github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Promote sysctl annotations to API fields

Browse Source
This commit is contained in:
Jan Chaloupka
2018-05-11 15:58:29 +02:00
parent c178c7fd65
commit ab616a88b9
33 changed files with 536 additions and 838 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
pkg/kubelet/sysctl/runtime.go
View File

@@ -19,7 +19,6 @@ package sysctl
import (
"fmt"
v1helper "k8s.io/kubernetes/pkg/apis/core/v1/helper"
"k8s.io/kubernetes/pkg/kubelet/container"
"k8s.io/kubernetes/pkg/kubelet/lifecycle"
)
@@ -83,17 +82,11 @@ func NewRuntimeAdmitHandler(runtime container.Runtime) (*runtimeAdmitHandler, er
// Admit checks whether the runtime supports sysctls.
func (w *runtimeAdmitHandler) Admit(attrs *lifecycle.PodAdmitAttributes) lifecycle.PodAdmitResult {
sysctls, unsafeSysctls, err := v1helper.SysctlsFromPodAnnotations(attrs.Pod.Annotations)
if err != nil {
return lifecycle.PodAdmitResult{
Admit: false,
Reason: AnnotationInvalidReason,
Message: fmt.Sprintf("invalid sysctl annotation: %v", err),
}
}
if attrs.Pod.Spec.SecurityContext != nil {
if len(sysctls)+len(unsafeSysctls) > 0 {
return w.result
if len(attrs.Pod.Spec.SecurityContext.Sysctls) > 0 {
return w.result
}
}
return lifecycle.PodAdmitResult{