From 53dda10638e3415b2bf5ee34ac2f96598fb2738a Mon Sep 17 00:00:00 2001 From: Anthony Lin Date: Wed, 28 Mar 2018 07:12:48 +0000 Subject: [PATCH] [398398] Add Armada/Tiller Resource Limits 1) Add resource limits 2) Add Liveness and Readiness Probes for Armada API 3) Remove duplicated Tiller deployment/service that is in the armada directory Change-Id: I9a76ab177c8d71ba7ea6e4e0d265c3d70ba970dd --- charts/armada/templates/deployment-api.yaml | 14 +++- .../armada/templates/deployment-tiller.yaml | 80 ------------------- charts/armada/templates/tiller-service.yaml | 38 --------- charts/armada/values.yaml | 7 -- .../tiller/templates/deployment-tiller.yaml | 77 +++++++++--------- charts/tiller/values.yaml | 11 +++ 6 files changed, 62 insertions(+), 165 deletions(-) delete mode 100644 charts/armada/templates/deployment-tiller.yaml delete mode 100644 charts/armada/templates/tiller-service.yaml diff --git a/charts/armada/templates/deployment-api.yaml b/charts/armada/templates/deployment-api.yaml index d78adc1f..084fbf7e 100644 --- a/charts/armada/templates/deployment-api.yaml +++ b/charts/armada/templates/deployment-api.yaml @@ -105,9 +105,19 @@ spec: runAsUser: {{ .Values.pod.user.armada.uid }} ports: - containerPort: {{ .Values.conf.armada.armada_api.bind_port }} + livenessProbe: + httpGet: + path: /api/v1.0/health + port: {{ tuple "armada" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} + initialDelaySeconds: 15 + periodSeconds: 10 readinessProbe: - tcpSocket: - port: {{ .Values.conf.armada.armada_api.bind_port }} + httpGet: + scheme: HTTP + path: /api/v1.0/health + port: {{ tuple "armada" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} + initialDelaySeconds: 15 + periodSeconds: 10 volumeMounts: - name: pod-etc-armada mountPath: /etc/armada diff --git a/charts/armada/templates/deployment-tiller.yaml b/charts/armada/templates/deployment-tiller.yaml deleted file mode 100644 index 939c49d1..00000000 --- a/charts/armada/templates/deployment-tiller.yaml +++ /dev/null @@ -1,80 +0,0 @@ -{{/* -Copyright 2017 The Openstack-Helm Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/}} - -{{- if .Values.manifests.deployment_tiller }} -{{- $envAll := . }} ---- -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - labels: - app: helm - name: tiller - name: tiller-deploy -spec: - replicas: 1 - selector: - matchLabels: - app: helm - name: tiller - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 1 - type: RollingUpdate - template: - metadata: - labels: - app: helm - name: tiller - spec: - initContainers: -{{ tuple $envAll .Values.pod_dependency list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - containers: - - env: - - name: TILLER_NAMESPACE - value: {{ .Release.Namespace }} - - name: TILLER_HISTORY_MAX - value: "0" - image: {{ .Values.images.tags.tiller }} - livenessProbe: - failureThreshold: 3 - httpGet: - path: /liveness - port: 44135 - scheme: HTTP - initialDelaySeconds: 1 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: tiller - ports: - - containerPort: 44134 - name: tiller - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /readiness - port: 44135 - scheme: HTTP - initialDelaySeconds: 1 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} -status: {} -{{- end }} diff --git a/charts/armada/templates/tiller-service.yaml b/charts/armada/templates/tiller-service.yaml deleted file mode 100644 index 86ccf28d..00000000 --- a/charts/armada/templates/tiller-service.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{/* -Copyright 2017 The Openstack-Helm Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/}} - -{{- if .Values.manifests.service_tiller_deploy }} -{{- $envAll := . }} ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: helm - name: tiller - name: tiller-deploy -spec: - ports: - - name: tiller - port: 44134 - protocol: TCP - targetPort: tiller - selector: - app: helm - name: tiller - sessionAffinity: None - type: ClusterIP -{{- end }} diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml index 5994e62a..3be6291f 100644 --- a/charts/armada/values.yaml +++ b/charts/armada/values.yaml @@ -27,7 +27,6 @@ images: ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 - tiller: gcr.io/kubernetes-helm/tiller:v2.7.0 pull_policy: "IfNotPresent" @@ -40,8 +39,6 @@ network: port: 31903 dependencies: - tiller: - services: null ks_user: services: - service: identity @@ -123,8 +120,6 @@ secrets: conf: armada: - DEFAULT: - tiller_namespace: ucp keystone_authtoken: auth_type: password auth_version: 3 @@ -241,7 +236,6 @@ manifests: configmap_bin: true configmap_etc: true deployment_api: true - deployment_tiller: true ingress_api: true job_ks_endpoints: true job_ks_service: true @@ -249,5 +243,4 @@ manifests: secret_keystone: true service_api: true service_ingress_api: true - service_tiller_deploy: true test_armada_api: true diff --git a/charts/tiller/templates/deployment-tiller.yaml b/charts/tiller/templates/deployment-tiller.yaml index f85cc350..bd1df809 100644 --- a/charts/tiller/templates/deployment-tiller.yaml +++ b/charts/tiller/templates/deployment-tiller.yaml @@ -59,45 +59,46 @@ spec: spec: serviceAccountName: {{ $serviceAccountName }} containers: - - env: - - name: TILLER_NAMESPACE - value: {{ .Values.Name }} - - name: TILLER_HISTORY_MAX - value: {{ .Values.deployment.tiller_history | quote }} - image: {{ .Values.images.tags.tiller }} - livenessProbe: - failureThreshold: 3 - httpGet: - path: /liveness - port: 44135 - scheme: HTTP - initialDelaySeconds: 1 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: tiller - command: - - /tiller - - -logtostderr - - -v - - {{ .Values.conf.tiller.verbosity | quote }} + - name: tiller + image: {{ .Values.images.tags.tiller }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.tiller | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: TILLER_NAMESPACE + value: {{ .Values.Name }} + - name: TILLER_HISTORY_MAX + value: {{ .Values.deployment.tiller_history | quote }} + command: + - /tiller + - -logtostderr + - -v + - {{ .Values.conf.tiller.verbosity | quote }} {{- if .Values.conf.tiller.trace }} - - -trace + - -trace {{- end }} - ports: - - containerPort: 44134 - name: tiller - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /readiness - port: 44135 - scheme: HTTP - initialDelaySeconds: 1 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: {} + ports: + - name: tiller + containerPort: 44134 + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readiness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /liveness + port: 44135 + scheme: HTTP + initialDelaySeconds: 1 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 status: {} {{- end }} diff --git a/charts/tiller/values.yaml b/charts/tiller/values.yaml index 8296954c..306b6070 100644 --- a/charts/tiller/values.yaml +++ b/charts/tiller/values.yaml @@ -37,6 +37,17 @@ conf: verbosity: 5 trace: false +pod: + resources: + enabled: false + tiller: + limits: + memory: "128Mi" + cpu: "100m" + requests: + memory: "128Mi" + cpu: "100m" + manifests: deployment_tiller: true service_tiller_deploy: true