-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Assign Priority Classes to tenants #257
Comments
To implement this, we need several changes.
Am I missing something else? |
There are two Priority Classes already defined by default
and other can be defined by cluster admin. The Priority Class is a cluster-wide resource. The workflow is very similar to Ingress and Storage Classes we already impemented |
And this means, on the |
Describe the feature
In kubernetes, pods can have priority. Priority indicates the importance of a Pod relative to other Pods. If a Pod cannot be scheduled, the scheduler tries to preempt (evict) lower priority Pods to make scheduling of the pending Pod possible.
In a multi-tenant cluster where not all users are trusted, a tenant owner could create Pods at the highest possible priorities, causing other Pods to be evicted/not get scheduled.
It would be nice the cluster admin to assign one or more Priority Classes to a tenant. The Capsule Operator (i.e. its policy engine component) can control the admitted Priority Classes as for Storage and Ingress Classes.
What would the new user story look like?
The cluster admin creates Priority Classes with a given priority number
and then assigns it to a tenant
Expected behavior
The tenant admin can only deploy pods with the allowed Priority Classes
The text was updated successfully, but these errors were encountered: