From 77991f21ce170c88bf5d01d38bbb12c0b95dca23 Mon Sep 17 00:00:00 2001 From: kun zhou Date: Tue, 6 Aug 2024 00:59:43 -0700 Subject: [PATCH] change NodeDrainPodFilters to metav1.LabelSelector and function to match labels --- api/v1beta1/machine_types.go | 7 ++----- .../controllers/machine/machine_controller.go | 17 ++++++++++++++++- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/api/v1beta1/machine_types.go b/api/v1beta1/machine_types.go index c7f0b4c7fc69..4d616566ba06 100644 --- a/api/v1beta1/machine_types.go +++ b/api/v1beta1/machine_types.go @@ -19,7 +19,6 @@ package v1beta1 import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - kubedrain "k8s.io/kubectl/pkg/drain" capierrors "sigs.k8s.io/cluster-api/errors" ) @@ -122,11 +121,9 @@ type MachineSpec struct { // +optional NodeDeletionTimeout *metav1.Duration `json:"nodeDeletionTimeout,omitempty"` - // NodeDrainPodFilters are applied as AdditionalFilters after base drain filters to - // exclude pods using custom logic. Any filter that returns PodDeleteStatus - // with Delete == false will immediately stop execution of further filters. + // NodeDrainPodFilters allows to specify filters for pods to be excluded during node drain // +optional - NodeDrainPodFilters []kubedrain.PodFilter `json:"nodeDrainPodFilters,omitempty"` + NodeDrainPodFilters *metav1.LabelSelector `json:"nodeDrainPodFilters,omitempty"` } // ANCHOR_END: MachineSpec diff --git a/internal/controllers/machine/machine_controller.go b/internal/controllers/machine/machine_controller.go index 63a9f416376e..80792b534d1e 100644 --- a/internal/controllers/machine/machine_controller.go +++ b/internal/controllers/machine/machine_controller.go @@ -26,6 +26,7 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" kerrors "k8s.io/apimachinery/pkg/util/errors" "k8s.io/apimachinery/pkg/util/wait" @@ -621,7 +622,9 @@ func (r *Reconciler) drainNode(ctx context.Context, cluster *clusterv1.Cluster, }}, // SPECTRO: Even if the node is reachable, we wait 30 minutes for drain completion else move ahead SkipWaitForDeleteTimeoutSeconds: 60 * 30, // 30 minutes - AdditionalFilters: m.Spec.NodeDrainPodFilters, + AdditionalFilters: []kubedrain.PodFilter{ + SkipFuncGenerator(m.Spec.NodeDrainPodFilters), + }, } if noderefutil.IsNodeUnreachable(node) { // When the node is unreachable and some pods are not evicted for as long as this timeout, we ignore them. @@ -644,6 +647,18 @@ func (r *Reconciler) drainNode(ctx context.Context, cluster *clusterv1.Cluster, return ctrl.Result{}, nil } +func SkipFuncGenerator(labelSelector *metav1.LabelSelector) func(pod corev1.Pod) kubedrain.PodDeleteStatus { + return func(pod corev1.Pod) kubedrain.PodDeleteStatus { + if pod.Labels == nil { + return kubedrain.MakePodDeleteStatusOkay() + } + if labels.Equals(labelSelector.MatchLabels, pod.ObjectMeta.Labels) { + return kubedrain.MakePodDeleteStatusSkip() + } + return kubedrain.MakePodDeleteStatusOkay() + } +} + // shouldWaitForNodeVolumes returns true if node status still have volumes attached // pod deletion and volume detach happen asynchronously, so pod could be deleted before volume detached from the node // this could cause issue for some storage provisioner, for example, vsphere-volume this is problematic