github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-05 23:47:50 +00:00
Code Issues Projects Releases Wiki Activity

CSIStorageCapacity: check for sufficient storage in volume binder

Browse Source 
This uses the information provided by a CSI driver deployment for
checking whether a node has access to enough storage to create the
currently unbound volumes, if the CSI driver opts into that checking
with CSIDriver.Spec.VolumeCapacity != false.

This resolves a TODO from commit 95b530366a.
This commit is contained in:
Patrick Ohly
2020-06-22 16:06:46 +02:00
parent 9a66e8e1b5
commit 0efbbe8555
6 changed files with 397 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go
View File

@@ -541,6 +541,12 @@ func ClusterRoles() []rbacv1.ClusterRole {
// Needed for volume limits
rbacv1helpers.NewRule(Read...).Groups(storageGroup).Resources("csinodes").RuleOrDie(),
}
if utilfeature.DefaultFeatureGate.Enabled(features.CSIStorageCapacity) {
kubeSchedulerRules = append(kubeSchedulerRules,
rbacv1helpers.NewRule(Read...).Groups(storageGroup).Resources("csidrivers").RuleOrDie(),
rbacv1helpers.NewRule(Read...).Groups(storageGroup).Resources("csistoragecapacities").RuleOrDie(),
)
}
roles = append(roles, rbacv1.ClusterRole{
// a role to use for the kube-scheduler
ObjectMeta: metav1.ObjectMeta{Name: "system:kube-scheduler"},