Skip to content

Commit

Permalink
feat(chart): add autoscaling values (#532)
Browse files Browse the repository at this point in the history
Signed-off-by: Oliver Bähler <[email protected]>
  • Loading branch information
oliverbaehler authored Oct 8, 2024
1 parent 6bb0a58 commit 53378c4
Show file tree
Hide file tree
Showing 9 changed files with 120 additions and 23 deletions.
18 changes: 13 additions & 5 deletions charts/capsule-proxy/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ If you only need to make minor customizations, you can specify them on the comma
| jobs.certs.pullPolicy | string | `"IfNotPresent"` | Set the image pull policy of the post install certgen job |
| jobs.certs.registry | string | `"docker.io"` | Set the image repository of the post install certgen job |
| jobs.certs.repository | string | `"jettech/kube-webhook-certgen"` | Set the image repository of the post install certgen job |
| jobs.certs.tag | string | `"v1.3.0"` | Set the image tag of the post install certgen job |
| jobs.certs.tag | string | `"v1.5.2"` | Set the image tag of the post install certgen job |
| jobs.nodeSelector | object | `{}` | Set the node selector |
| jobs.podSecurityContext | object | `{"seccompProfile":{"type":"RuntimeDefault"}}` | Security context for the job pods. |
| jobs.priorityClassName | string | `""` | Set a pod priorityClassName |
Expand All @@ -128,6 +128,8 @@ If you only need to make minor customizations, you can specify them on the comma
| podLabels | object | `{}` | Labels to add to the capsule-proxy pod. |
| podSecurityContext | object | `{"seccompProfile":{"type":"RuntimeDefault"}}` | Security context for the capsule-proxy pod. |
| priorityClassName | string | `""` | Specifies PriorityClass of the capsule-proxy pod. |
| rbac.clusterRole | string | `"cluster-admin"` | Controller ClusterRole |
| rbac.enabled | bool | `true` | Enable Creation of ClusterRoles |
| readinessProbe | object | `{"enabled":true,"httpGet":{"path":"/readyz/","port":"probe","scheme":"HTTP"},"initialDelaySeconds":5}` | Proxy Readyness-Probe |
| replicaCount | int | `1` | Set the replica count for capsule-proxy pod. |
| resources.limits.cpu | string | `"200m"` | Set the CPU requests assigned to the controller. |
Expand Down Expand Up @@ -182,21 +184,27 @@ If you only need to make minor customizations, you can specify them on the comma

| Key | Type | Default | Description |
|-----|------|---------|-------------|
| ingress.annotations | object | `{}` | Annotations to add to the capsule-proxy ingress. |
| ingress.annotations | object | `{}` | Annotations to add to the ingress. |
| ingress.className | string | `""` | Set the IngressClass to use for the capsule-proxy ingress (do not set via annotations if setting here). |
| ingress.enabled | bool | `false` | Specifies whether an ingress should be created. |
| ingress.hosts[0] | object | `{"host":"kube.capsule.io","paths":["/"]}` | Set the host configuration for the capsule-proxy ingress. |
| ingress.hosts[0] | object | `{"host":"projectcapsule.dev","paths":["/"]}` | Set the host configuration for the capsule-proxy ingress. |
| ingress.hosts[0].paths | list | `["/"]` | Set the path configuration for the capsule-proxy ingress. |
| ingress.labels | object | `{}` | Labels to add to the ingress. |
| ingress.tls | list | `[]` | Set the tls configuration for the capsule-proxy ingress. |

### Autoscaler Parameters

| Key | Type | Default | Description |
|-----|------|---------|-------------|
| autoscaling.annotations | object | `{}` | Annotations to add to the hpa. |
| autoscaling.behavior | object | `{}` | HPA [behavior](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) |
| autoscaling.enabled | bool | `false` | Specifies whether an hpa for capsule-proxy should be created. |
| autoscaling.maxReplicas | int | `5` | Set the maxReplicas for capsule-proxy hpa. |
| autoscaling.labels | object | `{}` | Labels to add to the hpa. |
| autoscaling.maxReplicas | int | `3` | Set the maxReplicas for capsule-proxy hpa. |
| autoscaling.metrics | list | `[]` | Custom [metrics-objects](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/#autoscaling-on-multiple-metrics-and-custom-metrics) for capsule-proxy hpa |
| autoscaling.minReplicas | int | `1` | Set the minReplicas for capsule-proxy hpa. |
| autoscaling.targetCPUUtilizationPercentage | int | `80` | Set the targetCPUUtilizationPercentage for capsule-proxy hpa. |
| autoscaling.targetCPUUtilizationPercentage | string | `nil` | Set the targetCPUUtilizationPercentage for capsule-proxy hpa. |
| autoscaling.targetMemoryUtilizationPercentage | string | `nil` | Set the targetMemoryUtilizationPercentage for capsule-proxy hpa. |

### ServiceMonitor Parameters

Expand Down
35 changes: 35 additions & 0 deletions charts/capsule-proxy/ci/deploy-values.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
crds:
install: true
keep: false
rbac:
annotations:
extra: annotation
labels:
extra: label
kind: DaemonSet
imagePullSecrets: []
certManager:
Expand Down Expand Up @@ -35,20 +40,50 @@ resources:
memory: 128Mi
autoscaling:
enabled: true
annotations:
example: annotation
labels:
example: label
minReplicas: 1
maxReplicas: 5
targetCPUUtilizationPercentage: 80
metrics:
- type: Pods
pods:
metric:
name: packets-per-second
target:
type: AverageValue
averageValue: 1k
behavior:
scaleDown:
policies:
- type: Pods
value: 4
periodSeconds: 60
- type: Percent
value: 10
periodSeconds: 60
nodeSelector:
node-role.kubernetes.io/master: ""
tolerations:
- key: CriticalAddonsOnly
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/master
service:
annotations:
example: annotation
labels:
example: label
# Ingress
ingress:
enabled: true
ingressClassName: "nginx"
annotations:
example: annotation
labels:
example: label
hosts:
- host: "kube.clastix.io"
paths: ["/"]
Expand Down
8 changes: 5 additions & 3 deletions charts/capsule-proxy/templates/NOTES.txt
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
- Capsule-proxy Helm Chart deployed:
- 🚀 Capsule-proxy Helm Chart deployed:

# Check the capsule-proxy logs
$ kubectl logs -f deployment/{{ template "capsule-proxy.fullname" . }} -n {{ .Release.Namespace }}

- Manage this chart:
- 🛠️ Manage this chart:

# Upgrade capsule-proxy
$ helm upgrade {{ .Release.Name }} -f <values.yaml> capsule-proxy -n {{ .Release.Namespace }}
Expand All @@ -12,4 +12,6 @@
$ helm status {{ .Release.Name }} -n {{ .Release.Namespace }}

# Uninstall capsule-proxy
$ helm uninstall {{ .Release.Name }} -n {{ .Release.Namespace }}
$ helm uninstall {{ .Release.Name }} -n {{ .Release.Namespace }}

- 📚 Read More on the configuration for the capulse-proxy here: https://projectcapsule.dev/integrations/addons/capsule-proxy/
4 changes: 2 additions & 2 deletions charts/capsule-proxy/templates/certmanager.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
{{- if and .Values.certManager.generateCertificates .Values.options.enableSSL -}}
{{- if and (not .Values.certManager.externalCA.enabled) (eq .Values.certManager.issuer.kind "Issuer") -}}
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
Expand Down Expand Up @@ -70,6 +71,5 @@ spec:
secretName: {{ include "capsule-proxy.fullname" . }}
subject:
organizations:
- clastix.io
---
- projectcapsule.dev
{{- end }}
10 changes: 10 additions & 0 deletions charts/capsule-proxy/templates/hpa.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,13 @@ metadata:
name: {{ include "capsule-proxy.fullname" . }}
labels:
{{- include "capsule-proxy.labels" . | nindent 4 }}
{{- if .Values.autoscaling.labels }}
{{- toYaml .Values.autoscaling.labels | nindent 4 }}
{{- end }}
{{- with .Values.autoscaling.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
scaleTargetRef:
apiVersion: apps/v1
Expand Down Expand Up @@ -41,4 +48,7 @@ spec:
averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}
{{- if .Values.autoscaling.metrics }}
{{- toYaml .Values.autoscaling.metrics | nindent 4 }}
{{- end }}
{{- end }}
3 changes: 3 additions & 0 deletions charts/capsule-proxy/templates/ingress.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ metadata:
name: {{ $fullName }}
labels:
{{- include "capsule-proxy.labels" . | nindent 4 }}
{{- if .Values.ingress.labels }}
{{- toYaml .Values.ingress.labels | nindent 4 }}
{{- end }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
Expand Down
4 changes: 3 additions & 1 deletion charts/capsule-proxy/templates/metrics-rbac.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
{{- if .Values.serviceMonitor.enabled }}
{{- if $.Values.rbac.enabled }}
{{- if .Values.serviceMonitor.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
Expand Down Expand Up @@ -43,4 +44,5 @@ subjects:
- kind: ServiceAccount
name: {{ .Values.serviceMonitor.serviceAccount.name | default (include "capsule-proxy.serviceAccountName" $) }}
namespace: {{ .Values.serviceMonitor.serviceAccount.namespace | default .Release.Namespace }}
{{- end }}
{{- end }}
11 changes: 10 additions & 1 deletion charts/capsule-proxy/templates/rbac.yaml
Original file line number Diff line number Diff line change
@@ -1,14 +1,23 @@
{{- if $.Values.rbac.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "capsule-proxy.fullname" . }}
labels:
{{- include "capsule-proxy.labels" . | nindent 4 }}
{{- if .Values.rbac.labels }}
{{- toYaml .Values.rbac.labels | nindent 4 }}
{{- end }}
{{- with .Values.rbac.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
subjects:
- kind: ServiceAccount
name: {{ include "capsule-proxy.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: cluster-admin
name: {{ $.Values.rbac.clusterRole }}
apiGroup: rbac.authorization.k8s.io
{{- end }}
50 changes: 39 additions & 11 deletions charts/capsule-proxy/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,13 @@ crds:
# -- Keep the CustomResourceDefinitions (when the chart is deleted)
keep: true

# Manage RBAC Lifecycle
rbac:
# -- Enable Creation of ClusterRoles
enabled: true
# -- Controller ClusterRole
clusterRole: cluster-admin

image:
# -- Set the image registry for capsule-proxy
registry: ghcr.io
Expand Down Expand Up @@ -95,12 +102,10 @@ livenessProbe:
# priorityClassName: system-node-critical
# -- Specifies PriorityClass of the capsule-proxy pod.
priorityClassName: ""

# -- Security context for the capsule-proxy pod.
podSecurityContext:
seccompProfile:
type: "RuntimeDefault"

# -- Security context for the capsule-proxy container.
securityContext:
allowPrivilegeEscalation: false
Expand All @@ -111,7 +116,6 @@ securityContext:
runAsGroup: 1002
runAsNonRoot: true
runAsUser: 1002

resources:
limits:
# -- Set the CPU requests assigned to the controller.
Expand All @@ -123,13 +127,10 @@ resources:
cpu: 200m
# -- Set the memory limits assigned to the controller.
memory: 128Mi

# -- Additional environment variables
env: []

# -- Additional volumes
volumes: []

# -- Additional volume mounts
volumeMounts: []

Expand Down Expand Up @@ -184,7 +185,7 @@ jobs:
# -- Set the image pull policy of the post install certgen job
pullPolicy: IfNotPresent
# -- Set the image tag of the post install certgen job
tag: "v1.3.0"
tag: "v1.5.2"
# -- Annotations to add to the certgen job.
annotations: {}
# -- Set the restartPolicy
Expand Down Expand Up @@ -253,12 +254,37 @@ serviceAccount:
autoscaling:
# -- Specifies whether an hpa for capsule-proxy should be created.
enabled: false
# -- Labels to add to the hpa.
labels: {}
# -- Annotations to add to the hpa.
annotations: {}
# -- Set the minReplicas for capsule-proxy hpa.
minReplicas: 1
# -- Set the maxReplicas for capsule-proxy hpa.
maxReplicas: 5
maxReplicas: 3
# -- Set the targetCPUUtilizationPercentage for capsule-proxy hpa.
targetCPUUtilizationPercentage: 80
targetCPUUtilizationPercentage:
# -- Set the targetMemoryUtilizationPercentage for capsule-proxy hpa.
targetMemoryUtilizationPercentage:
# -- Custom [metrics-objects](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/#autoscaling-on-multiple-metrics-and-custom-metrics) for capsule-proxy hpa
metrics: []
# - type: Pods
# pods:
# metric:
# name: packets-per-second
# target:
# type: AverageValue
# averageValue: 1k
# -- HPA [behavior](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/)
behavior: {}
# scaleDown:
# policies:
# - type: Pods
# value: 4
# periodSeconds: 60
# - type: Percent
# value: 10
# periodSeconds: 60

# Service
service:
Expand All @@ -284,11 +310,13 @@ ingress:
enabled: false
# -- Set the IngressClass to use for the capsule-proxy ingress (do not set via annotations if setting here).
className: ""
# -- Annotations to add to the capsule-proxy ingress.
# -- Labels to add to the ingress.
labels: {}
# -- Annotations to add to the ingress.
annotations: {}
hosts:
# -- Set the host configuration for the capsule-proxy ingress.
- host: "kube.capsule.io"
- host: "projectcapsule.dev"
# -- Set the path configuration for the capsule-proxy ingress.
paths: ["/"]
# -- Set the tls configuration for the capsule-proxy ingress.
Expand Down

0 comments on commit 53378c4

Please sign in to comment.