diff --git a/pkg/api/v1/helper/helpers.go b/pkg/api/v1/helper/helpers.go index 2ec957f8e9c..5d2b2f26385 100644 --- a/pkg/api/v1/helper/helpers.go +++ b/pkg/api/v1/helper/helpers.go @@ -203,10 +203,10 @@ func NodeSelectorRequirementsAsSelector(nsm []v1.NodeSelectorRequirement) (label return selector, nil } -// AddOrUpdateTolerationInPod tries to add a toleration to the pod's toleration list. +// AddOrUpdateTolerationInPodSpec tries to add a toleration to the toleration list in PodSpec. // Returns true if something was updated, false otherwise. -func AddOrUpdateTolerationInPod(pod *v1.Pod, toleration *v1.Toleration) bool { - podTolerations := pod.Spec.Tolerations +func AddOrUpdateTolerationInPodSpec(spec *v1.PodSpec, toleration *v1.Toleration) bool { + podTolerations := spec.Tolerations var newTolerations []v1.Toleration updated := false @@ -227,10 +227,16 @@ func AddOrUpdateTolerationInPod(pod *v1.Pod, toleration *v1.Toleration) bool { newTolerations = append(newTolerations, *toleration) } - pod.Spec.Tolerations = newTolerations + spec.Tolerations = newTolerations return true } +// AddOrUpdateTolerationInPod tries to add a toleration to the pod's toleration list. +// Returns true if something was updated, false otherwise. +func AddOrUpdateTolerationInPod(pod *v1.Pod, toleration *v1.Toleration) bool { + return AddOrUpdateTolerationInPodSpec(&pod.Spec, toleration) +} + // TolerationsTolerateTaint checks if taint is tolerated by any of the tolerations. func TolerationsTolerateTaint(tolerations []v1.Toleration, taint *v1.Taint) bool { for i := range tolerations { diff --git a/pkg/controller/daemon/util/BUILD b/pkg/controller/daemon/util/BUILD index 5e533f83ab8..3b86029c255 100644 --- a/pkg/controller/daemon/util/BUILD +++ b/pkg/controller/daemon/util/BUILD @@ -15,6 +15,7 @@ go_library( deps = [ "//pkg/api:go_default_library", "//pkg/api/v1:go_default_library", + "//pkg/api/v1/helper:go_default_library", "//pkg/api/v1/pod:go_default_library", "//pkg/apis/extensions/v1beta1:go_default_library", "//pkg/util/labels:go_default_library", diff --git a/pkg/controller/daemon/util/daemonset_util.go b/pkg/controller/daemon/util/daemonset_util.go index c935076af9c..ce1f3b1882a 100644 --- a/pkg/controller/daemon/util/daemonset_util.go +++ b/pkg/controller/daemon/util/daemonset_util.go @@ -22,16 +22,37 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/kubernetes/pkg/api" "k8s.io/kubernetes/pkg/api/v1" + v1helper "k8s.io/kubernetes/pkg/api/v1/helper" podutil "k8s.io/kubernetes/pkg/api/v1/pod" extensions "k8s.io/kubernetes/pkg/apis/extensions/v1beta1" labelsutil "k8s.io/kubernetes/pkg/util/labels" ) // GetPodTemplateWithHash returns copy of provided template with additional -// label which contains hash of provided template +// label which contains hash of provided template and sets default daemon tolerations. func GetPodTemplateWithGeneration(template v1.PodTemplateSpec, generation int64) v1.PodTemplateSpec { obj, _ := api.Scheme.DeepCopy(template) newTemplate := obj.(v1.PodTemplateSpec) + // DaemonSet pods shouldn't be deleted by NodeController in case of node problems. + // Add infinite toleration for taint notReady:NoExecute here + // to survive taint-based eviction enforced by NodeController + // when node turns not ready. + v1helper.AddOrUpdateTolerationInPodSpec(&newTemplate.Spec, &v1.Toleration{ + Key: metav1.TaintNodeNotReady, + Operator: v1.TolerationOpExists, + Effect: v1.TaintEffectNoExecute, + }) + + // DaemonSet pods shouldn't be deleted by NodeController in case of node problems. + // Add infinite toleration for taint unreachable:NoExecute here + // to survive taint-based eviction enforced by NodeController + // when node turns unreachable. + v1helper.AddOrUpdateTolerationInPodSpec(&newTemplate.Spec, &v1.Toleration{ + Key: metav1.TaintNodeUnreachable, + Operator: v1.TolerationOpExists, + Effect: v1.TaintEffectNoExecute, + }) + templateGenerationStr := fmt.Sprint(generation) newTemplate.ObjectMeta.Labels = labelsutil.CloneAndAddLabel( template.ObjectMeta.Labels,