github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Currently, kubelet token mamanger only clean tokens who are expired. For tokens with long expiration, if the pod who creates them got killed or evicted, those tokens may stay in kubelet's memory until they are expired. It's bad for kubelet and node itself. After this patch, each time a pod was deleted, token manager would clean related tokens.

Browse Source
This commit is contained in:
WanLinghao
2018-08-30 15:03:31 +08:00
parent b7c2d923ef
commit 7df1078d6f
10 changed files with 237 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/volume/plugins.go
View File

@@ -347,6 +347,8 @@ type VolumeHost interface {
GetServiceAccountTokenFunc() func(namespace, name string, tr *authenticationv1.TokenRequest) (*authenticationv1.TokenRequest, error)
DeleteServiceAccountTokenFunc() func(podUID types.UID)
// Returns an interface that should be used to execute any utilities in volume plugins
GetExec(pluginName string) mount.Exec