Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UPSTREAM: Do not mutate pods on update that are scheduled #15190

Merged
merged 1 commit into from
Jul 16, 2017
Merged

UPSTREAM: Do not mutate pods on update that are scheduled #15190

merged 1 commit into from
Jul 16, 2017

Conversation

smarterclayton
Copy link
Contributor

That is an illegal operation in validation, which means these cannot be turned on after a cluster is already running.

[test] @deads2k

Fixes #15188

Will update commit with correct upstream shortly

@smarterclayton smarterclayton mentioned this pull request Jul 13, 2017
Closed
liggitt
liggitt reviewed Jul 13, 2017
View reviewed changes
vendor/k8s.io/kubernetes/plugin/pkg/admission/alwayspullimages/admission.go Outdated
@@ -53,7 +55,11 @@ func (a *alwaysPullImages) Admit(attributes admission.Attributes) (err error) {
if !ok {
return apierrors.NewBadRequest("Resource was marked with kind Pod but was unable to be converted")
}

// already scheduled pods cannot be mutated
if attributes.GetOperation() == admission.Update && len(pod.Spec.NodeName) != 0 {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't know why this plugin is looking at update at all... ImagePullPolicy is never mutable

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll remove it.

@smarterclayton smarterclayton force-pushed the fail_mutation branch 3 times, most recently from d6e21cc to c9a6d22 Compare July 14, 2017 03:16
liggitt
liggitt reviewed Jul 14, 2017
View reviewed changes
vendor/k8s.io/kubernetes/plugin/pkg/admission/defaulttolerationseconds/admission.go Outdated
@@ -75,6 +77,12 @@ func (p *plugin) Admit(attributes admission.Attributes) (err error) {
return errors.NewBadRequest(fmt.Sprintf("expected *api.Pod but got %T", attributes.GetObject()))
}

// already scheduled pods cannot be mutated
if attributes.GetOperation() == admission.Update {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why not just remove Update from Handler: admission.NewHandler(admission.Create, admission.Update)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tolerations are mutable post create

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

crap, they're only addable.... GRRRRRRRRRRR

@openshift-bot
Copy link
Contributor

Evaluated for origin test up to 43e60df

@smarterclayton
Copy link
Contributor Author

Stripped down to the minimal change to prevent alwayspullimages for 3.6, and will deal with defaulttolerationseconds upstream and later.

@liggitt
Copy link
Contributor

liggitt commented Jul 15, 2017

LGTM

@openshift-bot
Copy link
Contributor

continuous-integration/openshift-jenkins/test SUCCESS (https://ci.openshift.redhat.com/jenkins/job/test_pull_request_origin/3183/) (Base Commit: e1d18a3) (PR Branch Commit: 43e60df)

@smarterclayton
Copy link
Contributor Author

[merge]

@openshift-bot
Copy link
Contributor

openshift-bot commented Jul 16, 2017
edited
Loading

continuous-integration/openshift-jenkins/merge Waiting: You are in the build queue at position: 1

@openshift-bot
Copy link
Contributor

Evaluated for origin merge up to 43e60df

@openshift-bot openshift-bot merged commit 9dd6aa8 into openshift:master Jul 16, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@liggitt liggitt liggitt left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@smarterclayton @openshift-bot @liggitt