mirror of https://github.com/k3s-io/k3s
176 lines
6.9 KiB
Go
176 lines
6.9 KiB
Go
/*
|
|
Copyright 2015 The Kubernetes Authors.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package daemonset
|
|
|
|
import (
|
|
"context"
|
|
|
|
appsv1beta2 "k8s.io/api/apps/v1beta2"
|
|
extensionsv1beta1 "k8s.io/api/extensions/v1beta1"
|
|
apiequality "k8s.io/apimachinery/pkg/api/equality"
|
|
apivalidation "k8s.io/apimachinery/pkg/api/validation"
|
|
"k8s.io/apimachinery/pkg/runtime"
|
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
|
"k8s.io/apimachinery/pkg/util/validation/field"
|
|
genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
|
|
"k8s.io/apiserver/pkg/registry/rest"
|
|
"k8s.io/apiserver/pkg/storage/names"
|
|
"k8s.io/kubernetes/pkg/api/legacyscheme"
|
|
"k8s.io/kubernetes/pkg/api/pod"
|
|
"k8s.io/kubernetes/pkg/apis/apps"
|
|
"k8s.io/kubernetes/pkg/apis/apps/validation"
|
|
)
|
|
|
|
// daemonSetStrategy implements verification logic for daemon sets.
|
|
type daemonSetStrategy struct {
|
|
runtime.ObjectTyper
|
|
names.NameGenerator
|
|
}
|
|
|
|
// Strategy is the default logic that applies when creating and updating DaemonSet objects.
|
|
var Strategy = daemonSetStrategy{legacyscheme.Scheme, names.SimpleNameGenerator}
|
|
|
|
// DefaultGarbageCollectionPolicy returns OrphanDependents by default. For apps/v1, returns DeleteDependents.
|
|
func (daemonSetStrategy) DefaultGarbageCollectionPolicy(ctx context.Context) rest.GarbageCollectionPolicy {
|
|
if requestInfo, found := genericapirequest.RequestInfoFrom(ctx); found {
|
|
groupVersion := schema.GroupVersion{Group: requestInfo.APIGroup, Version: requestInfo.APIVersion}
|
|
switch groupVersion {
|
|
case extensionsv1beta1.SchemeGroupVersion, appsv1beta2.SchemeGroupVersion:
|
|
// for back compatibility
|
|
return rest.OrphanDependents
|
|
default:
|
|
return rest.DeleteDependents
|
|
}
|
|
}
|
|
return rest.OrphanDependents
|
|
}
|
|
|
|
// NamespaceScoped returns true because all DaemonSets need to be within a namespace.
|
|
func (daemonSetStrategy) NamespaceScoped() bool {
|
|
return true
|
|
}
|
|
|
|
// PrepareForCreate clears the status of a daemon set before creation.
|
|
func (daemonSetStrategy) PrepareForCreate(ctx context.Context, obj runtime.Object) {
|
|
daemonSet := obj.(*apps.DaemonSet)
|
|
daemonSet.Status = apps.DaemonSetStatus{}
|
|
|
|
daemonSet.Generation = 1
|
|
if daemonSet.Spec.TemplateGeneration < 1 {
|
|
daemonSet.Spec.TemplateGeneration = 1
|
|
}
|
|
|
|
pod.DropDisabledAlphaFields(&daemonSet.Spec.Template.Spec)
|
|
}
|
|
|
|
// PrepareForUpdate clears fields that are not allowed to be set by end users on update.
|
|
func (daemonSetStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) {
|
|
newDaemonSet := obj.(*apps.DaemonSet)
|
|
oldDaemonSet := old.(*apps.DaemonSet)
|
|
|
|
pod.DropDisabledAlphaFields(&newDaemonSet.Spec.Template.Spec)
|
|
pod.DropDisabledAlphaFields(&oldDaemonSet.Spec.Template.Spec)
|
|
|
|
// update is not allowed to set status
|
|
newDaemonSet.Status = oldDaemonSet.Status
|
|
|
|
// update is not allowed to set TemplateGeneration
|
|
newDaemonSet.Spec.TemplateGeneration = oldDaemonSet.Spec.TemplateGeneration
|
|
|
|
// Any changes to the spec increment the generation number, any changes to the
|
|
// status should reflect the generation number of the corresponding object. We push
|
|
// the burden of managing the status onto the clients because we can't (in general)
|
|
// know here what version of spec the writer of the status has seen. It may seem like
|
|
// we can at first -- since obj contains spec -- but in the future we will probably make
|
|
// status its own object, and even if we don't, writes may be the result of a
|
|
// read-update-write loop, so the contents of spec may not actually be the spec that
|
|
// the manager has *seen*.
|
|
//
|
|
// TODO: Any changes to a part of the object that represents desired state (labels,
|
|
// annotations etc) should also increment the generation.
|
|
if !apiequality.Semantic.DeepEqual(oldDaemonSet.Spec.Template, newDaemonSet.Spec.Template) {
|
|
newDaemonSet.Spec.TemplateGeneration = oldDaemonSet.Spec.TemplateGeneration + 1
|
|
newDaemonSet.Generation = oldDaemonSet.Generation + 1
|
|
return
|
|
}
|
|
if !apiequality.Semantic.DeepEqual(oldDaemonSet.Spec, newDaemonSet.Spec) {
|
|
newDaemonSet.Generation = oldDaemonSet.Generation + 1
|
|
}
|
|
}
|
|
|
|
// Validate validates a new daemon set.
|
|
func (daemonSetStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList {
|
|
daemonSet := obj.(*apps.DaemonSet)
|
|
return validation.ValidateDaemonSet(daemonSet)
|
|
}
|
|
|
|
// Canonicalize normalizes the object after validation.
|
|
func (daemonSetStrategy) Canonicalize(obj runtime.Object) {
|
|
}
|
|
|
|
// AllowCreateOnUpdate is false for daemon set; this means a POST is
|
|
// needed to create one
|
|
func (daemonSetStrategy) AllowCreateOnUpdate() bool {
|
|
return false
|
|
}
|
|
|
|
// ValidateUpdate is the default update validation for an end user.
|
|
func (daemonSetStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList {
|
|
newDaemonSet := obj.(*apps.DaemonSet)
|
|
oldDaemonSet := old.(*apps.DaemonSet)
|
|
allErrs := validation.ValidateDaemonSet(obj.(*apps.DaemonSet))
|
|
allErrs = append(allErrs, validation.ValidateDaemonSetUpdate(newDaemonSet, oldDaemonSet)...)
|
|
|
|
// Update is not allowed to set Spec.Selector for apps/v1 and apps/v1beta2 (allowed for extensions/v1beta1).
|
|
// If RequestInfo is nil, it is better to revert to old behavior (i.e. allow update to set Spec.Selector)
|
|
// to prevent unintentionally breaking users who may rely on the old behavior.
|
|
// TODO(#50791): after extensions/v1beta1 is removed, move selector immutability check inside ValidateDaemonSetUpdate().
|
|
if requestInfo, found := genericapirequest.RequestInfoFrom(ctx); found {
|
|
groupVersion := schema.GroupVersion{Group: requestInfo.APIGroup, Version: requestInfo.APIVersion}
|
|
switch groupVersion {
|
|
case extensionsv1beta1.SchemeGroupVersion:
|
|
// no-op for compatibility
|
|
default:
|
|
// disallow mutation of selector
|
|
allErrs = append(allErrs, apivalidation.ValidateImmutableField(newDaemonSet.Spec.Selector, oldDaemonSet.Spec.Selector, field.NewPath("spec").Child("selector"))...)
|
|
}
|
|
}
|
|
|
|
return allErrs
|
|
}
|
|
|
|
// AllowUnconditionalUpdate is the default update policy for daemon set objects.
|
|
func (daemonSetStrategy) AllowUnconditionalUpdate() bool {
|
|
return true
|
|
}
|
|
|
|
type daemonSetStatusStrategy struct {
|
|
daemonSetStrategy
|
|
}
|
|
|
|
var StatusStrategy = daemonSetStatusStrategy{Strategy}
|
|
|
|
func (daemonSetStatusStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) {
|
|
newDaemonSet := obj.(*apps.DaemonSet)
|
|
oldDaemonSet := old.(*apps.DaemonSet)
|
|
newDaemonSet.Spec = oldDaemonSet.Spec
|
|
}
|
|
|
|
func (daemonSetStatusStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList {
|
|
return validation.ValidateDaemonSetStatusUpdate(obj.(*apps.DaemonSet), old.(*apps.DaemonSet))
|
|
}
|