-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(ScaledObject): Check default limits from LimitRange
for ScaledObject
validations
#5377
fix(ScaledObject): Check default limits from LimitRange
for ScaledObject
validations
#5377
Conversation
Thank you for your contribution! 🙏 Let us know when you are ready for a review by publishing the PR. |
2ba60f5
to
46e9c19
Compare
46e9c19
to
e71f15f
Compare
LimitRange
for ScaledObject
validationsLimitRange
for ScaledObject
validations
Minimal Steps to Test the Changes
|
/run-e2e internal |
…ect Validations KEDA admission webhook rejects ScaledObject requests with CPU or memory triggers when the resource limits (CPU/memory based on triggers) are not set in the pod spec. This is expected behavior. But if default limits are set in the LimitRange object in the same namespace, the admission webhook should allow the ScaledObject request, which currently doesn’t. This change will check if there is a LimitRange with default limits (CPU/memory based on triggers) in the namespace that ScaledObject is in, and allows the request to proceed. Also, added RBAC permissions for list & watch LimitRange. Updated Change Log. Signed-off-by: Bhargav Ravuri <[email protected]>
e71f15f
to
edecc39
Compare
/run-e2e internal |
@Bhargav-InfraCloud yeah, we should document this for sure :) |
Please review the PR for updating the docs. Thanks! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I haven't got time to review properly, but to be clear, we don't enforce requests,
but only limits
set on the target resource, is this respected in this PR?
Not exactly. The fix to that issue has only added the validation for keda/apis/keda/v1alpha1/scaledobject_webhook.go Lines 462 to 464 in 4fd3ed5
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
excellent PR, I think this can be merged, @zroubalik, although I don't know how to get to the failing e2e test logs
I haven't got time to review properly, but to be clear, we don't enforce requests, but only limits set on the target resource, is this respected in this PR?
isn't it the other way around in 2.12.1? from my quick testing requests
are enforced, limits
can be missing.
never mind 🤦♂️, I just realized #4803 is not part of 2.12.1 and will be released in 2.13.0...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not exactly. The fix to that issue has only added the validation for
limits
and hasn't removed the existing validation onrequests
. It isOR
ed though. We should probably open a card for that and update the docs too. I see docs have examples with justrequests
.
@Bhargav-InfraCloud could you please incorporate this into your docs PR. Once the docs PR is done, we can proceed and merge this PR. Great job, thanks!
/run-e2e internal |
/run-e2e internal |
Thanks, everyone! :-) |
KEDA admission webhook rejects ScaledObject requests with CPU or memory triggers when the resource limits (CPU/memory based on triggers) are not set in the pod spec. This is expected behavior.
But if default limits are set in the LimitRange object in the same namespace, the admission webhook should allow the ScaledObject request, which currently doesn’t.
This change will check if there is a LimitRange with default limits (CPU/memory based on triggers) in the namespace that ScaledObject is in, and allows the request to proceed.
Also, added RBAC permissions for list & watch LimitRange.
Checklist
LimitRange
charts#588cpu
andmemory
scaler docs for validatingrequests
/limits
fromLimitRange
keda-docs#1296Fixes #5348