECK_INTERVAL_SEC-len_sec))
72 sleep ${sleep_time}
73 fi
74done
View as plain text