From d47a0b2fc0db4e98300700d1a569d683256f619c Mon Sep 17 00:00:00 2001 From: Jacob LeGrone Date: Tue, 14 Aug 2018 11:57:22 -0400 Subject: [PATCH 1/2] Add default provider taint and taint configuration options This allows for more specificity when setting taint tolerations for workloads. Three new env variables are introduced: VKUBELET_TAINT_KEY (defaults to `virtual-kubelet.io/provider`) VKUBELET_TAINT_VALUE (defaults to provider name) VKUBELET_TAINT_EFFECT (defaults to `NoSchedule`) BREAKING CHANGES: - The default taint key of `azure.com/aci` is now `virtual-kubelet.io/provider`. - Specifying a custom taint key is now done via an environment variable rather than the `--taint` command line flag. --- charts/virtual-kubelet-0.3.0.tgz | Bin 0 -> 3280 bytes charts/virtual-kubelet-latest.tgz | Bin 2609 -> 3280 bytes charts/virtual-kubelet/Chart.yaml | 2 +- .../virtual-kubelet/templates/deployment.yaml | 12 ++++- .../templates/tests/helloworld.yaml | 7 ++- charts/virtual-kubelet/values.yaml | 8 +++- cmd/root.go | 6 +-- examples/busyecho.yaml | 4 +- examples/iis-pod.yaml | 4 +- examples/nanoserver.yaml | 4 +- examples/nginx-pod.yaml | 4 +- examples/pause.yaml | 4 +- providers/azure/README.md | 6 ++- vkubelet/vkubelet.go | 42 +++++++++++++++--- 14 files changed, 75 insertions(+), 28 deletions(-) create mode 100644 charts/virtual-kubelet-0.3.0.tgz diff --git a/charts/virtual-kubelet-0.3.0.tgz b/charts/virtual-kubelet-0.3.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..084e0f1a6b4fc1b920055baa4943964a1375505f GIT binary patch literal 3280 zcmV;>3@`H^iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH(!Z`-)C`&qwYpxp(UgIIp#(F*|!T-SBGL9$6;JH0q(dy&x6 z*ycteRg!Y*&E~&fka|Cyq)nT>3xr>yki+3{H1CnuRH&E)o$Gjx0jln3MTBxTBn*D| zW~0~Z^mT6TQE<X-Y63=%~jP)N#| z3wF=hvn?N`CupS1)DV8fAOufK1t<=bNkxJHQn7(lZ1gHvm> z1}^*&vp*>Q`QIV+1ebhawpjp-gy_PA&*v23KP$qPRx(u+aZB=8cxX^&G$o{%^Xm#x z-@VSb)pPcop7nRXzo(AIbx9DT{I&+*0sSBJ1_yQh-{0%M=>KyJ8j>Zt7J$HrORBio zxR9$>L;3*}S-KDqg;M_)#X)e+1L|#D7zQ_FBQ5L4AK@wzd`*26S0GnB4t$s+aE8Da zKyKtNkUwLA>7O}K-f9<6d5+^)*-jTM#(g|BDs0#2u+7?;oNXe#dO}(J*|tK?^aaq@ zn`A^hy=Ge^q7ua##R!FRq4@t8H!fI~HZe-G02!GF=)0gqj26JPUay^;S}lk2ZbqpE zV6?^s`}P)`4~Yh4t8jN`TL79VxLBa4t{{x1(hRvepspsbu@Qs2RFR6m#_r)aFUz7Nm^_!tFzL)lVK4mD)iUQbc1sfX}t zcs$+N1+G>oZm2|9kU*kAsfbvj8Xiw`9szg(MW&8?7fSyotTkJZk{^z&Ps+kEiL~LS#xBoOOKZQ8~W! z|9~$EBf&;dPbO?D$w6^(fEzBZjZ7WAO}CcjQc3#pM>t9yjI8ZQoGaP~70ZMb9 zIb}X&OKFKY@$`AAL(Taqlb0~`JRUQ3+Umdz!wg~)QAiz?rZX zh7K@NhRoBa>4^z0+{{;Zh#yk+k9TS>{aEynw zZf`r<#l2!&y#^W!J3^+brb**q1w|ZNPVquT+fGN z_;ofrhk#0j421*30{Vt%E;1BErQjPLJ1|?(@_Y_XrNJ*_s6?j1Z`}?o^HT^$4cs+R0|K}LDx7~linuab&RIs1{ zs!fEy=n$27D|F#s-Mc$WLs{d`k=7oyLX&IjSYAJy+JIxFa2@b*L0MTrJH>(tiJYXy zq;);lLJfJgMj@z=@RtsTmNE=gtU=BZ4^j;#v%@a4Sb48 zKo=B!AW>w9cC7!w1iOJ(FxWR2kT6GcXBuo4xUt1c)8zBCbNKtrlESBKSFmtV~{ zh7E5|ry5opO&OuL)6Nl1SCuP2nFHKk9?za^XCx?73$TBdou8#$HKHlnFX!Y`5#|%& zLqO&jNMnaq7=$3wU|P1`D}hdsCeJ#!U7?^#=a)%llo6OE8cAj(lGz%JxkLuArfGqy z3^7TkQz#>bDM*QfrNyGoRluZkDHw?&7q)wu3cLPp#r;NOyZui+y-pF*tmSK~LJ!7& zhkI4~Kj`=N_FwG(bBx;IAt<=s-* zBLT{{8O6G$%y+XSbixCClgN`5q9Q&~#LdgMb>%DUWvYNcnHR)<)#^C#7f|LSQ!vnA zGM@i|o-!rgZRft|t|C9-!6F>*x)2Zu5aGitJHCR7zouVkk4SZkGx zq@-UdMw=<8DDlJHo!eMeWSPc6B|PV)0)JyiQT;EUk8E9VEu;PT;?4MEJi9zUo6PdX zqHx~t4GwyCW7qKfXgZ#J7*8%o`jn4)NqZ!eF|>)7529=fGTNRo=waWv+&?6@EmQL%I)?w1fY4x9~-PG|Zm%^Q?n znQ3!4*I0R1TX20Co?MJuv8gDiVKi&-(<88s-@O};THbzx$fV1WMci}&_^H`fu}!PP z&Y*6nS~Y;AV}MGSoN~e6Nh|$rw4a>4zZ{+pPyRhS8ci>U7qef#R8T4>{UJFk*Kaa% z@{URy4a3p&ax@vg9iPsQh9?i5PdwQ**G&# zm|nb@jwVOvnvkt%s$HJ#$VMke<9n#dT1yWin2tx2aYM42DwmkzW8Ac;-9t9EBH_s} z4Z?)TslnXx29GW$ipzMPh-)LJY?IS8z%8AZ%$z8Blw(u6Waw*d z8^$miz^i~tRk~zO&`!cf&2D45vRvE9$oz00nU~;p3_b&sX3kBJ<0L7q#;g^LpJJ}C zT{4=uw*Z$8gA4ydvHl?lyX=^Ji}Of5aB zvKT(vSwdN2a6X%yUtOu@vDLLKRj$qwPti5LrNTJy&6xQSr%YXlAc4!iI1l)eGAIAg zma~8|G#{WRc(QiuZ-kL0imiA;vu>*NNnlf;sFCtskZ6@9QyJO$2k?5)xuMMGH_~CK zQXKMA@LPUDg9vTA=i024HYWR)Bna@H>!<4tn#1jfwcOa_0&7HrR*YPJemj~@k51p) zMJZwDo>k*V+Lo(g&<>M{!_Ia&y)Uc$yZrxs@t=uxNfPTmB@TS3|2x>P^?wGv{{Bn+ z_blV_{ohh_Sm~vHuPE_5H9TKNWo*}fg;L4x3WI>(a1r=lZvh_A|Nh>fU)TTr{k<3c ze~!_r;pg0MQR}wvvpQS8$m(e6vA?qUoBp<_(S@~F7=(^obyu8U+X-Ap#-4{#=AGhd z`?QmFLya7Fj3B#7)dbpFoat|vAnykh@^2>dui&!Mj1G*oq7JK_}A=9f*1 z2Pm?aP^;RtRBSs*PsHBRcT6r;`nA-3?ZgB)`^8feW!@#U|33s$FXLsrjF<5b8~+yo O0RR8S4LS(`LI402o?8C^ literal 0 HcmV?d00001 diff --git a/charts/virtual-kubelet-latest.tgz b/charts/virtual-kubelet-latest.tgz index 7ec58eb1f08d1b3da95dab0c889b1cd65414e704..084e0f1a6b4fc1b920055baa4943964a1375505f 100644 GIT binary patch delta 3253 zcmV;m3`+B{6wn!vJAXTCZ`-)C`&qwYpxp(UgIIp#(F*|!T-SBGL9$6;JH0q(dy&x6 z*ycteRg!Y*&E~&fka|Cyq)nT>3xr>yki+3{H1CnuRH&E)o$Gjx0jln3MTBxTBn*D| zW~0~Z^mT6TQE<(FB~`0<9!nG+X9}5eJRWxA?%w|3px56YSRtWI5z0_V*XjU< zga$7B5wkxi{(t%3A@u~8d||d(0E~p_!i3M~6yZNB!j@JtRTFVb@>qCiP-ZkGq?q&T z3Q^y^&bZZc_MD#ecfY@dIK5TpFI2H*kxAM^$Xb^YJp>%Zv#a|{}iCAt=Xz=%t# zxY)Rmt5!q$0Tfxf5Dwm`|;VKe*O??zsAXhvNe3&C} zhQJpj^kL_P8Tf3eLOWPY}e?p&DxoqZ6dvTLRtLTwnEPI z1<==pspsbu@Qs2RFR6m#_r)aFUz7Nm^_!tFzL)lVK4mD)iUQbc1 zsfX}tcs$+N1+G>oZm2|9kU*kAsfbvj8Xiw`9)AIN0Y#>cd>2apCag7Ekde}|jOV#~ z$tN{)h({-wnCAC_$I%rK=BLw3%GnhVfgtcxOa=PDS+Icx7r;2{43DSj-9lta8k}`} z=}|ep^#6b_2_wNqQBNjpE6G7|aex~xu8m9`y-l~4=2A)e@kcmH9pqbFkT_5Fj9uh)2Hc)2`=2sS9gdXQudE`YA@r_qwfC|hLN%E-P5z#cd9w3 z6#pN-uE+leuX`{4|5?Uth0S1I!V;Czet#mds>a^JhR31^>a7{qriU&zpjJdRkgSLV z&02;2E{K@9miDOe96c34r^7NA{fqXQ6AX|@baKZHcXyfwh`2AI6M#*kNJD1g3HJKh z(Ku{yjEA*uZ#&w>y<%MDJ{Z~Bsd)b#V}!TE9OGsO?(Qt>lq+<>nw?B_6aW#S+JDn1 zNPVquT+fGN_;ofrhk#0j421*30{Vt%E;1BErQjPLJ1|?(@_Y_XrNJ*_s6?j1Z`}?o^HT^$4cs+R0|K}LDx7~li znuab&RIs1{s!fEy=n$27D|F#s-G93~OG8=X&ym(1wL+6?>sVeto7#Y5rEneaaY0#G zK|95Q35lGf#-w#U*Fp_>wnibSkMNfchL{J3d*+db(|ECh=Y+J8Ky4IA ze#RmWf(?9%NkA7AeIQX}h<2?1!34X3S1{N&7mzSVkHiu|@~{#Wo2xD;27kUZ5oka| zsx?=K)moQd%{PV(Z%?NhRvS$jp|{h{5lvT>D?gb7++QBgo@{3%C{qitf0mt}rCl|m zDcUdRObmwtJZhyZ&y){YGQE{ZBo; zP7%_q z4ojTt|B?>n-BQ^j0m`=-#k!`X&C9oS<$o*eWvYNcnHR)< z)#^C#7f|LSQ!vnAGM@i|o-!rg)C#`WEEpB?Y^Jq=(Ns%+A_!Ua~+K5r+4mJs$u2OR-+#rWNUj;)-uCkIw7Z-U%MMrAbJViqvs5=C$m&AQe%ubRzDT z5H=2+4UbM|`hP0T8&N&Sb0}laD5n_T#Q?>sVJynG;8qFBe0I&y&I2O-hP9~ zq|1>-+;jo>so7VtO{>Gspl+yIHGrgJfJ&I0a>3t8EB$S>pPaqF9G(tO{yjSyO)rNR zvtPedP%0<=Avr78Z!&W7j!GL1!_o9|G#S4gpU#ekCw~u}PdwQ**G&#m|nb@jwVOvnvkt%s$HJ#$VMke<9n#dT1yWin2tx2aYM42 zDwmkzW8Ac;-9t9EBH_s}4Z?)TslnXx29GW$otMmJ_7uJ_^!B2WVb|hWMtWh@^xO&ZF7+T%6v%jjs|$I zlz+E%=kKkcm^X9}yKE@(`s4`x8mAbbr?@CCqq8xmxP(J_mrEA{%Hq#YDhO=P|4V7h z6LZW5^8dZVe!c&DxZgi~$^V~YRKFRqvTB(LX1-UhpD5c|L_Wo6Wtn@kd;3u5w$ZgU z?G%rI`wJ|QjfRcS#yTFcVejyuS3oljU4QDN)OX~E)Eg`r1`-%M(0?o*r`fA%FDsU@ z5554qBiG&+oS>8Blw(u6Waw*d8^$miz^i~tRk~zO&`!cf&2D45vRvE9$oz00nU~;p z3_b&sX3kBJ<0L7q#;g^LpJJ}CT{4=uw*Z$Z>5I~!gVQABBPIgl{jyYj(yjl%N2omPaJXL@JzNNxA z@XeU{5vNRDh#-N>zBmu~k}@a%(0`V*fHE{6peJ~;cI$71ktK?)ctW#os`N=B3zenNu?ZM)~%tduq;`<5gK@Sf|Z>kXR2 z?T5A8*y93gM1xk0Tz-B#nof^S-`hngVdtJz<44+-t76a&lZnI5b~(K-tAG5v{QrIN zpNVxz66-!C4t%KpJJ_%Fe+Iq&{!9G#EaUP0-%@l~>7{&=iF~m>$dN+I$OTT>S*b)zq0w8{d zui&!Mj1G*oq7JK_}A=9f*12Pm?aP^;RtRBSs*PsHBRcP>mWR{FKneeJ{q nIQzv@6J_2dwEsT@QZM6Wyo{Ie4;%j%00960#tk|N073u&Dy~?< delta 2577 zcmV+s3hwpL8L;szl59Pk*EUGISo5DaBV?$z+fyR7HzyJM z;n7O7*=)Yp-?x98&1Us)bNAq2`PvcxTPdY6My+bv-!0+)ye%$N{A|u zG}csb9|*ib7C~Un0B8Y}D@_=K?2tfqNK8Eq5eOV7Ba|F9DhODjG)m8j2<4hkj#Bwf z127_#`S3B}A1VI%?}!FcC^6PvAR-5VlL&q2i_wT8{4phb;-poTgXt)d$N(+mRO?vz z+uIYWr^(0wZGTsfakcjhrLt3OdM$6)`PQrc{gm3m5tg8OTmrbm{#&i)e%1c>c3y1k z|0xQM$OL@{Kw>Nu)k4mFSQ=@~jsP^7_`rxpW&Vp3#?Azz!Q6*Kc17mOK|V8h_YKWYag$BuJ$x3;BK>L_-z-uXzcz;znv36~!M1**1xg+~$XqagE zUr!C^aoR{?s!+~Qwo&SGO|DraxLFJg4Wf!kfWE`TgmA*RR<`{zDFc*njxuDKa80MqnIp`_THIOM$V76Uj_#9-yea8XY7-$BK2G1$~<@Ggq zePl=!ddrId77L>T#3EGCVBnHCHj=sNfIChYGaxQ_uvoZ`V^$fNLOZV?AGKIGfKI>P z>wo+3UL-&yLPV7^Yb5bgLM4Wf`gK4#XtSy-FAv6)p$Dcc;T};tXE>!Q+o}k;hAYY# zj1VXfL=-dB2npAefw>rsZcCNN6j^wq$}lA}gb^Z#Sc(}9F-$i;i9@1swXXnE^QcMU zi6kLHbxX}|ez0PVhC&Us)Bp0<_r3Fe7I`|Zx_e((G&?_oQn z&e6+XPbg15fBBvAP+Y0so*PHR%e;`6zgjQki%Vu5lvwyZM z$=ob+jPosvb}F=S(}pJlxWqZcgi0{I@@_$!}+ zcfJ3b&ArO~f3SbBv$_ADqFi5Z|9=8A8u?(z&k(CNL=c%}38v`7FWZZSW2BtU=h#@V zA!Bp7ff(E0Hd^F4nOp-x98-?qrWasiRcoI-UK(Ju%$w7Ik?hS-N*W@30WA|Az`?Hl zNuxnB9@Ed@HdbK94jU=)Z2#i4C7N58EXOd{?;JiQgwZj@5J((bjXmdgOn=d>yoQ}U ztG$8|1|(4kN<>%;YT0>a_mH_(8I7o+4lO_%GI=(d+ch{k9T-`2T1o(f6-B*ruHF8`%GDz@{`(Iw@f zp9hcng5j(5+&B?x5)w`PWx)TI=TgI*xJGv59F>edVxVo@KgA!EVqo_|%)(|3QtFdN z^>X%g^4L}y7t4Z-H%{6-7^~AQ>QY+K3>qx&eqUbX&Gx@~vwdwg;C~ML-`ziGR{Xyg zyRH3={Xa!1S~z~z$jwhxG3le_QFxdsJH{Exk_(ImMETHiU@7j~XLk|N6h=nKRQ{ha z#`yL@j8Hz1DS=q!AJdw~JygwyOA{jC7Hrs7d8-5oEEayPS(Ay4^^|bV3h9wrk5%rZ zIDVEsDJy<_{;G4*8Gl}!_4>nQBcw4AAKX@RXTRyzdf70+#o_tz&BaNteK_p)PV1ew zQ3tj3X&^B~t|?*4`=|u3L$|vZc{Jg|h7;<@g$b{X@f9XrhJC$O(d+A_qwHRx(uwhW ztN0W1U|$D()*W>E?>ha9cBeml@N%HkUX0N#u*aSE4@JGid4CDCd=(dyOmI?&3I)gfruhv81BDrRpx&y0+JJDBpQt@ z0wvw&;M(Y%`F~M}7rW0(r?h-N>lsD(0-qA05f+OSM}%k@sSH!qtc02;JquW1!Gx;7 z*w9|Ra~k=ps$vLKR{-pc?bjA0pmiXdZ7tyB3z+U;jf>Z9ox(t(E*_Dz=JcNIy)Hd^ ztAlH4{=RObTeAlKObe2~s*OEZf86Ht-&2--3VJs-u=aQvz`PXDjOepu3pS}pr zC{O7w#eb2R^YWH(GC_GGPGsBdyJ^LkYgKtINj%McqFn9e$8Dz3yGk=L9!H&Fs88(e za)g=^X5B|bVX1+4qZ1dIw zq;1aVKH}vx+Wq?EX}T@=0;7XHhfd3LE$lHgti@y;N7j_T! zn?-qUm91ruK_j*IreEu>qe{c(*vK8pGP=Ac`Rf93{W!}En7pN*E^o1-9?5#kGTfY!>7;|Id2Ane+QKZs1+<|D9Gf{@-lvH8=j>Q nDFFYl;C?j}|GmY-H)T^cWmEns<^KTy01E&A9_lha05|{u$jB&> diff --git a/charts/virtual-kubelet/Chart.yaml b/charts/virtual-kubelet/Chart.yaml index fddfc59d8..c1334eaf2 100644 --- a/charts/virtual-kubelet/Chart.yaml +++ b/charts/virtual-kubelet/Chart.yaml @@ -1,5 +1,5 @@ name: virtual-kubelet -version: 0.2.0 +version: 0.3.0 appVersion: 0.3 description: A Helm chart to install virtual kubelet inside a Kubernetes cluster. icon: https://avatars2.githubusercontent.com/u/34250142 diff --git a/charts/virtual-kubelet/templates/deployment.yaml b/charts/virtual-kubelet/templates/deployment.yaml index 5470efe2c..533883576 100644 --- a/charts/virtual-kubelet/templates/deployment.yaml +++ b/charts/virtual-kubelet/templates/deployment.yaml @@ -28,6 +28,12 @@ spec: valueFrom: fieldRef: fieldPath: status.podIP + - name: VKUBELET_TAINT_KEY + value: {{ .Values.taint.key }} + - name: VKUBELET_TAINT_VALUE + value: {{ tpl .Values.taint.value $ }} + - name: VKUBELET_TAINT_EFFECT + value: {{ .Values.taint.effect }} {{- if eq .Values.provider "azure" }} {{- with .Values.providers.azure }} {{- if .loganalytics.enabled }} @@ -73,11 +79,13 @@ spec: {{- end }} command: ["virtual-kubelet"] args: [ +{{- if not .Values.taint.enabled }} + "--disable-taint", "true", +{{- end }} "--provider", "{{ required "provider is required" .Values.provider }}", "--namespace", "{{ .Values.monitoredNamespace }}", "--nodename", "{{ required "nodeName is required" .Values.nodeName }}", - "--os", "{{ .Values.nodeOsType }}", - "--taint", "{{ .Values.nodeTaint }}" + "--os", "{{ .Values.nodeOsType }}" ] volumes: - name: credentials diff --git a/charts/virtual-kubelet/templates/tests/helloworld.yaml b/charts/virtual-kubelet/templates/tests/helloworld.yaml index 4ce276f0f..5704a0c79 100644 --- a/charts/virtual-kubelet/templates/tests/helloworld.yaml +++ b/charts/virtual-kubelet/templates/tests/helloworld.yaml @@ -23,5 +23,8 @@ spec: kubernetes.io/hostname: "{{ .Values.nodeName }}" restartPolicy: Never tolerations: - - key: "{{ .Values.nodeTaint }}" - effect: NoSchedule +{{- if .Values.taint.enabled }} + - key: "{{ .Values.taint.key }}" + value: "{{ tpl .Values.taint.value $ }}" + effect: "{{ .Values.taint.effect }}" +{{- end }} diff --git a/charts/virtual-kubelet/values.yaml b/charts/virtual-kubelet/values.yaml index f126e0806..6009bd4fe 100644 --- a/charts/virtual-kubelet/values.yaml +++ b/charts/virtual-kubelet/values.yaml @@ -6,12 +6,18 @@ image: ## `provider` should be one of aws, azure, azurebatch, etc... provider: nodeName: "virtual-kubelet" -nodeTaint: "azure.com/aci" nodeOsType: "Linux" monitoredNamespace: "" apiserverCert: apiserverKey: +taint: + enabled: true + key: virtual-kubelet.io/provider + value: "{{ .Values.provider }}" + ## `effect` must be `NoSchedule`, `PreferNoSchedule` or `NoExecute`. + effect: NoSchedule + providers: azure: ## Set to true if deploying to Azure Kubernetes Service (AKS), otherwise false diff --git a/cmd/root.go b/cmd/root.go index 3b703571a..76753386e 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -36,7 +36,7 @@ var nodeName string var operatingSystem string var provider string var providerConfig string -var taint string +var disableTaint bool // RootCmd represents the base command when called without any subcommands var RootCmd = &cobra.Command{ @@ -47,7 +47,7 @@ backend implementation allowing users to create kubernetes nodes without running This allows users to schedule kubernetes workloads on nodes that aren't running Kubernetes.`, Run: func(cmd *cobra.Command, args []string) { fmt.Println(kubeConfig) - f, err := vkubelet.New(nodeName, operatingSystem, kubeNamespace, kubeConfig, taint, provider, providerConfig) + f, err := vkubelet.New(nodeName, operatingSystem, kubeNamespace, kubeConfig, provider, providerConfig, disableTaint) if err != nil { log.Fatal(err) } @@ -82,7 +82,7 @@ func init() { RootCmd.PersistentFlags().StringVar(&nodeName, "nodename", defaultNodeName, "kubernetes node name") RootCmd.PersistentFlags().StringVar(&operatingSystem, "os", "Linux", "Operating System (Linux/Windows)") RootCmd.PersistentFlags().StringVar(&provider, "provider", "", "cloud provider") - RootCmd.PersistentFlags().StringVar(&taint, "taint", "", "apply taint to node, making scheduling explicit") + RootCmd.PersistentFlags().BoolVar(&disableTaint, "disable-taint", false, "disable the virtual-kubelet node taint") RootCmd.PersistentFlags().StringVar(&providerConfig, "provider-config", "", "cloud provider configuration file") // Cobra also supports local flags, which will only run diff --git a/examples/busyecho.yaml b/examples/busyecho.yaml index 0c400830a..94a4b080a 100644 --- a/examples/busyecho.yaml +++ b/examples/busyecho.yaml @@ -25,5 +25,5 @@ spec: beta.kubernetes.io/os: linux type: virtual-kubelet tolerations: - - key: azure.com/aci - effect: NoSchedule + - key: virtual-kubelet.io/provider + operator: Exists diff --git a/examples/iis-pod.yaml b/examples/iis-pod.yaml index 230249120..4cba4165a 100644 --- a/examples/iis-pod.yaml +++ b/examples/iis-pod.yaml @@ -27,5 +27,5 @@ spec: type: virtual-kubelet automountServiceAccountToken: false tolerations: - - key: azure.com/aci - effect: NoSchedule + - key: virtual-kubelet.io/provider + operator: Exists diff --git a/examples/nanoserver.yaml b/examples/nanoserver.yaml index 2097c50f5..830aa720a 100644 --- a/examples/nanoserver.yaml +++ b/examples/nanoserver.yaml @@ -16,5 +16,5 @@ spec: type: virtual-kubelet automountServiceAccountToken: false tolerations: - - key: azure.com/aci - effect: NoSchedule + - key: virtual-kubelet.io/provider + operator: Exists diff --git a/examples/nginx-pod.yaml b/examples/nginx-pod.yaml index c4bf7631e..9c541215e 100644 --- a/examples/nginx-pod.yaml +++ b/examples/nginx-pod.yaml @@ -19,5 +19,5 @@ spec: beta.kubernetes.io/os: linux type: virtual-kubelet tolerations: - - key: azure.com/aci - effect: NoSchedule + - key: virtual-kubelet.io/provider + operator: Exists diff --git a/examples/pause.yaml b/examples/pause.yaml index 19e1372e8..6936274b4 100644 --- a/examples/pause.yaml +++ b/examples/pause.yaml @@ -23,5 +23,5 @@ spec: beta.kubernetes.io/os: linux type: virtual-kubelet tolerations: - - key: azure.com/aci - effect: NoSchedule + - key: virtual-kubelet.io/provider + operator: Exists diff --git a/providers/azure/README.md b/providers/azure/README.md index 3d58eba2d..741901207 100644 --- a/providers/azure/README.md +++ b/providers/azure/README.md @@ -320,7 +320,8 @@ spec: dnsPolicy: ClusterFirst nodeName: virtual-kubelet-myconnector-linux tolerations: - - key: azure.com/aci + - key: virtual-kubelet.io/provider + value: azure effect: NoSchedule ``` @@ -328,7 +329,8 @@ Notice that Virtual-Kubelet nodes are tainted by default to avoid unexpected pod ``` tolerations: - - key: azure.com/aci + - key: virtual-kubelet.io/provider + value: azure effect: NoSchedule ``` diff --git a/vkubelet/vkubelet.go b/vkubelet/vkubelet.go index af40d46e8..d2523405c 100644 --- a/vkubelet/vkubelet.go +++ b/vkubelet/vkubelet.go @@ -30,14 +30,23 @@ type Server struct { nodeName string namespace string k8sClient *kubernetes.Clientset - taint string + taint corev1.Taint + disableTaint bool provider Provider podWatcher watch.Interface resourceManager *manager.ResourceManager } +func getEnv(key, defaultValue string) string { + value, found := os.LookupEnv(key) + if found { + return value + } + return defaultValue +} + // New creates a new virtual-kubelet server. -func New(nodeName, operatingSystem, namespace, kubeConfig, taint, provider, providerConfig string) (*Server, error) { +func New(nodeName, operatingSystem, namespace, kubeConfig, provider, providerConfig string, disableTaint bool) (*Server, error) { var config *rest.Config // Check if the kubeConfig file exists. @@ -71,6 +80,27 @@ func New(nodeName, operatingSystem, namespace, kubeConfig, taint, provider, prov internalIP := os.Getenv("VKUBELET_POD_IP") + vkTaintKey := getEnv("VKUBELET_TAINT_KEY", "virtual-kubelet.io/provider") + vkTaintValue := getEnv("VKUBELET_TAINT_VALUE", provider) + vkTaintEffectEnv := getEnv("VKUBELET_TAINT_EFFECT", "NoSchedule") + var vkTaintEffect corev1.TaintEffect + switch vkTaintEffectEnv { + case "NoSchedule": + vkTaintEffect = corev1.TaintEffectNoSchedule + case "NoExecute": + vkTaintEffect = corev1.TaintEffectNoExecute + case "PreferNoSchedule": + vkTaintEffect = corev1.TaintEffectPreferNoSchedule + default: + fmt.Printf("Taint effect '%s' is not supported\n", vkTaintEffectEnv) + } + + taint := corev1.Taint{ + Key: vkTaintKey, + Value: vkTaintValue, + Effect: vkTaintEffect, + } + p, err = lookupProvider(provider, providerConfig, rm, nodeName, operatingSystem, internalIP, daemonEndpointPort) if err != nil { return nil, err @@ -80,6 +110,7 @@ func New(nodeName, operatingSystem, namespace, kubeConfig, taint, provider, prov namespace: namespace, nodeName: nodeName, taint: taint, + disableTaint: disableTaint, k8sClient: clientset, resourceManager: rm, provider: p, @@ -106,11 +137,8 @@ func New(nodeName, operatingSystem, namespace, kubeConfig, taint, provider, prov func (s *Server) registerNode() error { taints := make([]corev1.Taint, 0) - if s.taint != "" { - taints = append(taints, corev1.Taint{ - Key: s.taint, - Effect: corev1.TaintEffectNoSchedule, - }) + if !s.disableTaint { + taints = append(taints, s.taint) } node := &corev1.Node{ From 5115c1e5cd00fdec15a8f46da6d29f0a98c453e5 Mon Sep 17 00:00:00 2001 From: Jacob LeGrone Date: Tue, 14 Aug 2018 19:34:00 -0400 Subject: [PATCH 2/2] Add back deprecated taint flag TODO: Revert this commit Related to #316 --- cmd/root.go | 5 ++++- vkubelet/vkubelet.go | 10 ++++++++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/cmd/root.go b/cmd/root.go index 76753386e..4013337be 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -36,6 +36,7 @@ var nodeName string var operatingSystem string var provider string var providerConfig string +var taintKey string var disableTaint bool // RootCmd represents the base command when called without any subcommands @@ -47,7 +48,7 @@ backend implementation allowing users to create kubernetes nodes without running This allows users to schedule kubernetes workloads on nodes that aren't running Kubernetes.`, Run: func(cmd *cobra.Command, args []string) { fmt.Println(kubeConfig) - f, err := vkubelet.New(nodeName, operatingSystem, kubeNamespace, kubeConfig, provider, providerConfig, disableTaint) + f, err := vkubelet.New(nodeName, operatingSystem, kubeNamespace, kubeConfig, provider, providerConfig, taintKey, disableTaint) if err != nil { log.Fatal(err) } @@ -84,6 +85,8 @@ func init() { RootCmd.PersistentFlags().StringVar(&provider, "provider", "", "cloud provider") RootCmd.PersistentFlags().BoolVar(&disableTaint, "disable-taint", false, "disable the virtual-kubelet node taint") RootCmd.PersistentFlags().StringVar(&providerConfig, "provider-config", "", "cloud provider configuration file") + RootCmd.PersistentFlags().StringVar(&taintKey, "taint", "", "Set node taint key") + RootCmd.PersistentFlags().MarkDeprecated("taint", "Taint key should now be configured using the VK_TAINT_KEY environment variable") // Cobra also supports local flags, which will only run // when this action is called directly. diff --git a/vkubelet/vkubelet.go b/vkubelet/vkubelet.go index d2523405c..a1480702d 100644 --- a/vkubelet/vkubelet.go +++ b/vkubelet/vkubelet.go @@ -46,7 +46,7 @@ func getEnv(key, defaultValue string) string { } // New creates a new virtual-kubelet server. -func New(nodeName, operatingSystem, namespace, kubeConfig, provider, providerConfig string, disableTaint bool) (*Server, error) { +func New(nodeName, operatingSystem, namespace, kubeConfig, provider, providerConfig, taintKey string, disableTaint bool) (*Server, error) { var config *rest.Config // Check if the kubeConfig file exists. @@ -80,7 +80,13 @@ func New(nodeName, operatingSystem, namespace, kubeConfig, provider, providerCon internalIP := os.Getenv("VKUBELET_POD_IP") - vkTaintKey := getEnv("VKUBELET_TAINT_KEY", "virtual-kubelet.io/provider") + var defaultTaintKey string + if taintKey != "" { + defaultTaintKey = taintKey + } else { + defaultTaintKey = "virtual-kubelet.io/provider" + } + vkTaintKey := getEnv("VKUBELET_TAINT_KEY", defaultTaintKey) vkTaintValue := getEnv("VKUBELET_TAINT_VALUE", provider) vkTaintEffectEnv := getEnv("VKUBELET_TAINT_EFFECT", "NoSchedule") var vkTaintEffect corev1.TaintEffect