本文整理汇总了Golang中k8s/io/kubernetes/pkg/apiserver.MaxInFlightLimit函数的典型用法代码示例。如果您正苦于以下问题:Golang MaxInFlightLimit函数的具体用法?Golang MaxInFlightLimit怎么用?Golang MaxInFlightLimit使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了MaxInFlightLimit函数的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: Run
// Run launches the OpenShift master. It takes optional installers that may install additional endpoints into the server.
// All endpoints get configured CORS behavior
// Protected installers' endpoints are protected by API authentication and authorization.
// Unprotected installers' endpoints do not have any additional protection added.
func (c *MasterConfig) Run(protected []APIInstaller, unprotected []APIInstaller) {
var extra []string
safe := kmaster.NewHandlerContainer(http.NewServeMux())
open := kmaster.NewHandlerContainer(http.NewServeMux())
// enforce authentication on protected endpoints
protected = append(protected, APIInstallFunc(c.InstallProtectedAPI))
for _, i := range protected {
extra = append(extra, i.InstallAPI(safe)...)
}
handler := c.authorizationFilter(safe)
handler = authenticationHandlerFilter(handler, c.Authenticator, c.getRequestContextMapper())
handler = namespacingFilter(handler, c.getRequestContextMapper())
handler = cacheControlFilter(handler, "no-store") // protected endpoints should not be cached
// unprotected resources
unprotected = append(unprotected, APIInstallFunc(c.InstallUnprotectedAPI))
for _, i := range unprotected {
extra = append(extra, i.InstallAPI(open)...)
}
handler = indexAPIPaths(handler)
open.Handle("/", handler)
// install swagger
swaggerConfig := swagger.Config{
WebServicesUrl: c.Options.MasterPublicURL,
WebServices: append(safe.RegisteredWebServices(), open.RegisteredWebServices()...),
ApiPath: swaggerAPIPrefix,
PostBuildHandler: customizeSwaggerDefinition,
}
// log nothing from swagger
swagger.LogInfo = func(format string, v ...interface{}) {}
swagger.RegisterSwaggerService(swaggerConfig, open)
extra = append(extra, fmt.Sprintf("Started Swagger Schema API at %%s%s", swaggerAPIPrefix))
handler = open
// add CORS support
if origins := c.ensureCORSAllowedOrigins(); len(origins) != 0 {
handler = apiserver.CORS(handler, origins, nil, nil, "true")
}
if c.WebConsoleEnabled() {
handler = assetServerRedirect(handler, c.Options.AssetConfig.PublicURL)
}
// Make the outermost filter the requestContextMapper to ensure all components share the same context
if contextHandler, err := kapi.NewRequestContextFilter(c.getRequestContextMapper(), handler); err != nil {
glog.Fatalf("Error setting up request context filter: %v", err)
} else {
handler = contextHandler
}
// TODO: MaxRequestsInFlight should be subdivided by intent, type of behavior, and speed of
// execution - updates vs reads, long reads vs short reads, fat reads vs skinny reads.
if c.Options.ServingInfo.MaxRequestsInFlight > 0 {
sem := make(chan bool, c.Options.ServingInfo.MaxRequestsInFlight)
handler = apiserver.MaxInFlightLimit(sem, longRunningRE, handler)
}
c.serve(handler, extra)
// Attempt to verify the server came up for 20 seconds (100 tries * 100ms, 100ms timeout per try)
cmdutil.WaitForSuccessfulDial(c.TLS, c.Options.ServingInfo.BindNetwork, c.Options.ServingInfo.BindAddress, 100*time.Millisecond, 100*time.Millisecond, 100)
}
开发者ID:ncantor,项目名称:origin,代码行数:72,代码来源:master.go
示例2: Run
func (s *GenericAPIServer) Run(options *ServerRunOptions) {
if s.enableSwaggerSupport {
s.InstallSwaggerAPI()
}
// We serve on 2 ports. See docs/accessing_the_api.md
secureLocation := ""
if options.SecurePort != 0 {
secureLocation = net.JoinHostPort(options.BindAddress.String(), strconv.Itoa(options.SecurePort))
}
insecureLocation := net.JoinHostPort(options.InsecureBindAddress.String(), strconv.Itoa(options.InsecurePort))
var sem chan bool
if options.MaxRequestsInFlight > 0 {
sem = make(chan bool, options.MaxRequestsInFlight)
}
longRunningRE := regexp.MustCompile(options.LongRunningRequestRE)
longRunningRequestCheck := apiserver.BasicLongRunningRequestCheck(longRunningRE, map[string]string{"watch": "true"})
longRunningTimeout := func(req *http.Request) (<-chan time.Time, string) {
// TODO unify this with apiserver.MaxInFlightLimit
if longRunningRequestCheck(req) {
return nil, ""
}
return time.After(globalTimeout), ""
}
if secureLocation != "" {
handler := apiserver.TimeoutHandler(s.Handler, longRunningTimeout)
secureServer := &http.Server{
Addr: secureLocation,
Handler: apiserver.MaxInFlightLimit(sem, longRunningRequestCheck, apiserver.RecoverPanics(handler)),
MaxHeaderBytes: 1 << 20,
TLSConfig: &tls.Config{
// Change default from SSLv3 to TLSv1.0 (because of POODLE vulnerability)
MinVersion: tls.VersionTLS10,
},
}
if len(options.ClientCAFile) > 0 {
clientCAs, err := crypto.CertPoolFromFile(options.ClientCAFile)
if err != nil {
glog.Fatalf("Unable to load client CA file: %v", err)
}
// Populate PeerCertificates in requests, but don't reject connections without certificates
// This allows certificates to be validated by authenticators, while still allowing other auth types
secureServer.TLSConfig.ClientAuth = tls.RequestClientCert
// Specify allowed CAs for client certificates
secureServer.TLSConfig.ClientCAs = clientCAs
}
glog.Infof("Serving securely on %s", secureLocation)
if options.TLSCertFile == "" && options.TLSPrivateKeyFile == "" {
options.TLSCertFile = path.Join(options.CertDirectory, "apiserver.crt")
options.TLSPrivateKeyFile = path.Join(options.CertDirectory, "apiserver.key")
// TODO (cjcullen): Is ClusterIP the right address to sign a cert with?
alternateIPs := []net.IP{s.ServiceReadWriteIP}
alternateDNS := []string{"kubernetes.default.svc", "kubernetes.default", "kubernetes"}
// It would be nice to set a fqdn subject alt name, but only the kubelets know, the apiserver is clueless
// alternateDNS = append(alternateDNS, "kubernetes.default.svc.CLUSTER.DNS.NAME")
if shouldGenSelfSignedCerts(options.TLSCertFile, options.TLSPrivateKeyFile) {
if err := crypto.GenerateSelfSignedCert(s.ClusterIP.String(), options.TLSCertFile, options.TLSPrivateKeyFile, alternateIPs, alternateDNS); err != nil {
glog.Errorf("Unable to generate self signed cert: %v", err)
} else {
glog.Infof("Using self-signed cert (%options, %options)", options.TLSCertFile, options.TLSPrivateKeyFile)
}
}
}
go func() {
defer utilruntime.HandleCrash()
for {
// err == systemd.SdNotifyNoSocket when not running on a systemd system
if err := systemd.SdNotify("READY=1\n"); err != nil && err != systemd.SdNotifyNoSocket {
glog.Errorf("Unable to send systemd daemon successful start message: %v\n", err)
}
if err := secureServer.ListenAndServeTLS(options.TLSCertFile, options.TLSPrivateKeyFile); err != nil {
glog.Errorf("Unable to listen for secure (%v); will try again.", err)
}
time.Sleep(15 * time.Second)
}
}()
} else {
// err == systemd.SdNotifyNoSocket when not running on a systemd system
if err := systemd.SdNotify("READY=1\n"); err != nil && err != systemd.SdNotifyNoSocket {
glog.Errorf("Unable to send systemd daemon successful start message: %v\n", err)
}
}
handler := apiserver.TimeoutHandler(s.InsecureHandler, longRunningTimeout)
http := &http.Server{
Addr: insecureLocation,
Handler: apiserver.RecoverPanics(handler),
MaxHeaderBytes: 1 << 20,
}
glog.Infof("Serving insecurely on %s", insecureLocation)
glog.Fatal(http.ListenAndServe())
}
开发者ID:dilgerma,项目名称:scope,代码行数:97,代码来源:genericapiserver.go
示例3: Run
// Run launches the OpenShift master. It takes optional installers that may install additional endpoints into the server.
// All endpoints get configured CORS behavior
// Protected installers' endpoints are protected by API authentication and authorization.
// Unprotected installers' endpoints do not have any additional protection added.
func (c *MasterConfig) Run(protected []APIInstaller, unprotected []APIInstaller) {
var extra []string
safe := kmaster.NewHandlerContainer(http.NewServeMux())
open := kmaster.NewHandlerContainer(http.NewServeMux())
// enforce authentication on protected endpoints
protected = append(protected, APIInstallFunc(c.InstallProtectedAPI))
for _, i := range protected {
extra = append(extra, i.InstallAPI(safe)...)
}
handler := c.authorizationFilter(safe)
handler = authenticationHandlerFilter(handler, c.Authenticator, c.getRequestContextMapper())
handler = namespacingFilter(handler, c.getRequestContextMapper())
handler = cacheControlFilter(handler, "no-store") // protected endpoints should not be cached
// unprotected resources
unprotected = append(unprotected, APIInstallFunc(c.InstallUnprotectedAPI))
for _, i := range unprotected {
extra = append(extra, i.InstallAPI(open)...)
}
handler = indexAPIPaths(handler)
open.Handle("/", handler)
// install swagger
swaggerConfig := swagger.Config{
WebServicesUrl: c.Options.MasterPublicURL,
WebServices: append(safe.RegisteredWebServices(), open.RegisteredWebServices()...),
ApiPath: swaggerAPIPrefix,
PostBuildHandler: customizeSwaggerDefinition,
}
// log nothing from swagger
swagger.LogInfo = func(format string, v ...interface{}) {}
swagger.RegisterSwaggerService(swaggerConfig, open)
extra = append(extra, fmt.Sprintf("Started Swagger Schema API at %%s%s", swaggerAPIPrefix))
handler = open
// add CORS support
if origins := c.ensureCORSAllowedOrigins(); len(origins) != 0 {
handler = apiserver.CORS(handler, origins, nil, nil, "true")
}
if c.WebConsoleEnabled() {
handler = assetServerRedirect(handler, c.Options.AssetConfig.PublicURL)
}
// Make the outermost filter the requestContextMapper to ensure all components share the same context
if contextHandler, err := kapi.NewRequestContextFilter(c.getRequestContextMapper(), handler); err != nil {
glog.Fatalf("Error setting up request context filter: %v", err)
} else {
handler = contextHandler
}
// TODO: MaxRequestsInFlight should be subdivided by intent, type of behavior, and speed of
// execution - updates vs reads, long reads vs short reads, fat reads vs skinny reads.
if c.Options.ServingInfo.MaxRequestsInFlight > 0 {
sem := make(chan bool, c.Options.ServingInfo.MaxRequestsInFlight)
handler = apiserver.MaxInFlightLimit(sem, longRunningRE, handler)
}
timeout := c.Options.ServingInfo.RequestTimeoutSeconds
if timeout == -1 {
timeout = 0
}
server := &http.Server{
Addr: c.Options.ServingInfo.BindAddress,
Handler: handler,
ReadTimeout: time.Duration(timeout) * time.Second,
WriteTimeout: time.Duration(timeout) * time.Second,
MaxHeaderBytes: 1 << 20,
}
go util.Forever(func() {
for _, s := range extra {
glog.Infof(s, c.Options.ServingInfo.BindAddress)
}
if c.TLS {
server.TLSConfig = &tls.Config{
// Change default from SSLv3 to TLSv1.0 (because of POODLE vulnerability)
MinVersion: tls.VersionTLS10,
// Populate PeerCertificates in requests, but don't reject connections without certificates
// This allows certificates to be validated by authenticators, while still allowing other auth types
ClientAuth: tls.RequestClientCert,
ClientCAs: c.ClientCAs,
}
glog.Fatal(cmdutil.ListenAndServeTLS(server, c.Options.ServingInfo.BindNetwork, c.Options.ServingInfo.ServerCert.CertFile, c.Options.ServingInfo.ServerCert.KeyFile))
} else {
glog.Fatal(server.ListenAndServe())
}
}, 0)
// Attempt to verify the server came up for 20 seconds (100 tries * 100ms, 100ms timeout per try)
//.........这里部分代码省略.........
开发者ID:Tlacenka,项目名称:origin,代码行数:101,代码来源:master.go
示例4: Run
//.........这里部分代码省略.........
ProxyTLSClientConfig: proxyTLSClientConfig,
Tunneler: tunneler,
ServiceNodePortRange: s.ServiceNodePortRange,
KubernetesServiceNodePort: s.KubernetesServiceNodePort,
}
m := master.New(config)
// We serve on 2 ports. See docs/accessing_the_api.md
secureLocation := ""
if s.SecurePort != 0 {
secureLocation = net.JoinHostPort(s.BindAddress.String(), strconv.Itoa(s.SecurePort))
}
insecureLocation := net.JoinHostPort(s.InsecureBindAddress.String(), strconv.Itoa(s.InsecurePort))
// See the flag commentary to understand our assumptions when opening the read-only and read-write ports.
var sem chan bool
if s.MaxRequestsInFlight > 0 {
sem = make(chan bool, s.MaxRequestsInFlight)
}
longRunningRE := regexp.MustCompile(s.LongRunningRequestRE)
longRunningTimeout := func(req *http.Request) (<-chan time.Time, string) {
// TODO unify this with apiserver.MaxInFlightLimit
if longRunningRE.MatchString(req.URL.Path) || req.URL.Query().Get("watch") == "true" {
return nil, ""
}
return time.After(time.Minute), ""
}
if secureLocation != "" {
handler := apiserver.TimeoutHandler(m.Handler, longRunningTimeout)
secureServer := &http.Server{
Addr: secureLocation,
Handler: apiserver.MaxInFlightLimit(sem, longRunningRE, apiserver.RecoverPanics(handler)),
MaxHeaderBytes: 1 << 20,
TLSConfig: &tls.Config{
// Change default from SSLv3 to TLSv1.0 (because of POODLE vulnerability)
MinVersion: tls.VersionTLS10,
},
}
if len(s.ClientCAFile) > 0 {
clientCAs, err := util.CertPoolFromFile(s.ClientCAFile)
if err != nil {
glog.Fatalf("Unable to load client CA file: %v", err)
}
// Populate PeerCertificates in requests, but don't reject connections without certificates
// This allows certificates to be validated by authenticators, while still allowing other auth types
secureServer.TLSConfig.ClientAuth = tls.RequestClientCert
// Specify allowed CAs for client certificates
secureServer.TLSConfig.ClientCAs = clientCAs
}
glog.Infof("Serving securely on %s", secureLocation)
if s.TLSCertFile == "" && s.TLSPrivateKeyFile == "" {
s.TLSCertFile = path.Join(s.CertDirectory, "apiserver.crt")
s.TLSPrivateKeyFile = path.Join(s.CertDirectory, "apiserver.key")
// TODO (cjcullen): Is PublicAddress the right address to sign a cert with?
alternateIPs := []net.IP{config.ServiceReadWriteIP}
alternateDNS := []string{"kubernetes.default.svc", "kubernetes.default", "kubernetes"}
// It would be nice to set a fqdn subject alt name, but only the kubelets know, the apiserver is clueless
// alternateDNS = append(alternateDNS, "kubernetes.default.svc.CLUSTER.DNS.NAME")
if err := util.GenerateSelfSignedCert(config.PublicAddress.String(), s.TLSCertFile, s.TLSPrivateKeyFile, alternateIPs, alternateDNS); err != nil {
glog.Errorf("Unable to generate self signed cert: %v", err)
} else {
glog.Infof("Using self-signed cert (%s, %s)", s.TLSCertFile, s.TLSPrivateKeyFile)
}
}
go func() {
defer util.HandleCrash()
for {
// err == systemd.SdNotifyNoSocket when not running on a systemd system
if err := systemd.SdNotify("READY=1\n"); err != nil && err != systemd.SdNotifyNoSocket {
glog.Errorf("Unable to send systemd daemon successful start message: %v\n", err)
}
if err := secureServer.ListenAndServeTLS(s.TLSCertFile, s.TLSPrivateKeyFile); err != nil {
glog.Errorf("Unable to listen for secure (%v); will try again.", err)
}
time.Sleep(15 * time.Second)
}
}()
}
handler := apiserver.TimeoutHandler(m.InsecureHandler, longRunningTimeout)
http := &http.Server{
Addr: insecureLocation,
Handler: apiserver.RecoverPanics(handler),
MaxHeaderBytes: 1 << 20,
}
if secureLocation == "" {
// err == systemd.SdNotifyNoSocket when not running on a systemd system
if err := systemd.SdNotify("READY=1\n"); err != nil && err != systemd.SdNotifyNoSocket {
glog.Errorf("Unable to send systemd daemon successful start message: %v\n", err)
}
}
glog.Infof("Serving insecurely on %s", insecureLocation)
glog.Fatal(http.ListenAndServe())
return nil
}
开发者ID:abursavich,项目名称:kubernetes,代码行数:101,代码来源:server.go
示例5: Run
//.........这里部分代码省略.........
MinRequestTimeout: s.MinRequestTimeout,
SSHUser: s.SSHUser,
SSHKeyfile: s.SSHKeyfile,
InstallSSHKey: installSSH,
ServiceNodePortRange: s.ServiceNodePortRange,
}
m := master.New(config)
// We serve on 2 ports. See docs/accessing_the_api.md
secureLocation := ""
if s.SecurePort != 0 {
secureLocation = net.JoinHostPort(s.BindAddress.String(), strconv.Itoa(s.SecurePort))
}
insecureLocation := net.JoinHostPort(s.InsecureBindAddress.String(), strconv.Itoa(s.InsecurePort))
// See the flag commentary to understand our assumptions when opening the read-only and read-write ports.
var sem chan bool
if s.MaxRequestsInFlight > 0 {
sem = make(chan bool, s.MaxRequestsInFlight)
}
longRunningRE := regexp.MustCompile(s.LongRunningRequestRE)
longRunningTimeout := func(req *http.Request) (<-chan time.Time, string) {
// TODO unify this with apiserver.MaxInFlightLimit
if longRunningRE.MatchString(req.URL.Path) || req.URL.Query().Get("watch") == "true" {
return nil, ""
}
return time.After(time.Minute), ""
}
if secureLocation != "" {
handler := apiserver.TimeoutHandler(m.Handler, longRunningTimeout)
secureServer := &http.Server{
Addr: secureLocation,
Handler: apiserver.MaxInFlightLimit(sem, longRunningRE, apiserver.RecoverPanics(handler)),
MaxHeaderBytes: 1 << 20,
TLSConfig: &tls.Config{
// Change default from SSLv3 to TLSv1.0 (because of POODLE vulnerability)
MinVersion: tls.VersionTLS10,
},
}
if len(s.ClientCAFile) > 0 {
clientCAs, err := util.CertPoolFromFile(s.ClientCAFile)
if err != nil {
glog.Fatalf("unable to load client CA file: %v", err)
}
// Populate PeerCertificates in requests, but don't reject connections without certificates
// This allows certificates to be validated by authenticators, while still allowing other auth types
secureServer.TLSConfig.ClientAuth = tls.RequestClientCert
// Specify allowed CAs for client certificates
secureServer.TLSConfig.ClientCAs = clientCAs
}
glog.Infof("Serving securely on %s", secureLocation)
go func() {
defer util.HandleCrash()
for {
if s.TLSCertFile == "" && s.TLSPrivateKeyFile == "" {
s.TLSCertFile = path.Join(s.CertDirectory, "apiserver.crt")
s.TLSPrivateKeyFile = path.Join(s.CertDirectory, "apiserver.key")
// TODO (cjcullen): Is PublicAddress the right address to sign a cert with?
alternateIPs := []net.IP{config.ServiceReadWriteIP}
alternateDNS := []string{"kubernetes.default.svc", "kubernetes.default", "kubernetes"}
// It would be nice to set a fqdn subject alt name, but only the kubelets know, the apiserver is clueless
// alternateDNS = append(alternateDNS, "kubernetes.default.svc.CLUSTER.DNS.NAME")
if err := util.GenerateSelfSignedCert(config.PublicAddress.String(), s.TLSCertFile, s.TLSPrivateKeyFile, alternateIPs, alternateDNS); err != nil {
glog.Errorf("Unable to generate self signed cert: %v", err)
} else {
glog.Infof("Using self-signed cert (%s, %s)", s.TLSCertFile, s.TLSPrivateKeyFile)
}
}
// err == systemd.SdNotifyNoSocket when not running on a systemd system
if err := systemd.SdNotify("READY=1\n"); err != nil && err != systemd.SdNotifyNoSocket {
glog.Errorf("Unable to send systemd daemon successful start message: %v\n", err)
}
if err := secureServer.ListenAndServeTLS(s.TLSCertFile, s.TLSPrivateKeyFile); err != nil {
glog.Errorf("Unable to listen for secure (%v); will try again.", err)
}
time.Sleep(15 * time.Second)
}
}()
}
handler := apiserver.TimeoutHandler(m.InsecureHandler, longRunningTimeout)
http := &http.Server{
Addr: insecureLocation,
Handler: apiserver.RecoverPanics(handler),
MaxHeaderBytes: 1 << 20,
}
if secureLocation == "" {
// err == systemd.SdNotifyNoSocket when not running on a systemd system
if err := systemd.SdNotify("READY=1\n"); err != nil && err != systemd.SdNotifyNoSocket {
glog.Errorf("Unable to send systemd daemon successful start message: %v\n", err)
}
}
glog.Infof("Serving insecurely on %s", insecureLocation)
glog.Fatal(http.ListenAndServe())
return nil
}
开发者ID:nvnvrts,项目名称:kubernetes,代码行数:101,代码来源:server.go
示例6: Run
//.........这里部分代码省略.........
components may use client certificates that require no authentication.
All API operations return a 'resourceVersion' string that represents the
version of the object in the underlying storage. The standard LIST operation
performs a snapshot read of the underlying objects, returning a resourceVersion
representing a consistent version of the listed objects. The WATCH operation
allows all updates to a set of objects after the provided resourceVersion to
be observed by a client. By listing and beginning a watch from the returned
resourceVersion, clients may observe a consistent view of the state of one
or more objects. Note that WATCH always returns the update after the provided
resourceVersion. Watch may be extended a limited time in the past - using
etcd 2 the watch window is 1000 events (which on a large cluster may only
be a few tens of seconds) so clients must explicitly handle the "watch
to old error" by re-listing.
Objects are divided into two rough categories - those that have a lifecycle
and must reflect the state of the cluster, and those that have no state.
Objects with lifecycle typically have three main sections:
* 'metadata' common to all objects
* a 'spec' that represents the desired state
* a 'status' that represents how much of the desired state is reflected on
the cluster at the current time
Objects that have no state have 'metadata' but may lack a 'spec' or 'status'
section.
Objects are divided into those that are namespace scoped (only exist inside
of a namespace) and those that are cluster scoped (exist outside of
a namespace). A namespace scoped resource will be deleted when the namespace
is deleted and cannot be created if the namespace has not yet been created
or is in the process of deletion. Cluster scoped resources are typically
only accessible to admins - resources like nodes, persistent volumes, and
cluster policy.
All objects have a schema that is a combination of the 'kind' and
'apiVersion' fields. This schema is additive only for any given version -
no backwards incompatible changes are allowed without incrementing the
apiVersion. The server will return and accept a number of standard
responses that share a common schema - for instance, the common
error type is 'unversioned.Status' (described below) and will be returned
on any error from the API server.
The API is available in multiple serialization formats - the default is
JSON (Accept: application/json and Content-Type: application/json) but
clients may also use YAML (application/yaml) or the native Protobuf
schema (application/vnd.kubernetes.protobuf). Note that the format
of the WATCH API call is slightly different - for JSON it returns newline
delimited objects while for Protobuf it returns length-delimited frames
(4 bytes in network-order) that contain a 'versioned.Watch' Protobuf
object.
See the OpenShift documentation at https://docs.openshift.org for more
information.
`),
},
},
DefaultResponse: &spec.Response{
ResponseProps: spec.ResponseProps{
Description: "Default Response.",
},
},
}
err := openapi.RegisterOpenAPIService(&openAPIConfig, open)
if err != nil {
glog.Fatalf("Failed to generate open api spec: %v", err)
}
extra = append(extra, fmt.Sprintf("Started OpenAPI Schema at %%s%s", openapi.OpenAPIServePath))
handler = open
// add CORS support
if origins := c.ensureCORSAllowedOrigins(); len(origins) != 0 {
handler = apiserver.CORS(handler, origins, nil, nil, "true")
}
if c.WebConsoleEnabled() {
handler = assetServerRedirect(handler, c.Options.AssetConfig.PublicURL)
}
// Make the outermost filter the requestContextMapper to ensure all components share the same context
if contextHandler, err := kapi.NewRequestContextFilter(c.getRequestContextMapper(), handler); err != nil {
glog.Fatalf("Error setting up request context filter: %v", err)
} else {
handler = contextHandler
}
longRunningRequestCheck := apiserver.BasicLongRunningRequestCheck(longRunningRE, map[string]string{"watch": "true"})
// TODO: MaxRequestsInFlight should be subdivided by intent, type of behavior, and speed of
// execution - updates vs reads, long reads vs short reads, fat reads vs skinny reads.
if c.Options.ServingInfo.MaxRequestsInFlight > 0 {
sem := make(chan bool, c.Options.ServingInfo.MaxRequestsInFlight)
handler = apiserver.MaxInFlightLimit(sem, longRunningRequestCheck, handler)
}
c.serve(handler, extra)
// Attempt to verify the server came up for 20 seconds (100 tries * 100ms, 100ms timeout per try)
cmdutil.WaitForSuccessfulDial(c.TLS, c.Options.ServingInfo.BindNetwork, c.Options.ServingInfo.BindAddress, 100*time.Millisecond, 100*time.Millisecond, 100)
}
开发者ID:pecameron,项目名称:origin,代码行数:101,代码来源:master.go
注:本文中的k8s/io/kubernetes/pkg/apiserver.MaxInFlightLimit函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论