add new preevectionfilter plugin with args

hack/verify-deep-copies.sh

@@ -20,7 +20,7 @@ go build -o "${OS_OUTPUT_BINPATH}/deepcopy-gen" "k8s.io/code-generator/cmd/deepc
 
 ${OS_OUTPUT_BINPATH}/deepcopy-gen \
  --go-header-file "hack/boilerplate/boilerplate.go.txt" \
- --input-dirs "./pkg/apis/componentconfig,./pkg/apis/componentconfig/v1alpha1,./pkg/api,./pkg/api/v1alpha1" \
+ --input-dirs "./pkg/apis/componentconfig,./pkg/apis/componentconfig/v1alpha1,./pkg/api,./pkg/api/v1alpha1,./pkg/framework/plugins/defaultevictor/" \
  --output-file-base zz_generated.deepcopy
 popd > /dev/null 2>&1
 

pkg/api/types.go

@@ -126,3 +126,8 @@ type FailedPods struct {
  Reasons []string
  IncludingInitContainers bool
 }
+
+type PriorityThreshold struct {
+ Value *int32
+ Name string
+}

pkg/descheduler/descheduler.go

@@ -44,6 +44,7 @@ import (
  nodeutil "sigs.k8s.io/descheduler/pkg/descheduler/node"
  podutil "sigs.k8s.io/descheduler/pkg/descheduler/pod"
  "sigs.k8s.io/descheduler/pkg/framework"
+ "sigs.k8s.io/descheduler/pkg/framework/plugins/defaultevictor"
  "sigs.k8s.io/descheduler/pkg/utils"
 )
 
@@ -88,7 +89,7 @@ func Run(ctx context.Context, rs *options.DeschedulerServer) error {
  return runFn()
 }
 
-type strategyFunction func(ctx context.Context, client clientset.Interface, strategy api.DeschedulerStrategy, nodes []*v1.Node, podEvictor *evictions.PodEvictor, evictorFilter *evictions.EvictorFilter, getPodsAssignedToNode podutil.GetPodsAssignedToNodeFunc)
+type strategyFunction func(ctx context.Context, client clientset.Interface, strategy api.DeschedulerStrategy, nodes []*v1.Node, podEvictor *evictions.PodEvictor, evictorFilter framework.EvictorPlugin, getPodsAssignedToNode podutil.GetPodsAssignedToNodeFunc)
 
 func cachedClient(
  realClient clientset.Interface,
@@ -170,7 +171,7 @@ func cachedClient(
 // can evict a pod without importing a specific pod evictor
 type evictorImpl struct {
  podEvictor *evictions.PodEvictor
- evictorFilter *evictions.EvictorFilter
+ evictorFilter framework.EvictorPlugin
 }
 
 var _ framework.Evictor = &evictorImpl{}
@@ -376,23 +377,33 @@ func RunDeschedulerStrategies(ctx context.Context, rs *options.DeschedulerServer
  continue
  }
 
- evictorFilter := evictions.NewEvictorFilter(
- nodes,
- getPodsAssignedToNode,
- evictLocalStoragePods,
- evictSystemCriticalPods,
- ignorePvcPods,
- evictBarePods,
- evictions.WithNodeFit(nodeFit),
- evictions.WithPriorityThreshold(thresholdPriority),
+ defaultevictorArgs := &defaultevictor.DefaultEvictorArgs{
+ EvictLocalStoragePods: evictLocalStoragePods,
+ EvictSystemCriticalPods: evictSystemCriticalPods,
+ IgnorePvcPods: ignorePvcPods,
+ EvictFailedBarePods: evictBarePods,
+ NodeFit: nodeFit,
+ PriorityThreshold: &api.PriorityThreshold{
+ Value: &thresholdPriority,
+ },
+ }
+
+ evictorFilter, _ := defaultevictor.New(
+ defaultevictorArgs,
+ &handleImpl{
+ clientSet: rs.Client,
+ getPodsAssignedToNodeFunc: getPodsAssignedToNode,
+ sharedInformerFactory: sharedInformerFactory,
+ },
  )
+
  handle := &handleImpl{
  clientSet: rs.Client,
  getPodsAssignedToNodeFunc: getPodsAssignedToNode,
  sharedInformerFactory: sharedInformerFactory,
  evictor: &evictorImpl{
  podEvictor: podEvictor,
- evictorFilter: evictorFilter,
+ evictorFilter: evictorFilter.(framework.EvictorPlugin),
  },
  }
 
@@ -404,7 +415,7 @@ func RunDeschedulerStrategies(ctx context.Context, rs *options.DeschedulerServer
  if pgFnc, exists := pluginsMap[string(name)]; exists {
  pgFnc(childCtx, nodes, params, handle)
  } else {
- f(childCtx, rs.Client, strategy, nodes, podEvictor, evictorFilter, getPodsAssignedToNode)
+ f(childCtx, rs.Client, strategy, nodes, podEvictor, evictorFilter.(framework.EvictorPlugin), getPodsAssignedToNode)
  }
  }
  } else {

pkg/descheduler/evictions/evictions.go

@@ -24,23 +24,14 @@ import (
  policy "k8s.io/api/policy/v1"
  apierrors "k8s.io/apimachinery/pkg/api/errors"
  metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
- "k8s.io/apimachinery/pkg/labels"
- "k8s.io/apimachinery/pkg/util/errors"
  clientset "k8s.io/client-go/kubernetes"
  "k8s.io/client-go/tools/events"
  "k8s.io/klog/v2"
  "sigs.k8s.io/descheduler/metrics"
- nodeutil "sigs.k8s.io/descheduler/pkg/descheduler/node"
- podutil "sigs.k8s.io/descheduler/pkg/descheduler/pod"
- "sigs.k8s.io/descheduler/pkg/utils"
 
  eutils "sigs.k8s.io/descheduler/pkg/descheduler/evictions/utils"
 )
 
-const (
- evictPodAnnotationKey = "descheduler.alpha.kubernetes.io/evict"
-)
-
 // nodePodEvictedCount keeps count of pods evicted on node
 type nodePodEvictedCount map[string]uint
 type namespacePodEvictCount map[string]uint
@@ -203,176 +194,3 @@ func evictPod(ctx context.Context, client clientset.Interface, pod *v1.Pod, poli
  }
  return err
 }
-
-type Options struct {
- priority *int32
- nodeFit bool
- labelSelector labels.Selector
-}
-
-// WithPriorityThreshold sets a threshold for pod's priority class.
-// Any pod whose priority class is lower is evictable.
-func WithPriorityThreshold(priority int32) func(opts *Options) {
- return func(opts *Options) {
- var p int32 = priority
- opts.priority = &p
- }
-}
-
-// WithNodeFit sets whether or not to consider taints, node selectors,
-// and pod affinity when evicting. A pod whose tolerations, node selectors,
-// and affinity match a node other than the one it is currently running on
-// is evictable.
-func WithNodeFit(nodeFit bool) func(opts *Options) {
- return func(opts *Options) {
- opts.nodeFit = nodeFit
- }
-}
-
-// WithLabelSelector sets whether or not to apply label filtering when evicting.
-// Any pod matching the label selector is considered evictable.
-func WithLabelSelector(labelSelector labels.Selector) func(opts *Options) {
- return func(opts *Options) {
- opts.labelSelector = labelSelector
- }
-}
-
-type constraint func(pod *v1.Pod) error
-
-type EvictorFilter struct {
- constraints []constraint
-}
-
-func NewEvictorFilter(
- nodes []*v1.Node,
- nodeIndexer podutil.GetPodsAssignedToNodeFunc,
- evictLocalStoragePods bool,
- evictSystemCriticalPods bool,
- ignorePvcPods bool,
- evictFailedBarePods bool,
- opts ...func(opts *Options),
-) *EvictorFilter {
- options := &Options{}
- for _, opt := range opts {
- opt(options)
- }
-
- ev := &EvictorFilter{}
- if evictFailedBarePods {
- ev.constraints = append(ev.constraints, func(pod *v1.Pod) error {
- ownerRefList := podutil.OwnerRef(pod)
- // Enable evictFailedBarePods to evict bare pods in failed phase
- if len(ownerRefList) == 0 && pod.Status.Phase != v1.PodFailed {
- return fmt.Errorf("pod does not have any ownerRefs and is not in failed phase")
- }
- return nil
- })
- } else {
- ev.constraints = append(ev.constraints, func(pod *v1.Pod) error {
- ownerRefList := podutil.OwnerRef(pod)
- // Moved from IsEvictable function for backward compatibility
- if len(ownerRefList) == 0 {
- return fmt.Errorf("pod does not have any ownerRefs")
- }
- return nil
- })
- }
- if !evictSystemCriticalPods {
- ev.constraints = append(ev.constraints, func(pod *v1.Pod) error {
- // Moved from IsEvictable function to allow for disabling
- if utils.IsCriticalPriorityPod(pod) {
- return fmt.Errorf("pod has system critical priority")
- }
- return nil
- })
-
- if options.priority != nil {
- ev.constraints = append(ev.constraints, func(pod *v1.Pod) error {
- if IsPodEvictableBasedOnPriority(pod, *options.priority) {
- return nil
- }
- return fmt.Errorf("pod has higher priority than specified priority class threshold")
- })
- }
- }
- if !evictLocalStoragePods {
- ev.constraints = append(ev.constraints, func(pod *v1.Pod) error {
- if utils.IsPodWithLocalStorage(pod) {
- return fmt.Errorf("pod has local storage and descheduler is not configured with evictLocalStoragePods")
- }
- return nil
- })
- }
- if ignorePvcPods {
- ev.constraints = append(ev.constraints, func(pod *v1.Pod) error {
- if utils.IsPodWithPVC(pod) {
- return fmt.Errorf("pod has a PVC and descheduler is configured to ignore PVC pods")
- }
- return nil
- })
- }
- if options.nodeFit {
- ev.constraints = append(ev.constraints, func(pod *v1.Pod) error {
- if !nodeutil.PodFitsAnyOtherNode(nodeIndexer, pod, nodes) {
- return fmt.Errorf("pod does not fit on any other node because of nodeSelector(s), Taint(s), or nodes marked as unschedulable")
- }
- return nil
- })
- }
- if options.labelSelector != nil && !options.labelSelector.Empty() {
- ev.constraints = append(ev.constraints, func(pod *v1.Pod) error {
- if !options.labelSelector.Matches(labels.Set(pod.Labels)) {
- return fmt.Errorf("pod labels do not match the labelSelector filter in the policy parameter")
- }
- return nil
- })
- }
-
- return ev
-}
-
-// IsEvictable decides when a pod is evictable
-func (ef *EvictorFilter) Filter(pod *v1.Pod) bool {
- checkErrs := []error{}
-
- ownerRefList := podutil.OwnerRef(pod)
- if utils.IsDaemonsetPod(ownerRefList) {
- checkErrs = append(checkErrs, fmt.Errorf("pod is a DaemonSet pod"))
- }
-
- if utils.IsMirrorPod(pod) {
- checkErrs = append(checkErrs, fmt.Errorf("pod is a mirror pod"))
- }
-
- if utils.IsStaticPod(pod) {
- checkErrs = append(checkErrs, fmt.Errorf("pod is a static pod"))
- }
-
- if utils.IsPodTerminating(pod) {
- checkErrs = append(checkErrs, fmt.Errorf("pod is terminating"))
- }
-
- for _, c := range ef.constraints {
- if err := c(pod); err != nil {
- checkErrs = append(checkErrs, err)
- }
- }
-
- if len(checkErrs) > 0 && !HaveEvictAnnotation(pod) {
- klog.V(4).InfoS("Pod lacks an eviction annotation and fails the following checks", "pod", klog.KObj(pod), "checks", errors.NewAggregate(checkErrs).Error())
- return false
- }
-
- return true
-}
-
-// HaveEvictAnnotation checks if the pod have evict annotation
-func HaveEvictAnnotation(pod *v1.Pod) bool {
- _, found := pod.ObjectMeta.Annotations[evictPodAnnotationKey]
- return found
-}
-
-// IsPodEvictableBasedOnPriority checks if the given pod is evictable based on priority resolved from pod Spec.
-func IsPodEvictableBasedOnPriority(pod *v1.Pod, priority int32) bool {
- return pod.Spec.Priority == nil || *pod.Spec.Priority < priority
-}