github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-03 17:30:00 +00:00
Code Issues Projects Releases Wiki Activity

Added sidecar support in and

Browse Source
This commit is contained in:
vivzbansal 2024-11-06 22:29:55 +00:00
parent 34ddb91f18
commit cdddaed841
1 changed files with 40 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
pkg/apis/core/validation/validation.go
View File

@ -5606,7 +5606,8 @@ func ValidatePodResize(newPod, oldPod *core.Pod, opts PodValidationOptions) fiel
}
// Part 2: Validate that the changes between oldPod.Spec.Containers[].Resources and
// newPod.Spec.Containers[].Resources are allowed.
// newPod.Spec.Containers[].Resources are allowed. Also validate that the changes between oldPod.Spec.InitContainers[].Resources and
// newPod.Spec.InitContainers[].Resources are allowed.
specPath := field.NewPath("spec")
if qos.GetPodQOS(oldPod) != qos.ComputePodQOS(newPod) {
allErrs = append(allErrs, field.Invalid(specPath, newPod.Status.QOSClass, "Pod QOS Class may not change as a result of resizing"))
@ -5639,11 +5640,43 @@ func ValidatePodResize(newPod, oldPod *core.Pod, opts PodValidationOptions) fiel
}
}
// Ensure that only CPU and memory resources are mutable.
// Ensure that only CPU and memory resources are mutable for regular containers.
originalCPUMemPodSpec := *newPod.Spec.DeepCopy()
var newContainers []core.Container
for ix, container := range originalCPUMemPodSpec.Containers {
dropCPUMemoryUpdates := func(resourceList, oldResourceList core.ResourceList) core.ResourceList {
lim := dropCPUMemoryUpdates(container.Resources.Limits, oldPod.Spec.Containers[ix].Resources.Limits)
req := dropCPUMemoryUpdates(container.Resources.Requests, oldPod.Spec.Containers[ix].Resources.Requests)
container.Resources = core.ResourceRequirements{Limits: lim, Requests: req}
container.ResizePolicy = oldPod.Spec.Containers[ix].ResizePolicy // +k8s:verify-mutation:reason=clone
newContainers = append(newContainers, container)
}
originalCPUMemPodSpec.Containers = newContainers
// Ensure that only CPU and memory resources are mutable for restartable init containers.
var newInitContainers []core.Container
for ix, container := range originalCPUMemPodSpec.InitContainers {
if container.RestartPolicy != nil && *container.RestartPolicy == core.ContainerRestartPolicyAlways {
lim := dropCPUMemoryUpdates(container.Resources.Limits, oldPod.Spec.InitContainers[ix].Resources.Limits)
req := dropCPUMemoryUpdates(container.Resources.Requests, oldPod.Spec.InitContainers[ix].Resources.Requests)
container.Resources = core.ResourceRequirements{Limits: lim, Requests: req}
container.ResizePolicy = oldPod.Spec.InitContainers[ix].ResizePolicy // +k8s:verify-mutation:reason=clone
newInitContainers = append(newInitContainers, container)
}
}
if len(newInitContainers) > 0 {
originalCPUMemPodSpec.InitContainers = newInitContainers
}
if !apiequality.Semantic.DeepEqual(originalCPUMemPodSpec, oldPod.Spec) {
// This likely means that the user has made changes to resources other than CPU and Memory.
specDiff := cmp.Diff(oldPod.Spec, originalCPUMemPodSpec)
errs := field.Forbidden(specPath, fmt.Sprintf("only cpu and memory resources are mutable\n%v", specDiff))
allErrs = append(allErrs, errs)
}
return allErrs
}
func dropCPUMemoryUpdates(resourceList, oldResourceList core.ResourceList) core.ResourceList {
if oldResourceList == nil {
return nil
}
@ -5662,21 +5695,6 @@ func ValidatePodResize(newPod, oldPod *core.Pod, opts PodValidationOptions) fiel
mungedResourceList[core.ResourceMemory] = mem
}
return mungedResourceList
}
lim := dropCPUMemoryUpdates(container.Resources.Limits, oldPod.Spec.Containers[ix].Resources.Limits)
req := dropCPUMemoryUpdates(container.Resources.Requests, oldPod.Spec.Containers[ix].Resources.Requests)
container.Resources = core.ResourceRequirements{Limits: lim, Requests: req}
container.ResizePolicy = oldPod.Spec.Containers[ix].ResizePolicy // +k8s:verify-mutation:reason=clone
newContainers = append(newContainers, container)
}
originalCPUMemPodSpec.Containers = newContainers
if !apiequality.Semantic.DeepEqual(originalCPUMemPodSpec, oldPod.Spec) {
// This likely means that the user has made changes to resources other than CPU and Memory.
specDiff := cmp.Diff(oldPod.Spec, originalCPUMemPodSpec)
errs := field.Forbidden(specPath, fmt.Sprintf("only cpu and memory resources are mutable\n%v", specDiff))
allErrs = append(allErrs, errs)
}
return allErrs
}
// isPodResizeRequestSupported checks whether the pod is running on a node with InPlacePodVerticalScaling enabled.