feat: enable pod protection based on storage classes

this commit introduces a new customization on the existing PodsWithPVC protection. this new customization allow users to make pods that refer to a given storage class unevictable. for example, to protect pods referring to `storage-class-0` and `storage-class-1` this configuration can be used: ```yaml apiVersion: "descheduler/v1alpha2" kind: "DeschedulerPolicy" profiles: - name: ProfileName pluginConfig: - name: "DefaultEvictor" args: podProtections: extraEnabled: - PodsWithPVC config: PodsWithPVC: protectedStorageClasses: - name: storage-class-0 - name: storage-class-1 ``` changes introduced by this pr: 1. the descheduler starts to observe persistent volume claims. 1. a new api field was introduced to allow per pod protection config. 1. rbac had to be adjusted (+persistentvolumeclaims).
2026-01-26 05:14:13 +01:00 · 2025-10-08 09:43:05 +02:00
parent e3503d22f4
commit d9d6ca64e9
11 changed files with 837 additions and 10 deletions
--- a/pkg/framework/plugins/defaultevictor/zz_generated.deepcopy.go
+++ b/pkg/framework/plugins/defaultevictor/zz_generated.deepcopy.go
@@ -81,6 +81,11 @@ func (in *PodProtections) DeepCopyInto(out *PodProtections) {
 		*out = make([]PodProtection, len(*in))
 		copy(*out, *in)
 	}
+	if in.Config != nil {
+		in, out := &in.Config, &out.Config
+		*out = new(PodProtectionsConfig)
+		(*in).DeepCopyInto(*out)
+	}
 	return
 }

@@ -93,3 +98,45 @@ func (in *PodProtections) DeepCopy() *PodProtections {
 	in.DeepCopyInto(out)
 	return out
 }
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PodProtectionsConfig) DeepCopyInto(out *PodProtectionsConfig) {
+	*out = *in
+	if in.PodsWithPVC != nil {
+		in, out := &in.PodsWithPVC, &out.PodsWithPVC
+		*out = new(PodsWithPVCConfig)
+		(*in).DeepCopyInto(*out)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodProtectionsConfig.
+func (in *PodProtectionsConfig) DeepCopy() *PodProtectionsConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(PodProtectionsConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PodsWithPVCConfig) DeepCopyInto(out *PodsWithPVCConfig) {
+	*out = *in
+	if in.ProtectedStorageClasses != nil {
+		in, out := &in.ProtectedStorageClasses, &out.ProtectedStorageClasses
+		*out = make([]ProtectedStorageClass, len(*in))
+		copy(*out, *in)
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodsWithPVCConfig.
+func (in *PodsWithPVCConfig) DeepCopy() *PodsWithPVCConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(PodsWithPVCConfig)
+	in.DeepCopyInto(out)
+	return out
+}