Skip to content

Turn on quota related admission control plug-ins #1048

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
openshift-bot merged 1 commit into from
Mar 9, 2015
Merged

Turn on quota related admission control plug-ins #1048

openshift-bot merged 1 commit into from
Mar 9, 2015

Conversation

@derekwaynecarr
Copy link
Member

@derekwaynecarr derekwaynecarr commented Feb 17, 2015

Turn on the admission control plug-ins from upstream Kubernetes that control quota usage.

This change will cause LimitRange and ResourceQuota to be enforced on admission.

Note: If and only if you add a ResourceQuota to a project, all create and update operations in that project will not work until #1047 is merged. This is because the manager needs to update actual usage stats before new requests are accepted by these plug-ins.

Review please @jwforres @smarterclayton @deads2k

@smarterclayton
Copy link
Contributor

smarterclayton commented Feb 17, 2015

Do we want this enabled by default?

@derekwaynecarr
Copy link
Member Author

derekwaynecarr commented Feb 17, 2015

Yes - it's a no-op when ResourceQuota and LimitRange are not used, so there is no reason to not have them on.

@derekwaynecarr
Copy link
Member Author

derekwaynecarr commented Feb 17, 2015

Well, let me rephrase, it will be a no-op after my change to upstream makes these two plug-ins cache backed. But I am waiting for kubernetes/kubernetes#4453 to get merged to send the follow-on PR.

@smarterclayton smarterclayton modified the milestone: 0.4.0 (beta2) Feb 20, 2015
@derekwaynecarr
Copy link
Member Author

derekwaynecarr commented Feb 26, 2015

The upstream change to make the admission control plug-in cache based is here:
kubernetes/kubernetes#4749

Once we rebase on a version with that change, we can enable the plug-in by default.

@smarterclayton
Copy link
Contributor

smarterclayton commented Mar 4, 2015

Rebase

@smarterclayton smarterclayton modified the milestones: 0.4.0 (beta2), 0.5.0 Mar 4, 2015
@derekwaynecarr derekwaynecarr force-pushed the enable_quota_on_admission branch from 7afe1c7 to a23f926 Compare March 5, 2015 14:23
@derekwaynecarr
Copy link
Member Author

derekwaynecarr commented Mar 5, 2015

Rebased.

@deads2k @liggitt - this is easier to follow now with the new code split in start.go.

When starting Kube, I start the admission control plug-ins that we require in base Kube if we were to run on Kube. Right now for Origin based master, we just run the AlwaysAdmit until we have our unique plug-ins that need to handle our own custom fields on LimitRange (i.e. layer size, etc.)

liggitt
liggitt reviewed Mar 5, 2015
View reviewed changes
pkg/cmd/server/kube_master.go Outdated
Copy link
Contributor

@liggitt liggitt Mar 5, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is AlwaysAdmit needed at the end of the chain? I thought admission plugins only gave errors, so if it made it to the end of the chain without an error, it was implicitly accepted

Copy link
Member Author

@derekwaynecarr derekwaynecarr Mar 5, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You are correct.

Updating.

@derekwaynecarr derekwaynecarr force-pushed the enable_quota_on_admission branch from a23f926 to 9f48fd3 Compare March 5, 2015 15:12
@liggitt
Copy link
Contributor

liggitt commented Mar 5, 2015

LGTM

@smarterclayton
Copy link
Contributor

smarterclayton commented Mar 9, 2015

[merge]

@openshift-bot
Copy link
Contributor

openshift-bot commented Mar 9, 2015

continuous-integration/openshift-jenkins/merge SUCCESS (https://ci.openshift.redhat.com/jenkins/job/merge_pull_requests_openshift3/1133/) (Image: devenv-fedora_997)

@openshift-bot
Copy link
Contributor

openshift-bot commented Mar 9, 2015

Evaluated for origin up to 9f48fd3

openshift-bot pushed a commit that referenced this pull request Mar 9, 2015
Merge pull request #1048 from derekwaynecarr/enable_quota_on_admission
3f262bd 
Merged by openshift-bot
@openshift-bot openshift-bot merged commit 3f262bd into openshift:master Mar 9, 2015
sjenning pushed a commit to sjenning/origin that referenced this pull request Jul 30, 2018
@sdodson
Merge pull request openshift#1048 from mgugino-upstream-stage/node-sy…
5e65555 
…scon-mounts-bp-3.8

[3.8] Add node system-container ADDLT_MOUNTS
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

0.5.0 (beta3)

Development

Successfully merging this pull request may close these issues.

4 participants

@derekwaynecarr @smarterclayton @liggitt @openshift-bot