Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
K
k3s
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Jacklull
k3s
Commits
eccbd992
Commit
eccbd992
authored
Mar 22, 2017
by
Avesh Agarwal
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add validation for taints annotations.
parent
ff4c1d80
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
39 additions
and
0 deletions
+39
-0
helpers.go
pkg/api/helpers.go
+17
-0
validation.go
pkg/api/validation/validation.go
+22
-0
No files found.
pkg/api/helpers.go
View file @
eccbd992
...
@@ -434,6 +434,10 @@ const (
...
@@ -434,6 +434,10 @@ const (
// in the Annotations of a Pod.
// in the Annotations of a Pod.
TolerationsAnnotationKey
string
=
"scheduler.alpha.kubernetes.io/tolerations"
TolerationsAnnotationKey
string
=
"scheduler.alpha.kubernetes.io/tolerations"
// TaintsAnnotationKey represents the key of taints data (json serialized)
// in the Annotations of a Node.
TaintsAnnotationKey
string
=
"scheduler.alpha.kubernetes.io/taints"
// SeccompPodAnnotationKey represents the key of a seccomp profile applied
// SeccompPodAnnotationKey represents the key of a seccomp profile applied
// to all containers of a pod.
// to all containers of a pod.
SeccompPodAnnotationKey
string
=
"seccomp.security.alpha.kubernetes.io/pod"
SeccompPodAnnotationKey
string
=
"seccomp.security.alpha.kubernetes.io/pod"
...
@@ -571,6 +575,19 @@ func (t *Taint) ToString() string {
...
@@ -571,6 +575,19 @@ func (t *Taint) ToString() string {
return
fmt
.
Sprintf
(
"%v=%v:%v"
,
t
.
Key
,
t
.
Value
,
t
.
Effect
)
return
fmt
.
Sprintf
(
"%v=%v:%v"
,
t
.
Key
,
t
.
Value
,
t
.
Effect
)
}
}
// GetTaintsFromNodeAnnotations gets the json serialized taints data from Pod.Annotations
// and converts it to the []Taint type in api.
func
GetTaintsFromNodeAnnotations
(
annotations
map
[
string
]
string
)
([]
Taint
,
error
)
{
var
taints
[]
Taint
if
len
(
annotations
)
>
0
&&
annotations
[
TaintsAnnotationKey
]
!=
""
{
err
:=
json
.
Unmarshal
([]
byte
(
annotations
[
TaintsAnnotationKey
]),
&
taints
)
if
err
!=
nil
{
return
[]
Taint
{},
err
}
}
return
taints
,
nil
}
// SysctlsFromPodAnnotations parses the sysctl annotations into a slice of safe Sysctls
// SysctlsFromPodAnnotations parses the sysctl annotations into a slice of safe Sysctls
// and a slice of unsafe Sysctls. This is only a convenience wrapper around
// and a slice of unsafe Sysctls. This is only a convenience wrapper around
// SysctlsFromPodAnnotation.
// SysctlsFromPodAnnotation.
...
...
pkg/api/validation/validation.go
View file @
eccbd992
...
@@ -2949,6 +2949,23 @@ func ValidateReadOnlyPersistentDisks(volumes []api.Volume, fldPath *field.Path)
...
@@ -2949,6 +2949,23 @@ func ValidateReadOnlyPersistentDisks(volumes []api.Volume, fldPath *field.Path)
return
allErrs
return
allErrs
}
}
// ValidateTaintsInNodeAnnotations tests that the serialized taints in Node.Annotations has valid data
func
ValidateTaintsInNodeAnnotations
(
annotations
map
[
string
]
string
,
fldPath
*
field
.
Path
)
field
.
ErrorList
{
allErrs
:=
field
.
ErrorList
{}
taints
,
err
:=
api
.
GetTaintsFromNodeAnnotations
(
annotations
)
if
err
!=
nil
{
allErrs
=
append
(
allErrs
,
field
.
Invalid
(
fldPath
,
api
.
TaintsAnnotationKey
,
err
.
Error
()))
return
allErrs
}
if
len
(
taints
)
>
0
{
allErrs
=
append
(
allErrs
,
validateNodeTaints
(
taints
,
fldPath
.
Child
(
api
.
TaintsAnnotationKey
))
...
)
}
return
allErrs
}
// validateNodeTaints tests if given taints have valid data.
// validateNodeTaints tests if given taints have valid data.
func
validateNodeTaints
(
taints
[]
api
.
Taint
,
fldPath
*
field
.
Path
)
field
.
ErrorList
{
func
validateNodeTaints
(
taints
[]
api
.
Taint
,
fldPath
*
field
.
Path
)
field
.
ErrorList
{
allErrors
:=
field
.
ErrorList
{}
allErrors
:=
field
.
ErrorList
{}
...
@@ -2985,6 +3002,11 @@ func validateNodeTaints(taints []api.Taint, fldPath *field.Path) field.ErrorList
...
@@ -2985,6 +3002,11 @@ func validateNodeTaints(taints []api.Taint, fldPath *field.Path) field.ErrorList
func
ValidateNodeSpecificAnnotations
(
annotations
map
[
string
]
string
,
fldPath
*
field
.
Path
)
field
.
ErrorList
{
func
ValidateNodeSpecificAnnotations
(
annotations
map
[
string
]
string
,
fldPath
*
field
.
Path
)
field
.
ErrorList
{
allErrs
:=
field
.
ErrorList
{}
allErrs
:=
field
.
ErrorList
{}
if
annotations
[
api
.
TaintsAnnotationKey
]
!=
""
{
allErrs
=
append
(
allErrs
,
ValidateTaintsInNodeAnnotations
(
annotations
,
fldPath
)
...
)
}
if
annotations
[
api
.
PreferAvoidPodsAnnotationKey
]
!=
""
{
if
annotations
[
api
.
PreferAvoidPodsAnnotationKey
]
!=
""
{
allErrs
=
append
(
allErrs
,
ValidateAvoidPodsInNodeAnnotations
(
annotations
,
fldPath
)
...
)
allErrs
=
append
(
allErrs
,
ValidateAvoidPodsInNodeAnnotations
(
annotations
,
fldPath
)
...
)
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment