-
Notifications
You must be signed in to change notification settings - Fork 6.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make kubespray authoritative on node taints #11697
base: master
Are you sure you want to change the base?
Make kubespray authoritative on node taints #11697
Conversation
Skipping CI for Draft Pull Request. |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: VannTen The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/ok-to-test |
nice finally a true config as code for the nvidia part i would just remove it and add some documentation to avoid overengineering stuff |
def277a
to
29b71d8
Compare
/label tide/merge-method-merge |
Currently, we only add/modify taints to nodes (not remove). This mean is users remove taints from their kubespray inventories, they also have to remove them manually from their clusters. Switch to replacing the entire taints array by patching 'spec.taints'; we do preserve Kubernetes reserved taints (https://kubernetes.io/docs/reference/labels-annotations-taints/). The string from for providing the annotations is more complicated to manipulate, in kubespray or in users inventory. Deprecate the string form in favor of reusing the structure of the Kubernetes API. We keep a compatibily layer which parse the string on-the-fly, which we should remove in the N+1 release (N=next relase)
29b71d8
to
7b4cc75
Compare
Hum, I wonder if we could leverage server-side apply to handle "taints we don't manage" 🤔
|
The answer to this last question is "not yet" kubernetes/kubernetes#117142 |
/hold
I need to think a bit more about that server-side apply stuff
|
What type of PR is this?
/kind feature
What this PR does / why we need it:
Currently, we only add/modify taints to nodes (not remove). This mean is
users remove taints from their kubespray inventories, they also have to
remove them manually from their clusters.
Switch to replacing the entire taints array by patching 'spec.taints';
we do preserve Kubernetes reserved taints
(https://kubernetes.io/docs/reference/labels-annotations-taints/).
The string from for providing the annotations is more complicated to
manipulate, in kubespray or in users inventory.
Deprecate the string form in favor of reusing the structure of the
Kubernetes API. We keep a compatibily layer which parse the string
on-the-fly, which we should remove in the N+1 release (N=next relase)
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Kinda follow-up to #10705 @maxime1907 would love to hear your thoughts
Regarding the nvidia bits. Setting a boolean is marginally easier, but why not just ask users to have the nvidia taints in their group_vars for their nvidia nodes and just scrap those variables ? => and just add that to documentation ? Wdyt ?
Does this PR introduce a user-facing change?: