From 26eb9e0faebe9448badf2cbd75e9d30d3230a2f6 Mon Sep 17 00:00:00 2001 From: Mohammed Naser Date: Wed, 5 Feb 2025 16:40:34 -0500 Subject: [PATCH] Enable {priority,runtime}ClassName for Cinder Change-Id: I542b48f3ff426e5f2fec333191824e3d1c78a30a --- .../cron-job-cinder-volume-usage-audit.yaml | 6 + charts/cinder/templates/deployment-api.yaml | 6 + .../cinder/templates/deployment-backup.yaml | 6 + .../templates/deployment-scheduler.yaml | 6 + .../cinder/templates/deployment-volume.yaml | 6 + charts/cinder/templates/pod-rally-test.yaml | 6 + charts/cinder/values.yaml | 16 ++ ...riority-runtime-ClassName-for-Cinder.patch | 146 ++++++++++++++++++ ...iority-runtime-class-910112b1da7bd5c1.yaml | 4 + roles/cinder/tests/priorityclass_test.yaml | 96 ++++++++++++ roles/cinder/tests/runtimeclass_test.yaml | 96 ++++++++++++ 11 files changed, 394 insertions(+) create mode 100644 charts/patches/cinder/0003-Enable-priority-runtime-ClassName-for-Cinder.patch create mode 100644 releasenotes/notes/cinder-priority-runtime-class-910112b1da7bd5c1.yaml create mode 100644 roles/cinder/tests/priorityclass_test.yaml create mode 100644 roles/cinder/tests/runtimeclass_test.yaml diff --git a/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml b/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml index 897b5b63e..14c18f5a0 100644 --- a/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml +++ b/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml @@ -50,6 +50,12 @@ spec: {{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "cinder-volume-usage-audit" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 12 }} spec: {{ dict "envAll" $envAll "application" "volume_usage_audit" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }} +{{ with .Values.pod.priorityClassName.cinder_api }} + priorityClassName: {{ . }} +{{ end }} +{{ with .Values.pod.runtimeClassName.cinder_api }} + runtimeClassName: {{ . }} +{{ end }} serviceAccountName: {{ $serviceAccountName }} restartPolicy: OnFailure {{ if $envAll.Values.pod.tolerations.cinder.enabled }} diff --git a/charts/cinder/templates/deployment-api.yaml b/charts/cinder/templates/deployment-api.yaml index 641ed3b4a..117e50382 100644 --- a/charts/cinder/templates/deployment-api.yaml +++ b/charts/cinder/templates/deployment-api.yaml @@ -46,6 +46,12 @@ spec: {{ tuple "cinder_api" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }} {{ dict "envAll" $envAll "podName" "cinder-api" "containerNames" (list "cinder-api" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} spec: +{{ with .Values.pod.priorityClassName.cinder_api }} + priorityClassName: {{ . }} +{{ end }} +{{ with .Values.pod.runtimeClassName.cinder_api }} + runtimeClassName: {{ . }} +{{ end }} serviceAccountName: {{ $serviceAccountName }} {{ dict "envAll" $envAll "application" "cinder_api" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} affinity: diff --git a/charts/cinder/templates/deployment-backup.yaml b/charts/cinder/templates/deployment-backup.yaml index 365744668..c3abd3b29 100644 --- a/charts/cinder/templates/deployment-backup.yaml +++ b/charts/cinder/templates/deployment-backup.yaml @@ -48,6 +48,12 @@ spec: {{ tuple "cinder_backup" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }} {{ dict "envAll" $envAll "podName" "cinder-backup" "containerNames" (list "cinder-backup" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} spec: +{{ with .Values.pod.priorityClassName.cinder_backup }} + priorityClassName: {{ . }} +{{ end }} +{{ with .Values.pod.runtimeClassName.cinder_backup }} + runtimeClassName: {{ . }} +{{ end }} serviceAccountName: {{ $serviceAccountName }} {{ dict "envAll" $envAll "application" "cinder_backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} affinity: diff --git a/charts/cinder/templates/deployment-scheduler.yaml b/charts/cinder/templates/deployment-scheduler.yaml index 03206a8d7..f5b663854 100644 --- a/charts/cinder/templates/deployment-scheduler.yaml +++ b/charts/cinder/templates/deployment-scheduler.yaml @@ -46,6 +46,12 @@ spec: {{ tuple "cinder_scheduler" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }} {{ dict "envAll" $envAll "podName" "cinder-scheduler" "containerNames" (list "cinder-scheduler" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} spec: +{{ with .Values.pod.priorityClassName.cinder_scheduler }} + priorityClassName: {{ . }} +{{ end }} +{{ with .Values.pod.runtimeClassName.cinder_scheduler }} + runtimeClassName: {{ . }} +{{ end }} serviceAccountName: {{ $serviceAccountName }} {{ dict "envAll" $envAll "application" "cinder_scheduler" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} affinity: diff --git a/charts/cinder/templates/deployment-volume.yaml b/charts/cinder/templates/deployment-volume.yaml index a21c13efe..fb0d626ae 100644 --- a/charts/cinder/templates/deployment-volume.yaml +++ b/charts/cinder/templates/deployment-volume.yaml @@ -48,6 +48,12 @@ spec: {{ tuple "cinder_volume" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }} {{ dict "envAll" $envAll "podName" "cinder-volume" "containerNames" (list "cinder-volume" "ceph-coordination-volume-perms" "init-cinder-conf" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} spec: +{{ with .Values.pod.priorityClassName.cinder_volume }} + priorityClassName: {{ . }} +{{ end }} +{{ with .Values.pod.runtimeClassName.cinder_volume }} + runtimeClassName: {{ . }} +{{ end }} serviceAccountName: {{ $serviceAccountName }} {{ dict "envAll" $envAll "application" "cinder_volume" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} affinity: diff --git a/charts/cinder/templates/pod-rally-test.yaml b/charts/cinder/templates/pod-rally-test.yaml index 3ed52cde4..e44bdcf83 100644 --- a/charts/cinder/templates/pod-rally-test.yaml +++ b/charts/cinder/templates/pod-rally-test.yaml @@ -38,6 +38,12 @@ spec: {{ end }} nodeSelector: {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }} +{{ with .Values.pod.priorityClassName.cinder_tests }} + priorityClassName: {{ . }} +{{ end }} +{{ with .Values.pod.runtimeClassName.cinder_tests }} + runtimeClassName: {{ . }} +{{ end }} serviceAccountName: {{ $serviceAccountName }} initContainers: {{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} diff --git a/charts/cinder/values.yaml b/charts/cinder/values.yaml index 6f1d32a36..8a2299c2d 100644 --- a/charts/cinder/values.yaml +++ b/charts/cinder/values.yaml @@ -76,6 +76,22 @@ jobs: failed: 1 pod: + priorityClassName: + cinder_api: null + cinder_backup: null + cinder_scheduler: null + cinder_tests: null + cinder_volume_usage_audit: null + cinder_volume: null + db_sync: null + runtimeClassName: + cinder_api: null + cinder_backup: null + cinder_scheduler: null + cinder_tests: null + cinder_volume_usage_audit: null + cinder_volume: null + db_sync: null security_context: volume_usage_audit: pod: diff --git a/charts/patches/cinder/0003-Enable-priority-runtime-ClassName-for-Cinder.patch b/charts/patches/cinder/0003-Enable-priority-runtime-ClassName-for-Cinder.patch new file mode 100644 index 000000000..7397b0edc --- /dev/null +++ b/charts/patches/cinder/0003-Enable-priority-runtime-ClassName-for-Cinder.patch @@ -0,0 +1,146 @@ +From 5fa9fbab45a5cd489007ca0286e7203accd1f398 Mon Sep 17 00:00:00 2001 +From: Mohammed Naser +Date: Thu, 6 Feb 2025 09:33:47 -0500 +Subject: [PATCH] Enable {priority,runtime}ClassName for Cinder + +--- + .../cron-job-cinder-volume-usage-audit.yaml | 6 ++++++ + cinder/templates/deployment-api.yaml | 6 ++++++ + cinder/templates/deployment-backup.yaml | 6 ++++++ + cinder/templates/deployment-scheduler.yaml | 6 ++++++ + cinder/templates/deployment-volume.yaml | 6 ++++++ + cinder/templates/pod-rally-test.yaml | 6 ++++++ + cinder/values.yaml | 16 ++++++++++++++++ + 7 files changed, 52 insertions(+) + +diff --git a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml +index 1d935f12..18d9e28e 100644 +--- a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml ++++ b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml +@@ -50,6 +50,12 @@ spec: + {{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "cinder-volume-usage-audit" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 12 }} + spec: + {{ dict "envAll" $envAll "application" "volume_usage_audit" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }} ++{{ with .Values.pod.priorityClassName.cinder_api }} ++ priorityClassName: {{ . }} ++{{ end }} ++{{ with .Values.pod.runtimeClassName.cinder_api }} ++ runtimeClassName: {{ . }} ++{{ end }} + serviceAccountName: {{ $serviceAccountName }} + restartPolicy: OnFailure + {{ if $envAll.Values.pod.tolerations.cinder.enabled }} +diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml +index f29d103f..3b1a30d6 100644 +--- a/cinder/templates/deployment-api.yaml ++++ b/cinder/templates/deployment-api.yaml +@@ -46,6 +46,12 @@ spec: + {{ tuple "cinder_api" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }} + {{ dict "envAll" $envAll "podName" "cinder-api" "containerNames" (list "cinder-api" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} + spec: ++{{ with .Values.pod.priorityClassName.cinder_api }} ++ priorityClassName: {{ . }} ++{{ end }} ++{{ with .Values.pod.runtimeClassName.cinder_api }} ++ runtimeClassName: {{ . }} ++{{ end }} + serviceAccountName: {{ $serviceAccountName }} + {{ dict "envAll" $envAll "application" "cinder_api" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} + affinity: +diff --git a/cinder/templates/deployment-backup.yaml b/cinder/templates/deployment-backup.yaml +index ccd84fc0..617031a0 100644 +--- a/cinder/templates/deployment-backup.yaml ++++ b/cinder/templates/deployment-backup.yaml +@@ -48,6 +48,12 @@ spec: + {{ tuple "cinder_backup" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }} + {{ dict "envAll" $envAll "podName" "cinder-backup" "containerNames" (list "cinder-backup" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} + spec: ++{{ with .Values.pod.priorityClassName.cinder_backup }} ++ priorityClassName: {{ . }} ++{{ end }} ++{{ with .Values.pod.runtimeClassName.cinder_backup }} ++ runtimeClassName: {{ . }} ++{{ end }} + serviceAccountName: {{ $serviceAccountName }} + {{ dict "envAll" $envAll "application" "cinder_backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} + affinity: +diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml +index 73e14e55..016ade95 100644 +--- a/cinder/templates/deployment-scheduler.yaml ++++ b/cinder/templates/deployment-scheduler.yaml +@@ -46,6 +46,12 @@ spec: + {{ tuple "cinder_scheduler" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }} + {{ dict "envAll" $envAll "podName" "cinder-scheduler" "containerNames" (list "cinder-scheduler" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} + spec: ++{{ with .Values.pod.priorityClassName.cinder_scheduler }} ++ priorityClassName: {{ . }} ++{{ end }} ++{{ with .Values.pod.runtimeClassName.cinder_scheduler }} ++ runtimeClassName: {{ . }} ++{{ end }} + serviceAccountName: {{ $serviceAccountName }} + {{ dict "envAll" $envAll "application" "cinder_scheduler" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} + affinity: +diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml +index c28518da..83430c33 100644 +--- a/cinder/templates/deployment-volume.yaml ++++ b/cinder/templates/deployment-volume.yaml +@@ -48,6 +48,12 @@ spec: + {{ tuple "cinder_volume" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }} + {{ dict "envAll" $envAll "podName" "cinder-volume" "containerNames" (list "cinder-volume" "ceph-coordination-volume-perms" "init-cinder-conf" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} + spec: ++{{ with .Values.pod.priorityClassName.cinder_volume }} ++ priorityClassName: {{ . }} ++{{ end }} ++{{ with .Values.pod.runtimeClassName.cinder_volume }} ++ runtimeClassName: {{ . }} ++{{ end }} + serviceAccountName: {{ $serviceAccountName }} + {{ dict "envAll" $envAll "application" "cinder_volume" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }} + affinity: +diff --git a/cinder/templates/pod-rally-test.yaml b/cinder/templates/pod-rally-test.yaml +index 34316c65..a2852359 100644 +--- a/cinder/templates/pod-rally-test.yaml ++++ b/cinder/templates/pod-rally-test.yaml +@@ -38,6 +38,12 @@ spec: + {{ end }} + nodeSelector: + {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }} ++{{ with .Values.pod.priorityClassName.cinder_tests }} ++ priorityClassName: {{ . }} ++{{ end }} ++{{ with .Values.pod.runtimeClassName.cinder_tests }} ++ runtimeClassName: {{ . }} ++{{ end }} + serviceAccountName: {{ $serviceAccountName }} + initContainers: + {{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} +diff --git a/cinder/values.yaml b/cinder/values.yaml +index 6b335be1..1377e4cd 100644 +--- a/cinder/values.yaml ++++ b/cinder/values.yaml +@@ -76,6 +76,22 @@ jobs: + failed: 1 + + pod: ++ priorityClassName: ++ cinder_api: null ++ cinder_backup: null ++ cinder_scheduler: null ++ cinder_tests: null ++ cinder_volume_usage_audit: null ++ cinder_volume: null ++ db_sync: null ++ runtimeClassName: ++ cinder_api: null ++ cinder_backup: null ++ cinder_scheduler: null ++ cinder_tests: null ++ cinder_volume_usage_audit: null ++ cinder_volume: null ++ db_sync: null + security_context: + volume_usage_audit: + pod: +-- +2.43.0 diff --git a/releasenotes/notes/cinder-priority-runtime-class-910112b1da7bd5c1.yaml b/releasenotes/notes/cinder-priority-runtime-class-910112b1da7bd5c1.yaml new file mode 100644 index 000000000..6852e16cb --- /dev/null +++ b/releasenotes/notes/cinder-priority-runtime-class-910112b1da7bd5c1.yaml @@ -0,0 +1,4 @@ +--- +features: + - The Cinder role now allows users to configure the ``priorityClassName`` and + the ``runtimeClassName`` for all of the different components of the service. diff --git a/roles/cinder/tests/priorityclass_test.yaml b/roles/cinder/tests/priorityclass_test.yaml new file mode 100644 index 000000000..4ca496789 --- /dev/null +++ b/roles/cinder/tests/priorityclass_test.yaml @@ -0,0 +1,96 @@ +suite: priorityclass +tests: + - it: should support not having a priority class + templates: + - templates/deployment-api.yaml + - templates/deployment-scheduler.yaml + - templates/deployment-volume.yaml + - templates/cron-job-cinder-volume-usage-audit.yaml + - templates/deployment-backup.yaml + - templates/pod-rally-test.yaml + - templates/job-db-sync.yaml + asserts: + - template: templates/deployment-api.yaml + documentIndex: 3 + notExists: + path: spec.template.spec.priorityClassName + - template: templates/deployment-scheduler.yaml + documentIndex: 3 + notExists: + path: spec.template.spec.priorityClassName + - template: templates/deployment-volume.yaml + documentIndex: 3 + notExists: + path: spec.template.spec.priorityClassName + - template: templates/cron-job-cinder-volume-usage-audit.yaml + documentIndex: 3 + notExists: + path: spec.jobTemplate.spec.template.spec.priorityClassName + - template: templates/deployment-backup.yaml + documentIndex: 3 + notExists: + path: spec.template.spec.priorityClassName + - template: templates/pod-rally-test.yaml + documentIndex: 3 + notExists: + path: spec.priorityClassName + - template: templates/job-db-sync.yaml + documentIndex: 3 + notExists: + path: spec.template.spec.priorityClassName + + - it: should support setting a priority class + templates: + - templates/deployment-api.yaml + - templates/deployment-scheduler.yaml + - templates/deployment-volume.yaml + - templates/cron-job-cinder-volume-usage-audit.yaml + - templates/deployment-backup.yaml + - templates/pod-rally-test.yaml + - templates/job-db-sync.yaml + set: + pod: + priorityClassName: + cinder_api: platform + cinder_backup: platform + cinder_scheduler: platform + cinder_tests: platform + cinder_volume_usage_audit: platform + cinder_volume: platform + db_sync: platform + asserts: + - template: templates/deployment-api.yaml + documentIndex: 3 + equal: + path: spec.template.spec.priorityClassName + value: platform + - template: templates/deployment-scheduler.yaml + documentIndex: 3 + equal: + path: spec.template.spec.priorityClassName + value: platform + - template: templates/deployment-volume.yaml + documentIndex: 3 + equal: + path: spec.template.spec.priorityClassName + value: platform + - template: templates/cron-job-cinder-volume-usage-audit.yaml + documentIndex: 3 + equal: + path: spec.jobTemplate.spec.template.spec.priorityClassName + value: platform + - template: templates/deployment-backup.yaml + documentIndex: 3 + equal: + path: spec.template.spec.priorityClassName + value: platform + - template: templates/pod-rally-test.yaml + documentIndex: 3 + equal: + path: spec.priorityClassName + value: platform + - template: templates/job-db-sync.yaml + documentIndex: 3 + equal: + path: spec.template.spec.priorityClassName + value: platform diff --git a/roles/cinder/tests/runtimeclass_test.yaml b/roles/cinder/tests/runtimeclass_test.yaml new file mode 100644 index 000000000..151958add --- /dev/null +++ b/roles/cinder/tests/runtimeclass_test.yaml @@ -0,0 +1,96 @@ +suite: runtimeclass +tests: + - it: should support not having a runtime class + templates: + - templates/deployment-api.yaml + - templates/deployment-scheduler.yaml + - templates/deployment-volume.yaml + - templates/cron-job-cinder-volume-usage-audit.yaml + - templates/deployment-backup.yaml + - templates/pod-rally-test.yaml + - templates/job-db-sync.yaml + asserts: + - template: templates/deployment-api.yaml + documentIndex: 3 + notExists: + path: spec.template.spec.runtimeClassName + - template: templates/deployment-scheduler.yaml + documentIndex: 3 + notExists: + path: spec.template.spec.runtimeClassName + - template: templates/deployment-volume.yaml + documentIndex: 3 + notExists: + path: spec.template.spec.runtimeClassName + - template: templates/cron-job-cinder-volume-usage-audit.yaml + documentIndex: 3 + notExists: + path: spec.jobTemplate.spec.template.spec.runtimeClassName + - template: templates/deployment-backup.yaml + documentIndex: 3 + notExists: + path: spec.template.spec.runtimeClassName + - template: templates/pod-rally-test.yaml + documentIndex: 3 + notExists: + path: spec.runtimeClassName + - template: templates/job-db-sync.yaml + documentIndex: 3 + notExists: + path: spec.template.spec.runtimeClassName + + - it: should support setting a runtime class + templates: + - templates/deployment-api.yaml + - templates/deployment-scheduler.yaml + - templates/deployment-volume.yaml + - templates/cron-job-cinder-volume-usage-audit.yaml + - templates/deployment-backup.yaml + - templates/pod-rally-test.yaml + - templates/job-db-sync.yaml + set: + pod: + runtimeClassName: + cinder_api: kata-clh + cinder_backup: kata-clh + cinder_scheduler: kata-clh + cinder_tests: kata-clh + cinder_volume_usage_audit: kata-clh + cinder_volume: kata-clh + db_sync: kata-clh + asserts: + - template: templates/deployment-api.yaml + documentIndex: 3 + equal: + path: spec.template.spec.runtimeClassName + value: kata-clh + - template: templates/deployment-scheduler.yaml + documentIndex: 3 + equal: + path: spec.template.spec.runtimeClassName + value: kata-clh + - template: templates/deployment-volume.yaml + documentIndex: 3 + equal: + path: spec.template.spec.runtimeClassName + value: kata-clh + - template: templates/cron-job-cinder-volume-usage-audit.yaml + documentIndex: 3 + equal: + path: spec.jobTemplate.spec.template.spec.runtimeClassName + value: kata-clh + - template: templates/deployment-backup.yaml + documentIndex: 3 + equal: + path: spec.template.spec.runtimeClassName + value: kata-clh + - template: templates/pod-rally-test.yaml + documentIndex: 3 + equal: + path: spec.runtimeClassName + value: kata-clh + - template: templates/job-db-sync.yaml + documentIndex: 3 + equal: + path: spec.template.spec.runtimeClassName + value: kata-clh