Skip to content

KEP-5471: Extend tolerations operators#134665

Merged
k8s-ci-robot merged 17 commits intokubernetes:masterfrom
helayoty:helayoty/5471-extend-tolerations
Nov 10, 2025
Merged

KEP-5471: Extend tolerations operators#134665
k8s-ci-robot merged 17 commits intokubernetes:masterfrom
helayoty:helayoty/5471-extend-tolerations

Conversation

@helayoty
Copy link
Copy Markdown
Member

@helayoty helayoty commented Oct 16, 2025
edited
Loading

What type of PR is this?

Extend tolerations operators by adding Gt and Lt

/kind feature
/sig scheduling
/stage alpha

What this PR does / why we need it:

Implementation Details

  1. New Operators:
    • TolerationOpGt: Pod tolerates taint if taint value > toleration value (Gt)
    • TolerationOpLt: Pod tolerates taint if taint value < toleration value (Lt)
  2. Value Validation:
    • Toleration values must be valid decimal integers, no leading zero.
    • A new IsDecimalInteger content validation function (staging/src/k8s.io/apimachinery/pkg/api/validate/content/decimal_int.go) enforces strict canonical form:
      • Rejects leading zeros (e.g., "0700", "01") to avoid octal notation confusion
      • Rejects plus signs (e.g., "+123")
      • Rejects floating point numbers, whitespace, and non-numeric characters
      • Stricter than strconv.ParseInt to ensure human-readable canonical representation
    • Invalid values is logged as errors in the toleration not matching
  3. Feature Gate:
    • TaintTolerationComparisonOperators
  4. Function Signature Changes:
    • Logger parameter added to ToleratesTaint
    • Updated across all call sites: scheduler plugin, taint eviction controller, daemon controller, admission controllers, and test utilities.
  5. Testing:
    • Integration tests
      • TestTaintTolerationGtLtIntegration
      • Add new test cases for Filter tests
    • e2e tests
      • Updated test/e2e/framework/node/resource.go to support logger parameter in helper functions. For Alpha, the feature gate will be passed to ToleratesTaint as false in the e2e.

Which issue(s) this PR is related to:

Fixes #118669
KEP: kubernetes/enhancements#5471

Special notes for your reviewer:

Does this PR introduce a user-facing change?

Extend `core/v1 Toleration` to support numeric comparison operators (`Gt`, `Lt`).

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. kind/feature Categorizes issue or PR as related to a new feature. sig/scheduling Categorizes an issue or PR as relevant to SIG Scheduling. labels Oct 16, 2025
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. labels Oct 16, 2025
@helayoty helayoty moved this to Needs Review in SIG Scheduling Oct 16, 2025
@k8s-ci-robot k8s-ci-robot added area/code-generation kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/apps Categorizes an issue or PR as relevant to SIG Apps. labels Oct 16, 2025
@github-project-automation github-project-automation Bot moved this to Needs Triage in SIG Apps Oct 16, 2025
@k8s-ci-robot k8s-ci-robot requested review from damemi and dims October 16, 2025 21:17
@helayoty
Copy link
Copy Markdown
Member Author

helayoty commented Oct 16, 2025
edited
Loading

/assign @sanposhiho @macsko @dom4ha

@helayoty helayoty force-pushed the helayoty/5471-extend-tolerations branch from f266a32 to b30feec Compare October 16, 2025 21:24
@k8s-ci-robot k8s-ci-robot added the area/dependency Issues or PRs related to dependency changes label Oct 16, 2025
@helayoty helayoty mentioned this pull request Oct 16, 2025
Open
7 tasks
@helayoty helayoty force-pushed the helayoty/5471-extend-tolerations branch 2 times, most recently from e22e188 to f7f3bd1 Compare October 16, 2025 22:21
@k8s-triage-robot
Copy link
Copy Markdown

k8s-triage-robot commented Oct 16, 2025

This PR may require API review.

If so, when the changes are ready, complete the pre-review checklist and request an API review.

Status of requested reviews is tracked in the API Review project.

@helayoty helayoty force-pushed the helayoty/5471-extend-tolerations branch from f7f3bd1 to cc1217b Compare October 17, 2025 00:08
@helayoty helayoty moved this from Needs Triage to Backlog in SIG Apps Oct 17, 2025
macsko
macsko reviewed Oct 17, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@macsko macsko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Initial pass

Comment thread staging/src/k8s.io/api/core/v1/toleration.go
Comment thread pkg/apis/core/types.go
Comment thread pkg/features/kube_features.go Outdated
Comment thread staging/src/k8s.io/api/core/v1/toleration.go
@sanposhiho
Copy link
Copy Markdown
Member

sanposhiho commented Nov 10, 2025

/milestone v1.35

@helayoty helayoty mentioned this pull request Nov 10, 2025
Open
@helayoty
Add numeric operations to tolerations
1d97fff 
Signed-off-by: Heba Elayoty <[email protected]>
@helayoty
code review feedback
8a83ddb 
Signed-off-by: Heba Elayoty <[email protected]>
@helayoty
add default feature gate
d26d539 
Signed-off-by: Heba Elayoty <[email protected]>
@helayoty
Add integration tests
48647e4 
Signed-off-by: Heba Elayoty <[email protected]>
@helayoty
Add toleration value validation
7eea8c4 
Signed-off-by: Heba Elayoty <[email protected]>
@helayoty
Add validate options for new operators
d810ce2 
Signed-off-by: helayoty <[email protected]>
@helayoty
Remove log
26d8a7b 
Signed-off-by: helayoty <[email protected]>
@helayoty
Update feature gate check
d294e57 
Signed-off-by: helayoty <[email protected]>
@helayoty
emove IsValidNumericString func
7704009 
Signed-off-by: helayoty <[email protected]>
@helayoty
Implement IsDecimalInteger
f3e7f45 
Signed-off-by: helayoty <[email protected]>
@helayoty
code review feedback
616a044 
Signed-off-by: helayoty <[email protected]>
@helayoty
Add logs to v1/toleration
19c6083 
Signed-off-by: Heba Elayoty <[email protected]>
Signed-off-by: helayoty <[email protected]>
@helayoty
Update integration tests and address code review feedback
70c1def 
Signed-off-by: helayoty <[email protected]>
@helayoty
Add feature gate to the scheduler framework
7d6a59c 
Signed-off-by: helayoty <[email protected]>
@helayoty
Remove extra test
186a491 
Signed-off-by: helayoty <[email protected]>
@helayoty
Fix integration test
63db177 
Signed-off-by: helayoty <[email protected]>
@helayoty
pass feature gate via TolerationsTolerateTaint
ba5762e 
Signed-off-by: helayoty <[email protected]>
@helayoty
Copy link
Copy Markdown
Member Author

helayoty commented Nov 10, 2025

/label tide/merge-method-squash

@sanposhiho
Copy link
Copy Markdown
Member

sanposhiho commented Nov 10, 2025

/lgtm
/approve

just rebase

@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Nov 10, 2025

LGTM label has been added.

DetailsGit tree hash: 1e752e44f48bad8174c7cba97cda6652b9465d01

@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Nov 10, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: helayoty, sanposhiho, thockin

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@sbueringer sbueringer mentioned this pull request Nov 21, 2025
Open
22 tasks
@RainbowMango RainbowMango mentioned this pull request Jan 29, 2026
Open
19 tasks
RainbowMango
RainbowMango reviewed Jan 29, 2026
View reviewed changes
Comment thread staging/src/k8s.io/api/core/v1/toleration.go
// between toleration.value and taint.value.
// 5. If enableComparisonOperators is false and the toleration uses 'Lt' or 'Gt'
// operators, the toleration does not match (returns false).
func (t *Toleration) ToleratesTaint(logger klog.Logger, taint *Taint, enableComparisonOperators bool) bool {
Copy link
Copy Markdown
Member

@RainbowMango RainbowMango Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Though this PR is merged, I'd like to raise a concern about the logger parameter.

As an API helper method in core/v1, ToleratesTaint() should return errors and let callers decide how to handle them, rather than logging internally. This approach pollutes the API layer with logging dependencies and prevents callers from handling validation errors appropriately.

In addition, many projects in the CNCF ecosystem consume Kubernetes APIs but may use different logging frameworks or error handling strategies.

@helayoty Great, thanks for your effort on this feature. I read the KEP, and it makes a lot of sense.

Also, cc @thockin, love to hear your thoughts.

@renovate renovate Bot mentioned this pull request Mar 17, 2026
Merged
1 task
@renovate renovate Bot mentioned this pull request Mar 27, 2026
Open
1 task
@hypershift-jira-solve-ci hypershift-jira-solve-ci Bot mentioned this pull request Apr 17, 2026
Closed
@coderabbitai coderabbitai Bot mentioned this pull request Apr 20, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thockin thockin thockin left review comments

@damemi damemi Awaiting requested review from damemi

@dims dims Awaiting requested review from dims

@liggitt liggitt Awaiting requested review from liggitt

@macsko macsko Awaiting requested review from macsko

@dom4ha dom4ha Awaiting requested review from dom4ha

@sanposhiho sanposhiho Awaiting requested review from sanposhiho

+1 more reviewer

@RainbowMango RainbowMango RainbowMango left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@sanposhiho sanposhiho

@macsko macsko

@dom4ha dom4ha

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. area/code-generation area/dependency Issues or PRs related to dependency changes area/e2e-test-framework Issues or PRs related to refactoring the kubernetes e2e test framework area/kubelet area/test cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/apps Categorizes an issue or PR as relevant to SIG Apps. sig/node Categorizes an issue or PR as relevant to SIG Node. sig/scheduling Categorizes an issue or PR as relevant to SIG Scheduling. sig/testing Categorizes an issue or PR as relevant to SIG Testing. sig/windows Categorizes an issue or PR as relevant to SIG Windows. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges. triage/accepted Indicates an issue or PR is ready to be actively worked on.

Projects

SIG Apps
Archived in project
SIG Node CI/Test Board
Archived in project
SIG Node: code and documentation PRs
Archived in project
SIG Scheduling
Archived in project

Milestone

v1.35

Development

Successfully merging this pull request may close these issues.

Allow nodes to declare failure probability/SLA