karpenter icon indicating copy to clipboard operation
karpenter copied to clipboard

Published 20 hours ago verified publisher icon kubernetes-sigs

Support the `cluster-autoscaler.kubernetes.io/safe-to-evict` annotation

Open thelabdude opened this issue 1 year ago • 13 comments

Tell us about your request

Would be great if Karpenter treated pods with the cluster-autoscaler.kubernetes.io/safe-to-evict annotation as the same as the karpenter.sh/do-not-evict annotation.

Basically, cluster-autoscaler.kubernetes.io/safe-to-evict: "false" is equivalent to karpenter.sh/do-not-evict: "true"

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?

This would help teams migrate from CAS to Karpenter w/o requiring re-config.

The other wrinkle here is it's not possible to write a generic OPA assign metadata mutator to add the karpenter.sh/do-not-evict annotation b/c you can't find pods by annotation (only by label).

Are you currently working around this issue?

We use OPA assign metadata mutators but have to know all the possible label selectors to find pods in our clusters with the cluster-autoscaler.kubernetes.io/safe-to-evict: "false" annotation.

Additional Context

No response

Attachments

No response

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

thelabdude avatar Apr 18 '23 17:04 thelabdude

This is an interesting one. I definitely think that it makes sense from a migration perspective.

you can't find pods by annotation

I'm curious what the path looks like for migration here in your opinion. Do you plan to eventually migrate away from the CAS annotation and start adding the Karpenter annotation with the OPA mutation webhooks.

jonathan-innis avatar Apr 18 '23 19:04 jonathan-innis

Tell us about your request

Would be great if Karpenter treated pods with the cluster-autoscaler.kubernetes.io/safe-to-evict annotation as the same as the karpenter.sh/do-not-evict annotation.

I like the idea; I think it should be off by default and easy to opt in to. Perhaps a configuration option for each Provisioner? Something a bit like a selector, but for annotations and only matching the value as be "true", "false" or neither.

sftim avatar Jun 05 '23 17:06 sftim

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Jan 31 '24 17:01 k8s-triage-robot

/remove-lifecycle stale

jonathan-innis avatar Feb 01 '24 08:02 jonathan-innis

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar May 01 '24 08:05 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle rotten
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

k8s-triage-robot avatar May 31 '24 08:05 k8s-triage-robot

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Reopen this issue with /reopen
  • Mark this issue as fresh with /remove-lifecycle rotten
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

k8s-triage-robot avatar Jun 30 '24 09:06 k8s-triage-robot

@k8s-triage-robot: Closing this issue, marking it as "Not Planned".

In response to this:

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Reopen this issue with /reopen
  • Mark this issue as fresh with /remove-lifecycle rotten
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

k8s-ci-robot avatar Jun 30 '24 09:06 k8s-ci-robot

/reopen

jonathan-innis avatar Jun 30 '24 19:06 jonathan-innis

@jonathan-innis: Reopened this issue.

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

k8s-ci-robot avatar Jun 30 '24 19:06 k8s-ci-robot

/remove-lifecycle rotten

jonathan-innis avatar Jun 30 '24 19:06 jonathan-innis

This issue is currently awaiting triage.

If Karpenter contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

k8s-ci-robot avatar Jun 30 '24 19:06 k8s-ci-robot

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot avatar Sep 28 '24 20:09 k8s-triage-robot