Mirror pods for static pods may not be created immediately during node startup
because either the node is not registered or node informer is not synced.
They will be created eventually when static pods are resynced (every 1-1.5 minutes).
However, during this delay of 1-1.5 mins, kube-scheduler might overcommit resources
to the node and eventually cause kubelet to reject pods with
OutOfCPU/OutOfMemory/OutOfPods error.
To ensure kube-scheduler is aware of static pod resource usage faster,
mirror pods are created as soon as the node registers.
A better place is the cel package because a) the name can become shorter
and b) it is tightly coupled with the compiler there.
Moving the compilation into the cache simplifies the callers.
* Refactor various hardcoded backoffs into separate constants
Signed-off-by: Laura Lorenz <lauralorenz@google.com>
* Fix comment formatting
Signed-off-by: Laura Lorenz <lauralorenz@google.com>
---------
Signed-off-by: Laura Lorenz <lauralorenz@google.com>
This expands the generic plugin support to both validating and mutating policies. It also adds the
mutating policy admission plugin using the generics plugin support.
This also implements both ApplyConfiguration and JSONPatch support.
Co-authored-by: Alexander Zielensk <alexzielenski@gmail.com>
This is closely aligned with ValidatingAdmissionPolicy
except that instead of validations that can fail with
messages, there are mutations, which can be defined
either with as an ApplyConfiguration or JSONPatch.
Co-authored-by: cici37 <cicih@google.com>
* better name variables in deployment_util
* add tests for getReplicaSetFraction in the deployment controller
- make validation more robust and make sure we do not divide by 0
* lock feature gate for PodIndexLabel and mark it GA
Signed-off-by: Alay Patel <alayp@nvidia.com>
* add emulated version if testing disabling of PodIndexLabel FG
Signed-off-by: Alay Patel <alayp@nvidia.com>
---------
Signed-off-by: Alay Patel <alayp@nvidia.com>
`golang.org/x/sys/unix`.`Sysinfo` only provide uptime in whole second,
which leads to +-1s drifting in the boot time calculation. Reading from
/proc/stat is a better option as there's a reliable boot time directly
returned from linux kernel.
Types that implement any of the stdlib text and JSON marshaler and unmarshaler interfaces without
implementing the corresponding CBOR interfaces are currently rejected by the CBOR serializer. This
is a temporary measure for the initial alpha; such types will ultimately be handled via automatic
transcoding. The "cbor/direct" subpackage exports Marshal and Unmarshal functions to support the
implementation of custom CBOR marshalling and unmarshalling behaviors, but did not include the
safeguard against handling non-CBOR custom marshalers.
