github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-28 22:17:14 +00:00
Code Issues Projects Releases Wiki Activity

block not allowed node labels on kubelet

Browse Source
This commit is contained in:
Gustavo Paiva 2019-06-26 19:24:30 -03:00
parent ca3519c7ad
commit 096bd5f5d8
2 changed files with 46 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cmd/kubelet/app/options/options.go
View File

@ -30,7 +30,6 @@ import (
"k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/sets"
utilfeature "k8s.io/apiserver/pkg/util/feature" utilfeature "k8s.io/apiserver/pkg/util/feature"
cliflag "k8s.io/component-base/cli/flag" cliflag "k8s.io/component-base/cli/flag"
"k8s.io/klog"
"k8s.io/kubelet/config/v1beta1" "k8s.io/kubelet/config/v1beta1"
"k8s.io/kubernetes/pkg/apis/core" "k8s.io/kubernetes/pkg/apis/core"
"k8s.io/kubernetes/pkg/features" "k8s.io/kubernetes/pkg/features"
@ -247,9 +246,7 @@ func ValidateKubeletFlags(f *KubeletFlags) error {
} }
} }
if len(unknownLabels) > 0 { if len(unknownLabels) > 0 {
// TODO(liggitt): in 1.16, return an error return fmt.Errorf("unknown 'kubernetes.io' or 'k8s.io' labels specified with --node-labels: %v\n--node-labels in the 'kubernetes.io' namespace must begin with an allowed prefix (%s) or be in the specifically allowed set (%s)", unknownLabels.List(), strings.Join(kubeletapis.KubeletLabelNamespaces(), ", "), strings.Join(kubeletapis.KubeletLabels(), ", "))
klog.Warningf("unknown 'kubernetes.io' or 'k8s.io' labels specified with --node-labels: %v", unknownLabels.List())
klog.Warningf("in 1.16, --node-labels in the 'kubernetes.io' namespace must begin with an allowed prefix (%s) or be in the specifically allowed set (%s)", strings.Join(kubeletapis.KubeletLabelNamespaces(), ", "), strings.Join(kubeletapis.KubeletLabels(), ", "))
} }
return nil return nil

45
cmd/kubelet/app/options/options_test.go
View File

@ -145,3 +145,48 @@ func asArgs(fn, defaultFn func(*pflag.FlagSet)) []string {
}) })
return args return args
} }
func TestValidateKubeletFlags(t *testing.T) {
tests := []struct {
name string
error bool
labels map[string]string
}{
{
name: "Invalid kubernetes.io label",
error: true,
labels: map[string]string{
"beta.kubernetes.io/metadata-proxy-ready": "true",
},
},
{
name: "Valid label outside of kubernetes.io and k8s.io",
error: false,
labels: map[string]string{
"cloud.google.com/metadata-proxy-ready": "true",
},
},
{
name: "Empty label list",
error: false,
labels: map[string]string{},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
err := ValidateKubeletFlags(&KubeletFlags{
NodeLabels: tt.labels,
})
if tt.error && err == nil {
t.Errorf("ValidateKubeletFlags should have failed with labels: %+v", tt.labels)
}
if !tt.error && err != nil {
t.Errorf("ValidateKubeletFlags should not have failed with labels: %+v", tt.labels)
}
})
}
}