Client-go source code analysis (1): client-go client object
The importance of client-go
Client-go is a secondary development tool for K8s clusters, so client-go is one of the necessary tools for k8s developers.
Purpose of this article
The purpose of this article is to teach you what types of k8s cluster clients are. You may have used client-go to manipulate resource objects in k8s before, but you may have a little understanding of the principles. The client-go github only gives Just a few simple examples without much in-depth explanation. In this lecture, I will introduce to you first, client-go has several types of client objects to interact with the cluster. What are the uses of these client objects? What is the principle of their interaction?
Client object
There are four client-go client objects with different functions:
- RESTClient: It encapsulates the HTTP Request and implements the RESTful style API. Other clients are implemented on the basis of RESTClient. Can be used with k8s built-in resources and CRD resources
- ClientSet: It is a collection of clients for k8s built-in resource objects. By default, CRD resources cannot be operated, but CRD resources can also be operated by client-gen code generation.
- DynamicClient: It can not only process K8S built-in resources, but also process CRD resources, which can be realized without client-gen generating code.
- DiscoveryClient: Used to discover resource groups, resource versions, and resource information (ie Group, Version, Resources) supported by kube-apiserver.
This section summarizes: RESTCLient, ClientSet and DynamicClient can all operate on K8S built-in resources and CRD resources. Only clientSet needs to generate code to operate CRD resources.
RESTClient
RESTClient encapsulates HTTP Request and implements RESTful API encapsulation, so that users do not need to use the original API method when obtaining K8S resources (for example, request https://1.142.113.45:6443/api/v1/ Original form like pods). The client of ClientSet makes the code more readable and easier to use. Here is an example:
func GetRestClient(kubeconfig string) (error, *rest.RESTClient){
config, err := clientcmd.BuildConfigFromFlags("", kubeconfig)
if err != nil {
return err, nil
}
config.APIPath = "api"
config.GroupVersion = &corev1.SchemeGroupVersion
config.NegotiatedSerializer = scheme.Codecs
restClient, err := rest.RESTClientFor(config)
if err != nil {
return err, nil
}
return nil, restClient
}
Here is the kubeconfig file first, then clientcmd.BuildConfigFromFlags("", kubeconfig) loads the configuration file and generates the config object, look at the generation of the ClientConfig object:
func BuildConfigFromFlags(masterUrl, kubeconfigPath string) (*restclient.Config, error) {
if kubeconfigPath == "" && masterUrl == "" {
klog.Warningf("Neither --kubeconfig nor --master was specified. Using the inClusterConfig. This might not work.")
kubeconfig, err := restclient.InClusterConfig()
if err == nil {
return kubeconfig, nil
}
klog.Warning("error creating inClusterConfig, falling back to default config: ", err)
}
return NewNonInteractiveDeferredLoadingClientConfig(
&ClientConfigLoadingRules{ExplicitPath: kubeconfigPath},
&ConfigOverrides{ClusterInfo: clientcmdapi.Cluster{Server: masterUrl}}).ClientConfig()
}
This ClientConfig() function is responsible for converting the object NewNonInteractiveDeferredLoadingClientConfig after the Kuebconfig file is loaded into a restclient.Config object:
func (config *DirectClientConfig) ClientConfig() (*restclient.Config, error) {
// check that getAuthInfo, getContext, and getCluster do not return an error.
// Do this before checking if the current config is usable in the event that an
// AuthInfo, Context, or Cluster config with user-defined names are not found.
// This provides a user with the immediate cause for error if one is found
configAuthInfo, err := config.getAuthInfo()
if err != nil {
return nil, err
}
_, err = config.getContext()
if err != nil {
return nil, err
}
configClusterInfo, err := config.getCluster()
if err != nil {
return nil, err
}
if err := config.ConfirmUsable(); err != nil {
return nil, err
}
clientConfig := &restclient.Config{}
clientConfig.Host = configClusterInfo.Server
if len(config.overrides.Timeout) > 0 {
timeout, err := ParseTimeout(config.overrides.Timeout)
if err != nil {
return nil, err
}
clientConfig.Timeout = timeout
}
if u, err := url.ParseRequestURI(clientConfig.Host); err == nil && u.Opaque == "" && len(u.Path) > 1 {
u.RawQuery = ""
u.Fragment = ""
clientConfig.Host = u.String()
}
if len(configAuthInfo.Impersonate) > 0 {
clientConfig.Impersonate = restclient.ImpersonationConfig{
UserName: configAuthInfo.Impersonate,
Groups: configAuthInfo.ImpersonateGroups,
Extra: configAuthInfo.ImpersonateUserExtra,
}
}
// only try to read the auth information if we are secure
if restclient.IsConfigTransportTLS(*clientConfig) {
var err error
var persister restclient.AuthProviderConfigPersister
if config.configAccess != nil {
authInfoName, _ := config.getAuthInfoName()
persister = PersisterForUser(config.configAccess, authInfoName)
}
userAuthPartialConfig, err := config.getUserIdentificationPartialConfig(configAuthInfo, config.fallbackReader, persister)
if err != nil {
return nil, err
}
mergo.MergeWithOverwrite(clientConfig, userAuthPartialConfig)
serverAuthPartialConfig, err := getServerIdentificationPartialConfig(configAuthInfo, configClusterInfo)
if err != nil {
return nil, err
}
mergo.MergeWithOverwrite(clientConfig, serverAuthPartialConfig)
}
return clientConfig, nil
}
clientConfig is the last generated config object. Use the path of the kubeconfig file given here to initialize a clientset. Of course, client-go can use in-cluster config to initialize these clients. It's just that we generally use the kubeconfig file to debug when debugging.
Then let's take a look at the implementation of the RESTClient client to understand in depth:
first look at the implementation of the RESTClientFor function:
func RESTClientFor(config *Config) (*RESTClient, error) {
// 基础配置检验下,没有就直接报错退出
if config.GroupVersion == nil {
return nil, fmt.Errorf("GroupVersion is required when initializing a RESTClient")
}
if config.NegotiatedSerializer == nil {
return nil, fmt.Errorf("NegotiatedSerializer is required when initializing a RESTClient")
}
// 有些配置没给配置,就默认配置下。
qps := config.QPS
if config.QPS == 0.0 {
qps = DefaultQPS
}
burst := config.Burst
if config.Burst == 0 {
burst = DefaultBurst
}
baseURL, versionedAPIPath, err := defaultServerUrlFor(config) // 获取基本的URL和apiPath,这个行程了基础的url,一会跟一下代码
if err != nil {
return nil, err
}
transport, err := TransportFor(config)
if err != nil {
return nil, err
}
var httpClient *http.Client
if transport != http.DefaultTransport {
httpClient = &http.Client{Transport: transport}
if config.Timeout > 0 {//是否设置超时时间,没有就给默认值
httpClient.Timeout = config.Timeout
}
}
return NewRESTClient(baseURL, versionedAPIPath, config.ContentConfig, qps, burst, config.RateLimiter, httpClient) // 新建的NewRESTClient
}
First look at the code of the defaultServerUrlFor function:
func defaultServerUrlFor(config *Config) (*url.URL, string, error) {
// TODO: move the default to secure when the apiserver supports TLS by default
// config.Insecure is taken to mean "I want HTTPS but don't bother checking the certs against a CA."
hasCA := len(config.CAFile) != 0 || len(config.CAData) != 0
hasCert := len(config.CertFile) != 0 || len(config.CertData) != 0
defaultTLS := hasCA || hasCert || config.Insecure
host := config.Host // 拿出hosts
if host == "" {
host = "localhost"
}
if config.GroupVersion != nil { // groupversion
return DefaultServerURL(host, config.APIPath, *config.GroupVersion, defaultTLS)
}
return DefaultServerURL(host, config.APIPath, schema.GroupVersion{}, defaultTLS)
}
Take a look at what's in the NewRESTClient function:
func NewRESTClient(baseURL *url.URL, versionedAPIPath string, config ContentConfig, maxQPS float32, maxBurst int, rateLimiter flowcontrol.RateLimiter, client *http.Client) (*RESTClient, error) {
base := *baseURL
if !strings.HasSuffix(base.Path, "/") {
base.Path += "/"
}
base.RawQuery = ""
base.Fragment = ""
if config.GroupVersion == nil {
config.GroupVersion = &schema.GroupVersion{}
}
if len(config.ContentType) == 0 {
config.ContentType = "application/json"
}
serializers, err := createSerializers(config)
if err != nil {
return nil, err
}
var throttle flowcontrol.RateLimiter
if maxQPS > 0 && rateLimiter == nil {
throttle = flowcontrol.NewTokenBucketRateLimiter(maxQPS, maxBurst)
} else if rateLimiter != nil {
throttle = rateLimiter
}
return &RESTClient{
base: &base,
versionedAPIPath: versionedAPIPath,
contentConfig: config,
serializers: *serializers,
createBackoffMgr: readExpBackoffConfig,
Throttle: throttle,
Client: client,
}, nil
}
Reading and writing this function is just a basic package. Here's how to use RESTClient to manipulate resource objects:
restClient.Get().Namespace("default").Resource("pods").Do()
The return of the Get() function is a request object:
func (c *RESTClient) Get() *Request {
return c.Verb("GET")
}
The Namespace function just sets the namespace into the request field:
func (r *Request) Namespace(namespace string) *Request {
if r.err != nil {
return r
}
if r.namespaceSet {
r.err = fmt.Errorf("namespace already set to %q, cannot change to %q", r.namespace, namespace)
return r
}
if msgs := IsValidPathSegmentName(namespace); len(msgs) != 0 {
r.err = fmt.Errorf("invalid namespace %q: %v", namespace, msgs)
return r
}
r.namespaceSet = true
r.namespace = namespace // 在request对象中设置namespace
return r
}
Resource function:
func (r *Request) Resource(resource string) *Request {
if r.err != nil {
return r
}
if len(r.resource) != 0 {
r.err = fmt.Errorf("resource already set to %q, cannot change to %q", r.resource, resource)
return r
}
if msgs := IsValidPathSegmentName(resource); len(msgs) != 0 {
r.err = fmt.Errorf("invalid resource %q: %v", resource, msgs)
return r
}
r.resource = resource // 在request对象中设置resource
return r
}
Do function:
func (r *Request) Do() Result {
r.tryThrottle()
var result Result
err := r.request(func(req *http.Request, resp *http.Response) {
result = r.transformResponse(resp, req)
})
if err != nil {
return Result{err: err}
}
return result
}
Focus on the request function inside:
func (r *Request) request(fn func(*http.Request, *http.Response)) error {
//Metrics for total request latency
start := time.Now()
defer func() {
metrics.RequestLatency.Observe(r.verb, r.finalURLTemplate(), time.Since(start))
}()
if r.err != nil {
klog.V(4).Infof("Error in request: %v", r.err)
return r.err
}
// TODO: added to catch programmer errors (invoking operations with an object with an empty namespace)
// 校验参数是否合理
if (r.verb == "GET" || r.verb == "PUT" || r.verb == "DELETE") && r.namespaceSet && len(r.resourceName) > 0 && len(r.namespace) == 0 {
return fmt.Errorf("an empty namespace may not be set when a resource name is provided")
}
if (r.verb == "POST") && r.namespaceSet && len(r.namespace) == 0 {
return fmt.Errorf("an empty namespace may not be set during creation")
}
client := r.client
if client == nil {
client = http.DefaultClient
}
// Right now we make about ten retry attempts if we get a Retry-After response.
maxRetries := 10
retries := 0
for {
url := r.URL().String()// 需要着重看下这个URL函数
req, err := http.NewRequest(r.verb, url, r.body)
if err != nil {
return err
}
if r.timeout > 0 {
if r.ctx == nil {
r.ctx = context.Background()
}
var cancelFn context.CancelFunc
r.ctx, cancelFn = context.WithTimeout(r.ctx, r.timeout)
defer cancelFn()
}
if r.ctx != nil {
req = req.WithContext(r.ctx)
}
req.Header = r.headers
r.backoffMgr.Sleep(r.backoffMgr.CalculateBackoff(r.URL()))
if retries > 0 {
// We are retrying the request that we already send to apiserver
// at least once before.
// This request should also be throttled with the client-internal throttler.
r.tryThrottle()
}
resp, err := client.Do(req)
updateURLMetrics(r, resp, err)
if err != nil {
r.backoffMgr.UpdateBackoff(r.URL(), err, 0)
} else {
r.backoffMgr.UpdateBackoff(r.URL(), err, resp.StatusCode)
}
if err != nil {
// "Connection reset by peer" is usually a transient error.
// Thus in case of "GET" operations, we simply retry it.
// We are not automatically retrying "write" operations, as
// they are not idempotent.
if !net.IsConnectionReset(err) || r.verb != "GET" {
return err
}
// For the purpose of retry, we set the artificial "retry-after" response.
// TODO: Should we clean the original response if it exists?
resp = &http.Response{
StatusCode: http.StatusInternalServerError,
Header: http.Header{"Retry-After": []string{"1"}},
Body: ioutil.NopCloser(bytes.NewReader([]byte{})),
}
}
done := func() bool {
// Ensure the response body is fully read and closed
// before we reconnect, so that we reuse the same TCP
// connection.
defer func() {
const maxBodySlurpSize = 2 << 10
if resp.ContentLength <= maxBodySlurpSize {
io.Copy(ioutil.Discard, &io.LimitedReader{R: resp.Body, N: maxBodySlurpSize})
}
resp.Body.Close()
}()
retries++
if seconds, wait := checkWait(resp); wait && retries < maxRetries {
if seeker, ok := r.body.(io.Seeker); ok && r.body != nil {
_, err := seeker.Seek(0, 0)
if err != nil {
klog.V(4).Infof("Could not retry request, can't Seek() back to beginning of body for %T", r.body)
fn(req, resp)
return true
}
}
klog.V(4).Infof("Got a Retry-After %ds response for attempt %d to %v", seconds, retries, url)
r.backoffMgr.Sleep(time.Duration(seconds) * time.Second)
return false
}
fn(req, resp)
return true
}()
if done {
return nil
}
}
}
Focus on the r.URL function, which is used to generate URLs. Here you will find that the resource, namespace and the like set in the request are used to splice URLs here:
func (r *Request) URL() *url.URL {
p := r.pathPrefix
if r.namespaceSet && len(r.namespace) > 0 {
p = path.Join(p, "namespaces", r.namespace)
}
if len(r.resource) != 0 {
p = path.Join(p, strings.ToLower(r.resource))
}
// Join trims trailing slashes, so preserve r.pathPrefix's trailing slash for backwards compatibility if nothing was changed
if len(r.resourceName) != 0 || len(r.subpath) != 0 || len(r.subresource) != 0 {
p = path.Join(p, r.resourceName, r.subresource, r.subpath)
}
finalURL := &url.URL{}
if r.baseURL != nil {
*finalURL = *r.baseURL
}
finalURL.Path = p
query := url.Values{}
for key, values := range r.params {
for _, value := range values {
query.Add(key, value)
}
}
// timeout is handled specially here.
if r.timeout != 0 {
query.Set("timeout", r.timeout.String())
}
finalURL.RawQuery = query.Encode()
return finalURL
}
Summarize this section: api-server exposes many interfaces, and RESTClient will encapsulate these apis, so we can see that the corresponding URL is generated in the source code.
ClientSet client
The ClientSet client is a collection of k8s built-in resource object clients by default, and the built-in resource object of k8s can be operated through the ClientSet client. The following will introduce why clientset is a collection of built-in resource object clients.
Let's introduce a piece of code:
func getClientSet(kubeconfig string) {
config, err := clientcmd.BuildConfigFromFlags("", kubeconfig)
if err != nil {
panic(err.Error())
}
// create the clientset
clientset, err := kubernetes.NewForConfig(config)
if err != nil {
panic(err.Error())
}
for {
pods, err := clientset.CoreV1().Pods("").List(metav1.ListOptions{})
if err != nil {
panic(err.Error())
}
fmt.Printf("There are %d pods in the cluster\n", len(pods.Items))
// Examples for error handling:
// - Use helper functions like e.g. errors.IsNotFound()
// - And/or cast to StatusError and use its properties like e.g. ErrStatus.Message
namespace := "default"
pod := "example-xxxxx"
_, err = clientset.CoreV1().Pods(namespace).Get(pod, metav1.GetOptions{})
if errors.IsNotFound(err) {
fmt.Printf("Pod %s in namespace %s not found\n", pod, namespace)
} else if statusError, isStatus := err.(*errors.StatusError); isStatus {
fmt.Printf("Error getting pod %s in namespace %s: %v\n",
pod, namespace, statusError.ErrStatus.Message)
} else if err != nil {
panic(err.Error())
} else {
fmt.Printf("Found pod %s in namespace %s\n", pod, namespace)
}
time.Sleep(10 * time.Second)
}
}
The clientcmd.BuildConfigFromFlags function has been analyzed above, here is the analysis of the different places, the function kubernetes.NewForConfig that generates the clientset, here we can see that cs is a lot of k8s built-in resource client objects, and settings A discoveryClient:
func NewForConfig(c *rest.Config) (*Clientset, error) {
configShallowCopy := *c
if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 {
configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst)
}
var cs Clientset
var err error
// 这边开始会初始化k8s内置的资源的clientset
cs.admissionregistrationV1beta1, err = admissionregistrationv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.appsV1, err = appsv1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.appsV1beta1, err = appsv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.appsV1beta2, err = appsv1beta2.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.auditregistrationV1alpha1, err = auditregistrationv1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.authenticationV1, err = authenticationv1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.authenticationV1beta1, err = authenticationv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.authorizationV1, err = authorizationv1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.authorizationV1beta1, err = authorizationv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.autoscalingV1, err = autoscalingv1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.autoscalingV2beta1, err = autoscalingv2beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.autoscalingV2beta2, err = autoscalingv2beta2.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.batchV1, err = batchv1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.batchV1beta1, err = batchv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.batchV2alpha1, err = batchv2alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.certificatesV1beta1, err = certificatesv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.coordinationV1beta1, err = coordinationv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.coordinationV1, err = coordinationv1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.coreV1, err = corev1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.eventsV1beta1, err = eventsv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.extensionsV1beta1, err = extensionsv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.networkingV1, err = networkingv1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.networkingV1beta1, err = networkingv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.nodeV1alpha1, err = nodev1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.nodeV1beta1, err = nodev1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.policyV1beta1, err = policyv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.rbacV1, err = rbacv1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.rbacV1beta1, err = rbacv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.rbacV1alpha1, err = rbacv1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.schedulingV1alpha1, err = schedulingv1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.schedulingV1beta1, err = schedulingv1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.schedulingV1, err = schedulingv1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.settingsV1alpha1, err = settingsv1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.storageV1beta1, err = storagev1beta1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.storageV1, err = storagev1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.storageV1alpha1, err = storagev1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) // 注意啦,clientset里面还放了一个DiscoverClient
if err != nil {
return nil, err
}
return &cs, nil
}
Then chase into NewForConfig and take a look, and you will know what it is when you see rest.RESTClientFor, this function is the implementation of RESTClient:
func NewForConfig(c *rest.Config) (*AppsV1beta1Client, error) {
config := *c
if err := setConfigDefaults(&config); err != nil {
return nil, err
}
client, err := rest.RESTClientFor(&config)
if err != nil {
return nil, err
}
return &AppsV1beta1Client{client}, nil
}
Now I understand, why the clientset client is a collection of client objects of each k8s built-in resource.
DynamicClient
The characteristic of DynamicClient is that in addition to using k8s built-in resources, CRD resources can also be used. The principle of dynamicClient is that the incoming resource data uses the map[string]interface{} structure.
func getDynamicClientExample(kubeconfig string) {
config, err := clientcmd.BuildConfigFromFlags("", kubeconfig)
if err != nil {
panic(err)
}
client, err := dynamic.NewForConfig(config)
if err != nil {
panic(err)
}
deploymentRes := schema.GroupVersionResource{Group: "apps", Version: "v1", Resource: "deployments"}
deployment := &unstructured.Unstructured{
Object: map[string]interface{}{
"apiVersion": "apps/v1",
"kind": "Deployment",
"metadata": map[string]interface{}{
"name": "demo-deployment",
},
"spec": map[string]interface{}{
"replicas": 2,
"selector": map[string]interface{}{
"matchLabels": map[string]interface{}{
"app": "demo",
},
},
"template": map[string]interface{}{
"metadata": map[string]interface{}{
"labels": map[string]interface{}{
"app": "demo",
},
},
"spec": map[string]interface{}{
"containers": []map[string]interface{}{
{
"name": "web",
"image": "nginx:1.12",
"ports": []map[string]interface{}{
{
"name": "http",
"protocol": "TCP",
"containerPort": 80,
},
},
},
},
},
},
},
},
}
// Create Deployment
fmt.Println("Creating deployment...")
result, err := client.Resource(deploymentRes).Namespace("").Create(deployment, metav1.CreateOptions{})
if err != nil {
panic(err)
}
fmt.Printf("Created deployment %q.\n", result.GetName())
}
Start directly from dynamic.NewForConfig(config):
func NewForConfig(inConfig *rest.Config) (Interface, error) {
config := rest.CopyConfig(inConfig)
// for serializing the options
config.GroupVersion = &schema.GroupVersion{}
config.APIPath = "/if-you-see-this-search-for-the-break"
config.AcceptContentTypes = "application/json"
config.ContentType = "application/json"
config.NegotiatedSerializer = basicNegotiatedSerializer{} // this gets used for discovery and error handling types
if config.UserAgent == "" {
config.UserAgent = rest.DefaultKubernetesUserAgent()
}
restClient, err := rest.RESTClientFor(config) //还是去新建了一个RESTClient客户端
if err != nil {
return nil, err
}
return &dynamicClient{client: restClient}, nil
}
From the code, the dynamicClient is still restClient.
DiscoveryClient
DiscoveryClient is a discovery client, which is mainly used to discover resource groups, resource versions, and resource information supported by k8s api-server.
First come a damo:
func getDisCoveryClient(kubeconfig string) {
config, err := clientcmd.BuildConfigFromFlags("", kubeconfig)
if err != nil {
panic(err)
}
discoveryClient, err := discovery.NewDiscoveryClientForConfig(config)
if err != nil {
panic(err)
}
_, APIResourceList, err := discoveryClient.ServerGroupsAndResources()\
if err != nil {
panic(err)
}
for _, list := range APIResourceList {
}
}
Look directly at this function discovery.NewDiscoveryClientForConfig(config), you can also see below that RESTClient is used:
func NewDiscoveryClientForConfig(c *restclient.Config) (*DiscoveryClient, error) {
config := *c
// 设置一些默认的参数
if err := setDiscoveryDefaults(&config); err != nil {
return nil, err
}
// 类似RESTClient客户端
client, err := restclient.UnversionedRESTClientFor(&config)
return &DiscoveryClient{restClient: client, LegacyPrefix: "/api"}, err
}
Doubt
Question: The four types of clients actually use restClient, the basic client, but is it necessary to distinguish this clearly? Is it necessary for 4 kinds of clients to exist at the same time?
Answer: I felt that as long as RESTClient is enough, at least there is no need to have both clientSet and DynamicClient, because the clientset client can also operate CRD resources through code generation. After thinking about it carefully, for the acquisition of unknown objects, the dynamicClient client is useful. In other words, the clientset client is only useful for what type of object you know, and you can only use it when you don’t know the type. dynamicClient.
to sum up
The client-go client is a RESTFul API package for the client to access k8s resources, making it easier for users to interact with k8s and the code easier to understand. Of course, client-go provides far more to users. This section mainly introduces 4 types of clients. The more commonly used one is the clientset that can directly manipulate the built-in resources of k8s. There are official examples on the github repository of client-go (https://github.com/kubernetes/client-go/blob/master/examples/in-cluster-client-configuration/main.go)
Later, this official account ("Cloud Native Notes") will continue to publish a series of articles on client-go source code analysis, so stay tuned!