github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-28 05:57:25 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #72390 from sbezverk/node_configsource

Browse Source 
node config source validations
This commit is contained in:
Kubernetes Prow Robot 2018-12-29 11:24:45 -08:00 committed by GitHub
commit fcdc365a40
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
pkg/apis/core/validation/validation.go
View File

@ -4147,16 +4147,6 @@ func ValidateNode(node *core.Node) field.ErrorList {
// That said, if specified, we need to ensure they are valid. // That said, if specified, we need to ensure they are valid.
allErrs = append(allErrs, ValidateNodeResources(node)...) allErrs = append(allErrs, ValidateNodeResources(node)...)
// Only allow Spec.ConfigSource and Status.Config to be set if the DynamicKubeletConfig feature gate is enabled
if !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) {
if node.Spec.ConfigSource != nil {
allErrs = append(allErrs, field.Forbidden(field.NewPath("spec", "configSource"), "configSource may only be set if the DynamicKubeletConfig feature gate is enabled)"))
}
if node.Status.Config != nil {
allErrs = append(allErrs, field.Forbidden(field.NewPath("status", "config"), "config may only be set if the DynamicKubeletConfig feature gate is enabled)"))
}
}
if len(node.Spec.PodCIDR) != 0 { if len(node.Spec.PodCIDR) != 0 {
_, err := ValidateCIDR(node.Spec.PodCIDR) _, err := ValidateCIDR(node.Spec.PodCIDR)
if err != nil { if err != nil {
@ -4239,17 +4229,14 @@ func ValidateNodeUpdate(node, oldNode *core.Node) field.ErrorList {
} }
} }
// Allow and validate updates to Node.Spec.ConfigSource and Node.Status.Config if DynamicKubeletConfig feature gate is enabled if node.Spec.ConfigSource != nil {
if utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) { allErrs = append(allErrs, validateNodeConfigSourceSpec(node.Spec.ConfigSource, field.NewPath("spec", "configSource"))...)
if node.Spec.ConfigSource != nil {
allErrs = append(allErrs, validateNodeConfigSourceSpec(node.Spec.ConfigSource, field.NewPath("spec", "configSource"))...)
}
oldNode.Spec.ConfigSource = node.Spec.ConfigSource
if node.Status.Config != nil {
allErrs = append(allErrs, validateNodeConfigStatus(node.Status.Config, field.NewPath("status", "config"))...)
}
oldNode.Status.Config = node.Status.Config
} }
oldNode.Spec.ConfigSource = node.Spec.ConfigSource
if node.Status.Config != nil {
allErrs = append(allErrs, validateNodeConfigStatus(node.Status.Config, field.NewPath("status", "config"))...)
}
oldNode.Status.Config = node.Status.Config
// TODO: move reset function to its own location // TODO: move reset function to its own location
// Ignore metadata changes now that they have been tested // Ignore metadata changes now that they have been tested

39
pkg/registry/core/node/strategy.go
View File

@ -67,9 +67,9 @@ func (nodeStrategy) AllowCreateOnUpdate() bool {
func (nodeStrategy) PrepareForCreate(ctx context.Context, obj runtime.Object) { func (nodeStrategy) PrepareForCreate(ctx context.Context, obj runtime.Object) {
node := obj.(*api.Node) node := obj.(*api.Node)
// Nodes allow *all* fields, including status, to be set on create. // Nodes allow *all* fields, including status, to be set on create.
if !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) { if !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) {
node.Spec.ConfigSource = nil node.Spec.ConfigSource = nil
node.Status.Config = nil
} }
} }
@ -79,12 +79,22 @@ func (nodeStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Objec
oldNode := old.(*api.Node) oldNode := old.(*api.Node)
newNode.Status = oldNode.Status newNode.Status = oldNode.Status
if !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) { if !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) && !nodeConfigSourceInUse(oldNode) {
newNode.Spec.ConfigSource = nil newNode.Spec.ConfigSource = nil
oldNode.Spec.ConfigSource = nil
} }
} }
// nodeConfigSourceInUse returns true if node's Spec ConfigSource is set(used)
func nodeConfigSourceInUse(node *api.Node) bool {
if node == nil {
return false
}
if node.Spec.ConfigSource != nil {
return true
}
return false
}
// Validate validates a new node. // Validate validates a new node.
func (nodeStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { func (nodeStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList {
node := obj.(*api.Node) node := obj.(*api.Node)
@ -127,26 +137,27 @@ type nodeStatusStrategy struct {
var StatusStrategy = nodeStatusStrategy{Strategy} var StatusStrategy = nodeStatusStrategy{Strategy}
func (nodeStatusStrategy) PrepareForCreate(ctx context.Context, obj runtime.Object) {
node := obj.(*api.Node)
// Nodes allow *all* fields, including status, to be set on create.
if !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) {
node.Status.Config = nil
}
}
func (nodeStatusStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) { func (nodeStatusStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) {
newNode := obj.(*api.Node) newNode := obj.(*api.Node)
oldNode := old.(*api.Node) oldNode := old.(*api.Node)
newNode.Spec = oldNode.Spec newNode.Spec = oldNode.Spec
if !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) { if !utilfeature.DefaultFeatureGate.Enabled(features.DynamicKubeletConfig) && !nodeStatusConfigInUse(oldNode) {
newNode.Status.Config = nil newNode.Status.Config = nil
oldNode.Status.Config = nil
} }
} }
// nodeStatusConfigInUse returns true if node's Status Config is set(used)
func nodeStatusConfigInUse(node *api.Node) bool {
if node == nil {
return false
}
if node.Status.Config != nil {
return true
}
return false
}
func (nodeStatusStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { func (nodeStatusStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList {
return validation.ValidateNodeUpdate(obj.(*api.Node), old.(*api.Node)) return validation.ValidateNodeUpdate(obj.(*api.Node), old.(*api.Node))
} }