KEP-3619: Wiring up from RuntimeFeatures.SupplementalGroupsPolicy(CRI) to NodeFeatures.SupplementalGroupsPolicy(API)
KEP-3619: fix typos in pkg/kubelet/container/runtime.go
This commit is contained in:
Shingo Omura
@@ -556,6 +556,8 @@ type RuntimeStatus struct {
|
|||||||
Conditions []RuntimeCondition
|
Conditions []RuntimeCondition
|
||||||
// Handlers is an array of current available handlers
|
// Handlers is an array of current available handlers
|
||||||
Handlers []RuntimeHandler
|
Handlers []RuntimeHandler
|
||||||
|
// Features is the set of features implemented by the runtime
|
||||||
|
Features *RuntimeFeatures
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetRuntimeCondition gets a specified runtime condition from the runtime status.
|
// GetRuntimeCondition gets a specified runtime condition from the runtime status.
|
||||||
@@ -579,7 +581,7 @@ func (r *RuntimeStatus) String() string {
|
|||||||
for _, h := range r.Handlers {
|
for _, h := range r.Handlers {
|
||||||
sh = append(sh, h.String())
|
sh = append(sh, h.String())
|
||||||
}
|
}
|
||||||
return fmt.Sprintf("Runtime Conditions: %s; Handlers: %s", strings.Join(ss, ", "), strings.Join(sh, ", "))
|
return fmt.Sprintf("Runtime Conditions: %s; Handlers: %s, Features: %s", strings.Join(ss, ", "), strings.Join(sh, ", "), r.Features.String())
|
||||||
}
|
}
|
||||||
|
|
||||||
// RuntimeHandler contains condition information for the runtime handler.
|
// RuntimeHandler contains condition information for the runtime handler.
|
||||||
@@ -617,6 +619,19 @@ func (c *RuntimeCondition) String() string {
|
|||||||
return fmt.Sprintf("%s=%t reason:%s message:%s", c.Type, c.Status, c.Reason, c.Message)
|
return fmt.Sprintf("%s=%t reason:%s message:%s", c.Type, c.Status, c.Reason, c.Message)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// RuntimeFeatures contains the set of features implemented by the runtime
|
||||||
|
type RuntimeFeatures struct {
|
||||||
|
SupplementalGroupsPolicy bool
|
||||||
|
}
|
||||||
|
|
||||||
|
// String formats the runtime condition into a human readable string.
|
||||||
|
func (f *RuntimeFeatures) String() string {
|
||||||
|
if f == nil {
|
||||||
|
return "nil"
|
||||||
|
}
|
||||||
|
return fmt.Sprintf("SupplementalGroupsPolicy: %v", f.SupplementalGroupsPolicy)
|
||||||
|
}
|
||||||
|
|
||||||
// Pods represents the list of pods
|
// Pods represents the list of pods
|
||||||
type Pods []*Pod
|
type Pods []*Pod
|
||||||
|
|
||||||
|
|||||||
@@ -2883,6 +2883,7 @@ func (kl *Kubelet) updateRuntimeUp() {
|
|||||||
|
|
||||||
kl.runtimeState.setRuntimeState(nil)
|
kl.runtimeState.setRuntimeState(nil)
|
||||||
kl.runtimeState.setRuntimeHandlers(s.Handlers)
|
kl.runtimeState.setRuntimeHandlers(s.Handlers)
|
||||||
|
kl.runtimeState.setRuntimeFeatures(s.Features)
|
||||||
kl.oneTimeInitializer.Do(kl.initializeRuntimeDependentModules)
|
kl.oneTimeInitializer.Do(kl.initializeRuntimeDependentModules)
|
||||||
kl.runtimeState.setRuntimeSync(kl.clock.Now())
|
kl.runtimeState.setRuntimeSync(kl.clock.Now())
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -737,6 +737,7 @@ func (kl *Kubelet) defaultNodeStatusFuncs() []func(context.Context, *v1.Node) er
|
|||||||
nodestatus.Images(kl.nodeStatusMaxImages, kl.imageManager.GetImageList),
|
nodestatus.Images(kl.nodeStatusMaxImages, kl.imageManager.GetImageList),
|
||||||
nodestatus.GoRuntime(),
|
nodestatus.GoRuntime(),
|
||||||
nodestatus.RuntimeHandlers(kl.runtimeState.runtimeHandlers),
|
nodestatus.RuntimeHandlers(kl.runtimeState.runtimeHandlers),
|
||||||
|
nodestatus.NodeFeatures(kl.runtimeState.runtimeFeatures),
|
||||||
)
|
)
|
||||||
|
|
||||||
setters = append(setters,
|
setters = append(setters,
|
||||||
|
|||||||
@@ -208,7 +208,7 @@ func parsePodUIDFromLogsDirectory(name string) types.UID {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// toKubeRuntimeStatus converts the runtimeapi.RuntimeStatus to kubecontainer.RuntimeStatus.
|
// toKubeRuntimeStatus converts the runtimeapi.RuntimeStatus to kubecontainer.RuntimeStatus.
|
||||||
func toKubeRuntimeStatus(status *runtimeapi.RuntimeStatus, handlers []*runtimeapi.RuntimeHandler) *kubecontainer.RuntimeStatus {
|
func toKubeRuntimeStatus(status *runtimeapi.RuntimeStatus, handlers []*runtimeapi.RuntimeHandler, features *runtimeapi.RuntimeFeatures) *kubecontainer.RuntimeStatus {
|
||||||
conditions := []kubecontainer.RuntimeCondition{}
|
conditions := []kubecontainer.RuntimeCondition{}
|
||||||
for _, c := range status.GetConditions() {
|
for _, c := range status.GetConditions() {
|
||||||
conditions = append(conditions, kubecontainer.RuntimeCondition{
|
conditions = append(conditions, kubecontainer.RuntimeCondition{
|
||||||
@@ -232,7 +232,13 @@ func toKubeRuntimeStatus(status *runtimeapi.RuntimeStatus, handlers []*runtimeap
|
|||||||
SupportsUserNamespaces: supportsUserns,
|
SupportsUserNamespaces: supportsUserns,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return &kubecontainer.RuntimeStatus{Conditions: conditions, Handlers: retHandlers}
|
var retFeatures *kubecontainer.RuntimeFeatures
|
||||||
|
if features != nil {
|
||||||
|
retFeatures = &kubecontainer.RuntimeFeatures{
|
||||||
|
SupplementalGroupsPolicy: features.SupplementalGroupsPolicy,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return &kubecontainer.RuntimeStatus{Conditions: conditions, Handlers: retHandlers, Features: retFeatures}
|
||||||
}
|
}
|
||||||
|
|
||||||
func fieldSeccompProfile(scmp *v1.SeccompProfile, profileRootPath string, fallbackToRuntimeDefault bool) (*runtimeapi.SecurityProfile, error) {
|
func fieldSeccompProfile(scmp *v1.SeccompProfile, profileRootPath string, fallbackToRuntimeDefault bool) (*runtimeapi.SecurityProfile, error) {
|
||||||
|
|||||||
@@ -347,7 +347,7 @@ func (m *kubeGenericRuntimeManager) Status(ctx context.Context) (*kubecontainer.
|
|||||||
if resp.GetStatus() == nil {
|
if resp.GetStatus() == nil {
|
||||||
return nil, errors.New("runtime status is nil")
|
return nil, errors.New("runtime status is nil")
|
||||||
}
|
}
|
||||||
return toKubeRuntimeStatus(resp.GetStatus(), resp.GetRuntimeHandlers()), nil
|
return toKubeRuntimeStatus(resp.GetStatus(), resp.GetRuntimeHandlers(), resp.GetFeatures()), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetPods returns a list of containers grouped by pods. The boolean parameter
|
// GetPods returns a list of containers grouped by pods. The boolean parameter
|
||||||
|
|||||||
@@ -482,6 +482,23 @@ func GoRuntime() Setter {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NodeFeatures returns a Setter that sets NodeFeatures on the node.
|
||||||
|
func NodeFeatures(featuresGetter func() *kubecontainer.RuntimeFeatures) Setter {
|
||||||
|
return func(ctx context.Context, node *v1.Node) error {
|
||||||
|
if !utilfeature.DefaultFeatureGate.Enabled(features.SupplementalGroupsPolicy) {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
features := featuresGetter()
|
||||||
|
if features == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
node.Status.Features = &v1.NodeFeatures{
|
||||||
|
SupplementalGroupsPolicy: &features.SupplementalGroupsPolicy,
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// RuntimeHandlers returns a Setter that sets RuntimeHandlers on the node.
|
// RuntimeHandlers returns a Setter that sets RuntimeHandlers on the node.
|
||||||
func RuntimeHandlers(fn func() []kubecontainer.RuntimeHandler) Setter {
|
func RuntimeHandlers(fn func() []kubecontainer.RuntimeHandler) Setter {
|
||||||
return func(ctx context.Context, node *v1.Node) error {
|
return func(ctx context.Context, node *v1.Node) error {
|
||||||
|
|||||||
@@ -36,6 +36,7 @@ type runtimeState struct {
|
|||||||
cidr string
|
cidr string
|
||||||
healthChecks []*healthCheck
|
healthChecks []*healthCheck
|
||||||
rtHandlers []kubecontainer.RuntimeHandler
|
rtHandlers []kubecontainer.RuntimeHandler
|
||||||
|
rtFeatures *kubecontainer.RuntimeFeatures
|
||||||
}
|
}
|
||||||
|
|
||||||
// A health check function should be efficient and not rely on external
|
// A health check function should be efficient and not rely on external
|
||||||
@@ -83,6 +84,18 @@ func (s *runtimeState) runtimeHandlers() []kubecontainer.RuntimeHandler {
|
|||||||
return s.rtHandlers
|
return s.rtHandlers
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *runtimeState) setRuntimeFeatures(features *kubecontainer.RuntimeFeatures) {
|
||||||
|
s.Lock()
|
||||||
|
defer s.Unlock()
|
||||||
|
s.rtFeatures = features
|
||||||
|
}
|
||||||
|
|
||||||
|
func (s *runtimeState) runtimeFeatures() *kubecontainer.RuntimeFeatures {
|
||||||
|
s.RLock()
|
||||||
|
defer s.RUnlock()
|
||||||
|
return s.rtFeatures
|
||||||
|
}
|
||||||
|
|
||||||
func (s *runtimeState) setStorageState(err error) {
|
func (s *runtimeState) setStorageState(err error) {
|
||||||
s.Lock()
|
s.Lock()
|
||||||
defer s.Unlock()
|
defer s.Unlock()
|
||||||
|
|||||||
@@ -106,6 +106,10 @@ func dropDisabledFields(node *api.Node, oldNode *api.Node) {
|
|||||||
if !utilfeature.DefaultFeatureGate.Enabled(features.RecursiveReadOnlyMounts) && !utilfeature.DefaultFeatureGate.Enabled(features.UserNamespacesSupport) {
|
if !utilfeature.DefaultFeatureGate.Enabled(features.RecursiveReadOnlyMounts) && !utilfeature.DefaultFeatureGate.Enabled(features.UserNamespacesSupport) {
|
||||||
node.Status.RuntimeHandlers = nil
|
node.Status.RuntimeHandlers = nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !utilfeature.DefaultFeatureGate.Enabled(features.SupplementalGroupsPolicy) {
|
||||||
|
node.Status.Features = nil
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// nodeConfigSourceInUse returns true if node's Spec ConfigSource is set(used)
|
// nodeConfigSourceInUse returns true if node's Spec ConfigSource is set(used)
|
||||||
|
|||||||
Reference in New Issue
Block a user