Documentation ¶
Index ¶
- Constants
- func ContainerAnnotation(containerName, suffix string) string
- func GetContainerByName(pod *corev1.Pod, name string) *corev1.Container
- func GetImageTagForContainer(cName string, pod *corev1.Pod) (string, bool)
- func GetMainUserContainer(pod *corev1.Pod) *corev1.Container
- func IsMockPod(pod *corev1.Pod) bool
- func IsPlatformSidecarContainer(name string, pod *corev1.Pod) bool
- func IsScheduledInTrough(pod *corev1.Pod) bool
- func PodSchemaVersion(pod *corev1.Pod) (uint32, error)
- func SidecarAnnotation(sidecarName, suffix string) string
- type Config
- type PlatformSidecar
- type Sidecar
Constants ¶
const ( AnnotationKeyInstanceType = "node.titus.netflix.com/itype" AnnotationKeyRegion = "node.titus.netflix.com/region" AnnotationKeyStack = "node.titus.netflix.com/stack" AnnotationKeyAZ = "failure-domain.beta.kubernetes.io/zone" // Pod Networking AnnotationKeyEgressBandwidth = "kubernetes.io/egress-bandwidth" AnnotationKeyIngressBandwidth = "kubernetes.io/ingress-bandwidth" // Pod ENI // AnnotationKeyIPAddress represents a generic "primary", could be ipv4 or v6 AnnotationKeyIPAddress = "network.netflix.com/address-ip" AnnotationKeyIPv4Address = "network.netflix.com/address-ipv4" AnnotationKeyIPv4PrefixLength = "network.netflix.com/prefixlen-ipv4" AnnotationKeyIPv6Address = "network.netflix.com/address-ipv6" AnnotationKeyIPv6PrefixLength = "network.netflix.com/prefixlen-ipv6" // AnnotationKeyIPv4TransitionAddress represents the "NAT" ip for certain IPv6-only modes AnnotationKeyIPv4TransitionAddress = "network.netflix.com/address-transition-ipv4" AnnotationKeyElasticIPv4Address = "network.netflix.com/address-elastic-ipv4" AnnotationKeyElasticIPv6Address = "network.netflix.com/address-elastic-ipv6" AnnotationKeyBranchEniID = "network.netflix.com/branch-eni-id" AnnotationKeyBranchEniMac = "network.netflix.com/branch-eni-mac" AnnotationKeyBranchEniVpcID = "network.netflix.com/branch-eni-vpc" AnnotationKeyBranchEniSubnet = "network.netflix.com/branch-eni-subnet" AnnotationKeyTrunkEniID = "network.netflix.com/trunk-eni-id" AnnotationKeyTrunkEniMac = "network.netflix.com/trunk-eni-mac" AnnotationKeyTrunkEniVpcID = "network.netflix.com/trunk-eni-vpc" AnnotationKeyVlanID = "network.netflix.com/vlan-id" AnnotationKeyAllocationIdx = "network.netflix.com/allocation-idx" // matches kube2iam AnnotationKeyIAMRole = "iam.amazonaws.com/role" AnnotationKeySecurityGroupsLegacy = "network.titus.netflix.com/securityGroups" // https://kubernetes.io/docs/tutorials/clusters/apparmor/#securing-a-pod AnnotationKeyPrefixAppArmor = "container.apparmor.security.beta.kubernetes.io" // AnnotationKeyPodSchemaVersion is an integer specifying what schema version a pod was created with AnnotationKeyPodSchemaVersion = "pod.netflix.com/pod-schema-version" AnnotationKeyWorkloadDetail = "workload.netflix.com/detail" AnnotationKeyWorkloadName = "workload.netflix.com/name" AnnotationKeyWorkloadOwnerEmail = "workload.netflix.com/owner-email" AnnotationKeyWorkloadSequence = "workload.netflix.com/sequence" AnnotationKeyWorkloadStack = "workload.netflix.com/stack" // Titus-specific fields AnnotationKeyJobAcceptedTimestampMs = "v3.job.titus.netflix.com/accepted-timestamp-ms" AnnotationKeyJobID = "v3.job.titus.netflix.com/id" AnnotationKeyJobType = "v3.job.titus.netflix.com/type" AnnotationKeyJobDescriptor = "v3.job.titus.netflix.com/descriptor" AnnotationKeyJobApplicationName = "v3.job.titus.netflix.com/application" AnnotationKeyJobDisruptionBudgetPolicy = "v3.job.titus.netflix.com/disruption-budget-policy" // AnnotationKeyPodTitusContainerInfo - to be removed once VK supports the full pod spec AnnotationKeyPodTitusContainerInfo = "pod.titus.netflix.com/container-info" // AnnotationKeyPodTitusEntrypointShellSplitting tells the executor to preserve the legacy shell splitting behaviour AnnotationKeyPodTitusEntrypointShellSplitting = "pod.titus.netflix.com/entrypoint-shell-splitting-enabled" // AnnotationKeyPodTitusSystemEnvVarNames tells the executor the names of the system-specified environment variables AnnotationKeyPodTitusSystemEnvVarNames = "pod.titus.netflix.com/system-env-var-names" // AnnotationKeyPodInjectedEnvVarNames tells the executor the names of the externally-injected environment variables, // which neither come from the user nor titus itself, and should be ignored for identify verification purposes AnnotationKeyPodInjectedEnvVarNames = "pod.titus.netflix.com/injected-env-var-names" // Deprecated. Use AnnotationKeySuffixContainerImageTag instead AnnotationKeyImageTagPrefix = "pod.titus.netflix.com/image-tag-" AnnotationKeyPodPriorityClassIntent = "pod.titus.netflix.com/priority-class-intent" AnnotationKeyPodScheduledInTrough = "pod.titus.netflix.com/scheduled-in-trough" AnnotationKeyPodPreemptionResubmitCount = "resubmit-number.pod.netflix.com/preemption" AnnotationKeyPodScheduledTroughName = "pod.titus.netflix.com/scheduled-trough-name" // AnnotationKeyPodTerminationReason is a human readable string indicating *why* a pod was terminated. // It is the responsibility of any code that calls pod.delete() to populate this annotation so that operators // of the system can understand why a pod was deleted. AnnotationKeyPodTerminationReason = "pod.titus.netflix.com/pod-termination-reason" // AnnotationKeyPodTerminationReasonCode is a structured annotation whose values should be // one of the known AnnotationValuePodTerminationReasonCodes AnnotationKeyPodTerminationReasonCode = "pod.titus.netflix.com/pod-termination-reason-code" // AnnotationValuePodTerminationReasonCodeKilled should be used when a task is explicitly terminated by a user. AnnotationValuePodTerminationReasonCodeKilled = "killed" // AnnotationValuePodTerminationReasonCodeEvicted should be used when a task is terminated by an eviction service. AnnotationValuePodTerminationReasonCodeEvicted = "evicted" // AnnotationValuePodTerminationReasonCodePreempted should be used when a task is preempted by the scheduler to make space for another task. AnnotationValuePodTerminationReasonCodePreempted = "preempted" // AnnotationValuePodTerminationReasonCodeLost should be used when the task was lost, and its final status is unknown. AnnotationValuePodTerminationReasonCodeLost = "lost" // AnnotationKeyPodTerminationByCaller is a human readable string indicating which Titus component actually deleted the pod AnnotationKeyPodTerminationByCaller = "pod.titus.netflix.com/pod-termination-by-caller" // networking - used by the Titus CNI AnnotationKeySubnetsLegacy = "network.titus.netflix.com/subnets" AnnotationKeyAccountIDLegacy = "network.titus.netflix.com/accountId" AnnotationKeyNetworkAccountID = "network.netflix.com/account-id" AnnotationKeyNetworkBurstingEnabled = "network.netflix.com/network-bursting-enabled" AnnotationKeyNetworkAssignIPv6Address = "network.netflix.com/assign-ipv6-address" AnnotationKeyNetworkElasticIPPool = "network.netflix.com/elastic-ip-pool" AnnotationKeyNetworkElasticIPs = "network.netflix.com/elastic-ips" AnnotationKeyNetworkIMDSRequireToken = "network.netflix.com/imds-require-token" AnnotationKeyNetworkJumboFramesEnabled = "network.netflix.com/jumbo-frames-enabled" AnnotationKeyNetworkMode = "network.netflix.com/network-mode" // AnnotationKeyEffectiveNetworkMode represents the network mode computed by the titus-executor // This may not be the same as the original (potentially unset) requested network mode AnnotationKeyEffectiveNetworkMode = "network.netflix.com/effective-network-mode" AnnotationKeyNetworkSecurityGroups = "network.netflix.com/security-groups" AnnotationKeyNetworkSubnetIDs = "network.netflix.com/subnet-ids" // TODO: deprecate this in favor of using the UUID annotation below AnnotationKeyNetworkStaticIPAllocationUUID = "network.netflix.com/static-ip-allocation-uuid" // storage AnnotationKeyStorageEBSVolumeID = "ebs.volume.netflix.com/volume-id" AnnotationKeyStorageEBSMountPath = "ebs.volume.netflix.com/mount-path" AnnotationKeyStorageEBSMountPerm = "ebs.volume.netflix.com/mount-perm" AnnotationKeyStorageEBSFSType = "ebs.volume.netflix.com/fs-type" AnnotationKeySecurityWorkloadMetadata = "security.netflix.com/workload-metadata" AnnotationKeySecurityWorkloadMetadataSig = "security.netflix.com/workload-metadata-sig" AnnotationKeyNflxIMDSEnabled = "security.netflix.com/nflx-imds-enabled" // AnnotationKeyOpportunisticCPU - assigned opportunistic CPUs AnnotationKeyOpportunisticCPU = "opportunistic.scheduler.titus.netflix.com/cpu" // AnnotationKeyOpportunisticResourceID - name of the opportunistic resource CRD used during scheduling AnnotationKeyOpportunisticResourceID = "opportunistic.scheduler.titus.netflix.com/id" // AnnotationKeyPredictionRuntime - predicted runtime (Go’s time.Duration format) AnnotationKeyPredictionRuntime = "predictions.scheduler.titus.netflix.com/runtime" // AnnotationKeyPredictionConfidence - confidence (percentile) of the prediction picked above AnnotationKeyPredictionConfidence = "predictions.scheduler.titus.netflix.com/confidence" // AnnotationKeyPredictionModelID - model uuid used for the runtime prediction picked above AnnotationKeyPredictionModelID = "predictions.scheduler.titus.netflix.com/model-id" // AnnotationKeyPredictionModelVersion - version of the model used for the prediction above AnnotationKeyPredictionModelVersion = "predictions.scheduler.titus.netflix.com/version" // AnnotationKeyPredictionABTestCell - cell allocation for prediction AB tests AnnotationKeyPredictionABTestCell = "predictions.scheduler.titus.netflix.com/ab-test" // AnnotationKeyPredictionPredictionAvailable - array of predictions available during job admission AnnotationKeyPredictionPredictionAvailable = "predictions.scheduler.titus.netflix.com/available" // AnnotationKeyPredictionSelectorInfo - metadata from the prediction selection algorithm AnnotationKeyPredictionSelectorInfo = "predictions.scheduler.titus.netflix.com/selector-info" AnnotationKeyPodPreemptedBy = "preemption.netflix.com/preempted-by" AnnotationKeyPodPreemptedPods = "preemption.netflix.com/preempted-pods" AnnotationKeyPodCPUBurstingEnabled = "pod.netflix.com/cpu-bursting-enabled" AnnotationKeyPodKvmEnabled = "pod.netflix.com/kvm-enabled" AnnotationKeyPodFuseEnabled = "pod.netflix.com/fuse-enabled" AnnotationKeyPodHostnameStyle = "pod.netflix.com/hostname-style" AnnotationKeyPodOomScoreAdj = "pod.netflix.com/oom-score-adj" AnnotationKeyPodSchedPolicy = "pod.netflix.com/sched-policy" AnnotationKeyPodSeccompAgentNetEnabled = "pod.netflix.com/seccomp-agent-net-enabled" AnnotationKeyPodSeccompAgentPerfEnabled = "pod.netflix.com/seccomp-agent-perf-enabled" AnnotationKeyPodTrafficSteeringEnabled = "pod.netflix.com/traffic-steering-enabled" // container annotations (specified on a pod about a container) // Specific containers indicate they want to set something by appending // a prefix key with their container name ($name.containers.netflix.com). // Use the pod.ContainerAnnotation() function to help construct the annotation key AnnotationKeySuffixContainers = "containers.netflix.com" AnnotationKeySuffixContainersSidecar = "platform-sidecar" // AnnotationKeySuffixContainersCapabilities is a per-container annotation that sets // the Titus ContainerCapabilities setting for that container. // Values of this annotation should be a CSV of the string value in the protobuf enum, // but without the `ContainerCapabilities` string. // A full example would be "capabilities.containers.netflix.com/mycoolsidecar: FUSE,Default" // Note that arbitrary combinations of capabilities are not necessarily valid. AnnotationKeySuffixContainersCapabilities = "capabilities" // AnnotationsKeySuffixContainersStartBefore provides a comma-separated // list of other containers in the pod that should only be started // *after* the specified container starts up and its health check // succeeds. If startup order isn't specified, sidecars may be started // in any order. Conflicting startup order requests are treated as an // error. AnnotationKeySuffixContainersStartBefore = "start-before" // AnnotationsKeySuffixContainersStartBefore provides a comma-separated // list of other containers in the pod that must be started and have // their health checks succeed *before* the specified container starts // up. If startup order isn't specified, sidecars may be started in any // order. Conflicting startup order requests are treated as an error. AnnotationKeySuffixContainersStartAfter = "start-after" // AnnotationKeySuffixContainerImageTag stores the original tag for the an image. // This is because on the v1 pod image field, there is only room for the digest and no room for the tag it came from AnnotationKeySuffixContainerImageTag = "image-tag" AnnotationKeyLogKeepLocalFile = "log.netflix.com/keep-local-file-after-upload" AnnotationKeyLogS3BucketName = "log.netflix.com/s3-bucket-name" AnnotationKeyLogS3PathPrefix = "log.netflix.com/s3-path-prefix" AnnotationKeyLogS3WriterIAMRole = "log.netflix.com/s3-writer-iam-role" AnnotationKeyLogStdioCheckInterval = "log.netflix.com/stdio-check-interval" AnnotationKeyLogUploadThresholdTime = "log.netflix.com/upload-threshold-time" AnnotationKeyLogUploadCheckInterval = "log.netflix.com/upload-check-interval" AnnotationKeyLogUploadRegexp = "log.netflix.com/upload-regexp" AnnotationKeyServicePrefix = "service.netflix.com" AnnotationKeySuffixSidecars = "platform-sidecars.netflix.com" AnnotationKeySuffixSidecarsChannelOverride = "channel-override" AnnotationKeySuffixSidecarsChannelOverrideReason = "channel-override-reason" // release = $channel/$version AnnotationKeySuffixSidecarsRelease = "release" // scheduling soft SLAs // priority handling in scheduling queue AnnotationKeySchedLatencyReq = "scheduler.titus.netflix.com/sched-latency-req" AnnotationValSchedLatencyDelay = "delay" AnnotationValSchedLatencyFast = "fast" // dynamic spreading behavior AnnotationKeySchedSpreadingReq = "scheduler.titus.netflix.com/spreading-req" AnnotationValSchedSpreadingPack = "pack" AnnotationValSchedSpreadingSpread = "spread" // duration prediction v3 AnnotationKeyPredRuntimeQuantiles = "runtime.predictions.titus.netflix.com/quantiles" AnnotationKeyPredRuntimeModelVersion = "runtime.predictions.titus.netflix.com/model-version" AnnotationKeyPredRuntimeModelID = "runtime.predictions.titus.netflix.com/model-id" // mockPod AnnotationKeyPodParameterMockPodPrepareTime = "mockPod.netflix.com/prepareTime" AnnotationKeyPodParameterMockPodRunTime = "mockPod.netflix.com/runTime" AnnotationKeyPodParameterMockPodKillTime = "mockPod.netflix.com/killTime" // version recording; this is output from titus-executor mostly used // for debugging. AnnotationKeyRuntimeVersions = "runtime.titus.netflix.com/versions" )
const ( // High-level "domains" used for labels and annotations DomainNetflix = "netflix.com" DomainTitus = "titus.netflix.com" DomainPod = "pod.netflix.com" // Job details LabelKeyAppLegacy = "netflix.com/applicationName" LabelKeyDetailLegacy = "netflix.com/detail" LabelKeySequenceLegacy = "netflix.com/sequence" LabelKeyStackLegacy = "netflix.com/stack" LabelKeyByteUnitsEnabled = "pod.titus.netflix.com/byteUnits" LabelKeyCapacityGroupLegacy = "titus.netflix.com/capacityGroup" // v1 pod labels LabelKeyJobId = "v3.job.titus.netflix.com/job-id" LabelKeyTaskId = "v3.job.titus.netflix.com/task-id" LabelKeyCapacityGroup = "titus.netflix.com/capacity-group" LabelKeyWorkloadName = "workload.netflix.com/name" LabelKeyWorkloadStack = "workload.netflix.com/stack" LabelKeyWorkloadDetail = "workload.netflix.com/detail" LabelKeyWorkloadSequence = "workload.netflix.com/sequence" )
const ( BestEffortEvictablePriority = "best-effort-evictable" NormalPriority = "normal" SchedPriorityFast = "sched-latency-fast" SchedPriorityMedium = "sched-latency-medium" SchedPriorityDelay = "sched-latency-delay" SchedNameDefault = "default-scheduler" SchedNameMixed = "titus-kube-scheduler-mixed" SchedNameReserved = "titus-kube-scheduler-reserved" SchedNameRservedBinpacking = "titus-kube-scheduler-reserved-binpacking" NamespaceDefault = "default" ImagePullPolicyIfNotPresent = "IfNotPresent" RestartPolicyNever = "Never" DNSPolicyDefault = "Default" )
Variables ¶
This section is empty.
Functions ¶
func ContainerAnnotation ¶ added in v0.21.0
ContainerAnnotation forms an annotation key referencing a particular container.
func GetContainerByName ¶ added in v0.11.0
func GetImageTagForContainer ¶ added in v0.21.1
GetImageTagForContainer looks up the original tag that was used to create the image string in the Container Spec. It may return an empty string if there was no tag, or if it was missing
func GetMainUserContainer ¶ added in v0.28.0
func IsPlatformSidecarContainer ¶ added in v0.16.0
IsPlatformSidecarContainer takes a container name and pod object, and can tell you if a particular container is a Platform Sidecar.
func IsScheduledInTrough ¶ added in v0.36.4
func PodSchemaVersion ¶ added in v0.9.0
PodSchemaVersion returns the pod schema version used to create a pod. If unset, returns 0
func SidecarAnnotation ¶ added in v0.21.0
SidecarAnnotation forms an annotation key referencing a particular sidecar.
Types ¶
type Config ¶ added in v0.9.0
type Config struct { AssignIPv6Address *bool AccountID *string AppArmorProfile *string CapacityGroup *string CPUBurstingEnabled *bool ContainerInfo *string EgressBandwidth *resource.Quantity ElasticIPPool *string ElasticIPs *string EntrypointShellSplitting *bool FuseEnabled *bool HostnameStyle *string IAMRole *string InjectedEnvVarNames []string IngressBandwidth *resource.Quantity IMDSRequireToken *string JobAcceptedTimestampMs *uint64 JobDescriptor *string JobID *string JobType *string JumboFramesEnabled *bool KvmEnabled *bool LogKeepLocalFile *bool LogUploadCheckInterval *time.Duration LogUploadThresholdTime *time.Duration LogUploadRegExp *regexp.Regexp LogStdioCheckInterval *time.Duration LogS3WriterIAMRole *string LogS3BucketName *string LogS3PathPrefix *string NetworkMode *string NetworkBurstingEnabled *bool NflxIMDSEnabled *bool OomScoreAdj *int32 PodSchemaVersion *uint32 ResourceCPU *resource.Quantity ResourceDisk *resource.Quantity ResourceGPU *resource.Quantity ResourceMemory *resource.Quantity ResourceNetwork *resource.Quantity SchedPolicy *string SeccompAgentNetEnabled *bool SeccompAgentPerfEnabled *bool TrafficSteeringEnabled *bool SecurityGroupIDs *[]string Sidecars []Sidecar StaticIPAllocationUUID *string SystemEnvVarNames []string SubnetIDs *[]string TaskID *string TTYEnabled *bool WorkloadDetail *string WorkloadName *string WorkloadMetadata *string WorkloadMetadataSig *string WorkloadOwnerEmail *string WorkloadSequence *string WorkloadStack *string }
Config contains configuration parameters parsed out from various places in the pod (such as annotations). All fields are pointers, to differentiate between a field being unset and the empty value.
type PlatformSidecar ¶ added in v0.21.0
type PlatformSidecar struct { Name string Channel string ArgsJSON []byte ChannelDefinitionID string }
func PlatformSidecars ¶ added in v0.21.0
func PlatformSidecars(annotations map[string]string) ([]PlatformSidecar, error)
PlatformSidecars parses sidecar-related annotations and returns a structured slice of platform sidecars.