kubelet源码分析（version： git tag 1.7.6）

一、概述 

　　kubelet源码入口：cmd/kubelet/kubelet.go main()

　　cmd/kubelet/app 包中的Run函数：

　查看先参数，kubelet.KubeletDeps

type KubeletDeps struct {
    Builder KubeletBuilder
    ContainerRuntimeOptions []kubecontainer.Option 
    Options                 []Option
    Auth                server.AuthInterface                --------      interface， 重点关注【下面还有，以这个为例】
    CAdvisorInterface       cadvisor.Interface
    Cloud                   cloudprovider.Interface
    ContainerManager        cm.ContainerManager
    DockerClient            libdocker.Interface  　　　　　　　
    EventClient             v1core.EventsGetter
    KubeClient              clientset.Interface
    ExternalKubeClient      clientgoclientset.Interface
    Mounter                 mount.Interface
    NetworkPlugins          []network.NetworkPlugin
    OOMAdjuster             *oom.OOMAdjuster
    OSInterface             kubecontainer.OSInterface
    PodConfig               *config.PodConfig
    Recorder                record.EventRecorder
    Writer                  kubeio.Writer
    VolumePlugins           []volume.VolumePlugin
    TLSOptions              *server.TLSOptions
}

 　　以下为server.AuthInterface 接口定义：

// AuthInterface contains all methods required by the auth filters
type AuthInterface interface {
    authenticator.Request     
    authorizer.RequestAttributesGetter
    authorizer.Authorizer     
}

　　继续查看：

type Request interface {
    AuthenticateRequest(req *http.Request) (user.Info, bool, error)
}  

type RequestAttributesGetter interface {
    GetRequestAttributes(user.Info, *http.Request) Attributes
}  

type Authorizer interface {
    Authorize(a Attributes) (authorized bool, reason string, err error)
}  

　　KubeletDeps 结构体中其他的接口也类似；

二、流程分析

　　　　主要是参数的初始化判断，然后通过kubeDeps.ContainerManager进行管理；

　　该函数返回的是一个ContainerManager接口，如下：

// Manages the containers running on a machine.
type ContainerManager interface {
    // Runs the container manager's housekeeping.
    // - Ensures that the Docker daemon is in a container.
    // - Creates the system container where all non-containerized processes run.
    Start(*v1.Node, ActivePodsFunc) error

    // Returns resources allocated to system cgroups in the machine.
    // These cgroups include the system and Kubernetes services.
    SystemCgroupsLimit() v1.ResourceList

    // Returns a NodeConfig that is being used by the container manager.
    GetNodeConfig() NodeConfig

    // Returns internal Status.
    Status() Status

    // NewPodContainerManager is a factory method which returns a podContainerManager object
    // Returns a noop implementation if qos cgroup hierarchy is not enabled
    NewPodContainerManager() PodContainerManager

    // GetMountedSubsystems returns the mounted cgroup subsystems on the node
    GetMountedSubsystems() *CgroupSubsystems

    // GetQOSContainersInfo returns the names of top level QoS containers
    GetQOSContainersInfo() QOSContainersInfo

    // GetNodeAllocatable returns the amount of compute resources that have to be reserved from scheduling.
    GetNodeAllocatableReservation() v1.ResourceList

    // GetCapacity returns the amount of compute resources tracked by container manager available on the node.
    GetCapacity() v1.ResourceList

    // UpdateQOSCgroups performs housekeeping updates to ensure that the top
    // level QoS containers have their desired state in a thread-safe way
    UpdateQOSCgroups() error
}

　　而结构体containerManagerImpl 实现了ContainerManager接口：

　　　　继续往下：

　　　进入函数，查看注释：

　　主要就是做一些基本验证：

　　　启动kublet服务：

func startKubelet(k kubelet.KubeletBootstrap, podCfg *config.PodConfig, kubeCfg *componentconfig.KubeletConfiguration, kubeDeps *kubelet.KubeletDeps) {      
    // start the kubelet      
    go wait.Until(func() { k.Run(podCfg.Updates()) }, 0, wait.NeverStop)　　# go routine， 这里主要是对接kube-api

    // start the kubelet server    
    if kubeCfg.EnableServer { 
        go wait.Until(func() {
            k.ListenAndServe(net.ParseIP(kubeCfg.Address), uint(kubeCfg.Port), kubeDeps.TLSOptions, kubeDeps.Auth, kubeCfg.EnableDebuggingHandlers, kubeCfg.EnableContentionProfiling)
        }, 0, wait.NeverStop)   // *****
    }     if kubeCfg.ReadOnlyPort > 0 {  
        go wait.Until(func() {
            k.ListenAndServeReadOnly(net.ParseIP(kubeCfg.Address), uint(kubeCfg.ReadOnlyPort))
        }, 0, wait.NeverStop) 
    } 
}

　　启动kubelet HTTP server:

// ListenAndServe runs the kubelet HTTP server.
func (kl *Kubelet) ListenAndServe(address net.IP, port uint, tlsOptions *server.TLSOptions, auth server.AuthInterface, enableDebuggingHandlers, enableContentionProfiling bool) {
    server.ListenAndServeKubeletServer(kl, kl.resourceAnalyzer, address, port, tlsOptions, auth, enableDebuggingHandlers, enableContentionProfiling, kl.containerRuntime, kl.criHandler)
}

　　continue:

// ListenAndServeKubeletServer initializes a server to respond to HTTP network requests on the Kubelet.
func ListenAndServeKubeletServer(
    host HostInterface,
    resourceAnalyzer stats.ResourceAnalyzer,
    address net.IP,
    port uint,
    tlsOptions *TLSOptions,
    auth AuthInterface,
    enableDebuggingHandlers,
    enableContentionProfiling bool,
    runtime kubecontainer.Runtime,
    criHandler http.Handler) {    glog.Infof("Starting to listen on %s:%d", address, port)
    handler := NewServer(host, resourceAnalyzer, auth, enableDebuggingHandlers, enableContentionProfiling, runtime, criHandler)    s := &http.Server{
        Addr:           net.JoinHostPort(address.String(), strconv.FormatUint(uint64(port), 10)),
        Handler:        &handler,
        MaxHeaderBytes: 1 << 20, 
    }   
    if tlsOptions != nil {
        s.TLSConfig = tlsOptions.Config
        // Passing empty strings as the cert and key files means no
        // cert/keys are specified and GetCertificate in the TLSConfig
        // should be called instead.
        glog.Fatal(s.ListenAndServeTLS(tlsOptions.CertFile, tlsOptions.KeyFile))    } else {
        glog.Fatal(s.ListenAndServe())
    }   
}