karmada-io
/
karmada
mirror of https://github.com/karmada-io/karmada.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

restrict policy spread constraints 

Signed-off-by: RainbowMango <renhongcai@huawei.com>
Co-authored-by: Kevin Wang <kevinwzf0126@gmail.com>
This commit is contained in:
RainbowMango 2021-02-05 10:19:18 +08:00 committed by Kevin Wang
parent 8e47b33b01
commit 3305a54b11
2 changed files with 30 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
pkg/webhook/propagationpolicy/mutating.go
View File

@ -37,6 +37,20 @@ func (a *MutatingAdmission) Handle(ctx context.Context, req admission.Request) a
}
}
// Set default spread constraints if both 'SpreadByField' and 'SpreadByLabel' not set.
spreadConstraints := policy.Spec.Placement.SpreadConstraints
for i := range spreadConstraints {
if len(spreadConstraints[i].SpreadByLabel) == 0 && len(spreadConstraints[i].SpreadByField) == 0 {
klog.Infof("Setting default SpreadByField with %s", policyv1alpha1.SpreadByCluster)
spreadConstraints[i].SpreadByField = policyv1alpha1.SpreadByCluster
}
if spreadConstraints[i].MinGroups == 0 {
klog.Infof("Setting default MinGroups to 1")
spreadConstraints[i].MinGroups = 1
}
}
marshaledBytes, err := json.Marshal(policy)
if err != nil {
return admission.Errored(http.StatusInternalServerError, err)

17
pkg/webhook/propagationpolicy/validating.go
View File

@ -2,6 +2,7 @@ package propagationpolicy
import (
"context"
"fmt"
"net/http"
"k8s.io/klog/v2"
@ -30,7 +31,21 @@ func (v *ValidatingAdmission) Handle(ctx context.Context, req admission.Request)
}
klog.V(2).Infof("Validating PropagationPolicy(%s/%s) for request: %s", policy.Namespace, policy.Name, req.Operation)
// Currently do nothing
// SpreadByField and SpreadByLabel should not co-exist
for _, constraint := range policy.Spec.Placement.SpreadConstraints {
if len(constraint.SpreadByField) > 0 && len(constraint.SpreadByLabel) > 0 {
errMsg := fmt.Sprintf("invalid constraints: SpreadByLabel(%s) should not co-exist with spreadByField(%s)", constraint.SpreadByLabel, constraint.SpreadByField)
klog.Info(errMsg)
return admission.Denied(errMsg)
}
// If MaxGroups provided, it should greater or equal than MinGroups.
if constraint.MaxGroups > 0 && constraint.MaxGroups < constraint.MinGroups {
errMsg := fmt.Sprintf("maxGroups(%d) lower than minGroups(%d) is not allowed", constraint.MaxGroups, constraint.MinGroups)
klog.Info(errMsg)
return admission.Denied(errMsg)
}
}
return admission.Allowed("")
}