Sync taints from machine spec to the node in additive fashion #154
Conversation
openshift-ci-robot
added
the
size/S
| @@ -393,8 +393,22 @@ func (c *Controller) processNode(node *corev1.Node) error { | |||
| modNode.Labels[k] = v | |||
| } | |||
|
|
|||
| // Taints are to be an authoritative list on the machine spec per cluster-api comments: | |||
There was a problem hiding this comment.
Nice!
Can you add a PR upstream even if it's to update the field comment and why we think should be additive?
Can you please add a validation for this machine/node taint reconciliation here https://github.com/openshift/machine-api-operator/blob/master/test/e2e/operator_expectations.go?
There was a problem hiding this comment.
sure. how about handling e2e in follow-up PR?
There was a problem hiding this comment.
please let's include it in this one, the point of having it in the same PR is that it prevent us from merging code which does not work as expected rather than having to fix later
|
Change looks good. Link to upstream feature for why it cannot be authoritative. See https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/#taint-nodes-by-condition |
cmd/nodelink-controller/main.go
Outdated
| modNode.Spec.Taints = matchingMachine.Spec.Taints | ||
| // Taints are to be an authoritative list on the machine spec per cluster-api comments. | ||
| // However, we believe many components can directly taint a node and there is no direct source of truth that should enforce a single writer of taints | ||
| for _, mTaint := range matchingMachine.Spec.Taints { |
There was a problem hiding this comment.
It'd be nice to create a function and unit test it
cmd/nodelink-controller/main.go
Outdated
| } | ||
| } | ||
| if !alreadyPresent { | ||
| modNode.Spec.Taints = append(modNode.Spec.Taints, mTaint) |
There was a problem hiding this comment.
we are appending here when nTaint.Key == mTaint.Key && nTaint.Effect != mTaint.Effect, so the final Taints
list will have duplicated keys. What will be the behaviour?
There was a problem hiding this comment.
This is list of taints and for a taint to be unique key and effect as a pair must be unique. PTAL at example here:
https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/#concepts
|
/hold |
openshift-ci-robot
added
the
do-not-merge/hold
vikaschoudhary16
changed the title
openshift-ci-robot
added
the
do-not-merge/work-in-progress
vikaschoudhary16
force-pushed
the
taints-additive
branch
from
1f05d8b
to
3da28b4
Compare
openshift-ci-robot
added
size/L
vikaschoudhary16
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
|
/hold cancel |
1 similar comment
|
/hold cancel |
openshift-ci-robot
removed
the
do-not-merge/hold
|
/retest |
| glog.V(3).Infof("machine taint: %v", mTaint) | ||
| alreadyPresent := false | ||
| for _, nTaint := range node.Spec.Taints { | ||
| if nTaint.Key == mTaint.Key && nTaint.Effect == mTaint.Effect { |
There was a problem hiding this comment.
Why don't we want to take into consideration the .value here?
| } | ||
| machineList := capiv1alpha1.MachineList{} | ||
|
|
||
| if err := tc.client.List(context.TODO(), &listOptions, &machineList); err != nil { |
There was a problem hiding this comment.
this should be wrapped into wait.PollImmediate 186-195
| } | ||
| node := &corev1.Node{} | ||
|
|
||
| if err := tc.client.Get(context.TODO(), nodeKey, node); err != nil { |
There was a problem hiding this comment.
this should be wrapped into wait.PollImmediate
| } | ||
| glog.Info("Updated machine object with taint") | ||
| var expectedTaints = sets.NewString("not-from-machine", "from-machine") | ||
| err := wait.PollImmediate(1*time.Second, waitLong, func() (bool, error) { |
There was a problem hiding this comment.
we could just return inline here
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: enxebre The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
enxebre
added
the
do-not-merge/hold
|
/test e2e-aws-operator |
|
/test e2e-aws-gate |
|
/test all |
enxebre
removed
the
do-not-merge/hold
| for _, taint := range node.Spec.Taints { | ||
| observedTaints.Insert(taint.Key) | ||
| } | ||
| if expectedTaints.Difference(observedTaints).HasAny("not-from-machine", "from-machine") == false { |
There was a problem hiding this comment.
Use !<expression> and not == false.
|
/lgtm |
Update namespace -> openshift-machine-api
/cc @derekwaynecarr @enxebre