(feat: scale) limitranger allow pod update #124887
Conversation
k8s-ci-robot
added
size/XS
|
Hi @mouuii. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
k8s-ci-robot
added
needs-ok-to-test
mouuii
force-pushed
the
limit-range-allow-pod-update
branch
from
84d2679 to
afb96b0
Compare
k8s-ci-robot
added
size/S
|
/sig node |
k8s-ci-robot
added
sig/node
|
/cc tallclair |
|
/release-note-none Looks good overall. |
k8s-ci-robot
added
release-note-none
|
/cc |
I'm not familiar with writing e2e and I think this change will only affect performance ? |
|
should the changes done here be gated by the InPlaceVerticalAutoscaling featuregate, like we do e.g. in the kubelet? |
Good point. +1 |
k8s-ci-robot
removed
needs-triage
|
@mouuii Are you still willing to work on this PR? |
yes @iholder101 |
Are you still willing to work on this PR? |
| @@ -743,8 +743,8 @@ func TestLimitRangerIgnoresSubresource(t *testing.T) { | |||
| t.Errorf("Expected an error since the pod did not specify resource limits in its create call") | |||
| } | |||
| err = handler.Validate(context.TODO(), admission.NewAttributesRecord(&testPod, nil, api.Kind("Pod").WithVersion("version"), limitRange.Namespace, "testPod", api.Resource("pods").WithVersion("version"), "", admission.Update, &metav1.UpdateOptions{}, false, nil), nil) | |||
| if err != nil { | |||
| t.Errorf("Expected not to call limitranger actions on pod updates") | |||
| if err == nil { | |||
There was a problem hiding this comment.
why err == nil but print t.Errorf(
There was a problem hiding this comment.
Test cases are needed to verify whether the code we modified complies with the logic. It is not just for passing the test.
There was a problem hiding this comment.
to allow pod update , previous we do not allow update.
what kind of test cases ? can you show me how to write?
@googs1025
There was a problem hiding this comment.
First, you need to modify the unit test code itself, not just to pass the tests.... Second, since you've made changes, you should incrementally cover the logic of your changes to ensure the code's rationality.
There was a problem hiding this comment.
If you encounter difficulties during the process, perhaps you could consider handing over this pr to someone else.
k8s-ci-robot
added
the
do-not-merge/contains-merge-commits
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: mouuii The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/restest |
mouuii
changed the title
k8s-ci-robot
added
the
do-not-merge/work-in-progress
|
/retest |
mouuii
changed the title
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
/test pull-kubernetes-e2e-gce |
mouuii
force-pushed
the
limit-range-allow-pod-update
branch
from
57857f2 to
9ee7511
Compare
k8s-ci-robot
removed
the
do-not-merge/contains-merge-commits
|
/test pull-kubernetes-e2e-gce |
|
This is ready. PTAL.@iholder101 @tallclair |
According to this comment, we need to add e2e or integration tests to ensure that the changes are reasonable. :) |
mouuii
changed the title
|
/assign |
|
Can we add some e2e tests for this? For eg, we have pod resize e2e tests with ResourceQuota here |
| // to mutate and validate limitrange on pod updates. Trying to mutate containers or initContainers on a pod | ||
| // update request will always fail pod validation because those fields are immutable once the object is created. | ||
| if a.GetKind().GroupKind() == api.Kind("Pod") && a.GetOperation() == admission.Update { | ||
| if a.GetKind().GroupKind() == api.Kind("Pod") && a.GetOperation() == admission.Update && !feature.DefaultFeatureGate.Enabled(features.InPlacePodVerticalScaling) { |
There was a problem hiding this comment.
FYI, This won't work after #128266 as we add resize subresource to do pod resize.
There was a problem hiding this comment.
Do we need this logic after using resize subresource ? @AnishShah
There was a problem hiding this comment.
Yes, we still need the logic. But instead of pod update, we need it during resize subresource. I provisionally added the logic in my PR
There was a problem hiding this comment.
so this pr can close after your pr merged ? and e2e test can be writen in your pr ? @AnishShah
There was a problem hiding this comment.
Yes, I added e2e tests in 1b93d0f
|
This fix has been rolled into #128266 /close |
|
@tallclair: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
What type of PR is this?
/kind feature
What this PR does / why we need it:
The LimitRanger admission plugin does not currently handle pod updates, but needs to be updated to account for InPlacePodVerticalScaling:
Which issue(s) this PR fixes:
Fixes #124855
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: