299ecde5cc
Dynamic resource allocation is similar to storage in the sense that users create ResourceClaim objects to request resources, same as with persistent volume claims. The actual resource usage is only known when allocating claims, but some limits can already be enforced at admission time: - "count/resourceclaims.resource.k8s.io" limits the number of ResourceClaim objects in a namespace; this is a generic feature that is already supported also without this commit. - "resourceclaims" is *not* an alias - use "count/resourceclaims.resource.k8s.io" instead. - <device-class-name>.deviceclass.resource.k8s.io/devices limits the number of ResourceClaim objects in a namespace such that the number of devices requested through those objects with that class does not exceed the limit. A single request may cause the allocation of multiple devices. For exact counts, the quota limit is based on the sum of those exact counts. For requests asking for "all" matching devices, the maximum number of allocated devices per claim is used as a worst-case upper bound. Requests asking for "admin access" contribute to the quota. DRA quota: remove admin mode exception
test/e2e
This is home to e2e tests used for presubmit, periodic, and postsubmit jobs.
Some of these jobs are merge-blocking, some are release-blocking.
e2e test ownership
All e2e tests must adhere to the following policies:
- the test must be owned by one and only one SIG
- the test must live in/underneath a sig-owned package matching pattern:
test/e2e/[{subpath}/]{sig}/..., e.g.test/e2e/auth- all tests owned by sig-authtest/e2e/common/storage- all testscommonto cluster-level and node-level e2e tests, owned by sig-nodetest/e2e/upgrade/apps- all tests used inupgradetesting, owned by sig-apps
- each sig-owned package should have an OWNERS file defining relevant approvers and labels for the owning sig, e.g.
# test/e2e/node/OWNERS
# See the OWNERS docs at https://go.k8s.io/owners
approvers:
- alice
- bob
- cynthia
emeritus_approvers:
- dave
reviewers:
- sig-node-reviewers
labels:
- sig/node
- packages that use
{subpath}should have animports.gofile importing sig-owned packages (for ginkgo's benefit), e.g.
// test/e2e/common/imports.go
package common
import (
// ensure these packages are scanned by ginkgo for e2e tests
_ "k8s.io/kubernetes/test/e2e/common/network"
_ "k8s.io/kubernetes/test/e2e/common/node"
_ "k8s.io/kubernetes/test/e2e/common/storage"
)
- test ownership must be declared via a top-level SIGDescribe call defined in the sig-owned package, e.g.
// test/e2e/lifecycle/framework.go
package lifecycle
import "k8s.io/kubernetes/test/e2e/framework"
// SIGDescribe annotates the test with the SIG label.
var SIGDescribe = framework.SIGDescribe("cluster-lifecycle")
// test/e2e/lifecycle/bootstrap/bootstrap_signer.go
package bootstrap
import (
"github.com/onsi/ginkgo"
"k8s.io/kubernetes/test/e2e/lifecycle"
)
var _ = lifecycle.SIGDescribe("cluster", feature.BootstrapTokens, func() {
/* ... */
ginkgo.It("should sign the new added bootstrap tokens", func(ctx context.Context) {
/* ... */
})
/* etc */
})
These polices are enforced:
- via the merge-blocking presubmit job
pull-kubernetes-verify - which ends up running
hack/verify-e2e-test-ownership.sh - which can also be run via
make verify WHAT=e2e-test-ownership