| /* |
| Copyright 2014 The Kubernetes Authors. |
| |
| Licensed under the Apache License, Version 2.0 (the "License"); |
| you may not use this file except in compliance with the License. |
| You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| */ |
| |
| package controller |
| |
| import ( |
| "context" |
| "encoding/binary" |
| "encoding/json" |
| "fmt" |
| "hash/fnv" |
| "math" |
| "sync" |
| "sync/atomic" |
| "time" |
| |
| apps "k8s.io/api/apps/v1" |
| v1 "k8s.io/api/core/v1" |
| apierrors "k8s.io/apimachinery/pkg/api/errors" |
| "k8s.io/apimachinery/pkg/api/meta" |
| metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" |
| "k8s.io/apimachinery/pkg/labels" |
| "k8s.io/apimachinery/pkg/runtime" |
| "k8s.io/apimachinery/pkg/types" |
| "k8s.io/apimachinery/pkg/util/rand" |
| "k8s.io/apimachinery/pkg/util/sets" |
| "k8s.io/apimachinery/pkg/util/strategicpatch" |
| "k8s.io/apimachinery/pkg/util/wait" |
| utilfeature "k8s.io/apiserver/pkg/util/feature" |
| clientset "k8s.io/client-go/kubernetes" |
| "k8s.io/client-go/tools/cache" |
| "k8s.io/client-go/tools/record" |
| clientretry "k8s.io/client-go/util/retry" |
| podutil "k8s.io/kubernetes/pkg/api/v1/pod" |
| "k8s.io/kubernetes/pkg/apis/core/helper" |
| _ "k8s.io/kubernetes/pkg/apis/core/install" |
| "k8s.io/kubernetes/pkg/apis/core/validation" |
| "k8s.io/kubernetes/pkg/features" |
| hashutil "k8s.io/kubernetes/pkg/util/hash" |
| taintutils "k8s.io/kubernetes/pkg/util/taints" |
| "k8s.io/utils/clock" |
| |
| "k8s.io/klog/v2" |
| ) |
| |
| const ( |
| // If a watch drops a delete event for a pod, it'll take this long |
| // before a dormant controller waiting for those packets is woken up anyway. It is |
| // specifically targeted at the case where some problem prevents an update |
| // of expectations, without it the controller could stay asleep forever. This should |
| // be set based on the expected latency of watch events. |
| // |
| // Currently a controller can service (create *and* observe the watch events for said |
| // creation) about 10 pods a second, so it takes about 1 min to service |
| // 500 pods. Just creation is limited to 20qps, and watching happens with ~10-30s |
| // latency/pod at the scale of 3000 pods over 100 nodes. |
| ExpectationsTimeout = 5 * time.Minute |
| // When batching pod creates, SlowStartInitialBatchSize is the size of the |
| // initial batch. The size of each successive batch is twice the size of |
| // the previous batch. For example, for a value of 1, batch sizes would be |
| // 1, 2, 4, 8, ... and for a value of 10, batch sizes would be |
| // 10, 20, 40, 80, ... Setting the value higher means that quota denials |
| // will result in more doomed API calls and associated event spam. Setting |
| // the value lower will result in more API call round trip periods for |
| // large batches. |
| // |
| // Given a number of pods to start "N": |
| // The number of doomed calls per sync once quota is exceeded is given by: |
| // min(N,SlowStartInitialBatchSize) |
| // The number of batches is given by: |
| // 1+floor(log_2(ceil(N/SlowStartInitialBatchSize))) |
| SlowStartInitialBatchSize = 1 |
| ) |
| |
| var UpdateTaintBackoff = wait.Backoff{ |
| Steps: 5, |
| Duration: 100 * time.Millisecond, |
| Jitter: 1.0, |
| } |
| |
| var UpdateLabelBackoff = wait.Backoff{ |
| Steps: 5, |
| Duration: 100 * time.Millisecond, |
| Jitter: 1.0, |
| } |
| |
| var ( |
| KeyFunc = cache.DeletionHandlingMetaNamespaceKeyFunc |
| podPhaseToOrdinal = map[v1.PodPhase]int{v1.PodPending: 0, v1.PodUnknown: 1, v1.PodRunning: 2} |
| ) |
| |
| type ResyncPeriodFunc func() time.Duration |
| |
| // Returns 0 for resyncPeriod in case resyncing is not needed. |
| func NoResyncPeriodFunc() time.Duration { |
| return 0 |
| } |
| |
| // StaticResyncPeriodFunc returns the resync period specified |
| func StaticResyncPeriodFunc(resyncPeriod time.Duration) ResyncPeriodFunc { |
| return func() time.Duration { |
| return resyncPeriod |
| } |
| } |
| |
| // Expectations are a way for controllers to tell the controller manager what they expect. eg: |
| // ControllerExpectations: { |
| // controller1: expects 2 adds in 2 minutes |
| // controller2: expects 2 dels in 2 minutes |
| // controller3: expects -1 adds in 2 minutes => controller3's expectations have already been met |
| // } |
| // |
| // Implementation: |
| // ControlleeExpectation = pair of atomic counters to track controllee's creation/deletion |
| // ControllerExpectationsStore = TTLStore + a ControlleeExpectation per controller |
| // |
| // * Once set expectations can only be lowered |
| // * A controller isn't synced till its expectations are either fulfilled, or expire |
| // * Controllers that don't set expectations will get woken up for every matching controllee |
| |
| // ExpKeyFunc to parse out the key from a ControlleeExpectation |
| var ExpKeyFunc = func(obj interface{}) (string, error) { |
| if e, ok := obj.(*ControlleeExpectations); ok { |
| return e.key, nil |
| } |
| return "", fmt.Errorf("could not find key for obj %#v", obj) |
| } |
| |
| // ControllerExpectationsInterface is an interface that allows users to set and wait on expectations. |
| // Only abstracted out for testing. |
| // Warning: if using KeyFunc it is not safe to use a single ControllerExpectationsInterface with different |
| // types of controllers, because the keys might conflict across types. |
| type ControllerExpectationsInterface interface { |
| GetExpectations(controllerKey string) (*ControlleeExpectations, bool, error) |
| SatisfiedExpectations(logger klog.Logger, controllerKey string) bool |
| DeleteExpectations(logger klog.Logger, controllerKey string) |
| SetExpectations(logger klog.Logger, controllerKey string, add, del int) error |
| ExpectCreations(logger klog.Logger, controllerKey string, adds int) error |
| ExpectDeletions(logger klog.Logger, controllerKey string, dels int) error |
| CreationObserved(logger klog.Logger, controllerKey string) |
| DeletionObserved(logger klog.Logger, controllerKey string) |
| RaiseExpectations(logger klog.Logger, controllerKey string, add, del int) |
| LowerExpectations(logger klog.Logger, controllerKey string, add, del int) |
| } |
| |
| // ControllerExpectations is a cache mapping controllers to what they expect to see before being woken up for a sync. |
| type ControllerExpectations struct { |
| cache.Store |
| } |
| |
| // GetExpectations returns the ControlleeExpectations of the given controller. |
| func (r *ControllerExpectations) GetExpectations(controllerKey string) (*ControlleeExpectations, bool, error) { |
| exp, exists, err := r.GetByKey(controllerKey) |
| if err == nil && exists { |
| return exp.(*ControlleeExpectations), true, nil |
| } |
| return nil, false, err |
| } |
| |
| // DeleteExpectations deletes the expectations of the given controller from the TTLStore. |
| func (r *ControllerExpectations) DeleteExpectations(logger klog.Logger, controllerKey string) { |
| if exp, exists, err := r.GetByKey(controllerKey); err == nil && exists { |
| if err := r.Delete(exp); err != nil { |
| |
| logger.V(2).Info("Error deleting expectations", "controller", controllerKey, "err", err) |
| } |
| } |
| } |
| |
| // SatisfiedExpectations returns true if the required adds/dels for the given controller have been observed. |
| // Add/del counts are established by the controller at sync time, and updated as controllees are observed by the controller |
| // manager. |
| func (r *ControllerExpectations) SatisfiedExpectations(logger klog.Logger, controllerKey string) bool { |
| if exp, exists, err := r.GetExpectations(controllerKey); exists { |
| if exp.Fulfilled() { |
| logger.V(4).Info("Controller expectations fulfilled", "expectations", exp) |
| return true |
| } else if exp.isExpired() { |
| logger.V(4).Info("Controller expectations expired", "expectations", exp) |
| return true |
| } else { |
| logger.V(4).Info("Controller still waiting on expectations", "expectations", exp) |
| return false |
| } |
| } else if err != nil { |
| logger.V(2).Info("Error encountered while checking expectations, forcing sync", "err", err) |
| } else { |
| // When a new controller is created, it doesn't have expectations. |
| // When it doesn't see expected watch events for > TTL, the expectations expire. |
| // - In this case it wakes up, creates/deletes controllees, and sets expectations again. |
| // When it has satisfied expectations and no controllees need to be created/destroyed > TTL, the expectations expire. |
| // - In this case it continues without setting expectations till it needs to create/delete controllees. |
| logger.V(4).Info("Controller either never recorded expectations, or the ttl expired", "controller", controllerKey) |
| } |
| // Trigger a sync if we either encountered and error (which shouldn't happen since we're |
| // getting from local store) or this controller hasn't established expectations. |
| return true |
| } |
| |
| // TODO: Extend ExpirationCache to support explicit expiration. |
| // TODO: Make this possible to disable in tests. |
| // TODO: Support injection of clock. |
| func (exp *ControlleeExpectations) isExpired() bool { |
| return clock.RealClock{}.Since(exp.timestamp) > ExpectationsTimeout |
| } |
| |
| // SetExpectations registers new expectations for the given controller. Forgets existing expectations. |
| func (r *ControllerExpectations) SetExpectations(logger klog.Logger, controllerKey string, add, del int) error { |
| exp := &ControlleeExpectations{add: int64(add), del: int64(del), key: controllerKey, timestamp: clock.RealClock{}.Now()} |
| logger.V(4).Info("Setting expectations", "expectations", exp) |
| return r.Add(exp) |
| } |
| |
| func (r *ControllerExpectations) ExpectCreations(logger klog.Logger, controllerKey string, adds int) error { |
| return r.SetExpectations(logger, controllerKey, adds, 0) |
| } |
| |
| func (r *ControllerExpectations) ExpectDeletions(logger klog.Logger, controllerKey string, dels int) error { |
| return r.SetExpectations(logger, controllerKey, 0, dels) |
| } |
| |
| // Decrements the expectation counts of the given controller. |
| func (r *ControllerExpectations) LowerExpectations(logger klog.Logger, controllerKey string, add, del int) { |
| if exp, exists, err := r.GetExpectations(controllerKey); err == nil && exists { |
| exp.Add(int64(-add), int64(-del)) |
| // The expectations might've been modified since the update on the previous line. |
| logger.V(4).Info("Lowered expectations", "expectations", exp) |
| } |
| } |
| |
| // Increments the expectation counts of the given controller. |
| func (r *ControllerExpectations) RaiseExpectations(logger klog.Logger, controllerKey string, add, del int) { |
| if exp, exists, err := r.GetExpectations(controllerKey); err == nil && exists { |
| exp.Add(int64(add), int64(del)) |
| // The expectations might've been modified since the update on the previous line. |
| logger.V(4).Info("Raised expectations", "expectations", exp) |
| } |
| } |
| |
| // CreationObserved atomically decrements the `add` expectation count of the given controller. |
| func (r *ControllerExpectations) CreationObserved(logger klog.Logger, controllerKey string) { |
| r.LowerExpectations(logger, controllerKey, 1, 0) |
| } |
| |
| // DeletionObserved atomically decrements the `del` expectation count of the given controller. |
| func (r *ControllerExpectations) DeletionObserved(logger klog.Logger, controllerKey string) { |
| r.LowerExpectations(logger, controllerKey, 0, 1) |
| } |
| |
| // ControlleeExpectations track controllee creates/deletes. |
| type ControlleeExpectations struct { |
| // Important: Since these two int64 fields are using sync/atomic, they have to be at the top of the struct due to a bug on 32-bit platforms |
| // See: https://golang.org/pkg/sync/atomic/ for more information |
| add int64 |
| del int64 |
| key string |
| timestamp time.Time |
| } |
| |
| // Add increments the add and del counters. |
| func (e *ControlleeExpectations) Add(add, del int64) { |
| atomic.AddInt64(&e.add, add) |
| atomic.AddInt64(&e.del, del) |
| } |
| |
| // Fulfilled returns true if this expectation has been fulfilled. |
| func (e *ControlleeExpectations) Fulfilled() bool { |
| // TODO: think about why this line being atomic doesn't matter |
| return atomic.LoadInt64(&e.add) <= 0 && atomic.LoadInt64(&e.del) <= 0 |
| } |
| |
| // GetExpectations returns the add and del expectations of the controllee. |
| func (e *ControlleeExpectations) GetExpectations() (int64, int64) { |
| return atomic.LoadInt64(&e.add), atomic.LoadInt64(&e.del) |
| } |
| |
| // MarshalLog makes a thread-safe copy of the values of the expectations that |
| // can be used for logging. |
| func (e *ControlleeExpectations) MarshalLog() interface{} { |
| return struct { |
| add int64 |
| del int64 |
| key string |
| }{ |
| add: atomic.LoadInt64(&e.add), |
| del: atomic.LoadInt64(&e.del), |
| key: e.key, |
| } |
| } |
| |
| // NewControllerExpectations returns a store for ControllerExpectations. |
| func NewControllerExpectations() *ControllerExpectations { |
| return &ControllerExpectations{cache.NewStore(ExpKeyFunc)} |
| } |
| |
| // UIDSetKeyFunc to parse out the key from a UIDSet. |
| var UIDSetKeyFunc = func(obj interface{}) (string, error) { |
| if u, ok := obj.(*UIDSet); ok { |
| return u.key, nil |
| } |
| return "", fmt.Errorf("could not find key for obj %#v", obj) |
| } |
| |
| // UIDSet holds a key and a set of UIDs. Used by the |
| // UIDTrackingControllerExpectations to remember which UID it has seen/still |
| // waiting for. |
| type UIDSet struct { |
| sets.String |
| key string |
| } |
| |
| // UIDTrackingControllerExpectations tracks the UID of the pods it deletes. |
| // This cache is needed over plain old expectations to safely handle graceful |
| // deletion. The desired behavior is to treat an update that sets the |
| // DeletionTimestamp on an object as a delete. To do so consistently, one needs |
| // to remember the expected deletes so they aren't double counted. |
| // TODO: Track creates as well (#22599) |
| type UIDTrackingControllerExpectations struct { |
| ControllerExpectationsInterface |
| // TODO: There is a much nicer way to do this that involves a single store, |
| // a lock per entry, and a ControlleeExpectationsInterface type. |
| uidStoreLock sync.Mutex |
| // Store used for the UIDs associated with any expectation tracked via the |
| // ControllerExpectationsInterface. |
| uidStore cache.Store |
| } |
| |
| // GetUIDs is a convenience method to avoid exposing the set of expected uids. |
| // The returned set is not thread safe, all modifications must be made holding |
| // the uidStoreLock. |
| func (u *UIDTrackingControllerExpectations) GetUIDs(controllerKey string) sets.String { |
| if uid, exists, err := u.uidStore.GetByKey(controllerKey); err == nil && exists { |
| return uid.(*UIDSet).String |
| } |
| return nil |
| } |
| |
| // ExpectDeletions records expectations for the given deleteKeys, against the given controller. |
| func (u *UIDTrackingControllerExpectations) ExpectDeletions(logger klog.Logger, rcKey string, deletedKeys []string) error { |
| expectedUIDs := sets.NewString() |
| for _, k := range deletedKeys { |
| expectedUIDs.Insert(k) |
| } |
| logger.V(4).Info("Controller waiting on deletions", "controller", rcKey, "keys", deletedKeys) |
| u.uidStoreLock.Lock() |
| defer u.uidStoreLock.Unlock() |
| |
| if existing := u.GetUIDs(rcKey); existing != nil && existing.Len() != 0 { |
| logger.Error(nil, "Clobbering existing delete keys", "keys", existing) |
| } |
| if err := u.uidStore.Add(&UIDSet{expectedUIDs, rcKey}); err != nil { |
| return err |
| } |
| return u.ControllerExpectationsInterface.ExpectDeletions(logger, rcKey, expectedUIDs.Len()) |
| } |
| |
| // DeletionObserved records the given deleteKey as a deletion, for the given rc. |
| func (u *UIDTrackingControllerExpectations) DeletionObserved(logger klog.Logger, rcKey, deleteKey string) { |
| u.uidStoreLock.Lock() |
| defer u.uidStoreLock.Unlock() |
| |
| uids := u.GetUIDs(rcKey) |
| if uids != nil && uids.Has(deleteKey) { |
| logger.V(4).Info("Controller received delete for pod", "controller", rcKey, "key", deleteKey) |
| u.ControllerExpectationsInterface.DeletionObserved(logger, rcKey) |
| uids.Delete(deleteKey) |
| } |
| } |
| |
| // DeleteExpectations deletes the UID set and invokes DeleteExpectations on the |
| // underlying ControllerExpectationsInterface. |
| func (u *UIDTrackingControllerExpectations) DeleteExpectations(logger klog.Logger, rcKey string) { |
| u.uidStoreLock.Lock() |
| defer u.uidStoreLock.Unlock() |
| |
| u.ControllerExpectationsInterface.DeleteExpectations(logger, rcKey) |
| if uidExp, exists, err := u.uidStore.GetByKey(rcKey); err == nil && exists { |
| if err := u.uidStore.Delete(uidExp); err != nil { |
| logger.V(2).Info("Error deleting uid expectations", "controller", rcKey, "err", err) |
| } |
| } |
| } |
| |
| // NewUIDTrackingControllerExpectations returns a wrapper around |
| // ControllerExpectations that is aware of deleteKeys. |
| func NewUIDTrackingControllerExpectations(ce ControllerExpectationsInterface) *UIDTrackingControllerExpectations { |
| return &UIDTrackingControllerExpectations{ControllerExpectationsInterface: ce, uidStore: cache.NewStore(UIDSetKeyFunc)} |
| } |
| |
| // Reasons for pod events |
| const ( |
| // FailedCreatePodReason is added in an event and in a replica set condition |
| // when a pod for a replica set is failed to be created. |
| FailedCreatePodReason = "FailedCreate" |
| // SuccessfulCreatePodReason is added in an event when a pod for a replica set |
| // is successfully created. |
| SuccessfulCreatePodReason = "SuccessfulCreate" |
| // FailedDeletePodReason is added in an event and in a replica set condition |
| // when a pod for a replica set is failed to be deleted. |
| FailedDeletePodReason = "FailedDelete" |
| // SuccessfulDeletePodReason is added in an event when a pod for a replica set |
| // is successfully deleted. |
| SuccessfulDeletePodReason = "SuccessfulDelete" |
| ) |
| |
| // RSControlInterface is an interface that knows how to add or delete |
| // ReplicaSets, as well as increment or decrement them. It is used |
| // by the deployment controller to ease testing of actions that it takes. |
| type RSControlInterface interface { |
| PatchReplicaSet(ctx context.Context, namespace, name string, data []byte) error |
| } |
| |
| // RealRSControl is the default implementation of RSControllerInterface. |
| type RealRSControl struct { |
| KubeClient clientset.Interface |
| Recorder record.EventRecorder |
| } |
| |
| var _ RSControlInterface = &RealRSControl{} |
| |
| func (r RealRSControl) PatchReplicaSet(ctx context.Context, namespace, name string, data []byte) error { |
| _, err := r.KubeClient.AppsV1().ReplicaSets(namespace).Patch(ctx, name, types.StrategicMergePatchType, data, metav1.PatchOptions{}) |
| return err |
| } |
| |
| // TODO: merge the controller revision interface in controller_history.go with this one |
| // ControllerRevisionControlInterface is an interface that knows how to patch |
| // ControllerRevisions, as well as increment or decrement them. It is used |
| // by the daemonset controller to ease testing of actions that it takes. |
| type ControllerRevisionControlInterface interface { |
| PatchControllerRevision(ctx context.Context, namespace, name string, data []byte) error |
| } |
| |
| // RealControllerRevisionControl is the default implementation of ControllerRevisionControlInterface. |
| type RealControllerRevisionControl struct { |
| KubeClient clientset.Interface |
| } |
| |
| var _ ControllerRevisionControlInterface = &RealControllerRevisionControl{} |
| |
| func (r RealControllerRevisionControl) PatchControllerRevision(ctx context.Context, namespace, name string, data []byte) error { |
| _, err := r.KubeClient.AppsV1().ControllerRevisions(namespace).Patch(ctx, name, types.StrategicMergePatchType, data, metav1.PatchOptions{}) |
| return err |
| } |
| |
| // PodControlInterface is an interface that knows how to add or delete pods |
| // created as an interface to allow testing. |
| type PodControlInterface interface { |
| // CreatePods creates new pods according to the spec, and sets object as the pod's controller. |
| CreatePods(ctx context.Context, namespace string, template *v1.PodTemplateSpec, object runtime.Object, controllerRef *metav1.OwnerReference) error |
| // CreatePodsWithGenerateName creates new pods according to the spec, sets object as the pod's controller and sets pod's generateName. |
| CreatePodsWithGenerateName(ctx context.Context, namespace string, template *v1.PodTemplateSpec, object runtime.Object, controllerRef *metav1.OwnerReference, generateName string) error |
| // DeletePod deletes the pod identified by podID. |
| DeletePod(ctx context.Context, namespace string, podID string, object runtime.Object) error |
| // PatchPod patches the pod. |
| PatchPod(ctx context.Context, namespace, name string, data []byte) error |
| } |
| |
| // RealPodControl is the default implementation of PodControlInterface. |
| type RealPodControl struct { |
| KubeClient clientset.Interface |
| Recorder record.EventRecorder |
| } |
| |
| var _ PodControlInterface = &RealPodControl{} |
| |
| func getPodsLabelSet(template *v1.PodTemplateSpec) labels.Set { |
| desiredLabels := make(labels.Set) |
| for k, v := range template.Labels { |
| desiredLabels[k] = v |
| } |
| return desiredLabels |
| } |
| |
| func getPodsFinalizers(template *v1.PodTemplateSpec) []string { |
| desiredFinalizers := make([]string, len(template.Finalizers)) |
| copy(desiredFinalizers, template.Finalizers) |
| return desiredFinalizers |
| } |
| |
| func getPodsAnnotationSet(template *v1.PodTemplateSpec) labels.Set { |
| desiredAnnotations := make(labels.Set) |
| for k, v := range template.Annotations { |
| desiredAnnotations[k] = v |
| } |
| return desiredAnnotations |
| } |
| |
| func getPodsPrefix(controllerName string) string { |
| // use the dash (if the name isn't too long) to make the pod name a bit prettier |
| prefix := fmt.Sprintf("%s-", controllerName) |
| if len(validation.ValidatePodName(prefix, true)) != 0 { |
| prefix = controllerName |
| } |
| return prefix |
| } |
| |
| func validateControllerRef(controllerRef *metav1.OwnerReference) error { |
| if controllerRef == nil { |
| return fmt.Errorf("controllerRef is nil") |
| } |
| if len(controllerRef.APIVersion) == 0 { |
| return fmt.Errorf("controllerRef has empty APIVersion") |
| } |
| if len(controllerRef.Kind) == 0 { |
| return fmt.Errorf("controllerRef has empty Kind") |
| } |
| if controllerRef.Controller == nil || !*controllerRef.Controller { |
| return fmt.Errorf("controllerRef.Controller is not set to true") |
| } |
| if controllerRef.BlockOwnerDeletion == nil || !*controllerRef.BlockOwnerDeletion { |
| return fmt.Errorf("controllerRef.BlockOwnerDeletion is not set") |
| } |
| return nil |
| } |
| |
| func (r RealPodControl) CreatePods(ctx context.Context, namespace string, template *v1.PodTemplateSpec, controllerObject runtime.Object, controllerRef *metav1.OwnerReference) error { |
| return r.CreatePodsWithGenerateName(ctx, namespace, template, controllerObject, controllerRef, "") |
| } |
| |
| func (r RealPodControl) CreatePodsWithGenerateName(ctx context.Context, namespace string, template *v1.PodTemplateSpec, controllerObject runtime.Object, controllerRef *metav1.OwnerReference, generateName string) error { |
| if err := validateControllerRef(controllerRef); err != nil { |
| return err |
| } |
| pod, err := GetPodFromTemplate(template, controllerObject, controllerRef) |
| if err != nil { |
| return err |
| } |
| if len(generateName) > 0 { |
| pod.ObjectMeta.GenerateName = generateName |
| } |
| return r.createPods(ctx, namespace, pod, controllerObject) |
| } |
| |
| func (r RealPodControl) PatchPod(ctx context.Context, namespace, name string, data []byte) error { |
| _, err := r.KubeClient.CoreV1().Pods(namespace).Patch(ctx, name, types.StrategicMergePatchType, data, metav1.PatchOptions{}) |
| return err |
| } |
| |
| func GetPodFromTemplate(template *v1.PodTemplateSpec, parentObject runtime.Object, controllerRef *metav1.OwnerReference) (*v1.Pod, error) { |
| desiredLabels := getPodsLabelSet(template) |
| desiredFinalizers := getPodsFinalizers(template) |
| desiredAnnotations := getPodsAnnotationSet(template) |
| accessor, err := meta.Accessor(parentObject) |
| if err != nil { |
| return nil, fmt.Errorf("parentObject does not have ObjectMeta, %v", err) |
| } |
| prefix := getPodsPrefix(accessor.GetName()) |
| |
| pod := &v1.Pod{ |
| ObjectMeta: metav1.ObjectMeta{ |
| Labels: desiredLabels, |
| Annotations: desiredAnnotations, |
| GenerateName: prefix, |
| Finalizers: desiredFinalizers, |
| }, |
| } |
| if controllerRef != nil { |
| pod.OwnerReferences = append(pod.OwnerReferences, *controllerRef) |
| } |
| pod.Spec = *template.Spec.DeepCopy() |
| return pod, nil |
| } |
| |
| func (r RealPodControl) createPods(ctx context.Context, namespace string, pod *v1.Pod, object runtime.Object) error { |
| if len(labels.Set(pod.Labels)) == 0 { |
| return fmt.Errorf("unable to create pods, no labels") |
| } |
| newPod, err := r.KubeClient.CoreV1().Pods(namespace).Create(ctx, pod, metav1.CreateOptions{}) |
| if err != nil { |
| // only send an event if the namespace isn't terminating |
| if !apierrors.HasStatusCause(err, v1.NamespaceTerminatingCause) { |
| r.Recorder.Eventf(object, v1.EventTypeWarning, FailedCreatePodReason, "Error creating: %v", err) |
| } |
| return err |
| } |
| logger := klog.FromContext(ctx) |
| accessor, err := meta.Accessor(object) |
| if err != nil { |
| logger.Error(err, "parentObject does not have ObjectMeta") |
| return nil |
| } |
| logger.V(4).Info("Controller created pod", "controller", accessor.GetName(), "pod", klog.KObj(newPod)) |
| r.Recorder.Eventf(object, v1.EventTypeNormal, SuccessfulCreatePodReason, "Created pod: %v", newPod.Name) |
| |
| return nil |
| } |
| |
| func (r RealPodControl) DeletePod(ctx context.Context, namespace string, podID string, object runtime.Object) error { |
| accessor, err := meta.Accessor(object) |
| if err != nil { |
| return fmt.Errorf("object does not have ObjectMeta, %v", err) |
| } |
| logger := klog.FromContext(ctx) |
| logger.V(2).Info("Deleting pod", "controller", accessor.GetName(), "pod", klog.KRef(namespace, podID)) |
| if err := r.KubeClient.CoreV1().Pods(namespace).Delete(ctx, podID, metav1.DeleteOptions{}); err != nil { |
| if apierrors.IsNotFound(err) { |
| logger.V(4).Info("Pod has already been deleted.", "pod", klog.KRef(namespace, podID)) |
| return err |
| } |
| r.Recorder.Eventf(object, v1.EventTypeWarning, FailedDeletePodReason, "Error deleting: %v", err) |
| return fmt.Errorf("unable to delete pods: %v", err) |
| } |
| r.Recorder.Eventf(object, v1.EventTypeNormal, SuccessfulDeletePodReason, "Deleted pod: %v", podID) |
| |
| return nil |
| } |
| |
| type FakePodControl struct { |
| sync.Mutex |
| Templates []v1.PodTemplateSpec |
| ControllerRefs []metav1.OwnerReference |
| DeletePodName []string |
| Patches [][]byte |
| Err error |
| CreateLimit int |
| CreateCallCount int |
| } |
| |
| var _ PodControlInterface = &FakePodControl{} |
| |
| func (f *FakePodControl) PatchPod(ctx context.Context, namespace, name string, data []byte) error { |
| f.Lock() |
| defer f.Unlock() |
| f.Patches = append(f.Patches, data) |
| if f.Err != nil { |
| return f.Err |
| } |
| return nil |
| } |
| |
| func (f *FakePodControl) CreatePods(ctx context.Context, namespace string, spec *v1.PodTemplateSpec, object runtime.Object, controllerRef *metav1.OwnerReference) error { |
| return f.CreatePodsWithGenerateName(ctx, namespace, spec, object, controllerRef, "") |
| } |
| |
| func (f *FakePodControl) CreatePodsWithGenerateName(ctx context.Context, namespace string, spec *v1.PodTemplateSpec, object runtime.Object, controllerRef *metav1.OwnerReference, generateNamePrefix string) error { |
| f.Lock() |
| defer f.Unlock() |
| f.CreateCallCount++ |
| if f.CreateLimit != 0 && f.CreateCallCount > f.CreateLimit { |
| return fmt.Errorf("not creating pod, limit %d already reached (create call %d)", f.CreateLimit, f.CreateCallCount) |
| } |
| spec.GenerateName = generateNamePrefix |
| f.Templates = append(f.Templates, *spec) |
| f.ControllerRefs = append(f.ControllerRefs, *controllerRef) |
| if f.Err != nil { |
| return f.Err |
| } |
| return nil |
| } |
| |
| func (f *FakePodControl) DeletePod(ctx context.Context, namespace string, podID string, object runtime.Object) error { |
| f.Lock() |
| defer f.Unlock() |
| f.DeletePodName = append(f.DeletePodName, podID) |
| if f.Err != nil { |
| return f.Err |
| } |
| return nil |
| } |
| |
| func (f *FakePodControl) Clear() { |
| f.Lock() |
| defer f.Unlock() |
| f.DeletePodName = []string{} |
| f.Templates = []v1.PodTemplateSpec{} |
| f.ControllerRefs = []metav1.OwnerReference{} |
| f.Patches = [][]byte{} |
| f.CreateLimit = 0 |
| f.CreateCallCount = 0 |
| } |
| |
| // ByLogging allows custom sorting of pods so the best one can be picked for getting its logs. |
| type ByLogging []*v1.Pod |
| |
| func (s ByLogging) Len() int { return len(s) } |
| func (s ByLogging) Swap(i, j int) { s[i], s[j] = s[j], s[i] } |
| |
| func (s ByLogging) Less(i, j int) bool { |
| // 1. assigned < unassigned |
| if s[i].Spec.NodeName != s[j].Spec.NodeName && (len(s[i].Spec.NodeName) == 0 || len(s[j].Spec.NodeName) == 0) { |
| return len(s[i].Spec.NodeName) > 0 |
| } |
| // 2. PodRunning < PodUnknown < PodPending |
| if s[i].Status.Phase != s[j].Status.Phase { |
| return podPhaseToOrdinal[s[i].Status.Phase] > podPhaseToOrdinal[s[j].Status.Phase] |
| } |
| // 3. ready < not ready |
| if podutil.IsPodReady(s[i]) != podutil.IsPodReady(s[j]) { |
| return podutil.IsPodReady(s[i]) |
| } |
| // TODO: take availability into account when we push minReadySeconds information from deployment into pods, |
| // see https://github.com/kubernetes/kubernetes/issues/22065 |
| // 4. Been ready for more time < less time < empty time |
| if podutil.IsPodReady(s[i]) && podutil.IsPodReady(s[j]) { |
| readyTime1 := podReadyTime(s[i]) |
| readyTime2 := podReadyTime(s[j]) |
| if !readyTime1.Equal(readyTime2) { |
| return afterOrZero(readyTime2, readyTime1) |
| } |
| } |
| // 5. Pods with containers with higher restart counts < lower restart counts |
| if maxContainerRestarts(s[i]) != maxContainerRestarts(s[j]) { |
| return maxContainerRestarts(s[i]) > maxContainerRestarts(s[j]) |
| } |
| // 6. older pods < newer pods < empty timestamp pods |
| if !s[i].CreationTimestamp.Equal(&s[j].CreationTimestamp) { |
| return afterOrZero(&s[j].CreationTimestamp, &s[i].CreationTimestamp) |
| } |
| return false |
| } |
| |
| // ActivePods type allows custom sorting of pods so a controller can pick the best ones to delete. |
| type ActivePods []*v1.Pod |
| |
| func (s ActivePods) Len() int { return len(s) } |
| func (s ActivePods) Swap(i, j int) { s[i], s[j] = s[j], s[i] } |
| |
| func (s ActivePods) Less(i, j int) bool { |
| // 1. Unassigned < assigned |
| // If only one of the pods is unassigned, the unassigned one is smaller |
| if s[i].Spec.NodeName != s[j].Spec.NodeName && (len(s[i].Spec.NodeName) == 0 || len(s[j].Spec.NodeName) == 0) { |
| return len(s[i].Spec.NodeName) == 0 |
| } |
| // 2. PodPending < PodUnknown < PodRunning |
| if podPhaseToOrdinal[s[i].Status.Phase] != podPhaseToOrdinal[s[j].Status.Phase] { |
| return podPhaseToOrdinal[s[i].Status.Phase] < podPhaseToOrdinal[s[j].Status.Phase] |
| } |
| // 3. Not ready < ready |
| // If only one of the pods is not ready, the not ready one is smaller |
| if podutil.IsPodReady(s[i]) != podutil.IsPodReady(s[j]) { |
| return !podutil.IsPodReady(s[i]) |
| } |
| // TODO: take availability into account when we push minReadySeconds information from deployment into pods, |
| // see https://github.com/kubernetes/kubernetes/issues/22065 |
| // 4. Been ready for empty time < less time < more time |
| // If both pods are ready, the latest ready one is smaller |
| if podutil.IsPodReady(s[i]) && podutil.IsPodReady(s[j]) { |
| readyTime1 := podReadyTime(s[i]) |
| readyTime2 := podReadyTime(s[j]) |
| if !readyTime1.Equal(readyTime2) { |
| return afterOrZero(readyTime1, readyTime2) |
| } |
| } |
| // 5. Pods with containers with higher restart counts < lower restart counts |
| if maxContainerRestarts(s[i]) != maxContainerRestarts(s[j]) { |
| return maxContainerRestarts(s[i]) > maxContainerRestarts(s[j]) |
| } |
| // 6. Empty creation time pods < newer pods < older pods |
| if !s[i].CreationTimestamp.Equal(&s[j].CreationTimestamp) { |
| return afterOrZero(&s[i].CreationTimestamp, &s[j].CreationTimestamp) |
| } |
| return false |
| } |
| |
| // ActivePodsWithRanks is a sortable list of pods and a list of corresponding |
| // ranks which will be considered during sorting. The two lists must have equal |
| // length. After sorting, the pods will be ordered as follows, applying each |
| // rule in turn until one matches: |
| // |
| // 1. If only one of the pods is assigned to a node, the pod that is not |
| // assigned comes before the pod that is. |
| // 2. If the pods' phases differ, a pending pod comes before a pod whose phase |
| // is unknown, and a pod whose phase is unknown comes before a running pod. |
| // 3. If exactly one of the pods is ready, the pod that is not ready comes |
| // before the ready pod. |
| // 4. If controller.kubernetes.io/pod-deletion-cost annotation is set, then |
| // the pod with the lower value will come first. |
| // 5. If the pods' ranks differ, the pod with greater rank comes before the pod |
| // with lower rank. |
| // 6. If both pods are ready but have not been ready for the same amount of |
| // time, the pod that has been ready for a shorter amount of time comes |
| // before the pod that has been ready for longer. |
| // 7. If one pod has a container that has restarted more than any container in |
| // the other pod, the pod with the container with more restarts comes |
| // before the other pod. |
| // 8. If the pods' creation times differ, the pod that was created more recently |
| // comes before the older pod. |
| // |
| // In 6 and 8, times are compared in a logarithmic scale. This allows a level |
| // of randomness among equivalent Pods when sorting. If two pods have the same |
| // logarithmic rank, they are sorted by UUID to provide a pseudorandom order. |
| // |
| // If none of these rules matches, the second pod comes before the first pod. |
| // |
| // The intention of this ordering is to put pods that should be preferred for |
| // deletion first in the list. |
| type ActivePodsWithRanks struct { |
| // Pods is a list of pods. |
| Pods []*v1.Pod |
| |
| // Rank is a ranking of pods. This ranking is used during sorting when |
| // comparing two pods that are both scheduled, in the same phase, and |
| // having the same ready status. |
| Rank []int |
| |
| // Now is a reference timestamp for doing logarithmic timestamp comparisons. |
| // If zero, comparison happens without scaling. |
| Now metav1.Time |
| } |
| |
| func (s ActivePodsWithRanks) Len() int { |
| return len(s.Pods) |
| } |
| |
| func (s ActivePodsWithRanks) Swap(i, j int) { |
| s.Pods[i], s.Pods[j] = s.Pods[j], s.Pods[i] |
| s.Rank[i], s.Rank[j] = s.Rank[j], s.Rank[i] |
| } |
| |
| // Less compares two pods with corresponding ranks and returns true if the first |
| // one should be preferred for deletion. |
| func (s ActivePodsWithRanks) Less(i, j int) bool { |
| // 1. Unassigned < assigned |
| // If only one of the pods is unassigned, the unassigned one is smaller |
| if s.Pods[i].Spec.NodeName != s.Pods[j].Spec.NodeName && (len(s.Pods[i].Spec.NodeName) == 0 || len(s.Pods[j].Spec.NodeName) == 0) { |
| return len(s.Pods[i].Spec.NodeName) == 0 |
| } |
| // 2. PodPending < PodUnknown < PodRunning |
| if podPhaseToOrdinal[s.Pods[i].Status.Phase] != podPhaseToOrdinal[s.Pods[j].Status.Phase] { |
| return podPhaseToOrdinal[s.Pods[i].Status.Phase] < podPhaseToOrdinal[s.Pods[j].Status.Phase] |
| } |
| // 3. Not ready < ready |
| // If only one of the pods is not ready, the not ready one is smaller |
| if podutil.IsPodReady(s.Pods[i]) != podutil.IsPodReady(s.Pods[j]) { |
| return !podutil.IsPodReady(s.Pods[i]) |
| } |
| |
| // 4. lower pod-deletion-cost < higher pod-deletion cost |
| if utilfeature.DefaultFeatureGate.Enabled(features.PodDeletionCost) { |
| pi, _ := helper.GetDeletionCostFromPodAnnotations(s.Pods[i].Annotations) |
| pj, _ := helper.GetDeletionCostFromPodAnnotations(s.Pods[j].Annotations) |
| if pi != pj { |
| return pi < pj |
| } |
| } |
| |
| // 5. Doubled up < not doubled up |
| // If one of the two pods is on the same node as one or more additional |
| // ready pods that belong to the same replicaset, whichever pod has more |
| // colocated ready pods is less |
| if s.Rank[i] != s.Rank[j] { |
| return s.Rank[i] > s.Rank[j] |
| } |
| // TODO: take availability into account when we push minReadySeconds information from deployment into pods, |
| // see https://github.com/kubernetes/kubernetes/issues/22065 |
| // 6. Been ready for empty time < less time < more time |
| // If both pods are ready, the latest ready one is smaller |
| if podutil.IsPodReady(s.Pods[i]) && podutil.IsPodReady(s.Pods[j]) { |
| readyTime1 := podReadyTime(s.Pods[i]) |
| readyTime2 := podReadyTime(s.Pods[j]) |
| if !readyTime1.Equal(readyTime2) { |
| if !utilfeature.DefaultFeatureGate.Enabled(features.LogarithmicScaleDown) { |
| return afterOrZero(readyTime1, readyTime2) |
| } else { |
| if s.Now.IsZero() || readyTime1.IsZero() || readyTime2.IsZero() { |
| return afterOrZero(readyTime1, readyTime2) |
| } |
| rankDiff := logarithmicRankDiff(*readyTime1, *readyTime2, s.Now) |
| if rankDiff == 0 { |
| return s.Pods[i].UID < s.Pods[j].UID |
| } |
| return rankDiff < 0 |
| } |
| } |
| } |
| // 7. Pods with containers with higher restart counts < lower restart counts |
| if maxContainerRestarts(s.Pods[i]) != maxContainerRestarts(s.Pods[j]) { |
| return maxContainerRestarts(s.Pods[i]) > maxContainerRestarts(s.Pods[j]) |
| } |
| // 8. Empty creation time pods < newer pods < older pods |
| if !s.Pods[i].CreationTimestamp.Equal(&s.Pods[j].CreationTimestamp) { |
| if !utilfeature.DefaultFeatureGate.Enabled(features.LogarithmicScaleDown) { |
| return afterOrZero(&s.Pods[i].CreationTimestamp, &s.Pods[j].CreationTimestamp) |
| } else { |
| if s.Now.IsZero() || s.Pods[i].CreationTimestamp.IsZero() || s.Pods[j].CreationTimestamp.IsZero() { |
| return afterOrZero(&s.Pods[i].CreationTimestamp, &s.Pods[j].CreationTimestamp) |
| } |
| rankDiff := logarithmicRankDiff(s.Pods[i].CreationTimestamp, s.Pods[j].CreationTimestamp, s.Now) |
| if rankDiff == 0 { |
| return s.Pods[i].UID < s.Pods[j].UID |
| } |
| return rankDiff < 0 |
| } |
| } |
| return false |
| } |
| |
| // afterOrZero checks if time t1 is after time t2; if one of them |
| // is zero, the zero time is seen as after non-zero time. |
| func afterOrZero(t1, t2 *metav1.Time) bool { |
| if t1.Time.IsZero() || t2.Time.IsZero() { |
| return t1.Time.IsZero() |
| } |
| return t1.After(t2.Time) |
| } |
| |
| // logarithmicRankDiff calculates the base-2 logarithmic ranks of 2 timestamps, |
| // compared to the current timestamp |
| func logarithmicRankDiff(t1, t2, now metav1.Time) int64 { |
| d1 := now.Sub(t1.Time) |
| d2 := now.Sub(t2.Time) |
| r1 := int64(-1) |
| r2 := int64(-1) |
| if d1 > 0 { |
| r1 = int64(math.Log2(float64(d1))) |
| } |
| if d2 > 0 { |
| r2 = int64(math.Log2(float64(d2))) |
| } |
| return r1 - r2 |
| } |
| |
| func podReadyTime(pod *v1.Pod) *metav1.Time { |
| if podutil.IsPodReady(pod) { |
| for _, c := range pod.Status.Conditions { |
| // we only care about pod ready conditions |
| if c.Type == v1.PodReady && c.Status == v1.ConditionTrue { |
| return &c.LastTransitionTime |
| } |
| } |
| } |
| return &metav1.Time{} |
| } |
| |
| func maxContainerRestarts(pod *v1.Pod) int { |
| maxRestarts := 0 |
| for _, c := range pod.Status.ContainerStatuses { |
| maxRestarts = max(maxRestarts, int(c.RestartCount)) |
| } |
| return maxRestarts |
| } |
| |
| // FilterActivePods returns pods that have not terminated. |
| func FilterActivePods(logger klog.Logger, pods []*v1.Pod) []*v1.Pod { |
| var result []*v1.Pod |
| for _, p := range pods { |
| if IsPodActive(p) { |
| result = append(result, p) |
| } else { |
| logger.V(4).Info("Ignoring inactive pod", "pod", klog.KObj(p), "phase", p.Status.Phase, "deletionTime", klog.SafePtr(p.DeletionTimestamp)) |
| } |
| } |
| return result |
| } |
| |
| func FilterTerminatingPods(pods []*v1.Pod) []*v1.Pod { |
| var result []*v1.Pod |
| for _, p := range pods { |
| if IsPodTerminating(p) { |
| result = append(result, p) |
| } |
| } |
| return result |
| } |
| |
| func CountTerminatingPods(pods []*v1.Pod) int32 { |
| numberOfTerminatingPods := 0 |
| for _, p := range pods { |
| if IsPodTerminating(p) { |
| numberOfTerminatingPods += 1 |
| } |
| } |
| return int32(numberOfTerminatingPods) |
| } |
| |
| func IsPodActive(p *v1.Pod) bool { |
| return v1.PodSucceeded != p.Status.Phase && |
| v1.PodFailed != p.Status.Phase && |
| p.DeletionTimestamp == nil |
| } |
| |
| func IsPodTerminating(p *v1.Pod) bool { |
| return !podutil.IsPodTerminal(p) && |
| p.DeletionTimestamp != nil |
| } |
| |
| // FilterActiveReplicaSets returns replica sets that have (or at least ought to have) pods. |
| func FilterActiveReplicaSets(replicaSets []*apps.ReplicaSet) []*apps.ReplicaSet { |
| activeFilter := func(rs *apps.ReplicaSet) bool { |
| return rs != nil && *(rs.Spec.Replicas) > 0 |
| } |
| return FilterReplicaSets(replicaSets, activeFilter) |
| } |
| |
| type filterRS func(rs *apps.ReplicaSet) bool |
| |
| // FilterReplicaSets returns replica sets that are filtered by filterFn (all returned ones should match filterFn). |
| func FilterReplicaSets(RSes []*apps.ReplicaSet, filterFn filterRS) []*apps.ReplicaSet { |
| var filtered []*apps.ReplicaSet |
| for i := range RSes { |
| if filterFn(RSes[i]) { |
| filtered = append(filtered, RSes[i]) |
| } |
| } |
| return filtered |
| } |
| |
| // PodKey returns a key unique to the given pod within a cluster. |
| // It's used so we consistently use the same key scheme in this module. |
| // It does exactly what cache.MetaNamespaceKeyFunc would have done |
| // except there's not possibility for error since we know the exact type. |
| func PodKey(pod *v1.Pod) string { |
| return fmt.Sprintf("%v/%v", pod.Namespace, pod.Name) |
| } |
| |
| // ControllersByCreationTimestamp sorts a list of ReplicationControllers by creation timestamp, using their names as a tie breaker. |
| type ControllersByCreationTimestamp []*v1.ReplicationController |
| |
| func (o ControllersByCreationTimestamp) Len() int { return len(o) } |
| func (o ControllersByCreationTimestamp) Swap(i, j int) { o[i], o[j] = o[j], o[i] } |
| func (o ControllersByCreationTimestamp) Less(i, j int) bool { |
| if o[i].CreationTimestamp.Equal(&o[j].CreationTimestamp) { |
| return o[i].Name < o[j].Name |
| } |
| return o[i].CreationTimestamp.Before(&o[j].CreationTimestamp) |
| } |
| |
| // ReplicaSetsByCreationTimestamp sorts a list of ReplicaSet by creation timestamp, using their names as a tie breaker. |
| type ReplicaSetsByCreationTimestamp []*apps.ReplicaSet |
| |
| func (o ReplicaSetsByCreationTimestamp) Len() int { return len(o) } |
| func (o ReplicaSetsByCreationTimestamp) Swap(i, j int) { o[i], o[j] = o[j], o[i] } |
| func (o ReplicaSetsByCreationTimestamp) Less(i, j int) bool { |
| if o[i].CreationTimestamp.Equal(&o[j].CreationTimestamp) { |
| return o[i].Name < o[j].Name |
| } |
| return o[i].CreationTimestamp.Before(&o[j].CreationTimestamp) |
| } |
| |
| // ReplicaSetsBySizeOlder sorts a list of ReplicaSet by size in descending order, using their creation timestamp or name as a tie breaker. |
| // By using the creation timestamp, this sorts from old to new replica sets. |
| type ReplicaSetsBySizeOlder []*apps.ReplicaSet |
| |
| func (o ReplicaSetsBySizeOlder) Len() int { return len(o) } |
| func (o ReplicaSetsBySizeOlder) Swap(i, j int) { o[i], o[j] = o[j], o[i] } |
| func (o ReplicaSetsBySizeOlder) Less(i, j int) bool { |
| if *(o[i].Spec.Replicas) == *(o[j].Spec.Replicas) { |
| return ReplicaSetsByCreationTimestamp(o).Less(i, j) |
| } |
| return *(o[i].Spec.Replicas) > *(o[j].Spec.Replicas) |
| } |
| |
| // ReplicaSetsBySizeNewer sorts a list of ReplicaSet by size in descending order, using their creation timestamp or name as a tie breaker. |
| // By using the creation timestamp, this sorts from new to old replica sets. |
| type ReplicaSetsBySizeNewer []*apps.ReplicaSet |
| |
| func (o ReplicaSetsBySizeNewer) Len() int { return len(o) } |
| func (o ReplicaSetsBySizeNewer) Swap(i, j int) { o[i], o[j] = o[j], o[i] } |
| func (o ReplicaSetsBySizeNewer) Less(i, j int) bool { |
| if *(o[i].Spec.Replicas) == *(o[j].Spec.Replicas) { |
| return ReplicaSetsByCreationTimestamp(o).Less(j, i) |
| } |
| return *(o[i].Spec.Replicas) > *(o[j].Spec.Replicas) |
| } |
| |
| // AddOrUpdateTaintOnNode add taints to the node. If taint was added into node, it'll issue API calls |
| // to update nodes; otherwise, no API calls. Return error if any. |
| func AddOrUpdateTaintOnNode(ctx context.Context, c clientset.Interface, nodeName string, taints ...*v1.Taint) error { |
| if len(taints) == 0 { |
| return nil |
| } |
| firstTry := true |
| return clientretry.RetryOnConflict(UpdateTaintBackoff, func() error { |
| var err error |
| var oldNode *v1.Node |
| // First we try getting node from the API server cache, as it's cheaper. If it fails |
| // we get it from etcd to be sure to have fresh data. |
| option := metav1.GetOptions{} |
| if firstTry { |
| option.ResourceVersion = "0" |
| firstTry = false |
| } |
| oldNode, err = c.CoreV1().Nodes().Get(ctx, nodeName, option) |
| if err != nil { |
| return err |
| } |
| |
| var newNode *v1.Node |
| oldNodeCopy := oldNode |
| updated := false |
| for _, taint := range taints { |
| curNewNode, ok, err := taintutils.AddOrUpdateTaint(oldNodeCopy, taint) |
| if err != nil { |
| return fmt.Errorf("failed to update taint of node") |
| } |
| updated = updated || ok |
| newNode = curNewNode |
| oldNodeCopy = curNewNode |
| } |
| if !updated { |
| return nil |
| } |
| return PatchNodeTaints(ctx, c, nodeName, oldNode, newNode) |
| }) |
| } |
| |
| // RemoveTaintOffNode is for cleaning up taints temporarily added to node, |
| // won't fail if target taint doesn't exist or has been removed. |
| // If passed a node it'll check if there's anything to be done, if taint is not present it won't issue |
| // any API calls. |
| func RemoveTaintOffNode(ctx context.Context, c clientset.Interface, nodeName string, node *v1.Node, taints ...*v1.Taint) error { |
| if len(taints) == 0 { |
| return nil |
| } |
| // Short circuit for limiting amount of API calls. |
| if node != nil { |
| match := false |
| for _, taint := range taints { |
| if taintutils.TaintExists(node.Spec.Taints, taint) { |
| match = true |
| break |
| } |
| } |
| if !match { |
| return nil |
| } |
| } |
| |
| firstTry := true |
| return clientretry.RetryOnConflict(UpdateTaintBackoff, func() error { |
| var err error |
| var oldNode *v1.Node |
| // First we try getting node from the API server cache, as it's cheaper. If it fails |
| // we get it from etcd to be sure to have fresh data. |
| option := metav1.GetOptions{} |
| if firstTry { |
| option.ResourceVersion = "0" |
| firstTry = false |
| } |
| oldNode, err = c.CoreV1().Nodes().Get(ctx, nodeName, option) |
| if err != nil { |
| return err |
| } |
| |
| var newNode *v1.Node |
| oldNodeCopy := oldNode |
| updated := false |
| for _, taint := range taints { |
| curNewNode, ok, err := taintutils.RemoveTaint(oldNodeCopy, taint) |
| if err != nil { |
| return fmt.Errorf("failed to remove taint of node") |
| } |
| updated = updated || ok |
| newNode = curNewNode |
| oldNodeCopy = curNewNode |
| } |
| if !updated { |
| return nil |
| } |
| return PatchNodeTaints(ctx, c, nodeName, oldNode, newNode) |
| }) |
| } |
| |
| // PatchNodeTaints patches node's taints. |
| func PatchNodeTaints(ctx context.Context, c clientset.Interface, nodeName string, oldNode *v1.Node, newNode *v1.Node) error { |
| // Strip base diff node from RV to ensure that our Patch request will set RV to check for conflicts over .spec.taints. |
| // This is needed because .spec.taints does not specify patchMergeKey and patchStrategy and adding them is no longer an option for compatibility reasons. |
| // Using other Patch strategy works for adding new taints, however will not resolve problem with taint removal. |
| oldNodeNoRV := oldNode.DeepCopy() |
| oldNodeNoRV.ResourceVersion = "" |
| oldDataNoRV, err := json.Marshal(&oldNodeNoRV) |
| if err != nil { |
| return fmt.Errorf("failed to marshal old node %#v for node %q: %v", oldNodeNoRV, nodeName, err) |
| } |
| |
| newTaints := newNode.Spec.Taints |
| newNodeClone := oldNode.DeepCopy() |
| newNodeClone.Spec.Taints = newTaints |
| newData, err := json.Marshal(newNodeClone) |
| if err != nil { |
| return fmt.Errorf("failed to marshal new node %#v for node %q: %v", newNodeClone, nodeName, err) |
| } |
| |
| patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldDataNoRV, newData, v1.Node{}) |
| if err != nil { |
| return fmt.Errorf("failed to create patch for node %q: %v", nodeName, err) |
| } |
| |
| _, err = c.CoreV1().Nodes().Patch(ctx, nodeName, types.StrategicMergePatchType, patchBytes, metav1.PatchOptions{}) |
| return err |
| } |
| |
| // ComputeHash returns a hash value calculated from pod template and |
| // a collisionCount to avoid hash collision. The hash will be safe encoded to |
| // avoid bad words. |
| func ComputeHash(template *v1.PodTemplateSpec, collisionCount *int32) string { |
| podTemplateSpecHasher := fnv.New32a() |
| hashutil.DeepHashObject(podTemplateSpecHasher, *template) |
| |
| // Add collisionCount in the hash if it exists. |
| if collisionCount != nil { |
| collisionCountBytes := make([]byte, 8) |
| binary.LittleEndian.PutUint32(collisionCountBytes, uint32(*collisionCount)) |
| podTemplateSpecHasher.Write(collisionCountBytes) |
| } |
| |
| return rand.SafeEncodeString(fmt.Sprint(podTemplateSpecHasher.Sum32())) |
| } |
| |
| func AddOrUpdateLabelsOnNode(kubeClient clientset.Interface, nodeName string, labelsToUpdate map[string]string) error { |
| firstTry := true |
| return clientretry.RetryOnConflict(UpdateLabelBackoff, func() error { |
| var err error |
| var node *v1.Node |
| // First we try getting node from the API server cache, as it's cheaper. If it fails |
| // we get it from etcd to be sure to have fresh data. |
| option := metav1.GetOptions{} |
| if firstTry { |
| option.ResourceVersion = "0" |
| firstTry = false |
| } |
| node, err = kubeClient.CoreV1().Nodes().Get(context.TODO(), nodeName, option) |
| if err != nil { |
| return err |
| } |
| |
| // Make a copy of the node and update the labels. |
| newNode := node.DeepCopy() |
| if newNode.Labels == nil { |
| newNode.Labels = make(map[string]string) |
| } |
| for key, value := range labelsToUpdate { |
| newNode.Labels[key] = value |
| } |
| |
| oldData, err := json.Marshal(node) |
| if err != nil { |
| return fmt.Errorf("failed to marshal the existing node %#v: %v", node, err) |
| } |
| newData, err := json.Marshal(newNode) |
| if err != nil { |
| return fmt.Errorf("failed to marshal the new node %#v: %v", newNode, err) |
| } |
| patchBytes, err := strategicpatch.CreateTwoWayMergePatch(oldData, newData, &v1.Node{}) |
| if err != nil { |
| return fmt.Errorf("failed to create a two-way merge patch: %v", err) |
| } |
| if _, err := kubeClient.CoreV1().Nodes().Patch(context.TODO(), node.Name, types.StrategicMergePatchType, patchBytes, metav1.PatchOptions{}); err != nil { |
| return fmt.Errorf("failed to patch the node: %v", err) |
| } |
| return nil |
| }) |
| } |
