care

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 29, 2025 License: Apache-2.0 Imports: 67 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// WebhookMaximumTimeoutSecondsNotProblematic is the maximum timeout in seconds a webhooks on critical resources can
	// have in order to not be considered as a problematic webhook by the constraints checks. Any webhook on critical
	// resources with a larger timeout is considered to be problematic.
	WebhookMaximumTimeoutSecondsNotProblematic = 15
	// WebhookMaximumTimeoutSecondsNotProblematicForLeases is the maximum timeout in seconds a webhooks on lease resources in
	// kube-system namespace can have in order to not be considered as a problematic webhook by the constraints checks.
	// Any webhook on lease resources in kube-system namespace with a larger timeout can break leader election of essential
	// control plane controllers.
	WebhookMaximumTimeoutSecondsNotProblematicForLeases = 3
)
View Source 
const ControllerName = "shoot-care"

ControllerName is the name of this controller.

Variables

View Source 
var (
	// NewOperation is used to create a new `operation.Operation` instance.
	NewOperation = defaultNewOperationFunc
	// NewHealthCheck is used to create a new Health check instance.
	NewHealthCheck = defaultNewHealthCheck
	// NewConstraintCheck is used to create a new Constraint check instance.
	NewConstraintCheck = defaultNewConstraintCheck
	// NewGarbageCollector is used to create a new garbage collection instance.
	NewGarbageCollector = defaultNewGarbageCollector
	// NewWebhookRemediator is used to create a new webhook remediation instance.
	NewWebhookRemediator = defaultNewWebhookRemediator
)
View Source 
var RandomDurationWithMetaDuration = utils.RandomDurationWithMetaDuration

RandomDurationWithMetaDuration is an alias for utils.RandomDurationWithMetaDuration.

Functions

func CheckForExpiredNodeLeases 

func CheckForExpiredNodeLeases(nodeList *corev1.NodeList, leaseList *coordinationv1.LeaseList, clock clock.Clock) error

CheckForExpiredNodeLeases checks if the number of expired node Leases surpasses 20% of all existing Leases. If yes, an error will be returned. The motivation is that dependency-watchdog is starting to scale down controllers when 60% of the Leases are expired.

func CheckIfDependencyWatchdogProberScaledDownControllers 

func CheckIfDependencyWatchdogProberScaledDownControllers(ctx context.Context, seedClient client.Client, shootNamespace string) ([]string, error)

CheckIfDependencyWatchdogProberScaledDownControllers checks if controllers have been scaled down by dependency-watchdog-prober.

func CheckNodeAgentLeases 

func CheckNodeAgentLeases(nodeList *corev1.NodeList, leaseList *coordinationv1.LeaseList, clock clock.Clock) error

CheckNodeAgentLeases checks if all nodes in the shoot cluster have a corresponding Lease object maintained by gardener-node-agent

func CheckNodesScalingDown 

func CheckNodesScalingDown(machineList *machinev1alpha1.MachineList, nodeList *corev1.NodeList, registeredNodes, desiredMachines int) error

CheckNodesScalingDown returns an error if nodes are being scaled down.

func CheckNodesScalingUp 

func CheckNodesScalingUp(machineList *machinev1alpha1.MachineList, readyNodes, desiredMachines int) error

CheckNodesScalingUp returns an error if nodes are being scaled up.

func ComputeRequiredControlPlaneDeployments 

func ComputeRequiredControlPlaneDeployments(shoot *gardencorev1beta1.Shoot) (sets.Set[string], error)

ComputeRequiredControlPlaneDeployments returns names of required deployments based on the given shoot.

func ComputeRequiredMonitoringSeedDeployments 

func ComputeRequiredMonitoringSeedDeployments(shoot *gardencorev1beta1.Shoot) sets.Set[string]

ComputeRequiredMonitoringSeedDeployments returns names of monitoring deployments based on the given shoot.

func IsProblematicWebhook 

func IsProblematicWebhook(
	failurePolicy *admissionregistrationv1.FailurePolicyType,
	objSelector *metav1.LabelSelector,
	nsSelector *metav1.LabelSelector,
	rules []admissionregistrationv1.RuleWithOperations,
	timeoutSeconds *int32,
) bool

IsProblematicWebhook checks if a single webhook of the Shoot Cluster is problematic. Problematic webhooks are webhooks with rules for CREATE/UPDATE/* pods or nodes and failurePolicy=Fail/nil. If the Shoot contains such a webhook, we can never wake up this shoot cluster again as new nodes cannot get created/ready, or our system component pods cannot get created/ready (because the webhook's backing pod is not yet running).

func PardonConditions 

func PardonConditions(clock clock.Clock, conditions []gardencorev1beta1.Condition, lastOp *gardencorev1beta1.LastOperation, lastErrors []gardencorev1beta1.LastError) []gardencorev1beta1.Condition

PardonConditions pardons the given condition if the Shoot is either in create (except successful create) or delete state.

Types

type Constraint 

type Constraint struct {
	// contains filtered or unexported fields
}

Constraint contains required information for shoot constraint checks.

func NewConstraint 

func NewConstraint(
	log logr.Logger,
	shoot *shoot.Shoot,
	seedClient client.Client,
	shootClientInit ShootClientInit,
	clock clock.Clock,
) *Constraint

NewConstraint returns a new constraint instance.

func (*Constraint) Check 

func (c *Constraint) Check(
	ctx context.Context,
	constraints ShootConstraints,
) []gardencorev1beta1.Condition

Check checks all given constraints.

func (*Constraint) CheckForProblematicWebhooks 

func (c *Constraint) CheckForProblematicWebhooks(ctx context.Context) (gardencorev1beta1.ConditionStatus, string, string, []gardencorev1beta1.ErrorCode, error)

CheckForProblematicWebhooks checks the Shoot for problematic webhooks which could prevent shoot worker nodes from joining the cluster.

func (*Constraint) CheckIfCACertificateValiditiesAcceptable 

func (c *Constraint) CheckIfCACertificateValiditiesAcceptable(ctx context.Context) (gardencorev1beta1.ConditionStatus, string, string, []gardencorev1beta1.ErrorCode, error)

CheckIfCACertificateValiditiesAcceptable checks whether there are CA certificates which are expiring in less than a year.

type ConstraintCheck 

type ConstraintCheck interface {
	Check(context.Context, ShootConstraints) []gardencorev1beta1.Condition
}

ConstraintCheck is an interface used to perform constraint checks.

type GarbageCollection 

type GarbageCollection struct {
	// contains filtered or unexported fields
}

GarbageCollection contains required information for shoot and seed garbage collection.

func NewGarbageCollection 

func NewGarbageCollection(op *operation.Operation, shootClientInit ShootClientInit) *GarbageCollection

NewGarbageCollection creates a new garbage collection instance.

func (*GarbageCollection) Collect 

func (g *GarbageCollection) Collect(ctx context.Context)

Collect cleans the Seed and the Shoot cluster from no longer required objects. It receives a botanist object <botanist> which stores the Shoot object.

type GarbageCollector 

type GarbageCollector interface {
	Collect(ctx context.Context)
}

GarbageCollector is an interface used to perform garbage collection.

type Health 

type Health struct {
	// contains filtered or unexported fields
}

Health contains information needed to execute shoot health checks.

func NewHealth 

func NewHealth(
	log logr.Logger,
	shoot *shoot.Shoot,
	seed *seed.Seed,
	seedClientSet kubernetes.Interface,
	gardenClient client.Client,
	shootClientInit ShootClientInit,
	clock clock.Clock,
	gardenletConfig *gardenletconfig.GardenletConfiguration,
	conditionThresholds map[gardencorev1beta1.ConditionType]time.Duration,
) *Health

NewHealth creates a new Health instance with the given parameters.

func (*Health) Check 

func (h *Health) Check(
	ctx context.Context,
	healthCheckOutdatedThreshold *metav1.Duration,
	conditions ShootConditions,
) []gardencorev1beta1.Condition

Check conducts the health checks on all the given conditions.

func (*Health) CheckClusterNodes 

func (h *Health) CheckClusterNodes(
	ctx context.Context,
	shootClient kubernetes.Interface,
	condition gardencorev1beta1.Condition,
) (
	*gardencorev1beta1.Condition,
	error,
)

CheckClusterNodes checks whether cluster nodes are healthy and within the desired range. Additional checks are executed in the provider extension.

type HealthCheck 

type HealthCheck interface {
	Check(ctx context.Context, threshold *metav1.Duration, conditions ShootConditions) []gardencorev1beta1.Condition
}

HealthCheck is an interface used to perform health checks.

type NewConstraintCheckFunc 

type NewConstraintCheckFunc func(
	log logr.Logger,
	shoot *shoot.Shoot,
	seedClient client.Client,
	shootClientInit ShootClientInit,
	clock clock.Clock,
) ConstraintCheck

NewConstraintCheckFunc is a function used to create a new instance for performing constraint checks.

type NewGarbageCollectorFunc 

type NewGarbageCollectorFunc func(op *operation.Operation, init ShootClientInit) GarbageCollector

NewGarbageCollectorFunc is a function used to create a new instance to perform garbage collection.

type NewHealthCheckFunc 

type NewHealthCheckFunc func(
	logger logr.Logger,
	shoot *shoot.Shoot,
	seed *seed.Seed,
	seedClient kubernetes.Interface,
	gardenClient client.Client,
	shootClientInit ShootClientInit,
	clock clock.Clock,
	gardenletConfig *gardenletconfig.GardenletConfiguration,
	conditionThresholds map[gardencorev1beta1.ConditionType]time.Duration,
) HealthCheck

NewHealthCheckFunc is a function used to create a new instance for performing health checks.

type NewOperationFunc 

type NewOperationFunc func(
	ctx context.Context,
	log logr.Logger,
	gardenClient client.Client,
	seedClientSet kubernetes.Interface,
	shootClientMap clientmap.ClientMap,
	config *gardenletconfig.GardenletConfiguration,
	gardenerInfo *gardencorev1beta1.Gardener,
	gardenClusterIdentity string,
	secrets map[string]*corev1.Secret,
	shoot *gardencorev1beta1.Shoot,
) (
	*operation.Operation,
	error,
)

NewOperationFunc is a function used to create a new `operation.Operation` instance.

type NewWebhookRemediatorFunc 

type NewWebhookRemediatorFunc func(op *operation.Operation, init ShootClientInit) WebhookRemediator

NewWebhookRemediatorFunc is a function used to create a new instance to perform webhook remediation.

type Reconciler 

type Reconciler struct {
	GardenClient          client.Client
	SeedClientSet         kubernetes.Interface
	ShootClientMap        clientmap.ClientMap
	Config                config.GardenletConfiguration
	Clock                 clock.Clock
	Identity              *gardencorev1beta1.Gardener
	GardenClusterIdentity string
	SeedName              string
	// contains filtered or unexported fields
}

Reconciler reconciles Shoot resources and executes care operations, e.g. health checks or garbage collection.

func (*Reconciler) AddToManager 

func (r *Reconciler) AddToManager(mgr manager.Manager, gardenCluster cluster.Cluster) error

AddToManager adds Reconciler to the given manager.

func (*Reconciler) EventHandler 

func (r *Reconciler) EventHandler() handler.EventHandler

EventHandler returns a handler for Shoot events.

func (*Reconciler) Reconcile 

func (r *Reconciler) Reconcile(ctx context.Context, req reconcile.Request) (reconcile.Result, error)

Reconcile executes care operations, e.g. health checks or garbage collection.

func (*Reconciler) ShootPredicate 

func (r *Reconciler) ShootPredicate() predicate.Predicate

ShootPredicate is a predicate which returns 'true' for create events, and for update events in case the shoot was successfully reconciled.

type ShootClientInit 

type ShootClientInit func() (kubernetes.Interface, bool, error)

ShootClientInit is a function that initializes a kubernetes client for a Shoot.

type ShootConditions 

type ShootConditions struct {
	// contains filtered or unexported fields
}

ShootConditions contains all shoot related conditions of the shoot status subresource.

func NewShootConditions 

func NewShootConditions(clock clock.Clock, shoot *gardencorev1beta1.Shoot) ShootConditions

NewShootConditions returns a new instance of ShootConditions. All conditions are retrieved from the given 'shoot' or newly initialized.

func (ShootConditions) ConditionTypes 

func (s ShootConditions) ConditionTypes() []gardencorev1beta1.ConditionType

ConditionTypes returns all shoot condition types.

func (ShootConditions) ConvertToSlice 

func (s ShootConditions) ConvertToSlice() []gardencorev1beta1.Condition

ConvertToSlice returns the shoot conditions as a slice.

type ShootConstraints 

type ShootConstraints struct {
	// contains filtered or unexported fields
}

ShootConstraints contains all constraints of the shoot status subresource.

func NewShootConstraints 

func NewShootConstraints(clock clock.Clock, shoot *gardencorev1beta1.Shoot) ShootConstraints

NewShootConstraints returns a new instance of ShootConstraints. All constraints are retrieved from the given 'shoot' or newly initialized.

func (ShootConstraints) ConstraintTypes 

func (g ShootConstraints) ConstraintTypes() []gardencorev1beta1.ConditionType

ConstraintTypes returns all shoot constraint types.

func (ShootConstraints) ConvertToSlice 

func (g ShootConstraints) ConvertToSlice() []gardencorev1beta1.Condition

ConvertToSlice returns the shoot constraints as a slice.

type WebhookRemediation 

type WebhookRemediation struct {
	// contains filtered or unexported fields
}

WebhookRemediation contains required information for shoot webhook remediation.

func NewWebhookRemediation 

func NewWebhookRemediation(log logr.Logger, shoot *gardencorev1beta1.Shoot, shootClientInit ShootClientInit) *WebhookRemediation

NewWebhookRemediation creates a new instance for webhook remediation.

func (*WebhookRemediation) Remediate 

func (r *WebhookRemediation) Remediate(ctx context.Context) error

Remediate mutates shoot webhooks not following the best practices documented by Kubernetes.

type WebhookRemediator 

type WebhookRemediator interface {
	Remediate(ctx context.Context) error
}

WebhookRemediator is an interface used to perform webhook remediation.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.