k8s: Add capability flag for watching metav1.POM

The ability to watch metav1.PartialObjectMetadata (or POM) and metav1.Table was introduced in K8s 1.15. [1] This is relevant because our CRD controller attempts to fetch CRDs in the cluster efficiently by requesting the CRD in a POM object. The CRD controller does this in order to avoid requesting the full object, which may contain a large validation schema and other irrelevant fields. This is important because in large-scale environments, all agents will request all the CRDs at once which will put unnecessary load on the apiserver. However, we cannot perform this request at all on versions of K8s 1.14 and below. Therefore, we must fullback to requesting the full CRD object. Hence, this commit allows us to check whether the apiserver supports this action, so that we can efficiently request CRDs on versions that do support it. [1]: KEP: https://github.com/kubernetes/enhancements/blob/master/keps/sig-api-machinery/20190322-server-side-get-to-ga.md#goals [1]: PR: kubernetes/kubernetes#71548 Signed-off-by: Chris Tarazi <chris@isovalent.com>
mfijalko · Oct 15, 2020 · c9474ac · c9474ac
1 parent ee603b9
commit c9474ac
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/pkg/k8s/version/version.go b/pkg/k8s/version/version.go
@@ -63,6 +63,19 @@ type ServerCapabilities struct {
 	// This capability was introduced in K8s version 1.16, prior to which
 	// apiextensions/v1beta1 CRDs were used exclusively.
 	APIExtensionsV1CRD bool
+
+	// WatchPartialObjectMetadata is set to true when the K8s server supports a
+	// watch operation on the metav1.PartialObjectMetadata (and metav1.Table)
+	// resource.
+	//
+	// This capability was introduced in K8s version 1.15, prior to which
+	// watches cannot be performed on the aforementioned resources.
+	//
+	// Source:
+	//   - KEP:
+	//   https://github.com/kubernetes/enhancements/blob/master/keps/sig-api-machinery/20190322-server-side-get-to-ga.md#goals
+	//   - PR: https://github.com/kubernetes/kubernetes/pull/71548
+	WatchPartialObjectMetadata bool
 }
 
 type cachedVersion struct {
@@ -94,6 +107,10 @@ var (
 	// v1 CRDs was introduced in K8s version 1.16.
 	isGEThanAPIExtensionsV1CRD = versioncheck.MustCompile(">=1.16.0")
 
+	// Constraint to check support for watching metav1.PartialObjectMetadata
+	// and metav1.Table types. Support was introduced in K8s 1.15.
+	isGEThanWatchPartialObjectMeta = versioncheck.MustCompile(">=1.15.0")
+
 	// isGEThanMinimalVersionConstraint is the minimal version required to run
 	// Cilium
 	isGEThanMinimalVersionConstraint = versioncheck.MustCompile(">=" + MinimalVersionConstraint)
@@ -124,6 +141,7 @@ func updateVersion(version go_version.Version) {
 	cached.capabilities.Patch = option.Config.K8sForceJSONPatch || isGEThanPatchConstraint(version)
 	cached.capabilities.MinimalVersionMet = isGEThanMinimalVersionConstraint(version)
 	cached.capabilities.APIExtensionsV1CRD = isGEThanAPIExtensionsV1CRD(version)
+	cached.capabilities.WatchPartialObjectMetadata = isGEThanWatchPartialObjectMeta(version)
 }
 
 func updateServerGroupsAndResources(apiResourceLists []*metav1.APIResourceList) {