From a6d0cd0f01ff9cb84efe355e9c893e9deca16cc2 Mon Sep 17 00:00:00 2001 From: Pengfei Ni Date: Tue, 30 Jan 2018 12:56:31 +0800 Subject: [PATCH] Add HyperVContainer feature gates --- pkg/features/kube_features.go | 7 +++++++ pkg/kubelet/dockershim/BUILD | 8 +++++++- pkg/kubelet/dockershim/helpers_windows.go | 7 +++++++ 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/pkg/features/kube_features.go b/pkg/features/kube_features.go index cfdcf614953..86e991b4692 100644 --- a/pkg/features/kube_features.go +++ b/pkg/features/kube_features.go @@ -225,6 +225,12 @@ const ( // // Implement support for limiting pids in pods SupportPodPidsLimit utilfeature.Feature = "SupportPodPidsLimit" + + // owner: @feiskyer + // alpha: v1.10 + // + // Enable Hyper-V containers on Windows + HyperVContainer utilfeature.Feature = "HyperVContainer" ) func init() { @@ -265,6 +271,7 @@ var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureS ResourceLimitsPriorityFunction: {Default: false, PreRelease: utilfeature.Alpha}, SupportIPVSProxyMode: {Default: false, PreRelease: utilfeature.Beta}, SupportPodPidsLimit: {Default: false, PreRelease: utilfeature.Alpha}, + HyperVContainer: {Default: false, PreRelease: utilfeature.Alpha}, // inherited features from generic apiserver, relisted here to get a conflict if it is changed // unintentionally on either side: diff --git a/pkg/kubelet/dockershim/BUILD b/pkg/kubelet/dockershim/BUILD index 2a136a19e33..ba420b45a5c 100644 --- a/pkg/kubelet/dockershim/BUILD +++ b/pkg/kubelet/dockershim/BUILD @@ -124,7 +124,13 @@ go_library( "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library", "//vendor/k8s.io/client-go/tools/remotecommand:go_default_library", "//vendor/k8s.io/utils/exec:go_default_library", - ], + ] + select({ + "@io_bazel_rules_go//go/platform:windows": [ + "//pkg/features:go_default_library", + "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library", + ], + "//conditions:default": [], + }), ) go_test( diff --git a/pkg/kubelet/dockershim/helpers_windows.go b/pkg/kubelet/dockershim/helpers_windows.go index 499dc620c74..4cd722d54e2 100644 --- a/pkg/kubelet/dockershim/helpers_windows.go +++ b/pkg/kubelet/dockershim/helpers_windows.go @@ -26,6 +26,9 @@ import ( dockercontainer "github.com/docker/docker/api/types/container" dockerfilters "github.com/docker/docker/api/types/filters" "github.com/golang/glog" + + utilfeature "k8s.io/apiserver/pkg/util/feature" + "k8s.io/kubernetes/pkg/features" runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime" ) @@ -48,6 +51,10 @@ func (ds *dockerService) getSecurityOpts(seccompProfile string, separator rune) } func shouldIsolatedByHyperV(annotations map[string]string) bool { + if !utilfeature.DefaultFeatureGate.Enabled(features.HyperVContainer) { + return false + } + v, ok := annotations[hypervIsolationAnnotationKey] return ok && v == hypervIsolation }