Skip to content

Commit

Permalink
fix: remove x-kubernetes-validations from the NodePool CRD
Browse files Browse the repository at this point in the history
  • Loading branch information
@rafatio
rafatio committed Aug 29, 2024
1 parent 8fc1855 commit 1f540c8
Show file tree
Hide file tree
Showing 3 changed files with 26 additions and 31 deletions.
3 changes: 3 additions & 0 deletions config/crd/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@ resources:
- bases/infrastructure.cluster.x-k8s.io_kopsmachinepools.yaml
#+kubebuilder:scaffold:crdkustomizeresource

transformers:
- patches/remove-x-kubernetes-validations.yaml

patchesStrategicMerge:
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
# patches here are for enabling the conversion webhook for each CRD
Expand Down
31 changes: 0 additions & 31 deletions ....k8s.io_v1_customresourcedefinition_kopsmachinepools.infrastructure.cluster.x-k8s.io.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,9 +192,6 @@ spec:
type: string
description: EvictionHard is the map of signal names to quantities that define hard eviction thresholds
type: object
x-kubernetes-validations:
- message: valid keys for evictionHard are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']
rule: self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])
evictionMaxPodGracePeriod:
description: |-
EvictionMaxPodGracePeriod is the maximum allowed grace period (in seconds) to use when terminating pods in
Expand All @@ -206,17 +203,11 @@ spec:
type: string
description: EvictionSoft is the map of signal names to quantities that define soft eviction thresholds
type: object
x-kubernetes-validations:
- message: valid keys for evictionSoft are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']
rule: self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])
evictionSoftGracePeriod:
additionalProperties:
type: string
description: EvictionSoftGracePeriod is the map of signal names to quantities that define grace periods for each eviction signal
type: object
x-kubernetes-validations:
- message: valid keys for evictionSoftGracePeriod are ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available']
rule: self.all(x, x in ['memory.available','nodefs.available','nodefs.inodesFree','imagefs.available','imagefs.inodesFree','pid.available'])
imageGCHighThresholdPercent:
description: |-
ImageGCHighThresholdPercent is the percent of disk usage after which image
Expand Down Expand Up @@ -247,11 +238,6 @@ spec:
x-kubernetes-int-or-string: true
description: KubeReserved contains resources reserved for Kubernetes system components.
type: object
x-kubernetes-validations:
- message: valid keys for kubeReserved are ['cpu','memory','ephemeral-storage','pid']
rule: self.all(x, x=='cpu' || x=='memory' || x=='ephemeral-storage' || x=='pid')
- message: kubeReserved value cannot be a negative resource quantity
rule: self.all(x, !self[x].startsWith('-'))
maxPods:
description: |-
MaxPods is an override for the maximum number of pods that can run on
Expand All @@ -276,19 +262,7 @@ spec:
x-kubernetes-int-or-string: true
description: SystemReserved contains resources reserved for OS system daemons and kernel memory.
type: object
x-kubernetes-validations:
- message: valid keys for systemReserved are ['cpu','memory','ephemeral-storage','pid']
rule: self.all(x, x=='cpu' || x=='memory' || x=='ephemeral-storage' || x=='pid')
- message: systemReserved value cannot be a negative resource quantity
rule: self.all(x, !self[x].startsWith('-'))
type: object
x-kubernetes-validations:
- message: imageGCHighThresholdPercent must be greater than imageGCLowThresholdPercent
rule: 'has(self.imageGCHighThresholdPercent) && has(self.imageGCLowThresholdPercent) ? self.imageGCHighThresholdPercent > self.imageGCLowThresholdPercent : true'
- message: evictionSoft OwnerKey does not have a matching evictionSoftGracePeriod
rule: has(self.evictionSoft) ? self.evictionSoft.all(e, (e in self.evictionSoftGracePeriod)):true
- message: evictionSoftGracePeriod OwnerKey does not have a matching evictionSoft
rule: has(self.evictionSoftGracePeriod) ? self.evictionSoftGracePeriod.all(e, (e in self.evictionSoft)):true
nodeClassRef:
description: NodeClassRef is a reference to an object that defines provider specific configuration
properties:
Expand Down Expand Up @@ -336,11 +310,6 @@ spec:
type: object
maxItems: 30
type: array
x-kubernetes-validations:
- message: requirements with operator 'In' must have a value defined
rule: 'self.all(x, x.operator == ''In'' ? x.values.size() != 0 : true)'
- message: requirements operator 'Gt' or 'Lt' must have a single positive integer value
rule: 'self.all(x, (x.operator == ''Gt'' || x.operator == ''Lt'') ? (x.values.size() == 1 && int(x.values[0]) >= 0) : true)'
resources:
description: Resources models the resource requirements for the NodeClaim to launch
properties:
Expand Down
23 changes: 23 additions & 0 deletions config/crd/patches/remove-x-kubernetes-validations.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# This is a patch to remove x-kubernetes-validations from the CRD schema. This is needed because the CRD schema of the NodePool exceeds rule cost estimation when used in a list. The workaround for this is to remove the x-kubernetes-validations from the CRD schema.
apiVersion: builtin
kind: PatchTransformer
metadata:
name: remove-x-kubernetes-validations
patch: |-
- op: remove
path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/karpenterNodePools/items/properties/spec/properties/template/properties/spec/properties/kubelet/properties/evictionHard/x-kubernetes-validations
- op: remove
path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/karpenterNodePools/items/properties/spec/properties/template/properties/spec/properties/kubelet/properties/evictionSoft/x-kubernetes-validations
- op: remove
path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/karpenterNodePools/items/properties/spec/properties/template/properties/spec/properties/kubelet/properties/kubeReserved/x-kubernetes-validations
- op: remove
path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/karpenterNodePools/items/properties/spec/properties/template/properties/spec/properties/kubelet/properties/evictionSoftGracePeriod/x-kubernetes-validations
- op: remove
path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/karpenterNodePools/items/properties/spec/properties/template/properties/spec/properties/kubelet/properties/systemReserved/x-kubernetes-validations
- op: remove
path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/karpenterNodePools/items/properties/spec/properties/template/properties/spec/properties/kubelet/x-kubernetes-validations
- op: remove
path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/karpenterNodePools/items/properties/spec/properties/template/properties/spec/properties/requirements/x-kubernetes-validations
target:
kind: CustomResourceDefinition
name: kopsmachinepools.infrastructure.cluster.x-k8s.io

0 comments on commit 1f540c8

Please sign in to comment.