k-rail icon indicating copy to clipboard operation
k-rail copied to clipboard

Published 20 hours ago verified publisher icon cruise-automation

EmptyDir sizelimits no longer applied via mutation

Open funkypenguin opened this issue 5 years ago • 2 comments

Hey guys!

This pod was created under k-rail v2.0.1:

<snip>
Volumes:
  userfunc:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:
    SizeLimit:  <unset>

And this one was created under v1.5.0:

<snip>
Volumes:
  userfunc:
    Type:       EmptyDir (a temporary directory that shares a pod's lifetime)
    Medium:
    SizeLimit:  512Mi

It would seem as if the policy which enables mutating of pods to enforce EmptyDir limits ... is not enforcing :)

The relevant portion of the config (applied via helm chart) has not changed:

<snip>
    - enabled: true
      name: pod_empty_dir_size_limit
      report_only: false
<snip>
    policy_config:
      mutate_empty_dir_size_limit:
        default_size_limit: 512Mi
        maximum_size_limit: 1Gi

I couldn't see any obvious recent changes around this.

Thanks! D

funkypenguin avatar Jul 06 '20 15:07 funkypenguin

Good catch. This will need some investigation... It might be related to dependency changes.

dustin-decker avatar Jul 13 '20 21:07 dustin-decker

👋 The k-rail project has been deprecated and is no longer under active development. We recommend taking a look at OPA Gatekeeper to see if it might meet your needs going forward.

Thanks for your contribution(s) to the project!

mark-adams avatar Jan 12 '23 16:01 mark-adams