feat: install keda using tf

.gitignore

@@ -0,0 +1,6 @@
+# terraform
+deployment/terraform/.terraform
+deployment/terraform/.terraform.lock.hcl
+deployment/terraform/terraform.tfstate
+deployment/terraform/terraform.tfstate.backup
+deployment/terraform/.terraform.tfstate.lock.info

Readme.md

@@ -1 +1,53 @@
-# Spinkube demo
+# Spinkube demo
+
+## Deploy
+
+```bash
+cd deployment/terraform
+terraform init
+terraform apply -auto-approve
+```
+
+Then wait a bit for the cluster to be ready and for flux to deploy the applications.
+
+## Test the deployment
+
+
+### Test the queue scaling
+From the rabbitmq pod:
+Create a queue
+```bash
+curl -u user:password -XPUT -H "content-type:application/json" \
+    http://localhost:15672/api/queues/%2F/testqueue \
+    -d'{"durable":true}'
+```
+
+Send a message
+```bash
+curl -u user:password -XPOST -H "content-type:application/json" \
+    http://localhost:15672/api/exchanges/%2F/amq.default/publish \
+    -d'{"properties":{},"routing_key":"testqueue","payload":"Hello, World!","payload_encoding":"string"}'
+```
+
+Empty the queue
+```bash
+curl -u user:password -XDELETE -H "content-type:application/json" \
+    http://localhost:15672/api/queues/%2F/testqueue/contents
+```
+
+### Test the http scaling
+From localhost:
+Get the external ip of the service
+```bash
+kubectl get svc --namespace traefik
+```
+
+put cluster ip in /etc/hosts
+```bash
+echo "<EXTERNAL_IP> whoami.example.com" | sudo tee -a /etc/hosts
+```
+
+Test the service
+```bash
+curl whoami.example.com
+```

deployment/flux/kustomization.yaml

@@ -0,0 +1,12 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - whoami/app.yaml
+  - whoami/http-scale.yaml
+  - whoami/ingress.yaml
+  - metallb/ip-pool.yaml
+  - metallb/l2-advertisement.yaml
+  - queued-whoami/app.yaml
+  - queued-whoami/amqp-scale.yaml
+  - spin/spin-shim-executor.yaml

deployment/flux/metallb/ip-pool.yaml

@@ -0,0 +1,8 @@
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+  name: default
+  namespace: metallb-system
+spec:
+  addresses:
+  - 192.168.207.200-192.168.207.250

deployment/flux/metallb/l2-advertisement.yaml

@@ -0,0 +1,5 @@
+apiVersion: metallb.io/v1beta1
+kind: L2Advertisement
+metadata:
+  name: default
+  namespace: metallb-system

deployment/flux/queued-whoami/amqp-scale.yaml

@@ -0,0 +1,38 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: keda-rabbitmq-secret
+  namespace: default
+data:
+  host: YW1xcDovL3VzZXI6cGFzc3dvcmRAcmFiYml0bXEucmFiYml0bXEuc3ZjLmNsdXN0ZXIubG9jYWw6NTY3Mg== # base64 encoded value of format amqp://user:[email protected]:5672
+---
+apiVersion: keda.sh/v1alpha1
+kind: TriggerAuthentication
+metadata:
+  name: keda-trigger-auth-rabbitmq-conn
+  namespace: default
+spec:
+  secretTargetRef:
+    - parameter: host
+      name: keda-rabbitmq-secret
+      key: host
+---
+apiVersion: keda.sh/v1alpha1
+kind: ScaledObject
+metadata:
+  name: rabbitmq-scaledobject
+  namespace: default
+spec:
+  scaleTargetRef:
+    name: queued-whoami-app
+  cooldownPeriod: 20
+  pollingInterval: 10
+  triggers:
+  - type: rabbitmq
+    metadata:
+      protocol: amqp
+      queueName: testqueue
+      mode: QueueLength # could also be MessageRate
+      value: "5"
+    authenticationRef:
+      name: keda-trigger-auth-rabbitmq-conn

deployment/flux/queued-whoami/app.yaml

@@ -0,0 +1,41 @@
+apiVersion: core.spinoperator.dev/v1alpha1
+kind: SpinApp
+metadata:
+  name: queued-whoami-app
+  namespace: default
+spec:
+  image: index.docker.io/sautax/variable-explorer:v1
+  executor: containerd-shim-spin
+  enableAutoscaling: true
+  resources:
+    limits:
+      cpu: 500m
+      memory: 500Mi
+    requests:
+      cpu: 100m
+      memory: 400Mi
+  variables:
+    - name: pod_name
+      valueFrom:
+        fieldRef:
+          fieldPath: metadata.name
+    - name: pod_namespace
+      valueFrom:
+        fieldRef:
+          fieldPath: metadata.namespace
+    - name: pod_uid
+      valueFrom:
+        fieldRef:
+          fieldPath: metadata.uid
+    - name: pod_ip
+      valueFrom:
+        fieldRef:
+          fieldPath: status.podIP
+    - name: node_name
+      valueFrom:
+        fieldRef:
+          fieldPath: spec.nodeName
+    - name: host_ip
+      valueFrom:
+        fieldRef:
+          fieldPath: status.hostIP

deployment/flux/spin/spin-shim-executor.yaml

@@ -0,0 +1,8 @@
+apiVersion: core.spinoperator.dev/v1alpha1
+kind: SpinAppExecutor
+metadata:
+  name: containerd-shim-spin
+spec:
+  createDeployment: true
+  deploymentConfig:
+    runtimeClassName: wasmtime-spin-v2

deployment/flux/whoami/app.yaml

@@ -0,0 +1,41 @@
+apiVersion: core.spinoperator.dev/v1alpha1
+kind: SpinApp
+metadata:
+  name: whoami-app
+  namespace: default
+spec:
+  image: index.docker.io/sautax/variable-explorer:v1
+  executor: containerd-shim-spin
+  enableAutoscaling: true
+  resources:
+    limits:
+      cpu: 500m
+      memory: 500Mi
+    requests:
+      cpu: 100m
+      memory: 400Mi
+  variables:
+    - name: pod_name
+      valueFrom:
+        fieldRef:
+          fieldPath: metadata.name
+    - name: pod_namespace
+      valueFrom:
+        fieldRef:
+          fieldPath: metadata.namespace
+    - name: pod_uid
+      valueFrom:
+        fieldRef:
+          fieldPath: metadata.uid
+    - name: pod_ip
+      valueFrom:
+        fieldRef:
+          fieldPath: status.podIP
+    - name: node_name
+      valueFrom:
+        fieldRef:
+          fieldPath: spec.nodeName
+    - name: host_ip
+      valueFrom:
+        fieldRef:
+          fieldPath: status.hostIP

deployment/flux/whoami/cpu-scale.yaml

@@ -0,0 +1,15 @@
+apiVersion: keda.sh/v1alpha1
+kind: ScaledObject
+metadata:
+  name: cpu-scaling
+  namespace: default
+spec:
+  scaleTargetRef:
+    name: whoami-app
+  minReplicaCount: 1
+  maxReplicaCount: 50
+  triggers:
+    - type: cpu
+      metricType: Utilization
+      metadata:
+        value: "50"

deployment/flux/whoami/http-scale.yaml

@@ -0,0 +1,26 @@
+apiVersion: http.keda.sh/v1alpha1
+kind: HTTPScaledObject
+metadata:
+  name: http-scaling
+  namespace: default
+
+spec:
+  hosts:
+    - "whoami.example.com"
+  replicas:
+    min: 0
+    max: 10
+  scaleTargetRef:
+    deployment: whoami-app
+    service: whoami-app
+    port: 80
+  scaledownPeriod: 1
+  scalingMetric:
+    concurrency:
+      targetValue: 100
+    requestRate:
+      granularity: 1s                
+      targetValue: 10 # default 100
+      window: 10s # default: 1m
+
+

deployment/flux/whoami/ingress.yaml

@@ -0,0 +1,19 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: whoami-app
+  namespace: keda
+
+spec:
+  ingressClassName: traefik
+  rules:
+    - host: whoami.example.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: keda-add-ons-http-interceptor-proxy
+                port:
+                  number: 8080

deployment/terraform/flux2.tf

@@ -0,0 +1,12 @@
+module "flux-bootstrap" {
+  source     = "./modules/flux-bootstrap"
+  depends_on = [helm_release.keda]
+}
+
+module "flux-sync" {
+  source               = "./modules/flux-sync"
+  name                 = "cluster-keda"
+  path                 = "deployment/flux"
+  service_account_name = "kustomize-controller"
+  depends_on           = [module.flux-bootstrap]
+}

deployment/terraform/keda.tf

@@ -0,0 +1,16 @@
+resource "helm_release" "keda" {
+  name             = "keda"
+  namespace        = "keda"
+  create_namespace = true
+  repository       = "https://kedacore.github.io/charts"
+  chart            = "keda"
+}
+
+resource "helm_release" "keda_add_on_http" {
+  name             = "keda-http-add-on"
+  namespace        = "keda"
+  create_namespace = true
+  repository       = "https://kedacore.github.io/charts"
+  chart            = "keda-add-ons-http"
+  depends_on       = [helm_release.keda]
+}