Merge pull request #125277 from iholder101/swap/skip_critical_pods

[KEP-2400]: Restrict access to swap for containers in high priority Pods
2024-07-22 11:45:48 -07:00
parent 887def08b6 a6df16af85
commit f458a749e7
3 changed files with 37 additions and 1 deletions
--- a/test/e2e_node/swap_test.go
+++ b/test/e2e_node/swap_test.go
@@ -84,6 +84,19 @@ var _ = SIGDescribe("Swap", "[LinuxOnly]", nodefeature.Swap, framework.WithSeria
 			ginkgo.Entry("QOS Burstable with memory request equals to limit", v1.PodQOSBurstable, true),
 			ginkgo.Entry("QOS Guaranteed", v1.PodQOSGuaranteed, false),
 		)
+
+		ginkgo.It("with a critical pod - should avoid swap", func() {
+			ginkgo.By("Creating a critical pod")
+			const memoryRequestEqualLimit = false
+			pod := getSwapTestPod(f, v1.PodQOSBurstable, memoryRequestEqualLimit)
+			pod.Spec.PriorityClassName = "system-node-critical"
+
+			pod = runPodAndWaitUntilScheduled(f, pod)
+			gomega.Expect(types.IsCriticalPod(pod)).To(gomega.BeTrueBecause("pod should be critical"))
+
+			ginkgo.By("expecting pod to not have swap access")
+			expectNoSwap(f, pod)
+		})
 	})

 	f.Context(framework.WithSerial(), func() {