Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Runtimeclass admission #78484

Merged
merged 4 commits into from
Jun 29, 2019
Merged

Runtimeclass admission #78484

merged 4 commits into from
Jun 29, 2019

Conversation

egernst
Copy link
Contributor

@egernst egernst commented May 29, 2019
edited

/kind feature
What this PR does / why we need it:

Which issue(s) this PR fixes:

For kubernetes/enhancements#688

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

(captured by #76968)

Introduce a new admission controller for RuntimeClass. Initially, RuntimeClass will be used to apply the pod overhead associated with a given RuntimeClass to the Pod.Spec if a corresponding RuntimeClassName is specified.

PodOverhead is an alpha feature as of Kubernetes 1.16.

Depends on:
#76968

@k8s-ci-robot k8s-ci-robot added do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. area/apiserver kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/apps Categorizes an issue or PR as relevant to SIG Apps. sig/node Categorizes an issue or PR as relevant to SIG Node. sig/scheduling Categorizes an issue or PR as relevant to SIG Scheduling. kind/feature Categorizes issue or PR as related to a new feature. and removed needs-kind Indicates a PR lacks a `kind/foo` label and requires one. needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels May 29, 2019
@fejta-bot
Copy link

This PR may require API review.

If so, when the changes are ready, complete the pre-review checklist and request an API review.

Status of requested reviews is tracked in the API Review project.

@egernst egernst mentioned this pull request May 30, 2019
Closed
yue9944882
yue9944882 reviewed May 31, 2019
View reviewed changes
Copy link
Member

@yue9944882 yue9944882 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

left some review comments under package plugin/pkg/admission/...

plugin/pkg/admission/runtimeclass/admission.go Outdated Show resolved Hide resolved
plugin/pkg/admission/runtimeclass/admission.go Outdated Show resolved Hide resolved
plugin/pkg/admission/runtimeclass/admission.go Outdated
}

default:
return fmt.Errorf("invalid value for admissionPhase: %s", admissionPhase)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: admissionPhase sounds a bit odd to me. the mutating and validating logic should better be separated i suppose? ping @liggitt for suggestions.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, names are hard. I wanted to deduplicate some of the boiler plate handling that is needed for both mutation and validation phases of the controller. Happy to hear better suggestions for the name.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

optional: Alternatively, just put the boilerplate in a helper:

pod, runtimeClass, err := r.prepareObjects(attributes)

(needs a better name though)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated to add the helper. I named it prepareObjects, but am going to go for a two hour bike ride this evening and think of a more appropriate name.

@fedebongio
Copy link
Contributor

/remove-sig api-machinery

@k8s-ci-robot k8s-ci-robot added needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. and removed sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. labels May 31, 2019
@k8s-ci-robot k8s-ci-robot added sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. and removed needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Jun 7, 2019
@yastij
Copy link
Member

yastij commented Jun 12, 2019

/assign @tallclair @yastij

@egernst
Copy link
Contributor Author

egernst commented Jun 20, 2019

ack. updated. Thanks Tim.

Eric Ernst added 3 commits June 19, 2019 17:20
introduce RuntimeClass admission controller
247dab3 
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
add RuntimeClass admission controller plugin
2d32634 
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
autogenerated code update based in new plugin
e860830 
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
@tallclair
Copy link
Member

Can you add an OWNERS file to the new admission controller. Approver should be me, and you can add yourself as a reviewer :)

@tallclair
Copy link
Member

/lgtm

@k8s-ci-robot k8s-ci-robot added lgtm "Looks good to me", indicates that a PR is ready to be merged. and removed lgtm "Looks good to me", indicates that a PR is ready to be merged. labels Jun 27, 2019
@egernst
Copy link
Contributor Author

egernst commented Jun 27, 2019

added owners file

runtimeclass-admissioN: add owners file
824a9e5 
add initial owners file for RuntimeClass admission controller

Signed-off-by: Eric Ernst <eric.ernst@intel.com>
@tallclair
Copy link
Member

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 27, 2019
yastij
yastij approved these changes Jun 28, 2019
View reviewed changes
Copy link
Member

@yastij yastij left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

tallclair
tallclair reviewed Jun 28, 2019
View reviewed changes
plugin/pkg/admission/runtimeclass/admission.go
}
}

// admissionAction handles Admit and Validate phases of admission, switching based on the admissionPhase parameter
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comment needs fixing

plugin/pkg/admission/runtimeclass/admission.go

// getRuntimeClass will return a reference to the RuntimeClass object if it is found. If it cannot be found, or a RuntimeClassName
// is not provided in the pod spec, *node.RuntimeClass returned will be nil
func (r *RuntimeClass) getRuntimeClass(pod *api.Pod, runtimeClassName *string) (runtimeClass *v1beta1.RuntimeClass, err error) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pod argument is unused

nit: this is only called from prepare objects, so I'd just inline it.

Copy link
Contributor

@tedyu tedyu Jun 29, 2019
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Handled in my PR #79565.

plugin/pkg/admission/runtimeclass/admission.go

func setOverhead(a admission.Attributes, pod *api.Pod, runtimeClass *v1beta1.RuntimeClass) (err error) {

if runtimeClass != nil {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: prefer:

Suggested change
if runtimeClass != nil {
if runtimeClass == nil || runtimeclass.Overhead == nil {
return nil
}
// ...

@tallclair
Copy link
Member

/unassign @thockin
/assign @dchen1107

@k8s-ci-robot k8s-ci-robot assigned dchen1107 and unassigned thockin Jun 28, 2019
@dchen1107
Copy link
Member

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dchen1107, egernst, tallclair

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 28, 2019
@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

1 similar comment
@fejta-bot
Copy link

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

@k8s-ci-robot k8s-ci-robot merged commit e4f1588 into kubernetes:master Jun 29, 2019
tedyu
tedyu reviewed Jun 29, 2019
View reviewed changes
plugin/pkg/admission/runtimeclass/admission.go
return err
}

if utilfeature.DefaultFeatureGate.Enabled(features.PodOverhead) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this should be moved ahead of call to prepareObjects.
If the feature gate is disabled, pod, runtimeClass would not be used.

plugin/pkg/admission/runtimeclass/admission.go

// getRuntimeClass will return a reference to the RuntimeClass object if it is found. If it cannot be found, or a RuntimeClassName
// is not provided in the pod spec, *node.RuntimeClass returned will be nil
func (r *RuntimeClass) getRuntimeClass(pod *api.Pod, runtimeClassName *string) (runtimeClass *v1beta1.RuntimeClass, err error) {
Copy link
Contributor

@tedyu tedyu Jun 29, 2019
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Handled in my PR #79565.

@tedyu tedyu mentioned this pull request Jun 29, 2019
Merged
@liggitt liggitt added this to the v1.16 milestone Aug 6, 2019
@liangxianlong liangxianlong mentioned this pull request Sep 24, 2019
Closed
@tzifudzi tzifudzi mentioned this pull request Nov 29, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tedyu tedyu tedyu left review comments

@yue9944882 yue9944882 yue9944882 left review comments

@tallclair tallclair tallclair left review comments

@yastij yastij yastij approved these changes

@brendandburns brendandburns Awaiting requested review from brendandburns

@cheftako cheftako Awaiting requested review from cheftako

Assignees

@dchen1107 dchen1107

@yastij yastij

@tallclair tallclair

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/apiserver cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/node Categorizes an issue or PR as relevant to SIG Node. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
v1.16
Development

Successfully merging this pull request may close these issues.

None yet