[
https://issues.apache.org/jira/browse/YUNIKORN-1008?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Craig Condit updated YUNIKORN-1008:
-----------------------------------
Description:
There are times when it is necessary to blacklist certain pods from being
processed by the YuniKorn admission controller (system-level pods come to
mind). We should add a the abillity to block pods in certain namespaces from
being processed.
Adds a new environment variable *ADMISSION_CONTROLLER_NAMESPACE_BLACKLIST* to
the admission controller with a default value of "{*}^kube-system${*}". This
will bypass pods in the *kube-system* namespace by default and allow a
comma-separated list of expressions to match other namespaces as needed.
Also adds support to the helm chart for setting this variable at runtime.
was:
There are times when it is necessary to blacklist certain pods from being
processed by the YuniKorn admission controller (system-level pods come to
mind). We should add a the abillity to block pods in certain namespaces from
being processed. This could be a comma-separated list of regular expressions.
By default we should blacklist the kube-system namespace (i.e. use
*{{^kube-system$}}* as a default).
> Allow admission controller to bypass pods in certain namespaces
> ----------------------------------------------------------------
>
> Key: YUNIKORN-1008
> URL: https://issues.apache.org/jira/browse/YUNIKORN-1008
> Project: Apache YuniKorn
> Issue Type: Sub-task
> Components: shim - kubernetes
> Reporter: Craig Condit
> Assignee: Craig Condit
> Priority: Major
> Labels: pull-request-available
>
> There are times when it is necessary to blacklist certain pods from being
> processed by the YuniKorn admission controller (system-level pods come to
> mind). We should add a the abillity to block pods in certain namespaces from
> being processed.
> Adds a new environment variable *ADMISSION_CONTROLLER_NAMESPACE_BLACKLIST* to
> the admission controller with a default value of "{*}^kube-system${*}". This
> will bypass pods in the *kube-system* namespace by default and allow a
> comma-separated list of expressions to match other namespaces as needed.
> Also adds support to the helm chart for setting this variable at runtime.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
