v1

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 5, 2023 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package policy is for any kind of policy object. Suitable examples, even if they aren't all here, are PodDisruptionBudget, PodSecurityPolicy, NetworkPolicy, etc.

Index

Constants

View Source
const (
	// DisruptionAllowedCondition is a condition set by the disruption controller
	// that signal whether any of the pods covered by the PDB can be disrupted.
	DisruptionAllowedCondition = "DisruptionAllowed"

	// SyncFailedReason is set on the DisruptionAllowed condition if reconcile
	// of the PDB failed and therefore disruption of pods are not allowed.
	SyncFailedReason = "SyncFailed"
	// SufficientPodsReason is set on the DisruptionAllowed condition if there are
	// more pods covered by the PDB than required and at least one can be disrupted.
	SufficientPodsReason = "SufficientPods"
	// InsufficientPodsReason is set on the DisruptionAllowed condition if the number
	// of pods are equal to or fewer than required by the PDB.
	InsufficientPodsReason = "InsufficientPods"
)
View Source
const DisruptionBudgetCause metav1.CauseType = "DisruptionBudget"

DisruptionBudgetCause is the status cause returned for eviction failures caused by PodDisruptionBudget violations.

View Source
const GroupName = "policy"

GroupName is the group name use in this package

Variables

View Source
var (
	ErrInvalidLengthGenerated        = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowGenerated          = fmt.Errorf("proto: integer overflow")
	ErrUnexpectedEndOfGroupGenerated = fmt.Errorf("proto: unexpected end of group")
)
View Source
var (
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)

	AddToScheme = localSchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}

SchemeGroupVersion is group version used to register these objects

Functions

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type Eviction

type Eviction struct {
	metav1.TypeMeta `json:",inline"`

	// ObjectMeta describes the pod that is being evicted.
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// DeleteOptions may be provided
	// +optional
	DeleteOptions *metav1.DeleteOptions `json:"deleteOptions,omitempty" protobuf:"bytes,2,opt,name=deleteOptions"`
}

Eviction evicts a pod from its node subject to certain policies and safety constraints. This is a subresource of Pod. A request to cause such an eviction is created by POSTing to .../pods/<pod name>/evictions.

func (*Eviction) DeepCopy

func (in *Eviction) DeepCopy() *Eviction

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Eviction.

func (*Eviction) DeepCopyInto

func (in *Eviction) DeepCopyInto(out *Eviction)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Eviction) DeepCopyObject

func (in *Eviction) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Eviction) Descriptor

func (*Eviction) Descriptor() ([]byte, []int)

func (*Eviction) Marshal

func (m *Eviction) Marshal() (dAtA []byte, err error)

func (*Eviction) MarshalTo

func (m *Eviction) MarshalTo(dAtA []byte) (int, error)

func (*Eviction) MarshalToSizedBuffer

func (m *Eviction) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Eviction) ProtoMessage

func (*Eviction) ProtoMessage()

func (*Eviction) Reset

func (m *Eviction) Reset()

func (*Eviction) Size

func (m *Eviction) Size() (n int)

func (*Eviction) String

func (this *Eviction) String() string

func (Eviction) SwaggerDoc

func (Eviction) SwaggerDoc() map[string]string

func (*Eviction) Unmarshal

func (m *Eviction) Unmarshal(dAtA []byte) error

func (*Eviction) XXX_DiscardUnknown

func (m *Eviction) XXX_DiscardUnknown()

func (*Eviction) XXX_Marshal

func (m *Eviction) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Eviction) XXX_Merge

func (m *Eviction) XXX_Merge(src proto.Message)

func (*Eviction) XXX_Size

func (m *Eviction) XXX_Size() int

func (*Eviction) XXX_Unmarshal

func (m *Eviction) XXX_Unmarshal(b []byte) error

type PodDisruptionBudget

type PodDisruptionBudget struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Specification of the desired behavior of the PodDisruptionBudget.
	// +optional
	Spec PodDisruptionBudgetSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
	// Most recently observed status of the PodDisruptionBudget.
	// +optional
	Status PodDisruptionBudgetStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
}

PodDisruptionBudget is an object to define the max disruption that can be caused to a collection of pods

func (*PodDisruptionBudget) DeepCopy

func (in *PodDisruptionBudget) DeepCopy() *PodDisruptionBudget

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDisruptionBudget.

func (*PodDisruptionBudget) DeepCopyInto

func (in *PodDisruptionBudget) DeepCopyInto(out *PodDisruptionBudget)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodDisruptionBudget) DeepCopyObject

func (in *PodDisruptionBudget) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PodDisruptionBudget) Descriptor

func (*PodDisruptionBudget) Descriptor() ([]byte, []int)

func (*PodDisruptionBudget) Marshal

func (m *PodDisruptionBudget) Marshal() (dAtA []byte, err error)

func (*PodDisruptionBudget) MarshalTo

func (m *PodDisruptionBudget) MarshalTo(dAtA []byte) (int, error)

func (*PodDisruptionBudget) MarshalToSizedBuffer

func (m *PodDisruptionBudget) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodDisruptionBudget) ProtoMessage

func (*PodDisruptionBudget) ProtoMessage()

func (*PodDisruptionBudget) Reset

func (m *PodDisruptionBudget) Reset()

func (*PodDisruptionBudget) Size

func (m *PodDisruptionBudget) Size() (n int)

func (*PodDisruptionBudget) String

func (this *PodDisruptionBudget) String() string

func (PodDisruptionBudget) SwaggerDoc

func (PodDisruptionBudget) SwaggerDoc() map[string]string

func (*PodDisruptionBudget) Unmarshal

func (m *PodDisruptionBudget) Unmarshal(dAtA []byte) error

func (*PodDisruptionBudget) XXX_DiscardUnknown

func (m *PodDisruptionBudget) XXX_DiscardUnknown()

func (*PodDisruptionBudget) XXX_Marshal

func (m *PodDisruptionBudget) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodDisruptionBudget) XXX_Merge

func (m *PodDisruptionBudget) XXX_Merge(src proto.Message)

func (*PodDisruptionBudget) XXX_Size

func (m *PodDisruptionBudget) XXX_Size() int

func (*PodDisruptionBudget) XXX_Unmarshal

func (m *PodDisruptionBudget) XXX_Unmarshal(b []byte) error

type PodDisruptionBudgetList

type PodDisruptionBudgetList struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
	// +optional
	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
	// Items is a list of PodDisruptionBudgets
	Items []PodDisruptionBudget `json:"items" protobuf:"bytes,2,rep,name=items"`
}

PodDisruptionBudgetList is a collection of PodDisruptionBudgets.

func (*PodDisruptionBudgetList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDisruptionBudgetList.

func (*PodDisruptionBudgetList) DeepCopyInto

func (in *PodDisruptionBudgetList) DeepCopyInto(out *PodDisruptionBudgetList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodDisruptionBudgetList) DeepCopyObject

func (in *PodDisruptionBudgetList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PodDisruptionBudgetList) Descriptor

func (*PodDisruptionBudgetList) Descriptor() ([]byte, []int)

func (*PodDisruptionBudgetList) Marshal

func (m *PodDisruptionBudgetList) Marshal() (dAtA []byte, err error)

func (*PodDisruptionBudgetList) MarshalTo

func (m *PodDisruptionBudgetList) MarshalTo(dAtA []byte) (int, error)

func (*PodDisruptionBudgetList) MarshalToSizedBuffer

func (m *PodDisruptionBudgetList) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodDisruptionBudgetList) ProtoMessage

func (*PodDisruptionBudgetList) ProtoMessage()

func (*PodDisruptionBudgetList) Reset

func (m *PodDisruptionBudgetList) Reset()

func (*PodDisruptionBudgetList) Size

func (m *PodDisruptionBudgetList) Size() (n int)

func (*PodDisruptionBudgetList) String

func (this *PodDisruptionBudgetList) String() string

func (PodDisruptionBudgetList) SwaggerDoc

func (PodDisruptionBudgetList) SwaggerDoc() map[string]string

func (*PodDisruptionBudgetList) Unmarshal

func (m *PodDisruptionBudgetList) Unmarshal(dAtA []byte) error

func (*PodDisruptionBudgetList) XXX_DiscardUnknown

func (m *PodDisruptionBudgetList) XXX_DiscardUnknown()

func (*PodDisruptionBudgetList) XXX_Marshal

func (m *PodDisruptionBudgetList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodDisruptionBudgetList) XXX_Merge

func (m *PodDisruptionBudgetList) XXX_Merge(src proto.Message)

func (*PodDisruptionBudgetList) XXX_Size

func (m *PodDisruptionBudgetList) XXX_Size() int

func (*PodDisruptionBudgetList) XXX_Unmarshal

func (m *PodDisruptionBudgetList) XXX_Unmarshal(b []byte) error

type PodDisruptionBudgetSpec

type PodDisruptionBudgetSpec struct {
	// An eviction is allowed if at least "minAvailable" pods selected by
	// "selector" will still be available after the eviction, i.e. even in the
	// absence of the evicted pod.  So for example you can prevent all voluntary
	// evictions by specifying "100%".
	// +optional
	MinAvailable *intstr.IntOrString `json:"minAvailable,omitempty" protobuf:"bytes,1,opt,name=minAvailable"`

	// Label query over pods whose evictions are managed by the disruption
	// budget.
	// A null selector will match no pods, while an empty ({}) selector will select
	// all pods within the namespace.
	// +patchStrategy=replace
	// +optional
	Selector *metav1.LabelSelector `json:"selector,omitempty" patchStrategy:"replace" protobuf:"bytes,2,opt,name=selector"`

	// An eviction is allowed if at most "maxUnavailable" pods selected by
	// "selector" are unavailable after the eviction, i.e. even in absence of
	// the evicted pod. For example, one can prevent all voluntary evictions
	// by specifying 0. This is a mutually exclusive setting with "minAvailable".
	// +optional
	MaxUnavailable *intstr.IntOrString `json:"maxUnavailable,omitempty" protobuf:"bytes,3,opt,name=maxUnavailable"`

	// UnhealthyPodEvictionPolicy defines the criteria for when unhealthy pods
	// should be considered for eviction. Current implementation considers healthy pods,
	// as pods that have status.conditions item with type="Ready",status="True".
	//
	// Valid policies are IfHealthyBudget and AlwaysAllow.
	// If no policy is specified, the default behavior will be used,
	// which corresponds to the IfHealthyBudget policy.
	//
	// IfHealthyBudget policy means that running pods (status.phase="Running"),
	// but not yet healthy can be evicted only if the guarded application is not
	// disrupted (status.currentHealthy is at least equal to status.desiredHealthy).
	// Healthy pods will be subject to the PDB for eviction.
	//
	// AlwaysAllow policy means that all running pods (status.phase="Running"),
	// but not yet healthy are considered disrupted and can be evicted regardless
	// of whether the criteria in a PDB is met. This means perspective running
	// pods of a disrupted application might not get a chance to become healthy.
	// Healthy pods will be subject to the PDB for eviction.
	//
	// Additional policies may be added in the future.
	// Clients making eviction decisions should disallow eviction of unhealthy pods
	// if they encounter an unrecognized policy in this field.
	//
	// This field is alpha-level. The eviction API uses this field when
	// the feature gate PDBUnhealthyPodEvictionPolicy is enabled (disabled by default).
	// +optional
	UnhealthyPodEvictionPolicy *UnhealthyPodEvictionPolicyType `json:"unhealthyPodEvictionPolicy,omitempty" protobuf:"bytes,4,opt,name=unhealthyPodEvictionPolicy"`
}

PodDisruptionBudgetSpec is a description of a PodDisruptionBudget.

func (*PodDisruptionBudgetSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDisruptionBudgetSpec.

func (*PodDisruptionBudgetSpec) DeepCopyInto

func (in *PodDisruptionBudgetSpec) DeepCopyInto(out *PodDisruptionBudgetSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodDisruptionBudgetSpec) Descriptor

func (*PodDisruptionBudgetSpec) Descriptor() ([]byte, []int)

func (*PodDisruptionBudgetSpec) Marshal

func (m *PodDisruptionBudgetSpec) Marshal() (dAtA []byte, err error)

func (*PodDisruptionBudgetSpec) MarshalTo

func (m *PodDisruptionBudgetSpec) MarshalTo(dAtA []byte) (int, error)

func (*PodDisruptionBudgetSpec) MarshalToSizedBuffer

func (m *PodDisruptionBudgetSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodDisruptionBudgetSpec) ProtoMessage

func (*PodDisruptionBudgetSpec) ProtoMessage()

func (*PodDisruptionBudgetSpec) Reset

func (m *PodDisruptionBudgetSpec) Reset()

func (*PodDisruptionBudgetSpec) Size

func (m *PodDisruptionBudgetSpec) Size() (n int)

func (*PodDisruptionBudgetSpec) String

func (this *PodDisruptionBudgetSpec) String() string

func (PodDisruptionBudgetSpec) SwaggerDoc

func (PodDisruptionBudgetSpec) SwaggerDoc() map[string]string

func (*PodDisruptionBudgetSpec) Unmarshal

func (m *PodDisruptionBudgetSpec) Unmarshal(dAtA []byte) error

func (*PodDisruptionBudgetSpec) XXX_DiscardUnknown

func (m *PodDisruptionBudgetSpec) XXX_DiscardUnknown()

func (*PodDisruptionBudgetSpec) XXX_Marshal

func (m *PodDisruptionBudgetSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodDisruptionBudgetSpec) XXX_Merge

func (m *PodDisruptionBudgetSpec) XXX_Merge(src proto.Message)

func (*PodDisruptionBudgetSpec) XXX_Size

func (m *PodDisruptionBudgetSpec) XXX_Size() int

func (*PodDisruptionBudgetSpec) XXX_Unmarshal

func (m *PodDisruptionBudgetSpec) XXX_Unmarshal(b []byte) error

type PodDisruptionBudgetStatus

type PodDisruptionBudgetStatus struct {
	// Most recent generation observed when updating this PDB status. DisruptionsAllowed and other
	// status information is valid only if observedGeneration equals to PDB's object generation.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,1,opt,name=observedGeneration"`

	// DisruptedPods contains information about pods whose eviction was
	// processed by the API server eviction subresource handler but has not
	// yet been observed by the PodDisruptionBudget controller.
	// A pod will be in this map from the time when the API server processed the
	// eviction request to the time when the pod is seen by PDB controller
	// as having been marked for deletion (or after a timeout). The key in the map is the name of the pod
	// and the value is the time when the API server processed the eviction request. If
	// the deletion didn't occur and a pod is still there it will be removed from
	// the list automatically by PodDisruptionBudget controller after some time.
	// If everything goes smooth this map should be empty for the most of the time.
	// Large number of entries in the map may indicate problems with pod deletions.
	// +optional
	DisruptedPods map[string]metav1.Time `json:"disruptedPods,omitempty" protobuf:"bytes,2,rep,name=disruptedPods"`

	// Number of pod disruptions that are currently allowed.
	DisruptionsAllowed int32 `json:"disruptionsAllowed" protobuf:"varint,3,opt,name=disruptionsAllowed"`

	// current number of healthy pods
	CurrentHealthy int32 `json:"currentHealthy" protobuf:"varint,4,opt,name=currentHealthy"`

	// minimum desired number of healthy pods
	DesiredHealthy int32 `json:"desiredHealthy" protobuf:"varint,5,opt,name=desiredHealthy"`

	// total number of pods counted by this disruption budget
	ExpectedPods int32 `json:"expectedPods" protobuf:"varint,6,opt,name=expectedPods"`

	// Conditions contain conditions for PDB. The disruption controller sets the
	// DisruptionAllowed condition. The following are known values for the reason field
	// (additional reasons could be added in the future):
	// - SyncFailed: The controller encountered an error and wasn't able to compute
	//               the number of allowed disruptions. Therefore no disruptions are
	//               allowed and the status of the condition will be False.
	// - InsufficientPods: The number of pods are either at or below the number
	//                     required by the PodDisruptionBudget. No disruptions are
	//                     allowed and the status of the condition will be False.
	// - SufficientPods: There are more pods than required by the PodDisruptionBudget.
	//                   The condition will be True, and the number of allowed
	//                   disruptions are provided by the disruptionsAllowed property.
	//
	// +optional
	// +patchMergeKey=type
	// +patchStrategy=merge
	// +listType=map
	// +listMapKey=type
	Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,7,rep,name=conditions"`
}

PodDisruptionBudgetStatus represents information about the status of a PodDisruptionBudget. Status may trail the actual state of a system.

func (*PodDisruptionBudgetStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDisruptionBudgetStatus.

func (*PodDisruptionBudgetStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodDisruptionBudgetStatus) Descriptor

func (*PodDisruptionBudgetStatus) Descriptor() ([]byte, []int)

func (*PodDisruptionBudgetStatus) Marshal

func (m *PodDisruptionBudgetStatus) Marshal() (dAtA []byte, err error)

func (*PodDisruptionBudgetStatus) MarshalTo

func (m *PodDisruptionBudgetStatus) MarshalTo(dAtA []byte) (int, error)

func (*PodDisruptionBudgetStatus) MarshalToSizedBuffer

func (m *PodDisruptionBudgetStatus) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodDisruptionBudgetStatus) ProtoMessage

func (*PodDisruptionBudgetStatus) ProtoMessage()

func (*PodDisruptionBudgetStatus) Reset

func (m *PodDisruptionBudgetStatus) Reset()

func (*PodDisruptionBudgetStatus) Size

func (m *PodDisruptionBudgetStatus) Size() (n int)

func (*PodDisruptionBudgetStatus) String

func (this *PodDisruptionBudgetStatus) String() string

func (PodDisruptionBudgetStatus) SwaggerDoc

func (PodDisruptionBudgetStatus) SwaggerDoc() map[string]string

func (*PodDisruptionBudgetStatus) Unmarshal

func (m *PodDisruptionBudgetStatus) Unmarshal(dAtA []byte) error

func (*PodDisruptionBudgetStatus) XXX_DiscardUnknown

func (m *PodDisruptionBudgetStatus) XXX_DiscardUnknown()

func (*PodDisruptionBudgetStatus) XXX_Marshal

func (m *PodDisruptionBudgetStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodDisruptionBudgetStatus) XXX_Merge

func (m *PodDisruptionBudgetStatus) XXX_Merge(src proto.Message)

func (*PodDisruptionBudgetStatus) XXX_Size

func (m *PodDisruptionBudgetStatus) XXX_Size() int

func (*PodDisruptionBudgetStatus) XXX_Unmarshal

func (m *PodDisruptionBudgetStatus) XXX_Unmarshal(b []byte) error

type UnhealthyPodEvictionPolicyType

type UnhealthyPodEvictionPolicyType string

UnhealthyPodEvictionPolicyType defines the criteria for when unhealthy pods should be considered for eviction. +enum

const (
	// IfHealthyBudget policy means that running pods (status.phase="Running"),
	// but not yet healthy can be evicted only if the guarded application is not
	// disrupted (status.currentHealthy is at least equal to status.desiredHealthy).
	// Healthy pods will be subject to the PDB for eviction.
	IfHealthyBudget UnhealthyPodEvictionPolicyType = "IfHealthyBudget"

	// AlwaysAllow policy means that all running pods (status.phase="Running"),
	// but not yet healthy are considered disrupted and can be evicted regardless
	// of whether the criteria in a PDB is met. This means perspective running
	// pods of a disrupted application might not get a chance to become healthy.
	// Healthy pods will be subject to the PDB for eviction.
	AlwaysAllow UnhealthyPodEvictionPolicyType = "AlwaysAllow"
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL