search

uswitch / nidhogg

Kubernetes Node taints based on Daemonset Pods
Apache License 2.0
76 stars 15 forks source link

Use selector expressions rather than simple label matching #26

Closed pnovotnak closed 4 years ago

pnovotnak commented 4 years ago

closes #25

This allows the use of selector expressions that are compiled into a single selector. From k8s.io/apimachinery/pkg/labels/selector.go:

// Parse takes a string representing a selector and returns a selector
// object, or an error. This parsing function differs from ParseSelector
// as they parse different selectors with different syntaxes.
// The input will cause an error if it does not follow this form:
//
//  <selector-syntax>         ::= <requirement> | <requirement> "," <selector-syntax>
//  <requirement>             ::= [!] KEY [ <set-based-restriction> | <exact-match-restriction> ]
//  <set-based-restriction>   ::= "" | <inclusion-exclusion> <value-set>
//  <inclusion-exclusion>     ::= <inclusion> | <exclusion>
//  <exclusion>               ::= "notin"
//  <inclusion>               ::= "in"
//  <value-set>               ::= "(" <values> ")"
//  <values>                  ::= VALUE | VALUE "," <values>
//  <exact-match-restriction> ::= ["="|"=="|"!="] VALUE
//
// KEY is a sequence of one or more characters following [ DNS_SUBDOMAIN "/" ] DNS_LABEL. Max length is 63 characters.
// VALUE is a sequence of zero or more characters "([A-Za-z0-9_-\.])". Max length is 63 characters.
// Delimiter is white space: (' ', '\t')
// Example of valid syntax:
//  "x in (foo,,baz),y,z notin ()"
//
// Note:
//  (1) Inclusion - " in " - denotes that the KEY exists and is equal to any of the
//      VALUEs in its requirement
//  (2) Exclusion - " notin " - denotes that the KEY is not equal to any
//      of the VALUEs in its requirement or does not exist
//  (3) The empty string is a valid VALUE
//  (4) A requirement with just a KEY - as in "y" above - denotes that
//      the KEY exists and can be any VALUE.
//  (5) A requirement with just !KEY requires that the KEY not exist.
//
pnovotnak commented 4 years ago

Also is this backwards incompatible? i.e will the old style of

nodeSelector:
 node-role.kubernetes.io/node: ""

continue to work after this change?

This is a backwards-incompatible change. New configuration uses a list of strings instead of a map, eg:

nodeSelector:
 - !node-role.kubernetes.io/master
jijotj commented 4 years ago

Is there a due date for rolling this out to stable release? Thanks.