Beispiel #1
0
// Admit checks whether the runtime supports sysctls.
func (w *runtimeAdmitHandler) Admit(attrs *lifecycle.PodAdmitAttributes) lifecycle.PodAdmitResult {
	sysctls, unsafeSysctls, err := v1.SysctlsFromPodAnnotations(attrs.Pod.Annotations)
	if err != nil {
		return lifecycle.PodAdmitResult{
			Admit:   false,
			Reason:  AnnotationInvalidReason,
			Message: fmt.Sprintf("invalid sysctl annotation: %v", err),
		}
	}

	if len(sysctls)+len(unsafeSysctls) > 0 {
		return w.result
	}

	return lifecycle.PodAdmitResult{
		Admit: true,
	}
}
Beispiel #2
0
// getSysctlsFromAnnotations gets sysctls from annotations.
func getSysctlsFromAnnotations(annotations map[string]string) (map[string]string, error) {
	var results map[string]string

	sysctls, unsafeSysctls, err := v1.SysctlsFromPodAnnotations(annotations)
	if err != nil {
		return nil, err
	}
	if len(sysctls)+len(unsafeSysctls) > 0 {
		results = make(map[string]string, len(sysctls)+len(unsafeSysctls))
		for _, c := range sysctls {
			results[c.Name] = c.Value
		}
		for _, c := range unsafeSysctls {
			results[c.Name] = c.Value
		}
	}

	return results, nil
}