Auto-create system critical prioity classes at API server startup

pkg/registry/scheduling/rest/storage_scheduling.go

@@ -17,6 +17,15 @@ limitations under the License.
 package rest
 
 import (
+	"fmt"
+	"time"
+
+	"github.com/golang/glog"
+
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/registry/rest"
 	genericapiserver "k8s.io/apiserver/pkg/server"
@@ -24,11 +33,16 @@ import (
 	"k8s.io/kubernetes/pkg/api/legacyscheme"
 	"k8s.io/kubernetes/pkg/apis/scheduling"
 	schedulingapiv1alpha1 "k8s.io/kubernetes/pkg/apis/scheduling/v1alpha1"
+	schedulingclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/scheduling/internalversion"
 	priorityclassstore "k8s.io/kubernetes/pkg/registry/scheduling/priorityclass/storage"
 )
 
+const PostStartHookName = "scheduling/bootstrap-system-priority-classes"
+
 type RESTStorageProvider struct{}
 
+var _ genericapiserver.PostStartHookProvider = RESTStorageProvider{}
+
 func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, bool) {
 	apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(scheduling.GroupName, legacyscheme.Registry, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs)
 
@@ -49,6 +63,64 @@ func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstora
 	return storage
 }
 
+func (p RESTStorageProvider) PostStartHook() (string, genericapiserver.PostStartHookFunc, error) {
+	return PostStartHookName, AddSystemPriorityClasses(), nil
+}
+
+func AddSystemPriorityClasses() genericapiserver.PostStartHookFunc {
+	priorityClasses := []*scheduling.PriorityClass{
+		{
+			ObjectMeta: metav1.ObjectMeta{
+				Name: scheduling.SystemNodeCritical,
+			},
+			Value:       scheduling.SystemCriticalPriority + 1000,
+			Description: "Used for system critical pods that must not be moved from their current node.",
+		},
+		{
+			ObjectMeta: metav1.ObjectMeta{
+				Name: scheduling.SystemClusterCritical,
+			},
+			Value:       scheduling.SystemCriticalPriority,
+			Description: "Used for system critical pods that must run in the cluster, but can be moved to another node if necessary.",
+		},
+	}
+	return func(hookContext genericapiserver.PostStartHookContext) error {
+		// Adding system priority classes is important. If they fail to add, many critical system
+		// components may fail and cluster may break.
+		err := wait.Poll(1*time.Second, 30*time.Second, func() (done bool, err error) {
+			schedClientSet, err := schedulingclient.NewForConfig(hookContext.LoopbackClientConfig)
+			if err != nil {
+				utilruntime.HandleError(fmt.Errorf("unable to initialize client: %v", err))
+				return false, nil
+			}
+
+			for _, pc := range priorityClasses {
+				_, err := schedClientSet.PriorityClasses().Get(pc.Name, metav1.GetOptions{})
+				if err != nil {
+					if apierrors.IsNotFound(err) {
+						_, err := schedClientSet.PriorityClasses().Create(pc)
+						if err != nil {
+							return false, err
+						} else {
+							glog.Infof("created PriorityClass %s with value %v", pc.Name, pc.Value)
+						}
+					} else {
+						// Unable to get the priority class for reasons other than "not found".
+						return false, err
+					}
+				}
+			}
+			glog.Infof("all system priority classes are created successfully.")
+			return true, nil
+		})
+		// if we're never able to make it through initialization, kill the API server.
+		if err != nil {
+			return fmt.Errorf("unable to add default system priority classes: %v", err)
+		}
+		return nil
+	}
+}
+
 func (p RESTStorageProvider) GroupName() string {
 	return scheduling.GroupName
 }