Add node-api staging repo w/ RuntimeClass API #67791
Conversation
k8s-ci-robot
added
release-note-none
k8s-ci-robot
added
size/XXL
|
/assign @dchen1107 /hold |
k8s-ci-robot
added
the
do-not-merge/hold
| */ | ||
|
|
||
| // +k8s:deepcopy-gen=package | ||
| // +k8s:openapi-gen=true |
There was a problem hiding this comment.
NOTE TO REVIEWERS:
Should this be here? It looks like it causes an entry in k8s.io/kubernetes/pkg/generated/openapi to be generated, but I think this is supposed to be completely out of tree?
|
Are we converged on the decision for CSI (and this by extension)? |
|
My interpretation of this comment from @liggitt was that we don't have any choice but to use a staging repo:
Even if we use a dynamic client, we still want to be able to use the typed APIs in the Kubelet, so I don't think we can avoid vendoring the node-api from Kubelet? |
| # --output-base because this script should also be able to run inside the vendor dir of | ||
| # k8s.io/kubernetes. The output-base is needed for the generators to output into the vendor dir | ||
| # instead of the $GOPATH directly. For normal projects this can be dropped. | ||
| ${CODEGEN_PKG}/generate-groups.sh "deepcopy,client,informer,lister" \ |
There was a problem hiding this comment.
Shouldn't we be doing this in transit from staging -> own repo?
There was a problem hiding this comment.
I don't know the answer to that, but I think this is the way all our other staging repos currently do it.
| // RuntimeClassSpec is a specification of a RuntimeClass. | ||
| type RuntimeClassSpec struct { | ||
| // RuntimeHandler specifies the underlying runtime the CRI calls to handle pod and/or container | ||
| // creation. The possible values are specific to a given configuration & CRI implementation. |
There was a problem hiding this comment.
Are we speccing the format of this string? e.g. containerd.io/containerd or cri-o.io/cri-o ?
There was a problem hiding this comment.
For now I'm using the same validation as for the ObjectMeta name (DNS 1123 subdomain). We might want to expand that to allow paths later, but it's easier to start with tighter validation. I'll add this to the comment.
I don't think there's any reason to namespace the runtime handler. This field is only ever interpreted by the runtime, and the expectation is that the admin set it up to map to a specific config that the runtime understands. If we prefixed it with containerd.io, it would be up to containerd to then strip out that prefix (and I guess reject any request that didn't have that prefix).
There was a problem hiding this comment.
I am confused. If a node supports multiple runtimes (or even if a cluster does), those runtimes need to self identify, right? Is that this string?
There was a problem hiding this comment.
IIUC, what you're getting at is discovery? I.e. once we have scheduling support for RuntimeClass, how do nodes broadcast the runtimes they support, and how does the the cluster match that to a RuntimeClass.
I think it's an open question of whether nodes would "broadcast" supported RuntimeHandlers, or RuntimeClasses (or whether discovery should be supported at all).
Even if nodes did broadcast supported RuntimeHandlers, I think it's debateable whether 2 different CRI implementations configured with the same RuntimeHandler should be treated separately, or as 2 valid implementations of the same handler.
Given these open questions, I'd prefer to punt on this until we actually have a design for this feature.
There was a problem hiding this comment.
We spoke offline. here's my proposed comments:
RuntimeHandler specifies the underlying runtime and configuration that the CRI implementation will use to handle pods of this class. The possible values are specific to the node configuration & CRI implementation. It is assumed that all handlers are available and equivalent on every node.
If this is not specified, a default will be chosen by the implementation.
| // RuntimeClassSpec is a specification of a RuntimeClass. | ||
| type RuntimeClassSpec struct { | ||
| // RuntimeHandler specifies the underlying runtime the CRI calls to handle pod and/or container | ||
| // creation. The possible values are specific to a given configuration & CRI implementation. |
There was a problem hiding this comment.
We spoke offline. here's my proposed comments:
RuntimeHandler specifies the underlying runtime and configuration that the CRI implementation will use to handle pods of this class. The possible values are specific to the node configuration & CRI implementation. It is assumed that all handlers are available and equivalent on every node.
If this is not specified, a default will be chosen by the implementation.
| // creation. The possible values are specific to a given configuration & CRI implementation. | ||
| // The empty string is equivalent to the default behavior. | ||
| // +optional | ||
| RuntimeHandler string `json:"runtimeHandler,omitempty" protobuf:"bytes,1,opt,name=runtimeHandler"` |
|
API is approved. Ping me when it is otherwise LGTM'ed |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: tallclair, thockin The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/assign @dchen1107 |
Automatic merge from submit-queue (batch tested with PRs 68161, 68023, 67909, 67955, 67731). If you want to cherry-pick this change to another branch, please follow the instructions here: https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md. Dynamic RuntimeClass implementation **What this PR does / why we need it**: Implement RuntimeClass using the dynamic client to break the dependency on #67791 Once (if) #67791 merges, I will migrate to the typed client. **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: For kubernetes/enhancements#585 **Release note**: Covered by #67737 ```release-note NONE ``` /sig node /kind feature /priority important-soon /milestone v1.12
|
Can you also add this repo to |
tallclair
force-pushed
the
runtimeclass-api
branch
from
31e2ba9
to
7adb584
Compare
k8s-ci-robot
added
needs-rebase
|
@nikhita done /hold cancel |
k8s-ci-robot
removed
the
do-not-merge/hold
tallclair
force-pushed
the
runtimeclass-api
branch
from
7adb584
to
3895557
Compare
k8s-ci-robot
removed
the
needs-rebase
tallclair
force-pushed
the
runtimeclass-api
branch
from
3895557
to
8826271
Compare
|
@tallclair Looks like this PR needs another rebase. :/ |
k8s-ci-robot
added
the
needs-rebase
| // +genclient:nonNamespaced | ||
| // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object | ||
|
|
||
| // RuntimeClass defines a class of runtime supported in the cluster. |
There was a problem hiding this comment.
Can we make the comments here clearer? I assume runtime means container runtime, but not everyone will have the context to realize that?
There was a problem hiding this comment.
Can you document the actors that will read and/or write this object?
| Spec RuntimeClassSpec `json:"spec" protobuf:"bytes,2,name=spec"` | ||
| } | ||
|
|
||
| // RuntimeClassSpec is a specification of a RuntimeClass. |
There was a problem hiding this comment.
Can we make this comment more helpful? What sorts of things about RuntimeClasses need to be specified? Why would I want to specify them?
| // RuntimeClassSpec is a specification of a RuntimeClass. | ||
| type RuntimeClassSpec struct { | ||
| // RuntimeHandler specifies the underlying runtime and configuration that the | ||
| // CRI implementation will use to handle pods of this class. The possible |
There was a problem hiding this comment.
Can we spell out CRI at least once? Can we say what the relationship between this object and CRI is?
|
|
||
| // RuntimeClassSpec is a specification of a RuntimeClass. | ||
| type RuntimeClassSpec struct { | ||
| // RuntimeHandler specifies the underlying runtime and configuration that the |
There was a problem hiding this comment.
Can we give an example of what people might put in this string?
| // assumed that all handlers are available on every node, and handlers of the | ||
| // same name are equivalent on every node. | ||
| // If this is not specified, a default will be chosen by the implementation. | ||
| // +optional |
There was a problem hiding this comment.
This is optional, when should I specify it?
Is it OK for a user to provide this string with an empty value ("")?
tallclair
force-pushed
the
runtimeclass-api
branch
from
8826271
to
593f215
Compare
k8s-ci-robot
removed
the
needs-rebase
tallclair
force-pushed
the
runtimeclass-api
branch
from
593f215
to
befd2d0
Compare
tallclair
force-pushed
the
runtimeclass-api
branch
from
befd2d0
to
baa6ca5
Compare
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
/retest |
|
/retest Review the full test history for this PR. Silence the bot with an |
k8s.io/node-apito house thenode.k8s.ioapi group.For kubernetes/enhancements#585
Special notes for your reviewer:
Depends on kubernetes/org#38
This is intended to be an out-of tree CRD, consumed by core-components. There isn't much precedent for this, so please take a close look at the api machinery pieces.
Release note:
Covered by #67737
/sig node
/kind api-change
/priority important-soon
/milestone v1.13