// Admit checks whether the runtime supports sysctls. func (w *runtimeAdmitHandler) Admit(attrs *lifecycle.PodAdmitAttributes) lifecycle.PodAdmitResult { sysctls, unsafeSysctls, err := v1.SysctlsFromPodAnnotations(attrs.Pod.Annotations) if err != nil { return lifecycle.PodAdmitResult{ Admit: false, Reason: AnnotationInvalidReason, Message: fmt.Sprintf("invalid sysctl annotation: %v", err), } } if len(sysctls)+len(unsafeSysctls) > 0 { return w.result } return lifecycle.PodAdmitResult{ Admit: true, } }
// getSysctlsFromAnnotations gets sysctls from annotations. func getSysctlsFromAnnotations(annotations map[string]string) (map[string]string, error) { var results map[string]string sysctls, unsafeSysctls, err := v1.SysctlsFromPodAnnotations(annotations) if err != nil { return nil, err } if len(sysctls)+len(unsafeSysctls) > 0 { results = make(map[string]string, len(sysctls)+len(unsafeSysctls)) for _, c := range sysctls { results[c.Name] = c.Value } for _, c := range unsafeSysctls { results[c.Name] = c.Value } } return results, nil }