If you set `trafficDistribution: PreferClose` on a service in a
cluster with no defined zones, then it would add
hints:
forZones:
- name: ""
to each endpoint. This ended up working anyway since kube-proxy would
likewise end up looking for an endpoint for the "" zone, but it's
unnecessary, since you'd get exactly the same behavior by just leaving
all of the endpoints unhinted. (Of course there's no point in using
PreferClose traffic distribution in this case, but this will make
PreferSameNode cleaner.)
Merge TestReconcileHints_trafficDistribution_is_PreferClose and
TestReconcileHints_trafficDistribution_is_nil_or_empty together.
Change the `trafficDistribution: ""` test to `trafficDistribution:
Unknown`, since `""` is not actually a possible value (but we should
still test that unknown values are ignored, to prevent weird skew
bugs).
Fill in the NodeName field in the endpoints. It's not needed yet but
it will be.
Don't use sets for validating port name and zone hint uniqueness,
since constructing a new set each time is likely to be less efficient
than just doing a linear search.
Keep the sets for supportedAddressTypes and supportedPortProtocols
(since they're only constructed once) but switch to the generic set
API.
IDsPerPod is the mapping length of subids for UserNS.
The length must be multiple of 65536.
Default: 65536
Implements kubernetes/enhancements PR 5020 (addendum to KEP-127)
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
In tests it is sometimes unavoidable to use the Prometheus types directly,
for example when writing a custom gatherer which needs to normalize data
before testing it. device_taint_eviction_test.go does this to strip
out unpredictable data in a histogram.
With type aliases in a package that is explicitly meant for tests we
can avoid adding exceptions for such tests to the global exception list.
Both the new DeviceTaint.TimeAdded and dropped fields when
the DRADeviceTaints feature is disabled confused the ResourceSlice
controller because what is stored and sent back can be different
from what the controller wants to store.
It's now more lenient regarding TimeAdded (doesn't need to be exact because of
rounding during serialization, only having a value on the server is okay)
and dropped fields (doesn't try to store them again). It also preserves
a server-side TimeAdded when updating slices.
Thanks to the tracker, the plugin sees all taints directly in the device
definition and can compare it against the tolerations of a request while
trying to find a device for the request.
When the feature is turnedd off, taints are ignored during scheduling.
The controller is derived from the node taint eviction controller.
In contrast to that controller it tracks the UID of pods to prevent
deleting the wrong pod when it got replaced.
Changing the encryption key doesn't work with watch cache as it doesn't
break decoding newly written objects. A new object will be written using
a new key, and decoded using a new key.
This is a verbatim copy of the current pkg/controller/taintseviction code,
revision fc268ecd09 (v1.33.0 plus one commit),
minus the TimedWorker helper.
The intent is to modify the code such that it enforces eviction of pods which
use tainted devices.
WithTB was originally defined as "uses the existing logger". But what we want
there and in the newer TContext.Run is the usual per-test logging, now for the
sub-test.
The purpose of the tracker is to emulate a ResourceSlice informer, including
cache and event handlers. In contrast to that informer, the tracker adds taints
from a DeviceTaint such that they appear in the ResourceSlice device
definition. Code using the tracker doesn't need to care where the taints are
coming from.
The main advantage is that it enables fine-grained reactions to taints that
only affect a few devices, the common case. Without this tracker, the pod
eviction controller would have to sync all pods when any slice or any taint
change.
In the scheduler it avoids re-evaluating the selection criteria repeatedly.
The tracker serves as a cross-pod-scheduling cache.
This adds the "DeviceTaint" top-level type to v1alpha3 and related fields to
ResourceSlice and ResourceClaim. It's complete enough bring up an API server
and generate files.
